Security News: Exchange ProxyShell, Zoom RCE, Citrix Canceled PT Acknowledgments, Cisco No Patch Router RCEs

2021-08-31T23:16:51

Description

Hello everyone! This is a new episode with my comments on the latest Information Security news. ## Exchange ProxyShell I want to start with something about [attacks on Exchange](<https://thehackernews.com/2021/08/microsoft-exchange-under-attack-with.html>). ProxyShell is in the news, the LockFile ransomware compromised more than 2000 servers. On the other hand, there is basically nothing to say here. ProxyShell is the name for 3 vulnerabilities. The bulletins for Remote Code Execution [CVE-2021-34473](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34473>) and Server Elevation of Privilege [CVE-2021-34523](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34523>) were released on July 13, but were fixed by April Patch Tuesday patches. Yes, it happens sometimes. The bulletin for Security Feature Bypass [CVE-2021-31207](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31207>) was released on May 11. Users had 4 months to install the updates. Interestingly, 2 out of 3 vulnerabilities have the property "Less likely to be exploited". As you can see, it's pretty useless. In addition to these spring vulnerabilities, there was also a set of July vulnerabilities (CVE-2021-31196, CVE-2021-31206, CVE-2021-33768, CVE-2021-34470). It is not yet clear if they will be used in real life attacks. Maybe yes, maybe no. But you need to install patches anyway. One thing is clear, Exchange is a great target. It is used almost everywhere. It is a Windows host that is reachable at the perimeter of the network. It's scary to patch it. When the email service stops working, it becomes very noticeable. And keeping Exchange without updates is even worse. Therefore, the only option is to change the infrastructure so that testing and installing the updates should take a minimum of time. The patch released on Tuesday should be ideally installed on Wednesday. Everything else is dangerous. I'm not even talking about the pathologies when the organization continues to use Exchange 2010, for which there are no more updates. ## Zoom RCE Have you already seen [a nice analysis of a Zoom Remote Code Execution](<https://sector7.computest.nl/post/2021-08-zoom/>), that does not require any user interaction? About two minutes of magic with call/message notifications and a calculator window appears on the target host. Very cool and effective. And here it should be noted that Zoom does not force updates. To update you need to go to Settings and click the "Check for Updates" button. I had version 2.7.4 and Zoom was not showing any notifications. After clicking on "Check for Updates", Zoom has updated to 2.7.6. Forced updates are not configurable in any way via the GUI, but in a corporate environment it seems like it can be enabled [using group policies](<https://support.zoom.us/hc/en-us/articles/360039100051-Group-Policy-Options-for-the-Windows-desktop-client-and-Zoom-Rooms>): EnableClientAutoUpdate, EnableSilentAutoUpdate, AlwaysCheckLatestVersion. ## Citrix Canceled PT Acknowledgments Cool story. [Citrix quietly removed Positive Technologies employees](<https://twitter.com/ptswarm/status/1429797658416328708>) Klyuchnikov and Medov from the acknowledgment sections for [CVE-2019-19781](<https://support.citrix.com/article/CTX267027>) and [CVE-2020-8209](<https://support.citrix.com/article/CTX277457>) vulnerabilities. There was a mention in March, but not in August. Citrix canceled their "thanks", so to speak. And it is clear why - the US sanctions against Positive Technologies. And when Citrix was pointed out and shamed on Twitter, they returned everything back. Also quietly. Well, such cuties, huh? ^_^ ## Cisco No Patch Router RCEs Not news, but an interesting feature of the brave new world. How it used to be: you buy hardware and use it until it breaks. Now any hardware requires constant updating for safe operation. And after a certain moment the vendor shrugs his shoulders and says "sorry, End Of Life". For example, this is how [Cisco responded to the RCE vulnerability CVE-2021-34730](<https://thehackernews.com/2021/08/critical-flaw-found-in-older-cisco.html>) (CVSS score: 9.8) in the UPnP service for SMB routers RV110W, RV130, RV130W and RV215W. [They write that](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-sb-rv-overflow-htpymMB5>) either disable UPnP completely, or throw out the router and buy a new one. On the one hand, UPnP is certainly not secure and you don't need to use it. But come on, this is a legitimate feature, and Cisco doesn't want to fix vulnerabilities in it for not-so-old hardware released in 2011-2013. Moreover, this is not the first RCE in these routers that they do not want to fix, [in April there was CVE-2021-1459 in the admin web interface](<https://thehackernews.com/2021/04/cisco-will-not-patch-critical-rce-flaw.html?m=1>). In terms of functionality, the devices are quite adequate, given that they now cost less than $ 100. "[The RV130W Wireless-N Router](<https://www.cisco.com/c/en/us/products/routers/rv130w-wireless-n-multifunction-vpn-router/index.html>) offers investment protection as your small business needs evolve. This multifunctional networking device features: * Gigabit Ethernet connections, including a four-port managed switch * USB 3G/4G failover support * Built-in, high-speed wireless-N access point * IP Security (IPsec) VPN for flexible remote access * Support for separate virtual networks and wireless guest access". And formally they are right. But I would like the support period to be longer, and critical vulnerabilities were fixed even after this period, and there was an opportunity to install alternative firmware, and there was mandatory marking when the device "turns into a pumpkin." There is a lot to wish for. ![🙂](https://s.w.org/images/core/emoji/13.1.0/72x72/1f642.png)

{"id": "AVLEONOV:B0F649A99B171AC3032AF71B1DCCFE34", "vendorId": null, "type": "avleonov", "bulletinFamily": "blog", "title": "Security News: Exchange ProxyShell, Zoom RCE, Citrix Canceled PT Acknowledgments, Cisco No Patch Router RCEs", "description": "Hello everyone! This is a new episode with my comments on the latest Information Security news.\n\n## Exchange ProxyShell\n\nI want to start with something about [attacks on Exchange](<https://thehackernews.com/2021/08/microsoft-exchange-under-attack-with.html>). ProxyShell is in the news, the LockFile ransomware compromised more than 2000 servers. On the other hand, there is basically nothing to say here.\n\nProxyShell is the name for 3 vulnerabilities. The bulletins for Remote Code Execution [CVE-2021-34473](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34473>) and Server Elevation of Privilege [CVE-2021-34523](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34523>) were released on July 13, but were fixed by April Patch Tuesday patches. Yes, it happens sometimes. The bulletin for Security Feature Bypass [CVE-2021-31207](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31207>) was released on May 11. Users had 4 months to install the updates. Interestingly, 2 out of 3 vulnerabilities have the property "Less likely to be exploited". As you can see, it's pretty useless.\n\nIn addition to these spring vulnerabilities, there was also a set of July vulnerabilities (CVE-2021-31196, CVE-2021-31206, CVE-2021-33768, CVE-2021-34470). It is not yet clear if they will be used in real life attacks. Maybe yes, maybe no. But you need to install patches anyway.\n\nOne thing is clear, Exchange is a great target. It is used almost everywhere. It is a Windows host that is reachable at the perimeter of the network. It's scary to patch it. When the email service stops working, it becomes very noticeable. And keeping Exchange without updates is even worse. Therefore, the only option is to change the infrastructure so that testing and installing the updates should take a minimum of time. The patch released on Tuesday should be ideally installed on Wednesday. Everything else is dangerous. I'm not even talking about the pathologies when the organization continues to use Exchange 2010, for which there are no more updates.\n\n## Zoom RCE\n\nHave you already seen [a nice analysis of a Zoom Remote Code Execution](<https://sector7.computest.nl/post/2021-08-zoom/>), that does not require any user interaction? About two minutes of magic with call/message notifications and a calculator window appears on the target host. Very cool and effective.\n\nAnd here it should be noted that Zoom does not force updates. To update you need to go to Settings and click the "Check for Updates" button. I had version 2.7.4 and Zoom was not showing any notifications. After clicking on "Check for Updates", Zoom has updated to 2.7.6. Forced updates are not configurable in any way via the GUI, but in a corporate environment it seems like it can be enabled [using group policies](<https://support.zoom.us/hc/en-us/articles/360039100051-Group-Policy-Options-for-the-Windows-desktop-client-and-Zoom-Rooms>): EnableClientAutoUpdate, EnableSilentAutoUpdate, AlwaysCheckLatestVersion.\n\n## Citrix Canceled PT Acknowledgments\n\nCool story. [Citrix quietly removed Positive Technologies employees](<https://twitter.com/ptswarm/status/1429797658416328708>) Klyuchnikov and Medov from the acknowledgment sections for [CVE-2019-19781](<https://support.citrix.com/article/CTX267027>) and [CVE-2020-8209](<https://support.citrix.com/article/CTX277457>) vulnerabilities. There was a mention in March, but not in August. Citrix canceled their "thanks", so to speak. And it is clear why - the US sanctions against Positive Technologies. And when Citrix was pointed out and shamed on Twitter, they returned everything back. Also quietly. Well, such cuties, huh? ^_^\n\n## Cisco No Patch Router RCEs\n\nNot news, but an interesting feature of the brave new world. How it used to be: you buy hardware and use it until it breaks. Now any hardware requires constant updating for safe operation. And after a certain moment the vendor shrugs his shoulders and says "sorry, End Of Life". For example, this is how [Cisco responded to the RCE vulnerability CVE-2021-34730](<https://thehackernews.com/2021/08/critical-flaw-found-in-older-cisco.html>) (CVSS score: 9.8) in the UPnP service for SMB routers RV110W, RV130, RV130W and RV215W. [They write that](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-sb-rv-overflow-htpymMB5>) either disable UPnP completely, or throw out the router and buy a new one. On the one hand, UPnP is certainly not secure and you don't need to use it. But come on, this is a legitimate feature, and Cisco doesn't want to fix vulnerabilities in it for not-so-old hardware released in 2011-2013. Moreover, this is not the first RCE in these routers that they do not want to fix, [in April there was CVE-2021-1459 in the admin web interface](<https://thehackernews.com/2021/04/cisco-will-not-patch-critical-rce-flaw.html?m=1>). In terms of functionality, the devices are quite adequate, given that they now cost less than $ 100.\n\n"[The RV130W Wireless-N Router](<https://www.cisco.com/c/en/us/products/routers/rv130w-wireless-n-multifunction-vpn-router/index.html>) offers investment protection as your small business needs evolve. This multifunctional networking device features:\n\n * Gigabit Ethernet connections, including a four-port managed switch\n * USB 3G/4G failover support\n * Built-in, high-speed wireless-N access point\n * IP Security (IPsec) VPN for flexible remote access\n * Support for separate virtual networks and wireless guest access".\n\nAnd formally they are right. But I would like the support period to be longer, and critical vulnerabilities were fixed even after this period, and there was an opportunity to install alternative firmware, and there was mandatory marking when the device "turns into a pumpkin." There is a lot to wish for. ![\ud83d\ude42](https://s.w.org/images/core/emoji/13.1.0/72x72/1f642.png)", "published": "2021-08-31T23:16:51", "modified": "2021-08-31T23:16:51", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://avleonov.com/2021/09/01/security-news-exchange-proxyshell-zoom-rce-citrix-canceled-pt-acknowledgments-cisco-no-patch-router-rces/", "reporter": "Alexander Leonov", "references": [], "cvelist": ["CVE-2019-19781", "CVE-2020-8209", "CVE-2021-1459", "CVE-2021-31196", "CVE-2021-31206", "CVE-2021-31207", "CVE-2021-33768", "CVE-2021-34470", "CVE-2021-34473", "CVE-2021-34523", "CVE-2021-34730"], "immutableFields": [], "lastseen": "2021-11-11T02:42:15", "viewCount": 180, "enchantments": {"dependencies": {"references": [{"type": "attackerkb", "idList": ["AKB:116FDAE6-8C6E-473E-8D39-247560D01C09", "AKB:5E706DDA-98EC-49CA-AB21-4814DAF26444", "AKB:6F1D646E-2CDB-4382-A212-30728A7DB899", "AKB:75221F03-CFA1-478E-9777-568E523E3272", "AKB:AFC76977-D355-470D-A7F6-FEF7A8352B65", "AKB:BDCF4DDE-714E-40C0-B4D9-2B4ECBAD31FF", "AKB:C4CD066B-E590-48F0-96A7-FFFAFC3D23CC"]}, {"type": "avleonov", "idList": ["AVLEONOV:BAA1E4E49B508F98138C7EBA9B9C07E6"]}, {"type": "canvas", "idList": ["NETSCALER_TRAVERSAL_RCE"]}, {"type": "cert", "idList": ["VU:619785"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-1653", "CPAI-2020-1219", "CPAI-2021-0476", "CPAI-2021-0900"]}, {"type": "cisa", "idList": ["CISA:134C272F26FB005321448C648224EB02", "CISA:661993843C9F9A838ADA8B8B8B9412D1", "CISA:8AA4B67E8B2150628DAEB8C3A98C4BEC", "CISA:8C51810D4AACDCCDBF9D526B4C21660C", "CISA:E46D6B22DC3B3F8B062C07BD8EA4CB7C"]}, {"type": "cisco", "idList": ["CISCO-SA-CISCO-SB-RV-OVERFLOW-HTPYMMB5", "CISCO-SA-RV-RCE-Q3RXHNVM"]}, {"type": "citrix", "idList": ["CTX267027", "CTX277457"]}, {"type": "cve", "idList": ["CVE-2019-19781", "CVE-2020-8209", "CVE-2021-1459", "CVE-2021-31196", "CVE-2021-31206", "CVE-2021-31207", "CVE-2021-33768", "CVE-2021-34470", "CVE-2021-34473", "CVE-2021-34523", "CVE-2021-34730"]}, {"type": "dsquare", "idList": ["E-721"]}, {"type": "exploitdb", "idList": ["EDB-ID:47901", "EDB-ID:47902", "EDB-ID:47913", "EDB-ID:47930"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:04BD77915CB7D5152AF289164D21448A", "EXPLOITPACK:213FB88DED3CCAB77D32289A335E386D", "EXPLOITPACK:959CB519C011AA90D2BEE4ED33D8FEBF", "EXPLOITPACK:D0A0C692882848C218FDF1B93258E171"]}, {"type": "fireeye", "idList": ["FIREEYE:173497473E4F8289490BBFFF8E828EC9", "FIREEYE:27339B4646A838356BA1378430516613", "FIREEYE:2FBC6EAA2BC98E48BDE41A39FB730AA1", "FIREEYE:BFB36D22F20651C632D25AA20588E904", "FIREEYE:E126D2B5A643EE6CD5B128CAC8C217CF", "FIREEYE:FC60CAB5C936FF70E94A7C9307805695"]}, {"type": "freebsd", "idList": ["2BAB995F-36D4-11EA-9DAD-002590ACAE31"]}, {"type": "githubexploit", "idList": ["0829A67E-3C24-5D54-B681-A7F72848F524", "09DFDAA9-9EF6-513F-B464-D707B45D598A", "0A015784-48D7-5DC1-9FB9-416A9BBEA6D5", "0A8A2E34-0577-5F13-BD78-B9E96A8AF008", "18DD4D81-26F7-5D44-BAC2-BC6B7D65E198", "1AAD4FCC-D02C-52F0-ADA8-410D1B99297C", "1AB95B23-4916-5338-9CB0-28672888287F", "1F74FB7B-4F6B-51C6-9117-E7A9750D027D", "27F3F58D-9FEF-5F4F-91FB-0D93B481FBA4", "2849E613-8689-58E7-9C55-A0616B66C91A", "2C33B9C6-636A-5907-8CD2-119F9B69B89B", "2D0AC1C7-F656-5D6B-9FC2-79525014BE1E", "306622D1-6E5F-53BE-AE3D-A17E5DAC3F50", "37EBD8DB-50D9-5D1E-B6AB-31330A7C47C7", "39093366-D071-5898-A67D-A99B956B6E73", "3AEA79E9-5CA7-5210-9CAC-5E34F8E0C418", "3BFD8B83-5790-508D-8B9C-58C171517BD0", "3DF3AA17-94C8-5E17-BCB8-F806D1746CDF", "4141B394-8FC2-5D74-B0A2-3A1F5DF6905E", "45A4CAC6-39DD-5F6D-B0C4-9688EF931746", "46FA259E-5429-580C-B1D5-D1F09EB90023", "498E3F5C-3DFB-5A3F-BFE8-BEB7339F0C2E", "4AC49DB9-A784-561B-BF92-94209310B51B", "4AD61F33-6EE2-52DF-83DC-91406BD73B8E", "5DD13827-3FCE-5166-806D-088441D41514", "607F0EF9-B234-570A-9E89-A73FBE248E6F", "62891769-2887-58A7-A603-BCD5E6A6D6F9", "62ED9EA6-B108-5F5A-B611-70CC6C705459", "6787DC40-24C2-5626-B213-399038EFB0E9", "721C46F4-C390-5D23-B358-3D4B22959428", "9304254B-557D-5DFE-AF8D-E21D0DF1FFDF", "95E65640-89C6-5DB4-B529-A64D409A4913", "988A0BAB-669A-57AE-B432-564B2E378252", "9A29EBA1-E786-5DD5-B661-E0080DEEB613", "A4F047D6-CD61-5E9D-86EF-FB824CE2625F", "ACE1EC69-37E6-58A5-8C0B-96212CDB38DF", "B3DDE0DD-F0B0-542D-8154-F61DCD2E49D9", "BEF7E47B-985F-56DE-AD21-DFEF507AAFE1", "C3AF7933-1DDE-58AB-BF32-75FEDB10C925", "C790841B-11B6-5497-B6DB-EF8A56DD8A0C", "CA1AFE75-C90A-5C21-92B0-FC1C0282B767", "CA7DF0EF-7032-54E3-B16E-D0845CE73845", "CF9EC818-A904-586C-9C19-3B4F04770FBD", "E3BF7E8E-58EA-5BC5-A6F4-401912FFB4BE", "E3D6A7AD-AC9C-55EB-A993-B78D05403B54", "E458F533-4B97-51A1-897B-1AF58218F2BF", "EAFD9DBC-1E36-570B-9F48-8C355BBFD8E6", "EE4C8DE4-3366-58B0-9494-7FD5B6F9D0EF", "F00E8BE4-12D2-5F5B-A9AA-D627780259FB", "F14BCE6F-3415-59C7-AC9D-A5D7ABE1BB8E", "F27B127B-57F0-5352-B92F-B6F921378CBB", "F3D87CA2-44D8-583C-AF7F-85AA53FB6CAD"]}, {"type": "hivepro", "idList": ["HIVEPRO:09525E3475AC1C5F429611A90182E82F", "HIVEPRO:10B372979ED5F121D7A84FB66487023E", "HIVEPRO:186D6EE394314F861D57F4243E31E975", "HIVEPRO:92FF0246065B21E79C7D8C800F2DED76", "HIVEPRO:C0B03D521C5882F1BE07ECF1550A5F74", "HIVEPRO:DB06BB609FE1B4E7C95CDC5CB2A38B28", "HIVEPRO:E7F36EC1E4DCF018F94ECD22747B7093", "HIVEPRO:F2305684A25C735549865536AA4254BF"]}, {"type": "impervablog", "idList": ["IMPERVABLOG:4124E2CCDA610C6D222319C47C8D3250", "IMPERVABLOG:BB987E93C1A58280077D98CF497FD72D"]}, {"type": "kaspersky", "idList": ["KLA12169", "KLA12224"]}, {"type": "kitploit", "idList": ["KITPLOIT:4421457840699592233", "KITPLOIT:4707889613618662864"]}, {"type": "krebs", "idList": ["KREBS:62E2D32C0ABD1C4B8EA91C60B425255B", "KREBS:831FD0B726B800B2995A68BA50BD8BE3"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:1F038DB7EFBB36EF80C56CAFA6D41B90", "MALWAREBYTES:42218FB85F05643E0B2C2C7D259EFEB5", "MALWAREBYTES:6A4862332586F98DA4761BE2B684752F", "MALWAREBYTES:80B21E934B1C43C7071F039FE9512208", "MALWAREBYTES:B0F2474F776241731FE08EA7972E6239", "MALWAREBYTES:B830332817B5D5BEE99EF296E8EC7E2A", "MALWAREBYTES:B8C767042833344389F6158273089954", "MALWAREBYTES:BAB94968DD1EC37DA6F977226977DAF5", "MALWAREBYTES:D7EFF87E8AB1DBEC63A0DBE7F8DA90B8"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY-SCANNER-HTTP-CITRIX_DIR_TRAVERSAL-", "MSF:EXPLOIT-FREEBSD-HTTP-CITRIX_DIR_TRAVERSAL_RCE-", "MSF:EXPLOIT-WINDOWS-HTTP-EXCHANGE_PROXYSHELL_RCE-"]}, {"type": "mmpc", "idList": ["MMPC:27EEFD67E5E7E712750B1472E15C5A0B", "MMPC:42ECD98DCF925DC4063DE66F75FB5433"]}, {"type": "mscve", "idList": ["MS:CVE-2021-31196", "MS:CVE-2021-31206", "MS:CVE-2021-31207", "MS:CVE-2021-33768", "MS:CVE-2021-34470", "MS:CVE-2021-34473", "MS:CVE-2021-34523"]}, {"type": "mskb", "idList": ["KB5001779", "KB5003435", "KB5003611", "KB5003612", "KB5004778", "KB5004779", "KB5004780"]}, {"type": "mssecure", "idList": ["MSSECURE:27EEFD67E5E7E712750B1472E15C5A0B", "MSSECURE:42ECD98DCF925DC4063DE66F75FB5433", "MSSECURE:E3C8B97294453D962741782EC959E79C"]}, {"type": "nessus", "idList": ["701262.PRM", "CITRIX_NETSCALER_CTX267027.NASL", "CITRIX_SSL_VPN_CVE-2019-19781.NBIN", "EXCHANGE_PROXYSHELL.NBIN", "FREEBSD_PKG_2BAB995F36D411EA9DAD002590ACAE31.NASL", "SMB_NT_MS21_APR_EXCHANGE.NASL", "SMB_NT_MS21_JUL_EXCHANGE.NASL", "SMB_NT_MS21_MAY_EXCHANGE.NASL"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:155904", "PACKETSTORM:155905", "PACKETSTORM:155930", "PACKETSTORM:155947", "PACKETSTORM:155972", "PACKETSTORM:163895"]}, {"type": "ptsecurity", "idList": ["PT-2020-01"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:0082A77BD8EFFF48B406D107FEFD0DD3", "QUALYSBLOG:01C65083E501A6BAFB08FCDA1D561012", "QUALYSBLOG:282A52EA9B1F4C4F3F084197709217B0", "QUALYSBLOG:82E24C28622F0C96140EDD88C6BD8F54", "QUALYSBLOG:8DC9B53E981BBE193F6EC369D7FA85F8", "QUALYSBLOG:A8EE36FB3E891C73934CB1C60E3B3D41", "QUALYSBLOG:AF3D80BA12D4BBA1EE3BE23A5E730B6C", "QUALYSBLOG:BC22CE22A3E70823D5F0E944CBD5CE4A", "QUALYSBLOG:CAF5B766E6B0E6C1A5ADF56D442E7BB2", "QUALYSBLOG:DC0F3E59C4DA6EB885E6BCAB292BCA7D", "QUALYSBLOG:DE1FEC2B9B661D42DAA0BA398DBFD24E"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:03B1EB65D8A7CFE486943E2472225BA1", "RAPID7BLOG:05A653A5E863B78EDD56FD74F059E02E", "RAPID7BLOG:24E0BE5176F6D3963E1824AD4A55019E", "RAPID7BLOG:4B35B23167A9D5E016537F6A81E4E9D4", "RAPID7BLOG:5CDF95FB2AC31414FD390E0E0A47E057", "RAPID7BLOG:6A1F743B64899419F505BFE243BD179F", "RAPID7BLOG:7B1DD656DC72802EE7230867267A5A16", "RAPID7BLOG:C90DF07E98E436DFBFCC5BA576D21019", "RAPID7BLOG:D47FB88807F2041B8820156ECFB85720"]}, {"type": "securelist", "idList": ["SECURELIST:35644FF079836082B5B728F8E95F0EDD", "SECURELIST:C540EBB7FD8B7FB9E54E119E88DB5C48"]}, {"type": "seebug", "idList": ["SSV:99334"]}, {"type": "symantec", "idList": ["SMNTC-111238"]}, {"type": "talosblog", "idList": ["TALOSBLOG:7192A351B37E9A67C1A5DB760A14DA7E", "TALOSBLOG:C73CDA82B845335B5DCC8A94FB5662D8", "TALOSBLOG:D7662F18F14544FB63C58CB527CC3A4A"]}, {"type": "thn", "idList": ["THN:0B1D114F0E9F363E39DF54A7DB4324F9", "THN:0D80EEB03C07D557AA62E071C7A7C619", "THN:0E6CD47141AAF54903BD6C1F9BD96F44", "THN:166AAAF7F04EF01C9E049500387BD1FD", "THN:1ED1BB1B7B192353E154FB0B02F314F4", "THN:25143CA85A0297381CEBBBD35F24F85B", "THN:3E9680853FA3A677106A8ED8B7AACBE6", "THN:461B7AEC7D12A32B4ED085F0EA213502", "THN:5BE77895D84D1FB816C73BB1661CE8EB", "THN:6ED39786EE29904C7E93F7A0E35A39CB", "THN:84E53E1CA489F43A3D68EC1B18D6C2E2", "THN:87AE96960D76D6C84D9CF86C2DDB837C", "THN:91A2A296EF8B6FD5CD8B904690E810E8", "THN:9994A9D5CFB76851BB74C8AD52F3DBBE", "THN:99BD0D6A04B18BBEE57AE05E0F351456", "THN:9FD8A70F9C17C3AF089A104965E48C95", "THN:B95DC27A89565323F0F8E6350D24D801", "THN:C3B82BB0558CF33CFDC326E596AF69C4", "THN:DABC62CDC9B66962217D9A8ABA9DF060", "THN:E95B6A75073DA71CEC73B2E4F0B13622", "THN:EB3F9784BB2A52721953F128D1B3EAEC", "THN:F2A37F040B6AE81E1646EC5E0EE9EEA2", "THN:FA40708E1565483D14F9A31FC019FCE1"]}, {"type": "threatpost", "idList": ["THREATPOST:163B67EFAB31CDAD34D25B9194438851", "THREATPOST:1CEC18436389CF557E4D0F83AE022A53", "THREATPOST:1FB73160B6AAB2B0406816BB6A61E4CB", "THREATPOST:2243706D17F2A1E930A00F49D8E30720", "THREATPOST:2D47D18D36043D4DFBFAD7C64345410E", "THREATPOST:2E607CF584AE6639AC690F7F0CE8C648", "THREATPOST:48D622E76FCC26F28B32364668BB1930", "THREATPOST:4B2E19CAF27A3EFBCB2F777C6E528317", "THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:558A7B1DE564A8E368D33E86E291AB77", "THREATPOST:575F655420B93C2305DEE73F769E7E0B", "THREATPOST:604B67FD6EFB0E72DDD87DF07C8F456D", "THREATPOST:63D2355B6EF0B975846E034876BC66DF", "THREATPOST:71C45E867DCD99278A38088B59938B48", "THREATPOST:736F24485446EFF3B3797B31CE9DAF1D", "THREATPOST:816C2C5C3414F66AD1638248B7321FA1", "THREATPOST:836083DB3E61D979644AE68257229776", "THREATPOST:83C349A256695022C2417F465CEB3BB2", "THREATPOST:8D6D4C10987CBF3434080EFF240D2E74", "THREATPOST:93F1D3DD89A41A41475737BF84F8146C", "THREATPOST:9688E067E5F287042D4EBC46107C66AF", "THREATPOST:98D815423018872E6E596DAA8131BF3F", "THREATPOST:99610F4016AECF953EEE643779490F30", "THREATPOST:A2FE619CD27EBEC2F6B0C62ED026F02C", "THREATPOST:AB0F3CD65F9FE00689C1695CB89ADC3F", "THREATPOST:AB2F6BF7F6EC16383E737E091BA9385B", "THREATPOST:AD4EF56E5440159F6E37D8B403C253D7", "THREATPOST:AD8A075328874910E8DCBC149A6CA284", "THREATPOST:B53DDA5AD9C6530F631391E064A0D4FA", "THREATPOST:B7F31FCDC8936516C077D39FEF9235AA", "THREATPOST:B956AABD7A9591A8F25851E15000B618", "THREATPOST:C8634F1B5CFC8DD331BF849C669F1AFB", "THREATPOST:EDFBDF12942A6080DE3FAE980A53F496", "THREATPOST:F8F0749C57FDD3CABE842BDFEAD33452", "THREATPOST:FADCF664C06E3747C40C200AE681FDF8"]}, {"type": "zdi", "idList": ["ZDI-21-819", "ZDI-21-821", "ZDI-21-822", "ZDI-21-826"]}, {"type": "zdt", "idList": ["1337DAY-ID-33794", "1337DAY-ID-33806", "1337DAY-ID-33824", "1337DAY-ID-36667"]}]}, "score": {"value": -0.4, "vector": "NONE"}, "backreferences": {"references": [{"type": "attackerkb", "idList": ["AKB:116FDAE6-8C6E-473E-8D39-247560D01C09", "AKB:75221F03-CFA1-478E-9777-568E523E3272", "AKB:AFC76977-D355-470D-A7F6-FEF7A8352B65", "AKB:BDCF4DDE-714E-40C0-B4D9-2B4ECBAD31FF", "AKB:C4CD066B-E590-48F0-96A7-FFFAFC3D23CC"]}, {"type": "avleonov", "idList": ["AVLEONOV:BAA1E4E49B508F98138C7EBA9B9C07E6"]}, {"type": "canvas", "idList": ["NETSCALER_TRAVERSAL_RCE"]}, {"type": "cert", "idList": ["VU:619785"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-1653", "CPAI-2020-1219", "CPAI-2021-0476"]}, {"type": "cisa", "idList": ["CISA:134C272F26FB005321448C648224EB02", "CISA:661993843C9F9A838ADA8B8B8B9412D1", "CISA:8AA4B67E8B2150628DAEB8C3A98C4BEC", "CISA:8C51810D4AACDCCDBF9D526B4C21660C", "CISA:E46D6B22DC3B3F8B062C07BD8EA4CB7C"]}, {"type": "cisco", "idList": ["CISCO-SA-CISCO-SB-RV-OVERFLOW-HTPYMMB5", "CISCO-SA-RV-RCE-Q3RXHNVM"]}, {"type": "citrix", "idList": ["CTX267027", "CTX277457"]}, {"type": "cve", "idList": ["CVE-2019-19781", "CVE-2021-1459", "CVE-2021-31196", "CVE-2021-31206", "CVE-2021-31207", "CVE-2021-33768", "CVE-2021-34470", "CVE-2021-34473", "CVE-2021-34523", "CVE-2021-34730"]}, {"type": "dsquare", "idList": ["E-721"]}, {"type": "exploitdb", "idList": ["EDB-ID:47901", "EDB-ID:47902", "EDB-ID:47913", "EDB-ID:47930"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:213FB88DED3CCAB77D32289A335E386D", "EXPLOITPACK:959CB519C011AA90D2BEE4ED33D8FEBF"]}, {"type": "fireeye", "idList": ["FIREEYE:173497473E4F8289490BBFFF8E828EC9", "FIREEYE:27339B4646A838356BA1378430516613", "FIREEYE:2FBC6EAA2BC98E48BDE41A39FB730AA1", "FIREEYE:BFB36D22F20651C632D25AA20588E904"]}, {"type": "freebsd", "idList": ["2BAB995F-36D4-11EA-9DAD-002590ACAE31"]}, {"type": "githubexploit", "idList": ["0829A67E-3C24-5D54-B681-A7F72848F524", "09DFDAA9-9EF6-513F-B464-D707B45D598A", "0A8A2E34-0577-5F13-BD78-B9E96A8AF008", "18DD4D81-26F7-5D44-BAC2-BC6B7D65E198", "1AAD4FCC-D02C-52F0-ADA8-410D1B99297C", "1AB95B23-4916-5338-9CB0-28672888287F", "1F74FB7B-4F6B-51C6-9117-E7A9750D027D", "27F3F58D-9FEF-5F4F-91FB-0D93B481FBA4", "2849E613-8689-58E7-9C55-A0616B66C91A", "306622D1-6E5F-53BE-AE3D-A17E5DAC3F50", "37EBD8DB-50D9-5D1E-B6AB-31330A7C47C7", "39093366-D071-5898-A67D-A99B956B6E73", "3AEA79E9-5CA7-5210-9CAC-5E34F8E0C418", "3BFD8B83-5790-508D-8B9C-58C171517BD0", "4141B394-8FC2-5D74-B0A2-3A1F5DF6905E", "45A4CAC6-39DD-5F6D-B0C4-9688EF931746", "46FA259E-5429-580C-B1D5-D1F09EB90023", "498E3F5C-3DFB-5A3F-BFE8-BEB7339F0C2E", "4AD61F33-6EE2-52DF-83DC-91406BD73B8E", "5DD13827-3FCE-5166-806D-088441D41514", "607F0EF9-B234-570A-9E89-A73FBE248E6F", "62891769-2887-58A7-A603-BCD5E6A6D6F9", "62ED9EA6-B108-5F5A-B611-70CC6C705459", "6787DC40-24C2-5626-B213-399038EFB0E9", "721C46F4-C390-5D23-B358-3D4B22959428", "9304254B-557D-5DFE-AF8D-E21D0DF1FFDF", "988A0BAB-669A-57AE-B432-564B2E378252", "9A29EBA1-E786-5DD5-B661-E0080DEEB613", "A4F047D6-CD61-5E9D-86EF-FB824CE2625F", "ACE1EC69-37E6-58A5-8C0B-96212CDB38DF", "BEF7E47B-985F-56DE-AD21-DFEF507AAFE1", "C3AF7933-1DDE-58AB-BF32-75FEDB10C925", "C790841B-11B6-5497-B6DB-EF8A56DD8A0C", "CA1AFE75-C90A-5C21-92B0-FC1C0282B767", "CA7DF0EF-7032-54E3-B16E-D0845CE73845", "CF9EC818-A904-586C-9C19-3B4F04770FBD", "E3BF7E8E-58EA-5BC5-A6F4-401912FFB4BE", "E3D6A7AD-AC9C-55EB-A993-B78D05403B54", "EAFD9DBC-1E36-570B-9F48-8C355BBFD8E6", "EE4C8DE4-3366-58B0-9494-7FD5B6F9D0EF", "F14BCE6F-3415-59C7-AC9D-A5D7ABE1BB8E", "F27B127B-57F0-5352-B92F-B6F921378CBB", "F3D87CA2-44D8-583C-AF7F-85AA53FB6CAD"]}, {"type": "hivepro", "idList": ["HIVEPRO:C0B03D521C5882F1BE07ECF1550A5F74"]}, {"type": "impervablog", "idList": ["IMPERVABLOG:4124E2CCDA610C6D222319C47C8D3250"]}, {"type": "kaspersky", "idList": ["KLA12169", "KLA12224"]}, {"type": "kitploit", "idList": ["KITPLOIT:4421457840699592233"]}, {"type": "krebs", "idList": ["KREBS:62E2D32C0ABD1C4B8EA91C60B425255B", "KREBS:831FD0B726B800B2995A68BA50BD8BE3"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:1F038DB7EFBB36EF80C56CAFA6D41B90", "MALWAREBYTES:42218FB85F05643E0B2C2C7D259EFEB5", "MALWAREBYTES:6A4862332586F98DA4761BE2B684752F", "MALWAREBYTES:80B21E934B1C43C7071F039FE9512208", "MALWAREBYTES:D7EFF87E8AB1DBEC63A0DBE7F8DA90B8"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY/SCANNER/HTTP/CITRIX_DIR_TRAVERSAL", "MSF:EXPLOIT/LINUX/HTTP/CITRIX_DIR_TRAVERSAL_RCE", "MSF:EXPLOIT/WINDOWS/HTTP/EXCHANGE_PROXYSHELL_RCE/"]}, {"type": "mmpc", "idList": ["MMPC:42ECD98DCF925DC4063DE66F75FB5433"]}, {"type": "mscve", "idList": ["MS:CVE-2021-31196", "MS:CVE-2021-31206", "MS:CVE-2021-31207", "MS:CVE-2021-33768", "MS:CVE-2021-34470", "MS:CVE-2021-34473", "MS:CVE-2021-34523"]}, {"type": "mskb", "idList": ["KB5001779", "KB5004779"]}, {"type": "mssecure", "idList": ["MSSECURE:42ECD98DCF925DC4063DE66F75FB5433", "MSSECURE:E3C8B97294453D962741782EC959E79C"]}, {"type": "nessus", "idList": ["701262.PRM", "CITRIX_NETSCALER_CTX267027.NASL", "CITRIX_SSL_VPN_CVE-2019-19781.NBIN", "FREEBSD_PKG_2BAB995F36D411EA9DAD002590ACAE31.NASL", "SMB_NT_MS21_APR_EXCHANGE.NASL", "SMB_NT_MS21_JUL_EXCHANGE.NASL", "SMB_NT_MS21_MAY_EXCHANGE.NASL"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:155904", "PACKETSTORM:155905", "PACKETSTORM:155930", "PACKETSTORM:155947", "PACKETSTORM:155972", "PACKETSTORM:163895"]}, {"type": "ptsecurity", "idList": ["PT-2020-01"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:82E24C28622F0C96140EDD88C6BD8F54", "QUALYSBLOG:8DC9B53E981BBE193F6EC369D7FA85F8", "QUALYSBLOG:A8EE36FB3E891C73934CB1C60E3B3D41", "QUALYSBLOG:AF3D80BA12D4BBA1EE3BE23A5E730B6C"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:03B1EB65D8A7CFE486943E2472225BA1", "RAPID7BLOG:05A653A5E863B78EDD56FD74F059E02E", "RAPID7BLOG:4B35B23167A9D5E016537F6A81E4E9D4", "RAPID7BLOG:5CDF95FB2AC31414FD390E0E0A47E057", "RAPID7BLOG:7B1DD656DC72802EE7230867267A5A16", "RAPID7BLOG:C90DF07E98E436DFBFCC5BA576D21019"]}, {"type": "securelist", "idList": ["SECURELIST:35644FF079836082B5B728F8E95F0EDD"]}, {"type": "seebug", "idList": ["SSV:99334"]}, {"type": "symantec", "idList": ["SMNTC-111238"]}, {"type": "talosblog", "idList": ["TALOSBLOG:C73CDA82B845335B5DCC8A94FB5662D8", "TALOSBLOG:D7662F18F14544FB63C58CB527CC3A4A"]}, {"type": "thn", "idList": ["THN:0B1D114F0E9F363E39DF54A7DB4324F9", "THN:166AAAF7F04EF01C9E049500387BD1FD", "THN:1ED1BB1B7B192353E154FB0B02F314F4", "THN:25143CA85A0297381CEBBBD35F24F85B", "THN:461B7AEC7D12A32B4ED085F0EA213502", "THN:5BE77895D84D1FB816C73BB1661CE8EB", "THN:6ED39786EE29904C7E93F7A0E35A39CB", "THN:9994A9D5CFB76851BB74C8AD52F3DBBE", "THN:9FD8A70F9C17C3AF089A104965E48C95", "THN:B95DC27A89565323F0F8E6350D24D801", "THN:F2A37F040B6AE81E1646EC5E0EE9EEA2", "THN:FA40708E1565483D14F9A31FC019FCE1"]}, {"type": "threatpost", "idList": ["THREATPOST:2D47D18D36043D4DFBFAD7C64345410E", "THREATPOST:2E607CF584AE6639AC690F7F0CE8C648", "THREATPOST:48D622E76FCC26F28B32364668BB1930", "THREATPOST:4B2E19CAF27A3EFBCB2F777C6E528317", "THREATPOST:63D2355B6EF0B975846E034876BC66DF", "THREATPOST:736F24485446EFF3B3797B31CE9DAF1D", "THREATPOST:816C2C5C3414F66AD1638248B7321FA1", "THREATPOST:8D6D4C10987CBF3434080EFF240D2E74", "THREATPOST:93F1D3DD89A41A41475737BF84F8146C", "THREATPOST:9688E067E5F287042D4EBC46107C66AF", "THREATPOST:98D815423018872E6E596DAA8131BF3F", "THREATPOST:99610F4016AECF953EEE643779490F30", "THREATPOST:A2FE619CD27EBEC2F6B0C62ED026F02C", "THREATPOST:AB2F6BF7F6EC16383E737E091BA9385B", "THREATPOST:AD4EF56E5440159F6E37D8B403C253D7", "THREATPOST:B956AABD7A9591A8F25851E15000B618", "THREATPOST:C8634F1B5CFC8DD331BF849C669F1AFB", "THREATPOST:FADCF664C06E3747C40C200AE681FDF8"]}, {"type": "zdi", "idList": ["ZDI-21-819", "ZDI-21-821", "ZDI-21-822", "ZDI-21-826"]}, {"type": "zdt", "idList": ["1337DAY-ID-33794", "1337DAY-ID-33806", "1337DAY-ID-33824"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2019-19781", "epss": "0.975420000", "percentile": "0.999870000", "modified": "2023-03-17"}, {"cve": "CVE-2020-8209", "epss": "0.973550000", "percentile": "0.997900000", "modified": "2023-03-17"}, {"cve": "CVE-2021-1459", "epss": "0.001950000", "percentile": "0.555830000", "modified": "2023-03-17"}, {"cve": "CVE-2021-31196", "epss": "0.019960000", "percentile": "0.870330000", "modified": "2023-03-17"}, {"cve": "CVE-2021-31206", "epss": "0.003240000", "percentile": "0.661030000", "modified": "2023-03-17"}, {"cve": "CVE-2021-31207", "epss": "0.971850000", "percentile": "0.996460000", "modified": "2023-03-17"}, {"cve": "CVE-2021-33768", "epss": "0.000430000", "percentile": "0.073630000", "modified": "2023-03-17"}, {"cve": "CVE-2021-34470", "epss": "0.001700000", "percentile": "0.524000000", "modified": "2023-03-17"}, {"cve": "CVE-2021-34473", "epss": "0.974090000", "percentile": "0.998460000", "modified": "2023-03-17"}, {"cve": "CVE-2021-34523", "epss": "0.975070000", "percentile": "0.999600000", "modified": "2023-03-17"}, {"cve": "CVE-2021-34730", "epss": "0.002990000", "percentile": "0.647000000", "modified": "2023-03-17"}], "vulnersScore": -0.4}, "_state": {"dependencies": 1659988328, "score": 1698828056, "epss": 1679109163}, "_internal": {"score_hash": "3e024f909163e4ea005ad207e6505c7b"}}

{"nessus": [{"lastseen": "2023-08-15T15:56:12", "description": "The Microsoft Exchange Server installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities:\n\n- A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-31196, CVE-2021-31206)\n\n- An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. (CVE-2021-33768, CVE-2021-34470)\n\nNote: Nessus is unable to determine if the latest Active Directory schema has been applied.", "cvss3": {}, "published": "2021-07-15T00:00:00", "type": "nessus", "title": "Security Updates for Exchange (July 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-31196", "CVE-2021-31206", "CVE-2021-33768", "CVE-2021-34470"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/a:microsoft:exchange_server"], "id": "SMB_NT_MS21_JUL_EXCHANGE.NASL", "href": "https://www.tenable.com/plugins/nessus/151664", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151664);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-31196\",\n \"CVE-2021-31206\",\n \"CVE-2021-33768\",\n \"CVE-2021-34470\"\n );\n script_xref(name:\"MSKB\", value:\"5003611\");\n script_xref(name:\"MSKB\", value:\"5003612\");\n script_xref(name:\"MSKB\", value:\"5004778\");\n script_xref(name:\"MSKB\", value:\"5004779\");\n script_xref(name:\"MSKB\", value:\"5004780\");\n script_xref(name:\"MSFT\", value:\"MS21-5003611\");\n script_xref(name:\"MSFT\", value:\"MS21-5003612\");\n script_xref(name:\"MSFT\", value:\"MS21-5004778\");\n script_xref(name:\"MSFT\", value:\"MS21-5004779\");\n script_xref(name:\"MSFT\", value:\"MS21-5004780\");\n script_xref(name:\"IAVA\", value:\"2021-A-0315-S\");\n\n script_name(english:\"Security Updates for Exchange (July 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft Exchange Server installed on the remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft Exchange Server installed on the remote host is missing security\nupdates. It is, therefore, affected by multiple vulnerabilities:\n\n- A remote code execution vulnerability. An attacker can exploit this to bypass\n authentication and execute unauthorized arbitrary commands. (CVE-2021-31196,\n CVE-2021-31206)\n\n- An elevation of privilege vulnerability. An attacker can exploit this to gain\n elevated privileges. (CVE-2021-33768, CVE-2021-34470)\n\nNote: Nessus is unable to determine if the latest Active Directory schema has\nbeen applied.\");\n # https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-microsoft-exchange-server-2016-july-13-2021-kb5004779-81e40da3-60db-4c09-bf11-b8c1e0c1b77d\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a44a0d8a\");\n # https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-microsoft-exchange-server-2019-july-13-2021-kb5004780-fc5b3fa1-1f7a-47b0-8014-699257256bb5\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4f529b54\");\n # https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-microsoft-exchange-server-2013-july-13-2021-kb5004778-f532100d-a9c1-4f2c-bc36-baec95881011\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ecec1115\");\n # https://support.microsoft.com/en-us/topic/cumulative-update-21-for-exchange-server-2016-kb5003611-b7ba1656-abba-4a0b-9be9-dac45095d969\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?51a55048\");\n # https://support.microsoft.com/en-us/topic/cumulative-update-10-for-exchange-server-2019-kb5003612-b1434cad-3fbc-4dc3-844d-82568e8d4344\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c76ecd10\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released the following KBs to address these issues:\n - KB5003611\n - KB5003612\n - KB5004778\n - KB5004779\n - KB5004780\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-31206\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-34470\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:exchange_server\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ms_bulletin_checks_possible.nasl\", \"microsoft_exchange_installed.nbin\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('vcf_extras_microsoft.inc');\n\nvar app_info = vcf::microsoft::exchange::get_app_info();\n\nvar constraints =\n[\n {\n 'product' : '2013',\n 'unsupported_cu' : 22,\n 'cu' : 23,\n 'min_version': '15.00.1497.0',\n 'fixed_version': '15.0.1497.23'\n },\n {\n 'product': '2016',\n 'unsupported_cu': 19,\n 'cu' : 20,\n 'min_version': '15.01.2242.0',\n 'fixed_version': '15.01.2242.12'\n },\n {\n 'product' : '2016',\n 'unsupported_cu' : 19,\n 'cu' : 21,\n 'min_version': '15.01.2308.0',\n 'fixed_version': '15.01.2308.14'\n },\n {\n 'product' : '2019',\n 'unsupported_cu' : 8,\n 'cu' : 9,\n 'min_version': '15.02.858.0',\n 'fixed_version': '15.02.858.15'\n },\n {\n 'product' : '2019',\n 'unsupported_cu' : 8,\n 'cu' : 10,\n 'min_version': '15.02.922.0',\n 'fixed_version': '15.02.922.13'\n }\n\n];\n\nvcf::microsoft::exchange::check_version_and_report\n(\n app_info:app_info,\n bulletin:'MS21-07',\n constraints:constraints,\n severity:SECURITY_WARNING\n);", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-27T14:38:12", "description": "The version of Citrix ADC or Citrix NetScaler Gateway SSL VPN running on the remote web server is affected by a path traversal vulnerability that can lead to remote code execution. An unauthenticated, remote attacker can exploit this issue, by sending a specially crafted HTTP request to perform a path traversal that can lead to acheiving remote code execution.", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "nessus", "title": "Citrix ADC and Citrix NetScaler Gateway Arbitrary Code Execution (CTX267027) (Direct Check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19781"], "modified": "2023-09-25T00:00:00", "cpe": ["cpe:/o:citrix:netscaler_access_gateway_firmware"], "id": "CITRIX_SSL_VPN_CVE-2019-19781.NBIN", "href": "https://www.tenable.com/plugins/nessus/132752", "sourceData": "Binary data citrix_ssl_vpn_CVE-2019-19781.nbin", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-20T14:53:50", "description": "Art Manion and Will Dormann report :\n\nBy using an older and less-secure form of open(), it is possible for untrusted template files to cause reads/writes outside of the template directories. This vulnerability is a component of the recent Citrix exploit.", "cvss3": {}, "published": "2020-01-15T00:00:00", "type": "nessus", "title": "FreeBSD : Template::Toolkit -- Directory traversal on write (2bab995f-36d4-11ea-9dad-002590acae31)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19781"], "modified": "2023-01-19T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:p5-template-toolkit", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_2BAB995F36D411EA9DAD002590ACAE31.NASL", "href": "https://www.tenable.com/plugins/nessus/132879", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132879);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/19\");\n\n script_cve_id(\"CVE-2019-19781\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CISA-NCAS\", value:\"AA22-011A\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0129\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0122\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0742\");\n\n script_name(english:\"FreeBSD : Template::Toolkit -- Directory traversal on write (2bab995f-36d4-11ea-9dad-002590acae31)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Art Manion and Will Dormann report :\n\nBy using an older and less-secure form of open(), it is possible for\nuntrusted template files to cause reads/writes outside of the template\ndirectories. This vulnerability is a component of the recent Citrix\nexploit.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.kb.cert.org/vuls/id/619785/\");\n # https://vuxml.freebsd.org/freebsd/2bab995f-36d4-11ea-9dad-002590acae31.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e74959bf\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19781\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Citrix ADC (NetScaler) Directory Traversal RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:p5-Template-Toolkit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"p5-Template-Toolkit<3.004\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-02T15:44:30", "description": "The remote Citrix ADC or Citrix NetScaler Gateway device is affected by an arbitrary code execution vulnerability.\nAn unauthenticated, remote attacker may be able to leverage this vulnerability to perform arbitrary code execution on an affected host.\n\nPlease refer to advisory CTX267027 for more information.", "cvss3": {}, "published": "2019-12-24T00:00:00", "type": "nessus", "title": "Citrix ADC and Citrix NetScaler Gateway Arbitrary Code Execution (CTX267027)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19781"], "modified": "2023-01-19T00:00:00", "cpe": ["cpe:/o:citrix:netscaler_access_gateway_firmware"], "id": "CITRIX_NETSCALER_CTX267027.NASL", "href": "https://www.tenable.com/plugins/nessus/132397", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132397);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/19\");\n\n script_cve_id(\"CVE-2019-19781\");\n script_xref(name:\"IAVA\", value:\"2020-A-0001-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CISA-NCAS\", value:\"AA22-011A\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0129\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0122\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0742\");\n\n script_name(english:\"Citrix ADC and Citrix NetScaler Gateway Arbitrary Code Execution (CTX267027)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is affected by an arbitrary code execution vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Citrix ADC or Citrix NetScaler Gateway device is affected by an arbitrary code execution vulnerability.\nAn unauthenticated, remote attacker may be able to leverage this vulnerability to perform arbitrary code execution on \nan affected host.\n\nPlease refer to advisory CTX267027 for more information.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.citrix.com/article/CTX267027\");\n script_set_attribute(attribute:\"solution\", value:\n\"For versions 10.5.x, 11.1.x, 12.0.x, 12.1.x and 13.0.x, upgrade to 10.5.70.12, 11.1.63.15, 12.0.63.13, 12.1.55.18 and \n13.0.47.24 respectively.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19781\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Citrix ADC (NetScaler) Directory Traversal RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:citrix:netscaler_access_gateway_firmware\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"citrix_netscaler_detect.nbin\");\n script_require_keys(\"Host/NetScaler/Detected\");\n\n exit(0);\n}\ninclude('vcf_extras_netscaler.inc');\n\nvar app_info = vcf::citrix_netscaler::get_app_info();\n\nvar constraints = [\n {'min_version': '10.5', 'fixed_version': '10.5.70.12', 'fixed_display': '10.5-70.12'},\n {'min_version': '11.1', 'fixed_version': '11.1.63.15', 'fixed_display': '11.1-63.15'},\n {'min_version': '12.0', 'fixed_version': '12.0.63.13', 'fixed_display': '12.0-63.13'},\n {'min_version': '12.1', 'fixed_version': '12.1.55.18', 'fixed_display': '12.1-55.18'},\n {'min_version': '13.0', 'fixed_version': '13.0.47.24', 'fixed_display': '13.0-47.24'}\n];\n\nvcf::citrix_netscaler::check_version_and_report(\n app_info: app_info,\n constraints: constraints,\n severity:SECURITY_HOLE\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "kaspersky": [{"lastseen": "2023-12-06T17:22:12", "description": "### *Detect date*:\n07/13/2021\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information.\n\n### *Exploitation*:\nPublic exploits exist for this vulnerability.\n\n### *Affected products*:\nMicrosoft Exchange Server 2019 Cumulative Update 10 \nMicrosoft Exchange Server 2019 Cumulative Update 9 \nMicrosoft Exchange Server 2013 Cumulative Update 23 \nMicrosoft Exchange Server 2016 Cumulative Update 20 \nMicrosoft Exchange Server 2019 Cumulative Update 8 \nMicrosoft Exchange Server 2016 Cumulative Update 19 \nMicrosoft Exchange Server 2016 Cumulative Update 21\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2021-31196](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-31196>) \n[CVE-2021-34470](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34470>) \n[CVE-2021-31206](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-31206>) \n[CVE-2021-34473](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34473>) \n[CVE-2021-34523](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34523>) \n[CVE-2021-33766](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-33766>) \n[CVE-2021-33768](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-33768>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Exchange Server](<https://threats.kaspersky.com/en/product/Microsoft-Exchange-Server/>)\n\n### *CVE-IDS*:\n[CVE-2021-31196](<https://vulners.com/cve/CVE-2021-31196>)6.5High \n[CVE-2021-34470](<https://vulners.com/cve/CVE-2021-34470>)5.2High \n[CVE-2021-31206](<https://vulners.com/cve/CVE-2021-31206>)7.9Critical \n[CVE-2021-34523](<https://vulners.com/cve/CVE-2021-34523>)7.5Critical \n[CVE-2021-33766](<https://vulners.com/cve/CVE-2021-33766>)5.0Warning \n[CVE-2021-33768](<https://vulners.com/cve/CVE-2021-33768>)5.2High\n\n### *KB list*:\n[5001779](<http://support.microsoft.com/kb/5001779>) \n[5004780](<http://support.microsoft.com/kb/5004780>) \n[5004778](<http://support.microsoft.com/kb/5004778>) \n[5004779](<http://support.microsoft.com/kb/5004779>) \n[5003611](<http://support.microsoft.com/kb/5003611>) \n[5003612](<http://support.microsoft.com/kb/5003612>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-13T00:00:00", "type": "kaspersky", "title": "KLA12224 Multiple vulnerabilities in Microsoft Exchange Server", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31196", "CVE-2021-31206", "CVE-2021-33766", "CVE-2021-33768", "CVE-2021-34470", "CVE-2021-34473", "CVE-2021-34523"], "modified": "2023-11-15T00:00:00", "id": "KLA12224", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12224/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "qualysblog": [{"lastseen": "2022-03-07T05:27:25", "description": "_AvosLocker is a ransomware group that was identified in 2021, specifically targeting Windows machines. Now a new variant of AvosLocker malware is also targeting Linux environments. In this blog, we examine the behavior of these two AvosLocker Ransomware in detail._\n\nAvosLocker is a relatively new ransomware-as-a-service that was first spotted in late June 2021. The attackers use spam email campaigns as initial infection vectors for the delivery of the ransomware payload. During the encryption, process files are appended with the ".avos" extension. An updated variant appends with the extension ".avos2". Similarly, the Linux version appends with the extension ".avoslinux".