Skip to main content
Tag

third party patch

|||

April Patch Tuesday: Don’t Get Burned Twice

By News, Patch TuesdayNo Comments
[vc_single_image image=”24001″ img_size=”full”]

Manage Your Vulnerabilities

As we explored in our Total Meltdown article, some updates actually made Windows 7 less secure in the last round of Microsoft Patch Tuesday. Even worse, some caused significant performance issues on older hardware models. Many industry experts are recommending you disable Windows updates, or delay any other form of patch management in anticipation of another bad batch of updates.

Robert Brown, Director of Services for Verismic said, “We trust our technology and we trust the experts leading our security teams. Design a patch management release process which includes time for the necessary testing before global deployment. Not doing patch management only helps the hackers who are looking to expose your network.”

Adobe Patches Critical Bugs in Flash

Adobe fixed four critical vulnerabilities in its Flash Player and InDesign products as part of its regularly scheduled release. In all, Adobe released 13 patches for products including Adobe Experience Manager, Adobe InDesign CC, Adobe Digital Editions and the Adobe PhoneGap Push Plugin. According to Adobe, None of these updates have active exploits in the wild for any of the issues addressed in these updates.

Ransomware Attackers are Targeting Servers over Desktops

According to Verizon, ransomware was found in 39% of cases involving malware. Experts believe ransomware has become so prevalent due to easy deployment, even for less skilled cybercriminals. The risks and costs associated with conducting an operation are also relatively small for the attacker.

Cybercriminals have increasingly started using ransomware to target mission-critical systems, such as file servers and databases. This causes more damage to the targeted organization compared to only desktop systems getting compromised. According to the latest DBIR, financially-motivated attacks remain the most common and accounted for 76% of breaches analyzed in 2017. Cyber espionage is the second most common type of attack, accounting for 13% of breaches.

Robert Brown, Director of Services for Verismic said, “When we onboard our clients with Syxsense, we focus not only on protecting the desktops, instead focus on a viable patching strategy which includes all endpoints within the business, including servers. Syxsense has industry experts to help clients protect their environment with a proactive approach to Windows, Linux and Mac OS patch management.”

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
[vc_empty_space][vc_separator][vc_empty_space]

Patch Tuesday Release

Microsoft addressed 65 vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Edge, Microsoft SharePoint, and Microsoft Office. The vulnerabilities could allow an attacker to execute arbitrary code, gain elevated privileges, bypass security protections, view sensitive information, or cause a denial of service (DoS) condition. We have chosen a few updates to prioritize this month, this recommendation has been made using evidence from industry experts (including our own) and anticipated business impact.

[vc_single_image image=”24009″ img_size=”full”]
CVE Number Vulnerability Alert CVSS Score Recommended
CVE-2018-1010 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-1012 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-1013 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-1015 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-1016 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-0870 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0956 Microsoft Windows HTTP.sys Denial of Service Vulnerability 7.5 Yes
CVE-2018-0981 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0988 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0996 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0997 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-1000 Microsoft Internet Explorer Scripting Engine Information Disclosure Vulnerability 7.5 Yes
CVE-2018-1001 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability 7.5 Yes
CVE-2018-1018 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-1020 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-1028 Microsoft Office Graphics Arbitrary Code Execution Vulnerability 7.5 Yes
CVE-2018-0957 Microsoft Windows Hyper-V Information Disclosure Vulnerability 7.2 Yes
CVE-2018-0964 Microsoft Windows Hyper-V Information Disclosure Vulnerability 7.2 Yes
CVE-2018-1003 Microsoft Windows JET Database Engine Arbitrary Code Execution Vulnerability 7.1 Yes
CVE-2018-0963 Microsoft Windows Kernel Elevation of Privilege Vulnerability 7 Yes
CVE-2018-1008 Microsoft Adobe Type Font Driver Privilege Escalation Vulnerability 7 Yes
CVE-2018-1009 Microsoft DirectX Graphics Kernel Subsystem Privilege Escalation Vulnerability 7 Yes
[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” btn_width=”btn_full_width” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]

