Highlighted
ky331
6 Indium

Updates 7/9/19 - "Microsoft Tuesday", Flash, Firefox

Today is "Microsoft Tuesday" --- the SECOND Tuesday of the month --- on which Microsoft is expected to release its monthly cycle of Windows security updates. Based on previous history, they should become available at 1 P.M. [USA - Eastern DAYLIGHT SAVING Time]

------------------

Please use Windows/Automatic Updates to determine which updates are applicable to your particular system. For more information, see https://portal.msrc.microsoft.com/en-us/security-guidance/summary

-----------------

Adobe will also be joining-in, with updates for Flash; and we expect a Firefox update too.

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware


Windows 10 Pro (64-bit), Panda DOME 18.7.4, MBAM3 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, Microsoft EDGE, Firefox, Pale Moon, uBlock Origin, CryptoPrevent.


[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos
12 Replies
ky331
6 Indium

Re: Updates 7/9/19 - "Microsoft Tuesday", Flash, Firefox

Adobe Flash Player  32.0.0.223 has been released

 

Direct downloads (no bundled junk) for Windows 7 and earlier 
 
.
.
Plugin-based browsers (Firefox etc) -
.
.

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware


Windows 10 Pro (64-bit), Panda DOME 18.7.4, MBAM3 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, Microsoft EDGE, Firefox, Pale Moon, uBlock Origin, CryptoPrevent.


[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos
ky331
6 Indium

Re: Updates 7/9/19 - "Microsoft Tuesday", Flash, Firefox

Firefox Version 68.0 (July 9, 2019)

https://www.mozilla.org/en-US/firefox/68.0/releasenotes/

New

  • Dark mode in reader view expands so that windows are also dark on the controls, sidebars and toolbars.

  • Improved extension security and discovery:

    • New reporting feature in about:addons allows you to report security and performance issues with extensions and themes.
    • Redesigned extensions dashboard in about:addons provides easy access to information about your extensions, including data and settings access required by each extension.
    • Find high quality, secure extensions via the Recommended Extensions program in about:addons, which now displays user count and ratings for each extension. "Recommended” badges for these extensions also appear on AMO. More extensions will be added over time.
    •  
  • Cryptomining and fingerprinting protections are added to strict content blocking settings in Privacy & Security preferences.

  • WebRender will roll out to Windows 10 users with AMD graphics cards.

  • Windows Background Intelligent Transfer Service (BITS) update download support, which allows Firefox update downloads to continue when Firefox is closed.

Fixed

  • Various security fixes

  • Local files can no longer access other files in the same directory.

Changed

  • Unified existing locales (bn-BD, bn-IN) under a single Bengali (bn) localization.

  • The following unmaintained translations have been removed: Assamese (as), English - South Africa (en-ZA), Maithili (mai), Malayalam (ml), Odia (or). Existing users will be migrated to the British English (en-GB) version.

  • When an HTTPS error caused by antivirus software is detected, Firefox will attempt to automatically fix it

  • Camera and microphone access now require an HTTPS connection.

  • The way non-default preferences are synced has changed. Please see this support article for more details

=====================================

Available via the internal updater:   Help / About Firefox

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware


Windows 10 Pro (64-bit), Panda DOME 18.7.4, MBAM3 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, Microsoft EDGE, Firefox, Pale Moon, uBlock Origin, CryptoPrevent.


[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos
ky331
6 Indium

Re: Updates 7/9/19 - "Microsoft Tuesday", Flash, Firefox

Security Vulnerabilities fixed in FF 68:

https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware


Windows 10 Pro (64-bit), Panda DOME 18.7.4, MBAM3 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, Microsoft EDGE, Firefox, Pale Moon, uBlock Origin, CryptoPrevent.


[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos
7- Thorium

Re: Updates 7/9/19 - "Microsoft Tuesday", Flash, Firefox

What's with the new license agreement we have to accept for Windows Malicious Software Removal Tool, which says, amongst other things:

"...The following feature uses Internet protocols, which send to the appropriate systems computer information, such as your Internet protocol address, the type of operating system, browser and name and version of the software you are using, and the language code of the device where you installed the software...."

and:

"...When the software checks your device for Malware, a report will be sent to Microsoft about any Malware detected, specific information relating to the detection, errors that occurred while the software was checking for Malware, and other information about your device that will help us improve this and other Microsoft products and services...."