\n\nAfter every successful attack, the AvosLocker gang releases the names of their victims on the Dark Leak website hosted on the TOR network and provides exfiltrated data for sale. URL structure: `hxxp://avosxxx\u2026xxx[.]onion`\n\nThe AvosLocker gang also advertises their latest ransomware variants on the Dark Leak website. URL structure: `hxxp://avosjonxxx\u2026xxx[.]onion`\n\nThe gang has claimed, \u201cThe AvosLocker's latest Windows variant is one of the fastest in the market with highly scalable threading and selective ciphers.\u201d They offer an affiliate program that provides ransomware-as-a-service (RaaS) for potential partners in crime.\n\nRecently they have added support for encrypting Linux systems, specifically targeting VMware ESXi virtual machines. This allows the gang to target a wider range of organizations. It also possesses the ability to kill ESXi VMs, making it particularly nasty.\n\nAccording to [deepweb research](<https://blog.cyble.com/2022/01/17/avoslocker-ransomware-linux-version-targets-vmware-esxi-servers/>) by Cyble Research Labs, the Threats Actors of AvosLocker ransomware groups are exploiting Microsoft Exchange Server vulnerabilities using Proxyshell, compromising the victim\u2019s network.\n\nCVEs involved in these exploits are CVE-2021-34473, CVE-2021-31206, CVE-2021-34523, and CVE-2021-31207.\n\n### Technical Analysis of AvosLocker Windows Variant\n\n#### Command-Line Options\n\nThe following figure shows a sample of Command-Line Options.\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-1-Command-Line-Option.png)Fig. 1: Command Line Option\n\nThe available options allow for control over items like enabling/disabling SMB brute force, mutex creation, or control over the concurrent number of threads. \nIf no options are given, the malware runs with default options as shown in figure 2, where it ignores encryption of network drives and SMB share. It runs 200 threads concurrently of its file encryption routine.\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-2-Execution-with-Default-Parameter.png)Fig. 2: Execution with Default Parameter\n\nWhile execution, the malware console displays detailed information about its progress on the screen (fig. 3).\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-3-Progress-Details.png)Fig. 3: Progress Details\n\nMost of the strings in the malware are kept in the XOR encrypted format. The decryption routines are similar, only registers and keys are different (fig. 4). Strings are decrypted just before their use.\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-4-Commonly-Used-Decryption-Routine.png)Fig. 4: Commonly Used Decryption Routine\n\nInitially, the malware collects the command line options provided while launching the application (fig. 5).\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-5-Get-command-line-Options.png)Fig. 5: Get command-line Options\n\nThen it decrypts the mutex name \u201cCheic0WaZie6zeiy\u201d and checks whether it is already running or not to avoid multiple instances (fig. 6).\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-6-Mutex-Creation.png)Fig. 6: Mutex Creation\n\nAs shown in figure 7, AvosLocker uses multi-threaded tactics. It calls the below APIs to create multiple instances of worker threads into memory and share file paths among multiple threads. Smartly utilizing the computing power of multi-core CPUs.\n\nAPIs called:\n\n * CreateIoCompletionPort()\n * PostQueuedCompletionStatus()\n * GetQueuedCompletionPort()\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-7-Use-of-CreateIoCompletionPort.png)Fig. 7: Use of CreateIoCompletionPort\n\nThe code creates multiple threads in a loop (fig. 8). The threads are set to the highest priority for encrypting data quickly.\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-8-Create-Thread-In-Loop-and-Set-Priority.png)Fig. 8: Create Thread In-Loop and Set Priority\n\nAvosLocker ransomware performs a recursive sweep through the file system (fig. 9), searches for attached drives, and enumerates network resources using API WNetOpenEnum() and WnetEnumResource().\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-9-Search-Network-Share.png)Fig. 9: Search Network Share\n\nBefore selecting the file for encryption, it checks for file attributes and skips it if \u201c**FILE_ATTRIBUTE_HIDDEN**\u201d or \u201c**FILE_ATTRIBUTE_SYSTEM**\u201d as shown in figure 10.\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-10-Check-File-Attribute.png)Fig. 10: Check File Attribute\n\nOnce the file attribute check is passed, it performs the file extension check. It skips files from encryption if its extension gets matched with one of the extensions shown in figure 11.\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-11-Skip-Extension-List.png)Fig. 11: Skip Extension List\n\nIt also contains the list of files and folders that need to be skipped from the encryption (fig. 12).\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-12-Skip-File-Folder-List.png)Fig. 12: Skip File Folder List\n\nAvosLocker uses RSA encryption, and it comes with a fixed hardcoded ID and RSA Public Key of the attacker (fig. 13).\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-13-Hardcoded-Public-Key.png)Fig. 13: Hardcoded Public Key\n\nAfter file encryption using RSA, it uses the ChaCha20 algorithm to encrypt encryption-related information (fig. 14).\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-14-Use-of-ChaCha20.png)Fig. 14: Use of ChaCha20\n\nIt appends this encryption-related information (fig. 15) at the end of the file with Base64 encoded format.\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-15-Encryption-Related-Information.png)Fig.15: Encryption Related Information\n\nThen it appends the "avo2" extension to the file using MoveFileWithprogressW (fig. 16).\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-16-Add-Extension-Using-Movie-File.png)Fig. 16: Add Extension Using Move File\n\nAs seen in figure 17, it has appended "avos2" extensions.\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-17-File-with-Updated-Extension.png)Fig. 17: File with Updated Extension\n\nIt writes a ransom note (fig. 18) named \u201cGET_YOUR_FILES_BACK.txt\u201d to each encrypted directory before encryption of the file.\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-18-Ransom-Note.png)Fig. 18: Ransom Note\n\nThe ransom note instructs the user to not to shut down the system in case encryption is in progress to avoid file corruption. It asks the victim to visit the onion address with the TOR browser to pay the ransom and to obtain the decryption key to decrypt the application or files.\n\n#### AvosLocker Payment System\n\nAfter submitting the "ID" mentioned on the ransom note to AvosLocker's website (fig. 19), the victim will be redirected to the "payment" page.\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-19-AvosLockers-Website.png)Fig. 19: AvosLocker's Website\n\nIf the victim fails to pay the ransom, the attacker then puts the victim\u2019s data up for sale. Figure 20 shows the list of victims (redacted for obvious reasons) mentioned on the site.\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-20-List-of-Victims.png)Fig. 20: List of Victims\n\nAvosLocker also offers an affiliate program that provides ransomware-as-a-service (RaaS). They provide \u201chelpful\u201d services to clients such as:\n\n * Supports Windows, Linux & ESXi.\n * Affiliate panel\n * Negotiation panel with push & sound notifications\n * Assistance in negotiations\n * Consultations on operations\n * Automatic builds\n * Automatic decryption tests\n * Encryption of network resources\n * Killing of processes and services with open handles to files\n * Highly configurable builds\n * Removal of shadow copies\n * Data storage\n * DDoS attacks\n * Calling services\n * Diverse network of penetration testers, access brokers and other contacts\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-21-Partnership-Program.png)Fig. 21: Partnership Program\n\n### Technical Analysis of AvosLocker Linux Variant\n\nIn this case, the AvosLocker malware arrives as an elf file. As shown in figure 22, the analyzed file is x64 based Linux executable file.\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-22-FileDetails.png)Fig. 22: File Details\n\nIt\u2019s a command-line application having some command-line options (fig. 23).\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-23-Command-Line-Options.png)Fig. 23: Command-Line Options\n\nThe `<Thread count>` parameter as shown above represents the number of threads that can be created to encrypt files simultaneously. It possesses the capability to kill ESXi VMs based on the parameter provided while executing.\n\nUpon execution, the malware first collects information about the number of threads that need to be created. Then it checks for string \u201cvmfs\u201d in the file path provided as a command-line argument (fig. 24).\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-24-Checks-for-vmfs.png)Fig. 24: Checks for \u201cvmfs\u201d\n\nAfter that, it also checks for string \u201cESXi\u201d in the file path provided as a command-line argument (fig. 25).\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-25-Checks-for-ESXi.png)Fig. 25: Checks for \u201cESXi\u201d\n\nIf this parameter is found, then it calls a routine to kill the running ESXi virtual machine (fig. 26).\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-26-Code-to-Kill-ESXi-Virtual-Machine.png)Fig. 26: Code to Kill ESXi Virtual Machine\n\nThe command used for killing the ESXi virtual machine is as shown in figure 27.\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-27-CommandToKillRunning_ESXi_Virtual_Machines.png)Fig. 27: Command to Kill Running ESXi Virtual Machine\n\nFurther, AvosLocker drops a ransom note file (fig. 28) at the targeted directory.\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-28_Create_Ransom_Note.png)Fig. 28: Create ransom note\n\nAfter that, it starts creating a list of files that must be encrypted. Before adding a file path to the list, it checks whether it is a regular file or not (fig. 29). Only regular files are added to the encryption list.\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-29-Check-File-Info.png)Fig. 29: Checks File Info\n\nAvosLocker skips the ransom note file and any files with the extension \u201cavoslinux\u201d from adding into the encryption list (fig. 30).\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-30-Skip-avoslinux-extension-filet.png)Fig. 30: Skip \u201cavoslinux\u201d Extension File\n\nThen it calls the mutex lock/unlock API for thread synchronization as shown in figure 31.\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-31-Lock-Unlock-Mutex-For-Thread-Synchronization.png)Fig. 31: Lock-Unlock Mutex for Thread Synchronization\n\nBased on the number of threads specified, it creates concurrent CPU threads (fig. 32). This helps in encrypting different files simultaneously at a very fast speed.\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-32-Create-Threads-In-Loop.png)Fig. 32: Create Threads in Loop\n\nAvosLocker\u2019s Linux variant makes use of Advanced Encryption Standard (AES) and elliptic-curve cryptography (ECC) algorithms for data encryption.\n\nFile-related information along with the encryption key used might be encrypted and then encoded with base 64 formats. This encoded information is added at the end of each encrypted file (fig. 33).\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-33-File_Related_Info_Adde_At_End.png)Fig. 33: File-related Info added at the end\n\nFigure 34 shows the malware appending the extension \u201c.avoslinux\u201d to the encrypted file names.\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-34-Files_Encrypted.png)Fig. 34: Append file extension \u201c.avoslinux\u201d after encryption\n\nBefore starting file encryption, it creates a ransom note named \u201cREADME_FOR_RESTORE \u201c. The content of this ransom note is shown in figure 35.\n\n![](https://blog.qualys.com/wp-content/uploads/2022/03/Fig-35-RansomNote.png)Fig. 35: Ransom Note\n\nThe ransom note instructs the victim not to shut down the system in case encryption is in progress to avoid file corruption. It asks the victim to visit the onion address with a TOR browser to pay the ransom and to obtain the decryption key and decryption application.\n\n### Indicators of Compromise (IOCs):\n \n \n Windows: C0A42741EEF72991D9D0EE8B6C0531FC19151457A8B59BDCF7B6373D1FE56E02\n \n \n Linux: 7C935DCD672C4854495F41008120288E8E1C144089F1F06A23BD0A0F52A544B1\n \n \n URL:\n hxxp://avosjon4pfh3y7ew3jdwz6ofw7lljcxlbk7hcxxmnxlh5kvf2akcqjad[.]onion.\n hxxp://avosqxh72b5ia23dl5fgwcpndkctuzqvh2iefk5imp3pi5gfhel5klad[.]onion\n\n### TTP Map:\n\nInitial Access| Execution| Defense Evasion| Discovery| Impact \n---|---|---|---|--- \nPhishing (T1566)| User Execution \n(T1204)| Obfuscated Files or Information (T1027)| System Information Discovery (T1082)| Data Encrypted for Impact \n(T1486) \n| | | File and Directory Discovery (T1083)| Inhibit System Recovery \n(T1490)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2022-03-07T05:18:46", "type": "qualysblog", "title": "AvosLocker Ransomware Behavior Examined on Windows & Linux", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31206", "CVE-2021-31207", "CVE-2021-34473", "CVE-2021-34523"], "modified": "2022-03-07T05:18:46", "id": "QUALYSBLOG:DC0F3E59C4DA6EB885E6BCAB292BCA7D", "href": "https://blog.qualys.com/category/vulnerabilities-threat-research", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-10-11T22:50:52", "description": "Vulnerability Management is a foundational component of any cybersecurity program for the implementation of appropriate security controls and the management of cyber risk. Earlier this year Qualys introduced the latest iteration of its vulnerability management product [VMDR 2.0 with TruRisk](<https://blog.qualys.com/product-tech/2022/06/06/introducing-qualys-vmdr-2-0>) which focusses on helping organizations understand and manage cyber risk. Qualys TruRisk assesses risk by taking into account multiple factors such as evidence of vulnerability exploitation, asset criticality, its location, and evidence of compensating controls on the asset among many other factors to assess the accurate risk posture for an organization.\n\nIn this blog we do a deep-dive into the vulnerability prioritization algorithm for TruRisk, compare it to existing vulnerability scoring systems, such as Common Vulnerability Scoring System (CVSS) and Exploit Prediction Scoring System (EPSS), to demonstrate why TruRisk is a better method for prioritizing risk than existing methods. This blog is the first of many blogs focused on different aspects of TruRisk, with other aspects covered in later blogs.\n\n### **Key Takeaways**\n\n * Since 2016, every subsequent year has reported more vulnerabilities than the year before (on average 8%-10% more)\n * CVSS based prioritization results in 51% of vulnerabilities marked as high or critical which leads to ineffective, low-value prioritization\n * Less than 3% of vulnerabilities have weaponized exploits or evidence of exploitation in the wild, two attributes posing the highest risk.\n * Exploit Prediction Scoring System (EPSS) is a step in the right direction to predict vulnerability exploitation. However, it still ranks some vulnerabilities that are actively exploited with a lower probability of exploitation\n * Qualys TruRisk helps organizations prioritize risk by focusing on exploitability, evidence of exploitability, and likelihood of exploitability resulting in up to 85% fewer vulnerabilities to prioritize compared to CVSS.\n\nQualys TruRisk brings asset context, threat context and vulnerability intelligence data under one platform empowering IT and security teams to make better, informed prioritization decisions.\n\nBut first let\u2019s talk about few key challenges.\n\n### Vulnerabilities Are on the Rise\n\nEvery year since 2016, (see Fig. 1) the number of the vulnerabilities reported by NIST has been greater than the year before. According to the [National Vulnerability Database](<https://nvd.nist.gov/vuln/search/statistics?form_type=Basic&results_type=statistics&search_type=all&isCpeNameSearch=false>) (NVD) the number of vulnerabilities reported in 2022 (18,841) has already surpassed the vulnerabilities reported in 2020. And we still have three months to go.\n\n![](https://ik.imagekit.io/qualys/wp-content/uploads/2022/10/Fig1.jpeg)Figure 1: Number of Vulnerabilities by Year (Source: NVD)\n\n### **Vulnerability Threat Landscape**\n\nAs the number of vulnerabilities increase, so does the risk to enterprises. But not all vulnerabilities are created equally. Some vulnerabilities pose greater risk to organizations than others. For example, less than 3% of the vulnerabilities have exploit code weaponized. It is crucial to prioritize vulns like these, that are some of the most critical vulnerabilities first. \n\n![](https://ik.imagekit.io/qualys/wp-content/uploads/2022/10/Fig_2_Vulnerability_Landscape.png)Figure 2: Vulnerability Threat Landscape\n\nTraditionally, organizations have relied on CVSS scores for prioritization. However, as we will see in the next section, there are limitations in using CVSS as the only vulnerability prioritization method.\n\n### Challenges With CVSS Based Prioritization \n\nThe **Common Vulnerability Scoring System (CVSS) was introduced in the early 2000s to address the need for **a common method to rate the severity of vulnerabilities. Previously, two researchers could rate the same exact vulnerability in different ways based on their subjective understanding of the vulnerability. This created confusion for security practitioners because they could not accurately determine the actual severity of vulnerabilities. The CVSS system was developed to address this issue by enabling the uniform _technical_ severity assessment of vulnerabilities.\n\nA key factor to keep in mind is CVSS only calculates the technical severity of the vulnerability, not the risk it poses to an organization. Over time, CVSS has been used as a proxy for determining the risk a vulnerability posed to the organization, leading to unintended consequences. This includes patching cycles spent fixing countless vulnerabilities with a CVSS score of 7.5 or higher, while some medium severity vulnerabilities were deprioritized even if they posed a greater risk.\n\nCVSS scores are categorized into four categories low, medium, high, critical. \n\nCVSS Score| CVSS Severity \n---|--- \n0.1 \u2013 3.9| Low \n4.0 \u2013 6.9| Medium \n7.0 \u2013 8.9| High \n9.0 \u2013 10.0| Critical \n \n![](https://ik.imagekit.io/qualys/wp-content/uploads/2022/10/Fig3.jpeg)Figure 3: CVSS Score distribution grouped by CVSS severity\n\nAs shown in Fig.3, **51% (96,340) of the total vulnerabilities are categorized as Critical or High according to CVSS scores**. However, empirical research shows that not all the vulnerabilities in these CVSS score buckets need equal/high attention. The main issue is that CVSS base scores don\u2019t consider threat information like active exploitation in the wild, likelihood of the exploitation in the wild, activity associated with it in dark web or social media, known exploit categorized by CISA, threat actors associated, etc.\n\nAs shown in Fig. 4, as expected known exploited vulnerabilities (as categorized by [CISA Known Exploited Vulnerabilities (KEV) Catalog](<https://www.cisa.gov/known-exploited-vulnerabilities-catalog>)) are concentrated at higher CVSS scores (the red dots indicate CISA KEV vulnerabilities).\n\nHowever, there are a significant number of exploits discovered even for lower CVSS scores. For example, **there are 92 out of 832 (11%) CISA_KEV vulnerabilities that have a CVSS score of less than 7.** This could be an issue when relying only on CVSS scores.\n\n![](https://ik.imagekit.io/qualys/wp-content/uploads/2022/10/Fig4.png)Figure 4: CISA known vulnerabilities distributed across CVSS score.\n\n### **Exploit Prediction Scoring System**\n\nTo address challenges related to lack of threat context in the CVSS scoring system, first.org in recent years introduced [Exploit Prediction Scoring System (EPSS)](<https://www.first.org/epss/>), an open, data-driven effort for estimating the likelihood (probability) that a software vulnerability will be exploited in the wild. This is a step in the right direction. EPSS\u2019s goal is to help network defenders better prioritize vulnerability remediation efforts. The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.\n\nAs evidenced by Figure 5. EPSS helps highlight vulnerabilities with high likelihood of exploitation and correlates well with CISA KEV vulnerabilities.\n\n![](https://ik.imagekit.io/qualys/wp-content/uploads/2022/10/Fig5.png)Figure 5: EPSS Score and CISA Known Vulnerabilities distribution across CVSS score\n\n![](https://ik.imagekit.io/qualys/wp-content/uploads/2022/10/Fig6.jpeg)Figure 6: EPSS Score distribution\n\nThe availability of patches also plays a key role in EPSS scores. If patches are available, the probability of exploitation is ranked lower. Many of the CISA Known Vulnerabilities are scored lower in EPSS if they have patches/fixes available. However when prioritizing what to patch first, we need to consider the whole set, not just the ones with patches. For example, consider the following recent vulnerabilities which have low EPSS scores. If we rely only on EPSS to prioritize them, they will not show up in a priority list of vulnerabilities to be remediated. Several examples of vulnerabilities with low EPSS scores and high TruRisk scores are shown in Figure 5.\n\nCVE| Title| EPSS| TruRisk (QVS) \n---|---|---|--- \nCVE-2021-36942| PetitPotam| 0.26| 95 \nCVE-2021-31207| Proxyshell| 0.02| 95 \nCVE-2021-34523| Proxyshell| 0.16| 100 \nCVE-2022-30190| Follina| 0.69| 100 \nCVE-2016-3351| Microsoft Edge Cumulative Security Update (MS16-105)| 0.24| 95 \n**Critical CVEs with patches available scoring low on EPSS**\n\n### **Qualys Severity Levels**\n\nGiven the challenges with CVSS scores, the Qualys research team introduced [Qualys severity levels](<https://qualysguard.qg2.apps.qualys.com/qwebhelp/fo_portal/knowledgebase/severity_levels.htm>) to assess the severity of Qualys IDs (QIDs). In addition to determining the risk associated with exploitation, Qualys severity levels also focus on potential consequences of vulnerability exploitation from an attacker\u2019s point of view. Each QID severity level is reviewed by the Qualys Research Team, including taking vulnerability chaining, server-side vs client-side vulnerabilities, and information from various threat-intel sources to accurately assess them into consideration.\n\nQualys severity levels are an improvement over CVSS as they helped customers quickly prioritize critical vulnerabilities as can be seen in Fig. 7. \n\n![](https://ik.imagekit.io/qualys/wp-content/uploads/2022/10/Fig7.jpeg)Figure 7: Qualys Severity Level Distribution (Source: Qualys)\n\n### Qualys TruRisk, a Data-Driven Way To Prioritize Risks\n\nAll of the scoring mechanisms presented so far are attempting to answer one key question\n\n_What should defenders focus on first?_\n\nEach model attempts to answer the question in its own way but falls short of its goal. Organizations need a better way to respond quickly and prioritize vulnerabilities based on risk.\n\nTo address these challenges Qualys introduced [Qualys VMDR 2.0 with TruRisk](<https://blog.qualys.com/product-tech/2022/06/06/introducing-qualys-vmdr-2-0>) earlier this year to help organizations prioritize vulnerabilities, assets, and groups of assets based on risk. \n\nQualys VMDR with TruRisk is powered by one of the most comprehensive exploit and threat intelligence databases. It spans over 185k CVEs, and 25+ unique threat and exploit intelligence sources such as Metasploit, Canvas, CISA KEV, and even Github, which is increasingly becoming the go-to place to publish exploits.\n\nWith TruRisk, organizations can pinpoint which CVEs are exploited in the wild (even those that don't have a QID) and which malware, ransomware, or threat actor groups are exploiting them. These insights can then be used to prioritize vulnerabilities based on risk.\n\nLet\u2019s take a closer look into how the TruRisk algorithm works, and how it compares to CVSS and EPSS.\n\nTo determine risk, Qualys TruRisk vulnerability scores rely on multiple factors to build the most accurate risk profile for a vulnerability.\n\n**Qualys Vulnerability Score (QVS)** is a Qualys-assigned score for a vulnerability based on multiple factors associated with the CVE such as CVSS and external threat indicators like active exploitation, likelihood of vulnerability being exploited in wild, sighting in the darkweb and social web, exploit code maturity, CISA known exploitable and many more. \n \n**Qualys Detection Score (QDS)** is assigned to QIDs by Qualys. QDS has a range from 1 to 100. If multiple CVEs contribute to a QID, the CVE with the highest score is considered for the QDS calculation. \n \n**Asset Risk Score (ARS)** is the overall risk score assigned to the asset based on the following contributing factors such as Asset Criticality Score (ACS), QDS scores for each QID level, Auto-assigned weighting factor (w) for each criticality level of QIDs, number of vulnerabilities on an asset.\n\nHere is the list of inputs that go into the algorithm.\n\n### **CVSS Base Score**\n\nThe CVSS base score serves as one of the key inputs to assess the risk of the vulnerability. CVEs with higher CVSS base scores are rated higher than those with lower scores. But a high CVSS score alone doesn\u2019t result in a high TruRisk risk score. Evidence of exploitation or weaponized exploit code maturity is required for the CVE to fall in the critical range.\n\n### **CISA Known Exploited Vulnerability (KEV)**\n\nVulnerabilities that are catalogued by CISA as known exploited vulnerabilities that are actively being exploited in the wild are included in the algorithm\n\n### **Real-Time Threat Indicators (RTIs)**\n\nThe TruRisk algorithm considers the type of vulnerability. For example, is it a Denial-of-Service (DoS) vulnerability or a remotely exploitable vulnerability? In the case of remote vulnerability or a web application vulnerability, the risk is rated higher. Other RTI\u2019s such as zero-day, active attacks, high data loss, high lateral movement, etc. that are collected from various threat feeds are also considered by the algorithm.\n\n### **Exploit Code Maturity **\n\nThe TruRisk algorithm analyzes the exploit code maturity for the given vulnerability. The exploit code maturity could be a Proof-of-Concept (PoC) which suggests a theoretical exploit exists. The exploit may already work against systems, or it could be weaponized, in which case the exploit code is considered very mature and can be easily used to compromise a system. The QDS algorithm rates weaponized exploits higher than PoC exploits. \n\n### **Malware **\n\nThe TruRisk algorithm checks to see if the vulnerability is being actively exploited by malware. If it is, then the risk is rated higher.\n\n### **Threat Actors / Ransomware Groups**\n\nThe TruRisk algorithm validates if any threat actors or ransomware groups are actively exploiting the vulnerability. If that is the case, the risk is rated even higher than if it only being exploited by malware. \n\n### **Trending Risk**\n\nThe TruRisk algorithm checks if the vulnerability has been actively exploited in the last 14 days by monitoring the Dark Web, social media, GitHub accounts, and many other similar sources. The risk is further increased if the vulnerability is determined to be trending and exploited in the wild. \n\n### **Applied Mitigation Controls**\n\nThe algorithm correlates the risk from the vulnerability with intelligence related to the asset to assess whether the vulnerability represents a threat to it. For example, the vulnerability may exist on the asset, but the system may have mitigation controls already applied which greatly reduce the risk of exploitation of the vulnerability in the customer\u2019s specific environment. \n\n### **EPSS Score (from First.org)**\n\nQualys TruRisk also leverages [EPSS](<https://www.first.org/epss/model>) scores which predict the probability of a vulnerability being exploited in the next 30 days. Vulnerabilities with a higher EPSS score are ranked higher.\n\n![](https://ik.imagekit.io/qualys/wp-content/uploads/2022/10/TruRisk-1-1070x691.png)Figure 8: Contributing factors to Qualys TruRisk Scores\n\n### How Does Qualys TruRisk Compare Against CVSS and EPSS?\n\nAs customers adopt Qualys TruRisk to address their prioritization needs they want to know how CVSS and EPSS and TruRisk compare.\n\nQualys TruRisk is hyper focused on three attributes: exploit availability, evidence of exploitation in the wild, and likelihood of exploitation. This helps organizations focus on the highest risk vulnerabilities.\n\nQualys TruRisk rates less than 1% of vulnerabilities as critical, and less than 7% of vulnerabilities as high. This drastically reduces the number of vulnerabilities (up to 85% fewer compared to CVSS which ranks 51% of vulnerabilities high or critical) that organizations need to focus on to reduce risk. See Fig. 9.\n\nClearly organizations need to remediate other vulnerabilities as well. However, when deciding where to begin, we recommend starting with vulnerabilities that have a TruRisk-QDS risk score of 70 or higher. \n\n### **Qualys Vulnerability Score (QVS) vs CVSS**\n\n![](https://ik.imagekit.io/qualys/wp-content/uploads/2022/10/Fig9.jpeg)Figure 9: Distribution of TruRisk (QVS) Scores vs CVSS\n\n### **Qualys TruRisk vs EPSS**\n\nThe following figure (Fig. 10) shows the distribution of EPSS scores with Qualys Vulnerability Scores (QVS) and CISA known vulnerabilities. QVS scores consistently place vulnerabilities with evidence of exploitation, such as CISA known vulnerabilities, in a higher score range even if the EPSS score is low as annotated in the figure below.\n\n![](https://ik.imagekit.io/qualys/wp-content/uploads/2022/10/trurisk-qvs-fig-10.png)Figure 10: EPSS Score vs TruRisk (QVS) Score\n\n### **Qualys TruRisk (QVS) vs CISA KEV**\n\nEvidence of vulnerability exploitation from sources such as a CISA KEV and other threat intelligence sources tracked by the Qualys research team play a key role in determining the risk of a vulnerability.\n\nAs seen below, vulnerabilities that appear in CISA Known Exploited Vulnerabilities are consistently scored higher (QVS scores of 90 or higher) by the Qualys TruRisk algorithm. (fig. 11).\n\n![](https://ik.imagekit.io/qualys/wp-content/uploads/2022/10/trurisk-qvs-fig-11.png)Figure 11: CISA Known Vulnerabilities distributed across QVS score.\n\nLet's take the example of CVE-2021-36942 (the Windows LSA Spoofing Vulnerability). It is rated at 5.3 by the National Vulnerability Database (NVD), but it\u2019s actively exploited today by malware groups and threat actors. The exploit code maturity is weaponized, making it easy for attackers to exploit the vulnerability to compromise and infect systems). Qualys TruRisk ranks CVE-2021-36942 vulnerability as critical given its exploit availability and evidence of exploitation in the wild.\n\n![](https://ik.imagekit.io/qualys/wp-content/uploads/2022/08/CVE_Details.jpg)\n\n### **How to Interpret Qualys TruRisk Scores**\n\nQualys TruRisk builds the vulnerability risk profile of vulnerabilities, assets, and asset groups by using the following three risk scores:\n\n**Qualys Vulnerability Score (QVS)** \u2013 QVS is assessed at each CVE level based on the external threat and exploit intelligence factors listed above. It is also computed for vulnerabilities that don\u2019t have Qualys vulnerability detection signatures (QIDs). These QVS scores can be individually queried for insights from our [dedicated API endpoint](<https://blog.qualys.com/product-tech/2022/08/08/a-deep-dive-into-vmdr-2-0-with-qualys-trurisk>).\n\n**Qualys Detection Score (QDS)** \u2013 QDS is assessed at each QID level. This is the score customers need to focus on for their vulnerability prioritization needs. **QDS builds on the QVS score by adding two key aspects**. Some QIDs can be mapped to multiple CVEs. QDS selects the highest QVS of all associated CVEs to that QID. Next, QDS accounts for any compensating/mitigation controls that are applied to an asset to reduce the risk score for a given vulnerability. For example, QDS will reduce the risk of a Remote Desktop Protocol (RDP) vulnerability if RDP is disabled.\n\nQDS/QVS Range| Description \n---|--- \n>=95| CVSS critical, exploited in the wild, has weaponized exploit available, trending risk on social media, dark web. \n90-95| CVSS critical, weaponized exploit available, and evidence of exploitation by malware, threat actors/ransomware groups \n80-89| CVSS Critical, weaponized exploit available, but no evidence of exploitation. \nCVSS Critical with evidence of exploitation, but mitigation in place. \n70-79| CVSS High, weaponized exploit available, but no evidence of exploitation \n60-69| CVSS critical, no exploits available \n50-60| CVSS High, a Proof of Concept (PoC) exploit is available \n40-50| CVSS High, no exploit available \n30-39| CVSS Medium, a PoC exploit is available \n1-30| CVSS Low vulnerabilities, low risk of exploitation \n \n### **Asset Risk Score (ARS) **\n\nQualys TruRisk\u2019s next type of risk score allows organizations to identify the riskiest assets in their organization. To assess the risk an asset poses to an organization, the** Asset Risk Score** considers multiple factors.\n\nThe primary factor considered by ARS is Asset Criticality, ie, what risk the asset poses based on its business value. For example: Is the asset part of a production system, a system hosting a production database, or is it purely an internal system used for development and test purposes. Production assets should be rated higher than test systems.\n\nQualys TruRisk determines the business criticality of the asset using multiple approaches, including: \n\n * **Manual** **Ratings **\u2013 TruRisk allows users to set the criticality of the system by using asset tags \n * **Synchronization with CMDB** \u2013 Most enterprises store business criticality information for assets in a configuration management database. Qualys automatically maps to CMDB data to determine the criticality of the system \n * **API\u2019s \u2013 **Using [Qualys APIs for Asset Management and Tagging](<https://www.qualys.com/docs/qualys-asset-management-tagging-api-v2-user-guide.pdf>), users can assign business criticality to an asset \n\nFinally, TruRisk analyzes the vulnerabilities found on the system and determines the asset\u2019s risk based on the QDS scores of the vulnerabilities on an asset by a clearly defined formula called the Asset Risk Score formula.\n\n### **Asset Risk Score Formula**\n\nThe Asset Risk Score (ARS) is calculated using the following formula: \n \n \n ARS Score = ACS Score * [wc * Avg (QDS for Critical Vuln) * f (Critical vuln count) + \n \n wh * Avg (QDS for High Vuln) * f (High vuln count) + \n \n wh * Avg (QDS for Medium Vuln) * f (Medium vuln count) + \n \n wh * Avg (QDS for Low Vuln) * f (Low vuln count)] * I(External) \n\nIn the above formula, **_ACS _**is Asset Criticality Score, **_w__**are the weights fine-tuned by TruRisk algorithm to multiply each of the severity, function **_f_**_ ()_, is a non-linear function that increases exponentially as number of vulnerabilities increases. Also, the factor **_I(External)_** is for the case where an asset is external facing or discoverable by Shodan. This factor increases the score appropriately for external facing assets.\n\nARS Range| Severity| Description \n---|---|--- \n850-1000| Critical| Critical asset with multiple critical or high vulnerabilities \n700-849| High| High value asset with multiple number of critical or high vulnerabilities or is exposed to the internet \n500-699| Medium| Moderate value asset with critical or high vulnerabilities \n0-499| Low| Low value asset with multiple vulnerabilities \n \n### Conclusion\n\nQualys TruRisk offers organizations a comprehensive approach to risk prioritization by considering multiple factors such as vulnerability exploitation, presence of compensating controls, asset criticality, its location (internal or external) to name a few to paint an accurate picture of organization\u2019s TruRisk (pun intended). In this blog we did a deep-dive into one aspect of TruRisk (vulnerability prioritization) and showcased how it\u2019s better than existing models. This blog is the first of series of blogs around TruRisk, and in subsequent blogs we will do a similar deep-dives into other aspects of TruRisk for e.g. asset risk, asset group risk, misconfigurations and many more to help organizations prioritize better based on risk.\n\nWith Qualys TruRisk we have introduced foundational building blocks for major cyber risk initiatives like peer benchmarking, risk score customization, third-party risk assessment, and many more. We are very excited about TruRisk and the benefits it provides to our customers. Stay tuned for more updates.\n\n### Additional Contributors\n\n 1. Shreya Salvi, Data Scientist, Qualys\n 2. Mehul Revankar, VP, Product Management & Engineering for VMDR, Qualys\n 3. Payal Mehrotra, Senior Director, Product Management for CyberRisk, Qualys", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-10T14:32:29", "type": "qualysblog", "title": "In-Depth Look Into Data-Driven Science Behind Qualys TruRisk", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3351", "CVE-2021-31207", "CVE-2021-34523", "CVE-2021-36942", "CVE-2022-30190"], "modified": "2022-10-10T14:32:29", "id": "QUALYSBLOG:9E3CACCA2916D132C2D630A8C15119F3", "href": "https://blog.qualys.com/category/vulnerabilities-threat-research", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-20T12:15:15", "description": "**Update January 17, 2020**: A new detection in Qualys Web Application Scanning was added. See \"Detecting with Qualys WAS\" below.\n\nCitrix released a [security advisory](<https://support.citrix.com/article/CTX267027>) ([CVE-2019-19781](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19781>)) for a remote code execution vulnerability in Citrix Application Delivery Controller (ADC) and Citrix Gateway products. The vulnerability allows an unauthenticated remote attacker to execute arbitrary code on the system. Once exploited, remote attackers could obtain access to private network resources without requiring authentication.\n\nDuring the week of January 13, [attacks on Citrix appliances](<https://threatpost.com/unpatched-citrix-flaw-exploits/151748/>) have [intensified](<https://www.zdnet.com/article/a-hacker-is-patching-citrix-servers-to-maintain-exclusive-access/>). Because of the active attacks and the ease of exploitation, organizations are advised to pay close attention.\n\n### About CVE-2019-19781\n\nThe vulnerability affects all supported versions of Citrix ADC and Citrix Gateway products. As Citrix did not disclose many details about the vulnerability, the [mitigation steps](<https://support.citrix.com/article/CTX267679>) suggest the VPN handler fails to sufficiently sanitize user-supplied inputs. The exploit attempt would include HTTP requests with \u2018/../\u2019 and \u2018/vpns/\u2019 in the URL. The responder policy rule checks for string \u201c/vpns/\" and if user is connected to the SSLVPN, and sends a 403 response as seen below.\n\n_add responder policy ctx267027 \"HTTP.REQ.URL.DECODE_USING_TEXT_MODE.CONTAINS(\\\"/vpns/\\\") && (!CLIENT.SSLVPN.IS_SSLVPN || HTTP.REQ.URL.DECODE_USING_TEXT_MODE.CONTAINS(\\\"/../\\\"))\" respondwith403 _\n\n### Detecting with Qualys VM\n\nQualys has issued QID 372305 for [Qualys Vulnerability Management](<https://www.qualys.com/apps/vulnerability-management/>) that includes authenticated and remote detections of vulnerabilities present in affected Citrix products. This QID is included in signature version VULNSIGS-2.4.788-2.\n\n_QID 372305 : Citrix ADC And Citrix Gateway Arbitrary Code Execution Vulnerability (CTX267027)_\n\nThe QID contains a remote and an authenticated signature to check the presence of vulnerability in Citrix Products. \nYou can search for this new QID in AssetView or within the VM Dashboard by using the following QQL query:\n\n_vulnerabilities.vulnerability.qid:372305_ \n_vulnerabilities.vulnerability.cveId:`CVE-2019-19781`_\n\nThis will return a list of all impacted hosts.\n\nYou can also create a Dashboard to track all Citrix vulnerabilities as shown in the template below:\n\n![](https://blog.qualys.com/wp-content/uploads/2020/01/Screen-Shot-2020-01-08-at-3.31.05-PM-600x538.png)\n\n \n\n### Detecting with Qualys Threat Protection\n\nThe fastest way to locate vulnerable hosts is though the [Qualys Threat Protection](<https://www.qualys.com/apps/threat-protection/>) Live Feed as seen here:\n\n![](https://blog.qualys.com/wp-content/uploads/2020/01/Screen-Shot-2020-01-08-at-2.51.49-PM-600x360.png)\n\nSimply click on the Impacted Assets number to see a list of hosts with this vulnerability.\n\n### Detecting with Qualys WAS\n\nQualys has released QID 150273 in [Qualys Web Application Scanning](<https://www.qualys.com/apps/web-app-scanning/>) (WAS) that includes a passive detection of vulnerabilities present in the affected Citrix products.\n\n_QID 150273 : Citrix ADC And Citrix Gateway Arbitrary Code Execution Vulnerability (CTX267027)_\n\nThis detection is useful for customers using Qualys WAS in their environments, and it has the advantage of detecting both at the root level of the target being scanned **and** at the starting URL of the web application as specified in the WAS configuration.\n\nThe passive detection works by sending an HTTPS request and looking for evidence of the vulnerability in the response. If the scanned application is vulnerable, the QID will be reported in your Qualys WAS scan report.\n\n### Mitigation\n\nCustomers are recommended to apply Citrix\u2019s [Mitigation Steps for CVE-2019-19781](<https://support.citrix.com/article/CTX267679>) as soon as possible.\n\nCustomers can check their systems for exploit attempts using \u201cgrep\u201d for requests that contain \u201cvpns\u201d and \u201c..\u201d.\n\nA patch is expected from Citrix by the end of January 2020, and organizations are advised to install that patch as soon as it is available.", "cvss3": {}, "published": "2020-01-09T00:12:26", "type": "qualysblog", "title": "Citrix ADC and Gateway Remote Code Execution Vulnerability (CVE-2019-19781)", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2019-19781"], "modified": "2020-01-09T00:12:26", "id": "QUALYSBLOG:82E24C28622F0C96140EDD88C6BD8F54", "href": "https://blog.qualys.com/laws-of-vulnerabilities/2020/01/08/citrix-adc-and-gateway-remote-code-execution-vulnerability-cve-2019-19781", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "mskb": [{"lastseen": "2023-11-28T09:54:39", "description": "None\nSecurity Update 1 for Exchange Server 2019 Cumulative Update 10 resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures (CVE):\n\n * [CVE-2021-31196 | Microsoft Exchange Server Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-31196>)\n * [CVE-2021-31206 | Microsoft Exchange Server Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-31206>)\n * [CVE-2021-33768 | Microsoft Exchange Server Elevation of Privilege Vulnerability](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-33768>)\nSecurity Update 3 for Exchange Server 2019 Cumulative Update 9 resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures (CVE):\n * [CVE-2021-31196 | Microsoft Exchange Server Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-31196>)\n * [CVE-2021-31206 | Microsoft Exchange Server Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-31206>)\n\n## Improvements in this update\n\n * The Exchange Server version number is now added to the HTTP response reply header. You can use this information to validate the security update status of Exchange-based servers in your network.\n\n**Important: **To be able to successfully install this security update, you must first follow the steps [in this article](<https://docs.microsoft.com/en-us/exchange/troubleshoot/administration/cannot-access-owa-or-ecp-if-oauth-expired>) to make sure that the server authentication certificate is present and is not expired. If the OAuth certificate is not present or is expired, republish the certificate before you install this update.\n\n## Known issues in this update\n\n * **Issue 1** \n \nWhen you try to manually install this security update by double-clicking the update file (.msp) to run it in Normal mode (that is, not as an administrator), some files are not correctly updated.When this issue occurs, you don\u2019t receive an error message or any indication that the security update was not correctly installed. However, Outlook Web Access (OWA) and the Exchange Control Panel (ECP) might stop working. \n \nThis issue occurs on servers that are using User Account Control (UAC). The issue occurs because the security update doesn\u2019t correctly stop certain Exchange-related services.\n\n**Note: **This issue does not occur if you install the update through Microsoft Update.\n\nTo avoid this issue, follow these steps to manually install this security update:\n 1. Select **Start**, and type **cmd**.\n 2. In the results, right-click **Command Prompt**, and then select **Run as administrator**.\n 3. If the **User Account Control** dialog box appears, verify that the default action is the action that you want, and then select **Continue**.\n 4. Type the full path of the .msp file, and then press Enter.\n * **Issue 2** \n \nExchange services might remain in a disabled state after you install this security update. This condition does not indicate that the update is not installed correctly. This condition might occur if the service control scripts experience a problem when they try to return Exchange services to their usual state. \n \nTo fix this issue, use Services Manager to restore the startup type to **Automatic**, and then start the affected Exchange services manually. To avoid this issue, run the security update at an elevated command prompt. For more information about how to open an elevated Command Prompt window, see [Start a Command Prompt as an Administrator](<https://technet.microsoft.com/en-us/library/cc947813\$v=ws.10\$.aspx>).\n * **Issue 3** \n \nWhen you block third-party cookies in a web browser, you might be continually prompted to trust a particular add-in even though you keep selecting the option to trust it. This issue occurs also in privacy window modes (such as InPrivate mode in Microsoft Edge). This issue occurs because browser restrictions prevent the response from being recorded. To record the response and enable the add-in, you must enable third-party cookies for the domain that's hosting OWA or Office Online Server in the browser settings. To enable this setting, refer to the specific support documentation for the browser.