Instagram Takes a Peek: October Third-Party Patch Update

By Patch ManagementNo Comments

[vc_single_image source=”featured_image” img_size=”medium”]

Even celebrity status can’t protect your data

At the beginning of September, a news story broke that Selena Gomez had her Instagram hacked. Why does the Instagram of a celebrity matter this time? Because this hack goes much further.
Instagram won’t confirm just how many accounts were affected, but the hackers claim they have information on 6 million users. They used this information to set up a site called Doxagram, where you could pay to search for the private contact information of these users. These accounts included almost all of the 50 most followed Instagram accounts. People like Rihanna, Emma Watson, Floyd Mayweather, and even the official account of the white house.

Kaspersky Labs reported to Facebook that there was a flaw within the Instagram mobile app password reset option. However, it was in a 2016 version of the app, so if you have kept Instagram up to date, you should be protected.

This is just another lesson why it’s so critical to keep up to date on software patches. Any vulnerability, even in an unsuspecting, non-business software like Instagram, could lead to a major breach.

CCleaner adds malware to your devices

Avast, the parent company to Piriform, discovered that two of their products had been compromised. Hackers breached these two products and added malware into the new version. Then anyone who installed CCleaner also got this malware that allowed hackers to control the infected computer.

Affected Piriform products:

  • CCleaner v5.33.6162
  • CCleaner Cloud v1.07.3191

The software has since been updated to remove the malware, but the damage has been done. Piriform says that they fixed things “before any known harm was done” and that no sensitive data was collected. While that might be true, it doesn’t mean the hackers didn’t accomplish their goals. They go access to a massively used software and that, in turn, gave them a back door into businesses that use it.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]

Third-Party Updates

Every month we see a bevy of new third party updates, and are always enhancing our library of supported vendors. Special requests and additions are welcomed. This month’s releases include:

Below are a list of third-party software updates for the month:

Vendor Category Patch Version and Release Notes Link:
Adobe Media Software Flash Player 27 and AIR 27: https://helpx.adobe.com/flash-player/release-note/fp_27_air_27_release_notes.html
Google Web Browser Chrome 61.0.3163.100: https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop_21.html
Ivo Soft Misc. ClassicShell_v4.3.1: http://www.classicshell.net/history/
Peter Pawlowski Audio Player Foobar2000_v1.3.16: http://www.foobar2000.org/changelog
[vc_separator]

Start Patching

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
||

Chrome Compromised: September Third-Party Patch Update

By Patch ManagementNo Comments

[vc_single_image source=”featured_image” img_size=”medium”]

1 Million Targeted by Chrome Extension Hack

Even experts aren’t exempt from deceptive phishing attacks. It’s being reported that the developers of several extensions had their login credentials stolen.

It’s the second time in a week that Chrome users have been targeted by extension hijacks. The first involved an extension called CopyFish with around 30,000 installs. That attack may have been a test intended to see how many fraudulent ad views could be pumped through before Google intervened and returned control of the extension to its rightful owners.

Extensions reported so far:

  • Web Developer version 0.4.9
  • Chrometana version 1.1.3
  • Infinity New Tab version 3.12.3
  • CopyFish version 2.8.5
  • Web Paint version 1.2.1
  • Social Fixer 20.1.1
  • TouchVPN
  • Betternet VPN

Once the attackers had access to the developers accounts for these extensions, they began modifying the code. It seems their goal was to gain control over victims’ browsers and then if the victim had a Cloudflare account, steal that information.

It’s important to keep your browser’s up to date and review extensions before you install them.

The Source of NotPetya

Just after the outbreak of NotPetya, several entities seemed to point at software distribution provider MeDoc as one of the main sources of the outbreak. They claim that their software was a victim of a hack that then led to it being the vessel for initial distribution of NotPetya. From there, it spread through updates of MeDoc and began infecting more and more victims. This sort of event is known as a ‘supply chain attack’.