<emphasis added>

Ron

   Forum Member since 2004
   I am not a Dell employee

0 Kudos
ky331
6 Indium

Re: Updates 7/9/19 - "Microsoft Tuesday", Flash, Firefox

Ron,

1) when I ran the MRT through Windows Update, I didn't have any user-interaction with it.   No warnings/disclaimers, absolutely nothing.

2) I have yet to "find" the MRT at the usual Microsoft link, which is why I haven't documented it (so far??) this month.

3) I just downloaded the tool from MajorGeeks (which often has access before other "official" sites), and it's running normally for me here.

So not sure what's happening at your end.

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware


Windows 10 Pro (64-bit), Panda DOME 18.7.4, MBAM3 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, Microsoft EDGE, Firefox, Pale Moon, uBlock Origin, CryptoPrevent.


[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos
7- Thorium

Re: Updates 7/9/19 - "Microsoft Tuesday", Flash, Firefox

I dunno why MSRT wanted me to accept a new EULA yesterday either. I haven't installed anything new, aside from some app updates lately. So it's not like I deleted some existing MSRT EULA key from my PC.

But what I did was follow the link in the EULA for more info which eventually got me to a page about disabling the MSRT reporting feature in an "enterprise environment" using a Registry hack. I made the change and hopefully that helps keep MS's nose out of my PC. But -obviously- I have no way test if that hack is actually working.

Here's the info I used for the Regedit hack:

  • Launch Regedit from Start>Run
  • Navigate to Subkey: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MRT
  • Create new Entry in right column for that key and name it: \DontReportInfectionInformation  (include the \)
  • Set Type: REG_DWORD
  • Set Value: data: 1

Danger, Will Robinson! = Anybody who attempts this Registry hack, does so entirely at their own risk. I take no responsibility if something goes wrong, and you are strongly encouraged to back up (Export) a copy of the entire Registry onto external media before making any changes to the Registry.

Ron

   Forum Member since 2004
   I am not a Dell employee

0 Kudos
7- Thorium

Re: Updates 7/9/19 - "Microsoft Tuesday", Flash, Firefox

And speaking of EULAs....I just got an email today supposedly from Microsoft entitled Updates to our terms of use

Your Services Agreement made clearer
You are receiving this email because we are updating the Microsoft Services Agreement, which applies to one or more Microsoft products or services you use....

Real or phishing...?

Ron

   Forum Member since 2004
   I am not a Dell employee

0 Kudos
ky331
6 Indium

Re: Updates 7/9/19 - "Microsoft Tuesday", Flash, Firefox

Without seeing the actual e-mail, it's hard to offer a definitive answer.

I certainly would be suspicious.

Look for signs of fraud:

Does the e-mail directly mention your real name... assuming you had offered it to Microsoft?   Or does it just say "Dear Sir", or no name at all, or only your e-address name?

Are there blatant errors in spelling and/or grammar?

If there are links in the e-mail, and you move your cursor over them (withOUT clicking on them!), does they show a "reasonable" address, or something which "doesn't feel right".

Not foolproof, but any of these can be hints of fraud.

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware


Windows 10 Pro (64-bit), Panda DOME 18.7.4, MBAM3 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, Microsoft EDGE, Firefox, Pale Moon, uBlock Origin, CryptoPrevent.


[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos
7- Thorium

Re: Updates 7/9/19 - "Microsoft Tuesday", Flash, Firefox

Email opens with a large jpg of a smiling family holding a Surface tablet. Below that it says "Hello". followed by  lots of text, some which I included in my previous post.

No obvious bad English, and no obvious errors, or misspellings. There are 2 hyperlinks in the body of the text and 3 buttons (Services Agreement, Privacy Statement, and FAQs) across the bottom of the message. The 5 links are all different but all start with mmed. microsoft. com/  (spaces added) followed by dozens of letters, numbers, % signs etc.

On the surface (pun intended) it seems legit, but I'm not clicking any of those links or buttons. And if they want to close my MS account, fine with me. :Wink:

 

 

Ron

   Forum Member since 2004
   I am not a Dell employee

0 Kudos