\n * **Issue 4** \n \nWhen you try to request free/busy information for a user in a different forest in a trusted cross-forest topology, the request fails and generates a \"(400) Bad Request\" error message. For more information and workarounds to this issue, see [\"(400) Bad Request\" error during Autodiscover for per-user free/busy in a trusted cross-forest topology](<https://support.microsoft.com/help/5003623>).\n * **Issue 5** \n \nAfter you install Microsoft Exchange Server 2019, 2016, or 2013, you can't access Outlook Web App (OWA) or Exchange Control Panel (ECP). For more information, see [Can't sign in to Outlook on the web or EAC if Exchange Server OAuth certificate is expired](<https://docs.microsoft.com/en-us/exchange/troubleshoot/administration/cannot-access-owa-or-ecp-if-oauth-expired>).\n\n## How to get and install the update\n\n### Method 1: Microsoft Update\n\nThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>).\n\n### Method 2: Microsoft Update Catalog\n\nTo get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5004780>) website.\n\n### Method 3: Microsoft Download Center\n\nYou can get the standalone update package through the Microsoft Download Center.\n\n * ![Download icon](https://support.content.office.net/en-us/media/2ae362dc-2179-d733-e930-e231c68a2c4a.png)[Download Security Update 1 for Exchange Server 2019 Cumulative Update 10 (KB5004780)](<https://www.microsoft.com/download/details.aspx?familyid=07683b40-1608-437d-a90a-eb2683cb3092>)\n * ![Download icon](https://support.content.office.net/en-us/media/2ae362dc-2179-d733-e930-e231c68a2c4a.png)[Download Security Update 3 For Exchange Server 2019 Cumulative Update 9 (KB5004780)](<https://www.microsoft.com/download/details.aspx?familyid=a78de9ec-af4e-4e31-be7d-17db9fc335db>)\n\n## More information\n\n### Security update deployment information\n\nFor deployment information about this update, see [security update deployment information: June 13, 2021](<https://support.microsoft.com/topic/24aa34b8-b210-41cf-adbb-44b8a9ae84dc>).\n\n### Security update replacement information\n\nThis security update replaces the following previously released updates:\n\n * [Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: May 11, 2021 (KB5003435)](<https://support.microsoft.com/help/5003435>)\n\n## File information\n\n### File hash information\n\nUpdate name| File name| | SHA256 hash \n---|---|---|--- \nExchange Server 2019 Cumulative Update 10| Exchange2019-KB5004779-x64-en.msp| | 89965AB451800DFE132D3DF083058C3934E935CDDC86C2805AADD0411DD03F28 \nExchange Server 2019 Cumulative Update 9| Exchange2019-KB5004779-x64-en.msp| | 00E9B203032EBF34BED3B51C1AF401FB8869BE57123636068B567705F29755DD \n \n## Exchange Server file information\n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.\n\n### \n\n__\n\nMicrosoft Exchange Server 2019 Cumulative Update 10\n\nFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nActivemonitoringeventmsg.dll| 15.2.922.13| 71,056| 07-Jul-2021| 09:09| x64 \nActivemonitoringexecutionlibrary.ps1| Not applicable| 29,538| 07-Jul-2021| 09:09| Not applicable \nAdduserstopfrecursive.ps1| Not applicable| 14,961| 07-Jul-2021| 09:10| Not applicable \nAdemodule.dll| 15.2.922.13| 106,376| 07-Jul-2021| 09:09| x64 \nAirfilter.dll| 15.2.922.13| 42,872| 07-Jul-2021| 09:08| x64 \nAjaxcontroltoolkit.dll| 15.2.922.13| 92,528| 07-Jul-2021| 09:10| x86 \nAntispamcommon.ps1| Not applicable| 13,481| 07-Jul-2021| 09:08| Not applicable \nAsdat.msi| Not applicable| 5,087,232| 07-Jul-2021| 09:09| Not applicable \nAsentirs.msi| Not applicable| 77,824| 07-Jul-2021| 09:08| Not applicable \nAsentsig.msi| Not applicable| 73,728| 07-Jul-2021| 09:08| Not applicable \nBigfunnel.bondtypes.dll| 15.2.922.13| 45,456| 07-Jul-2021| 09:08| x86 \nBigfunnel.common.dll| 15.2.922.13| 66,448| 07-Jul-2021| 08:58| x86 \nBigfunnel.configuration.dll| 15.2.922.13| 118,152| 07-Jul-2021| 09:33| x86 \nBigfunnel.entropy.dll| 15.2.922.13| 44,416| 07-Jul-2021| 09:08| x86 \nBigfunnel.filter.dll| 15.2.922.13| 54,160| 07-Jul-2021| 09:09| x86 \nBigfunnel.indexstream.dll| 15.2.922.13| 69,000| 07-Jul-2021| 09:11| x86 \nBigfunnel.neuraltree.dll| Not applicable| 694,136| 07-Jul-2021| 08:59| x64 \nBigfunnel.neuraltreeranking.dll| 15.2.922.13| 19,848| 07-Jul-2021| 09:33| x86 \nBigfunnel.poi.dll| 15.2.922.13| 245,136| 07-Jul-2021| 09:09| x86 \nBigfunnel.postinglist.dll| 15.2.922.13| 189,320| 07-Jul-2021| 09:12| x86 \nBigfunnel.query.dll| 15.2.922.13| 101,240| 07-Jul-2021| 08:59| x86 \nBigfunnel.ranking.dll| 15.2.922.13| 109,448| 07-Jul-2021| 09:34| x86 \nBigfunnel.syntheticdatalib.dll| 15.2.922.13| 3,634,552| 07-Jul-2021| 09:12| x86 \nBigfunnel.tracing.dll| 15.2.922.13| 42,896| 07-Jul-2021| 09:08| x86 \nBigfunnel.wordbreakers.dll| 15.2.922.13| 46,456| 07-Jul-2021| 09:10| x86 \nCafe_airfilter_dll| 15.2.922.13| 42,872| 07-Jul-2021| 09:08| x64 \nCafe_exppw_dll| 15.2.922.13| 83,336| 07-Jul-2021| 09:09| x64 \nCafe_owaauth_dll| 15.2.922.13| 92,048| 07-Jul-2021| 09:08| x64 \nCalcalculation.ps1| Not applicable| 42,109| 07-Jul-2021| 09:34| Not applicable \nCheckdatabaseredundancy.ps1| Not applicable| 94,618| 07-Jul-2021| 09:08| Not applicable \nChksgfiles.dll| 15.2.922.13| 57,208| 07-Jul-2021| 09:10| x64 \nCitsconstants.ps1| Not applicable| 15,837| 07-Jul-2021| 09:10| Not applicable \nCitslibrary.ps1| Not applicable| 82,676| 07-Jul-2021| 09:10| Not applicable \nCitstypes.ps1| Not applicable| 14,496| 07-Jul-2021| 09:10| Not applicable \nClassificationengine_mce| 15.2.922.13| 1,693,072| 07-Jul-2021| 09:08| Not applicable \nClusmsg.dll| 15.2.922.13| 134,008| 07-Jul-2021| 09:09| x64 \nCoconet.dll| 15.2.922.13| 48,008| 07-Jul-2021| 09:09| x64 \nCollectovermetrics.ps1| Not applicable| 81,676| 07-Jul-2021| 09:09| Not applicable \nCollectreplicationmetrics.ps1| Not applicable| 41,862| 07-Jul-2021| 09:08| Not applicable \nCommonconnectfunctions.ps1| Not applicable| 29,943| 07-Jul-2021| 11:10| Not applicable \nComplianceauditservice.exe| 15.2.922.13| 39,816| 07-Jul-2021| 11:14| x86 \nConfigureadam.ps1| Not applicable| 22,756| 07-Jul-2021| 09:10| Not applicable \nConfigurecaferesponseheaders.ps1| Not applicable| 20,340| 07-Jul-2021| 09:10| Not applicable \nConfigurecryptodefaults.ps1| Not applicable| 42,071| 07-Jul-2021| 09:34| Not applicable \nConfigurenetworkprotocolparameters.ps1| Not applicable| 19,802| 07-Jul-2021| 09:10| Not applicable \nConfiguresmbipsec.ps1| Not applicable| 39,860| 07-Jul-2021| 09:10| Not applicable \nConfigure_enterprisepartnerapplication.ps1| Not applicable| 22,315| 07-Jul-2021| 09:10| Not applicable \nConnectfunctions.ps1| Not applicable| 37,137| 07-Jul-2021| 11:11| Not applicable \nConnect_exchangeserver_help.xml| Not applicable| 30,412| 07-Jul-2021| 11:11| Not applicable \nConsoleinitialize.ps1| Not applicable| 24,264| 07-Jul-2021| 10:59| Not applicable \nConvertoabvdir.ps1| Not applicable| 20,085| 07-Jul-2021| 09:10| Not applicable \nConverttomessagelatency.ps1| Not applicable| 14,564| 07-Jul-2021| 09:10| Not applicable \nConvert_distributiongrouptounifiedgroup.ps1| Not applicable| 34,797| 07-Jul-2021| 09:10| Not applicable \nCreate_publicfoldermailboxesformigration.ps1| Not applicable| 27,944| 07-Jul-2021| 09:10| Not applicable \nCts.14.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 07-Jul-2021| 08:59| Not applicable \nCts.14.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 07-Jul-2021| 08:59| Not applicable \nCts.14.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 07-Jul-2021| 08:59| Not applicable \nCts.14.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 07-Jul-2021| 08:59| Not applicable \nCts.14.4.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 07-Jul-2021| 08:59| Not applicable \nCts.15.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 07-Jul-2021| 08:59| Not applicable \nCts.15.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 07-Jul-2021| 08:59| Not applicable \nCts.15.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 07-Jul-2021| 08:59| Not applicable \nCts.15.20.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 07-Jul-2021| 08:59| Not applicable \nCts.8.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 07-Jul-2021| 08:59| Not applicable \nCts.8.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 07-Jul-2021| 08:59| Not applicable \nCts.8.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 07-Jul-2021| 08:59| Not applicable \nCts_exsmime.dll| 15.2.922.13| 380,808| 07-Jul-2021| 09:08| x64 \nCts_microsoft.exchange.data.common.dll| 15.2.922.13| 1,686,904| 07-Jul-2021| 09:08| x86 \nCts_microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 07-Jul-2021| 08:59| Not applicable \nCts_policy.14.0.microsoft.exchange.data.common.dll| 15.2.922.13| 12,680| 07-Jul-2021| 09:08| x86 \nCts_policy.14.1.microsoft.exchange.data.common.dll| 15.2.922.13| 12,664| 07-Jul-2021| 09:09| x86 \nCts_policy.14.2.microsoft.exchange.data.common.dll| 15.2.922.13| 12,688| 07-Jul-2021| 09:09| x86 \nCts_policy.14.3.microsoft.exchange.data.common.dll| 15.2.922.13| 12,680| 07-Jul-2021| 09:08| x86 \nCts_policy.14.4.microsoft.exchange.data.common.dll| 15.2.922.13| 12,688| 07-Jul-2021| 09:08| x86 \nCts_policy.15.0.microsoft.exchange.data.common.dll| 15.2.922.13| 12,680| 07-Jul-2021| 09:09| x86 \nCts_policy.15.1.microsoft.exchange.data.common.dll| 15.2.922.13| 12,680| 07-Jul-2021| 09:09| x86 \nCts_policy.15.2.microsoft.exchange.data.common.dll| 15.2.922.13| 12,688| 07-Jul-2021| 09:08| x86 \nCts_policy.15.20.microsoft.exchange.data.common.dll| 15.2.922.13| 12,680| 07-Jul-2021| 09:08| x86 \nCts_policy.8.0.microsoft.exchange.data.common.dll| 15.2.922.13| 12,664| 07-Jul-2021| 08:59| x86 \nCts_policy.8.1.microsoft.exchange.data.common.dll| 15.2.922.13| 12,688| 07-Jul-2021| 09:08| x86 \nCts_policy.8.2.microsoft.exchange.data.common.dll| 15.2.922.13| 12,664| 07-Jul-2021| 09:08| x86 \nCts_policy.8.3.microsoft.exchange.data.common.dll| 15.2.922.13| 12,664| 07-Jul-2021| 09:08| x86 \nDagcommonlibrary.ps1| Not applicable| 60,258| 07-Jul-2021| 09:09| Not applicable \nDependentassemblygenerator.exe| 15.2.922.13| 22,408| 07-Jul-2021| 09:09| x86 \nDiaghelper.dll| 15.2.922.13| 66,960| 07-Jul-2021| 09:08| x86 \nDiagnosticscriptcommonlibrary.ps1| Not applicable| 16,366| 07-Jul-2021| 09:10| Not applicable \nDisableinmemorytracing.ps1| Not applicable| 13,374| 07-Jul-2021| 09:10| Not applicable \nDisable_antimalwarescanning.ps1| Not applicable| 15,221| 07-Jul-2021| 09:10| Not applicable \nDisable_outsidein.ps1| Not applicable| 13,686| 07-Jul-2021| 09:10| Not applicable \nDisklockerapi.dll| Not applicable| 22,416| 07-Jul-2021| 09:09| x64 \nDlmigrationmodule.psm1| Not applicable| 39,612| 07-Jul-2021| 09:10| Not applicable \nDsaccessperf.dll| 15.2.922.13| 45,960| 07-Jul-2021| 09:08| x64 \nDscperf.dll| 15.2.922.13| 32,648| 07-Jul-2021| 09:09| x64 \nDup_cts_microsoft.exchange.data.common.dll| 15.2.922.13| 1,686,904| 07-Jul-2021| 09:08| x86 \nDup_ext_microsoft.exchange.data.transport.dll| 15.2.922.13| 601,480| 07-Jul-2021| 09:33| x86 \nEcpperfcounters.xml| Not applicable| 31,180| 07-Jul-2021| 09:09| Not applicable \nEdgeextensibility_microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 07-Jul-2021| 09:05| Not applicable \nEdgeextensibility_policy.8.0.microsoft.exchange.data.transport.dll| 15.2.922.13| 12,680| 07-Jul-2021| 09:09| x86 \nEdgetransport.exe| 15.2.922.13| 49,552| 07-Jul-2021| 10:32| x86 \nEext.14.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 07-Jul-2021| 09:05| Not applicable \nEext.14.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 07-Jul-2021| 09:05| Not applicable \nEext.14.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 07-Jul-2021| 09:05| Not applicable \nEext.14.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 07-Jul-2021| 09:05| Not applicable \nEext.14.4.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 07-Jul-2021| 09:05| Not applicable \nEext.15.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 07-Jul-2021| 09:05| Not applicable \nEext.15.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 07-Jul-2021| 09:05| Not applicable \nEext.15.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 07-Jul-2021| 09:05| Not applicable \nEext.15.20.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 07-Jul-2021| 09:05| Not applicable \nEext.8.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 07-Jul-2021| 09:05| Not applicable \nEext.8.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 07-Jul-2021| 09:05| Not applicable \nEext.8.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 07-Jul-2021| 09:05| Not applicable \nEext_policy.14.0.microsoft.exchange.data.transport.dll| 15.2.922.13| 12,680| 07-Jul-2021| 09:09| x86 \nEext_policy.14.1.microsoft.exchange.data.transport.dll| 15.2.922.13| 12,680| 07-Jul-2021| 09:09| x86 \nEext_policy.14.2.microsoft.exchange.data.transport.dll| 15.2.922.13| 12,664| 07-Jul-2021| 09:09| x86 \nEext_policy.14.3.microsoft.exchange.data.transport.dll| 15.2.922.13| 12,688| 07-Jul-2021| 09:09| x86 \nEext_policy.14.4.microsoft.exchange.data.transport.dll| 15.2.922.13| 12,688| 07-Jul-2021| 09:09| x86 \nEext_policy.15.0.microsoft.exchange.data.transport.dll| 15.2.922.13| 12,688| 07-Jul-2021| 09:09| x86 \nEext_policy.15.1.microsoft.exchange.data.transport.dll| 15.2.922.13| 12,688| 07-Jul-2021| 09:09| x86 \nEext_policy.15.2.microsoft.exchange.data.transport.dll| 15.2.922.13| 12,664| 07-Jul-2021| 09:09| x86 \nEext_policy.15.20.microsoft.exchange.data.transport.dll| 15.2.922.13| 13,200| 07-Jul-2021| 09:09| x86 \nEext_policy.8.1.microsoft.exchange.data.transport.dll| 15.2.922.13| 12,664| 07-Jul-2021| 09:09| x86 \nEext_policy.8.2.microsoft.exchange.data.transport.dll| 15.2.922.13| 12,680| 07-Jul-2021| 09:09| x86 \nEext_policy.8.3.microsoft.exchange.data.transport.dll| 15.2.922.13| 12,680| 07-Jul-2021| 09:09| x86 \nEnableinmemorytracing.ps1| Not applicable| 13,396| 07-Jul-2021| 09:10| Not applicable \nEnable_antimalwarescanning.ps1| Not applicable| 17,555| 07-Jul-2021| 09:10| Not applicable \nEnable_basicauthtooauthconverterhttpmodule.ps1| Not applicable| 18,620| 07-Jul-2021| 09:10| Not applicable \nEnable_crossforestconnector.ps1| Not applicable| 18,630| 07-Jul-2021| 09:10| Not applicable \nEnable_outlookcertificateauthentication.ps1| Not applicable| 22,948| 07-Jul-2021| 09:10| Not applicable \nEnable_outsidein.ps1| Not applicable| 13,679| 07-Jul-2021| 09:10| Not applicable \nEngineupdateserviceinterfaces.dll| 15.2.922.13| 17,808| 07-Jul-2021| 09:33| x86 \nEscprint.dll| 15.2.922.13| 20,368| 07-Jul-2021| 09:09| x64 \nEse.dll| 15.2.922.13| 3,741,048| 07-Jul-2021| 09:09| x64 \nEseback2.dll| 15.2.922.13| 350,096| 07-Jul-2021| 09:10| x64 \nEsebcli2.dll| 15.2.922.13| 318,344| 07-Jul-2021| 09:09| x64 \nEseperf.dll| 15.2.922.13| 108,920| 07-Jul-2021| 09:12| x64 \nEseutil.exe| 15.2.922.13| 425,360| 07-Jul-2021| 09:10| x64 \nEsevss.dll| 15.2.922.13| 44,432| 07-Jul-2021| 09:10| x64 \nEtweseproviderresources.dll| 15.2.922.13| 101,256| 07-Jul-2021| 08:59| x64 \nEventperf.dll| 15.2.922.13| 59,768| 07-Jul-2021| 08:59| x64 \nExchange.depthtwo.types.ps1xml| Not applicable| 40,105| 07-Jul-2021| 11:10| Not applicable \nExchange.format.ps1xml| Not applicable| 649,690| 07-Jul-2021| 11:10| Not applicable \nExchange.partial.types.ps1xml| Not applicable| 44,335| 07-Jul-2021| 11:10| Not applicable \nExchange.ps1| Not applicable| 20,803| 07-Jul-2021| 11:11| Not applicable \nExchange.support.format.ps1xml| Not applicable| 26,547| 07-Jul-2021| 11:01| Not applicable \nExchange.types.ps1xml| Not applicable| 365,145| 07-Jul-2021| 11:10| Not applicable \nExchangeudfcommon.dll| 15.2.922.13| 122,744| 07-Jul-2021| 09:09| x86 \nExchangeudfs.dll| 15.2.922.13| 272,760| 07-Jul-2021| 09:09| x86 \nExchmem.dll| 15.2.922.13| 86,408| 07-Jul-2021| 09:08| x64 \nExchsetupmsg.dll| 15.2.922.13| 19,344| 07-Jul-2021| 09:09| x64 \nExdbfailureitemapi.dll| Not applicable| 27,016| 07-Jul-2021| 09:09| x64 \nExdbmsg.dll| 15.2.922.13| 230,800| 07-Jul-2021| 09:09| x64 \nExeventperfplugin.dll| 15.2.922.13| 25,464| 07-Jul-2021| 09:08| x64 \nExmime.dll| 15.2.922.13| 364,920| 07-Jul-2021| 09:09| x64 \nExportedgeconfig.ps1| Not applicable| 27,423| 07-Jul-2021| 09:10| Not applicable \nExport_mailpublicfoldersformigration.ps1| Not applicable| 18,590| 07-Jul-2021| 09:10| Not applicable \nExport_modernpublicfolderstatistics.ps1| Not applicable| 29,238| 07-Jul-2021| 09:10| Not applicable \nExport_outlookclassification.ps1| Not applicable| 14,370| 07-Jul-2021| 09:08| Not applicable \nExport_publicfolderstatistics.ps1| Not applicable| 23,157| 07-Jul-2021| 09:10| Not applicable \nExport_retentiontags.ps1| Not applicable| 17,076| 07-Jul-2021| 09:10| Not applicable \nExppw.dll| 15.2.922.13| 83,336| 07-Jul-2021| 09:09| x64 \nExprfdll.dll| 15.2.922.13| 26,488| 07-Jul-2021| 09:08| x64 \nExrpc32.dll| 15.2.922.13| 2,029,448| 07-Jul-2021| 09:34| x64 \nExrw.dll| 15.2.922.13| 28,040| 07-Jul-2021| 09:08| x64 \nExsetdata.dll| 15.2.922.13| 2,779,024| 07-Jul-2021| 09:34| x64 \nExsetup.exe| 15.2.922.13| 35,216| 07-Jul-2021| 11:06| x86 \nExsetupui.exe| 15.2.922.13| 471,944| 07-Jul-2021| 11:04| x86 \nExtrace.dll| 15.2.922.13| 245,112| 07-Jul-2021| 08:59| x64 \nExt_microsoft.exchange.data.transport.dll| 15.2.922.13| 601,480| 07-Jul-2021| 09:33| x86 \nExwatson.dll| 15.2.922.13| 44,920| 07-Jul-2021| 09:08| x64 \nFastioext.dll| 15.2.922.13| 60,296| 07-Jul-2021| 09:09| x64 \nFil06f84122c94c91a0458cad45c22cce20| Not applicable| 784,631| 07-Jul-2021| 12:34| Not applicable \nFil143a7a5d4894478a85eefc89a6539fc8| Not applicable| 1,909,228| 07-Jul-2021| 12:34| Not applicable \nFil19f527f284a0bb584915f9994f4885c3| Not applicable| 648,760| 07-Jul-2021| 12:34| Not applicable \nFil1a9540363a531e7fb18ffe600cffc3ce| Not applicable| 358,405| 07-Jul-2021| 12:33| Not applicable \nFil220d95210c8697448312eee6628c815c| Not applicable| 303,657| 07-Jul-2021| 12:33| Not applicable \nFil2cf5a31e239a45fabea48687373b547c| Not applicable| 652,759| 07-Jul-2021| 12:33| Not applicable \nFil397f0b1f1d7bd44d6e57e496decea2ec| Not applicable| 784,628| 07-Jul-2021| 12:33| Not applicable \nFil3ab126057b34eee68c4fd4b127ff7aee| Not applicable| 784,604| 07-Jul-2021| 12:34| Not applicable \nFil41bb2e5743e3bde4ecb1e07a76c5a7a8| Not applicable| 149,154| 07-Jul-2021| 12:33| Not applicable \nFil51669bfbda26e56e3a43791df94c1e9c| Not applicable| 9,345| 07-Jul-2021| 12:33| Not applicable \nFil558cb84302edfc96e553bcfce2b85286| Not applicable| 85,259| 07-Jul-2021| 12:34| Not applicable \nFil55ce217251b77b97a46e914579fc4c64| Not applicable| 648,754| 07-Jul-2021| 12:33| Not applicable \nFil5a9e78a51a18d05bc36b5e8b822d43a8| Not applicable| 1,596,145| 07-Jul-2021| 12:33| Not applicable \nFil5c7d10e5f1f9ada1e877c9aa087182a9| Not applicable| 1,596,145| 07-Jul-2021| 12:33| Not applicable \nFil6569a92c80a1e14949e4282ae2cc699c| Not applicable| 1,596,145| 07-Jul-2021| 12:33| Not applicable \nFil6a01daba551306a1e55f0bf6894f4d9f| Not applicable| 648,730| 07-Jul-2021| 12:34| Not applicable \nFil8863143ea7cd93a5f197c9fff13686bf| Not applicable| 648,760| 07-Jul-2021| 12:33| Not applicable \nFil8a8c76f225c7205db1000e8864c10038| Not applicable| 1,596,145| 07-Jul-2021| 12:33| Not applicable \nFil8cd999415d36ba78a3ac16a080c47458| Not applicable| 784,634| 07-Jul-2021| 12:34| Not applicable \nFil97913e630ff02079ce9889505a517ec0| Not applicable| 1,596,145| 07-Jul-2021| 12:33| Not applicable \nFilaa49badb2892075a28d58d06560f8da2| Not applicable| 785,658| 07-Jul-2021| 12:33| Not applicable \nFilae28aeed23ccb4b9b80accc2d43175b5| Not applicable| 648,757| 07-Jul-2021| 12:33| Not applicable \nFilb17f496f9d880a684b5c13f6b02d7203| Not applicable| 784,634| 07-Jul-2021| 12:33| Not applicable \nFilb94ca32f2654692263a5be009c0fe4ca| Not applicable| 2,564,949| 07-Jul-2021| 12:34| Not applicable \nFilbabdc4808eba0c4f18103f12ae955e5c| Not applicable| 341,984,395| 07-Jul-2021| 12:33| Not applicable \nFilc92cf2bf29bed21bd5555163330a3d07| Not applicable| 652,777| 07-Jul-2021| 12:33| Not applicable \nFilcc478d2a8346db20c4e2dc36f3400628| Not applicable| 784,634| 07-Jul-2021| 12:33| Not applicable \nFild26cd6b13cfe2ec2a16703819da6d043| Not applicable| 1,596,145| 07-Jul-2021| 12:33| Not applicable \nFilf2719f9dc8f7b74df78ad558ad3ee8a6| Not applicable| 785,640| 07-Jul-2021| 12:33| Not applicable \nFilfa5378dc76359a55ef20cc34f8a23fee| Not applicable| 1,427,187| 07-Jul-2021| 12:33| Not applicable \nFilteringconfigurationcommands.ps1| Not applicable| 18,263| 07-Jul-2021| 09:10| Not applicable \nFilteringpowershell.dll| 15.2.922.13| 223,096| 07-Jul-2021| 09:33| x86 \nFilteringpowershell.format.ps1xml| Not applicable| 29,664| 07-Jul-2021| 09:34| Not applicable \nFiltermodule.dll| 15.2.922.13| 180,112| 07-Jul-2021| 09:08| x64 \nFipexeuperfctrresource.dll| 15.2.922.13| 15,240| 07-Jul-2021| 09:09| x64 \nFipexeventsresource.dll| 15.2.922.13| 44,936| 07-Jul-2021| 09:09| x64 \nFipexperfctrresource.dll| 15.2.922.13| 32,648| 07-Jul-2021| 09:08| x64 \nFirewallres.dll| 15.2.922.13| 72,592| 07-Jul-2021| 08:59| x64 \nFms.exe| 15.2.922.13| 1,350,024| 07-Jul-2021| 09:34| x64 \nForefrontactivedirectoryconnector.exe| 15.2.922.13| 110,968| 07-Jul-2021| 09:09| x64 \nFpsdiag.exe| 15.2.922.13| 18,808| 07-Jul-2021| 09:09| x86 \nFsccachedfilemanagedlocal.dll| 15.2.922.13| 822,136| 07-Jul-2021| 09:08| x64 \nFscconfigsupport.dll| 15.2.922.13| 56,720| 07-Jul-2021| 09:08| x86 \nFscconfigurationserver.exe| 15.2.922.13| 430,984| 07-Jul-2021| 09:09| x64 \nFscconfigurationserverinterfaces.dll| 15.2.922.13| 15,752| 07-Jul-2021| 09:09| x86 \nFsccrypto.dll| 15.2.922.13| 208,784| 07-Jul-2021| 08:59| x64 \nFscipcinterfaceslocal.dll| 15.2.922.13| 28,536| 07-Jul-2021| 08:59| x86 \nFscipclocal.dll| 15.2.922.13| 38,280| 07-Jul-2021| 09:09| x86 \nFscsqmuploader.exe| 15.2.922.13| 453,496| 07-Jul-2021| 09:10| x64 \nGetucpool.ps1| Not applicable| 19,807| 07-Jul-2021| 09:10| Not applicable \nGetvalidengines.ps1| Not applicable| 13,306| 07-Jul-2021| 09:10| Not applicable \nGet_antispamfilteringreport.ps1| Not applicable| 15,785| 07-Jul-2021| 09:08| Not applicable \nGet_antispamsclhistogram.ps1| Not applicable| 14,631| 07-Jul-2021| 09:08| Not applicable \nGet_antispamtopblockedsenderdomains.ps1| Not applicable| 15,703| 07-Jul-2021| 09:08| Not applicable \nGet_antispamtopblockedsenderips.ps1| Not applicable| 14,771| 07-Jul-2021| 09:09| Not applicable \nGet_antispamtopblockedsenders.ps1| Not applicable| 15,474| 07-Jul-2021| 09:08| Not applicable \nGet_antispamtoprblproviders.ps1| Not applicable| 14,681| 07-Jul-2021| 09:09| Not applicable \nGet_antispamtoprecipients.ps1| Not applicable| 14,786| 07-Jul-2021| 09:08| Not applicable \nGet_dleligibilitylist.ps1| Not applicable| 42,328| 07-Jul-2021| 09:10| Not applicable \nGet_exchangeetwtrace.ps1| Not applicable| 28,979| 07-Jul-2021| 09:10| Not applicable \nGet_publicfoldermailboxsize.ps1| Not applicable| 15,058| 07-Jul-2021| 09:10| Not applicable \nGet_storetrace.ps1| Not applicable| 51,883| 07-Jul-2021| 09:08| Not applicable \nHuffman_xpress.dll| 15.2.922.13| 32,648| 07-Jul-2021| 09:09| x64 \nImportedgeconfig.ps1| Not applicable| 77,280| 07-Jul-2021| 09:10| Not applicable \nImport_mailpublicfoldersformigration.ps1| Not applicable| 29,468| 07-Jul-2021| 09:10| Not applicable \nImport_retentiontags.ps1| Not applicable| 28,850| 07-Jul-2021| 09:10| Not applicable \nInproxy.dll| 15.2.922.13| 85,896| 07-Jul-2021| 09:09| x64 \nInstallwindowscomponent.ps1| Not applicable| 34,555| 07-Jul-2021| 09:34| Not applicable \nInstall_antispamagents.ps1| Not applicable| 17,905| 07-Jul-2021| 09:09| Not applicable \nInstall_odatavirtualdirectory.ps1| Not applicable| 17,979| 07-Jul-2021| 11:33| Not applicable \nInterop.activeds.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.2.922.13| 107,408| 07-Jul-2021| 09:09| Not applicable \nInterop.adsiis.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.2.922.13| 20,368| 07-Jul-2021| 09:08| Not applicable \nInterop.certenroll.dll| 15.2.922.13| 142,736| 07-Jul-2021| 08:57| x86 \nInterop.licenseinfointerface.dll| 15.2.922.13| 14,216| 07-Jul-2021| 09:12| x86 \nInterop.netfw.dll| 15.2.922.13| 34,192| 07-Jul-2021| 08:59| x86 \nInterop.plalibrary.dll| 15.2.922.13| 72,584| 07-Jul-2021| 08:59| x86 \nInterop.stdole2.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.2.922.13| 27,024| 07-Jul-2021| 08:59| Not applicable \nInterop.taskscheduler.dll| 15.2.922.13| 46,480| 07-Jul-2021| 08:59| x86 \nInterop.wuapilib.dll| 15.2.922.13| 60,792| 07-Jul-2021| 09:09| x86 \nInterop.xenroll.dll| 15.2.922.13| 39,824| 07-Jul-2021| 08:59| x86 \nKerbauth.dll| 15.2.922.13| 62,856| 07-Jul-2021| 09:09| x64 \nLicenseinfointerface.dll| 15.2.922.13| 643,472| 07-Jul-2021| 09:10| x64 \nLpversioning.xml| Not applicable| 20,466| 07-Jul-2021| 11:06| Not applicable \nMailboxdatabasereseedusingspares.ps1| Not applicable| 31,896| 07-Jul-2021| 09:08| Not applicable \nManagedavailabilitycrimsonmsg.dll| 15.2.922.13| 138,616| 07-Jul-2021| 08:59| x64 \nManagedstorediagnosticfunctions.ps1| Not applicable| 126,269| 07-Jul-2021| 09:09| Not applicable \nManagescheduledtask.ps1| Not applicable| 36,372| 07-Jul-2021| 09:09| Not applicable \nManage_metacachedatabase.ps1| Not applicable| 51,119| 07-Jul-2021| 09:10| Not applicable \nMce.dll| 15.2.922.13| 1,693,072| 07-Jul-2021| 09:08| x64 \nMeasure_storeusagestatistics.ps1| Not applicable| 29,479| 07-Jul-2021| 09:08| Not applicable \nMerge_publicfoldermailbox.ps1| Not applicable| 22,655| 07-Jul-2021| 09:10| Not applicable \nMicrosoft.database.isam.dll| 15.2.922.13| 127,888| 07-Jul-2021| 09:12| x86 \nMicrosoft.dkm.proxy.dll| 15.2.922.13| 25,992| 07-Jul-2021| 09:10| x86 \nMicrosoft.exchange.activemonitoring.activemonitoringvariantconfig.dll| 15.2.922.13| 68,488| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.activemonitoring.eventlog.dll| 15.2.922.13| 17,800| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.addressbook.service.dll| 15.2.922.13| 233,336| 07-Jul-2021| 10:58| x86 \nMicrosoft.exchange.addressbook.service.eventlog.dll| 15.2.922.13| 15,736| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.airsync.airsyncmsg.dll| 15.2.922.13| 43,408| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.airsync.comon.dll| 15.2.922.13| 1,776,008| 07-Jul-2021| 10:40| x86 \nMicrosoft.exchange.airsync.dll1| 15.2.922.13| 505,208| 07-Jul-2021| 11:30| Not applicable \nMicrosoft.exchange.airsynchandler.dll| 15.2.922.13| 76,176| 07-Jul-2021| 11:32| x86 \nMicrosoft.exchange.anchorservice.dll| 15.2.922.13| 135,544| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.antispam.eventlog.dll| 15.2.922.13| 23,416| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.antispamupdate.eventlog.dll| 15.2.922.13| 15,760| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.antispamupdatesvc.exe| 15.2.922.13| 27,000| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.approval.applications.dll| 15.2.922.13| 53,648| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.assistants.dll| 15.2.922.13| 925,072| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.assistants.eventlog.dll| 15.2.922.13| 25,976| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.assistants.interfaces.dll| 15.2.922.13| 43,408| 07-Jul-2021| 10:12| x86 \nMicrosoft.exchange.audit.azureclient.dll| 15.2.922.13| 15,224| 07-Jul-2021| 11:03| x86 \nMicrosoft.exchange.auditlogsearch.eventlog.dll| 15.2.922.13| 14,736| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.auditlogsearchservicelet.dll| 15.2.922.13| 70,544| 07-Jul-2021| 10:58| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.dll| 15.2.922.13| 94,608| 07-Jul-2021| 11:11| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.eventlog.dll| 15.2.922.13| 13,176| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.authadmin.eventlog.dll| 15.2.922.13| 15,760| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.authadminservicelet.dll| 15.2.922.13| 36,728| 07-Jul-2021| 10:59| x86 \nMicrosoft.exchange.authservicehostservicelet.dll| 15.2.922.13| 15,736| 07-Jul-2021| 10:14| x86 \nMicrosoft.exchange.autodiscover.configuration.dll| 15.2.922.13| 79,752| 07-Jul-2021| 09:34| x86 \nMicrosoft.exchange.autodiscover.dll| 15.2.922.13| 396,168| 07-Jul-2021| 10:44| x86 \nMicrosoft.exchange.autodiscover.eventlogs.dll| 15.2.922.13| 21,384| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.autodiscoverv2.dll| 15.2.922.13| 57,232| 07-Jul-2021| 10:46| x86 \nMicrosoft.exchange.bandwidthmonitorservicelet.dll| 15.2.922.13| 14,712| 07-Jul-2021| 10:37| x86 \nMicrosoft.exchange.batchservice.dll| 15.2.922.13| 35,704| 07-Jul-2021| 10:37| x86 \nMicrosoft.exchange.cabutility.dll| 15.2.922.13| 276,360| 07-Jul-2021| 08:59| x64 \nMicrosoft.exchange.certificatedeployment.eventlog.dll| 15.2.922.13| 16,248| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.certificatedeploymentservicelet.dll| 15.2.922.13| 25,976| 07-Jul-2021| 10:59| x86 \nMicrosoft.exchange.certificatenotification.eventlog.dll| 15.2.922.13| 13,712| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.certificatenotificationservicelet.dll| 15.2.922.13| 23,440| 07-Jul-2021| 10:58| x86 \nMicrosoft.exchange.clients.common.dll| 15.2.922.13| 378,248| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.clients.eventlogs.dll| 15.2.922.13| 83,856| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.clients.owa.dll| 15.2.922.13| 2,971,024| 07-Jul-2021| 11:31| x86 \nMicrosoft.exchange.clients.owa2.server.dll| 15.2.922.13| 5,029,776| 07-Jul-2021| 11:28| x86 \nMicrosoft.exchange.clients.owa2.servervariantconfiguration.dll| 15.2.922.13| 893,832| 07-Jul-2021| 09:34| x86 \nMicrosoft.exchange.clients.security.dll| 15.2.922.13| 413,576| 07-Jul-2021| 11:07| x86 \nMicrosoft.exchange.clients.strings.dll| 15.2.922.13| 924,552| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.cluster.bandwidthmonitor.dll| 15.2.922.13| 31,608| 07-Jul-2021| 10:34| x86 \nMicrosoft.exchange.cluster.common.dll| 15.2.922.13| 52,112| 07-Jul-2021| 08:59| x86 \nMicrosoft.exchange.cluster.common.extensions.dll| 15.2.922.13| 21,896| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.cluster.diskmonitor.dll| 15.2.922.13| 33,664| 07-Jul-2021| 10:37| x86 \nMicrosoft.exchange.cluster.replay.dll| 15.2.922.13| 3,558,792| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.cluster.replicaseeder.dll| 15.2.922.13| 108,408| 07-Jul-2021| 09:12| x64 \nMicrosoft.exchange.cluster.replicavsswriter.dll| 15.2.922.13| 288,632| 07-Jul-2021| 10:34| x64 \nMicrosoft.exchange.cluster.shared.dll| 15.2.922.13| 627,600| 07-Jul-2021| 10:13| x86 \nMicrosoft.exchange.common.agentconfig.transport.dll| 15.2.922.13| 86,408| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.common.componentconfig.transport.dll| 15.2.922.13| 1,830,288| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.common.directory.adagentservicevariantconfig.dll| 15.2.922.13| 31,624| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.common.directory.directoryvariantconfig.dll| 15.2.922.13| 466,320| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.common.directory.domtvariantconfig.dll| 15.2.922.13| 25,992| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.common.directory.ismemberofresolverconfig.dll| 15.2.922.13| 38,280| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.common.directory.tenantrelocationvariantconfig.dll| 15.2.922.13| 102,784| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.common.directory.topologyservicevariantconfig.dll| 15.2.922.13| 48,520| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.common.diskmanagement.dll| 15.2.922.13| 67,448| 07-Jul-2021| 09:10| x86 \nMicrosoft.exchange.common.dll| 15.2.922.13| 172,920| 07-Jul-2021| 09:12| x86 \nMicrosoft.exchange.common.encryption.variantconfig.dll| 15.2.922.13| 113,544| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.common.il.dll| 15.2.922.13| 13,712| 07-Jul-2021| 08:59| x86 \nMicrosoft.exchange.common.inference.dll| 15.2.922.13| 130,440| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.common.optics.dll| 15.2.922.13| 63,880| 07-Jul-2021| 09:10| x86 \nMicrosoft.exchange.common.processmanagermsg.dll| 15.2.922.13| 19,856| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.common.protocols.popimap.dll| 15.2.922.13| 15,248| 07-Jul-2021| 08:58| x86 \nMicrosoft.exchange.common.search.dll| 15.2.922.13| 108,936| 07-Jul-2021| 09:34| x86 \nMicrosoft.exchange.common.search.eventlog.dll| 15.2.922.13| 17,792| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.common.smtp.dll| 15.2.922.13| 51,576| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.common.suiteservices.suiteservicesvariantconfig.dll| 15.2.922.13| 36,744| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.common.transport.azure.dll| 15.2.922.13| 27,528| 07-Jul-2021| 09:34| x86 \nMicrosoft.exchange.common.transport.monitoringconfig.dll| 15.2.922.13| 1,042,296| 07-Jul-2021| 09:34| x86 \nMicrosoft.exchange.commonmsg.dll| 15.2.922.13| 29,072| 07-Jul-2021| 08:59| x64 \nMicrosoft.exchange.compliance.auditlogpumper.messages.dll| 15.2.922.13| 13,176| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.compliance.auditservice.core.dll| 15.2.922.13| 181,112| 07-Jul-2021| 11:12| x86 \nMicrosoft.exchange.compliance.auditservice.messages.dll| 15.2.922.13| 30,096| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.compliance.common.dll| 15.2.922.13| 22,392| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.compliance.crimsonevents.dll| 15.2.922.13| 85,880| 07-Jul-2021| 08:59| x64 \nMicrosoft.exchange.compliance.dll| 15.2.922.13| 41,336| 07-Jul-2021| 09:10| x86 \nMicrosoft.exchange.compliance.recordreview.dll| 15.2.922.13| 37,240| 07-Jul-2021| 09:11| x86 \nMicrosoft.exchange.compliance.supervision.dll| 15.2.922.13| 50,552| 07-Jul-2021| 10:35| x86 \nMicrosoft.exchange.compliance.taskcreator.dll| 15.2.922.13| 33,168| 07-Jul-2021| 10:27| x86 \nMicrosoft.exchange.compliance.taskdistributioncommon.dll| 15.2.922.13| 1,100,176| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.compliance.taskdistributionfabric.dll| 15.2.922.13| 206,736| 07-Jul-2021| 10:27| x86 \nMicrosoft.exchange.compliance.taskplugins.dll| 15.2.922.13| 210,808| 07-Jul-2021| 10:46| x86 \nMicrosoft.exchange.compression.dll| 15.2.922.13| 17,272| 07-Jul-2021| 09:11| x86 \nMicrosoft.exchange.configuration.certificateauth.dll| 15.2.922.13| 37,776| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.configuration.certificateauth.eventlog.dll| 15.2.922.13| 14,224| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.configuration.core.dll| 15.2.922.13| 145,784| 07-Jul-2021| 10:14| x86 \nMicrosoft.exchange.configuration.core.eventlog.dll| 15.2.922.13| 14,224| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.configuration.delegatedauth.dll| 15.2.922.13| 53,136| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.configuration.delegatedauth.eventlog.dll| 15.2.922.13| 15,760| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.configuration.diagnosticsmodules.dll| 15.2.922.13| 23,432| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.configuration.diagnosticsmodules.eventlog.dll| 15.2.922.13| 13,200| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.configuration.failfast.dll| 15.2.922.13| 54,672| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.configuration.failfast.eventlog.dll| 15.2.922.13| 13,688| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.configuration.objectmodel.dll| 15.2.922.13| 1,846,152| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.configuration.objectmodel.eventlog.dll| 15.2.922.13| 30,088| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.configuration.redirectionmodule.dll| 15.2.922.13| 68,496| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.configuration.redirectionmodule.eventlog.dll| 15.2.922.13| 15,224| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.dll| 15.2.922.13| 21,384| 07-Jul-2021| 10:13| x86 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.eventlog.dll| 15.2.922.13| 13,176| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.connectiondatacollector.dll| 15.2.922.13| 25,976| 07-Jul-2021| 09:10| x86 \nMicrosoft.exchange.connections.common.dll| 15.2.922.13| 169,864| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.connections.eas.dll| 15.2.922.13| 330,104| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.connections.imap.dll| 15.2.922.13| 173,968| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.connections.pop.dll| 15.2.922.13| 71,056| 07-Jul-2021| 09:34| x86 \nMicrosoft.exchange.contentfilter.wrapper.exe| 15.2.922.13| 203,656| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.context.client.dll| 15.2.922.13| 27,000| 07-Jul-2021| 10:13| x86 \nMicrosoft.exchange.context.configuration.dll| 15.2.922.13| 51,592| 07-Jul-2021| 09:34| x86 \nMicrosoft.exchange.context.core.dll| 15.2.922.13| 51,064| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.context.datamodel.dll| 15.2.922.13| 46,984| 07-Jul-2021| 09:40| x86 \nMicrosoft.exchange.core.strings.dll| 15.2.922.13| 1,093,512| 07-Jul-2021| 09:11| x86 \nMicrosoft.exchange.core.timezone.dll| 15.2.922.13| 57,224| 07-Jul-2021| 09:08| x86 \nMicrosoft.exchange.data.applicationlogic.deep.dll| 15.2.922.13| 326,544| 07-Jul-2021| 08:59| x86 \nMicrosoft.exchange.data.applicationlogic.dll| 15.2.922.13| 3,357,560| 07-Jul-2021| 10:07| x86 \nMicrosoft.exchange.data.applicationlogic.eventlog.dll| 15.2.922.13| 35,728| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.data.applicationlogic.monitoring.ifx.dll| 15.2.922.13| 17,792| 07-Jul-2021| 10:08| x86 \nMicrosoft.exchange.data.connectors.dll| 15.2.922.13| 165,240| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.data.consumermailboxprovisioning.dll| 15.2.922.13| 619,408| 07-Jul-2021| 09:59| x86 \nMicrosoft.exchange.data.directory.dll| 15.2.922.13| 7,791,992| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.data.directory.eventlog.dll| 15.2.922.13| 80,272| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.data.dll| 15.2.922.13| 1,790,344| 07-Jul-2021| 09:38| x86 \nMicrosoft.exchange.data.groupmailboxaccesslayer.dll| 15.2.922.13| 1,631,632| 07-Jul-2021| 10:27| x86 \nMicrosoft.exchange.data.ha.dll| 15.2.922.13| 377,720| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.data.imageanalysis.dll| 15.2.922.13| 105,352| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.data.mailboxfeatures.dll| 15.2.922.13| 15,760| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.data.mailboxloadbalance.dll| 15.2.922.13| 224,656| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.data.mapi.dll| 15.2.922.13| 186,744| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.data.metering.contracts.dll| 15.2.922.13| 39,824| 07-Jul-2021| 09:10| x86 \nMicrosoft.exchange.data.metering.dll| 15.2.922.13| 119,160| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.data.msosyncxsd.dll| 15.2.922.13| 968,072| 07-Jul-2021| 09:12| x86 \nMicrosoft.exchange.data.notification.dll| 15.2.922.13| 141,176| 07-Jul-2021| 09:58| x86 \nMicrosoft.exchange.data.personaldataplatform.dll| 15.2.922.13| 769,400| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.data.providers.dll| 15.2.922.13| 139,664| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.data.provisioning.dll| 15.2.922.13| 56,720| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.data.rightsmanagement.dll| 15.2.922.13| 452,984| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.data.scheduledtimers.dll| 15.2.922.13| 32,648| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.data.storage.clientstrings.dll| 15.2.922.13| 256,888| 07-Jul-2021| 09:08| x86 \nMicrosoft.exchange.data.storage.dll| 15.2.922.13| 11,841,928| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.data.storage.eventlog.dll| 15.2.922.13| 37,768| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.data.storageconfigurationresources.dll| 15.2.922.13| 655,760| 07-Jul-2021| 09:11| x86 \nMicrosoft.exchange.data.storeobjects.dll| 15.2.922.13| 175,496| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.data.throttlingservice.client.dll| 15.2.922.13| 36,216| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.data.throttlingservice.client.eventlog.dll| 15.2.922.13| 14,224| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.data.throttlingservice.eventlog.dll| 15.2.922.13| 14,200| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.datacenter.management.activemonitoring.recoveryservice.eventlog.dll| 15.2.922.13| 14,712| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.datacenterstrings.dll| 15.2.922.13| 72,568| 07-Jul-2021| 11:01| x86 \nMicrosoft.exchange.delivery.eventlog.dll| 15.2.922.13| 13,176| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.diagnostics.certificatelogger.dll| 15.2.922.13| 22,928| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.diagnostics.dll| 15.2.922.13| 1,845,616| 07-Jul-2021| 09:08| x86 \nMicrosoft.exchange.diagnostics.dll.deploy| 15.2.922.13| 1,845,616| 07-Jul-2021| 09:08| Not applicable \nMicrosoft.exchange.diagnostics.performancelogger.dll| 15.2.922.13| 23,928| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.diagnostics.service.common.dll| 15.2.922.13| 546,696| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.diagnostics.service.eventlog.dll| 15.2.922.13| 215,440| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.diagnostics.service.exchangejobs.dll| 15.2.922.13| 194,440| 07-Jul-2021| 10:12| x86 \nMicrosoft.exchange.diagnostics.service.exe| 15.2.922.13| 146,320| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.diagnostics.service.fuseboxperfcounters.dll| 15.2.922.13| 27,512| 07-Jul-2021| 09:34| x86 \nMicrosoft.exchange.diagnosticsaggregation.eventlog.dll| 15.2.922.13| 13,688| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.diagnosticsaggregationservicelet.dll| 15.2.922.13| 49,544| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.directory.topologyservice.eventlog.dll| 15.2.922.13| 28,048| 07-Jul-2021| 09:10| x64 \nMicrosoft.exchange.directory.topologyservice.exe| 15.2.922.13| 208,768| 07-Jul-2021| 10:10| x86 \nMicrosoft.exchange.disklocker.events.dll| 15.2.922.13| 88,960| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.disklocker.interop.dll| 15.2.922.13| 32,632| 07-Jul-2021| 09:10| x86 \nMicrosoft.exchange.drumtesting.calendarmigration.dll| 15.2.922.13| 45,960| 07-Jul-2021| 10:39| x86 \nMicrosoft.exchange.drumtesting.common.dll| 15.2.922.13| 18,808| 07-Jul-2021| 10:36| x86 \nMicrosoft.exchange.dxstore.dll| 15.2.922.13| 473,464| 07-Jul-2021| 09:34| x86 \nMicrosoft.exchange.dxstore.ha.events.dll| 15.2.922.13| 206,224| 07-Jul-2021| 08:59| x64 \nMicrosoft.exchange.dxstore.ha.instance.exe| 15.2.922.13| 36,728| 07-Jul-2021| 10:33| x86 \nMicrosoft.exchange.eac.flighting.dll| 15.2.922.13| 131,464| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.edgecredentialsvc.exe| 15.2.922.13| 21,904| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.edgesync.common.dll| 15.2.922.13| 148,344| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.edgesync.datacenterproviders.dll| 15.2.922.13| 220,024| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.edgesync.eventlog.dll| 15.2.922.13| 23,952| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.edgesyncsvc.exe| 15.2.922.13| 97,656| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.ediscovery.export.dll| 15.2.922.13| 1,266,552| 07-Jul-2021| 09:10| x86 \nMicrosoft.exchange.ediscovery.export.dll.deploy| 15.2.922.13| 1,266,552| 07-Jul-2021| 09:10| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.application| Not applicable| 16,503| 07-Jul-2021| 09:33| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.exe.deploy| 15.2.922.13| 87,416| 07-Jul-2021| 09:12| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.manifest| Not applicable| 67,453| 07-Jul-2021| 09:34| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.strings.dll.deploy| 15.2.922.13| 52,096| 07-Jul-2021| 09:08| Not applicable \nMicrosoft.exchange.ediscovery.mailboxsearch.dll| 15.2.922.13| 292,232| 07-Jul-2021| 10:46| x86 \nMicrosoft.exchange.entities.birthdaycalendar.dll| 15.2.922.13| 73,104| 07-Jul-2021| 10:37| x86 \nMicrosoft.exchange.entities.booking.defaultservicesettings.dll| 15.2.922.13| 45,968| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.entities.booking.dll| 15.2.922.13| 218,512| 07-Jul-2021| 10:39| x86 \nMicrosoft.exchange.entities.booking.management.dll| 15.2.922.13| 78,224| 07-Jul-2021| 10:05| x86 \nMicrosoft.exchange.entities.bookings.dll| 15.2.922.13| 35,728| 07-Jul-2021| 10:05| x86 \nMicrosoft.exchange.entities.calendaring.dll| 15.2.922.13| 935,288| 07-Jul-2021| 10:34| x86 \nMicrosoft.exchange.entities.common.dll| 15.2.922.13| 336,248| 07-Jul-2021| 10:01| x86 \nMicrosoft.exchange.entities.connectors.dll| 15.2.922.13| 52,624| 07-Jul-2021| 10:05| x86 \nMicrosoft.exchange.entities.contentsubmissions.dll| 15.2.922.13| 32,144| 07-Jul-2021| 10:13| x86 \nMicrosoft.exchange.entities.context.dll| 15.2.922.13| 60,808| 07-Jul-2021| 10:10| x86 \nMicrosoft.exchange.entities.datamodel.dll| 15.2.922.13| 854,392| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.entities.fileproviders.dll| 15.2.922.13| 291,728| 07-Jul-2021| 10:39| x86 \nMicrosoft.exchange.entities.foldersharing.dll| 15.2.922.13| 39,288| 07-Jul-2021| 10:14| x86 \nMicrosoft.exchange.entities.holidaycalendars.dll| 15.2.922.13| 76,176| 07-Jul-2021| 10:38| x86 \nMicrosoft.exchange.entities.insights.dll| 15.2.922.13| 166,800| 07-Jul-2021| 10:42| x86 \nMicrosoft.exchange.entities.meetinglocation.dll| 15.2.922.13| 1,486,728| 07-Jul-2021| 10:45| x86 \nMicrosoft.exchange.entities.meetingparticipants.dll| 15.2.922.13| 122,256| 07-Jul-2021| 10:38| x86 \nMicrosoft.exchange.entities.meetingtimecandidates.dll| 15.2.922.13| 12,327,312| 07-Jul-2021| 10:48| x86 \nMicrosoft.exchange.entities.onlinemeetings.dll| 15.2.922.13| 264,072| 07-Jul-2021| 10:15| x86 \nMicrosoft.exchange.entities.people.dll| 15.2.922.13| 37,760| 07-Jul-2021| 10:10| x86 \nMicrosoft.exchange.entities.peopleinsights.dll| 15.2.922.13| 186,768| 07-Jul-2021| 10:38| x86 \nMicrosoft.exchange.entities.reminders.dll| 15.2.922.13| 64,400| 07-Jul-2021| 10:39| x86 \nMicrosoft.exchange.entities.schedules.dll| 15.2.922.13| 83,848| 07-Jul-2021| 10:38| x86 \nMicrosoft.exchange.entities.shellservice.dll| 15.2.922.13| 63,888| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.entities.tasks.dll| 15.2.922.13| 100,216| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.entities.xrm.dll| 15.2.922.13| 144,784| 07-Jul-2021| 10:06| x86 \nMicrosoft.exchange.entityextraction.calendar.dll| 15.2.922.13| 270,224| 07-Jul-2021| 10:38| x86 \nMicrosoft.exchange.eserepl.common.dll| 15.2.922.13| 15,248| 07-Jul-2021| 08:59| x86 \nMicrosoft.exchange.eserepl.configuration.dll| 15.2.922.13| 15,760| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.eserepl.dll| 15.2.922.13| 130,424| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.ews.configuration.dll| 15.2.922.13| 254,352| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.exchangecertificate.eventlog.dll| 15.2.922.13| 13,192| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.exchangecertificateservicelet.dll| 15.2.922.13| 37,240| 07-Jul-2021| 10:59| x86 \nMicrosoft.exchange.extensibility.internal.dll| 15.2.922.13| 640,904| 07-Jul-2021| 09:38| x86 \nMicrosoft.exchange.extensibility.partner.dll| 15.2.922.13| 37,256| 07-Jul-2021| 10:05| x86 \nMicrosoft.exchange.federateddirectory.dll| 15.2.922.13| 146,320| 07-Jul-2021| 11:11| x86 \nMicrosoft.exchange.ffosynclogmsg.dll| 15.2.922.13| 