[vc_single_image image=”12386″ img_size=”200×200″]

The compromise of a software distribution method is extremely dangerous for businesses. Before you know it, a vulnerability can be spread to every device accessible via the hacked distribution software. How do you prevent such a disaster? One way could be the activation of two-factor authentication for login to your IT management software. This can help prevent the software from being compromised in the first place.

Don’t leave something that could infect your entire environment unsecured.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
[vc_separator]

Third-Party Updates

Every month we see a bevy of new third party updates, and are always enhancing our library of supported vendors. Special requests and additions are welcomed. This month’s releases include:

Below are a list of third-party software updates for the month:

Vendor Category Patch Version and Release Notes Link:
Adobe Media Software Flash and AIR: 26.0.0.151 and 26.0.0.127 – https://helpx.adobe.com/flash-player/release-note/fp_26_air_26_release_notes.html

 

Apple Media Software iTunes: 12.6.2 – https://www.neowin.net/news/apple-releases-security-updates-for-itunes-and-icloud-for-windows

 

Cerulean Instant Messaging

 

Trillian: 6.0 build 61 – https://www.trillian.im/changelog/windows/6.0/

 

Citrix Data Delivery Receiver: 4.9 LTSR – http://docs.citrix.com/en-us/receiver/windows/current-release/about.html

 

Don Ho Source Code Editor Notepad++: 7.5 – https://notepad-plus-plus.org/news/notepad-7.5-released.html

 

FileZilla FTP Solution 3.27.1 – https://filezilla-project.org/versions.php

 

Foxit PDF Reader Reader: 8.3.2.25013 – https://www.foxitsoftware.com/pdf-reader/version-history.php

 

Google Browser Earth: 7.3.0 – https://support.google.com/earth/answer/40901?hl=en

Chrome: 60.0.3112.113 – https://chromereleases.googleblog.com/2017/08/stable-channel-update-for-desktop_24.html

 

Malware Bytes Malware Defender

 

3.2 – https://www.malwarebytes.com/support/releasehistory/

 

Mozilla Brower and Email Client Firefox: 55.0.3 – https://www.mozilla.org/en-US/firefox/55.0.3/releasenotes/

Thunderbird: 52.3.0 – https://www.mozilla.org/en-US/thunderbird/52.3.0/releasenotes/

 

Realvnc Remote Access Software 6.2.0 – https://www.realvnc.com/en/connect/docs/desktop-release-notes.html

 

The Document Foundation Office Suite LibreOffice: 5.4.0 – https://wiki.documentfoundation.org/ReleaseNotes/5.4

 

Wireshark Network Protocol Analyzer 2.4.0 – https://www.wireshark.org/docs/relnotes/wireshark-2.4.0.html

 

[vc_separator]

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]
||

Ransomware Aftershocks: August Third-Party Patch Update

By News, Patch ManagementNo Comments
[vc_single_image image=”12822″ img_size=”medium”]

Ransomware Aftershocks

Even after remediation, the effects of ransomware can still be felt. The feelings of security have been stripped away and replaced with a nauseating sensation of vulnerability.

A public TV and radio station in San Francisco, KQED, knows this feeling. After being infected with ransomware demanding 1.7 bitcoin per PC, the FBI advised wiping the infected computes.

Even a month after the attack, the station is still doing work to fix the affected machines. But what has also been a surprise is the damage was to more than just their data. The wireless network and email servers went down at their headquarters, so they moved operations to UC Hastings. It has interrupted all levels of work, from broadcast to hiring of new employees.

This radio station isn’t the only company reeling long after a ransomware attack. Fedex has been reported as saying that was affected by NotPetya and that some damage was permanent. It’s expected that this business interruption will create significant decreases in revenue.

[vc_single_image image=”12386″ img_size=”200×200″]

The most effective way to protect yourself and your business against disaster is keeping your systems up to date. Malware relies on the idea that people won’t keep their software 100% up to date. And for good reason, keeping everything updated can be a nightmare. But utilizing a solution like Syxsense can simplify everything. CMS can show you at a glance which devices have out of date software. You can then quickly build a task to deploy needed updates.