13,192| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.frontendhttpproxy.dll| 15.2.922.13| 596,344| 07-Jul-2021| 11:09| x86 \nMicrosoft.exchange.frontendhttpproxy.eventlogs.dll| 15.2.922.13| 14,712| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.frontendtransport.monitoring.dll| 15.2.922.13| 30,088| 07-Jul-2021| 11:50| x86 \nMicrosoft.exchange.griffin.variantconfiguration.dll| 15.2.922.13| 99,720| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.hathirdpartyreplication.dll| 15.2.922.13| 42,384| 07-Jul-2021| 09:12| x86 \nMicrosoft.exchange.helpprovider.dll| 15.2.922.13| 40,328| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.httpproxy.addressfinder.dll| 15.2.922.13| 54,136| 07-Jul-2021| 10:33| x86 \nMicrosoft.exchange.httpproxy.common.dll| 15.2.922.13| 164,232| 07-Jul-2021| 10:13| x86 \nMicrosoft.exchange.httpproxy.diagnostics.dll| 15.2.922.13| 58,760| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.httpproxy.flighting.dll| 15.2.922.13| 204,680| 07-Jul-2021| 09:34| x86 \nMicrosoft.exchange.httpproxy.passivemonitor.dll| 15.2.922.13| 17,800| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.httpproxy.proxyassistant.dll| 15.2.922.13| 30,584| 07-Jul-2021| 10:34| x86 \nMicrosoft.exchange.httpproxy.routerefresher.dll| 15.2.922.13| 38,800| 07-Jul-2021| 10:35| x86 \nMicrosoft.exchange.httpproxy.routeselector.dll| 15.2.922.13| 48,504| 07-Jul-2021| 10:33| x86 \nMicrosoft.exchange.httpproxy.routing.dll| 15.2.922.13| 180,624| 07-Jul-2021| 10:14| x86 \nMicrosoft.exchange.httpredirectmodules.dll| 15.2.922.13| 36,744| 07-Jul-2021| 11:08| x86 \nMicrosoft.exchange.httprequestfiltering.dll| 15.2.922.13| 28,040| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.httputilities.dll| 15.2.922.13| 25,976| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.hygiene.data.dll| 15.2.922.13| 1,868,176| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.hygiene.diagnosisutil.dll| 15.2.922.13| 54,672| 07-Jul-2021| 08:59| x86 \nMicrosoft.exchange.hygiene.eopinstantprovisioning.dll| 15.2.922.13| 35,728| 07-Jul-2021| 11:01| x86 \nMicrosoft.exchange.idserialization.dll| 15.2.922.13| 35,728| 07-Jul-2021| 08:58| x86 \nMicrosoft.exchange.imap4.eventlog.dll| 15.2.922.13| 18,304| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.imap4.eventlog.dll.fe| 15.2.922.13| 18,304| 07-Jul-2021| 09:09| Not applicable \nMicrosoft.exchange.imap4.exe| 15.2.922.13| 263,032| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.imap4.exe.fe| 15.2.922.13| 263,032| 07-Jul-2021| 10:26| Not applicable \nMicrosoft.exchange.imap4service.exe| 15.2.922.13| 24,976| 07-Jul-2021| 10:13| x86 \nMicrosoft.exchange.imap4service.exe.fe| 15.2.922.13| 24,976| 07-Jul-2021| 10:13| Not applicable \nMicrosoft.exchange.imapconfiguration.dl1| 15.2.922.13| 53,128| 07-Jul-2021| 09:33| Not applicable \nMicrosoft.exchange.inference.common.dll| 15.2.922.13| 216,976| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.inference.hashtagsrelevance.dll| 15.2.922.13| 32,136| 07-Jul-2021| 10:44| x64 \nMicrosoft.exchange.inference.peoplerelevance.dll| 15.2.922.13| 282,000| 07-Jul-2021| 10:42| x86 \nMicrosoft.exchange.inference.ranking.dll| 15.2.922.13| 18,832| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.inference.safetylibrary.dll| 15.2.922.13| 83,848| 07-Jul-2021| 10:38| x86 \nMicrosoft.exchange.inference.service.eventlog.dll| 15.2.922.13| 15,224| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.infoworker.assistantsclientresources.dll| 15.2.922.13| 94,072| 07-Jul-2021| 09:08| x86 \nMicrosoft.exchange.infoworker.common.dll| 15.2.922.13| 1,840,528| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.infoworker.eventlog.dll| 15.2.922.13| 71,560| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.infoworker.meetingvalidator.dll| 15.2.922.13| 175,504| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.instantmessaging.dll| 15.2.922.13| 45,968| 07-Jul-2021| 08:59| x86 \nMicrosoft.exchange.irm.formprotector.dll| 15.2.922.13| 159,600| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.irm.msoprotector.dll| 15.2.922.13| 51,088| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.irm.ofcprotector.dll| 15.2.922.13| 45,968| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.isam.databasemanager.dll| 15.2.922.13| 32,136| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.isam.esebcli.dll| 15.2.922.13| 100,216| 07-Jul-2021| 09:10| x64 \nMicrosoft.exchange.jobqueue.eventlog.dll| 15.2.922.13| 13,192| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.jobqueueservicelet.dll| 15.2.922.13| 271,240| 07-Jul-2021| 11:12| x86 \nMicrosoft.exchange.killswitch.dll| 15.2.922.13| 22,416| 07-Jul-2021| 08:59| x86 \nMicrosoft.exchange.killswitchconfiguration.dll| 15.2.922.13| 33,672| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.loganalyzer.analyzers.auditing.dll| 15.2.922.13| 18,304| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.analyzers.certificatelog.dll| 15.2.922.13| 15,240| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.analyzers.cmdletinfralog.dll| 15.2.922.13| 27,536| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.analyzers.easlog.dll| 15.2.922.13| 30,584| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ecplog.dll| 15.2.922.13| 22,408| 07-Jul-2021| 09:08| x86 \nMicrosoft.exchange.loganalyzer.analyzers.eventlog.dll| 15.2.922.13| 66,448| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ewslog.dll| 15.2.922.13| 29,560| 07-Jul-2021| 09:10| x86 \nMicrosoft.exchange.loganalyzer.analyzers.griffinperfcounter.dll| 15.2.922.13| 19,848| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.loganalyzer.analyzers.groupescalationlog.dll| 15.2.922.13| 20,368| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.analyzers.httpproxylog.dll| 15.2.922.13| 19,336| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.loganalyzer.analyzers.hxservicelog.dll| 15.2.922.13| 34,168| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.loganalyzer.analyzers.iislog.dll| 15.2.922.13| 103,816| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.analyzers.lameventlog.dll| 15.2.922.13| 31,608| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.loganalyzer.analyzers.migrationlog.dll| 15.2.922.13| 15,736| 07-Jul-2021| 09:08| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oabdownloadlog.dll| 15.2.922.13| 20,872| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oauthcafelog.dll| 15.2.922.13| 16,264| 07-Jul-2021| 09:12| x86 \nMicrosoft.exchange.loganalyzer.analyzers.outlookservicelog.dll| 15.2.922.13| 49,016| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owaclientlog.dll| 15.2.922.13| 44,432| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owalog.dll| 15.2.922.13| 38,264| 07-Jul-2021| 09:10| x86 \nMicrosoft.exchange.loganalyzer.analyzers.perflog.dll| 15.2.922.13| 10,375,032| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.loganalyzer.analyzers.pfassistantlog.dll| 15.2.922.13| 29,064| 07-Jul-2021| 09:08| x86 \nMicrosoft.exchange.loganalyzer.analyzers.rca.dll| 15.2.922.13| 21,384| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.analyzers.restlog.dll| 15.2.922.13| 24,456| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.loganalyzer.analyzers.store.dll| 15.2.922.13| 15,240| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.loganalyzer.analyzers.transportsynchealthlog.dll| 15.2.922.13| 21,904| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.core.dll| 15.2.922.13| 89,480| 07-Jul-2021| 08:59| x86 \nMicrosoft.exchange.loganalyzer.extensions.auditing.dll| 15.2.922.13| 20,880| 07-Jul-2021| 09:08| x86 \nMicrosoft.exchange.loganalyzer.extensions.certificatelog.dll| 15.2.922.13| 26,504| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.extensions.cmdletinfralog.dll| 15.2.922.13| 21,392| 07-Jul-2021| 09:08| x86 \nMicrosoft.exchange.loganalyzer.extensions.common.dll| 15.2.922.13| 28,048| 07-Jul-2021| 09:08| x86 \nMicrosoft.exchange.loganalyzer.extensions.easlog.dll| 15.2.922.13| 28,560| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.extensions.errordetection.dll| 15.2.922.13| 36,240| 07-Jul-2021| 09:08| x86 \nMicrosoft.exchange.loganalyzer.extensions.ewslog.dll| 15.2.922.13| 16,784| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.extensions.griffinperfcounter.dll| 15.2.922.13| 19,848| 07-Jul-2021| 09:08| x86 \nMicrosoft.exchange.loganalyzer.extensions.groupescalationlog.dll| 15.2.922.13| 15,248| 07-Jul-2021| 09:08| x86 \nMicrosoft.exchange.loganalyzer.extensions.httpproxylog.dll| 15.2.922.13| 17,296| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.extensions.hxservicelog.dll| 15.2.922.13| 19,848| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.extensions.iislog.dll| 15.2.922.13| 57,232| 07-Jul-2021| 09:08| x86 \nMicrosoft.exchange.loganalyzer.extensions.migrationlog.dll| 15.2.922.13| 17,808| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.extensions.oabdownloadlog.dll| 15.2.922.13| 18,832| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.loganalyzer.extensions.oauthcafelog.dll| 15.2.922.13| 16,272| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.extensions.outlookservicelog.dll| 15.2.922.13| 17,800| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.extensions.owaclientlog.dll| 15.2.922.13| 15,248| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.extensions.owalog.dll| 15.2.922.13| 15,248| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.extensions.perflog.dll| 15.2.922.13| 52,624| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.extensions.pfassistantlog.dll| 15.2.922.13| 18,296| 07-Jul-2021| 09:08| x86 \nMicrosoft.exchange.loganalyzer.extensions.rca.dll| 15.2.922.13| 34,192| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.extensions.restlog.dll| 15.2.922.13| 17,288| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.loganalyzer.extensions.store.dll| 15.2.922.13| 18,832| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.extensions.transportsynchealthlog.dll| 15.2.922.13| 43,408| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loguploader.dll| 15.2.922.13| 165,240| 07-Jul-2021| 09:34| x86 \nMicrosoft.exchange.loguploaderproxy.dll| 15.2.922.13| 54,664| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.mailboxassistants.assistants.dll| 15.2.922.13| 9,059,728| 07-Jul-2021| 11:40| x86 \nMicrosoft.exchange.mailboxassistants.attachmentthumbnail.dll| 15.2.922.13| 33,168| 07-Jul-2021| 10:15| x86 \nMicrosoft.exchange.mailboxassistants.common.dll| 15.2.922.13| 124,304| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.mailboxassistants.crimsonevents.dll| 15.2.922.13| 82,832| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.mailboxassistants.eventlog.dll| 15.2.922.13| 14,208| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.mailboxassistants.rightsmanagement.dll| 15.2.922.13| 30,072| 07-Jul-2021| 10:34| x86 \nMicrosoft.exchange.mailboxloadbalance.dll| 15.2.922.13| 661,384| 07-Jul-2021| 10:46| x86 \nMicrosoft.exchange.mailboxloadbalance.serverstrings.dll| 15.2.922.13| 63,352| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.mailboxreplicationservice.calendarsyncprovider.dll| 15.2.922.13| 175,480| 07-Jul-2021| 10:36| x86 \nMicrosoft.exchange.mailboxreplicationservice.common.dll| 15.2.922.13| 2,791,824| 07-Jul-2021| 10:34| x86 \nMicrosoft.exchange.mailboxreplicationservice.complianceprovider.dll| 15.2.922.13| 53,112| 07-Jul-2021| 10:36| x86 \nMicrosoft.exchange.mailboxreplicationservice.contactsyncprovider.dll| 15.2.922.13| 151,928| 07-Jul-2021| 10:37| x86 \nMicrosoft.exchange.mailboxreplicationservice.dll| 15.2.922.13| 967,048| 07-Jul-2021| 10:44| x86 \nMicrosoft.exchange.mailboxreplicationservice.easprovider.dll| 15.2.922.13| 185,208| 07-Jul-2021| 10:36| x86 \nMicrosoft.exchange.mailboxreplicationservice.eventlog.dll| 15.2.922.13| 31,632| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.mailboxreplicationservice.googledocprovider.dll| 15.2.922.13| 39,800| 07-Jul-2021| 10:36| x86 \nMicrosoft.exchange.mailboxreplicationservice.imapprovider.dll| 15.2.922.13| 105,848| 07-Jul-2021| 10:36| x86 \nMicrosoft.exchange.mailboxreplicationservice.mapiprovider.dll| 15.2.922.13| 95,096| 07-Jul-2021| 10:36| x86 \nMicrosoft.exchange.mailboxreplicationservice.popprovider.dll| 15.2.922.13| 43,384| 07-Jul-2021| 10:36| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyclient.dll| 15.2.922.13| 18,824| 07-Jul-2021| 09:34| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyservice.dll| 15.2.922.13| 172,920| 07-Jul-2021| 10:44| x86 \nMicrosoft.exchange.mailboxreplicationservice.pstprovider.dll| 15.2.922.13| 102,776| 07-Jul-2021| 10:36| x86 \nMicrosoft.exchange.mailboxreplicationservice.remoteprovider.dll| 15.2.922.13| 98,680| 07-Jul-2021| 10:37| x86 \nMicrosoft.exchange.mailboxreplicationservice.storageprovider.dll| 15.2.922.13| 188,808| 07-Jul-2021| 10:40| x86 \nMicrosoft.exchange.mailboxreplicationservice.syncprovider.dll| 15.2.922.13| 43,400| 07-Jul-2021| 10:39| x86 \nMicrosoft.exchange.mailboxreplicationservice.xml.dll| 15.2.922.13| 447,376| 07-Jul-2021| 08:59| x86 \nMicrosoft.exchange.mailboxreplicationservice.xrmprovider.dll| 15.2.922.13| 89,976| 07-Jul-2021| 10:42| x86 \nMicrosoft.exchange.mailboxtransport.monitoring.dll| 15.2.922.13| 107,912| 07-Jul-2021| 11:49| x86 \nMicrosoft.exchange.mailboxtransport.storedriveragents.dll| 15.2.922.13| 371,064| 07-Jul-2021| 10:45| x86 \nMicrosoft.exchange.mailboxtransport.storedrivercommon.dll| 15.2.922.13| 193,912| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.dll| 15.2.922.13| 552,328| 07-Jul-2021| 10:33| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.eventlog.dll| 15.2.922.13| 16,264| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.mailboxtransport.submission.eventlog.dll| 15.2.922.13| 15,736| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.dll| 15.2.922.13| 321,416| 07-Jul-2021| 10:40| x86 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.eventlog.dll| 15.2.922.13| 17,800| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.mailboxtransport.syncdelivery.dll| 15.2.922.13| 45,432| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.dll| 15.2.922.13| 18,312| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.eventlog.dll| 15.2.922.13| 12,680| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.managedlexruntime.mppgruntime.dll| 15.2.922.13| 20,880| 07-Jul-2021| 08:59| x86 \nMicrosoft.exchange.management.activedirectory.dll| 15.2.922.13| 415,120| 07-Jul-2021| 10:12| x86 \nMicrosoft.exchange.management.classificationdefinitions.dll| 15.2.922.13| 1,269,624| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.management.compliancepolicy.dll| 15.2.922.13| 41,848| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.management.controlpanel.basics.dll| 15.2.922.13| 433,528| 07-Jul-2021| 09:11| x86 \nMicrosoft.exchange.management.controlpanel.dll| 15.2.922.13| 4,566,392| 07-Jul-2021| 12:42| x86 \nMicrosoft.exchange.management.controlpanel.owaoptionstrings.dll| 15.2.922.13| 260,984| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.management.controlpanelmsg.dll| 15.2.922.13| 33,656| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.management.deployment.analysis.dll| 15.2.922.13| 94,072| 07-Jul-2021| 09:34| x86 \nMicrosoft.exchange.management.deployment.dll| 15.2.922.13| 586,120| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.management.deployment.xml.dll| 15.2.922.13| 3,543,440| 07-Jul-2021| 09:10| x86 \nMicrosoft.exchange.management.detailstemplates.dll| 15.2.922.13| 67,976| 07-Jul-2021| 11:14| x86 \nMicrosoft.exchange.management.dll| 15.2.922.13| 16,498,056| 07-Jul-2021| 10:56| x86 \nMicrosoft.exchange.management.edge.systemmanager.dll| 15.2.922.13| 58,760| 07-Jul-2021| 11:03| x86 \nMicrosoft.exchange.management.infrastructure.asynchronoustask.dll| 15.2.922.13| 23,952| 07-Jul-2021| 11:03| x86 \nMicrosoft.exchange.management.jitprovisioning.dll| 15.2.922.13| 101,760| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.management.migration.dll| 15.2.922.13| 544,120| 07-Jul-2021| 10:58| x86 \nMicrosoft.exchange.management.mobility.dll| 15.2.922.13| 305,016| 07-Jul-2021| 11:01| x86 \nMicrosoft.exchange.management.nativeresources.dll| 15.2.922.13| 273,800| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.management.powershell.support.dll| 15.2.922.13| 418,696| 07-Jul-2021| 11:01| x86 \nMicrosoft.exchange.management.provisioning.dll| 15.2.922.13| 275,832| 07-Jul-2021| 11:05| x86 \nMicrosoft.exchange.management.psdirectinvoke.dll| 15.2.922.13| 70,544| 07-Jul-2021| 11:08| x86 \nMicrosoft.exchange.management.rbacdefinition.dll| 15.2.922.13| 7,874,448| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.management.recipient.dll| 15.2.922.13| 1,501,576| 07-Jul-2021| 11:01| x86 \nMicrosoft.exchange.management.snapin.esm.dll| 15.2.922.13| 71,552| 07-Jul-2021| 11:03| x86 \nMicrosoft.exchange.management.systemmanager.dll| 15.2.922.13| 1,301,368| 07-Jul-2021| 10:59| x86 \nMicrosoft.exchange.management.transport.dll| 15.2.922.13| 1,876,368| 07-Jul-2021| 11:05| x86 \nMicrosoft.exchange.managementgui.dll| 15.2.922.13| 5,366,648| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.managementmsg.dll| 15.2.922.13| 36,240| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.mapihttpclient.dll| 15.2.922.13| 117,640| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.mapihttphandler.dll| 15.2.922.13| 209,808| 07-Jul-2021| 11:03| x86 \nMicrosoft.exchange.messagesecurity.dll| 15.2.922.13| 79,736| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.messagesecurity.messagesecuritymsg.dll| 15.2.922.13| 17,272| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.messagingpolicies.dlppolicyagent.dll| 15.2.922.13| 156,040| 07-Jul-2021| 10:37| x86 \nMicrosoft.exchange.messagingpolicies.edgeagents.dll| 15.2.922.13| 65,912| 07-Jul-2021| 10:37| x86 \nMicrosoft.exchange.messagingpolicies.eventlog.dll| 15.2.922.13| 30,608| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.messagingpolicies.filtering.dll| 15.2.922.13| 58,232| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.messagingpolicies.hygienerules.dll| 15.2.922.13| 29,584| 07-Jul-2021| 10:38| x86 \nMicrosoft.exchange.messagingpolicies.journalagent.dll| 15.2.922.13| 175,504| 07-Jul-2021| 10:38| x86 \nMicrosoft.exchange.messagingpolicies.redirectionagent.dll| 15.2.922.13| 28,560| 07-Jul-2021| 10:38| x86 \nMicrosoft.exchange.messagingpolicies.retentionpolicyagent.dll| 15.2.922.13| 75,144| 07-Jul-2021| 10:39| x86 \nMicrosoft.exchange.messagingpolicies.rmsvcagent.dll| 15.2.922.13| 207,248| 07-Jul-2021| 10:38| x86 \nMicrosoft.exchange.messagingpolicies.rules.dll| 15.2.922.13| 440,696| 07-Jul-2021| 10:34| x86 \nMicrosoft.exchange.messagingpolicies.supervisoryreviewagent.dll| 15.2.922.13| 83,336| 07-Jul-2021| 10:38| x86 \nMicrosoft.exchange.messagingpolicies.transportruleagent.dll| 15.2.922.13| 35,216| 07-Jul-2021| 10:37| x86 \nMicrosoft.exchange.messagingpolicies.unifiedpolicycommon.dll| 15.2.922.13| 53,112| 07-Jul-2021| 10:37| x86 \nMicrosoft.exchange.messagingpolicies.unjournalagent.dll| 15.2.922.13| 96,656| 07-Jul-2021| 10:38| x86 \nMicrosoft.exchange.migration.dll| 15.2.922.13| 1,110,392| 07-Jul-2021| 10:42| x86 \nMicrosoft.exchange.migrationworkflowservice.eventlog.dll| 15.2.922.13| 14,712| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.mobiledriver.dll| 15.2.922.13| 135,568| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.monitoring.activemonitoring.local.components.dll| 15.2.922.13| 5,064,048| 07-Jul-2021| 11:44| x86 \nMicrosoft.exchange.monitoring.servicecontextprovider.dll| 15.2.922.13| 19,832| 07-Jul-2021| 09:40| x86 \nMicrosoft.exchange.mrsmlbconfiguration.dll| 15.2.922.13| 68,496| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.net.dll| 15.2.922.13| 5,086,096| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.net.rightsmanagement.dll| 15.2.922.13| 265,616| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.networksettings.dll| 15.2.922.13| 37,768| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.notifications.broker.eventlog.dll| 15.2.922.13| 14,216| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.notifications.broker.exe| 15.2.922.13| 549,776| 07-Jul-2021| 11:36| x86 \nMicrosoft.exchange.oabauthmodule.dll| 15.2.922.13| 22,904| 07-Jul-2021| 10:14| x86 \nMicrosoft.exchange.oabrequesthandler.dll| 15.2.922.13| 106,360| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.oauth.core.dll| 15.2.922.13| 291,720| 07-Jul-2021| 08:59| x86 \nMicrosoft.exchange.objectstoreclient.dll| 15.2.922.13| 17,272| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.odata.configuration.dll| 15.2.922.13| 277,896| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.odata.dll| 15.2.922.13| 2,993,544| 07-Jul-2021| 11:33| x86 \nMicrosoft.exchange.officegraph.common.dll| 15.2.922.13| 90,488| 07-Jul-2021| 09:58| x86 \nMicrosoft.exchange.officegraph.grain.dll| 15.2.922.13| 101,768| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.officegraph.graincow.dll| 15.2.922.13| 38,280| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.officegraph.graineventbasedassistants.dll| 15.2.922.13| 45,456| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.officegraph.grainpropagationengine.dll| 15.2.922.13| 58,248| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.officegraph.graintransactionstorage.dll| 15.2.922.13| 147,320| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.officegraph.graintransportdeliveryagent.dll| 15.2.922.13| 26,496| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.officegraph.graphstore.dll| 15.2.922.13| 184,200| 07-Jul-2021| 10:05| x86 \nMicrosoft.exchange.officegraph.permailboxkeys.dll| 15.2.922.13| 26,504| 07-Jul-2021| 10:14| x86 \nMicrosoft.exchange.officegraph.secondarycopyquotamanagement.dll| 15.2.922.13| 38,288| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.officegraph.secondaryshallowcopylocation.dll| 15.2.922.13| 55,672| 07-Jul-2021| 10:14| x86 \nMicrosoft.exchange.officegraph.security.dll| 15.2.922.13| 147,336| 07-Jul-2021| 10:02| x86 \nMicrosoft.exchange.officegraph.semanticgraph.dll| 15.2.922.13| 191,880| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.officegraph.tasklogger.dll| 15.2.922.13| 33,680| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.partitioncache.dll| 15.2.922.13| 28,024| 07-Jul-2021| 09:10| x86 \nMicrosoft.exchange.passivemonitoringsettings.dll| 15.2.922.13| 32,648| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.photogarbagecollectionservicelet.dll| 15.2.922.13| 15,240| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.pop3.eventlog.dll| 15.2.922.13| 17,272| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.pop3.eventlog.dll.fe| 15.2.922.13| 17,272| 07-Jul-2021| 09:09| Not applicable \nMicrosoft.exchange.pop3.exe| 15.2.922.13| 106,896| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.pop3.exe.fe| 15.2.922.13| 106,896| 07-Jul-2021| 10:26| Not applicable \nMicrosoft.exchange.pop3service.exe| 15.2.922.13| 24,968| 07-Jul-2021| 10:13| x86 \nMicrosoft.exchange.pop3service.exe.fe| 15.2.922.13| 24,968| 07-Jul-2021| 10:13| Not applicable \nMicrosoft.exchange.popconfiguration.dl1| 15.2.922.13| 42,888| 07-Jul-2021| 09:33| Not applicable \nMicrosoft.exchange.popimap.core.dll| 15.2.922.13| 264,568| 07-Jul-2021| 10:14| x86 \nMicrosoft.exchange.popimap.core.dll.fe| 15.2.922.13| 264,568| 07-Jul-2021| 10:14| Not applicable \nMicrosoft.exchange.powersharp.dll| 15.2.922.13| 358,264| 07-Jul-2021| 08:59| x86 \nMicrosoft.exchange.powersharp.management.dll| 15.2.922.13| 4,167,056| 07-Jul-2021| 11:08| x86 \nMicrosoft.exchange.powershell.configuration.dll| 15.2.922.13| 308,616| 07-Jul-2021| 11:11| x64 \nMicrosoft.exchange.powershell.rbachostingtools.dll| 15.2.922.13| 41,352| 07-Jul-2021| 11:09| x86 \nMicrosoft.exchange.protectedservicehost.exe| 15.2.922.13| 30,600| 07-Jul-2021| 10:10| x86 \nMicrosoft.exchange.protocols.fasttransfer.dll| 15.2.922.13| 137,096| 07-Jul-2021| 10:33| x86 \nMicrosoft.exchange.protocols.mapi.dll| 15.2.922.13| 441,728| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.provisioning.eventlog.dll| 15.2.922.13| 14,224| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.provisioningagent.dll| 15.2.922.13| 224,632| 07-Jul-2021| 11:01| x86 \nMicrosoft.exchange.provisioningservicelet.dll| 15.2.922.13| 105,848| 07-Jul-2021| 10:58| x86 \nMicrosoft.exchange.pst.dll| 15.2.922.13| 168,840| 07-Jul-2021| 08:59| x86 \nMicrosoft.exchange.pst.dll.deploy| 15.2.922.13| 168,840| 07-Jul-2021| 08:59| Not applicable \nMicrosoft.exchange.pswsclient.dll| 15.2.922.13| 259,448| 07-Jul-2021| 09:10| x86 \nMicrosoft.exchange.publicfolders.dll| 15.2.922.13| 72,072| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.pushnotifications.crimsonevents.dll| 15.2.922.13| 215,944| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.pushnotifications.dll| 15.2.922.13| 106,872| 07-Jul-2021| 10:15| x86 \nMicrosoft.exchange.pushnotifications.publishers.dll| 15.2.922.13| 425,864| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.pushnotifications.server.dll| 15.2.922.13| 70,536| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.query.analysis.dll| 15.2.922.13| 46,456| 07-Jul-2021| 10:44| x86 \nMicrosoft.exchange.query.configuration.dll| 15.2.922.13| 215,944| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.query.core.dll| 15.2.922.13| 168,848| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.query.ranking.dll| 15.2.922.13| 343,416| 07-Jul-2021| 10:44| x86 \nMicrosoft.exchange.query.retrieval.dll| 15.2.922.13| 174,456| 07-Jul-2021| 10:45| x86 \nMicrosoft.exchange.query.suggestions.dll| 15.2.922.13| 95,120| 07-Jul-2021| 10:42| x86 \nMicrosoft.exchange.realtimeanalyticspublisherservicelet.dll| 15.2.922.13| 127,352| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.relevance.core.dll| 15.2.922.13| 63,376| 07-Jul-2021| 08:59| x86 \nMicrosoft.exchange.relevance.data.dll| 15.2.922.13| 36,752| 07-Jul-2021| 09:56| x64 \nMicrosoft.exchange.relevance.mailtagger.dll| 15.2.922.13| 17,784| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.relevance.people.dll| 15.2.922.13| 9,666,960| 07-Jul-2021| 10:39| x86 \nMicrosoft.exchange.relevance.peopleindex.dll| 15.2.922.13| 20,788,104| 07-Jul-2021| 09:35| x64 \nMicrosoft.exchange.relevance.peopleranker.dll| 15.2.922.13| 36,728| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.relevance.perm.dll| 15.2.922.13| 97,680| 07-Jul-2021| 08:59| x64 \nMicrosoft.exchange.relevance.sassuggest.dll| 15.2.922.13| 28,552| 07-Jul-2021| 09:34| x64 \nMicrosoft.exchange.relevance.upm.dll| 15.2.922.13| 72,056| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.routing.client.dll| 15.2.922.13| 15,752| 07-Jul-2021| 09:34| x86 \nMicrosoft.exchange.routing.eventlog.dll| 15.2.922.13| 13,176| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.routing.server.exe| 15.2.922.13| 59,272| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.rpc.dll| 15.2.922.13| 1,647,504| 07-Jul-2021| 09:33| x64 \nMicrosoft.exchange.rpcclientaccess.dll| 15.2.922.13| 209,808| 07-Jul-2021| 10:13| x86 \nMicrosoft.exchange.rpcclientaccess.exmonhandler.dll| 15.2.922.13| 60,304| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.rpcclientaccess.handler.dll| 15.2.922.13| 518,008| 07-Jul-2021| 10:16| x86 \nMicrosoft.exchange.rpcclientaccess.monitoring.dll| 15.2.922.13| 161,160| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.rpcclientaccess.parser.dll| 15.2.922.13| 724,344| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.rpcclientaccess.server.dll| 15.2.922.13| 243,088| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.rpcclientaccess.service.eventlog.dll| 15.2.922.13| 20,872| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.rpcclientaccess.service.exe| 15.2.922.13| 35,216| 07-Jul-2021| 11:03| x86 \nMicrosoft.exchange.rpchttpmodules.dll| 15.2.922.13| 42,384| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.dll| 15.2.922.13| 56,184| 07-Jul-2021| 10:59| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.eventlog.dll| 15.2.922.13| 27,536| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.rules.common.dll| 15.2.922.13| 130,448| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.saclwatcher.eventlog.dll| 15.2.922.13| 14,712| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.saclwatcherservicelet.dll| 15.2.922.13| 20,360| 07-Jul-2021| 10:27| x86 \nMicrosoft.exchange.safehtml.dll| 15.2.922.13| 21,392| 07-Jul-2021| 08:59| x86 \nMicrosoft.exchange.sandbox.activities.dll| 15.2.922.13| 267,640| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.sandbox.contacts.dll| 15.2.922.13| 110,968| 07-Jul-2021| 09:10| x86 \nMicrosoft.exchange.sandbox.core.dll| 15.2.922.13| 112,520| 07-Jul-2021| 08:58| x86 \nMicrosoft.exchange.sandbox.services.dll| 15.2.922.13| 622,456| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.search.bigfunnel.dll| 15.2.922.13| 185,200| 07-Jul-2021| 10:42| x86 \nMicrosoft.exchange.search.bigfunnel.eventlog.dll| 15.2.922.13| 12,152| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.search.blingwrapper.dll| 15.2.922.13| 19,344| 07-Jul-2021| 09:10| x86 \nMicrosoft.exchange.search.core.dll| 15.2.922.13| 211,848| 07-Jul-2021| 10:12| x86 \nMicrosoft.exchange.search.ediscoveryquery.dll| 15.2.922.13| 17,808| 07-Jul-2021| 10:44| x86 \nMicrosoft.exchange.search.engine.dll| 15.2.922.13| 97,672| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.search.fast.configuration.dll| 15.2.922.13| 16,776| 07-Jul-2021| 09:34| x86 \nMicrosoft.exchange.search.fast.dll| 15.2.922.13| 436,600| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.search.files.dll| 15.2.922.13| 274,312| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.search.flighting.dll| 15.2.922.13| 24,968| 07-Jul-2021| 09:34| x86 \nMicrosoft.exchange.search.mdb.dll| 15.2.922.13| 218,000| 07-Jul-2021| 10:16| x86 \nMicrosoft.exchange.search.service.exe| 15.2.922.13| 26,504| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.security.applicationencryption.dll| 15.2.922.13| 221,064| 07-Jul-2021| 10:14| x86 \nMicrosoft.exchange.security.dll| 15.2.922.13| 1,559,416| 07-Jul-2021| 10:11| x86 \nMicrosoft.exchange.security.msarpsservice.exe| 15.2.922.13| 19,832| 07-Jul-2021| 10:13| x86 \nMicrosoft.exchange.security.securitymsg.dll| 15.2.922.13| 28,552| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.server.storage.admininterface.dll| 15.2.922.13| 225,160| 07-Jul-2021| 10:41| x86 \nMicrosoft.exchange.server.storage.common.dll| 15.2.922.13| 5,151,096| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.server.storage.diagnostics.dll| 15.2.922.13| 214,904| 07-Jul-2021| 10:39| x86 \nMicrosoft.exchange.server.storage.directoryservices.dll| 15.2.922.13| 115,592| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.server.storage.esebackinterop.dll| 15.2.922.13| 82,808| 07-Jul-2021| 09:55| x64 \nMicrosoft.exchange.server.storage.eventlog.dll| 15.2.922.13| 80,784| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.server.storage.fulltextindex.dll| 15.2.922.13| 66,424| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.server.storage.ha.dll| 15.2.922.13| 81,296| 07-Jul-2021| 10:34| x86 \nMicrosoft.exchange.server.storage.lazyindexing.dll| 15.2.922.13| 211,848| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.server.storage.logicaldatamodel.dll| 15.2.922.13| 1,341,328| 07-Jul-2021| 10:27| x86 \nMicrosoft.exchange.server.storage.mapidisp.dll| 15.2.922.13| 511,864| 07-Jul-2021| 10:37| x86 \nMicrosoft.exchange.server.storage.multimailboxsearch.dll| 15.2.922.13| 47,488| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.server.storage.physicalaccess.dll| 15.2.922.13| 873,848| 07-Jul-2021| 10:16| x86 \nMicrosoft.exchange.server.storage.propertydefinitions.dll| 15.2.922.13| 1,352,568| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.server.storage.propertytag.dll| 15.2.922.13| 30,584| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.server.storage.rpcproxy.dll| 15.2.922.13| 130,440| 07-Jul-2021| 10:42| x86 \nMicrosoft.exchange.server.storage.storecommonservices.dll| 15.2.922.13| 1,018,752| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.server.storage.storeintegritycheck.dll| 15.2.922.13| 111,496| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.server.storage.workermanager.dll| 15.2.922.13| 34,672| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.server.storage.xpress.dll| 15.2.922.13| 19,336| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.servicehost.eventlog.dll| 15.2.922.13| 14,736| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.servicehost.exe| 15.2.922.13| 60,792| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.dll| 15.2.922.13| 50,576| 07-Jul-2021| 10:11| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.eventlog.dll| 15.2.922.13| 14,200| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.servicelets.unifiedpolicysyncservicelet.eventlog.dll| 15.2.922.13| 14,200| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.services.common.dll| 15.2.922.13| 74,128| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.services.dll| 15.2.922.13| 8,480,632| 07-Jul-2021| 11:16| x86 \nMicrosoft.exchange.services.eventlogs.dll| 15.2.922.13| 30,096| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.services.ewshandler.dll| 15.2.922.13| 633,736| 07-Jul-2021| 11:29| x86 \nMicrosoft.exchange.services.ewsserialization.dll| 15.2.922.13| 1,651,080| 07-Jul-2021| 11:19| x86 \nMicrosoft.exchange.services.json.dll| 15.2.922.13| 296,312| 07-Jul-2021| 11:25| x86 \nMicrosoft.exchange.services.messaging.dll| 15.2.922.13| 43,408| 07-Jul-2021| 11:17| x86 \nMicrosoft.exchange.services.onlinemeetings.dll| 15.2.922.13| 233,336| 07-Jul-2021| 10:13| x86 \nMicrosoft.exchange.services.surface.dll| 15.2.922.13| 178,552| 07-Jul-2021| 11:27| x86 \nMicrosoft.exchange.services.wcf.dll| 15.2.922.13| 348,552| 07-Jul-2021| 11:22| x86 \nMicrosoft.exchange.setup.acquirelanguagepack.dll| 15.2.922.13| 56,712| 07-Jul-2021| 09:34| x86 \nMicrosoft.exchange.setup.bootstrapper.common.dll| 15.2.922.13| 93,072| 07-Jul-2021| 09:34| x86 \nMicrosoft.exchange.setup.common.dll| 15.2.922.13| 296,312| 07-Jul-2021| 11:13| x86 \nMicrosoft.exchange.setup.commonbase.dll| 15.2.922.13| 35,704| 07-Jul-2021| 11:03| x86 \nMicrosoft.exchange.setup.console.dll| 15.2.922.13| 27,024| 07-Jul-2021| 11:16| x86 \nMicrosoft.exchange.setup.gui.dll| 15.2.922.13| 114,552| 07-Jul-2021| 11:16| x86 \nMicrosoft.exchange.setup.parser.dll| 15.2.922.13| 53,624| 07-Jul-2021| 11:01| x86 \nMicrosoft.exchange.setup.signverfwrapper.dll| 15.2.922.13| 75,152| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.sharedcache.caches.dll| 15.2.922.13| 142,728| 07-Jul-2021| 10:09| x86 \nMicrosoft.exchange.sharedcache.client.dll| 15.2.922.13| 24,976| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.sharedcache.eventlog.dll| 15.2.922.13| 15,224| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.sharedcache.exe| 15.2.922.13| 58,744| 07-Jul-2021| 10:11| x86 \nMicrosoft.exchange.sharepointsignalstore.dll| 15.2.922.13| 27,000| 07-Jul-2021| 09:10| x86 \nMicrosoft.exchange.slabmanifest.dll| 15.2.922.13| 46,992| 07-Jul-2021| 08:59| x86 \nMicrosoft.exchange.sqm.dll| 15.2.922.13| 46,984| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.store.service.exe| 15.2.922.13| 28,048| 07-Jul-2021| 10:45| x86 \nMicrosoft.exchange.store.worker.exe| 15.2.922.13| 26,512| 07-Jul-2021| 10:42| x86 \nMicrosoft.exchange.storeobjectsservice.eventlog.dll| 15.2.922.13| 13,712| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.storeobjectsservice.exe| 15.2.922.13| 31,608| 07-Jul-2021| 10:14| x86 \nMicrosoft.exchange.storeprovider.dll| 15.2.922.13| 1,205,128| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.structuredquery.dll| 15.2.922.13| 158,608| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.symphonyhandler.dll| 15.2.922.13| 628,088| 07-Jul-2021| 10:49| x86 \nMicrosoft.exchange.syncmigration.eventlog.dll| 15.2.922.13| 13,176| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.syncmigrationservicelet.dll| 15.2.922.13| 16,272| 07-Jul-2021| 11:01| x86 \nMicrosoft.exchange.systemprobemsg.dll| 15.2.922.13| 13,192| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.textprocessing.dll| 15.2.922.13| 221,560| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.textprocessing.eventlog.dll| 15.2.922.13| 13,688| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.transport.agent.addressbookpolicyroutingagent.dll| 15.2.922.13| 29,048| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.transport.agent.antispam.common.dll| 15.2.922.13| 138,640| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.transport.agent.contentfilter.cominterop.dll| 15.2.922.13| 21,904| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.transport.agent.controlflow.dll| 15.2.922.13| 40,312| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.transport.agent.faultinjectionagent.dll| 15.2.922.13| 22,928| 07-Jul-2021| 10:35| x86 \nMicrosoft.exchange.transport.agent.frontendproxyagent.dll| 15.2.922.13| 21,368| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.transport.agent.hygiene.dll| 15.2.922.13| 212,368| 07-Jul-2021| 10:36| x86 \nMicrosoft.exchange.transport.agent.interceptoragent.dll| 15.2.922.13| 98,704| 07-Jul-2021| 10:36| x86 \nMicrosoft.exchange.transport.agent.liveidauth.dll| 15.2.922.13| 22,920| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.transport.agent.malware.dll| 15.2.922.13| 169,336| 07-Jul-2021| 10:47| x86 \nMicrosoft.exchange.transport.agent.malware.eventlog.dll| 15.2.922.13| 18,320| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.transport.agent.phishingdetection.dll| 15.2.922.13| 20,856| 07-Jul-2021| 10:06| x86 \nMicrosoft.exchange.transport.agent.prioritization.dll| 15.2.922.13| 31,608| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.transport.agent.protocolanalysis.dbaccess.dll| 15.2.922.13| 46,992| 07-Jul-2021| 10:33| x86 \nMicrosoft.exchange.transport.agent.search.dll| 15.2.922.13| 30,096| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.transport.agent.senderid.core.dll| 15.2.922.13| 53,128| 07-Jul-2021| 10:05| x86 \nMicrosoft.exchange.transport.agent.sharedmailboxsentitemsroutingagent.dll| 15.2.922.13| 44,944| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.transport.agent.systemprobedrop.dll| 15.2.922.13| 18,320| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.transport.agent.transportfeatureoverrideagent.dll| 15.2.922.13| 46,472| 07-Jul-2021| 10:39| x86 \nMicrosoft.exchange.transport.agent.trustedmailagents.dll| 15.2.922.13| 46,456| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.transport.cloudmonitor.common.dll| 15.2.922.13| 28,048| 07-Jul-2021| 09:10| x86 \nMicrosoft.exchange.transport.common.dll| 15.2.922.13| 457,080| 07-Jul-2021| 09:58| x86 \nMicrosoft.exchange.transport.contracts.dll| 15.2.922.13| 18,296| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.transport.decisionengine.dll| 15.2.922.13| 30,592| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.transport.dll| 15.2.922.13| 4,183,952| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.transport.dsapiclient.dll| 15.2.922.13| 182,136| 07-Jul-2021| 09:59| x86 \nMicrosoft.exchange.transport.eventlog.dll| 15.2.922.13| 121,720| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.transport.extensibility.dll| 15.2.922.13| 403,848| 07-Jul-2021| 10:02| x86 \nMicrosoft.exchange.transport.extensibilityeventlog.dll| 15.2.922.13| 14,736| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.transport.flighting.dll| 15.2.922.13| 90,000| 07-Jul-2021| 09:34| x86 \nMicrosoft.exchange.transport.logging.dll| 15.2.922.13| 88,960| 07-Jul-2021| 09:59| x86 \nMicrosoft.exchange.transport.logging.search.dll| 15.2.922.13| 68,472| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.transport.loggingcommon.dll| 15.2.922.13| 63,376| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.transport.monitoring.dll| 15.2.922.13| 430,480| 07-Jul-2021| 11:47| x86 \nMicrosoft.exchange.transport.net.dll| 15.2.922.13| 122,232| 07-Jul-2021| 10:14| x86 \nMicrosoft.exchange.transport.protocols.contracts.dll| 15.2.922.13| 17,808| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.transport.protocols.dll| 15.2.922.13| 29,056| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.transport.protocols.httpsubmission.dll| 15.2.922.13| 60,792| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.transport.requestbroker.dll| 15.2.922.13| 50,040| 07-Jul-2021| 09:10| x86 \nMicrosoft.exchange.transport.scheduler.contracts.dll| 15.2.922.13| 33,144| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.transport.scheduler.dll| 15.2.922.13| 113,024| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.transport.smtpshared.dll| 15.2.922.13| 18,296| 07-Jul-2021| 09:10| x86 \nMicrosoft.exchange.transport.storage.contracts.dll| 15.2.922.13| 52,088| 07-Jul-2021| 10:16| x86 \nMicrosoft.exchange.transport.storage.dll| 15.2.922.13| 675,184| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.transport.storage.management.dll| 15.2.922.13| 23,952| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.transport.sync.agents.dll| 15.2.922.13| 17,808| 07-Jul-2021| 10:39| x86 \nMicrosoft.exchange.transport.sync.common.dll| 15.2.922.13| 487,280| 07-Jul-2021| 10:38| x86 \nMicrosoft.exchange.transport.sync.common.eventlog.dll| 15.2.922.13| 12,680| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.transport.sync.manager.dll| 15.2.922.13| 306,064| 07-Jul-2021| 10:40| x86 \nMicrosoft.exchange.transport.sync.manager.eventlog.dll| 15.2.922.13| 15,760| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.transport.sync.migrationrpc.dll| 15.2.922.13| 46,456| 07-Jul-2021| 10:39| x86 \nMicrosoft.exchange.transport.sync.worker.dll| 15.2.922.13| 1,044,344| 07-Jul-2021| 10:41| x86 \nMicrosoft.exchange.transport.sync.worker.eventlog.dll| 15.2.922.13| 15,224| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.transportlogsearch.eventlog.dll| 15.2.922.13| 18,824| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.transportsyncmanagersvc.exe| 15.2.922.13| 18,832| 07-Jul-2021| 10:42| x86 \nMicrosoft.exchange.um.troubleshootingtool.shared.dll| 15.2.922.13| 118,664| 07-Jul-2021| 09:12| x86 \nMicrosoft.exchange.um.umcommon.dll| 15.2.922.13| 924,560| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.um.umcore.dll| 15.2.922.13| 1,469,312| 07-Jul-2021| 10:34| x86 \nMicrosoft.exchange.um.umvariantconfiguration.dll| 15.2.922.13| 32,648| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.unifiedcontent.dll| 15.2.922.13| 41,848| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.unifiedcontent.exchange.dll| 15.2.922.13| 24,976| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.unifiedpolicyfilesync.eventlog.dll| 15.2.922.13| 15,248| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.unifiedpolicyfilesyncservicelet.dll| 15.2.922.13| 83,336| 07-Jul-2021| 10:58| x86 \nMicrosoft.exchange.unifiedpolicysyncservicelet.dll| 15.2.922.13| 50,056| 07-Jul-2021| 10:58| x86 \nMicrosoft.exchange.variantconfiguration.antispam.dll| 15.2.922.13| 658,824| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.variantconfiguration.core.dll| 15.2.922.13| 186,256| 07-Jul-2021| 08:59| x86 \nMicrosoft.exchange.variantconfiguration.dll| 15.2.922.13| 67,464| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.variantconfiguration.eventlog.dll| 15.2.922.13| 12,688| 07-Jul-2021| 09:08| x64 \nMicrosoft.exchange.variantconfiguration.excore.dll| 15.2.922.13| 56,712| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.variantconfiguration.globalsettings.dll| 15.2.922.13| 28,032| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.variantconfiguration.hygiene.dll| 15.2.922.13| 120,712| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.variantconfiguration.protectionservice.dll| 15.2.922.13| 31,624| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.variantconfiguration.threatintel.dll| 15.2.922.13| 57,224| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.webservices.auth.dll| 15.2.922.13| 35,720| 07-Jul-2021| 08:59| x86 \nMicrosoft.exchange.webservices.dll| 15.2.922.13| 1,054,072| 07-Jul-2021| 08:59| x86 \nMicrosoft.exchange.webservices.xrm.dll| 15.2.922.13| 67,984| 07-Jul-2021| 09:08| x86 \nMicrosoft.exchange.wlmservicelet.dll| 15.2.922.13| 23,424| 07-Jul-2021| 10:27| x86 \nMicrosoft.exchange.wopiclient.dll| 15.2.922.13| 77,176| 07-Jul-2021| 09:10| x86 \nMicrosoft.exchange.workingset.signalapi.dll| 15.2.922.13| 17,296| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.workingsetabstraction.signalapiabstraction.dll| 15.2.922.13| 29,048| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.workloadmanagement.dll| 15.2.922.13| 505,208| 07-Jul-2021| 10:10| x86 \nMicrosoft.exchange.workloadmanagement.eventlogs.dll| 15.2.922.13| 14,736| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.workloadmanagement.throttling.configuration.dll| 15.2.922.13| 36,744| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.workloadmanagement.throttling.dll| 15.2.922.13| 66,424| 07-Jul-2021| 10:14| x86 \nMicrosoft.fast.contextlogger.json.dll| 15.2.922.13| 19,344| 07-Jul-2021| 08:59| x86 \nMicrosoft.filtering.dll| 15.2.922.13| 113,016| 07-Jul-2021| 09:33| x86 \nMicrosoft.filtering.exchange.dll| 15.2.922.13| 57,232| 07-Jul-2021| 10:32| x86 \nMicrosoft.filtering.interop.dll| 15.2.922.13| 15,224| 07-Jul-2021| 09:33| x86 \nMicrosoft.forefront.activedirectoryconnector.dll| 15.2.922.13| 46,992| 07-Jul-2021| 09:55| x86 \nMicrosoft.forefront.activedirectoryconnector.eventlog.dll| 15.2.922.13| 15,752| 07-Jul-2021| 09:09| x64 \nMicrosoft.forefront.filtering.common.dll| 15.2.922.13| 23,952| 07-Jul-2021| 09:09| x86 \nMicrosoft.forefront.filtering.diagnostics.dll| 15.2.922.13| 22,400| 07-Jul-2021| 08:59| x86 \nMicrosoft.forefront.filtering.eventpublisher.dll| 15.2.922.13| 34,696| 07-Jul-2021| 09:08| x86 \nMicrosoft.forefront.management.powershell.format.ps1xml| Not applicable| 48,890| 07-Jul-2021| 11:11| Not applicable \nMicrosoft.forefront.management.powershell.types.ps1xml| Not applicable| 16,270| 07-Jul-2021| 11:11| Not applicable \nMicrosoft.forefront.monitoring.activemonitoring.local.components.dll| 15.2.922.13| 1,518,480| 07-Jul-2021| 11:49| x86 \nMicrosoft.forefront.monitoring.activemonitoring.local.components.messages.dll| 15.2.922.13| 13,192| 07-Jul-2021| 09:09| x64 \nMicrosoft.forefront.monitoring.management.outsidein.dll| 15.2.922.13| 33,168| 07-Jul-2021| 11:32| x86 \nMicrosoft.forefront.recoveryactionarbiter.contract.dll| 15.2.922.13| 18,320| 07-Jul-2021| 08:58| x86 \nMicrosoft.forefront.reporting.common.dll| 15.2.922.13| 46,456| 07-Jul-2021| 10:32| x86 \nMicrosoft.forefront.reporting.ondemandquery.dll| 15.2.922.13| 50,568| 07-Jul-2021| 10:32| x86 \nMicrosoft.isam.esent.collections.dll| 15.2.922.13| 72,592| 07-Jul-2021| 09:34| x86 \nMicrosoft.isam.esent.interop.dll| 15.2.922.13| 541,584| 07-Jul-2021| 09:11| x86 \nMicrosoft.managementgui.dll| 15.2.922.13| 133,504| 07-Jul-2021| 08:59| x86 \nMicrosoft.mce.interop.dll| 15.2.922.13| 24,464| 07-Jul-2021| 08:59| x86 \nMicrosoft.office.audit.dll| 15.2.922.13| 124,816| 07-Jul-2021| 08:59| x86 \nMicrosoft.office.client.discovery.unifiedexport.dll| 15.2.922.13| 593,272| 07-Jul-2021| 09:34| x86 \nMicrosoft.office.common.ipcommonlogger.dll| 15.2.922.13| 42,376| 07-Jul-2021| 09:33| x86 \nMicrosoft.office.compliance.console.core.dll| 15.2.922.13| 218,000| 07-Jul-2021| 12:46| x86 \nMicrosoft.office.compliance.console.dll| 15.2.922.13| 854,904| 07-Jul-2021| 13:15| x86 \nMicrosoft.office.compliance.console.extensions.dll| 15.2.922.13| 485,752| 07-Jul-2021| 12:51| x86 \nMicrosoft.office.compliance.core.dll| 15.2.922.13| 413,056| 07-Jul-2021| 09:34| x86 \nMicrosoft.office.compliance.ingestion.dll| 15.2.922.13| 36,232| 07-Jul-2021| 09:33| x86 \nMicrosoft.office.compliancepolicy.exchange.dar.dll| 15.2.922.13| 85,368| 07-Jul-2021| 10:27| x86 \nMicrosoft.office.compliancepolicy.platform.dll| 15.2.922.13| 1,782,160| 07-Jul-2021| 09:10| x86 \nMicrosoft.office.datacenter.activemonitoring.management.common.dll| 15.2.922.13| 49,528| 07-Jul-2021| 10:26| x86 \nMicrosoft.office.datacenter.activemonitoring.management.dll| 15.2.922.13| 27,528| 07-Jul-2021| 10:32| x86 \nMicrosoft.office.datacenter.activemonitoringlocal.dll| 15.2.922.13| 174,984| 07-Jul-2021| 09:34| x86 \nMicrosoft.office.datacenter.monitoring.activemonitoring.recovery.dll| 15.2.922.13| 165,776| 07-Jul-2021| 09:58| x86 \nMicrosoft.office365.datainsights.uploader.dll| 15.2.922.13| 40,336| 07-Jul-2021| 08:59| x86 \nMicrosoft.online.box.shell.dll| 15.2.922.13| 46,456| 07-Jul-2021| 08:59| x86 \nMicrosoft.powershell.hostingtools.dll| 15.2.922.13| 67,984| 07-Jul-2021| 08:59| x86 \nMicrosoft.powershell.hostingtools_2.dll| 15.2.922.13| 67,984| 07-Jul-2021| 08:59| x86 \nMicrosoft.tailoredexperiences.core.dll| 15.2.922.13| 120,184| 07-Jul-2021| 09:33| x86 \nMigrateumcustomprompts.ps1| Not applicable| 19,142| 07-Jul-2021| 09:10| Not applicable \nModernpublicfoldertomailboxmapgenerator.ps1| Not applicable| 29,084| 07-Jul-2021| 09:10| Not applicable \nMovemailbox.ps1| Not applicable| 61,180| 07-Jul-2021| 09:10| Not applicable \nMovetransportdatabase.ps1| Not applicable| 30,622| 07-Jul-2021| 09:10| Not applicable \nMove_publicfolderbranch.ps1| Not applicable| 17,552| 07-Jul-2021| 09:10| Not applicable \nMpgearparser.dll| 15.2.922.13| 99,720| 07-Jul-2021| 09:09| x64 \nMsclassificationadapter.dll| 15.2.922.13| 248,712| 07-Jul-2021| 09:08| x64 \nMsexchangecompliance.exe| 15.2.922.13| 78,712| 07-Jul-2021| 10:49| x86 \nMsexchangedagmgmt.exe| 15.2.922.13| 25,480| 07-Jul-2021| 10:38| x86 \nMsexchangedelivery.exe| 15.2.922.13| 38,800| 07-Jul-2021| 10:36| x86 \nMsexchangefrontendtransport.exe| 15.2.922.13| 31,608| 07-Jul-2021| 10:32| x86 \nMsexchangehmhost.exe| 15.2.922.13| 27,024| 07-Jul-2021| 11:49| x86 \nMsexchangehmrecovery.exe| 15.2.922.13| 29,560| 07-Jul-2021| 09:56| x86 \nMsexchangemailboxassistants.exe| 15.2.922.13| 72,568| 07-Jul-2021| 10:34| x86 \nMsexchangemailboxreplication.exe| 15.2.922.13| 20,864| 07-Jul-2021| 10:46| x86 \nMsexchangemigrationworkflow.exe| 15.2.922.13| 69,000| 07-Jul-2021| 10:50| x86 \nMsexchangerepl.exe| 15.2.922.13| 71,032| 07-Jul-2021| 10:37| x86 \nMsexchangesubmission.exe| 15.2.922.13| 123,256| 07-Jul-2021| 10:43| x86 \nMsexchangethrottling.exe| 15.2.922.13| 39,808| 07-Jul-2021| 09:55| x86 \nMsexchangetransport.exe| 15.2.922.13| 74,120| 07-Jul-2021| 09:55| x86 \nMsexchangetransportlogsearch.exe| 15.2.922.13| 139,152| 07-Jul-2021| 10:32| x86 \nMsexchangewatchdog.exe| 15.2.922.13| 55,688| 07-Jul-2021| 09:09| x64 \nMspatchlinterop.dll| 15.2.922.13| 53,640| 07-Jul-2021| 09:12| x64 \nNativehttpproxy.dll| 15.2.922.13| 91,536| 07-Jul-2021| 09:09| x64 \nNavigatorparser.dll| 15.2.922.13| 636,808| 07-Jul-2021| 09:08| x64 \nNego2nativeinterface.dll| 15.2.922.13| 19,328| 07-Jul-2021| 09:09| x64 \nNegotiateclientcertificatemodule.dll| 15.2.922.13| 30,072| 07-Jul-2021| 09:08| x64 \nNewtestcasconnectivityuser.ps1| Not applicable| 19,784| 07-Jul-2021| 09:10| Not applicable \nNewtestcasconnectivityuserhosting.ps1| Not applicable| 24,599| 07-Jul-2021| 09:10| Not applicable \nNtspxgen.dll| 15.2.922.13| 80,784| 07-Jul-2021| 09:09| x64 \nOleconverter.exe| 15.2.922.13| 173,968| 07-Jul-2021| 09:09| x64 \nOutsideinmodule.dll| 15.2.922.13| 87,952| 07-Jul-2021| 09:09| x64 \nOwaauth.dll| 15.2.922.13| 92,048| 07-Jul-2021| 09:08| x64 \nPerf_common_extrace.dll| 15.2.922.13| 245,112| 07-Jul-2021| 08:59| x64 \nPerf_exchmem.dll| 15.2.922.13| 86,408| 07-Jul-2021| 09:08| x64 \nPipeline2.dll| 15.2.922.13| 1,454,472| 07-Jul-2021| 09:34| x64 \nPreparemoverequesthosting.ps1| Not applicable| 71,015| 07-Jul-2021| 09:10| Not applicable \nPrepare_moverequest.ps1| Not applicable| 73,249| 07-Jul-2021| 09:10| Not applicable \nProductinfo.managed.dll| 15.2.922.13| 27,024| 07-Jul-2021| 08:59| x86 \nProxybinclientsstringsdll| 15.2.922.13| 924,552| 07-Jul-2021| 09:09| x86 \nPublicfoldertomailboxmapgenerator.ps1| Not applicable| 23,258| 07-Jul-2021| 09:10| Not applicable \nQuietexe.exe| 15.2.922.13| 14,736| 07-Jul-2021| 09:09| x86 \nRedistributeactivedatabases.ps1| Not applicable| 250,524| 07-Jul-2021| 09:09| Not applicable \nReinstalldefaulttransportagents.ps1| Not applicable| 21,675| 07-Jul-2021| 11:05| Not applicable \nRemoteexchange.ps1| Not applicable| 23,573| 07-Jul-2021| 11:10| Not applicable \nRemoveuserfrompfrecursive.ps1| Not applicable| 14,704| 07-Jul-2021| 09:10| Not applicable \nReplaceuserpermissiononpfrecursive.ps1| Not applicable| 15,022| 07-Jul-2021| 09:10| Not applicable \nReplaceuserwithuseronpfrecursive.ps1| Not applicable| 15,032| 07-Jul-2021| 09:10| Not applicable \nReplaycrimsonmsg.dll| 15.2.922.13| 1,104,776| 07-Jul-2021| 08:59| x64 \nResetattachmentfilterentry.ps1| Not applicable| 15,496| 07-Jul-2021| 11:05| Not applicable \nResetcasservice.ps1| Not applicable| 21,707| 07-Jul-2021| 09:10| Not applicable \nReset_antispamupdates.ps1| Not applicable| 14,081| 07-Jul-2021| 09:09| Not applicable \nRestoreserveronprereqfailure.ps1| Not applicable| 15,161| 07-Jul-2021| 09:34| Not applicable \nResumemailboxdatabasecopy.ps1| Not applicable| 17,230| 07-Jul-2021| 09:09| Not applicable \nRightsmanagementwrapper.dll| 15.2.922.13| 86,392| 07-Jul-2021| 09:10| x64 \nRollalternateserviceaccountpassword.ps1| Not applicable| 55,810| 07-Jul-2021| 09:10| Not applicable \nRpcperf.dll| 15.2.922.13| 23,440| 07-Jul-2021| 09:09| x64 \nRpcproxyshim.dll| 15.2.922.13| 39,288| 07-Jul-2021| 09:10| x64 \nRulesauditmsg.dll| 15.2.922.13| 12,672| 07-Jul-2021| 09:11| x64 \nSafehtmlnativewrapper.dll| 15.2.922.13| 34,680| 07-Jul-2021| 09:09| x64 \nScanenginetest.exe| 15.2.922.13| 956,304| 07-Jul-2021| 09:10| x64 \nScanningprocess.exe| 15.2.922.13| 739,216| 07-Jul-2021| 09:34| x64 \nSearchdiagnosticinfo.ps1| Not applicable| 16,832| 07-Jul-2021| 09:10| Not applicable \nServicecontrol.ps1| Not applicable| 52,349| 07-Jul-2021| 09:33| Not applicable \nSetmailpublicfolderexternaladdress.ps1| Not applicable| 20,774| 07-Jul-2021| 09:10| Not applicable \nSettingsadapter.dll| 15.2.922.13| 116,104| 07-Jul-2021| 09:08| x64 \nSetup.exe| 15.2.922.13| 20,368| 07-Jul-2021| 09:33| x86 \nSetupui.exe| 15.2.922.13| 188,288| 07-Jul-2021| 11:04| x86 \nSplit_publicfoldermailbox.ps1| Not applicable| 52,209| 07-Jul-2021| 09:10| Not applicable \nStartdagservermaintenance.ps1| Not applicable| 27,867| 07-Jul-2021| 09:08| Not applicable \nStatisticsutil.dll| 15.2.922.13| 142,224| 07-Jul-2021| 09:10| x64 \nStopdagservermaintenance.ps1| Not applicable| 21,133| 07-Jul-2021| 09:08| Not applicable \nStoretsconstants.ps1| Not applicable| 15,850| 07-Jul-2021| 09:10| Not applicable \nStoretslibrary.ps1| Not applicable| 28,023| 07-Jul-2021| 09:10| Not applicable \nStore_mapi_net_bin_perf_x64_exrpcperf.dll| 15.2.922.13| 28,536| 07-Jul-2021| 09:09| x64 \nSync_mailpublicfolders.ps1| Not applicable| 43,947| 07-Jul-2021| 09:10| Not applicable \nSync_modernmailpublicfolders.ps1| Not applicable| 43,993| 07-Jul-2021| 09:10| Not applicable \nTextconversionmodule.dll| 15.2.922.13| 86,392| 07-Jul-2021| 09:09| x64 \nTroubleshoot_ci.ps1| Not applicable| 22,747| 07-Jul-2021| 09:10| Not applicable \nTroubleshoot_databaselatency.ps1| Not applicable| 33,453| 07-Jul-2021| 09:10| Not applicable \nTroubleshoot_databasespace.ps1| Not applicable| 30,049| 07-Jul-2021| 09:10| Not applicable \nUninstall_antispamagents.ps1| Not applicable| 15,453| 07-Jul-2021| 09:08| Not applicable \nUpdateapppoolmanagedframeworkversion.ps1| Not applicable| 14,010| 07-Jul-2021| 09:10| Not applicable \nUpdatecas.ps1| Not applicable| 38,193| 07-Jul-2021| 09:33| Not applicable \nUpdateconfigfiles.ps1| Not applicable| 19,742| 07-Jul-2021| 09:34| Not applicable \nUpdateserver.exe| 15.2.922.13| 3,014,520| 07-Jul-2021| 09:34| x64 \nUpdate_malwarefilteringserver.ps1| Not applicable| 18,156| 07-Jul-2021| 09:10| Not applicable \nWeb.config_053c31bdd6824e95b35d61b0a5e7b62d| Not applicable| 32,046| 07-Jul-2021| 12:41| Not applicable \nWsbexchange.exe| 15.2.922.13| 125,320| 07-Jul-2021| 09:12| x64 \nX400prox.dll| 15.2.922.13| 103,312| 07-Jul-2021| 09:08| x64 \n_search.lingoperators.a| 15.2.922.13| 34,704| 07-Jul-2021| 10:16| Not applicable \n_search.lingoperators.b| 15.2.922.13| 34,704| 07-Jul-2021| 10:16| Not applicable \n_search.mailboxoperators.a| 15.2.922.13| 290,192| 07-Jul-2021| 10:40| Not applicable \n_search.mailboxoperators.b| 15.2.922.13| 290,192| 07-Jul-2021| 10:40| Not applicable \n_search.operatorschema.a| 15.2.922.13| 485,752| 07-Jul-2021| 09:59| Not applicable \n_search.operatorschema.b| 15.2.922.13| 485,752| 07-Jul-2021| 09:59| Not applicable \n_search.tokenoperators.a| 15.2.922.13| 113,528| 07-Jul-2021| 10:14| Not applicable \n_search.tokenoperators.b| 15.2.922.13| 113,528| 07-Jul-2021| 10:14| Not applicable \n_search.transportoperators.a| 15.2.922.13| 67,984| 07-Jul-2021| 10:44| Not applicable \n_search.transportoperators.b| 15.2.922.13| 67,984| 07-Jul-2021| 10:44| Not applicable \n \n### \n\n__\n\nMicrosoft Exchange Server 2019 Cumulative Update 9\n\nFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nActivemonitoringeventmsg.dll| 15.2.858.15| 71,032| 08-Jul-2021| 21:42| x64 \nActivemonitoringexecutionlibrary.ps1| Not applicable| 29,502| 08-Jul-2021| 21:42| Not applicable \nAdduserstopfrecursive.ps1| Not applicable| 14,953| 08-Jul-2021| 21:48| Not applicable \nAdemodule.dll| 15.2.858.15| 106,376| 08-Jul-2021| 21:48| x64 \nAirfilter.dll| 15.2.858.15| 42,888| 08-Jul-2021| 21:48| x64 \nAjaxcontroltoolkit.dll| 15.2.858.15| 92,536| 08-Jul-2021| 21:42| x86 \nAntispamcommon.ps1| Not applicable| 13,501| 08-Jul-2021| 21:42| Not applicable \nAsdat.msi| Not applicable| 5,087,232| 08-Jul-2021| 21:49| Not applicable \nAsentirs.msi| Not applicable| 77,824| 08-Jul-2021| 21:42| Not applicable \nAsentsig.msi| Not applicable| 73,728| 08-Jul-2021| 21:49| Not applicable \nBigfunnel.bondtypes.dll| 15.2.858.15| 45,432| 08-Jul-2021| 21:43| x86 \nBigfunnel.common.dll| 15.2.858.15| 66,448| 08-Jul-2021| 21:42| x86 \nBigfunnel.configuration.dll| 15.2.858.15| 118,136| 08-Jul-2021| 21:51| x86 \nBigfunnel.entropy.dll| 15.2.858.15| 44,432| 08-Jul-2021| 21:43| x86 \nBigfunnel.filter.dll| 15.2.858.15| 54,136| 08-Jul-2021| 21:42| x86 \nBigfunnel.indexstream.dll| 15.2.858.15| 69,008| 08-Jul-2021| 21:42| x86 \nBigfunnel.neuraltree.dll| Not applicable| 694,160| 08-Jul-2021| 21:42| x64 \nBigfunnel.neuraltreeranking.dll| 15.2.858.15| 19,856| 08-Jul-2021| 21:48| x86 \nBigfunnel.poi.dll| 15.2.858.15| 245,112| 08-Jul-2021| 21:42| x86 \nBigfunnel.postinglist.dll| 15.2.858.15| 189,320| 08-Jul-2021| 21:48| x86 \nBigfunnel.query.dll| 15.2.858.15| 101,264| 08-Jul-2021| 21:42| x86 \nBigfunnel.ranking.dll| 15.2.858.15| 109,456| 08-Jul-2021| 21:47| x86 \nBigfunnel.syntheticdatalib.dll| 15.2.858.15| 3,634,552| 08-Jul-2021| 21:48| x86 \nBigfunnel.tracing.dll| 15.2.858.15| 42,888| 08-Jul-2021| 21:42| x86 \nBigfunnel.wordbreakers.dll| 15.2.858.15| 46,456| 08-Jul-2021| 21:48| x86 \nCafe_airfilter_dll| 15.2.858.15| 42,888| 08-Jul-2021| 21:48| x64 \nCafe_exppw_dll| 15.2.858.15| 83,336| 08-Jul-2021| 21:48| x64 \nCafe_owaauth_dll| 15.2.858.15| 92,024| 08-Jul-2021| 21:47| x64 \nCalcalculation.ps1| Not applicable| 42,089| 08-Jul-2021| 22:12| Not applicable \nCheckdatabaseredundancy.ps1| Not applicable| 94,602| 08-Jul-2021| 21:47| Not applicable \nChksgfiles.dll| 15.2.858.15| 57,208| 08-Jul-2021| 21:48| x64 \nCitsconstants.ps1| Not applicable| 15,837| 08-Jul-2021| 21:48| Not applicable \nCitslibrary.ps1| Not applicable| 82,656| 08-Jul-2021| 21:48| Not applicable \nCitstypes.ps1| Not applicable| 14,476| 08-Jul-2021| 21:48| Not applicable \nClassificationengine_mce| 15.2.858.15| 1,693,072| 08-Jul-2021| 21:42| Not applicable \nClusmsg.dll| 15.2.858.15| 134,008| 08-Jul-2021| 21:42| x64 \nCoconet.dll| 15.2.858.15| 48,008| 08-Jul-2021| 21:42| x64 \nCollectovermetrics.ps1| Not applicable| 81,640| 08-Jul-2021| 21:48| Not applicable \nCollectreplicationmetrics.ps1| Not applicable| 41,894| 08-Jul-2021| 21:48| Not applicable \nCommonconnectfunctions.ps1| Not applicable| 29,963| 08-Jul-2021| 23:31| Not applicable \nComplianceauditservice.exe| 15.2.858.15| 39,824| 08-Jul-2021| 23:37| x86 \nConfigureadam.ps1| Not applicable| 22,788| 08-Jul-2021| 21:47| Not applicable \nConfigurecaferesponseheaders.ps1| Not applicable| 20,304| 08-Jul-2021| 21:47| Not applicable \nConfigurecryptodefaults.ps1| Not applicable| 42,035| 08-Jul-2021| 22:11| Not applicable \nConfigurenetworkprotocolparameters.ps1| Not applicable| 19,766| 08-Jul-2021| 21:48| Not applicable \nConfiguresmbipsec.ps1| Not applicable| 39,852| 08-Jul-2021| 21:48| Not applicable \nConfigure_enterprisepartnerapplication.ps1| Not applicable| 22,279| 08-Jul-2021| 21:48| Not applicable \nConnectfunctions.ps1| Not applicable| 37,157| 08-Jul-2021| 23:32| Not applicable \nConnect_exchangeserver_help.xml| Not applicable| 30,412| 08-Jul-2021| 23:32| Not applicable \nConsoleinitialize.ps1| Not applicable| 24,244| 08-Jul-2021| 23:21| Not applicable \nConvertoabvdir.ps1| Not applicable| 20,049| 08-Jul-2021| 21:48| Not applicable \nConverttomessagelatency.ps1| Not applicable| 14,524| 08-Jul-2021| 21:48| Not applicable \nConvert_distributiongrouptounifiedgroup.ps1| Not applicable| 34,789| 08-Jul-2021| 21:48| Not applicable \nCreate_publicfoldermailboxesformigration.ps1| Not applicable| 27,944| 08-Jul-2021| 21:48| Not applicable \nCts.14.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 08-Jul-2021| 21:37| Not applicable \nCts.14.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 08-Jul-2021| 21:37| Not applicable \nCts.14.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 08-Jul-2021| 21:37| Not applicable \nCts.14.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 08-Jul-2021| 21:37| Not applicable \nCts.14.4.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 08-Jul-2021| 21:37| Not applicable \nCts.15.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 08-Jul-2021| 21:37| Not applicable \nCts.15.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 08-Jul-2021| 21:37| Not applicable \nCts.15.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 08-Jul-2021| 21:37| Not applicable \nCts.15.20.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 08-Jul-2021| 21:37| Not applicable \nCts.8.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 08-Jul-2021| 21:37| Not applicable \nCts.8.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 08-Jul-2021| 21:37| Not applicable \nCts.8.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 08-Jul-2021| 21:37| Not applicable \nCts_exsmime.dll| 15.2.858.15| 380,816| 08-Jul-2021| 21:43| x64 \nCts_microsoft.exchange.data.common.dll| 15.2.858.15| 1,686,912| 08-Jul-2021| 21:42| x86 \nCts_microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 08-Jul-2021| 21:37| Not applicable \nCts_policy.14.0.microsoft.exchange.data.common.dll| 15.2.858.15| 12,664| 08-Jul-2021| 21:48| x86 \nCts_policy.14.1.microsoft.exchange.data.common.dll| 15.2.858.15| 12,672| 08-Jul-2021| 21:48| x86 \nCts_policy.14.2.microsoft.exchange.data.common.dll| 15.2.858.15| 12,680| 08-Jul-2021| 21:42| x86 \nCts_policy.14.3.microsoft.exchange.data.common.dll| 15.2.858.15| 12,688| 08-Jul-2021| 21:48| x86 \nCts_policy.14.4.microsoft.exchange.data.common.dll| 15.2.858.15| 12,664| 08-Jul-2021| 21:48| x86 \nCts_policy.15.0.microsoft.exchange.data.common.dll| 15.2.858.15| 12,680| 08-Jul-2021| 21:48| x86 \nCts_policy.15.1.microsoft.exchange.data.common.dll| 15.2.858.15| 12,688| 08-Jul-2021| 21:42| x86 \nCts_policy.15.2.microsoft.exchange.data.common.dll| 15.2.858.15| 12,664| 08-Jul-2021| 21:42| x86 \nCts_policy.15.20.microsoft.exchange.data.common.dll| 15.2.858.15| 12,688| 08-Jul-2021| 21:48| x86 \nCts_policy.8.0.microsoft.exchange.data.common.dll| 15.2.858.15| 12,680| 08-Jul-2021| 21:42| x86 \nCts_policy.8.1.microsoft.exchange.data.common.dll| 15.2.858.15| 12,680| 08-Jul-2021| 21:42| x86 \nCts_policy.8.2.microsoft.exchange.data.common.dll| 15.2.858.15| 12,664| 08-Jul-2021| 21:48| x86 \nCts_policy.8.3.microsoft.exchange.data.common.dll| 15.2.858.15| 12,664| 08-Jul-2021| 21:48| x86 \nDagcommonlibrary.ps1| Not applicable| 60,222| 08-Jul-2021| 21:48| Not applicable \nDependentassemblygenerator.exe| 15.2.858.15| 22,400| 08-Jul-2021| 21:48| x86 \nDiaghelper.dll| 15.2.858.15| 66,960| 08-Jul-2021| 21:42| x86 \nDiagnosticscriptcommonlibrary.ps1| Not applicable| 16,366| 08-Jul-2021| 21:48| Not applicable \nDisableinmemorytracing.ps1| Not applicable| 13,358| 08-Jul-2021| 21:48| Not applicable \nDisable_antimalwarescanning.ps1| Not applicable| 15,221| 08-Jul-2021| 21:48| Not applicable \nDisable_outsidein.ps1| Not applicable| 13,650| 08-Jul-2021| 21:48| Not applicable \nDisklockerapi.dll| Not applicable| 22,392| 08-Jul-2021| 21:48| x64 \nDlmigrationmodule.psm1| Not applicable| 39,572| 08-Jul-2021| 21:48| Not applicable \nDsaccessperf.dll| 15.2.858.15| 45,944| 08-Jul-2021| 21:42| x64 \nDscperf.dll| 15.2.858.15| 32,656| 08-Jul-2021| 21:48| x64 \nDup_cts_microsoft.exchange.data.common.dll| 15.2.858.15| 1,686,912| 08-Jul-2021| 21:42| x86 \nDup_ext_microsoft.exchange.data.transport.dll| 15.2.858.15| 601,464| 08-Jul-2021| 22:11| x86 \nEcpperfcounters.xml| Not applicable| 31,136| 08-Jul-2021| 21:48| Not applicable \nEdgeextensibility_microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 08-Jul-2021| 21:37| Not applicable \nEdgeextensibility_policy.8.0.microsoft.exchange.data.transport.dll| 15.2.858.15| 12,680| 08-Jul-2021| 21:48| x86 \nEdgetransport.exe| 15.2.858.15| 49,552| 08-Jul-2021| 22:50| x86 \nEext.14.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 08-Jul-2021| 21:37| Not applicable \nEext.14.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 08-Jul-2021| 21:37| Not applicable \nEext.14.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 08-Jul-2021| 21:37| Not applicable \nEext.14.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 08-Jul-2021| 21:37| Not applicable \nEext.14.4.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 08-Jul-2021| 21:37| Not applicable \nEext.15.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 08-Jul-2021| 21:37| Not applicable \nEext.15.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 08-Jul-2021| 21:37| Not applicable \nEext.15.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 08-Jul-2021| 21:37| Not applicable \nEext.15.20.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 08-Jul-2021| 21:37| Not applicable \nEext.8.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 08-Jul-2021| 21:37| Not applicable \nEext.8.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 08-Jul-2021| 21:37| Not applicable \nEext.8.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 08-Jul-2021| 21:37| Not applicable \nEext_policy.14.0.microsoft.exchange.data.transport.dll| 15.2.858.15| 12,680| 08-Jul-2021| 21:42| x86 \nEext_policy.14.1.microsoft.exchange.data.transport.dll| 15.2.858.15| 12,664| 08-Jul-2021| 21:42| x86 \nEext_policy.14.2.microsoft.exchange.data.transport.dll| 15.2.858.15| 12,688| 08-Jul-2021| 21:48| x86 \nEext_policy.14.3.microsoft.exchange.data.transport.dll| 15.2.858.15| 12,688| 08-Jul-2021| 21:48| x86 \nEext_policy.14.4.microsoft.exchange.data.transport.dll| 15.2.858.15| 12,664| 08-Jul-2021| 21:48| x86 \nEext_policy.15.0.microsoft.exchange.data.transport.dll| 15.2.858.15| 12,688| 08-Jul-2021| 21:48| x86 \nEext_policy.15.1.microsoft.exchange.data.transport.dll| 15.2.858.15| 12,680| 08-Jul-2021| 21:48| x86 \nEext_policy.15.2.microsoft.exchange.data.transport.dll| 15.2.858.15| 12,680| 08-Jul-2021| 21:42| x86 \nEext_policy.15.20.microsoft.exchange.data.transport.dll| 15.2.858.15| 13,200| 08-Jul-2021| 21:48| x86 \nEext_policy.8.1.microsoft.exchange.data.transport.dll| 15.2.858.15| 12,664| 08-Jul-2021| 21:49| x86 \nEext_policy.8.2.microsoft.exchange.data.transport.dll| 15.2.858.15| 12,664| 08-Jul-2021| 21:48| x86 \nEext_policy.8.3.microsoft.exchange.data.transport.dll| 15.2.858.15| 12,680| 08-Jul-2021| 21:48| x86 \nEnableinmemorytracing.ps1| Not applicable| 13,388| 08-Jul-2021| 21:48| Not applicable \nEnable_antimalwarescanning.ps1| Not applicable| 17,555| 08-Jul-2021| 21:48| Not applicable \nEnable_basicauthtooauthconverterhttpmodule.ps1| Not applicable| 18,620| 08-Jul-2021| 21:48| Not applicable \nEnable_crossforestconnector.ps1| Not applicable| 18,622| 08-Jul-2021| 21:48| Not applicable \nEnable_outlookcertificateauthentication.ps1| Not applicable| 22,908| 08-Jul-2021| 21:48| Not applicable \nEnable_outsidein.ps1| Not applicable| 13,643| 08-Jul-2021| 21:48| Not applicable \nEngineupdateserviceinterfaces.dll| 15.2.858.15| 17,800| 08-Jul-2021| 21:48| x86 \nEscprint.dll| 15.2.858.15| 20,344| 08-Jul-2021| 21:42| x64 \nEse.dll| 15.2.858.15| 3,741,584| 08-Jul-2021| 21:42| x64 \nEseback2.dll| 15.2.858.15| 350,072| 08-Jul-2021| 21:48| x64 \nEsebcli2.dll| 15.2.858.15| 318,344| 08-Jul-2021| 21:42| x64 \nEseperf.dll| 15.2.858.15| 108,920| 08-Jul-2021| 21:48| x64 \nEseutil.exe| 15.2.858.15| 425,360| 08-Jul-2021| 21:48| x64 \nEsevss.dll| 15.2.858.15| 44,432| 08-Jul-2021| 21:48| x64 \nEtweseproviderresources.dll| 15.2.858.15| 101,256| 08-Jul-2021| 21:42| x64 \nEventperf.dll| 15.2.858.15| 59,792| 08-Jul-2021| 21:42| x64 \nExchange.depthtwo.types.ps1xml| Not applicable| 40,105| 08-Jul-2021| 23:31| Not applicable \nExchange.format.ps1xml| Not applicable| 649,717| 08-Jul-2021| 23:31| Not applicable \nExchange.partial.types.ps1xml| Not applicable| 44,362| 08-Jul-2021| 23:31| Not applicable \nExchange.ps1| Not applicable| 20,823| 08-Jul-2021| 23:32| Not applicable \nExchange.support.format.ps1xml| Not applicable| 26,531| 08-Jul-2021| 23:23| Not applicable \nExchange.types.ps1xml| Not applicable| 365,145| 08-Jul-2021| 23:31| Not applicable \nExchangeudfcommon.dll| 15.2.858.15| 122,760| 08-Jul-2021| 21:42| x86 \nExchangeudfs.dll| 15.2.858.15| 272,760| 08-Jul-2021| 21:48| x86 \nExchmem.dll| 15.2.858.15| 86,408| 08-Jul-2021| 21:42| x64 \nExchsetupmsg.dll| 15.2.858.15| 19,344| 08-Jul-2021| 21:43| x64 \nExdbfailureitemapi.dll| Not applicable| 27,024| 08-Jul-2021| 21:42| x64 \nExdbmsg.dll| 15.2.858.15| 230,776| 08-Jul-2021| 21:48| x64 \nExeventperfplugin.dll| 15.2.858.15| 25,480| 08-Jul-2021| 21:48| x64 \nExmime.dll| 15.2.858.15| 364,928| 08-Jul-2021| 21:48| x64 \nExportedgeconfig.ps1| Not applicable| 27,387| 08-Jul-2021| 21:48| Not applicable \nExport_mailpublicfoldersformigration.ps1| Not applicable| 18,550| 08-Jul-2021| 21:48| Not applicable \nExport_modernpublicfolderstatistics.ps1| Not applicable| 29,238| 08-Jul-2021| 21:48| Not applicable \nExport_outlookclassification.ps1| Not applicable| 14,390| 08-Jul-2021| 21:48| Not applicable \nExport_publicfolderstatistics.ps1| Not applicable| 23,157| 08-Jul-2021| 21:48| Not applicable \nExport_retentiontags.ps1| Not applicable| 17,040| 08-Jul-2021| 21:47| Not applicable \nExppw.dll| 15.2.858.15| 83,336| 08-Jul-2021| 21:48| x64 \nExprfdll.dll| 15.2.858.15| 26,512| 08-Jul-2021| 21:42| x64 \nExrpc32.dll| 15.2.858.15| 2,029,448| 08-Jul-2021| 21:48| x64 \nExrw.dll| 15.2.858.15| 28,024| 08-Jul-2021| 21:42| x64 \nExsetdata.dll| 15.2.858.15| 2,779,528| 08-Jul-2021| 21:48| x64 \nExsetup.exe| 15.2.858.15| 35,192| 08-Jul-2021| 23:26| x86 \nExsetupui.exe| 15.2.858.15| 471,944| 08-Jul-2021| 23:26| x86 \nExtrace.dll| 15.2.858.15| 245,112| 08-Jul-2021| 21:42| x64 \nExt_microsoft.exchange.data.transport.dll| 15.2.858.15| 601,464| 08-Jul-2021| 22:11| x86 \nExwatson.dll| 15.2.858.15| 44,944| 08-Jul-2021| 21:42| x64 \nFastioext.dll| 15.2.858.15| 60,304| 08-Jul-2021| 21:48| x64 \nFil06f84122c94c91a0458cad45c22cce20| Not applicable| 784,631| 09-Jul-2021| 01:03| Not applicable \nFil143a7a5d4894478a85eefc89a6539fc8| Not applicable| 1,909,228| 09-Jul-2021| 01:03| Not applicable \nFil19f527f284a0bb584915f9994f4885c3| Not applicable| 648,760| 09-Jul-2021| 01:03| Not applicable \nFil1a9540363a531e7fb18ffe600cffc3ce| Not applicable| 358,405| 09-Jul-2021| 01:03| Not applicable \nFil220d95210c8697448312eee6628c815c| Not applicable| 303,657| 09-Jul-2021| 01:03| Not applicable \nFil2cf5a31e239a45fabea48687373b547c| Not applicable| 652,759| 09-Jul-2021| 01:03| Not applicable \nFil397f0b1f1d7bd44d6e57e496decea2ec| Not applicable| 784,628| 09-Jul-2021| 01:03| Not applicable \nFil3ab126057b34eee68c4fd4b127ff7aee| Not applicable| 784,604| 09-Jul-2021| 01:03| Not applicable \nFil41bb2e5743e3bde4ecb1e07a76c5a7a8| Not applicable| 149,154| 09-Jul-2021| 01:03| Not applicable \nFil51669bfbda26e56e3a43791df94c1e9c| Not applicable| 9,345| 09-Jul-2021| 01:03| Not applicable \nFil558cb84302edfc96e553bcfce2b85286| Not applicable| 85,259| 09-Jul-2021| 01:03| Not applicable \nFil55ce217251b77b97a46e914579fc4c64| Not applicable| 648,754| 09-Jul-2021| 01:03| Not applicable \nFil5a9e78a51a18d05bc36b5e8b822d43a8| Not applicable| 1,596,145| 09-Jul-2021| 01:03| Not applicable \nFil5c7d10e5f1f9ada1e877c9aa087182a9| Not applicable| 1,596,145| 09-Jul-2021| 01:03| Not applicable \nFil6569a92c80a1e14949e4282ae2cc699c| Not applicable| 1,596,145| 09-Jul-2021| 01:03| Not applicable \nFil6a01daba551306a1e55f0bf6894f4d9f| Not applicable| 648,730| 09-Jul-2021| 01:03| Not applicable \nFil8863143ea7cd93a5f197c9fff13686bf| Not applicable| 648,760| 09-Jul-2021| 01:03| Not applicable \nFil8a8c76f225c7205db1000e8864c10038| Not applicable| 1,596,145| 09-Jul-2021| 01:03| Not applicable \nFil8cd999415d36ba78a3ac16a080c47458| Not applicable| 784,634| 09-Jul-2021| 01:03| Not applicable \nFil97913e630ff02079ce9889505a517ec0| Not applicable| 1,596,145| 09-Jul-2021| 01:03| Not applicable \nFilaa49badb2892075a28d58d06560f8da2| Not applicable| 785,658| 09-Jul-2021| 01:03| Not applicable \nFilae28aeed23ccb4b9b80accc2d43175b5| Not applicable| 648,757| 09-Jul-2021| 01:03| Not applicable \nFilb17f496f9d880a684b5c13f6b02d7203| Not applicable| 784,634| 09-Jul-2021| 01:03| Not applicable \nFilb94ca32f2654692263a5be009c0fe4ca| Not applicable| 2,564,949| 09-Jul-2021| 01:03| Not applicable \nFilbabdc4808eba0c4f18103f12ae955e5c| Not applicable| 342,803,074| 09-Jul-2021| 01:03| Not applicable \nFilc92cf2bf29bed21bd5555163330a3d07| Not applicable| 652,777| 09-Jul-2021| 01:03| Not applicable \nFilcc478d2a8346db20c4e2dc36f3400628| Not applicable| 784,634| 09-Jul-2021| 01:03| Not applicable \nFild26cd6b13cfe2ec2a16703819da6d043| Not applicable| 1,596,145| 09-Jul-2021| 01:03| Not applicable \nFilf2719f9dc8f7b74df78ad558ad3ee8a6| Not applicable| 785,640| 09-Jul-2021| 01:03| Not applicable \nFilfa5378dc76359a55ef20cc34f8a23fee| Not applicable| 1,427,187| 09-Jul-2021| 01:03| Not applicable \nFilteringconfigurationcommands.ps1| Not applicable| 18,263| 08-Jul-2021| 21:48| Not applicable \nFilteringpowershell.dll| 15.2.858.15| 223,112| 08-Jul-2021| 21:51| x86 \nFilteringpowershell.format.ps1xml| Not applicable| 29,648| 08-Jul-2021| 21:51| Not applicable \nFiltermodule.dll| 15.2.858.15| 180,088| 08-Jul-2021| 21:42| x64 \nFipexeuperfctrresource.dll| 15.2.858.15| 15,248| 08-Jul-2021| 21:42| x64 \nFipexeventsresource.dll| 15.2.858.15| 44,936| 08-Jul-2021| 21:42| x64 \nFipexperfctrresource.dll| 15.2.858.15| 32,632| 08-Jul-2021| 21:42| x64 \nFirewallres.dll| 15.2.858.15| 72,592| 08-Jul-2021| 21:43| x64 \nFms.exe| 15.2.858.15| 1,350,024| 08-Jul-2021| 22:11| x64 \nForefrontactivedirectoryconnector.exe| 15.2.858.15| 110,992| 08-Jul-2021| 21:43| x64 \nFpsdiag.exe| 15.2.858.15| 18,832| 08-Jul-2021| 21:42| x86 \nFsccachedfilemanagedlocal.dll| 15.2.858.15| 822,136| 08-Jul-2021| 21:48| x64 \nFscconfigsupport.dll| 15.2.858.15| 56,696| 08-Jul-2021| 21:43| x86 \nFscconfigurationserver.exe| 15.2.858.15| 430,992| 08-Jul-2021| 21:43| x64 \nFscconfigurationserverinterfaces.dll| 15.2.858.15| 15,736| 08-Jul-2021| 21:42| x86 \nFsccrypto.dll| 15.2.858.15| 208,768| 08-Jul-2021| 21:42| x64 \nFscipcinterfaceslocal.dll| 15.2.858.15| 28,536| 08-Jul-2021| 21:42| x86 \nFscipclocal.dll| 15.2.858.15| 38,264| 08-Jul-2021| 21:48| x86 \nFscsqmuploader.exe| 15.2.858.15| 453,512| 08-Jul-2021| 21:47| x64 \nGetucpool.ps1| Not applicable| 19,771| 08-Jul-2021| 21:48| Not applicable \nGetvalidengines.ps1| Not applicable| 13,306| 08-Jul-2021| 21:47| Not applicable \nGet_antispamfilteringreport.ps1| Not applicable| 15,805| 08-Jul-2021| 21:42| Not applicable \nGet_antispamsclhistogram.ps1| Not applicable| 14,635| 08-Jul-2021| 21:42| Not applicable \nGet_antispamtopblockedsenderdomains.ps1| Not applicable| 15,723| 08-Jul-2021| 21:42| Not applicable \nGet_antispamtopblockedsenderips.ps1| Not applicable| 14,771| 08-Jul-2021| 21:42| Not applicable \nGet_antispamtopblockedsenders.ps1| Not applicable| 15,474| 08-Jul-2021| 21:42| Not applicable \nGet_antispamtoprblproviders.ps1| Not applicable| 14,685| 08-Jul-2021| 21:42| Not applicable \nGet_antispamtoprecipients.ps1| Not applicable| 14,786| 08-Jul-2021| 21:42| Not applicable \nGet_dleligibilitylist.ps1| Not applicable| 42,368| 08-Jul-2021| 21:48| Not applicable \nGet_exchangeetwtrace.ps1| Not applicable| 28,979| 08-Jul-2021| 21:48| Not applicable \nGet_publicfoldermailboxsize.ps1| Not applicable| 15,018| 08-Jul-2021| 21:48| Not applicable \nGet_storetrace.ps1| Not applicable| 51,883| 08-Jul-2021| 21:48| Not applicable \nHuffman_xpress.dll| 15.2.858.15| 32,648| 08-Jul-2021| 21:47| x64 \nImportedgeconfig.ps1| Not applicable| 77,244| 08-Jul-2021| 21:48| Not applicable \nImport_mailpublicfoldersformigration.ps1| Not applicable| 29,476| 08-Jul-2021| 21:48| Not applicable \nImport_retentiontags.ps1| Not applicable| 28,850| 08-Jul-2021| 21:48| Not applicable \nInproxy.dll| 15.2.858.15| 85,896| 08-Jul-2021| 21:48| x64 \nInstallwindowscomponent.ps1| Not applicable| 34,519| 08-Jul-2021| 22:11| Not applicable \nInstall_antispamagents.ps1| Not applicable| 17,925| 08-Jul-2021| 21:42| Not applicable \nInstall_odatavirtualdirectory.ps1| Not applicable| 17,963| 08-Jul-2021| 23:52| Not applicable \nInterop.activeds.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.2.858.15| 107,408| 08-Jul-2021| 21:42| Not applicable \nInterop.adsiis.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.2.858.15| 20,368| 08-Jul-2021| 21:43| Not applicable \nInterop.certenroll.dll| 15.2.858.15| 142,728| 08-Jul-2021| 21:42| x86 \nInterop.licenseinfointerface.dll| 15.2.858.15| 14,200| 08-Jul-2021| 21:49| x86 \nInterop.netfw.dll| 15.2.858.15| 34,192| 08-Jul-2021| 21:42| x86 \nInterop.plalibrary.dll| 15.2.858.15| 72,568| 08-Jul-2021| 21:42| x86 \nInterop.stdole2.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.2.858.15| 27,024| 08-Jul-2021| 21:42| Not applicable \nInterop.taskscheduler.dll| 15.2.858.15| 46,480| 08-Jul-2021| 21:42| x86 \nInterop.wuapilib.dll| 15.2.858.15| 60,816| 08-Jul-2021| 21:42| x86 \nInterop.xenroll.dll| 15.2.858.15| 39,816| 08-Jul-2021| 21:42| x86 \nKerbauth.dll| 15.2.858.15| 62,856| 08-Jul-2021| 21:43| x64 \nLicenseinfointerface.dll| 15.2.858.15| 643,448| 08-Jul-2021| 21:47| x64 \nLpversioning.xml| Not applicable| 20,418| 08-Jul-2021| 23:26| Not applicable \nMailboxdatabasereseedusingspares.ps1| Not applicable| 31,916| 08-Jul-2021| 21:48| Not applicable \nManagedavailabilitycrimsonmsg.dll| 15.2.858.15| 138,640| 08-Jul-2021| 21:42| x64 \nManagedstorediagnosticfunctions.ps1| Not applicable| 126,249| 08-Jul-2021| 21:47| Not applicable \nManagescheduledtask.ps1| Not applicable| 36,332| 08-Jul-2021| 21:48| Not applicable \nManage_metacachedatabase.ps1| Not applicable| 51,119| 08-Jul-2021| 21:47| Not applicable \nMce.dll| 15.2.858.15| 1,693,072| 08-Jul-2021| 21:42| x64 \nMeasure_storeusagestatistics.ps1| Not applicable| 29,479| 08-Jul-2021| 21:48| Not applicable \nMerge_publicfoldermailbox.ps1| Not applicable| 22,615| 08-Jul-2021| 21:48| Not applicable \nMicrosoft.database.isam.dll| 15.2.858.15| 127,888| 08-Jul-2021| 21:48| x86 \nMicrosoft.dkm.proxy.dll| 15.2.858.15| 26,000| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.activemonitoring.activemonitoringvariantconfig.dll| 15.2.858.15| 68,472| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.activemonitoring.eventlog.dll| 15.2.858.15| 17,784| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.addressbook.service.dll| 15.2.858.15| 233,360| 08-Jul-2021| 23:20| x86 \nMicrosoft.exchange.addressbook.service.eventlog.dll| 15.2.858.15| 15,752| 08-Jul-2021| 21:43| x64 \nMicrosoft.exchange.airsync.airsyncmsg.dll| 15.2.858.15| 43,384| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.airsync.comon.dll| 15.2.858.15| 1,776,016| 08-Jul-2021| 23:03| x86 \nMicrosoft.exchange.airsync.dll1| 15.2.858.15| 505,224| 08-Jul-2021| 23:50| Not applicable \nMicrosoft.exchange.airsynchandler.dll| 15.2.858.15| 76,176| 08-Jul-2021| 23:51| x86 \nMicrosoft.exchange.anchorservice.dll| 15.2.858.15| 135,560| 08-Jul-2021| 22:45| x86 \nMicrosoft.exchange.antispam.eventlog.dll| 15.2.858.15| 23,432| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.antispamupdate.eventlog.dll| 15.2.858.15| 15,736| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.antispamupdatesvc.exe| 15.2.858.15| 27,000| 08-Jul-2021| 22:53| x86 \nMicrosoft.exchange.approval.applications.dll| 15.2.858.15| 53,648| 08-Jul-2021| 22:51| x86 \nMicrosoft.exchange.assistants.dll| 15.2.858.15| 925,064| 08-Jul-2021| 22:45| x86 \nMicrosoft.exchange.assistants.eventlog.dll| 15.2.858.15| 25,976| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.assistants.interfaces.dll| 15.2.858.15| 43,400| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.audit.azureclient.dll| 15.2.858.15| 15,240| 08-Jul-2021| 23:24| x86 \nMicrosoft.exchange.auditlogsearch.eventlog.dll| 15.2.858.15| 14,736| 08-Jul-2021| 21:43| x64 \nMicrosoft.exchange.auditlogsearchservicelet.dll| 15.2.858.15| 70,544| 08-Jul-2021| 23:21| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.dll| 15.2.858.15| 94,600| 08-Jul-2021| 23:32| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.eventlog.dll| 15.2.858.15| 13,200| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.authadmin.eventlog.dll| 15.2.858.15| 15,736| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.authadminservicelet.dll| 15.2.858.15| 36,752| 08-Jul-2021| 23:20| x86 \nMicrosoft.exchange.authservicehostservicelet.dll| 15.2.858.15| 15,752| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.autodiscover.configuration.dll| 15.2.858.15| 79,760| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.autodiscover.dll| 15.2.858.15| 396,168| 08-Jul-2021| 23:07| x86 \nMicrosoft.exchange.autodiscover.eventlogs.dll| 15.2.858.15| 21,392| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.autodiscoverv2.dll| 15.2.858.15| 57,208| 08-Jul-2021| 23:07| x86 \nMicrosoft.exchange.bandwidthmonitorservicelet.dll| 15.2.858.15| 14,728| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.batchservice.dll| 15.2.858.15| 35,720| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.cabutility.dll| 15.2.858.15| 276,344| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.certificatedeployment.eventlog.dll| 15.2.858.15| 16,248| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.certificatedeploymentservicelet.dll| 15.2.858.15| 26,000| 08-Jul-2021| 23:20| x86 \nMicrosoft.exchange.certificatenotification.eventlog.dll| 15.2.858.15| 13,704| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.certificatenotificationservicelet.dll| 15.2.858.15| 23,440| 08-Jul-2021| 23:20| x86 \nMicrosoft.exchange.clients.common.dll| 15.2.858.15| 378,248| 08-Jul-2021| 22:50| x86 \nMicrosoft.exchange.clients.eventlogs.dll| 15.2.858.15| 83,832| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.clients.owa.dll| 15.2.858.15| 2,971,024| 08-Jul-2021| 23:50| x86 \nMicrosoft.exchange.clients.owa2.server.dll| 15.2.858.15| 5,029,776| 08-Jul-2021| 23:48| x86 \nMicrosoft.exchange.clients.owa2.servervariantconfiguration.dll| 15.2.858.15| 893,824| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.clients.security.dll| 15.2.858.15| 413,576| 08-Jul-2021| 23:27| x86 \nMicrosoft.exchange.clients.strings.dll| 15.2.858.15| 924,560| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.cluster.bandwidthmonitor.dll| 15.2.858.15| 31,632| 08-Jul-2021| 22:54| x86 \nMicrosoft.exchange.cluster.common.dll| 15.2.858.15| 52,112| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.cluster.common.extensions.dll| 15.2.858.15| 21,880| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.cluster.diskmonitor.dll| 15.2.858.15| 33,680| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.cluster.replay.dll| 15.2.858.15| 3,515,256| 08-Jul-2021| 22:52| x86 \nMicrosoft.exchange.cluster.replicaseeder.dll| 15.2.858.15| 108,432| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.cluster.replicavsswriter.dll| 15.2.858.15| 288,632| 08-Jul-2021| 23:00| x64 \nMicrosoft.exchange.cluster.shared.dll| 15.2.858.15| 625,544| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.common.agentconfig.transport.dll| 15.2.858.15| 86,392| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.common.componentconfig.transport.dll| 15.2.858.15| 1,830,264| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.common.directory.adagentservicevariantconfig.dll| 15.2.858.15| 31,632| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.common.directory.directoryvariantconfig.dll| 15.2.858.15| 466,320| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.common.directory.domtvariantconfig.dll| 15.2.858.15| 25,976| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.common.directory.ismemberofresolverconfig.dll| 15.2.858.15| 38,264| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.common.directory.tenantrelocationvariantconfig.dll| 15.2.858.15| 102,776| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.common.directory.topologyservicevariantconfig.dll| 15.2.858.15| 48,504| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.common.diskmanagement.dll| 15.2.858.15| 67,472| 08-Jul-2021| 21:43| x86 \nMicrosoft.exchange.common.dll| 15.2.858.15| 172,944| 08-Jul-2021| 21:43| x86 \nMicrosoft.exchange.common.encryption.variantconfig.dll| 15.2.858.15| 113,536| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.common.il.dll| 15.2.858.15| 13,712| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.common.inference.dll| 15.2.858.15| 130,448| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.common.optics.dll| 15.2.858.15| 63,888| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.common.processmanagermsg.dll| 15.2.858.15| 19,856| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.common.protocols.popimap.dll| 15.2.858.15| 15,248| 08-Jul-2021| 21:43| x86 \nMicrosoft.exchange.common.search.dll| 15.2.858.15| 108,920| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.common.search.eventlog.dll| 15.2.858.15| 17,800| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.common.smtp.dll| 15.2.858.15| 51,576| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.common.suiteservices.suiteservicesvariantconfig.dll| 15.2.858.15| 36,728| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.common.transport.azure.dll| 15.2.858.15| 27,528| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.common.transport.monitoringconfig.dll| 15.2.858.15| 1,042,320| 08-Jul-2021| 22:11| x86 \nMicrosoft.exchange.commonmsg.dll| 15.2.858.15| 29,064| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.compliance.auditlogpumper.messages.dll| 15.2.858.15| 13,176| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.compliance.auditservice.core.dll| 15.2.858.15| 181,136| 08-Jul-2021| 23:34| x86 \nMicrosoft.exchange.compliance.auditservice.messages.dll| 15.2.858.15| 30,088| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.compliance.common.dll| 15.2.858.15| 22,408| 08-Jul-2021| 22:21| x86 \nMicrosoft.exchange.compliance.crimsonevents.dll| 15.2.858.15| 85,888| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.compliance.dll| 15.2.858.15| 41,344| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.compliance.recordreview.dll| 15.2.858.15| 37,248| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.compliance.supervision.dll| 15.2.858.15| 50,560| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.compliance.taskcreator.dll| 15.2.858.15| 33,144| 08-Jul-2021| 22:48| x86 \nMicrosoft.exchange.compliance.taskdistributioncommon.dll| 15.2.858.15| 1,100,688| 08-Jul-2021| 22:47| x86 \nMicrosoft.exchange.compliance.taskdistributionfabric.dll| 15.2.858.15| 206,712| 08-Jul-2021| 22:49| x86 \nMicrosoft.exchange.compliance.taskplugins.dll| 15.2.858.15| 210,808| 08-Jul-2021| 23:11| x86 \nMicrosoft.exchange.compression.dll| 15.2.858.15| 17,288| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.configuration.certificateauth.dll| 15.2.858.15| 37,768| 08-Jul-2021| 22:41| x86 \nMicrosoft.exchange.configuration.certificateauth.eventlog.dll| 15.2.858.15| 14,200| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.configuration.core.dll| 15.2.858.15| 145,784| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.configuration.core.eventlog.dll| 15.2.858.15| 14,200| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.configuration.delegatedauth.dll| 15.2.858.15| 53,128| 08-Jul-2021| 22:41| x86 \nMicrosoft.exchange.configuration.delegatedauth.eventlog.dll| 15.2.858.15| 15,736| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.configuration.diagnosticsmodules.dll| 15.2.858.15| 23,416| 08-Jul-2021| 22:40| x86 \nMicrosoft.exchange.configuration.diagnosticsmodules.eventlog.dll| 15.2.858.15| 13,200| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.configuration.failfast.dll| 15.2.858.15| 54,648| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.configuration.failfast.eventlog.dll| 15.2.858.15| 13,688| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.configuration.objectmodel.dll| 15.2.858.15| 1,846,136| 08-Jul-2021| 22:42| x86 \nMicrosoft.exchange.configuration.objectmodel.eventlog.dll| 15.2.858.15| 30,072| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.configuration.redirectionmodule.dll| 15.2.858.15| 68,496| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.configuration.redirectionmodule.eventlog.dll| 15.2.858.15| 15,248| 08-Jul-2021| 21:43| x64 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.dll| 15.2.858.15| 21,368| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.eventlog.dll| 15.2.858.15| 13,200| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.connectiondatacollector.dll| 15.2.858.15| 26,000| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.connections.common.dll| 15.2.858.15| 169,864| 08-Jul-2021| 22:11| x86 \nMicrosoft.exchange.connections.eas.dll| 15.2.858.15| 330,128| 08-Jul-2021| 22:11| x86 \nMicrosoft.exchange.connections.imap.dll| 15.2.858.15| 173,968| 08-Jul-2021| 22:11| x86 \nMicrosoft.exchange.connections.pop.dll| 15.2.858.15| 71,056| 08-Jul-2021| 22:11| x86 \nMicrosoft.exchange.contentfilter.wrapper.exe| 15.2.858.15| 203,640| 08-Jul-2021| 21:49| x64 \nMicrosoft.exchange.context.client.dll| 15.2.858.15| 27,000| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.context.configuration.dll| 15.2.858.15| 51,576| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.context.core.dll| 15.2.858.15| 51,088| 08-Jul-2021| 22:11| x86 \nMicrosoft.exchange.context.datamodel.dll| 15.2.858.15| 46,984| 08-Jul-2021| 22:11| x86 \nMicrosoft.exchange.core.strings.dll| 15.2.858.15| 1,093,496| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.core.timezone.dll| 15.2.858.15| 57,208| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.data.applicationlogic.deep.dll| 15.2.858.15| 326,536| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.data.applicationlogic.dll| 15.2.858.15| 3,356,552| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.data.applicationlogic.eventlog.dll| 15.2.858.15| 35,704| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.data.applicationlogic.monitoring.ifx.dll| 15.2.858.15| 17,808| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.data.connectors.dll| 15.2.858.15| 165,240| 08-Jul-2021| 22:23| x86 \nMicrosoft.exchange.data.consumermailboxprovisioning.dll| 15.2.858.15| 619,400| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.data.directory.dll| 15.2.858.15| 7,792,000| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.data.directory.eventlog.dll| 15.2.858.15| 80,248| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.data.dll| 15.2.858.15| 1,790,344| 08-Jul-2021| 22:11| x86 \nMicrosoft.exchange.data.groupmailboxaccesslayer.dll| 15.2.858.15| 1,626,504| 08-Jul-2021| 22:47| x86 \nMicrosoft.exchange.data.ha.dll| 15.2.858.15| 375,160| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.data.imageanalysis.dll| 15.2.858.15| 105,336| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.data.mailboxfeatures.dll| 15.2.858.15| 15,760| 08-Jul-2021| 22:21| x86 \nMicrosoft.exchange.data.mailboxloadbalance.dll| 15.2.858.15| 224,648| 08-Jul-2021| 22:23| x86 \nMicrosoft.exchange.data.mapi.dll| 15.2.858.15| 186,744| 08-Jul-2021| 22:23| x86 \nMicrosoft.exchange.data.metering.contracts.dll| 15.2.858.15| 39,824| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.data.metering.dll| 15.2.858.15| 119,160| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.data.msosyncxsd.dll| 15.2.858.15| 968,056| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.data.notification.dll| 15.2.858.15| 141,192| 08-Jul-2021| 22:22| x86 \nMicrosoft.exchange.data.personaldataplatform.dll| 15.2.858.15| 769,416| 08-Jul-2021| 22:12| x86 \nMicrosoft.exchange.data.providers.dll| 15.2.858.15| 139,664| 08-Jul-2021| 22:21| x86 \nMicrosoft.exchange.data.provisioning.dll| 15.2.858.15| 56,696| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.data.rightsmanagement.dll| 15.2.858.15| 452,984| 08-Jul-2021| 22:20| x86 \nMicrosoft.exchange.data.scheduledtimers.dll| 15.2.858.15| 32,640| 08-Jul-2021| 22:21| x86 \nMicrosoft.exchange.data.storage.clientstrings.dll| 15.2.858.15| 256,904| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.data.storage.dll| 15.2.858.15| 11,816,848| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.data.storage.eventlog.dll| 15.2.858.15| 37,768| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.data.storageconfigurationresources.dll| 15.2.858.15| 655,760| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.data.storeobjects.dll| 15.2.858.15| 175,480| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.data.throttlingservice.client.dll| 15.2.858.15| 36,216| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.data.throttlingservice.client.eventlog.dll| 15.2.858.15| 14,224| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.data.throttlingservice.eventlog.dll| 15.2.858.15| 14,200| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.datacenter.management.activemonitoring.recoveryservice.eventlog.dll| 15.2.858.15| 14,728| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.datacenterstrings.dll| 15.2.858.15| 72,592| 08-Jul-2021| 23:21| x86 \nMicrosoft.exchange.delivery.eventlog.dll| 15.2.858.15| 13,184| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.diagnostics.certificatelogger.dll| 15.2.858.15| 22,920| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.diagnostics.dll| 15.2.858.15| 2,213,240| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.diagnostics.dll.deploy| 15.2.858.15| 2,213,240| 08-Jul-2021| 21:42| Not applicable \nMicrosoft.exchange.diagnostics.performancelogger.dll| 15.2.858.15| 23,944| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.diagnostics.service.common.dll| 15.2.858.15| 