Come check out Syxsense with a free trial today!

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
[vc_separator]

Third-Party Updates

Every month we see a bevy of new third party updates, and are always enhancing our library of supported vendors. Special requests and additions are welcomed. This month’s releases include:

 

 

Product Category Patch
Chrome Web Browser Chrome_v59.0.3071.134
Wireshark Network Protocol Analyzer Wireshark_v2.4
Firefox Web Browser Firefox_v54.0.1
Glary Utilities PC cleanup Glary_v5.80.0.101
Trillian Instant Messenger Trillian_v6.0 Build 60
WinSCP SFTP, SCP, and FTP client for Windows WinSCP_v5.9.6
WinMerge Open source differencing and merging tool for windows. WinMerge_v2.14
MediaMonkey Media manager MediaMonkey_v4.1.17.1840
PuTTY SSH and Telnet for windows and unix. PuTTY_v0.70
Foobar2000 Audio Player Foobar2000_v1.3.16
Java Programming language Java_v8u141
KeePass Password Safe KeePass_v2.36
Foxit Reader PDF reader FoxitReader_v8.3.1
FileZilla FTP solution FileZilla_v3.27.0.1
Paint.net Image editing software Paint.net_v4.0.17
iTunes Media player iTunes_v12.6.2
Adobe Reader DC Pdf reader AdobeReaderDC_v17.009.20058
Shockwave Multimedia platform Shockwave_v12.2.9.199
Flash Multimedia platform Flash_v26.0.0.137
AIR Runtime Code Distribution AIRRuntime_v26.0.0.127

 

Patch Details
Chrome_v59.0.3071.134 Includes bug fixes, security updates, and feature enhancements.

 

Wireshark_v2.4 Large number of new and updated features. New and updated protocol support. Major API changes. New and updated capture file support.

 

Firefox_v54.0.1 Now uses multiple operating system processes for web page content to increase speed and stability. Fixes: Display issue of tab title. Display issue of opening new tab. Display issue when opening multiple tabs. Tab display issue when downloading files. PDF printing issue. Netflix issue on linu.

 

Glary_v5.80.0.101
Optimized Disk Cleaner: added support for ‘PerfectDisk 13.0’ and ‘Adobe Reader 7.0

Optimized Tracks Eraser: added support for ‘Nero Burning ROM 15’ and ‘AceHTML 6 Pro

Optimized Quick Search: optimized the path sorting algorithm, and speed up by 100%

Minor GUI improvements

Minor bug fixes

Trillian_v6.0 Build 60 Fixed:

Media: Media may not correctly send if DNS is incorrectly set up.

Message Window: History messages may incorrectly duplicate in the window from previous versions of Trillian.

 

WinSCP_v5.9.6 Hotfix. German translation updated.

·  Back-propagated some improvements and fixes from 5.10-5.10.2 beta releases:

  • SSH core and private key tools (PuTTYgen and Pageant) upgraded to PuTTY 0.69. It brings the following change:
    • WinSCP should work with MIT Kerberos again, after DLL hijacking defences broke it.
  • TLS/SSL core upgraded to OpenSSL 1.0.2l.
  • Allow using 64-bit version of PuTTY (and its tools), when available. 1522
  • XML parser upgraded to Expat 2.2.1.
  • Bug fix: Scripting open command without arguments issued irrelevant warning about use of stored site.
  • Bug fix: Generated code uses TransferOptions.Speed instead of TransferOptions.SpeedLimit. 1543
WinMerge_v2.14 Improvements

  • Improve startup time
  • Improve editing of linefilter regular expressions
  • Improve color options organization

Other changes

  • Update PCRE to version 8.10
  • Update SCEW to version 1.1.2
  • Add menuitems for selecting automatic or manual prediffing
  • Add accelerator keys for Shell context menu
  • Allow editing context line count in patch creator
  • Add /xq command line switch for closing WinMerge after identical files and not showing message
  • Allow setting codepage from command line
  • Allow giving encoding name as custom codepage
  • Add new options dialog panel for folder compare options
  • Add options GUI for quick compare limit
  • Write config log as UTF-8 file

Bugs fixed

  • Untranslated string (“Merge.rc:nnnn”) was displayed in status bar
  • Pane headers not updated after language change
  • Quick contents compare didn’t ignore EOL byte differences
  • Compare by size always checked file times too
  • Crash when pasting from clipboard
  • Keeps verifing path even turned off in options
  • Crash after deleting text
  • Added EOL chars between copied file/path names
  • Created new matching folder to wrong folder
  • Strange scrolling effect in location pane
  • Plugin error after interrupting folder compare
  • “+” and “-” from the number block don’t work in the editor
  • Date format did not respect Regional Settings
  • Shell extension used unquoted program path

New Translation

  • Basque

Translation updates

  • Hungarian
  • Turkish
  • Russian
  • Norwegian
  • Danish
  • Dutch
  • Slovenian
MediaMonkey_v4.1.17.1840 Various bug fixes and updates.

 

PuTTY_v0.70 Security fix: the Windows PuTTY binaries should no longer be vulnerable to hijacking by specially named DLLs in the same directory, even a name we missed when we thought we’d fixed this in 0.69. See vuln-indirect-dll-hijack-3.

Windows PuTTY should be able to print again, after our DLL hijacking defences broke that functionality.

Windows PuTTY should be able to accept keyboard input outside the current code page, after our DLL hijacking defences broke that too.

 

Foobar2000_v1.3.16 Fixed horrible, horrible bug with inverted checkmarks in advanced preferences at 150% text size.

Network streaming: added handlers for more HTTP redirect codes.

Fixed foobar2000 process not setting its working directory to its installation location on startup.

FLAC tagging fixes.

 

Java_v8u141 Fixing of bugs and updates to features.

 

KeePass_v2.36 New Features:

  • Added commands ‘Find Duplicate Passwords’ and ‘Find Similar Passwords’ (in ‘Edit’ -> ‘Show Entries’), which show entries that are using the same or similar passwords.
  • Added command ‘Password Quality Report’ (in ‘Edit’ -> ‘Show Entries’), which shows all entries and the estimated quality of their passwords.
  • Added option ‘String name’ in the ‘Edit’ -> ‘Find’ dialog (for searching entries that have a specific custom string field).
  • Added option for using a gray tray icon.
  • Added {CMD:/…/} placeholder, which runs a command line.
  • Added {T-CONV:/…/Raw/} placeholder, which inserts a text without encoding it for the current context.
  • Added optional ‘Last Password Modification Time (Based on History)’ entry list column.
  • The internal text editor now supports editing PS1 files.
  • The position and size of the internal data viewer is now remembered and restored.
  • For various dialogs, the maximized state is now remembered and restored.
  • Added configuration option for specifying an expiry date for master keys.
  • Added configuration option for specifying disallowed auto-type target windows.
  • Added workaround for Edge throwing away all keyboard input for a short time after its activation.
  • Added workaround for Mono not properly rendering bold and italic text in rich text boxes.
  • TrlUtil now performs a case-sensitive word validation.

Improvements:

  • The password input controls in the IO connection dialog and the proxy dialog now are secure edit controls.
  • The icon of the ‘Save’ command in the main menu is now grayed out when there are no database changes (like the toolbar button).
  • Auto-Type: improved support for target applications that redirect the focus immediately.
  • Auto-Type: improved compatibility with VMware vSphere client.
  • When an error occurs during auto-type, KeePass is now brought to the foreground before showing an error message box.
  • Entries in groups where searching is disabled (e.g. the recycle bin group) are now ignored by the commands that show expired entries.
  • Improved scrolling when moving entries while grouping in the entry list is on.
  • Improved support for right-to-left writing systems.
  • Improved application and system tray icon handling.
  • Updated low resolution ICO files (for Mono development).
  • Moved single-click tray icon action option from the ‘Integration’ tab to the ‘Interface’ tab of the options dialog.
  • Synchronization file path comparisons are case-insensitive now.
  • Improved workaround for Mono clipboard bug (improved performance and window detection; the workaround is now applied only if ‘xsel’ and ‘xdotool’ are installed).
  • Enhanced PrepMonoDev.sh script.
  • KPScript: times in group and entry lists now contain a time zone identifier (typically ‘Z’ for UTC).
  • Various code optimizations.
  • Minor other improvements.