546,680| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.diagnostics.service.eventlog.dll| 15.2.858.15| 215,416| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.diagnostics.service.exchangejobs.dll| 15.2.858.15| 194,432| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.diagnostics.service.exe| 15.2.858.15| 146,312| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.diagnostics.service.fuseboxperfcounters.dll| 15.2.858.15| 27,528| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.diagnosticsaggregation.eventlog.dll| 15.2.858.15| 13,688| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.diagnosticsaggregationservicelet.dll| 15.2.858.15| 49,528| 08-Jul-2021| 22:49| x86 \nMicrosoft.exchange.directory.topologyservice.eventlog.dll| 15.2.858.15| 28,024| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.directory.topologyservice.exe| 15.2.858.15| 208,784| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.disklocker.events.dll| 15.2.858.15| 88,968| 08-Jul-2021| 21:43| x64 \nMicrosoft.exchange.disklocker.interop.dll| 15.2.858.15| 32,656| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.drumtesting.calendarmigration.dll| 15.2.858.15| 45,960| 08-Jul-2021| 23:03| x86 \nMicrosoft.exchange.drumtesting.common.dll| 15.2.858.15| 18,808| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.dxstore.dll| 15.2.858.15| 473,464| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.dxstore.ha.events.dll| 15.2.858.15| 206,216| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.dxstore.ha.instance.exe| 15.2.858.15| 36,752| 08-Jul-2021| 22:54| x86 \nMicrosoft.exchange.eac.flighting.dll| 15.2.858.15| 131,448| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.edgecredentialsvc.exe| 15.2.858.15| 21,896| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.edgesync.common.dll| 15.2.858.15| 148,368| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.edgesync.datacenterproviders.dll| 15.2.858.15| 220,024| 08-Jul-2021| 22:21| x86 \nMicrosoft.exchange.edgesync.eventlog.dll| 15.2.858.15| 23,944| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.edgesyncsvc.exe| 15.2.858.15| 97,672| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.ediscovery.export.dll| 15.2.858.15| 1,266,064| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.ediscovery.export.dll.deploy| 15.2.858.15| 1,266,064| 08-Jul-2021| 21:42| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.application| Not applicable| 16,503| 08-Jul-2021| 21:48| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.exe.deploy| 15.2.858.15| 87,416| 08-Jul-2021| 21:48| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.manifest| Not applicable| 67,473| 08-Jul-2021| 21:48| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.strings.dll.deploy| 15.2.858.15| 52,096| 08-Jul-2021| 21:43| Not applicable \nMicrosoft.exchange.ediscovery.mailboxsearch.dll| 15.2.858.15| 292,232| 08-Jul-2021| 23:11| x86 \nMicrosoft.exchange.entities.birthdaycalendar.dll| 15.2.858.15| 73,080| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.entities.booking.defaultservicesettings.dll| 15.2.858.15| 45,968| 08-Jul-2021| 22:23| x86 \nMicrosoft.exchange.entities.booking.dll| 15.2.858.15| 218,488| 08-Jul-2021| 23:02| x86 \nMicrosoft.exchange.entities.booking.management.dll| 15.2.858.15| 78,200| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.entities.bookings.dll| 15.2.858.15| 35,704| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.entities.calendaring.dll| 15.2.858.15| 935,304| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.entities.common.dll| 15.2.858.15| 336,248| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.entities.connectors.dll| 15.2.858.15| 52,600| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.entities.contentsubmissions.dll| 15.2.858.15| 32,144| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.entities.context.dll| 15.2.858.15| 60,816| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.entities.datamodel.dll| 15.2.858.15| 854,408| 08-Jul-2021| 22:22| x86 \nMicrosoft.exchange.entities.fileproviders.dll| 15.2.858.15| 291,704| 08-Jul-2021| 23:02| x86 \nMicrosoft.exchange.entities.foldersharing.dll| 15.2.858.15| 39,288| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.entities.holidaycalendars.dll| 15.2.858.15| 76,152| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.entities.insights.dll| 15.2.858.15| 166,800| 08-Jul-2021| 23:07| x86 \nMicrosoft.exchange.entities.meetinglocation.dll| 15.2.858.15| 1,486,728| 08-Jul-2021| 23:07| x86 \nMicrosoft.exchange.entities.meetingparticipants.dll| 15.2.858.15| 122,232| 08-Jul-2021| 23:02| x86 \nMicrosoft.exchange.entities.meetingtimecandidates.dll| 15.2.858.15| 12,327,304| 08-Jul-2021| 23:09| x86 \nMicrosoft.exchange.entities.onlinemeetings.dll| 15.2.858.15| 264,072| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.entities.people.dll| 15.2.858.15| 37,776| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.entities.peopleinsights.dll| 15.2.858.15| 186,744| 08-Jul-2021| 23:02| x86 \nMicrosoft.exchange.entities.reminders.dll| 15.2.858.15| 64,376| 08-Jul-2021| 23:02| x86 \nMicrosoft.exchange.entities.schedules.dll| 15.2.858.15| 83,832| 08-Jul-2021| 23:02| x86 \nMicrosoft.exchange.entities.shellservice.dll| 15.2.858.15| 63,880| 08-Jul-2021| 22:22| x86 \nMicrosoft.exchange.entities.tasks.dll| 15.2.858.15| 100,216| 08-Jul-2021| 22:43| x86 \nMicrosoft.exchange.entities.xrm.dll| 15.2.858.15| 144,776| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.entityextraction.calendar.dll| 15.2.858.15| 270,200| 08-Jul-2021| 23:02| x86 \nMicrosoft.exchange.eserepl.common.dll| 15.2.858.15| 15,248| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.eserepl.configuration.dll| 15.2.858.15| 15,752| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.eserepl.dll| 15.2.858.15| 130,424| 08-Jul-2021| 22:11| x86 \nMicrosoft.exchange.ews.configuration.dll| 15.2.858.15| 254,352| 08-Jul-2021| 22:22| x86 \nMicrosoft.exchange.exchangecertificate.eventlog.dll| 15.2.858.15| 13,176| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.exchangecertificateservicelet.dll| 15.2.858.15| 37,264| 08-Jul-2021| 23:21| x86 \nMicrosoft.exchange.extensibility.internal.dll| 15.2.858.15| 640,888| 08-Jul-2021| 22:11| x86 \nMicrosoft.exchange.extensibility.partner.dll| 15.2.858.15| 37,256| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.federateddirectory.dll| 15.2.858.15| 146,312| 08-Jul-2021| 23:32| x86 \nMicrosoft.exchange.ffosynclogmsg.dll| 15.2.858.15| 13,176| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.frontendhttpproxy.dll| 15.2.858.15| 596,344| 08-Jul-2021| 23:30| x86 \nMicrosoft.exchange.frontendhttpproxy.eventlogs.dll| 15.2.858.15| 14,736| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.frontendtransport.monitoring.dll| 15.2.858.15| 30,096| 09-Jul-2021| 00:09| x86 \nMicrosoft.exchange.griffin.variantconfiguration.dll| 15.2.858.15| 99,704| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.hathirdpartyreplication.dll| 15.2.858.15| 42,384| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.helpprovider.dll| 15.2.858.15| 40,312| 08-Jul-2021| 22:45| x86 \nMicrosoft.exchange.httpproxy.addressfinder.dll| 15.2.858.15| 54,136| 08-Jul-2021| 22:54| x86 \nMicrosoft.exchange.httpproxy.common.dll| 15.2.858.15| 164,216| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.httpproxy.diagnostics.dll| 15.2.858.15| 58,768| 08-Jul-2021| 22:51| x86 \nMicrosoft.exchange.httpproxy.flighting.dll| 15.2.858.15| 204,168| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.httpproxy.passivemonitor.dll| 15.2.858.15| 17,784| 08-Jul-2021| 22:11| x86 \nMicrosoft.exchange.httpproxy.proxyassistant.dll| 15.2.858.15| 30,608| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.httpproxy.routerefresher.dll| 15.2.858.15| 38,776| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.httpproxy.routeselector.dll| 15.2.858.15| 48,504| 08-Jul-2021| 22:54| x86 \nMicrosoft.exchange.httpproxy.routing.dll| 15.2.858.15| 180,600| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.httpredirectmodules.dll| 15.2.858.15| 36,752| 08-Jul-2021| 23:30| x86 \nMicrosoft.exchange.httputilities.dll| 15.2.858.15| 25,976| 08-Jul-2021| 22:54| x86 \nMicrosoft.exchange.hygiene.data.dll| 15.2.858.15| 1,868,168| 08-Jul-2021| 22:49| x86 \nMicrosoft.exchange.hygiene.diagnosisutil.dll| 15.2.858.15| 54,664| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.hygiene.eopinstantprovisioning.dll| 15.2.858.15| 35,720| 08-Jul-2021| 23:22| x86 \nMicrosoft.exchange.idserialization.dll| 15.2.858.15| 35,728| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.imap4.eventlog.dll| 15.2.858.15| 18,320| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.imap4.eventlog.dll.fe| 15.2.858.15| 18,320| 08-Jul-2021| 21:42| Not applicable \nMicrosoft.exchange.imap4.exe| 15.2.858.15| 263,048| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.imap4.exe.fe| 15.2.858.15| 263,048| 08-Jul-2021| 22:39| Not applicable \nMicrosoft.exchange.imap4service.exe| 15.2.858.15| 24,976| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.imap4service.exe.fe| 15.2.858.15| 24,976| 08-Jul-2021| 22:39| Not applicable \nMicrosoft.exchange.imapconfiguration.dl1| 15.2.858.15| 53,112| 08-Jul-2021| 21:51| Not applicable \nMicrosoft.exchange.inference.common.dll| 15.2.858.15| 216,976| 08-Jul-2021| 22:22| x86 \nMicrosoft.exchange.inference.hashtagsrelevance.dll| 15.2.858.15| 32,128| 08-Jul-2021| 23:07| x64 \nMicrosoft.exchange.inference.peoplerelevance.dll| 15.2.858.15| 281,976| 08-Jul-2021| 23:04| x86 \nMicrosoft.exchange.inference.ranking.dll| 15.2.858.15| 18,832| 08-Jul-2021| 22:21| x86 \nMicrosoft.exchange.inference.safetylibrary.dll| 15.2.858.15| 83,832| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.inference.service.eventlog.dll| 15.2.858.15| 15,248| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.infoworker.assistantsclientresources.dll| 15.2.858.15| 94,072| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.infoworker.common.dll| 15.2.858.15| 1,840,504| 08-Jul-2021| 22:50| x86 \nMicrosoft.exchange.infoworker.eventlog.dll| 15.2.858.15| 71,560| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.infoworker.meetingvalidator.dll| 15.2.858.15| 175,496| 08-Jul-2021| 22:52| x86 \nMicrosoft.exchange.instantmessaging.dll| 15.2.858.15| 45,968| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.irm.formprotector.dll| 15.2.858.15| 159,624| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.irm.msoprotector.dll| 15.2.858.15| 51,064| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.irm.ofcprotector.dll| 15.2.858.15| 45,968| 08-Jul-2021| 21:49| x64 \nMicrosoft.exchange.isam.databasemanager.dll| 15.2.858.15| 32,120| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.isam.esebcli.dll| 15.2.858.15| 100,216| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.jobqueue.eventlog.dll| 15.2.858.15| 13,176| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.jobqueueservicelet.dll| 15.2.858.15| 271,224| 08-Jul-2021| 23:34| x86 \nMicrosoft.exchange.killswitch.dll| 15.2.858.15| 22,408| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.killswitchconfiguration.dll| 15.2.858.15| 33,672| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.loganalyzer.analyzers.auditing.dll| 15.2.858.15| 18,312| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loganalyzer.analyzers.certificatelog.dll| 15.2.858.15| 15,240| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loganalyzer.analyzers.cmdletinfralog.dll| 15.2.858.15| 27,528| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.loganalyzer.analyzers.easlog.dll| 15.2.858.15| 30,608| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ecplog.dll| 15.2.858.15| 22,408| 08-Jul-2021| 21:49| x86 \nMicrosoft.exchange.loganalyzer.analyzers.eventlog.dll| 15.2.858.15| 66,424| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ewslog.dll| 15.2.858.15| 29,576| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.loganalyzer.analyzers.griffinperfcounter.dll| 15.2.858.15| 19,856| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.loganalyzer.analyzers.groupescalationlog.dll| 15.2.858.15| 20,344| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loganalyzer.analyzers.httpproxylog.dll| 15.2.858.15| 19,344| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.loganalyzer.analyzers.hxservicelog.dll| 15.2.858.15| 34,168| 08-Jul-2021| 22:20| x86 \nMicrosoft.exchange.loganalyzer.analyzers.iislog.dll| 15.2.858.15| 103,816| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loganalyzer.analyzers.lameventlog.dll| 15.2.858.15| 31,632| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.loganalyzer.analyzers.migrationlog.dll| 15.2.858.15| 15,752| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oabdownloadlog.dll| 15.2.858.15| 20,880| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oauthcafelog.dll| 15.2.858.15| 16,256| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.loganalyzer.analyzers.outlookservicelog.dll| 15.2.858.15| 49,016| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owaclientlog.dll| 15.2.858.15| 44,424| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owalog.dll| 15.2.858.15| 38,280| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.loganalyzer.analyzers.perflog.dll| 15.2.858.15| 10,375,032| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.loganalyzer.analyzers.pfassistantlog.dll| 15.2.858.15| 29,064| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loganalyzer.analyzers.rca.dll| 15.2.858.15| 21,368| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loganalyzer.analyzers.restlog.dll| 15.2.858.15| 24,440| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.loganalyzer.analyzers.store.dll| 15.2.858.15| 15,224| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.loganalyzer.analyzers.transportsynchealthlog.dll| 15.2.858.15| 21,880| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loganalyzer.core.dll| 15.2.858.15| 89,464| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loganalyzer.extensions.auditing.dll| 15.2.858.15| 20,856| 08-Jul-2021| 21:43| x86 \nMicrosoft.exchange.loganalyzer.extensions.certificatelog.dll| 15.2.858.15| 26,504| 08-Jul-2021| 21:43| x86 \nMicrosoft.exchange.loganalyzer.extensions.cmdletinfralog.dll| 15.2.858.15| 21,376| 08-Jul-2021| 21:43| x86 \nMicrosoft.exchange.loganalyzer.extensions.common.dll| 15.2.858.15| 28,040| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loganalyzer.extensions.easlog.dll| 15.2.858.15| 28,552| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loganalyzer.extensions.errordetection.dll| 15.2.858.15| 36,232| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loganalyzer.extensions.ewslog.dll| 15.2.858.15| 16,776| 08-Jul-2021| 21:43| x86 \nMicrosoft.exchange.loganalyzer.extensions.griffinperfcounter.dll| 15.2.858.15| 19,832| 08-Jul-2021| 21:43| x86 \nMicrosoft.exchange.loganalyzer.extensions.groupescalationlog.dll| 15.2.858.15| 15,240| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loganalyzer.extensions.httpproxylog.dll| 15.2.858.15| 17,288| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loganalyzer.extensions.hxservicelog.dll| 15.2.858.15| 19,848| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loganalyzer.extensions.iislog.dll| 15.2.858.15| 57,224| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loganalyzer.extensions.migrationlog.dll| 15.2.858.15| 17,800| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loganalyzer.extensions.oabdownloadlog.dll| 15.2.858.15| 18,808| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.loganalyzer.extensions.oauthcafelog.dll| 15.2.858.15| 16,264| 08-Jul-2021| 21:43| x86 \nMicrosoft.exchange.loganalyzer.extensions.outlookservicelog.dll| 15.2.858.15| 17,800| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loganalyzer.extensions.owaclientlog.dll| 15.2.858.15| 15,248| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loganalyzer.extensions.owalog.dll| 15.2.858.15| 15,240| 08-Jul-2021| 21:43| x86 \nMicrosoft.exchange.loganalyzer.extensions.perflog.dll| 15.2.858.15| 52,624| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loganalyzer.extensions.pfassistantlog.dll| 15.2.858.15| 18,312| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loganalyzer.extensions.rca.dll| 15.2.858.15| 34,168| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loganalyzer.extensions.restlog.dll| 15.2.858.15| 17,280| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.loganalyzer.extensions.store.dll| 15.2.858.15| 18,816| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loganalyzer.extensions.transportsynchealthlog.dll| 15.2.858.15| 43,400| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.loguploader.dll| 15.2.858.15| 165,256| 08-Jul-2021| 22:11| x86 \nMicrosoft.exchange.loguploaderproxy.dll| 15.2.858.15| 54,672| 08-Jul-2021| 22:11| x86 \nMicrosoft.exchange.mailboxassistants.assistants.dll| 15.2.858.15| 9,057,144| 08-Jul-2021| 23:58| x86 \nMicrosoft.exchange.mailboxassistants.attachmentthumbnail.dll| 15.2.858.15| 33,144| 08-Jul-2021| 22:41| x86 \nMicrosoft.exchange.mailboxassistants.common.dll| 15.2.858.15| 124,280| 08-Jul-2021| 22:54| x86 \nMicrosoft.exchange.mailboxassistants.crimsonevents.dll| 15.2.858.15| 82,808| 08-Jul-2021| 21:43| x64 \nMicrosoft.exchange.mailboxassistants.eventlog.dll| 15.2.858.15| 14,224| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.mailboxassistants.rightsmanagement.dll| 15.2.858.15| 30,096| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.mailboxloadbalance.dll| 15.2.858.15| 661,368| 08-Jul-2021| 23:07| x86 \nMicrosoft.exchange.mailboxloadbalance.serverstrings.dll| 15.2.858.15| 63,368| 08-Jul-2021| 22:48| x86 \nMicrosoft.exchange.mailboxreplicationservice.calendarsyncprovider.dll| 15.2.858.15| 175,480| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.mailboxreplicationservice.common.dll| 15.2.858.15| 2,791,824| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.mailboxreplicationservice.complianceprovider.dll| 15.2.858.15| 53,112| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.mailboxreplicationservice.contactsyncprovider.dll| 15.2.858.15| 151,928| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.mailboxreplicationservice.dll| 15.2.858.15| 966,520| 08-Jul-2021| 23:04| x86 \nMicrosoft.exchange.mailboxreplicationservice.easprovider.dll| 15.2.858.15| 185,208| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.mailboxreplicationservice.eventlog.dll| 15.2.858.15| 31,608| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.mailboxreplicationservice.googledocprovider.dll| 15.2.858.15| 39,800| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.mailboxreplicationservice.imapprovider.dll| 15.2.858.15| 105,848| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.mailboxreplicationservice.mapiprovider.dll| 15.2.858.15| 95,104| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.mailboxreplicationservice.popprovider.dll| 15.2.858.15| 43,384| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyclient.dll| 15.2.858.15| 18,824| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyservice.dll| 15.2.858.15| 172,936| 08-Jul-2021| 23:04| x86 \nMicrosoft.exchange.mailboxreplicationservice.pstprovider.dll| 15.2.858.15| 102,776| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.mailboxreplicationservice.remoteprovider.dll| 15.2.858.15| 98,696| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.mailboxreplicationservice.storageprovider.dll| 15.2.858.15| 188,808| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.mailboxreplicationservice.syncprovider.dll| 15.2.858.15| 43,400| 08-Jul-2021| 23:02| x86 \nMicrosoft.exchange.mailboxreplicationservice.xml.dll| 15.2.858.15| 447,368| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.mailboxreplicationservice.xrmprovider.dll| 15.2.858.15| 90,000| 08-Jul-2021| 23:02| x86 \nMicrosoft.exchange.mailboxtransport.monitoring.dll| 15.2.858.15| 107,920| 09-Jul-2021| 00:09| x86 \nMicrosoft.exchange.mailboxtransport.storedriveragents.dll| 15.2.858.15| 371,088| 08-Jul-2021| 23:08| x86 \nMicrosoft.exchange.mailboxtransport.storedrivercommon.dll| 15.2.858.15| 193,912| 08-Jul-2021| 22:50| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.dll| 15.2.858.15| 552,312| 08-Jul-2021| 22:54| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.eventlog.dll| 15.2.858.15| 16,256| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.mailboxtransport.submission.eventlog.dll| 15.2.858.15| 15,736| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.dll| 15.2.858.15| 321,424| 08-Jul-2021| 23:03| x86 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.eventlog.dll| 15.2.858.15| 17,808| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.mailboxtransport.syncdelivery.dll| 15.2.858.15| 45,448| 08-Jul-2021| 22:51| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.dll| 15.2.858.15| 18,320| 08-Jul-2021| 22:46| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.eventlog.dll| 15.2.858.15| 12,664| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.managedlexruntime.mppgruntime.dll| 15.2.858.15| 20,880| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.management.activedirectory.dll| 15.2.858.15| 415,096| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.management.classificationdefinitions.dll| 15.2.858.15| 1,269,624| 08-Jul-2021| 22:11| x86 \nMicrosoft.exchange.management.compliancepolicy.dll| 15.2.858.15| 39,288| 08-Jul-2021| 22:44| x86 \nMicrosoft.exchange.management.controlpanel.basics.dll| 15.2.858.15| 433,544| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.management.controlpanel.dll| 15.2.858.15| 4,566,408| 09-Jul-2021| 01:10| x86 \nMicrosoft.exchange.management.controlpanel.owaoptionstrings.dll| 15.2.858.15| 260,984| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.management.controlpanelmsg.dll| 15.2.858.15| 33,680| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.management.deployment.analysis.dll| 15.2.858.15| 94,072| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.management.deployment.dll| 15.2.858.15| 586,120| 08-Jul-2021| 22:48| x86 \nMicrosoft.exchange.management.deployment.xml.dll| 15.2.858.15| 3,543,416| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.management.detailstemplates.dll| 15.2.858.15| 67,976| 08-Jul-2021| 23:33| x86 \nMicrosoft.exchange.management.dll| 15.2.858.15| 16,497,032| 08-Jul-2021| 23:18| x86 \nMicrosoft.exchange.management.edge.systemmanager.dll| 15.2.858.15| 58,768| 08-Jul-2021| 23:23| x86 \nMicrosoft.exchange.management.infrastructure.asynchronoustask.dll| 15.2.858.15| 23,944| 08-Jul-2021| 23:24| x86 \nMicrosoft.exchange.management.jitprovisioning.dll| 15.2.858.15| 101,776| 08-Jul-2021| 22:46| x86 \nMicrosoft.exchange.management.migration.dll| 15.2.858.15| 544,144| 08-Jul-2021| 23:20| x86 \nMicrosoft.exchange.management.mobility.dll| 15.2.858.15| 305,016| 08-Jul-2021| 23:22| x86 \nMicrosoft.exchange.management.nativeresources.dll| 15.2.858.15| 273,808| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.management.powershell.support.dll| 15.2.858.15| 418,680| 08-Jul-2021| 23:23| x86 \nMicrosoft.exchange.management.provisioning.dll| 15.2.858.15| 275,832| 08-Jul-2021| 23:25| x86 \nMicrosoft.exchange.management.psdirectinvoke.dll| 15.2.858.15| 70,520| 08-Jul-2021| 23:30| x86 \nMicrosoft.exchange.management.rbacdefinition.dll| 15.2.858.15| 7,873,936| 08-Jul-2021| 22:20| x86 \nMicrosoft.exchange.management.recipient.dll| 15.2.858.15| 1,502,072| 08-Jul-2021| 23:22| x86 \nMicrosoft.exchange.management.snapin.esm.dll| 15.2.858.15| 71,560| 08-Jul-2021| 23:24| x86 \nMicrosoft.exchange.management.systemmanager.dll| 15.2.858.15| 1,249,160| 08-Jul-2021| 23:21| x86 \nMicrosoft.exchange.management.transport.dll| 15.2.858.15| 1,876,880| 08-Jul-2021| 23:26| x86 \nMicrosoft.exchange.managementgui.dll| 15.2.858.15| 5,366,664| 08-Jul-2021| 22:12| x86 \nMicrosoft.exchange.managementmsg.dll| 15.2.858.15| 36,240| 08-Jul-2021| 21:43| x64 \nMicrosoft.exchange.mapihttpclient.dll| 15.2.858.15| 117,624| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.mapihttphandler.dll| 15.2.858.15| 209,800| 08-Jul-2021| 23:23| x86 \nMicrosoft.exchange.messagesecurity.dll| 15.2.858.15| 79,736| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.messagesecurity.messagesecuritymsg.dll| 15.2.858.15| 17,296| 08-Jul-2021| 21:43| x64 \nMicrosoft.exchange.messagingpolicies.dlppolicyagent.dll| 15.2.858.15| 156,040| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.messagingpolicies.edgeagents.dll| 15.2.858.15| 65,936| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.messagingpolicies.eventlog.dll| 15.2.858.15| 30,600| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.messagingpolicies.filtering.dll| 15.2.858.15| 58,248| 08-Jul-2021| 22:51| x86 \nMicrosoft.exchange.messagingpolicies.hygienerules.dll| 15.2.858.15| 29,584| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.messagingpolicies.journalagent.dll| 15.2.858.15| 175,488| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.messagingpolicies.redirectionagent.dll| 15.2.858.15| 28,552| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.messagingpolicies.retentionpolicyagent.dll| 15.2.858.15| 75,152| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.messagingpolicies.rmsvcagent.dll| 15.2.858.15| 207,232| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.messagingpolicies.rules.dll| 15.2.858.15| 440,696| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.messagingpolicies.supervisoryreviewagent.dll| 15.2.858.15| 83,320| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.messagingpolicies.transportruleagent.dll| 15.2.858.15| 35,208| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.messagingpolicies.unifiedpolicycommon.dll| 15.2.858.15| 53,128| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.messagingpolicies.unjournalagent.dll| 15.2.858.15| 96,648| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.migration.dll| 15.2.858.15| 1,110,416| 08-Jul-2021| 23:07| x86 \nMicrosoft.exchange.migrationworkflowservice.eventlog.dll| 15.2.858.15| 14,728| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.mobiledriver.dll| 15.2.858.15| 135,544| 08-Jul-2021| 22:50| x86 \nMicrosoft.exchange.monitoring.activemonitoring.local.components.dll| 15.2.858.15| 5,065,592| 09-Jul-2021| 00:04| x86 \nMicrosoft.exchange.monitoring.servicecontextprovider.dll| 15.2.858.15| 19,832| 08-Jul-2021| 22:11| x86 \nMicrosoft.exchange.mrsmlbconfiguration.dll| 15.2.858.15| 68,488| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.net.dll| 15.2.858.15| 5,086,088| 08-Jul-2021| 21:47| x86 \nMicrosoft.exchange.net.rightsmanagement.dll| 15.2.858.15| 265,592| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.networksettings.dll| 15.2.858.15| 37,776| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.notifications.broker.eventlog.dll| 15.2.858.15| 14,200| 08-Jul-2021| 21:43| x64 \nMicrosoft.exchange.notifications.broker.exe| 15.2.858.15| 549,752| 08-Jul-2021| 23:55| x86 \nMicrosoft.exchange.oabauthmodule.dll| 15.2.858.15| 22,920| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.oabrequesthandler.dll| 15.2.858.15| 106,376| 08-Jul-2021| 22:44| x86 \nMicrosoft.exchange.oauth.core.dll| 15.2.858.15| 291,704| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.objectstoreclient.dll| 15.2.858.15| 17,272| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.odata.configuration.dll| 15.2.858.15| 277,880| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.odata.dll| 15.2.858.15| 2,993,552| 08-Jul-2021| 23:52| x86 \nMicrosoft.exchange.officegraph.common.dll| 15.2.858.15| 90,504| 08-Jul-2021| 22:23| x86 \nMicrosoft.exchange.officegraph.grain.dll| 15.2.858.15| 101,776| 08-Jul-2021| 22:44| x86 \nMicrosoft.exchange.officegraph.graincow.dll| 15.2.858.15| 38,264| 08-Jul-2021| 22:44| x86 \nMicrosoft.exchange.officegraph.graineventbasedassistants.dll| 15.2.858.15| 45,432| 08-Jul-2021| 22:46| x86 \nMicrosoft.exchange.officegraph.grainpropagationengine.dll| 15.2.858.15| 58,256| 08-Jul-2021| 22:41| x86 \nMicrosoft.exchange.officegraph.graintransactionstorage.dll| 15.2.858.15| 147,320| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.officegraph.graintransportdeliveryagent.dll| 15.2.858.15| 26,488| 08-Jul-2021| 22:44| x86 \nMicrosoft.exchange.officegraph.graphstore.dll| 15.2.858.15| 184,184| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.officegraph.permailboxkeys.dll| 15.2.858.15| 26,488| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.officegraph.secondarycopyquotamanagement.dll| 15.2.858.15| 38,264| 08-Jul-2021| 22:46| x86 \nMicrosoft.exchange.officegraph.secondaryshallowcopylocation.dll| 15.2.858.15| 55,672| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.officegraph.security.dll| 15.2.858.15| 147,336| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.officegraph.semanticgraph.dll| 15.2.858.15| 191,864| 08-Jul-2021| 22:44| x86 \nMicrosoft.exchange.officegraph.tasklogger.dll| 15.2.858.15| 33,680| 08-Jul-2021| 22:40| x86 \nMicrosoft.exchange.partitioncache.dll| 15.2.858.15| 28,048| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.passivemonitoringsettings.dll| 15.2.858.15| 32,632| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.photogarbagecollectionservicelet.dll| 15.2.858.15| 15,248| 08-Jul-2021| 22:46| x86 \nMicrosoft.exchange.pop3.eventlog.dll| 15.2.858.15| 17,296| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.pop3.eventlog.dll.fe| 15.2.858.15| 17,296| 08-Jul-2021| 21:42| Not applicable \nMicrosoft.exchange.pop3.exe| 15.2.858.15| 106,896| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.pop3.exe.fe| 15.2.858.15| 106,896| 08-Jul-2021| 22:39| Not applicable \nMicrosoft.exchange.pop3service.exe| 15.2.858.15| 24,952| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.pop3service.exe.fe| 15.2.858.15| 24,952| 08-Jul-2021| 22:39| Not applicable \nMicrosoft.exchange.popconfiguration.dl1| 15.2.858.15| 42,888| 08-Jul-2021| 21:51| Not applicable \nMicrosoft.exchange.popimap.core.dll| 15.2.858.15| 264,592| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.popimap.core.dll.fe| 15.2.858.15| 264,592| 08-Jul-2021| 22:39| Not applicable \nMicrosoft.exchange.powersharp.dll| 15.2.858.15| 358,272| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.powersharp.management.dll| 15.2.858.15| 4,166,520| 08-Jul-2021| 23:31| x86 \nMicrosoft.exchange.powershell.configuration.dll| 15.2.858.15| 308,600| 08-Jul-2021| 23:31| x64 \nMicrosoft.exchange.powershell.rbachostingtools.dll| 15.2.858.15| 41,360| 08-Jul-2021| 23:30| x86 \nMicrosoft.exchange.protectedservicehost.exe| 15.2.858.15| 30,608| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.protocols.fasttransfer.dll| 15.2.858.15| 137,096| 08-Jul-2021| 22:53| x86 \nMicrosoft.exchange.protocols.mapi.dll| 15.2.858.15| 441,744| 08-Jul-2021| 22:50| x86 \nMicrosoft.exchange.provisioning.eventlog.dll| 15.2.858.15| 14,224| 08-Jul-2021| 21:43| x64 \nMicrosoft.exchange.provisioningagent.dll| 15.2.858.15| 224,656| 08-Jul-2021| 23:21| x86 \nMicrosoft.exchange.provisioningservicelet.dll| 15.2.858.15| 105,872| 08-Jul-2021| 23:20| x86 \nMicrosoft.exchange.pst.dll| 15.2.858.15| 168,848| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.pst.dll.deploy| 15.2.858.15| 168,848| 08-Jul-2021| 21:42| Not applicable \nMicrosoft.exchange.pswsclient.dll| 15.2.858.15| 259,472| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.publicfolders.dll| 15.2.858.15| 72,056| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.pushnotifications.crimsonevents.dll| 15.2.858.15| 215,944| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.pushnotifications.dll| 15.2.858.15| 106,896| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.pushnotifications.publishers.dll| 15.2.858.15| 425,848| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.pushnotifications.server.dll| 15.2.858.15| 70,520| 08-Jul-2021| 22:41| x86 \nMicrosoft.exchange.query.analysis.dll| 15.2.858.15| 46,480| 08-Jul-2021| 23:07| x86 \nMicrosoft.exchange.query.configuration.dll| 15.2.858.15| 215,928| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.query.core.dll| 15.2.858.15| 168,824| 08-Jul-2021| 22:49| x86 \nMicrosoft.exchange.query.ranking.dll| 15.2.858.15| 343,440| 08-Jul-2021| 23:07| x86 \nMicrosoft.exchange.query.retrieval.dll| 15.2.858.15| 174,456| 08-Jul-2021| 23:07| x86 \nMicrosoft.exchange.query.suggestions.dll| 15.2.858.15| 95,112| 08-Jul-2021| 23:03| x86 \nMicrosoft.exchange.realtimeanalyticspublisherservicelet.dll| 15.2.858.15| 127,368| 08-Jul-2021| 22:53| x86 \nMicrosoft.exchange.relevance.core.dll| 15.2.858.15| 63,360| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.relevance.data.dll| 15.2.858.15| 36,744| 08-Jul-2021| 22:21| x64 \nMicrosoft.exchange.relevance.mailtagger.dll| 15.2.858.15| 17,784| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.relevance.people.dll| 15.2.858.15| 9,666,936| 08-Jul-2021| 23:02| x86 \nMicrosoft.exchange.relevance.peopleindex.dll| 15.2.858.15| 20,788,088| 08-Jul-2021| 21:51| x64 \nMicrosoft.exchange.relevance.peopleranker.dll| 15.2.858.15| 36,752| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.relevance.perm.dll| 15.2.858.15| 97,680| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.relevance.sassuggest.dll| 15.2.858.15| 28,560| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.relevance.upm.dll| 15.2.858.15| 72,080| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.routing.client.dll| 15.2.858.15| 15,736| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.routing.eventlog.dll| 15.2.858.15| 13,192| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.routing.server.exe| 15.2.858.15| 59,256| 08-Jul-2021| 22:40| x86 \nMicrosoft.exchange.rpc.dll| 15.2.858.15| 1,647,496| 08-Jul-2021| 21:51| x64 \nMicrosoft.exchange.rpcclientaccess.dll| 15.2.858.15| 209,800| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.rpcclientaccess.exmonhandler.dll| 15.2.858.15| 60,296| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.rpcclientaccess.handler.dll| 15.2.858.15| 518,032| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.rpcclientaccess.monitoring.dll| 15.2.858.15| 161,144| 08-Jul-2021| 22:11| x86 \nMicrosoft.exchange.rpcclientaccess.parser.dll| 15.2.858.15| 724,344| 08-Jul-2021| 21:47| x86 \nMicrosoft.exchange.rpcclientaccess.server.dll| 15.2.858.15| 243,080| 08-Jul-2021| 22:41| x86 \nMicrosoft.exchange.rpcclientaccess.service.eventlog.dll| 15.2.858.15| 20,880| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.rpcclientaccess.service.exe| 15.2.858.15| 35,208| 08-Jul-2021| 23:23| x86 \nMicrosoft.exchange.rpchttpmodules.dll| 15.2.858.15| 42,360| 08-Jul-2021| 22:43| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.dll| 15.2.858.15| 56,208| 08-Jul-2021| 23:21| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.eventlog.dll| 15.2.858.15| 27,536| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.rules.common.dll| 15.2.858.15| 130,424| 08-Jul-2021| 22:11| x86 \nMicrosoft.exchange.saclwatcher.eventlog.dll| 15.2.858.15| 14,712| 08-Jul-2021| 21:43| x64 \nMicrosoft.exchange.saclwatcherservicelet.dll| 15.2.858.15| 20,368| 08-Jul-2021| 22:46| x86 \nMicrosoft.exchange.safehtml.dll| 15.2.858.15| 21,384| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.sandbox.activities.dll| 15.2.858.15| 267,656| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.sandbox.contacts.dll| 15.2.858.15| 110,968| 08-Jul-2021| 21:43| x86 \nMicrosoft.exchange.sandbox.core.dll| 15.2.858.15| 112,520| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.sandbox.services.dll| 15.2.858.15| 622,472| 08-Jul-2021| 21:43| x86 \nMicrosoft.exchange.search.bigfunnel.dll| 15.2.858.15| 185,224| 08-Jul-2021| 23:07| x86 \nMicrosoft.exchange.search.bigfunnel.eventlog.dll| 15.2.858.15| 12,168| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.search.blingwrapper.dll| 15.2.858.15| 19,344| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.search.core.dll| 15.2.858.15| 211,840| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.search.ediscoveryquery.dll| 15.2.858.15| 17,800| 08-Jul-2021| 23:08| x86 \nMicrosoft.exchange.search.engine.dll| 15.2.858.15| 97,672| 08-Jul-2021| 22:45| x86 \nMicrosoft.exchange.search.fast.configuration.dll| 15.2.858.15| 16,768| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.search.fast.dll| 15.2.858.15| 436,600| 08-Jul-2021| 22:44| x86 \nMicrosoft.exchange.search.files.dll| 15.2.858.15| 274,312| 08-Jul-2021| 22:48| x86 \nMicrosoft.exchange.search.flighting.dll| 15.2.858.15| 24,960| 08-Jul-2021| 21:52| x86 \nMicrosoft.exchange.search.mdb.dll| 15.2.858.15| 218,000| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.search.service.exe| 15.2.858.15| 26,504| 08-Jul-2021| 22:47| x86 \nMicrosoft.exchange.security.applicationencryption.dll| 15.2.858.15| 221,072| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.security.dll| 15.2.858.15| 1,559,952| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.security.msarpsservice.exe| 15.2.858.15| 19,848| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.security.securitymsg.dll| 15.2.858.15| 28,552| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.server.storage.admininterface.dll| 15.2.858.15| 225,160| 08-Jul-2021| 23:03| x86 \nMicrosoft.exchange.server.storage.common.dll| 15.2.858.15| 5,151,112| 08-Jul-2021| 22:12| x86 \nMicrosoft.exchange.server.storage.diagnostics.dll| 15.2.858.15| 214,904| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.server.storage.directoryservices.dll| 15.2.858.15| 115,592| 08-Jul-2021| 22:53| x86 \nMicrosoft.exchange.server.storage.esebackinterop.dll| 15.2.858.15| 82,832| 08-Jul-2021| 22:12| x64 \nMicrosoft.exchange.server.storage.eventlog.dll| 15.2.858.15| 80,776| 08-Jul-2021| 21:43| x64 \nMicrosoft.exchange.server.storage.fulltextindex.dll| 15.2.858.15| 66,448| 08-Jul-2021| 22:41| x86 \nMicrosoft.exchange.server.storage.ha.dll| 15.2.858.15| 81,296| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.server.storage.lazyindexing.dll| 15.2.858.15| 211,848| 08-Jul-2021| 22:45| x86 \nMicrosoft.exchange.server.storage.logicaldatamodel.dll| 15.2.858.15| 1,341,304| 08-Jul-2021| 22:48| x86 \nMicrosoft.exchange.server.storage.mapidisp.dll| 15.2.858.15| 511,880| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.server.storage.multimailboxsearch.dll| 15.2.858.15| 47,496| 08-Jul-2021| 22:45| x86 \nMicrosoft.exchange.server.storage.physicalaccess.dll| 15.2.858.15| 873,872| 08-Jul-2021| 22:40| x86 \nMicrosoft.exchange.server.storage.propertydefinitions.dll| 15.2.858.15| 1,352,568| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.server.storage.propertytag.dll| 15.2.858.15| 30,608| 08-Jul-2021| 22:11| x86 \nMicrosoft.exchange.server.storage.rpcproxy.dll| 15.2.858.15| 130,440| 08-Jul-2021| 23:07| x86 \nMicrosoft.exchange.server.storage.storecommonservices.dll| 15.2.858.15| 1,018,768| 08-Jul-2021| 22:43| x86 \nMicrosoft.exchange.server.storage.storeintegritycheck.dll| 15.2.858.15| 111,496| 08-Jul-2021| 22:52| x86 \nMicrosoft.exchange.server.storage.workermanager.dll| 15.2.858.15| 34,704| 08-Jul-2021| 22:11| x86 \nMicrosoft.exchange.server.storage.xpress.dll| 15.2.858.15| 19,336| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.servicehost.eventlog.dll| 15.2.858.15| 14,728| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.servicehost.exe| 15.2.858.15| 60,808| 08-Jul-2021| 22:44| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.dll| 15.2.858.15| 50,568| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.eventlog.dll| 15.2.858.15| 14,200| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.servicelets.unifiedpolicysyncservicelet.eventlog.dll| 15.2.858.15| 14,216| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.services.common.dll| 15.2.858.15| 74,120| 08-Jul-2021| 22:53| x86 \nMicrosoft.exchange.services.dll| 15.2.858.15| 8,480,656| 08-Jul-2021| 23:38| x86 \nMicrosoft.exchange.services.eventlogs.dll| 15.2.858.15| 30,088| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.services.ewshandler.dll| 15.2.858.15| 633,736| 08-Jul-2021| 23:49| x86 \nMicrosoft.exchange.services.ewsserialization.dll| 15.2.858.15| 1,651,080| 08-Jul-2021| 23:41| x86 \nMicrosoft.exchange.services.json.dll| 15.2.858.15| 296,328| 08-Jul-2021| 23:45| x86 \nMicrosoft.exchange.services.messaging.dll| 15.2.858.15| 43,400| 08-Jul-2021| 23:39| x86 \nMicrosoft.exchange.services.onlinemeetings.dll| 15.2.858.15| 233,336| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.services.surface.dll| 15.2.858.15| 178,552| 08-Jul-2021| 23:48| x86 \nMicrosoft.exchange.services.wcf.dll| 15.2.858.15| 348,560| 08-Jul-2021| 23:43| x86 \nMicrosoft.exchange.setup.acquirelanguagepack.dll| 15.2.858.15| 56,712| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.setup.bootstrapper.common.dll| 15.2.858.15| 93,048| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.setup.common.dll| 15.2.858.15| 296,328| 08-Jul-2021| 23:33| x86 \nMicrosoft.exchange.setup.commonbase.dll| 15.2.858.15| 35,720| 08-Jul-2021| 23:24| x86 \nMicrosoft.exchange.setup.console.dll| 15.2.858.15| 27,016| 08-Jul-2021| 23:36| x86 \nMicrosoft.exchange.setup.gui.dll| 15.2.858.15| 114,576| 08-Jul-2021| 23:36| x86 \nMicrosoft.exchange.setup.parser.dll| 15.2.858.15| 53,648| 08-Jul-2021| 23:21| x86 \nMicrosoft.exchange.setup.signverfwrapper.dll| 15.2.858.15| 75,152| 08-Jul-2021| 21:43| x64 \nMicrosoft.exchange.sharedcache.caches.dll| 15.2.858.15| 142,736| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.sharedcache.client.dll| 15.2.858.15| 24,976| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.sharedcache.eventlog.dll| 15.2.858.15| 15,248| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.sharedcache.exe| 15.2.858.15| 58,760| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.sharepointsignalstore.dll| 15.2.858.15| 27,024| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.slabmanifest.dll| 15.2.858.15| 46,984| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.sqm.dll| 15.2.858.15| 46,992| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.store.service.exe| 15.2.858.15| 28,040| 08-Jul-2021| 23:07| x86 \nMicrosoft.exchange.store.worker.exe| 15.2.858.15| 26,512| 08-Jul-2021| 23:07| x86 \nMicrosoft.exchange.storeobjectsservice.eventlog.dll| 15.2.858.15| 13,712| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.storeobjectsservice.exe| 15.2.858.15| 31,632| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.storeprovider.dll| 15.2.858.15| 1,205,128| 08-Jul-2021| 21:52| x86 \nMicrosoft.exchange.structuredquery.dll| 15.2.858.15| 158,584| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.symphonyhandler.dll| 15.2.858.15| 628,088| 08-Jul-2021| 23:08| x86 \nMicrosoft.exchange.syncmigration.eventlog.dll| 15.2.858.15| 13,176| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.syncmigrationservicelet.dll| 15.2.858.15| 16,264| 08-Jul-2021| 23:22| x86 \nMicrosoft.exchange.systemprobemsg.dll| 15.2.858.15| 13,200| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.textprocessing.dll| 15.2.858.15| 221,560| 08-Jul-2021| 22:11| x86 \nMicrosoft.exchange.textprocessing.eventlog.dll| 15.2.858.15| 13,712| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.transport.agent.addressbookpolicyroutingagent.dll| 15.2.858.15| 29,064| 08-Jul-2021| 22:54| x86 \nMicrosoft.exchange.transport.agent.antispam.common.dll| 15.2.858.15| 138,640| 08-Jul-2021| 22:51| x86 \nMicrosoft.exchange.transport.agent.contentfilter.cominterop.dll| 15.2.858.15| 21,896| 08-Jul-2021| 22:12| x86 \nMicrosoft.exchange.transport.agent.controlflow.dll| 15.2.858.15| 40,312| 08-Jul-2021| 22:54| x86 \nMicrosoft.exchange.transport.agent.faultinjectionagent.dll| 15.2.858.15| 22,920| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.transport.agent.frontendproxyagent.dll| 15.2.858.15| 21,368| 08-Jul-2021| 22:48| x86 \nMicrosoft.exchange.transport.agent.hygiene.dll| 15.2.858.15| 212,368| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.transport.agent.interceptoragent.dll| 15.2.858.15| 98,680| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.transport.agent.liveidauth.dll| 15.2.858.15| 22,904| 08-Jul-2021| 22:48| x86 \nMicrosoft.exchange.transport.agent.malware.dll| 15.2.858.15| 169,360| 08-Jul-2021| 23:09| x86 \nMicrosoft.exchange.transport.agent.malware.eventlog.dll| 15.2.858.15| 18,296| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.transport.agent.phishingdetection.dll| 15.2.858.15| 20,880| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.transport.agent.prioritization.dll| 15.2.858.15| 31,608| 08-Jul-2021| 22:54| x86 \nMicrosoft.exchange.transport.agent.protocolanalysis.dbaccess.dll| 15.2.858.15| 46,984| 08-Jul-2021| 22:54| x86 \nMicrosoft.exchange.transport.agent.search.dll| 15.2.858.15| 30,072| 08-Jul-2021| 22:49| x86 \nMicrosoft.exchange.transport.agent.senderid.core.dll| 15.2.858.15| 53,128| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.transport.agent.sharedmailboxsentitemsroutingagent.dll| 15.2.858.15| 44,920| 08-Jul-2021| 22:49| x86 \nMicrosoft.exchange.transport.agent.systemprobedrop.dll| 15.2.858.15| 18,312| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.transport.agent.transportfeatureoverrideagent.dll| 15.2.858.15| 46,472| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.transport.agent.trustedmailagents.dll| 15.2.858.15| 46,472| 08-Jul-2021| 22:53| x86 \nMicrosoft.exchange.transport.cloudmonitor.common.dll| 15.2.858.15| 28,040| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.transport.common.dll| 15.2.858.15| 457,080| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.transport.contracts.dll| 15.2.858.15| 18,296| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.transport.decisionengine.dll| 15.2.858.15| 30,608| 08-Jul-2021| 22:11| x86 \nMicrosoft.exchange.transport.dll| 15.2.858.15| 4,183,952| 08-Jul-2021| 22:46| x86 \nMicrosoft.exchange.transport.dsapiclient.dll| 15.2.858.15| 182,136| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.transport.eventlog.dll| 15.2.858.15| 121,744| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.transport.extensibility.dll| 15.2.858.15| 403,848| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.transport.extensibilityeventlog.dll| 15.2.858.15| 14,728| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.transport.flighting.dll| 15.2.858.15| 90,000| 08-Jul-2021| 22:11| x86 \nMicrosoft.exchange.transport.logging.dll| 15.2.858.15| 88,952| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.transport.logging.search.dll| 15.2.858.15| 68,488| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.transport.loggingcommon.dll| 15.2.858.15| 63,352| 08-Jul-2021| 22:19| x86 \nMicrosoft.exchange.transport.monitoring.dll| 15.2.858.15| 430,480| 09-Jul-2021| 00:07| x86 \nMicrosoft.exchange.transport.net.dll| 15.2.858.15| 122,248| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.transport.protocols.contracts.dll| 15.2.858.15| 17,808| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.transport.protocols.dll| 15.2.858.15| 29,072| 08-Jul-2021| 22:40| x86 \nMicrosoft.exchange.transport.protocols.httpsubmission.dll| 15.2.858.15| 60,792| 08-Jul-2021| 22:41| x86 \nMicrosoft.exchange.transport.requestbroker.dll| 15.2.858.15| 50,064| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.transport.scheduler.contracts.dll| 15.2.858.15| 33,168| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.transport.scheduler.dll| 15.2.858.15| 113,040| 08-Jul-2021| 22:40| x86 \nMicrosoft.exchange.transport.smtpshared.dll| 15.2.858.15| 18,296| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.transport.storage.contracts.dll| 15.2.858.15| 52,112| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.transport.storage.dll| 15.2.858.15| 675,216| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.transport.storage.management.dll| 15.2.858.15| 23,936| 08-Jul-2021| 22:49| x86 \nMicrosoft.exchange.transport.sync.agents.dll| 15.2.858.15| 17,800| 08-Jul-2021| 23:03| x86 \nMicrosoft.exchange.transport.sync.common.dll| 15.2.858.15| 487,288| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.transport.sync.common.eventlog.dll| 15.2.858.15| 12,672| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.transport.sync.manager.dll| 15.2.858.15| 306,056| 08-Jul-2021| 23:02| x86 \nMicrosoft.exchange.transport.sync.manager.eventlog.dll| 15.2.858.15| 15,752| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.transport.sync.migrationrpc.dll| 15.2.858.15| 46,480| 08-Jul-2021| 23:02| x86 \nMicrosoft.exchange.transport.sync.worker.dll| 15.2.858.15| 1,044,344| 08-Jul-2021| 23:04| x86 \nMicrosoft.exchange.transport.sync.worker.eventlog.dll| 15.2.858.15| 15,224| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.transportlogsearch.eventlog.dll| 15.2.858.15| 18,824| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.transportsyncmanagersvc.exe| 15.2.858.15| 18,808| 08-Jul-2021| 23:03| x86 \nMicrosoft.exchange.um.troubleshootingtool.shared.dll| 15.2.858.15| 118,664| 08-Jul-2021| 21:47| x86 \nMicrosoft.exchange.um.umcommon.dll| 15.2.858.15| 924,536| 08-Jul-2021| 22:54| x86 \nMicrosoft.exchange.um.umcore.dll| 15.2.858.15| 1,469,328| 08-Jul-2021| 23:00| x86 \nMicrosoft.exchange.um.umvariantconfiguration.dll| 15.2.858.15| 32,656| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.unifiedcontent.dll| 15.2.858.15| 41,864| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.unifiedcontent.exchange.dll| 15.2.858.15| 24,976| 08-Jul-2021| 22:21| x86 \nMicrosoft.exchange.unifiedpolicyfilesync.eventlog.dll| 15.2.858.15| 15,224| 08-Jul-2021| 21:48| x64 \nMicrosoft.exchange.unifiedpolicyfilesyncservicelet.dll| 15.2.858.15| 83,344| 08-Jul-2021| 23:20| x86 \nMicrosoft.exchange.unifiedpolicysyncservicelet.dll| 15.2.858.15| 50,064| 08-Jul-2021| 23:20| x86 \nMicrosoft.exchange.variantconfiguration.antispam.dll| 15.2.858.15| 642,424| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.variantconfiguration.core.dll| 15.2.858.15| 186,248| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.variantconfiguration.dll| 15.2.858.15| 67,448| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.variantconfiguration.eventlog.dll| 15.2.858.15| 12,664| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.variantconfiguration.excore.dll| 15.2.858.15| 56,696| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.variantconfiguration.globalsettings.dll| 15.2.858.15| 27,536| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.variantconfiguration.hygiene.dll| 15.2.858.15| 120,696| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.variantconfiguration.protectionservice.dll| 15.2.858.15| 31,608| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.variantconfiguration.threatintel.dll| 15.2.858.15| 57,208| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.webservices.auth.dll| 15.2.858.15| 35,720| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.webservices.dll| 15.2.858.15| 1,054,072| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.webservices.xrm.dll| 15.2.858.15| 67,984| 08-Jul-2021| 21:42| x86 \nMicrosoft.exchange.wlmservicelet.dll| 15.2.858.15| 23,440| 08-Jul-2021| 22:46| x86 \nMicrosoft.exchange.wopiclient.dll| 15.2.858.15| 77,200| 08-Jul-2021| 21:43| x86 \nMicrosoft.exchange.workingset.signalapi.dll| 15.2.858.15| 17,272| 08-Jul-2021| 21:48| x86 \nMicrosoft.exchange.workingsetabstraction.signalapiabstraction.dll| 15.2.858.15| 29,072| 08-Jul-2021| 21:43| x86 \nMicrosoft.exchange.workloadmanagement.dll| 15.2.858.15| 505,232| 08-Jul-2021| 22:39| x86 \nMicrosoft.exchange.workloadmanagement.eventlogs.dll| 15.2.858.15| 14,712| 08-Jul-2021| 21:42| x64 \nMicrosoft.exchange.workloadmanagement.throttling.configuration.dll| 15.2.858.15| 36,728| 08-Jul-2021| 21:51| x86 \nMicrosoft.exchange.workloadmanagement.throttling.dll| 15.2.858.15| 66,432| 08-Jul-2021| 22:39| x86 \nMicrosoft.fast.contextlogger.json.dll| 15.2.858.15| 19,344| 08-Jul-2021| 21:42| x86 \nMicrosoft.filtering.dll| 15.2.858.15| 113,016| 08-Jul-2021| 22:12| x86 \nMicrosoft.filtering.exchange.dll| 15.2.858.15| 57,208| 08-Jul-2021| 22:50| x86 \nMicrosoft.filtering.interop.dll| 15.2.858.15| 15,224| 08-Jul-2021| 22:11| x86 \nMicrosoft.forefront.activedirectoryconnector.dll| 15.2.858.15| 46,968| 08-Jul-2021| 22:20| x86 \nMicrosoft.forefront.activedirectoryconnector.eventlog.dll| 15.2.858.15| 15,752| 08-Jul-2021| 21:43| x64 \nMicrosoft.forefront.filtering.common.dll| 15.2.858.15| 23,952| 08-Jul-2021| 21:42| x86 \nMicrosoft.forefront.filtering.diagnostics.dll| 15.2.858.15| 22,416| 08-Jul-2021| 21:42| x86 \nMicrosoft.forefront.filtering.eventpublisher.dll| 15.2.858.15| 34,680| 08-Jul-2021| 21:42| x86 \nMicrosoft.forefront.management.powershell.format.ps1xml| Not applicable| 48,914| 08-Jul-2021| 23:32| Not applicable \nMicrosoft.forefront.management.powershell.types.ps1xml| Not applicable| 16,290| 08-Jul-2021| 23:32| Not applicable \nMicrosoft.forefront.monitoring.activemonitoring.local.components.dll| 15.2.858.15| 1,518,984| 09-Jul-2021| 00:08| x86 \nMicrosoft.forefront.monitoring.activemonitoring.local.components.messages.dll| 15.2.858.15| 13,200| 08-Jul-2021| 21:48| x64 \nMicrosoft.forefront.monitoring.management.outsidein.dll| 15.2.858.15| 33,144| 08-Jul-2021| 23:51| x86 \nMicrosoft.forefront.recoveryactionarbiter.contract.dll| 15.2.858.15| 18,312| 08-Jul-2021| 21:42| x86 \nMicrosoft.forefront.reporting.common.dll| 15.2.858.15| 46,472| 08-Jul-2021| 22:51| x86 \nMicrosoft.forefront.reporting.ondemandquery.dll| 15.2.858.15| 50,552| 08-Jul-2021| 22:54| x86 \nMicrosoft.isam.esent.collections.dll| 15.2.858.15| 72,568| 08-Jul-2021| 21:48| x86 \nMicrosoft.isam.esent.interop.dll| 15.2.858.15| 541,584| 08-Jul-2021| 21:42| x86 \nMicrosoft.managementgui.dll| 15.2.858.15| 133,496| 08-Jul-2021| 21:43| x86 \nMicrosoft.mce.interop.dll| 15.2.858.15| 24,464| 08-Jul-2021| 21:42| x86 \nMicrosoft.office.audit.dll| 15.2.858.15| 124,808| 08-Jul-2021| 21:42| x86 \nMicrosoft.office.client.discovery.unifiedexport.dll| 15.2.858.15| 593,296| 08-Jul-2021| 22:11| x86 \nMicrosoft.office.common.ipcommonlogger.dll| 15.2.858.15| 42,360| 08-Jul-2021| 21:48| x86 \nMicrosoft.office.compliance.console.core.dll| 15.2.858.15| 217,976| 09-Jul-2021| 01:13| x86 \nMicrosoft.office.compliance.console.dll| 15.2.858.15| 854,920| 09-Jul-2021| 01:21| x86 \nMicrosoft.office.compliance.console.extensions.dll| 15.2.858.15| 485,776| 09-Jul-2021| 01:16| x86 \nMicrosoft.office.compliance.core.dll| 15.2.858.15| 413,064| 08-Jul-2021| 21:51| x86 \nMicrosoft.office.compliance.ingestion.dll| 15.2.858.15| 36,216| 08-Jul-2021| 21:48| x86 \nMicrosoft.office.compliancepolicy.exchange.dar.dll| 15.2.858.15| 84,872| 08-Jul-2021| 22:48| x86 \nMicrosoft.office.compliancepolicy.platform.dll| 15.2.858.15| 1,782,160| 08-Jul-2021| 21:42| x86 \nMicrosoft.office.datacenter.activemonitoring.management.common.dll| 15.2.858.15| 49,528| 08-Jul-2021| 22:46| x86 \nMicrosoft.office.datacenter.activemonitoring.management.dll| 15.2.858.15| 27,536| 08-Jul-2021| 22:52| x86 \nMicrosoft.office.datacenter.activemonitoringlocal.dll| 15.2.858.15| 174,984| 08-Jul-2021| 21:51| x86 \nMicrosoft.office.datacenter.monitoring.activemonitoring.recovery.dll| 15.2.858.15| 166,280| 08-Jul-2021| 22:22| x86 \nMicrosoft.office365.datainsights.uploader.dll| 15.2.858.15| 40,336| 08-Jul-2021| 21:42| x86 \nMicrosoft.online.box.shell.dll| 15.2.858.15| 46,472| 08-Jul-2021| 21:42| x86 \nMicrosoft.powershell.hostingtools.dll| 15.2.858.15| 67,984| 08-Jul-2021| 21:42| x86 \nMicrosoft.powershell.hostingtools_2.dll| 15.2.858.15| 67,984| 08-Jul-2021| 21:42| x86 \nMicrosoft.tailoredexperiences.core.dll| 15.2.858.15| 120,184| 08-Jul-2021| 21:48| x86 \nMigrateumcustomprompts.ps1| Not applicable| 19,134| 08-Jul-2021| 21:48| Not applicable \nModernpublicfoldertomailboxmapgenerator.ps1| Not applicable| 29,064| 08-Jul-2021| 21:48| Not applicable \nMovemailbox.ps1| Not applicable| 61,164| 08-Jul-2021| 21:48| Not applicable \nMovetransportdatabase.ps1| Not applicable| 30,586| 08-Jul-2021| 21:48| Not applicable \nMove_publicfolderbranch.ps1| Not applicable| 17,512| 08-Jul-2021| 21:48| Not applicable \nMpgearparser.dll| 15.2.858.15| 99,704| 08-Jul-2021| 21:48| x64 \nMsclassificationadapter.dll| 15.2.858.15| 248,696| 08-Jul-2021| 21:48| x64 \nMsexchangecompliance.exe| 15.2.858.15| 78,712| 08-Jul-2021| 23:13| x86 \nMsexchangedagmgmt.exe| 15.2.858.15| 25,480| 08-Jul-2021| 23:00| x86 \nMsexchangedelivery.exe| 15.2.858.15| 38,776| 08-Jul-2021| 23:00| x86 \nMsexchangefrontendtransport.exe| 15.2.858.15| 31,608| 08-Jul-2021| 22:50| x86 \nMsexchangehmhost.exe| 15.2.858.15| 27,000| 09-Jul-2021| 00:08| x86 \nMsexchangehmrecovery.exe| 15.2.858.15| 29,584| 08-Jul-2021| 22:22| x86 \nMsexchangemailboxassistants.exe| 15.2.858.15| 72,568| 08-Jul-2021| 23:00| x86 \nMsexchangemailboxreplication.exe| 15.2.858.15| 20,872| 08-Jul-2021| 23:07| x86 \nMsexchangemigrationworkflow.exe| 15.2.858.15| 69,000| 08-Jul-2021| 23:11| x86 \nMsexchangerepl.exe| 15.2.858.15| 71,048| 08-Jul-2021| 23:00| x86 \nMsexchangesubmission.exe| 15.2.858.15| 123,280| 08-Jul-2021| 23:07| x86 \nMsexchangethrottling.exe| 15.2.858.15| 39,800| 08-Jul-2021| 22:19| x86 \nMsexchangetransport.exe| 15.2.858.15| 74,112| 08-Jul-2021| 22:20| x86 \nMsexchangetransportlogsearch.exe| 15.2.858.15| 139,144| 08-Jul-2021| 22:51| x86 \nMsexchangewatchdog.exe| 15.2.858.15| 55,688| 08-Jul-2021| 21:48| x64 \nMspatchlinterop.dll| 15.2.858.15| 53,640| 08-Jul-2021| 21:48| x64 \nNativehttpproxy.dll| 15.2.858.15| 91,528| 08-Jul-2021| 21:48| x64 \nNavigatorparser.dll| 15.2.858.15| 636,792| 08-Jul-2021| 21:43| x64 \nNego2nativeinterface.dll| 15.2.858.15| 19,328| 08-Jul-2021| 21:48| x64 \nNegotiateclientcertificatemodule.dll| 15.2.858.15| 30,096| 08-Jul-2021| 21:42| x64 \nNewtestcasconnectivityuser.ps1| Not applicable| 19,744| 08-Jul-2021| 21:48| Not applicable \nNewtestcasconnectivityuserhosting.ps1| Not applicable| 24,563| 08-Jul-2021| 21:47| Not applicable \nNtspxgen.dll| 15.2.858.15| 80,760| 08-Jul-2021| 21:49| x64 \nOleconverter.exe| 15.2.858.15| 173,960| 08-Jul-2021| 21:48| x64 \nOutsideinmodule.dll| 15.2.858.15| 87,952| 08-Jul-2021| 21:48| x64 \nOwaauth.dll| 15.2.858.15| 92,024| 08-Jul-2021| 21:47| x64 \nPerf_common_extrace.dll| 15.2.858.15| 245,112| 08-Jul-2021| 21:42| x64 \nPerf_exchmem.dll| 15.2.858.15| 86,408| 08-Jul-2021| 21:42| x64 \nPipeline2.dll| 15.2.858.15| 1,454,480| 08-Jul-2021| 21:51| x64 \nPreparemoverequesthosting.ps1| Not applicable| 71,007| 08-Jul-2021| 21:48| Not applicable \nPrepare_moverequest.ps1| Not applicable| 73,249| 08-Jul-2021| 21:48| Not applicable \nProductinfo.managed.dll| 15.2.858.15| 27,008| 08-Jul-2021| 21:42| x86 \nProxybinclientsstringsdll| 15.2.858.15| 924,560| 08-Jul-2021| 21:42| x86 \nPublicfoldertomailboxmapgenerator.ps1| Not applicable| 23,258| 08-Jul-2021| 21:48| Not applicable \nQuietexe.exe| 15.2.858.15| 14,728| 08-Jul-2021| 21:42| x86 \nRedistributeactivedatabases.ps1| Not applicable| 250,532| 08-Jul-2021| 21:48| Not applicable \nReinstalldefaulttransportagents.ps1| Not applicable| 21,655| 08-Jul-2021| 23:26| Not applicable \nRemoteexchange.ps1| Not applicable| 23,573| 08-Jul-2021| 23:31| Not applicable \nRemoveuserfrompfrecursive.ps1| Not applicable| 14,696| 08-Jul-2021| 21:48| Not applicable \nReplaceuserpermissiononpfrecursive.ps1| Not applicable| 15,002| 08-Jul-2021| 21:48| Not applicable \nReplaceuserwithuseronpfrecursive.ps1| Not applicable| 14,992| 08-Jul-2021| 21:47| Not applicable \nReplaycrimsonmsg.dll| 15.2.858.15| 1,104,784| 08-Jul-2021| 21:42| x64 \nResetattachmentfilterentry.ps1| Not applicable| 15,476| 08-Jul-2021| 23:26| Not applicable \nResetcasservice.ps1| Not applicable| 21,691| 08-Jul-2021| 21:48| Not applicable \nReset_antispamupdates.ps1| Not applicable| 14,081| 08-Jul-2021| 21:42| Not applicable \nRestoreserveronprereqfailure.ps1| Not applicable| 15,125| 08-Jul-2021| 22:11| Not applicable \nResumemailboxdatabasecopy.ps1| Not applicable| 17,190| 08-Jul-2021| 21:48| Not applicable \nRightsmanagementwrapper.dll| 15.2.858.15| 86,416| 08-Jul-2021| 21:48| x64 \nRollalternateserviceaccountpassword.ps1| Not applicable| 55,810| 08-Jul-2021| 21:48| Not applicable \nRpcperf.dll| 15.2.858.15| 23,440| 08-Jul-2021| 21:42| x64 \nRpcproxyshim.dll| 15.2.858.15| 39,304| 08-Jul-2021| 21:49| x64 \nRulesauditmsg.dll| 15.2.858.15| 12,680| 08-Jul-2021| 21:48| x64 \nSafehtmlnativewrapper.dll| 15.2.858.15| 34,696| 08-Jul-2021| 21:48| x64 \nScanenginetest.exe| 15.2.858.15| 956,280| 08-Jul-2021| 21:48| x64 \nScanningprocess.exe| 15.2.858.15| 739,192| 08-Jul-2021| 21:52| x64 \nSearchdiagnosticinfo.ps1| Not applicable| 16,796| 08-Jul-2021| 21:48| Not applicable \nServicecontrol.ps1| Not applicable| 52,309| 08-Jul-2021| 22:11| Not applicable \nSetmailpublicfolderexternaladdress.ps1| Not applicable| 20,774| 08-Jul-2021| 21:48| Not applicable \nSettingsadapter.dll| 15.2.858.15| 116,088| 08-Jul-2021| 21:42| x64 \nSetup.exe| 15.2.858.15| 20,344| 08-Jul-2021| 21:51| x86 \nSetupui.exe| 15.2.858.15| 188,296| 08-Jul-2021| 23:26| x86 \nSplit_publicfoldermailbox.ps1| Not applicable| 52,169| 08-Jul-2021| 21:47| Not applicable \nStartdagservermaintenance.ps1| Not applicable| 27,847| 08-Jul-2021| 21:48| Not applicable \nStatisticsutil.dll| 15.2.858.15| 142,216| 08-Jul-2021| 21:48| x64 \nStopdagservermaintenance.ps1| Not applicable| 21,133| 08-Jul-2021| 21:48| Not applicable \nStoretsconstants.ps1| Not applicable| 15,842| 08-Jul-2021| 21:48| Not applicable \nStoretslibrary.ps1| Not applicable| 28,003| 08-Jul-2021| 21:48| Not applicable \nStore_mapi_net_bin_perf_x64_exrpcperf.dll| 15.2.858.15| 28,560| 08-Jul-2021| 21:48| x64 \nSync_mailpublicfolders.ps1| Not applicable| 43,911| 08-Jul-2021| 21:48| Not applicable \nSync_modernmailpublicfolders.ps1| Not applicable| 43,973| 08-Jul-2021| 21:48| Not applicable \nTextconversionmodule.dll| 15.2.858.15| 86,408| 08-Jul-2021| 21:48| x64 \nTroubleshoot_ci.ps1| Not applicable| 22,727| 08-Jul-2021| 21:48| Not applicable \nTroubleshoot_databaselatency.ps1| Not applicable| 33,433| 08-Jul-2021| 21:48| Not applicable \nTroubleshoot_databasespace.ps1| Not applicable| 30,049| 08-Jul-2021| 21:48| Not applicable \nUninstall_antispamagents.ps1| Not applicable| 15,453| 08-Jul-2021| 21:42| Not applicable \nUpdateapppoolmanagedframeworkversion.ps1| Not applicable| 14,042| 08-Jul-2021| 21:48| Not applicable \nUpdatecas.ps1| Not applicable| 35,782| 08-Jul-2021| 22:12| Not applicable \nUpdateconfigfiles.ps1| Not applicable| 19,722| 08-Jul-2021| 22:12| Not applicable \nUpdateserver.exe| 15.2.858.15| 3,014,536| 08-Jul-2021| 21:49| x64 \nUpdate_malwarefilteringserver.ps1| Not applicable| 18,176| 08-Jul-2021| 21:48| Not applicable \nWeb.config_053c31bdd6824e95b35d61b0a5e7b62d| Not applicable| 31,814| 09-Jul-2021| 01:10| Not applicable \nWsbexchange.exe| 15.2.858.15| 125,328| 08-Jul-2021| 21:48| x64 \nX400prox.dll| 15.2.858.15| 103,288| 08-Jul-2021| 21:43| x64 \n_search.lingoperators.a| 15.2.858.15| 34,688| 08-Jul-2021| 22:41| Not applicable \n_search.lingoperators.b| 15.2.858.15| 34,688| 08-Jul-2021| 22:41| Not applicable \n_search.mailboxoperators.a| 15.2.858.15| 290,168| 08-Jul-2021| 23:04| Not applicable \n_search.mailboxoperators.b| 15.2.858.15| 290,168| 08-Jul-2021| 23:04| Not applicable \n_search.operatorschema.a| 15.2.858.15| 485,776| 08-Jul-2021| 22:39| Not applicable \n_search.operatorschema.b| 15.2.858.15| 485,776| 08-Jul-2021| 22:39| Not applicable \n_search.tokenoperators.a| 15.2.858.15| 113,528| 08-Jul-2021| 22:39| Not applicable \n_search.tokenoperators.b| 15.2.858.15| 113,528| 08-Jul-2021| 22:39| Not applicable \n_search.transportoperators.a| 15.2.858.15| 67,976| 08-Jul-2021| 23:08| Not applicable \n_search.transportoperators.b| 15.2.858.15| 67,976| 08-Jul-2021| 23:08| Not applicable \n \n## Information about protection and security\n\nProtect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151>)Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-07-13T00:00:00", "type": "mskb", "title": "Description of the security update for Microsoft Exchange Server 2019: July 13, 2021 (KB5004780)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.9, "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31196", "CVE-2021-31206", "CVE-2021-33768"], "modified": "2021-07-13T00:00:00", "id": "KB5004780", "href": "https://support.microsoft.com/en-us/help/5004780", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-28T09:54:39", "description": "None\nSecurity Update 1 for Exchange Server 2016 Cumulative Update 21 resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures (CVE):\n\n * [CVE-2021-31196 | Microsoft Exchange Server Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-31196>)\n * [CVE-2021-31206 | Microsoft Exchange Server Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-31206>)\n * [CVE-2021-33768 | Microsoft Exchange Server Elevation of Privilege Vulnerability](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-33768>)\nSecurity Update 3 for Exchange Server 2016 Cumulative Update 20 resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures (CVE):\n * [CVE-2021-31196 | Microsoft Exchange Server Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-31196>)\n * [CVE-2021-31206 | Microsoft Exchange Server Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-31206>)\n\n## Improvements in this update\n\n * The Exchange Server version number is now added to the HTTP response reply header. You can use this information to validate the security update status of Exchange-based servers in your network.\n\n**Important: **To be able to successfully install this security update, you must first follow the steps [in this article](<https://docs.microsoft.com/en-us/exchange/troubleshoot/administration/cannot-access-owa-or-ecp-if-oauth-expired>) to make sure that the server authentication certificate is present and is not expired. If the OAuth certificate is not present or is expired, republish the certificate before you install this update.\n\n## Known issues in this update\n\n * **Issue 1 ** \n \nWhen you try to manually install this security update by double-clicking the update file (.msp) to run it in Normal mode (that is, not as an administrator), some files are not correctly updated.When this issue occurs, you don\u2019t receive an error message or any indication that the security update was not correctly installed. However, Outlook Web Access (OWA) and the Exchange Control Panel (ECP) might stop working. \n \nThis issue occurs on servers that are using User Account Control (UAC). The issue occurs because the security update doesn\u2019t correctly stop certain Exchange-related services.\n\n**Note: **This issue does not occur if you install the update through Microsoft Update.\n\nTo avoid this issue, follow these steps to manually install this security update:\n 1. Select ** Start ** , and type ** cmd ** .\n 2. In the results, right-click ** Command Prompt ** , and then select ** Run as administrator ** .\n 3. If the ** User Account Control ** dialog box appears, verify that the default action is the action that you want, and then select ** Continue ** .\n 4. Type the full path of the .msp file, and then press Enter.\n * **Issue 2 ** \n \nExchange services might remain in a disabled state after you install this security update. This condition does not indicate that the update is not installed correctly. This condition might occur if the service control scripts experience a problem when they try to return Exchange services to their usual state. \n \nTo fix this issue, use Services Manager to restore the startup type to ** Automatic ** , and then start the affected Exchange services manually. To avoid this issue, run the security update at an elevated command prompt. For more information about how to open an elevated Command Prompt window, see [Start a Command Prompt as an Administrator](<https://technet.microsoft.com/en-us/library/cc947813\$v=ws.10\$.aspx>) .\n * **Issue 3 ** \n \nWhen you block third-party cookies in a web browser, you might be continually prompted to trust a particular add-in even though you keep selecting the option to trust it. This issue occurs also in privacy window modes (such as InPrivate mode in Microsoft Edge). This issue occurs because browser restrictions prevent the response from being recorded. To record the response and enable the add-in, you must enable third-party cookies for the domain that's hosting OWA or Office Online Server in the browser settings. To enable this setting, refer to the specific support documentation for the browser.\n * **Issue 4 ** \n \nWhen you try to request free/busy information for a user in a different forest in a trusted cross-forest topology, the request fails and generates a \"(400) Bad Request\" error message. For more information and workarounds to this issue, see [\"(400) Bad Request\" error during Autodiscover for per-user free/busy in a trusted cross-forest topology](<https://support.microsoft.com/help/5003623>) .\n * **Issue 5 ** \n \nAfter you install Microsoft Exchange Server 2019, 2016, or 2013, you can't access Outlook Web App (OWA) or Exchange Control Panel (ECP). For more information, see [Can't sign in to Outlook on the web or EAC if Exchange Server OAuth certificate is expired](<https://docs.microsoft.com/en-us/exchange/troubleshoot/administration/cannot-access-owa-or-ecp-if-oauth-expired>).\n * **Issue 6** \n \nAfter you install the July 2021 security update for Microsoft Exchange Server 2019, 2016, or 2013, you can't log in to Outlook Web App (OWA) or Exchange Control Panel (ECP). For more information, see the following Exchange Team Blog article: [Released: July 2021 Exchange Server Security Updates](<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fexchange-team-blog%2Freleased-july-2021-exchange-server-security-updates%2Fba-p%2F2523421&data=04%7C01%7Cv-jesits%40microsoft.com%7C7ecb4109acd04763e8d508d96ca01c32%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637660257201444514%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=01e7CnE8mV4FRgpq8BCYWcGTBJAqQ5eo22hawCuI86g%3D&reserved=0>).\n\n## How to get and install the update\n\n### Method 1: Microsoft Update\n\nThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>) .\n\n### Method 2: Microsoft Update Catalog\n\nTo get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5004779>) website.\n\n### Method 3: Microsoft Download Center\n\nYou can get the standalone update package through the Microsoft Download Center.\n\n * ![Download icon](https://support.content.office.net/en-us/media/2ae362dc-2179-d733-e930-e231c68a2c4a.png)[Download Security Update 1 for Exchange Server 2016 Cumulative Update 21 (KB5003435)](<https://www.microsoft.com/download/details.aspx?familyid=ccf40c19-2653-4b5c-b922-d6d09bbf1c3e>)\n * ![Download icon](https://support.content.office.net/en-us/media/2ae362dc-2179-d733-e930-e231c68a2c4a.png)[Download Security Update 3 for Exchange Server 2016 Cumulative Update 20 (KB5003435)](<https://www.microsoft.com/download/details.aspx?familyid=61d75c2f-8b98-4971-b22c-ebd114772d3d>)\n\n## More information\n\n### Security update deployment information\n\nFor deployment information about this update, see [security update deployment information: July 13, 2021](<https://support.microsoft.com/topic/24aa34b8-b210-41cf-adbb-44b8a9ae84dc>) .\n\n### Security update replacement information\n\nThis security update replaces the following previously released updates:\n\n * [Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: May 11, 2021 (KB5003435)](<https://support.microsoft.com/help/5003435>)\n\n## File information\n\n### File hash information\n\nUpdate name| File name| | SHA256 hash \n---|---|---|--- \nExchange Server 2016 Cumulative Update 21| Exchange2016-KB5004779-x64-en.msp| | 02762E746E366C0C3884B6B822566D24B092DB858048BB6E853BBF0C634AB3D6 \nExchange Server 2016 Cumulative Update 20| Exchange2016-KB5004779-x64-en.msp| | A374A920744CF9A0F240546D56AC7BD3D5F1198AED5DFBECC01DA1487ED03D50 \n \n### Exchange Server file information\n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.\n\n### \n\n__\n\nMicrosoft Exchange Server 2016 Cumulative Update 21\n\nFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nActivemonitoringeventmsg.dll| 15.1.2308.14| 71,032| 07-Jul-2021| 09:10| x64 \nActivemonitoringexecutionlibrary.ps1| Not applicable| 29,518| 07-Jul-2021| 09:09| Not applicable \nAdduserstopfrecursive.ps1| Not applicable| 14,941| 07-Jul-2021| 09:15| Not applicable \nAdemodule.dll| 15.1.2308.14| 106,384| 07-Jul-2021| 09:11| x64 \nAirfilter.dll| 15.1.2308.14| 42,896| 07-Jul-2021| 09:11| x64 \nAjaxcontroltoolkit.dll| 15.1.2308.14| 92,560| 07-Jul-2021| 09:17| x86 \nAntispamcommon.ps1| Not applicable| 13,481| 07-Jul-2021| 09:13| Not applicable \nAsdat.msi| Not applicable| 5,087,232| 07-Jul-2021| 09:11| Not applicable \nAsentirs.msi| Not applicable| 77,824| 07-Jul-2021| 09:11| Not applicable \nAsentsig.msi| Not applicable| 73,728| 07-Jul-2021| 09:09| Not applicable \nBigfunnel.bondtypes.dll| 15.1.2308.14| 43,912| 07-Jul-2021| 09:15| x86 \nBigfunnel.common.dll| 15.1.2308.14| 63,864| 07-Jul-2021| 09:05| x86 \nBigfunnel.configuration.dll| 15.1.2308.14| 99,216| 07-Jul-2021| 09:31| x86 \nBigfunnel.entropy.dll| 15.1.2308.14| 44,408| 07-Jul-2021| 09:13| x86 \nBigfunnel.filter.dll| 15.1.2308.14| 54,152| 07-Jul-2021| 09:16| x86 \nBigfunnel.indexstream.dll| 15.1.2308.14| 54,160| 07-Jul-2021| 09:17| x86 \nBigfunnel.poi.dll| 15.1.2308.14| 203,640| 07-Jul-2021| 09:13| x86 \nBigfunnel.postinglist.dll| 15.1.2308.14| 122,232| 07-Jul-2021| 09:19| x86 \nBigfunnel.query.dll| 15.1.2308.14| 99,728| 07-Jul-2021| 09:09| x86 \nBigfunnel.ranking.dll| 15.1.2308.14| 79,248| 07-Jul-2021| 09:23| x86 \nBigfunnel.syntheticdatalib.dll| 15.1.2308.14| 3,634,552| 07-Jul-2021| 09:20| x86 \nBigfunnel.wordbreakers.dll| 15.1.2308.14| 46,472| 07-Jul-2021| 09:17| x86 \nCafe_airfilter_dll| 15.1.2308.14| 42,896| 07-Jul-2021| 09:11| x64 \nCafe_exppw_dll| 15.1.2308.14| 83,344| 07-Jul-2021| 09:13| x64 \nCafe_owaauth_dll| 15.1.2308.14| 92,040| 07-Jul-2021| 09:13| x64 \nCalcalculation.ps1| Not applicable| 42,129| 07-Jul-2021| 09:25| Not applicable \nCheckdatabaseredundancy.ps1| Not applicable| 94,618| 07-Jul-2021| 09:19| Not applicable \nChksgfiles.dll| 15.1.2308.14| 57,232| 07-Jul-2021| 09:18| x64 \nCitsconstants.ps1| Not applicable| 15,817| 07-Jul-2021| 09:18| Not applicable \nCitslibrary.ps1| Not applicable| 82,676| 07-Jul-2021| 09:18| Not applicable \nCitstypes.ps1| Not applicable| 14,472| 07-Jul-2021| 09:18| Not applicable \nClassificationengine_mce| 15.1.2308.14| 1,693,072| 07-Jul-2021| 09:13| Not applicable \nClusmsg.dll| 15.1.2308.14| 134,032| 07-Jul-2021| 09:09| x64 \nCoconet.dll| 15.1.2308.14| 48,016| 07-Jul-2021| 09:11| x64 \nCollectovermetrics.ps1| Not applicable| 81,656| 07-Jul-2021| 09:19| Not applicable \nCollectreplicationmetrics.ps1| Not applicable| 41,882| 07-Jul-2021| 09:19| Not applicable \nCommonconnectfunctions.ps1| Not applicable| 29,963| 07-Jul-2021| 11:24| Not applicable \nComplianceauditservice.exe| 15.1.2308.14| 39,824| 07-Jul-2021| 11:27| x86 \nConfigureadam.ps1| Not applicable| 22,776| 07-Jul-2021| 09:16| Not applicable \nConfigurecaferesponseheaders.ps1| Not applicable| 20,320| 07-Jul-2021| 09:15| Not applicable \nConfigurenetworkprotocolparameters.ps1| Not applicable| 19,782| 07-Jul-2021| 09:15| Not applicable \nConfiguresmbipsec.ps1| Not applicable| 39,840| 07-Jul-2021| 09:16| Not applicable \nConfigure_enterprisepartnerapplication.ps1| Not applicable| 22,295| 07-Jul-2021| 09:16| Not applicable \nConnectfunctions.ps1| Not applicable| 37,157| 07-Jul-2021| 11:24| Not applicable \nConnect_exchangeserver_help.xml| Not applicable| 30,432| 07-Jul-2021| 11:24| Not applicable \nConsoleinitialize.ps1| Not applicable| 24,224| 07-Jul-2021| 11:12| Not applicable \nConvertoabvdir.ps1| Not applicable| 20,065| 07-Jul-2021| 09:15| Not applicable \nConverttomessagelatency.ps1| Not applicable| 14,544| 07-Jul-2021| 09:16| Not applicable \nConvert_distributiongrouptounifiedgroup.ps1| Not applicable| 34,777| 07-Jul-2021| 09:16| Not applicable \nCreate_publicfoldermailboxesformigration.ps1| Not applicable| 27,924| 07-Jul-2021| 09:15| Not applicable \nCts.14.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 511| 07-Jul-2021| 09:05| Not applicable \nCts.14.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 511| 07-Jul-2021| 09:05| Not applicable \nCts.14.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 511| 07-Jul-2021| 09:05| Not applicable \nCts.14.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 511| 07-Jul-2021| 09:05| Not applicable \nCts.14.4.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 511| 07-Jul-2021| 09:05| Not applicable \nCts.15.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 511| 07-Jul-2021| 09:05| Not applicable \nCts.15.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 511| 07-Jul-2021| 09:05| Not applicable \nCts.15.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 511| 07-Jul-2021| 09:05| Not applicable \nCts.15.20.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 511| 07-Jul-2021| 09:05| Not applicable \nCts.8.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 511| 07-Jul-2021| 09:05| Not applicable \nCts.8.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 511| 07-Jul-2021| 09:05| Not applicable \nCts.8.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 511| 07-Jul-2021| 09:05| Not applicable \nCts_exsmime.dll| 15.1.2308.14| 380,808| 07-Jul-2021| 09:09| x64 \nCts_microsoft.exchange.data.common.dll| 15.1.2308.14| 1,686,896| 07-Jul-2021| 09:13| x86 \nCts_microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 511| 07-Jul-2021| 09:05| Not applicable \nCts_policy.14.0.microsoft.exchange.data.common.dll| 15.1.2308.14| 13,176| 07-Jul-2021| 09:13| x86 \nCts_policy.14.1.microsoft.exchange.data.common.dll| 15.1.2308.14| 13,200| 07-Jul-2021| 09:11| x86 \nCts_policy.14.2.microsoft.exchange.data.common.dll| 15.1.2308.14| 13,200| 07-Jul-2021| 09:13| x86 \nCts_policy.14.3.microsoft.exchange.data.common.dll| 15.1.2308.14| 13,192| 07-Jul-2021| 09:11| x86 \nCts_policy.14.4.microsoft.exchange.data.common.dll| 15.1.2308.14| 13,200| 07-Jul-2021| 09:11| x86 \nCts_policy.15.0.microsoft.exchange.data.common.dll| 15.1.2308.14| 13,200| 07-Jul-2021| 09:13| x86 \nCts_policy.15.1.microsoft.exchange.data.common.dll| 15.1.2308.14| 13,200| 07-Jul-2021| 09:11| x86 \nCts_policy.15.2.microsoft.exchange.data.common.dll| 15.1.2308.14| 13,176| 07-Jul-2021| 09:05| x86 \nCts_policy.15.20.microsoft.exchange.data.common.dll| 15.1.2308.14| 13,200| 07-Jul-2021| 09:13| x86 \nCts_policy.8.0.microsoft.exchange.data.common.dll| 15.1.2308.14| 12,664| 07-Jul-2021| 09:09| x86 \nCts_policy.8.1.microsoft.exchange.data.common.dll| 15.1.2308.14| 12,664| 07-Jul-2021| 09:10| x86 \nCts_policy.8.2.microsoft.exchange.data.common.dll| 15.1.2308.14| 12,688| 07-Jul-2021| 09:09| x86 \nCts_policy.8.3.microsoft.exchange.data.common.dll| 15.1.2308.14| 12,664| 07-Jul-2021| 09:11| x86 \nDagcommonlibrary.ps1| Not applicable| 60,238| 07-Jul-2021| 09:19| Not applicable \nDependentassemblygenerator.exe| 15.1.2308.14| 22,416| 07-Jul-2021| 09:13| x86 \nDiaghelper.dll| 15.1.2308.14| 66,944| 07-Jul-2021| 09:13| x86 \nDiagnosticscriptcommonlibrary.ps1| Not applicable| 16,346| 07-Jul-2021| 09:18| Not applicable \nDisableinmemorytracing.ps1| Not applicable| 13,374| 07-Jul-2021| 09:15| Not applicable \nDisable_antimalwarescanning.ps1| Not applicable| 15,201| 07-Jul-2021| 09:15| Not applicable \nDisable_outsidein.ps1| Not applicable| 13,666| 07-Jul-2021| 09:15| Not applicable \nDisklockerapi.dll| Not applicable| 22,392| 07-Jul-2021| 09:11| x64 \nDlmigrationmodule.psm1| Not applicable| 39,592| 07-Jul-2021| 09:15| Not applicable \nDsaccessperf.dll| 15.1.2308.14| 45,968| 07-Jul-2021| 09:10| x64 \nDscperf.dll| 15.1.2308.14| 32,656| 07-Jul-2021| 09:11| x64 \nDup_cts_microsoft.exchange.data.common.dll| 15.1.2308.14| 1,686,896| 07-Jul-2021| 09:13| x86 \nDup_ext_microsoft.exchange.data.transport.dll| 15.1.2308.14| 601,480| 07-Jul-2021| 09:39| x86 \nEcpperfcounters.xml| Not applicable| 31,132| 07-Jul-2021| 09:13| Not applicable \nEdgeextensibility_microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 514| 07-Jul-2021| 09:07| Not applicable \nEdgeextensibility_policy.8.0.microsoft.exchange.data.transport.dll| 15.1.2308.14| 13,200| 07-Jul-2021| 09:11| x86 \nEdgetransport.exe| 15.1.2308.14| 49,552| 07-Jul-2021| 10:40| x86 \nEext.14.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 514| 07-Jul-2021| 09:07| Not applicable \nEext.14.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 514| 07-Jul-2021| 09:07| Not applicable \nEext.14.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 514| 07-Jul-2021| 09:07| Not applicable \nEext.14.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 514| 07-Jul-2021| 09:07| Not applicable \nEext.14.4.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 514| 07-Jul-2021| 09:07| Not applicable \nEext.15.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 514| 07-Jul-2021| 09:07| Not applicable \nEext.15.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 514| 07-Jul-2021| 09:07| Not applicable \nEext.15.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 514| 07-Jul-2021| 09:07| Not applicable \nEext.15.20.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 514| 07-Jul-2021| 09:07| Not applicable \nEext.8.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 514| 07-Jul-2021| 09:07| Not applicable \nEext.8.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 514| 07-Jul-2021| 09:07| Not applicable \nEext.8.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 514| 07-Jul-2021| 09:07| Not applicable \nEext_policy.14.0.microsoft.exchange.data.transport.dll| 15.1.2308.14| 13,192| 07-Jul-2021| 09:11| x86 \nEext_policy.14.1.microsoft.exchange.data.transport.dll| 15.1.2308.14| 13,184| 07-Jul-2021| 09:09| x86 \nEext_policy.14.2.microsoft.exchange.data.transport.dll| 15.1.2308.14| 13,176| 07-Jul-2021| 09:11| x86 \nEext_policy.14.3.microsoft.exchange.data.transport.dll| 15.1.2308.14| 13,200| 07-Jul-2021| 09:09| x86 \nEext_policy.14.4.microsoft.exchange.data.transport.dll| 15.1.2308.14| 13,176| 07-Jul-2021| 09:13| x86 \nEext_policy.15.0.microsoft.exchange.data.transport.dll| 15.1.2308.14| 13,192| 07-Jul-2021| 09:09| x86 \nEext_policy.15.1.microsoft.exchange.data.transport.dll| 15.1.2308.14| 13,176| 07-Jul-2021| 09:11| x86 \nEext_policy.15.2.microsoft.exchange.data.transport.dll| 15.1.2308.14| 13,200| 07-Jul-2021| 09:09| x86 \nEext_policy.15.20.microsoft.exchange.data.transport.dll| 15.1.2308.14| 13,192| 07-Jul-2021| 09:09| x86 \nEext_policy.8.1.microsoft.exchange.data.transport.dll| 15.1.2308.14| 13,176| 07-Jul-2021| 09:09| x86 \nEext_policy.8.2.microsoft.exchange.data.transport.dll| 15.1.2308.14| 13,176| 07-Jul-2021| 09:13| x86 \nEext_policy.8.3.microsoft.exchange.data.transport.dll| 15.1.2308.14| 13,176| 07-Jul-2021| 09:10| x86 \nEnableinmemorytracing.ps1| Not applicable| 13,376| 07-Jul-2021| 09:15| Not applicable \nEnable_antimalwarescanning.ps1| Not applicable| 17,575| 07-Jul-2021| 09:16| Not applicable \nEnable_basicauthtooauthconverterhttpmodule.ps1| Not applicable| 18,600| 07-Jul-2021| 09:15| Not applicable \nEnable_crossforestconnector.ps1| Not applicable| 18,610| 07-Jul-2021| 09:15| Not applicable \nEnable_outlookcertificateauthentication.ps1| Not applicable| 22,928| 07-Jul-2021| 09:15| Not applicable \nEnable_outsidein.ps1| Not applicable| 13,659| 07-Jul-2021| 09:15| Not applicable \nEngineupdateserviceinterfaces.dll| 15.1.2308.14| 17,800| 07-Jul-2021| 09:25| x86 \nEscprint.dll| 15.1.2308.14| 20,368| 07-Jul-2021| 09:07| x64 \nEse.dll| 15.1.2308.14| 3,695,504| 07-Jul-2021| 09:15| x64 \nEseback2.dll| 15.1.2308.14| 325,000| 07-Jul-2021| 09:17| x64 \nEsebcli2.dll| 15.1.2308.14| 292,744| 07-Jul-2021| 09:13| x64 \nEseperf.dll| 15.1.2308.14| 116,088| 07-Jul-2021| 09:18| x64 \nEseutil.exe| 15.1.2308.14| 398,736| 07-Jul-2021| 09:17| x64 \nEsevss.dll| 15.1.2308.14| 44,408| 07-Jul-2021| 09:17| x64 \nEtweseproviderresources.dll| 15.1.2308.14| 82,296| 07-Jul-2021| 09:05| x64 \nEventperf.dll| 15.1.2308.14| 59,784| 07-Jul-2021| 09:07| x64 \nExchange.depthtwo.types.ps1xml| Not applicable| 40,132| 07-Jul-2021| 11:24| Not applicable \nExchange.format.ps1xml| Not applicable| 648,608| 07-Jul-2021| 11:24| Not applicable \nExchange.partial.types.ps1xml| Not applicable| 43,349| 07-Jul-2021| 11:24| Not applicable \nExchange.ps1| Not applicable| 20,783| 07-Jul-2021| 11:24| Not applicable \nExchange.support.format.ps1xml| Not applicable| 26,547| 07-Jul-2021| 11:14| Not applicable \nExchange.types.ps1xml| Not applicable| 365,145| 07-Jul-2021| 11:24| Not applicable \nExchangeudfcommon.dll| 15.1.2308.14| 121,736| 07-Jul-2021| 09:09| x86 \nExchangeudfs.dll| 15.1.2308.14| 269,712| 07-Jul-2021| 09:13| x86 \nExchmem.dll| 15.1.2308.14| 85,904| 07-Jul-2021| 09:09| x64 \nExchsetupmsg.dll| 15.1.2308.14| 19,344| 07-Jul-2021| 09:09| x64 \nExchucutil.ps1| Not applicable| 23,932| 07-Jul-2021| 09:15| Not applicable \nExdbfailureitemapi.dll| Not applicable| 27,016| 07-Jul-2021| 09:10| x64 \nExdbmsg.dll| 15.1.2308.14| 229,768| 07-Jul-2021| 09:09| x64 \nExeventperfplugin.dll| 15.1.2308.14| 25,488| 07-Jul-2021| 09:13| x64 \nExmime.dll| 15.1.2308.14| 364,944| 07-Jul-2021| 09:10| x64 \nExportedgeconfig.ps1| Not applicable| 27,403| 07-Jul-2021| 09:16| Not applicable \nExport_mailpublicfoldersformigration.ps1| Not applicable| 18,570| 07-Jul-2021| 09:15| Not applicable \nExport_modernpublicfolderstatistics.ps1| Not applicable| 28,866| 07-Jul-2021| 09:16| Not applicable \nExport_outlookclassification.ps1| Not applicable| 14,370| 07-Jul-2021| 09:11| Not applicable \nExport_publicfolderstatistics.ps1| Not applicable| 23,137| 07-Jul-2021| 09:15| Not applicable \nExport_retentiontags.ps1| Not applicable| 17,056| 07-Jul-2021| 09:15| Not applicable \nExppw.dll| 15.1.2308.14| 83,344| 07-Jul-2021| 09:13| x64 \nExprfdll.dll| 15.1.2308.14| 26,504| 07-Jul-2021| 09:13| x64 \nExrpc32.dll| 15.1.2308.14| 1,922,936| 07-Jul-2021| 09:19| x64 \nExrw.dll| 15.1.2308.14| 28,024| 07-Jul-2021| 09:09| x64 \nExsetdata.dll| 15.1.2308.14| 2,779,512| 07-Jul-2021| 09:25| x64 \nExsetup.exe| 15.1.2308.14| 35,192| 07-Jul-2021| 11:17| x86 \nExsetupui.exe| 15.1.2308.14| 193,424| 07-Jul-2021| 11:17| x86 \nExtrace.dll| 15.1.2308.14| 245,136| 07-Jul-2021| 09:07| x64 \nExt_microsoft.exchange.data.transport.dll| 15.1.2308.14| 601,480| 07-Jul-2021| 09:39| x86 \nExwatson.dll| 15.1.2308.14| 44,944| 07-Jul-2021| 09:10| x64 \nFastioext.dll| 15.1.2308.14| 60,280| 07-Jul-2021| 09:13| x64 \nFil06f84122c94c91a0458cad45c22cce20| Not applicable| 784,715| 07-Jul-2021| 12:43| Not applicable \nFil143a7a5d4894478a85eefc89a6539fc8| Not applicable| 1,909,229| 07-Jul-2021| 12:44| Not applicable \nFil19f527f284a0bb584915f9994f4885c3| Not applicable| 648,761| 07-Jul-2021| 12:43| Not applicable \nFil1a9540363a531e7fb18ffe600cffc3ce| Not applicable| 358,406| 07-Jul-2021| 12:44| Not applicable \nFil220d95210c8697448312eee6628c815c| Not applicable| 303,658| 07-Jul-2021| 12:44| Not applicable \nFil2cf5a31e239a45fabea48687373b547c| Not applicable| 652,727| 07-Jul-2021| 12:44| Not applicable \nFil397f0b1f1d7bd44d6e57e496decea2ec| Not applicable| 784,712| 07-Jul-2021| 12:43| Not applicable \nFil3ab126057b34eee68c4fd4b127ff7aee| Not applicable| 784,688| 07-Jul-2021| 12:44| Not applicable \nFil41bb2e5743e3bde4ecb1e07a76c5a7a8| Not applicable| 149,154| 07-Jul-2021| 12:44| Not applicable \nFil51669bfbda26e56e3a43791df94c1e9c| Not applicable| 9,346| 07-Jul-2021| 12:44| Not applicable \nFil558cb84302edfc96e553bcfce2b85286| Not applicable| 85,260| 07-Jul-2021| 12:43| Not applicable \nFil55ce217251b77b97a46e914579fc4c64| Not applicable| 648,755| 07-Jul-2021| 12:43| Not applicable \nFil5a9e78a51a18d05bc36b5e8b822d43a8| Not applicable| 1,597,359| 07-Jul-2021| 12:46| Not applicable \nFil5c7d10e5f1f9ada1e877c9aa087182a9| Not applicable| 1,597,359| 07-Jul-2021| 12:46| Not applicable \nFil6569a92c80a1e14949e4282ae2cc699c| Not applicable| 1,597,359| 07-Jul-2021| 12:46| Not applicable \nFil6a01daba551306a1e55f0bf6894f4d9f| Not applicable| 648,731| 07-Jul-2021| 12:43| Not applicable \nFil8863143ea7cd93a5f197c9fff13686bf| Not applicable| 648,761| 07-Jul-2021| 12:44| Not applicable \nFil8a8c76f225c7205db1000e8864c10038| Not applicable| 1,597,359| 07-Jul-2021| 12:46| Not applicable \nFil8cd999415d36ba78a3ac16a080c47458| Not applicable| 784,718| 07-Jul-2021| 12:43| Not applicable \nFil97913e630ff02079ce9889505a517ec0| Not applicable| 1,597,359| 07-Jul-2021| 12:46| Not applicable \nFilaa49badb2892075a28d58d06560f8da2| Not applicable| 785,742| 07-Jul-2021| 12:43| Not applicable \nFilae28aeed23ccb4b9b80accc2d43175b5| Not applicable| 648,758| 07-Jul-2021| 12:44| Not applicable \nFilb17f496f9d880a684b5c13f6b02d7203| Not applicable| 784,718| 07-Jul-2021| 12:44| Not applicable \nFilb94ca32f2654692263a5be009c0fe4ca| Not applicable| 2,564,949| 07-Jul-2021| 12:43| Not applicable \nFilbabdc4808eba0c4f18103f12ae955e5c| Not applicable| 342,779,309| 07-Jul-2021| 12:43| Not applicable \nFilc92cf2bf29bed21bd5555163330a3d07| Not applicable| 652,745| 07-Jul-2021| 12:44| Not applicable \nFilcc478d2a8346db20c4e2dc36f3400628| Not applicable| 784,718| 07-Jul-2021| 12:44| Not applicable \nFild26cd6b13cfe2ec2a16703819da6d043| Not applicable| 1,597,359| 07-Jul-2021| 12:46| Not applicable \nFilf2719f9dc8f7b74df78ad558ad3ee8a6| Not applicable| 785,724| 07-Jul-2021| 12:43| Not applicable \nFilfa5378dc76359a55ef20cc34f8a23fee| Not applicable| 1,427,187| 07-Jul-2021| 12:43| Not applicable \nFilteringconfigurationcommands.ps1| Not applicable| 18,243| 07-Jul-2021| 09:16| Not applicable \nFilteringpowershell.dll| 15.1.2308.14| 223,112| 07-Jul-2021| 09:27| x86 \nFilteringpowershell.format.ps1xml| Not applicable| 29,664| 07-Jul-2021| 09:27| Not applicable \nFiltermodule.dll| 15.1.2308.14| 180,088| 07-Jul-2021| 09:10| x64 \nFipexeuperfctrresource.dll| 15.1.2308.14| 15,248| 07-Jul-2021| 09:11| x64 \nFipexeventsresource.dll| 15.1.2308.14| 44,920| 07-Jul-2021| 09:09| x64 \nFipexperfctrresource.dll| 15.1.2308.14| 32,648| 07-Jul-2021| 09:13| x64 \nFirewallres.dll| 15.1.2308.14| 72,576| 07-Jul-2021| 09:07| x64 \nFms.exe| 15.1.2308.14| 1,350,024| 07-Jul-2021| 09:31| x64 \nForefrontactivedirectoryconnector.exe| 15.1.2308.14| 110,968| 07-Jul-2021| 09:09| x64 \nFpsdiag.exe| 15.1.2308.14| 18,824| 07-Jul-2021| 09:15| x86 \nFsccachedfilemanagedlocal.dll| 15.1.2308.14| 822,160| 07-Jul-2021| 09:09| x64 \nFscconfigsupport.dll| 15.1.2308.14| 56,696| 07-Jul-2021| 09:13| x86 \nFscconfigurationserver.exe| 15.1.2308.14| 430,984| 07-Jul-2021| 09:15| x64 \nFscconfigurationserverinterfaces.dll| 15.1.2308.14| 15,760| 07-Jul-2021| 09:18| x86 \nFsccrypto.dll| 15.1.2308.14| 208,784| 07-Jul-2021| 09:05| x64 \nFscipcinterfaceslocal.dll| 15.1.2308.14| 28,552| 07-Jul-2021| 09:05| x86 \nFscipclocal.dll| 15.1.2308.14| 38,288| 07-Jul-2021| 09:13| x86 \nFscsqmuploader.exe| 15.1.2308.14| 453,520| 07-Jul-2021| 09:18| x64 \nGetucpool.ps1| Not applicable| 19,787| 07-Jul-2021| 09:16| Not applicable \nGetvalidengines.ps1| Not applicable| 13,286| 07-Jul-2021| 09:18| Not applicable \nGet_antispamfilteringreport.ps1| Not applicable| 15,785| 07-Jul-2021| 09:13| Not applicable \nGet_antispamsclhistogram.ps1| Not applicable| 14,631| 07-Jul-2021| 09:13| Not applicable \nGet_antispamtopblockedsenderdomains.ps1| Not applicable| 15,703| 07-Jul-2021| 09:13| Not applicable \nGet_antispamtopblockedsenderips.ps1| Not applicable| 14,751| 07-Jul-2021| 09:13| Not applicable \nGet_antispamtopblockedsenders.ps1| Not applicable| 15,494| 07-Jul-2021| 09:13| Not applicable \nGet_antispamtoprblproviders.ps1| Not applicable| 14,681| 07-Jul-2021| 09:13| Not applicable \nGet_antispamtoprecipients.ps1| Not applicable| 14,786| 07-Jul-2021| 09:13| Not applicable \nGet_dleligibilitylist.ps1| Not applicable| 42,348| 07-Jul-2021| 09:15| Not applicable \nGet_exchangeetwtrace.ps1| Not applicable| 28,959| 07-Jul-2021| 09:16| Not applicable \nGet_publicfoldermailboxsize.ps1| Not applicable| 15,038| 07-Jul-2021| 09:15| Not applicable \nGet_storetrace.ps1| Not applicable| 50,607| 07-Jul-2021| 09:19| Not applicable \nHuffman_xpress.dll| 15.1.2308.14| 32,656| 07-Jul-2021| 09:10| x64 \nImportedgeconfig.ps1| Not applicable| 77,260| 07-Jul-2021| 09:16| Not applicable \nImport_mailpublicfoldersformigration.ps1| Not applicable| 29,492| 07-Jul-2021| 09:16| Not applicable \nImport_retentiontags.ps1| Not applicable| 28,830| 07-Jul-2021| 09:16| Not applicable \nInproxy.dll| 15.1.2308.14| 85,880| 07-Jul-2021| 09:10| x64 \nInstallwindowscomponent.ps1| Not applicable| 34,555| 07-Jul-2021| 09:25| Not applicable \nInstall_antispamagents.ps1| Not applicable| 17,905| 07-Jul-2021| 09:13| Not applicable \nInstall_odatavirtualdirectory.ps1| Not applicable| 17,959| 07-Jul-2021| 11:46| Not applicable \nInterop.activeds.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.1.2308.14| 107,408| 07-Jul-2021| 09:09| Not applicable \nInterop.adsiis.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.1.2308.14| 20,344| 07-Jul-2021| 09:09| Not applicable \nInterop.certenroll.dll| 15.1.2308.14| 142,736| 07-Jul-2021| 09:07| x86 \nInterop.licenseinfointerface.dll| 15.1.2308.14| 14,216| 07-Jul-2021| 09:19| x86 \nInterop.netfw.dll| 15.1.2308.14| 34,184| 07-Jul-2021| 09:05| x86 \nInterop.plalibrary.dll| 15.1.2308.14| 72,568| 07-Jul-2021| 09:05| x86 \nInterop.stdole2.