Bugfixes:

  • The drop-down menu commands in the entry editing dialog for setting the expiry date now work as expected.

 

FoxitReader_v8.3.1 New Feature and Improvements:

Easy and Secure File-sharing

Provides a plugin to share your file by generating a file link and sending it via email or to social media, under your full control by advanced settings to share content quickly, easily, and securely.

Some ease of use enhancements.

 

Issues Addressed:

Fixed some issues that could cause Foxit Reader launch slowly.

Fixed some security and stability issues. Click here for details.

 

FileZilla_v3.27.0.1 Bugfixes and minor changes:

MSW: Add missing file to .zip binary package

MSW: Fix toolchain issues breaking the shell extension

 

Paint.net_v4.0.17
  • Added: “Fluid mouse input” option in Settings -> UI -> Troubleshooting. If you see major glitches while drawing, try disabling this.
  • Improved: Default brush size, font size, and corner radius size now scales with major DPI scaling levels (brush size of 2 at 100% scaling, brush size of 4 at 200% scaling, etc)
  • Improved: Default image size now scales with major DPI scaling levels (800×600 at 100%, 1600×1200 at 200%, etc.)
  • Improved performance and drawing latency by removing explicit calls to System.GC.Collect() except when low memory conditions are encountered
  • Improved performance by greatly reducing object allocation amplification by reducing the concurrency level when using ConcurrentDictionary, and by removing WeakReference allocations in favor of direct GCHandle usage
  • Improved: Performance and battery usage by ensuring animations always run at the monitor’s actual refresh rate
  • Improved (reduced) CPU usage when moving the mouse around the canvas
  • Removed: “Hold Ctrl to hide handle” from the Text tool because it was not useful and caused lots of confusion
  • Fixed: Various high-DPI fixes, including horrible looking mouse cursors caused by a bug in the latest .NET WinForms update
  • Fixed: Gradient tool no longer applies dithering “outside” of the gradient (in areas that should have a solid color)
  • Fixed: Very slow performance opening the Effects menu when lots of plugins are installed after installing the Windows 10 Creators Update
  • Fixed: When cropping and then performing an undo, the scroll position was totally wrong
  • Fixed a rendering glitch in the Save Configuration dialog (it would “wiggle”)
  • Fixed: At certain brush sizes, the brush indicator on the canvas had a visual glitch in it due to a bug in Direct2D
  • Fixed: Text tool buttons for Bold, Italics, Underline were not localized for a few languages
  • Fixed a rare crash in the taskbar thumbnails
  • Fixed: Drawing with an aliased brush and opaque color (alpha=255) sometimes resulted in non-opaque pixels due to a bug in Direct2D’s ID2D1RenderTarget::FillOpacityMask
  • Fixed: “Olden” effect should no longer cause crashes (it still has some rendering artifacts due to its multithreading problems, however)
iTunes_v12.6.2 This update is designed for high DPI displays so text and images appear sharper and clearer. It also includes minor app and performance improvements.

 

AdobeReaderDC_v17.009.20058 This release puts in place the infrastructure for simplifying the sign-in process within Acrobat & Reader. This enhancement will be rolled out for Acrobat and Reader users in near future.

 

Shockwave_v12.2.9.199 Fixes a critical memory corruption vulnerability that could lead to code execution.

 

Flash_ v26.0.0.137 These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.

 

AIRRuntime_v26.0.0.127 These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.

 

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]