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.1.2308.14| 27,000| 07-Jul-2021| 09:05| Not applicable \nInterop.taskscheduler.dll| 15.1.2308.14| 46,472| 07-Jul-2021| 09:07| x86 \nInterop.wuapilib.dll| 15.1.2308.14| 60,816| 07-Jul-2021| 09:07| x86 \nInterop.xenroll.dll| 15.1.2308.14| 39,800| 07-Jul-2021| 09:05| x86 \nKerbauth.dll| 15.1.2308.14| 62,840| 07-Jul-2021| 09:10| x64 \nLicenseinfointerface.dll| 15.1.2308.14| 643,448| 07-Jul-2021| 09:19| x64 \nLpversioning.xml| Not applicable| 20,446| 07-Jul-2021| 11:17| Not applicable \nMailboxdatabasereseedusingspares.ps1| Not applicable| 31,916| 07-Jul-2021| 09:19| Not applicable \nManagedavailabilitycrimsonmsg.dll| 15.1.2308.14| 138,632| 07-Jul-2021| 09:09| x64 \nManagedstorediagnosticfunctions.ps1| Not applicable| 125,853| 07-Jul-2021| 09:19| Not applicable \nManagescheduledtask.ps1| Not applicable| 36,332| 07-Jul-2021| 09:19| Not applicable \nMce.dll| 15.1.2308.14| 1,693,072| 07-Jul-2021| 09:13| x64 \nMeasure_storeusagestatistics.ps1| Not applicable| 29,499| 07-Jul-2021| 09:19| Not applicable \nMerge_publicfoldermailbox.ps1| Not applicable| 22,635| 07-Jul-2021| 09:16| Not applicable \nMicrosoft.database.isam.dll| 15.1.2308.14| 127,368| 07-Jul-2021| 09:19| x86 \nMicrosoft.dkm.proxy.dll| 15.1.2308.14| 26,000| 07-Jul-2021| 09:19| x86 \nMicrosoft.exchange.activemonitoring.activemonitoringvariantconfig.dll| 15.1.2308.14| 68,472| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.activemonitoring.eventlog.dll| 15.1.2308.14| 17,808| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.addressbook.service.dll| 15.1.2308.14| 232,848| 07-Jul-2021| 11:11| x86 \nMicrosoft.exchange.addressbook.service.eventlog.dll| 15.1.2308.14| 15,760| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.airsync.airsyncmsg.dll| 15.1.2308.14| 43,408| 07-Jul-2021| 09:13| x64 \nMicrosoft.exchange.airsync.comon.dll| 15.1.2308.14| 1,775,504| 07-Jul-2021| 10:53| x86 \nMicrosoft.exchange.airsync.dll1| 15.1.2308.14| 505,736| 07-Jul-2021| 11:42| Not applicable \nMicrosoft.exchange.airsynchandler.dll| 15.1.2308.14| 76,168| 07-Jul-2021| 11:45| x86 \nMicrosoft.exchange.anchorservice.dll| 15.1.2308.14| 135,560| 07-Jul-2021| 10:34| x86 \nMicrosoft.exchange.antispam.eventlog.dll| 15.1.2308.14| 23,416| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.antispamupdate.eventlog.dll| 15.1.2308.14| 15,736| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.antispamupdatesvc.exe| 15.1.2308.14| 27,016| 07-Jul-2021| 10:43| x86 \nMicrosoft.exchange.approval.applications.dll| 15.1.2308.14| 53,640| 07-Jul-2021| 10:41| x86 \nMicrosoft.exchange.assistants.dll| 15.1.2308.14| 924,048| 07-Jul-2021| 10:35| x86 \nMicrosoft.exchange.assistants.eventlog.dll| 15.1.2308.14| 25,976| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.assistants.interfaces.dll| 15.1.2308.14| 42,384| 07-Jul-2021| 10:24| x86 \nMicrosoft.exchange.audit.azureclient.dll| 15.1.2308.14| 15,248| 07-Jul-2021| 11:15| x86 \nMicrosoft.exchange.auditlogsearch.eventlog.dll| 15.1.2308.14| 14,712| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.auditlogsearchservicelet.dll| 15.1.2308.14| 70,536| 07-Jul-2021| 11:12| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.dll| 15.1.2308.14| 94,600| 07-Jul-2021| 11:24| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.eventlog.dll| 15.1.2308.14| 13,200| 07-Jul-2021| 09:10| x64 \nMicrosoft.exchange.authadmin.eventlog.dll| 15.1.2308.14| 15,760| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.authadminservicelet.dll| 15.1.2308.14| 36,744| 07-Jul-2021| 11:11| x86 \nMicrosoft.exchange.authservicehostservicelet.dll| 15.1.2308.14| 15,752| 07-Jul-2021| 10:24| x86 \nMicrosoft.exchange.autodiscover.configuration.dll| 15.1.2308.14| 79,736| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.autodiscover.dll| 15.1.2308.14| 396,152| 07-Jul-2021| 10:56| x86 \nMicrosoft.exchange.autodiscover.eventlogs.dll| 15.1.2308.14| 21,392| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.autodiscoverv2.dll| 15.1.2308.14| 57,232| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.bandwidthmonitorservicelet.dll| 15.1.2308.14| 14,712| 07-Jul-2021| 10:46| x86 \nMicrosoft.exchange.batchservice.dll| 15.1.2308.14| 35,728| 07-Jul-2021| 10:47| x86 \nMicrosoft.exchange.cabutility.dll| 15.1.2308.14| 276,360| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.certificatedeployment.eventlog.dll| 15.1.2308.14| 16,272| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.certificatedeploymentservicelet.dll| 15.1.2308.14| 25,992| 07-Jul-2021| 11:11| x86 \nMicrosoft.exchange.certificatenotification.eventlog.dll| 15.1.2308.14| 13,704| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.certificatenotificationservicelet.dll| 15.1.2308.14| 23,440| 07-Jul-2021| 11:12| x86 \nMicrosoft.exchange.clients.common.dll| 15.1.2308.14| 377,744| 07-Jul-2021| 10:39| x86 \nMicrosoft.exchange.clients.eventlogs.dll| 15.1.2308.14| 83,832| 07-Jul-2021| 09:07| x64 \nMicrosoft.exchange.clients.owa.dll| 15.1.2308.14| 2,970,488| 07-Jul-2021| 11:45| x86 \nMicrosoft.exchange.clients.owa2.server.dll| 15.1.2308.14| 5,028,736| 07-Jul-2021| 11:41| x86 \nMicrosoft.exchange.clients.owa2.servervariantconfiguration.dll| 15.1.2308.14| 894,328| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.clients.security.dll| 15.1.2308.14| 413,584| 07-Jul-2021| 11:20| x86 \nMicrosoft.exchange.clients.strings.dll| 15.1.2308.14| 924,560| 07-Jul-2021| 09:13| x86 \nMicrosoft.exchange.cluster.bandwidthmonitor.dll| 15.1.2308.14| 31,608| 07-Jul-2021| 10:44| x86 \nMicrosoft.exchange.cluster.common.dll| 15.1.2308.14| 52,088| 07-Jul-2021| 09:07| x86 \nMicrosoft.exchange.cluster.common.extensions.dll| 15.1.2308.14| 21,896| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.cluster.diskmonitor.dll| 15.1.2308.14| 33,672| 07-Jul-2021| 10:44| x86 \nMicrosoft.exchange.cluster.replay.dll| 15.1.2308.14| 3,521,912| 07-Jul-2021| 10:41| x86 \nMicrosoft.exchange.cluster.replicaseeder.dll| 15.1.2308.14| 108,424| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.cluster.replicavsswriter.dll| 15.1.2308.14| 288,632| 07-Jul-2021| 10:44| x64 \nMicrosoft.exchange.cluster.shared.dll| 15.1.2308.14| 624,528| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.common.agentconfig.transport.dll| 15.1.2308.14| 86,392| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.common.componentconfig.transport.dll| 15.1.2308.14| 1,827,720| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.common.directory.adagentservicevariantconfig.dll| 15.1.2308.14| 31,632| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.common.directory.directoryvariantconfig.dll| 15.1.2308.14| 466,312| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.common.directory.domtvariantconfig.dll| 15.1.2308.14| 26,000| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.common.directory.ismemberofresolverconfig.dll| 15.1.2308.14| 38,264| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.common.directory.tenantrelocationvariantconfig.dll| 15.1.2308.14| 102,776| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.common.directory.topologyservicevariantconfig.dll| 15.1.2308.14| 48,504| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.common.diskmanagement.dll| 15.1.2308.14| 67,440| 07-Jul-2021| 09:19| x86 \nMicrosoft.exchange.common.dll| 15.1.2308.14| 172,936| 07-Jul-2021| 09:21| x86 \nMicrosoft.exchange.common.encryption.variantconfig.dll| 15.1.2308.14| 113,528| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.common.il.dll| 15.1.2308.14| 13,688| 07-Jul-2021| 09:07| x86 \nMicrosoft.exchange.common.inference.dll| 15.1.2308.14| 130,448| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.common.optics.dll| 15.1.2308.14| 63,864| 07-Jul-2021| 09:19| x86 \nMicrosoft.exchange.common.processmanagermsg.dll| 15.1.2308.14| 19,856| 07-Jul-2021| 09:10| x64 \nMicrosoft.exchange.common.protocols.popimap.dll| 15.1.2308.14| 15,224| 07-Jul-2021| 09:05| x86 \nMicrosoft.exchange.common.search.dll| 15.1.2308.14| 107,912| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.common.search.eventlog.dll| 15.1.2308.14| 17,784| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.common.smtp.dll| 15.1.2308.14| 51,592| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.common.suiteservices.suiteservicesvariantconfig.dll| 15.1.2308.14| 36,728| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.common.transport.azure.dll| 15.1.2308.14| 27,512| 07-Jul-2021| 09:23| x86 \nMicrosoft.exchange.common.transport.monitoringconfig.dll| 15.1.2308.14| 1,042,320| 07-Jul-2021| 09:35| x86 \nMicrosoft.exchange.commonmsg.dll| 15.1.2308.14| 29,056| 07-Jul-2021| 09:07| x64 \nMicrosoft.exchange.compliance.auditlogpumper.messages.dll| 15.1.2308.14| 13,200| 07-Jul-2021| 09:13| x64 \nMicrosoft.exchange.compliance.auditservice.core.dll| 15.1.2308.14| 181,112| 07-Jul-2021| 11:25| x86 \nMicrosoft.exchange.compliance.auditservice.messages.dll| 15.1.2308.14| 30,072| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.compliance.common.dll| 15.1.2308.14| 22,416| 07-Jul-2021| 10:06| x86 \nMicrosoft.exchange.compliance.crimsonevents.dll| 15.1.2308.14| 85,896| 07-Jul-2021| 09:05| x64 \nMicrosoft.exchange.compliance.dll| 15.1.2308.14| 41,352| 07-Jul-2021| 09:19| x86 \nMicrosoft.exchange.compliance.recordreview.dll| 15.1.2308.14| 37,240| 07-Jul-2021| 09:21| x86 \nMicrosoft.exchange.compliance.supervision.dll| 15.1.2308.14| 50,576| 07-Jul-2021| 10:46| x86 \nMicrosoft.exchange.compliance.taskcreator.dll| 15.1.2308.14| 33,144| 07-Jul-2021| 10:39| x86 \nMicrosoft.exchange.compliance.taskdistributioncommon.dll| 15.1.2308.14| 1,100,688| 07-Jul-2021| 10:37| x86 \nMicrosoft.exchange.compliance.taskdistributionfabric.dll| 15.1.2308.14| 206,720| 07-Jul-2021| 10:38| x86 \nMicrosoft.exchange.compliance.taskplugins.dll| 15.1.2308.14| 210,832| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.compression.dll| 15.1.2308.14| 17,288| 07-Jul-2021| 09:21| x86 \nMicrosoft.exchange.configuration.certificateauth.dll| 15.1.2308.14| 37,752| 07-Jul-2021| 10:30| x86 \nMicrosoft.exchange.configuration.certificateauth.eventlog.dll| 15.1.2308.14| 14,216| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.configuration.core.dll| 15.1.2308.14| 145,808| 07-Jul-2021| 10:25| x86 \nMicrosoft.exchange.configuration.core.eventlog.dll| 15.1.2308.14| 14,216| 07-Jul-2021| 09:13| x64 \nMicrosoft.exchange.configuration.delegatedauth.dll| 15.1.2308.14| 53,112| 07-Jul-2021| 10:30| x86 \nMicrosoft.exchange.configuration.delegatedauth.eventlog.dll| 15.1.2308.14| 15,736| 07-Jul-2021| 09:13| x64 \nMicrosoft.exchange.configuration.diagnosticsmodules.dll| 15.1.2308.14| 23,440| 07-Jul-2021| 10:28| x86 \nMicrosoft.exchange.configuration.diagnosticsmodules.eventlog.dll| 15.1.2308.14| 13,192| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.configuration.failfast.dll| 15.1.2308.14| 54,672| 07-Jul-2021| 10:28| x86 \nMicrosoft.exchange.configuration.failfast.eventlog.dll| 15.1.2308.14| 13,688| 07-Jul-2021| 09:07| x64 \nMicrosoft.exchange.configuration.objectmodel.dll| 15.1.2308.14| 1,845,648| 07-Jul-2021| 10:31| x86 \nMicrosoft.exchange.configuration.objectmodel.eventlog.dll| 15.1.2308.14| 30,088| 07-Jul-2021| 09:10| x64 \nMicrosoft.exchange.configuration.redirectionmodule.dll| 15.1.2308.14| 68,488| 07-Jul-2021| 10:27| x86 \nMicrosoft.exchange.configuration.redirectionmodule.eventlog.dll| 15.1.2308.14| 15,248| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.dll| 15.1.2308.14| 21,392| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.eventlog.dll| 15.1.2308.14| 13,184| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.connectiondatacollector.dll| 15.1.2308.14| 26,000| 07-Jul-2021| 09:19| x86 \nMicrosoft.exchange.connections.common.dll| 15.1.2308.14| 169,848| 07-Jul-2021| 09:37| x86 \nMicrosoft.exchange.connections.eas.dll| 15.1.2308.14| 330,128| 07-Jul-2021| 09:39| x86 \nMicrosoft.exchange.connections.imap.dll| 15.1.2308.14| 173,968| 07-Jul-2021| 09:39| x86 \nMicrosoft.exchange.connections.pop.dll| 15.1.2308.14| 71,056| 07-Jul-2021| 09:39| x86 \nMicrosoft.exchange.contentfilter.wrapper.exe| 15.1.2308.14| 203,640| 07-Jul-2021| 09:10| x64 \nMicrosoft.exchange.context.client.dll| 15.1.2308.14| 27,024| 07-Jul-2021| 10:24| x86 \nMicrosoft.exchange.context.configuration.dll| 15.1.2308.14| 51,600| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.context.core.dll| 15.1.2308.14| 51,064| 07-Jul-2021| 09:52| x86 \nMicrosoft.exchange.context.datamodel.dll| 15.1.2308.14| 46,992| 07-Jul-2021| 09:50| x86 \nMicrosoft.exchange.core.strings.dll| 15.1.2308.14| 1,092,472| 07-Jul-2021| 09:19| x86 \nMicrosoft.exchange.core.timezone.dll| 15.1.2308.14| 57,224| 07-Jul-2021| 09:15| x86 \nMicrosoft.exchange.data.applicationlogic.deep.dll| 15.1.2308.14| 326,520| 07-Jul-2021| 09:05| x86 \nMicrosoft.exchange.data.applicationlogic.dll| 15.1.2308.14| 3,357,584| 07-Jul-2021| 10:18| x86 \nMicrosoft.exchange.data.applicationlogic.eventlog.dll| 15.1.2308.14| 35,720| 07-Jul-2021| 09:13| x64 \nMicrosoft.exchange.data.applicationlogic.monitoring.ifx.dll| 15.1.2308.14| 17,800| 07-Jul-2021| 10:20| x86 \nMicrosoft.exchange.data.connectors.dll| 15.1.2308.14| 165,264| 07-Jul-2021| 10:08| x86 \nMicrosoft.exchange.data.consumermailboxprovisioning.dll| 15.1.2308.14| 619,400| 07-Jul-2021| 10:10| x86 \nMicrosoft.exchange.data.directory.dll| 15.1.2308.14| 7,783,824| 07-Jul-2021| 09:53| x86 \nMicrosoft.exchange.data.directory.eventlog.dll| 15.1.2308.14| 80,264| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.data.dll| 15.1.2308.14| 1,786,768| 07-Jul-2021| 09:47| x86 \nMicrosoft.exchange.data.groupmailboxaccesslayer.dll| 15.1.2308.14| 1,626,512| 07-Jul-2021| 10:36| x86 \nMicrosoft.exchange.data.ha.dll| 15.1.2308.14| 364,432| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.data.imageanalysis.dll| 15.1.2308.14| 105,336| 07-Jul-2021| 09:27| x86 \nMicrosoft.exchange.data.mailboxfeatures.dll| 15.1.2308.14| 15,760| 07-Jul-2021| 10:06| x86 \nMicrosoft.exchange.data.mailboxloadbalance.dll| 15.1.2308.14| 224,656| 07-Jul-2021| 10:07| x86 \nMicrosoft.exchange.data.mapi.dll| 15.1.2308.14| 186,768| 07-Jul-2021| 10:08| x86 \nMicrosoft.exchange.data.metering.contracts.dll| 15.1.2308.14| 39,800| 07-Jul-2021| 09:19| x86 \nMicrosoft.exchange.data.metering.dll| 15.1.2308.14| 119,176| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.data.msosyncxsd.dll| 15.1.2308.14| 968,072| 07-Jul-2021| 09:23| x86 \nMicrosoft.exchange.data.notification.dll| 15.1.2308.14| 141,200| 07-Jul-2021| 10:08| x86 \nMicrosoft.exchange.data.personaldataplatform.dll| 15.1.2308.14| 769,416| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.data.providers.dll| 15.1.2308.14| 139,648| 07-Jul-2021| 10:06| x86 \nMicrosoft.exchange.data.provisioning.dll| 15.1.2308.14| 56,712| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.data.rightsmanagement.dll| 15.1.2308.14| 452,984| 07-Jul-2021| 09:57| x86 \nMicrosoft.exchange.data.scheduledtimers.dll| 15.1.2308.14| 32,656| 07-Jul-2021| 10:07| x86 \nMicrosoft.exchange.data.storage.clientstrings.dll| 15.1.2308.14| 256,376| 07-Jul-2021| 09:15| x86 \nMicrosoft.exchange.data.storage.dll| 15.1.2308.14| 11,667,344| 07-Jul-2021| 10:04| x86 \nMicrosoft.exchange.data.storage.eventlog.dll| 15.1.2308.14| 37,768| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.data.storageconfigurationresources.dll| 15.1.2308.14| 655,760| 07-Jul-2021| 09:21| x86 \nMicrosoft.exchange.data.storeobjects.dll| 15.1.2308.14| 174,480| 07-Jul-2021| 09:57| x86 \nMicrosoft.exchange.data.throttlingservice.client.dll| 15.1.2308.14| 36,216| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.data.throttlingservice.client.eventlog.dll| 15.1.2308.14| 14,224| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.data.throttlingservice.eventlog.dll| 15.1.2308.14| 14,224| 07-Jul-2021| 09:10| x64 \nMicrosoft.exchange.datacenter.management.activemonitoring.recoveryservice.eventlog.dll| 15.1.2308.14| 14,728| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.datacenterstrings.dll| 15.1.2308.14| 72,584| 07-Jul-2021| 11:14| x86 \nMicrosoft.exchange.delivery.eventlog.dll| 15.1.2308.14| 13,192| 07-Jul-2021| 09:13| x64 \nMicrosoft.exchange.diagnostics.certificatelogger.dll| 15.1.2308.14| 22,928| 07-Jul-2021| 10:02| x86 \nMicrosoft.exchange.diagnostics.dll| 15.1.2308.14| 1,843,592| 07-Jul-2021| 09:15| x86 \nMicrosoft.exchange.diagnostics.dll.deploy| 15.1.2308.14| 1,843,592| 07-Jul-2021| 09:15| Not applicable \nMicrosoft.exchange.diagnostics.performancelogger.dll| 15.1.2308.14| 23,944| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.diagnostics.service.common.dll| 15.1.2308.14| 546,680| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.diagnostics.service.eventlog.dll| 15.1.2308.14| 215,440| 07-Jul-2021| 09:10| x64 \nMicrosoft.exchange.diagnostics.service.exchangejobs.dll| 15.1.2308.14| 193,424| 07-Jul-2021| 10:25| x86 \nMicrosoft.exchange.diagnostics.service.exe| 15.1.2308.14| 146,312| 07-Jul-2021| 10:00| x86 \nMicrosoft.exchange.diagnostics.service.fuseboxperfcounters.dll| 15.1.2308.14| 27,528| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.diagnosticsaggregation.eventlog.dll| 15.1.2308.14| 13,712| 07-Jul-2021| 09:10| x64 \nMicrosoft.exchange.diagnosticsaggregationservicelet.dll| 15.1.2308.14| 49,544| 07-Jul-2021| 10:39| x86 \nMicrosoft.exchange.directory.topologyservice.eventlog.dll| 15.1.2308.14| 28,040| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.directory.topologyservice.exe| 15.1.2308.14| 208,776| 07-Jul-2021| 10:20| x86 \nMicrosoft.exchange.disklocker.events.dll| 15.1.2308.14| 88,976| 07-Jul-2021| 09:07| x64 \nMicrosoft.exchange.disklocker.interop.dll| 15.1.2308.14| 32,656| 07-Jul-2021| 09:18| x86 \nMicrosoft.exchange.drumtesting.calendarmigration.dll| 15.1.2308.14| 45,944| 07-Jul-2021| 10:50| x86 \nMicrosoft.exchange.drumtesting.common.dll| 15.1.2308.14| 18,832| 07-Jul-2021| 10:47| x86 \nMicrosoft.exchange.dxstore.dll| 15.1.2308.14| 473,464| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.dxstore.ha.events.dll| 15.1.2308.14| 206,224| 07-Jul-2021| 09:07| x64 \nMicrosoft.exchange.dxstore.ha.instance.exe| 15.1.2308.14| 36,744| 07-Jul-2021| 10:44| x86 \nMicrosoft.exchange.eac.flighting.dll| 15.1.2308.14| 131,448| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.edgecredentialsvc.exe| 15.1.2308.14| 21,880| 07-Jul-2021| 09:58| x86 \nMicrosoft.exchange.edgesync.common.dll| 15.1.2308.14| 148,360| 07-Jul-2021| 10:00| x86 \nMicrosoft.exchange.edgesync.datacenterproviders.dll| 15.1.2308.14| 220,048| 07-Jul-2021| 10:03| x86 \nMicrosoft.exchange.edgesync.eventlog.dll| 15.1.2308.14| 23,944| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.edgesyncsvc.exe| 15.1.2308.14| 97,680| 07-Jul-2021| 10:02| x86 \nMicrosoft.exchange.ediscovery.export.dll| 15.1.2308.14| 1,266,552| 07-Jul-2021| 09:19| x86 \nMicrosoft.exchange.ediscovery.export.dll.deploy| 15.1.2308.14| 1,266,552| 07-Jul-2021| 09:19| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.application| Not applicable| 16,506| 07-Jul-2021| 09:25| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.exe.deploy| 15.1.2308.14| 87,432| 07-Jul-2021| 09:21| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.manifest| Not applicable| 67,491| 07-Jul-2021| 09:23| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.strings.dll.deploy| 15.1.2308.14| 52,112| 07-Jul-2021| 09:07| Not applicable \nMicrosoft.exchange.ediscovery.mailboxsearch.dll| 15.1.2308.14| 294,264| 07-Jul-2021| 10:42| x86 \nMicrosoft.exchange.entities.birthdaycalendar.dll| 15.1.2308.14| 73,080| 07-Jul-2021| 10:48| x86 \nMicrosoft.exchange.entities.booking.defaultservicesettings.dll| 15.1.2308.14| 45,968| 07-Jul-2021| 10:07| x86 \nMicrosoft.exchange.entities.booking.dll| 15.1.2308.14| 218,488| 07-Jul-2021| 10:50| x86 \nMicrosoft.exchange.entities.booking.management.dll| 15.1.2308.14| 78,224| 07-Jul-2021| 10:16| x86 \nMicrosoft.exchange.entities.bookings.dll| 15.1.2308.14| 35,728| 07-Jul-2021| 10:16| x86 \nMicrosoft.exchange.entities.calendaring.dll| 15.1.2308.14| 932,216| 07-Jul-2021| 10:46| x86 \nMicrosoft.exchange.entities.common.dll| 15.1.2308.14| 336,248| 07-Jul-2021| 10:13| x86 \nMicrosoft.exchange.entities.connectors.dll| 15.1.2308.14| 52,624| 07-Jul-2021| 10:15| x86 \nMicrosoft.exchange.entities.contentsubmissions.dll| 15.1.2308.14| 32,136| 07-Jul-2021| 10:24| x86 \nMicrosoft.exchange.entities.context.dll| 15.1.2308.14| 60,800| 07-Jul-2021| 10:20| x86 \nMicrosoft.exchange.entities.datamodel.dll| 15.1.2308.14| 854,416| 07-Jul-2021| 10:08| x86 \nMicrosoft.exchange.entities.fileproviders.dll| 15.1.2308.14| 291,712| 07-Jul-2021| 10:50| x86 \nMicrosoft.exchange.entities.foldersharing.dll| 15.1.2308.14| 39,312| 07-Jul-2021| 10:25| x86 \nMicrosoft.exchange.entities.holidaycalendars.dll| 15.1.2308.14| 76,152| 07-Jul-2021| 10:48| x86 \nMicrosoft.exchange.entities.insights.dll| 15.1.2308.14| 166,776| 07-Jul-2021| 10:54| x86 \nMicrosoft.exchange.entities.meetinglocation.dll| 15.1.2308.14| 1,486,728| 07-Jul-2021| 10:56| x86 \nMicrosoft.exchange.entities.meetingparticipants.dll| 15.1.2308.14| 122,232| 07-Jul-2021| 10:49| x86 \nMicrosoft.exchange.entities.meetingtimecandidates.dll| 15.1.2308.14| 12,327,288| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.entities.onlinemeetings.dll| 15.1.2308.14| 264,056| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.entities.people.dll| 15.1.2308.14| 37,768| 07-Jul-2021| 10:20| x86 \nMicrosoft.exchange.entities.peopleinsights.dll| 15.1.2308.14| 186,744| 07-Jul-2021| 10:48| x86 \nMicrosoft.exchange.entities.reminders.dll| 15.1.2308.14| 64,392| 07-Jul-2021| 10:50| x86 \nMicrosoft.exchange.entities.schedules.dll| 15.1.2308.14| 83,840| 07-Jul-2021| 10:50| x86 \nMicrosoft.exchange.entities.shellservice.dll| 15.1.2308.14| 63,864| 07-Jul-2021| 10:08| x86 \nMicrosoft.exchange.entities.tasks.dll| 15.1.2308.14| 100,232| 07-Jul-2021| 10:28| x86 \nMicrosoft.exchange.entities.xrm.dll| 15.1.2308.14| 144,776| 07-Jul-2021| 10:17| x86 \nMicrosoft.exchange.entityextraction.calendar.dll| 15.1.2308.14| 270,216| 07-Jul-2021| 10:48| x86 \nMicrosoft.exchange.eserepl.common.dll| 15.1.2308.14| 15,224| 07-Jul-2021| 09:05| x86 \nMicrosoft.exchange.eserepl.configuration.dll| 15.1.2308.14| 15,760| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.eserepl.dll| 15.1.2308.14| 130,424| 07-Jul-2021| 09:50| x86 \nMicrosoft.exchange.ews.configuration.dll| 15.1.2308.14| 254,328| 07-Jul-2021| 10:06| x86 \nMicrosoft.exchange.exchangecertificate.eventlog.dll| 15.1.2308.14| 13,176| 07-Jul-2021| 09:07| x64 \nMicrosoft.exchange.exchangecertificateservicelet.dll| 15.1.2308.14| 37,264| 07-Jul-2021| 11:11| x86 \nMicrosoft.exchange.extensibility.internal.dll| 15.1.2308.14| 640,888| 07-Jul-2021| 09:44| x86 \nMicrosoft.exchange.extensibility.partner.dll| 15.1.2308.14| 37,256| 07-Jul-2021| 10:14| x86 \nMicrosoft.exchange.federateddirectory.dll| 15.1.2308.14| 146,312| 07-Jul-2021| 11:24| x86 \nMicrosoft.exchange.ffosynclogmsg.dll| 15.1.2308.14| 13,184| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.frontendhttpproxy.dll| 15.1.2308.14| 594,312| 07-Jul-2021| 11:22| x86 \nMicrosoft.exchange.frontendhttpproxy.eventlogs.dll| 15.1.2308.14| 14,736| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.frontendtransport.monitoring.dll| 15.1.2308.14| 30,072| 07-Jul-2021| 12:01| x86 \nMicrosoft.exchange.griffin.variantconfiguration.dll| 15.1.2308.14| 99,728| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.hathirdpartyreplication.dll| 15.1.2308.14| 42,360| 07-Jul-2021| 09:19| x86 \nMicrosoft.exchange.helpprovider.dll| 15.1.2308.14| 40,328| 07-Jul-2021| 10:35| x86 \nMicrosoft.exchange.httpproxy.addressfinder.dll| 15.1.2308.14| 54,136| 07-Jul-2021| 10:44| x86 \nMicrosoft.exchange.httpproxy.common.dll| 15.1.2308.14| 163,728| 07-Jul-2021| 10:23| x86 \nMicrosoft.exchange.httpproxy.diagnostics.dll| 15.1.2308.14| 58,768| 07-Jul-2021| 10:41| x86 \nMicrosoft.exchange.httpproxy.flighting.dll| 15.1.2308.14| 204,688| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.httpproxy.passivemonitor.dll| 15.1.2308.14| 17,800| 07-Jul-2021| 09:49| x86 \nMicrosoft.exchange.httpproxy.proxyassistant.dll| 15.1.2308.14| 30,600| 07-Jul-2021| 10:43| x86 \nMicrosoft.exchange.httpproxy.routerefresher.dll| 15.1.2308.14| 38,784| 07-Jul-2021| 10:46| x86 \nMicrosoft.exchange.httpproxy.routeselector.dll| 15.1.2308.14| 48,504| 07-Jul-2021| 10:44| x86 \nMicrosoft.exchange.httpproxy.routing.dll| 15.1.2308.14| 180,616| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.httpredirectmodules.dll| 15.1.2308.14| 36,744| 07-Jul-2021| 11:22| x86 \nMicrosoft.exchange.httprequestfiltering.dll| 15.1.2308.14| 28,040| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.httputilities.dll| 15.1.2308.14| 25,992| 07-Jul-2021| 10:43| x86 \nMicrosoft.exchange.hygiene.data.dll| 15.1.2308.14| 1,868,168| 07-Jul-2021| 10:40| x86 \nMicrosoft.exchange.hygiene.diagnosisutil.dll| 15.1.2308.14| 54,664| 07-Jul-2021| 09:05| x86 \nMicrosoft.exchange.hygiene.eopinstantprovisioning.dll| 15.1.2308.14| 35,696| 07-Jul-2021| 11:14| x86 \nMicrosoft.exchange.idserialization.dll| 15.1.2308.14| 35,720| 07-Jul-2021| 09:05| x86 \nMicrosoft.exchange.imap4.eventlog.dll| 15.1.2308.14| 18,312| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.imap4.eventlog.dll.fe| 15.1.2308.14| 18,312| 07-Jul-2021| 09:09| Not applicable \nMicrosoft.exchange.imap4.exe| 15.1.2308.14| 263,048| 07-Jul-2021| 10:28| x86 \nMicrosoft.exchange.imap4.exe.fe| 15.1.2308.14| 263,048| 07-Jul-2021| 10:28| Not applicable \nMicrosoft.exchange.imap4service.exe| 15.1.2308.14| 24,976| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.imap4service.exe.fe| 15.1.2308.14| 24,976| 07-Jul-2021| 10:26| Not applicable \nMicrosoft.exchange.imapconfiguration.dl1| 15.1.2308.14| 53,136| 07-Jul-2021| 09:31| Not applicable \nMicrosoft.exchange.inference.common.dll| 15.1.2308.14| 216,976| 07-Jul-2021| 10:07| x86 \nMicrosoft.exchange.inference.hashtagsrelevance.dll| 15.1.2308.14| 32,120| 07-Jul-2021| 10:56| x64 \nMicrosoft.exchange.inference.peoplerelevance.dll| 15.1.2308.14| 281,992| 07-Jul-2021| 10:54| x86 \nMicrosoft.exchange.inference.ranking.dll| 15.1.2308.14| 18,832| 07-Jul-2021| 10:06| x86 \nMicrosoft.exchange.inference.safetylibrary.dll| 15.1.2308.14| 83,848| 07-Jul-2021| 10:49| x86 \nMicrosoft.exchange.inference.service.eventlog.dll| 15.1.2308.14| 15,224| 07-Jul-2021| 09:10| x64 \nMicrosoft.exchange.infoworker.assistantsclientresources.dll| 15.1.2308.14| 94,088| 07-Jul-2021| 09:15| x86 \nMicrosoft.exchange.infoworker.common.dll| 15.1.2308.14| 1,840,528| 07-Jul-2021| 10:40| x86 \nMicrosoft.exchange.infoworker.eventlog.dll| 15.1.2308.14| 71,544| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.infoworker.meetingvalidator.dll| 15.1.2308.14| 175,480| 07-Jul-2021| 10:42| x86 \nMicrosoft.exchange.instantmessaging.dll| 15.1.2308.14| 45,944| 07-Jul-2021| 09:07| x86 \nMicrosoft.exchange.irm.formprotector.dll| 15.1.2308.14| 159,632| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.irm.msoprotector.dll| 15.1.2308.14| 51,064| 07-Jul-2021| 09:13| x64 \nMicrosoft.exchange.irm.ofcprotector.dll| 15.1.2308.14| 45,968| 07-Jul-2021| 09:10| x64 \nMicrosoft.exchange.isam.databasemanager.dll| 15.1.2308.14| 30,584| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.isam.esebcli.dll| 15.1.2308.14| 100,232| 07-Jul-2021| 09:15| x64 \nMicrosoft.exchange.jobqueue.eventlog.dll| 15.1.2308.14| 13,192| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.jobqueueservicelet.dll| 15.1.2308.14| 271,248| 07-Jul-2021| 11:25| x86 \nMicrosoft.exchange.killswitch.dll| 15.1.2308.14| 22,408| 07-Jul-2021| 09:07| x86 \nMicrosoft.exchange.killswitchconfiguration.dll| 15.1.2308.14| 33,656| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.loganalyzer.analyzers.auditing.dll| 15.1.2308.14| 18,312| 07-Jul-2021| 09:16| x86 \nMicrosoft.exchange.loganalyzer.analyzers.certificatelog.dll| 15.1.2308.14| 15,248| 07-Jul-2021| 09:13| x86 \nMicrosoft.exchange.loganalyzer.analyzers.cmdletinfralog.dll| 15.1.2308.14| 27,512| 07-Jul-2021| 09:15| x86 \nMicrosoft.exchange.loganalyzer.analyzers.easlog.dll| 15.1.2308.14| 30,600| 07-Jul-2021| 09:58| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ecplog.dll| 15.1.2308.14| 22,392| 07-Jul-2021| 09:15| x86 \nMicrosoft.exchange.loganalyzer.analyzers.eventlog.dll| 15.1.2308.14| 66,440| 07-Jul-2021| 09:58| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ewslog.dll| 15.1.2308.14| 29,584| 07-Jul-2021| 09:19| x86 \nMicrosoft.exchange.loganalyzer.analyzers.griffinperfcounter.dll| 15.1.2308.14| 19,848| 07-Jul-2021| 09:58| x86 \nMicrosoft.exchange.loganalyzer.analyzers.groupescalationlog.dll| 15.1.2308.14| 20,344| 07-Jul-2021| 09:13| x86 \nMicrosoft.exchange.loganalyzer.analyzers.httpproxylog.dll| 15.1.2308.14| 19,336| 07-Jul-2021| 09:58| x86 \nMicrosoft.exchange.loganalyzer.analyzers.hxservicelog.dll| 15.1.2308.14| 34,168| 07-Jul-2021| 10:00| x86 \nMicrosoft.exchange.loganalyzer.analyzers.iislog.dll| 15.1.2308.14| 103,816| 07-Jul-2021| 09:13| x86 \nMicrosoft.exchange.loganalyzer.analyzers.lameventlog.dll| 15.1.2308.14| 31,624| 07-Jul-2021| 09:58| x86 \nMicrosoft.exchange.loganalyzer.analyzers.migrationlog.dll| 15.1.2308.14| 15,760| 07-Jul-2021| 09:13| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oabdownloadlog.dll| 15.1.2308.14| 20,880| 07-Jul-2021| 09:58| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oauthcafelog.dll| 15.1.2308.14| 16,248| 07-Jul-2021| 09:19| x86 \nMicrosoft.exchange.loganalyzer.analyzers.outlookservicelog.dll| 15.1.2308.14| 49,032| 07-Jul-2021| 09:58| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owaclientlog.dll| 15.1.2308.14| 44,416| 07-Jul-2021| 09:58| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owalog.dll| 15.1.2308.14| 38,280| 07-Jul-2021| 09:19| x86 \nMicrosoft.exchange.loganalyzer.analyzers.perflog.dll| 15.1.2308.14| 10,375,032| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.loganalyzer.analyzers.pfassistantlog.dll| 15.1.2308.14| 29,072| 07-Jul-2021| 09:13| x86 \nMicrosoft.exchange.loganalyzer.analyzers.rca.dll| 15.1.2308.14| 21,392| 07-Jul-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.analyzers.restlog.dll| 15.1.2308.14| 24,456| 07-Jul-2021| 09:58| x86 \nMicrosoft.exchange.loganalyzer.analyzers.store.dll| 15.1.2308.14| 15,232| 07-Jul-2021| 09:58| x86 \nMicrosoft.exchange.loganalyzer.analyzers.transportsynchealthlog.dll| 15.1.2308.14| 21,896| 07-Jul-2021| 09:13| x86 \nMicrosoft.exchange.loganalyzer.core.dll| 15.1.2308.14| 89,464| 07-Jul-2021| 09:05| x86 \nMicrosoft.exchange.loganalyzer.extensions.auditing.dll| 15.1.2308.14| 20,872| 07-Jul-2021| 09:13| x86 \nMicrosoft.exchange.loganalyzer.extensions.certificatelog.dll| 15.1.2308.14| 26,488| 07-Jul-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.extensions.cmdletinfralog.dll| 15.1.2308.14| 21,368| 07-Jul-2021| 09:13| x86 \nMicrosoft.exchange.loganalyzer.extensions.common.dll| 15.1.2308.14| 28,024| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.extensions.easlog.dll| 15.1.2308.14| 28,552| 07-Jul-2021| 09:13| x86 \nMicrosoft.exchange.loganalyzer.extensions.errordetection.dll| 15.1.2308.14| 36,216| 07-Jul-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.extensions.ewslog.dll| 15.1.2308.14| 16,784| 07-Jul-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.extensions.griffinperfcounter.dll| 15.1.2308.14| 19,856| 07-Jul-2021| 09:13| x86 \nMicrosoft.exchange.loganalyzer.extensions.groupescalationlog.dll| 15.1.2308.14| 15,224| 07-Jul-2021| 09:13| x86 \nMicrosoft.exchange.loganalyzer.extensions.httpproxylog.dll| 15.1.2308.14| 17,288| 07-Jul-2021| 09:13| x86 \nMicrosoft.exchange.loganalyzer.extensions.hxservicelog.dll| 15.1.2308.14| 19,848| 07-Jul-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.extensions.iislog.dll| 15.1.2308.14| 57,208| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.extensions.migrationlog.dll| 15.1.2308.14| 17,784| 07-Jul-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.extensions.oabdownloadlog.dll| 15.1.2308.14| 18,832| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.loganalyzer.extensions.oauthcafelog.dll| 15.1.2308.14| 16,248| 07-Jul-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.extensions.outlookservicelog.dll| 15.1.2308.14| 17,808| 07-Jul-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.extensions.owaclientlog.dll| 15.1.2308.14| 15,240| 07-Jul-2021| 09:15| x86 \nMicrosoft.exchange.loganalyzer.extensions.owalog.dll| 15.1.2308.14| 15,224| 07-Jul-2021| 09:13| x86 \nMicrosoft.exchange.loganalyzer.extensions.perflog.dll| 15.1.2308.14| 52,600| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.extensions.pfassistantlog.dll| 15.1.2308.14| 18,296| 07-Jul-2021| 09:10| x86 \nMicrosoft.exchange.loganalyzer.extensions.rca.dll| 15.1.2308.14| 34,184| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.loganalyzer.extensions.restlog.dll| 15.1.2308.14| 17,296| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.loganalyzer.extensions.store.dll| 15.1.2308.14| 18,808| 07-Jul-2021| 09:10| x86 \nMicrosoft.exchange.loganalyzer.extensions.transportsynchealthlog.dll| 15.1.2308.14| 43,384| 07-Jul-2021| 09:13| x86 \nMicrosoft.exchange.loguploader.dll| 15.1.2308.14| 165,256| 07-Jul-2021| 09:36| x86 \nMicrosoft.exchange.loguploaderproxy.dll| 15.1.2308.14| 54,664| 07-Jul-2021| 09:35| x86 \nMicrosoft.exchange.mailboxassistants.assistants.dll| 15.1.2308.14| 9,063,312| 07-Jul-2021| 11:52| x86 \nMicrosoft.exchange.mailboxassistants.attachmentthumbnail.dll| 15.1.2308.14| 33,160| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.mailboxassistants.common.dll| 15.1.2308.14| 124,304| 07-Jul-2021| 10:43| x86 \nMicrosoft.exchange.mailboxassistants.crimsonevents.dll| 15.1.2308.14| 82,808| 07-Jul-2021| 09:07| x64 \nMicrosoft.exchange.mailboxassistants.eventlog.dll| 15.1.2308.14| 14,224| 07-Jul-2021| 09:13| x64 \nMicrosoft.exchange.mailboxassistants.rightsmanagement.dll| 15.1.2308.14| 30,072| 07-Jul-2021| 10:46| x86 \nMicrosoft.exchange.mailboxloadbalance.dll| 15.1.2308.14| 661,384| 07-Jul-2021| 10:56| x86 \nMicrosoft.exchange.mailboxloadbalance.serverstrings.dll| 15.1.2308.14| 63,352| 07-Jul-2021| 10:36| x86 \nMicrosoft.exchange.mailboxreplicationservice.calendarsyncprovider.dll| 15.1.2308.14| 175,496| 07-Jul-2021| 10:47| x86 \nMicrosoft.exchange.mailboxreplicationservice.common.dll| 15.1.2308.14| 2,784,144| 07-Jul-2021| 10:45| x86 \nMicrosoft.exchange.mailboxreplicationservice.complianceprovider.dll| 15.1.2308.14| 53,136| 07-Jul-2021| 10:47| x86 \nMicrosoft.exchange.mailboxreplicationservice.contactsyncprovider.dll| 15.1.2308.14| 151,952| 07-Jul-2021| 10:47| x86 \nMicrosoft.exchange.mailboxreplicationservice.dll| 15.1.2308.14| 966,536| 07-Jul-2021| 10:54| x86 \nMicrosoft.exchange.mailboxreplicationservice.easprovider.dll| 15.1.2308.14| 185,224| 07-Jul-2021| 10:47| x86 \nMicrosoft.exchange.mailboxreplicationservice.eventlog.dll| 15.1.2308.14| 31,624| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.mailboxreplicationservice.googledocprovider.dll| 15.1.2308.14| 39,816| 07-Jul-2021| 10:47| x86 \nMicrosoft.exchange.mailboxreplicationservice.imapprovider.dll| 15.1.2308.14| 105,872| 07-Jul-2021| 10:47| x86 \nMicrosoft.exchange.mailboxreplicationservice.mapiprovider.dll| 15.1.2308.14| 94,608| 07-Jul-2021| 10:47| x86 \nMicrosoft.exchange.mailboxreplicationservice.popprovider.dll| 15.1.2308.14| 43,408| 07-Jul-2021| 10:47| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyclient.dll| 15.1.2308.14| 18,808| 07-Jul-2021| 09:23| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyservice.dll| 15.1.2308.14| 172,936| 07-Jul-2021| 10:54| x86 \nMicrosoft.exchange.mailboxreplicationservice.pstprovider.dll| 15.1.2308.14| 102,792| 07-Jul-2021| 10:47| x86 \nMicrosoft.exchange.mailboxreplicationservice.remoteprovider.dll| 15.1.2308.14| 98,696| 07-Jul-2021| 10:47| x86 \nMicrosoft.exchange.mailboxreplicationservice.storageprovider.dll| 15.1.2308.14| 188,816| 07-Jul-2021| 10:50| x86 \nMicrosoft.exchange.mailboxreplicationservice.syncprovider.dll| 15.1.2308.14| 43,408| 07-Jul-2021| 10:50| x86 \nMicrosoft.exchange.mailboxreplicationservice.xml.dll| 15.1.2308.14| 447,376| 07-Jul-2021| 09:07| x86 \nMicrosoft.exchange.mailboxreplicationservice.xrmprovider.dll| 15.1.2308.14| 90,000| 07-Jul-2021| 10:52| x86 \nMicrosoft.exchange.mailboxtransport.monitoring.dll| 15.1.2308.14| 107,912| 07-Jul-2021| 12:01| x86 \nMicrosoft.exchange.mailboxtransport.storedriveragents.dll| 15.1.2308.14| 371,080| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.mailboxtransport.storedrivercommon.dll| 15.1.2308.14| 193,912| 07-Jul-2021| 10:39| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.dll| 15.1.2308.14| 551,816| 07-Jul-2021| 10:43| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.eventlog.dll| 15.1.2308.14| 16,256| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.mailboxtransport.submission.eventlog.dll| 15.1.2308.14| 15,752| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.dll| 15.1.2308.14| 321,424| 07-Jul-2021| 10:52| x86 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.eventlog.dll| 15.1.2308.14| 17,784| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.mailboxtransport.syncdelivery.dll| 15.1.2308.14| 45,456| 07-Jul-2021| 10:41| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.dll| 15.1.2308.14| 18,296| 07-Jul-2021| 10:36| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.eventlog.dll| 15.1.2308.14| 12,664| 07-Jul-2021| 09:07| x64 \nMicrosoft.exchange.managedlexruntime.mppgruntime.dll| 15.1.2308.14| 20,872| 07-Jul-2021| 09:05| x86 \nMicrosoft.exchange.management.activedirectory.dll| 15.1.2308.14| 415,120| 07-Jul-2021| 10:22| x86 \nMicrosoft.exchange.management.classificationdefinitions.dll| 15.1.2308.14| 1,269,640| 07-Jul-2021| 09:38| x86 \nMicrosoft.exchange.management.compliancepolicy.dll| 15.1.2308.14| 41,864| 07-Jul-2021| 10:35| x86 \nMicrosoft.exchange.management.controlpanel.basics.dll| 15.1.2308.14| 433,528| 07-Jul-2021| 09:15| x86 \nMicrosoft.exchange.management.controlpanel.dll| 15.1.2308.14| 4,563,336| 07-Jul-2021| 12:54| x86 \nMicrosoft.exchange.management.controlpanel.owaoptionstrings.dll| 15.1.2308.14| 261,000| 07-Jul-2021| 09:25| x86 \nMicrosoft.exchange.management.controlpanelmsg.dll| 15.1.2308.14| 33,656| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.management.deployment.analysis.dll| 15.1.2308.14| 94,088| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.management.deployment.dll| 15.1.2308.14| 591,248| 07-Jul-2021| 10:38| x86 \nMicrosoft.exchange.management.deployment.xml.dll| 15.1.2308.14| 3,560,848| 07-Jul-2021| 09:19| x86 \nMicrosoft.exchange.management.detailstemplates.dll| 15.1.2308.14| 67,984| 07-Jul-2021| 11:26| x86 \nMicrosoft.exchange.management.dll| 15.1.2308.14| 16,481,656| 07-Jul-2021| 11:09| x86 \nMicrosoft.exchange.management.edge.systemmanager.dll| 15.1.2308.14| 58,744| 07-Jul-2021| 11:15| x86 \nMicrosoft.exchange.management.infrastructure.asynchronoustask.dll| 15.1.2308.14| 23,952| 07-Jul-2021| 11:15| x86 \nMicrosoft.exchange.management.jitprovisioning.dll| 15.1.2308.14| 101,768| 07-Jul-2021| 10:36| x86 \nMicrosoft.exchange.management.migration.dll| 15.1.2308.14| 544,144| 07-Jul-2021| 11:11| x86 \nMicrosoft.exchange.management.mobility.dll| 15.1.2308.14| 305,032| 07-Jul-2021| 11:13| x86 \nMicrosoft.exchange.management.nativeresources.dll| 15.1.2308.14| 131,984| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.management.powershell.support.dll| 15.1.2308.14| 418,680| 07-Jul-2021| 11:14| x86 \nMicrosoft.exchange.management.provisioning.dll| 15.1.2308.14| 275,848| 07-Jul-2021| 11:18| x86 \nMicrosoft.exchange.management.psdirectinvoke.dll| 15.1.2308.14| 70,544| 07-Jul-2021| 11:22| x86 \nMicrosoft.exchange.management.rbacdefinition.dll| 15.1.2308.14| 7,874,424| 07-Jul-2021| 10:01| x86 \nMicrosoft.exchange.management.recipient.dll| 15.1.2308.14| 1,500,536| 07-Jul-2021| 11:14| x86 \nMicrosoft.exchange.management.reportingwebservice.dll| 15.1.2308.14| 145,296| 07-Jul-2021| 11:27| x86 \nMicrosoft.exchange.management.reportingwebservice.eventlog.dll| 15.1.2308.14| 13,688| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.management.snapin.esm.dll| 15.1.2308.14| 71,544| 07-Jul-2021| 11:14| x86 \nMicrosoft.exchange.management.systemmanager.dll| 15.1.2308.14| 1,301,384| 07-Jul-2021| 11:12| x86 \nMicrosoft.exchange.management.transport.dll| 15.1.2308.14| 1,876,880| 07-Jul-2021| 11:19| x86 \nMicrosoft.exchange.managementgui.dll| 15.1.2308.14| 5,225,848| 07-Jul-2021| 09:50| x86 \nMicrosoft.exchange.managementmsg.dll| 15.1.2308.14| 36,232| 07-Jul-2021| 09:13| x64 \nMicrosoft.exchange.mapihttpclient.dll| 15.1.2308.14| 117,624| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.mapihttphandler.dll| 15.1.2308.14| 209,784| 07-Jul-2021| 11:13| x86 \nMicrosoft.exchange.messagesecurity.dll| 15.1.2308.14| 79,760| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.messagesecurity.messagesecuritymsg.dll| 15.1.2308.14| 17,296| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.messagingpolicies.dlppolicyagent.dll| 15.1.2308.14| 156,024| 07-Jul-2021| 10:47| x86 \nMicrosoft.exchange.messagingpolicies.edgeagents.dll| 15.1.2308.14| 65,928| 07-Jul-2021| 10:47| x86 \nMicrosoft.exchange.messagingpolicies.eventlog.dll| 15.1.2308.14| 30,600| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.messagingpolicies.filtering.dll| 15.1.2308.14| 58,232| 07-Jul-2021| 10:41| x86 \nMicrosoft.exchange.messagingpolicies.hygienerules.dll| 15.1.2308.14| 29,560| 07-Jul-2021| 10:48| x86 \nMicrosoft.exchange.messagingpolicies.journalagent.dll| 15.1.2308.14| 175,496| 07-Jul-2021| 10:47| x86 \nMicrosoft.exchange.messagingpolicies.redirectionagent.dll| 15.1.2308.14| 28,536| 07-Jul-2021| 10:47| x86 \nMicrosoft.exchange.messagingpolicies.retentionpolicyagent.dll| 15.1.2308.14| 75,128| 07-Jul-2021| 10:48| x86 \nMicrosoft.exchange.messagingpolicies.rmsvcagent.dll| 15.1.2308.14| 207,248| 07-Jul-2021| 10:47| x86 \nMicrosoft.exchange.messagingpolicies.rules.dll| 15.1.2308.14| 440,696| 07-Jul-2021| 10:44| x86 \nMicrosoft.exchange.messagingpolicies.supervisoryreviewagent.dll| 15.1.2308.14| 83,320| 07-Jul-2021| 10:48| x86 \nMicrosoft.exchange.messagingpolicies.transportruleagent.dll| 15.1.2308.14| 35,208| 07-Jul-2021| 10:47| x86 \nMicrosoft.exchange.messagingpolicies.unifiedpolicycommon.dll| 15.1.2308.14| 53,112| 07-Jul-2021| 10:47| x86 \nMicrosoft.exchange.messagingpolicies.unjournalagent.dll| 15.1.2308.14| 96,632| 07-Jul-2021| 10:47| x86 \nMicrosoft.exchange.migration.dll| 15.1.2308.14| 1,110,392| 07-Jul-2021| 10:53| x86 \nMicrosoft.exchange.migrationworkflowservice.eventlog.dll| 15.1.2308.14| 14,728| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.mobiledriver.dll| 15.1.2308.14| 135,568| 07-Jul-2021| 10:39| x86 \nMicrosoft.exchange.monitoring.activemonitoring.local.components.dll| 15.1.2308.14| 5,158,288| 07-Jul-2021| 11:57| x86 \nMicrosoft.exchange.monitoring.servicecontextprovider.dll| 15.1.2308.14| 19,856| 07-Jul-2021| 09:50| x86 \nMicrosoft.exchange.mrsmlbconfiguration.dll| 15.1.2308.14| 68,488| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.net.dll| 15.1.2308.14| 5,084,048| 07-Jul-2021| 09:27| x86 \nMicrosoft.exchange.net.rightsmanagement.dll| 15.1.2308.14| 265,608| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.networksettings.dll| 15.1.2308.14| 37,776| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.notifications.broker.eventlog.dll| 15.1.2308.14| 14,224| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.notifications.broker.exe| 15.1.2308.14| 549,776| 07-Jul-2021| 11:48| x86 \nMicrosoft.exchange.oabauthmodule.dll| 15.1.2308.14| 22,928| 07-Jul-2021| 10:24| x86 \nMicrosoft.exchange.oabrequesthandler.dll| 15.1.2308.14| 106,376| 07-Jul-2021| 10:35| x86 \nMicrosoft.exchange.oauth.core.dll| 15.1.2308.14| 291,704| 07-Jul-2021| 09:07| x86 \nMicrosoft.exchange.objectstoreclient.dll| 15.1.2308.14| 17,296| 07-Jul-2021| 09:07| x86 \nMicrosoft.exchange.odata.configuration.dll| 15.1.2308.14| 277,880| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.odata.dll| 15.1.2308.14| 2,992,520| 07-Jul-2021| 11:46| x86 \nMicrosoft.exchange.officegraph.common.dll| 15.1.2308.14| 88,976| 07-Jul-2021| 10:08| x86 \nMicrosoft.exchange.officegraph.grain.dll| 15.1.2308.14| 101,776| 07-Jul-2021| 10:33| x86 \nMicrosoft.exchange.officegraph.graincow.dll| 15.1.2308.14| 38,280| 07-Jul-2021| 10:33| x86 \nMicrosoft.exchange.officegraph.graineventbasedassistants.dll| 15.1.2308.14| 45,448| 07-Jul-2021| 10:36| x86 \nMicrosoft.exchange.officegraph.grainpropagationengine.dll| 15.1.2308.14| 58,248| 07-Jul-2021| 10:30| x86 \nMicrosoft.exchange.officegraph.graintransactionstorage.dll| 15.1.2308.14| 147,320| 07-Jul-2021| 10:28| x86 \nMicrosoft.exchange.officegraph.graintransportdeliveryagent.dll| 15.1.2308.14| 26,512| 07-Jul-2021| 10:33| x86 \nMicrosoft.exchange.officegraph.graphstore.dll| 15.1.2308.14| 184,184| 07-Jul-2021| 10:14| x86 \nMicrosoft.exchange.officegraph.permailboxkeys.dll| 15.1.2308.14| 26,512| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.officegraph.secondarycopyquotamanagement.dll| 15.1.2308.14| 38,280| 07-Jul-2021| 10:35| x86 \nMicrosoft.exchange.officegraph.secondaryshallowcopylocation.dll| 15.1.2308.14| 55,696| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.officegraph.security.dll| 15.1.2308.14| 147,320| 07-Jul-2021| 10:12| x86 \nMicrosoft.exchange.officegraph.semanticgraph.dll| 15.1.2308.14| 191,888| 07-Jul-2021| 10:33| x86 \nMicrosoft.exchange.officegraph.tasklogger.dll| 15.1.2308.14| 33,656| 07-Jul-2021| 10:29| x86 \nMicrosoft.exchange.partitioncache.dll| 15.1.2308.14| 28,048| 07-Jul-2021| 09:17| x86 \nMicrosoft.exchange.passivemonitoringsettings.dll| 15.1.2308.14| 32,632| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.photogarbagecollectionservicelet.dll| 15.1.2308.14| 15,224| 07-Jul-2021| 10:35| x86 \nMicrosoft.exchange.pop3.eventlog.dll| 15.1.2308.14| 17,296| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.pop3.eventlog.dll.fe| 15.1.2308.14| 17,296| 07-Jul-2021| 09:11| Not applicable \nMicrosoft.exchange.pop3.exe| 15.1.2308.14| 106,888| 07-Jul-2021| 10:28| x86 \nMicrosoft.exchange.pop3.exe.fe| 15.1.2308.14| 106,888| 07-Jul-2021| 10:28| Not applicable \nMicrosoft.exchange.pop3service.exe| 15.1.2308.14| 24,976| 07-Jul-2021| 10:25| x86 \nMicrosoft.exchange.pop3service.exe.fe| 15.1.2308.14| 24,976| 07-Jul-2021| 10:25| Not applicable \nMicrosoft.exchange.popconfiguration.dl1| 15.1.2308.14| 42,896| 07-Jul-2021| 09:31| Not applicable \nMicrosoft.exchange.popimap.core.dll| 15.1.2308.14| 264,080| 07-Jul-2021| 10:25| x86 \nMicrosoft.exchange.popimap.core.dll.fe| 15.1.2308.14| 264,080| 07-Jul-2021| 10:25| Not applicable \nMicrosoft.exchange.powersharp.dll| 15.1.2308.14| 358,264| 07-Jul-2021| 09:07| x86 \nMicrosoft.exchange.powersharp.management.dll| 15.1.2308.14| 4,168,568| 07-Jul-2021| 11:22| x86 \nMicrosoft.exchange.powershell.configuration.dll| 15.1.2308.14| 326,024| 07-Jul-2021| 11:24| x64 \nMicrosoft.exchange.powershell.rbachostingtools.dll| 15.1.2308.14| 41,352| 07-Jul-2021| 11:24| x86 \nMicrosoft.exchange.protectedservicehost.exe| 15.1.2308.14| 30,584| 07-Jul-2021| 10:20| x86 \nMicrosoft.exchange.protocols.fasttransfer.dll| 15.1.2308.14| 135,048| 07-Jul-2021| 10:43| x86 \nMicrosoft.exchange.protocols.mapi.dll| 15.1.2308.14| 436,616| 07-Jul-2021| 10:40| x86 \nMicrosoft.exchange.provisioning.eventlog.dll| 15.1.2308.14| 14,224| 07-Jul-2021| 09:10| x64 \nMicrosoft.exchange.provisioningagent.dll| 15.1.2308.14| 224,136| 07-Jul-2021| 11:13| x86 \nMicrosoft.exchange.provisioningservicelet.dll| 15.1.2308.14| 105,872| 07-Jul-2021| 11:11| x86 \nMicrosoft.exchange.pst.dll| 15.1.2308.14| 168,848| 07-Jul-2021| 09:07| x86 \nMicrosoft.exchange.pst.dll.deploy| 15.1.2308.14| 168,848| 07-Jul-2021| 09:07| Not applicable \nMicrosoft.exchange.pswsclient.dll| 15.1.2308.14| 259,472| 07-Jul-2021| 09:17| x86 \nMicrosoft.exchange.publicfolders.dll| 15.1.2308.14| 72,056| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.pushnotifications.crimsonevents.dll| 15.1.2308.14| 215,928| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.pushnotifications.dll| 15.1.2308.14| 106,896| 07-Jul-2021| 10:28| x86 \nMicrosoft.exchange.pushnotifications.publishers.dll| 15.1.2308.14| 425,872| 07-Jul-2021| 10:31| x86 \nMicrosoft.exchange.pushnotifications.server.dll| 15.1.2308.14| 70,520| 07-Jul-2021| 10:34| x86 \nMicrosoft.exchange.query.analysis.dll| 15.1.2308.14| 46,480| 07-Jul-2021| 10:54| x86 \nMicrosoft.exchange.query.configuration.dll| 15.1.2308.14| 206,712| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.query.core.dll| 15.1.2308.14| 163,216| 07-Jul-2021| 10:39| x86 \nMicrosoft.exchange.query.ranking.dll| 15.1.2308.14| 342,408| 07-Jul-2021| 10:54| x86 \nMicrosoft.exchange.query.retrieval.dll| 15.1.2308.14| 149,384| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.query.suggestions.dll| 15.1.2308.14| 95,096| 07-Jul-2021| 10:52| x86 \nMicrosoft.exchange.realtimeanalyticspublisherservicelet.dll| 15.1.2308.14| 127,368| 07-Jul-2021| 10:43| x86 \nMicrosoft.exchange.relevance.core.dll| 15.1.2308.14| 63,376| 07-Jul-2021| 09:05| x86 \nMicrosoft.exchange.relevance.data.dll| 15.1.2308.14| 36,752| 07-Jul-2021| 10:06| x64 \nMicrosoft.exchange.relevance.mailtagger.dll| 15.1.2308.14| 17,784| 07-Jul-2021| 09:21| x64 \nMicrosoft.exchange.relevance.people.dll| 15.1.2308.14| 9,666,960| 07-Jul-2021| 10:50| x86 \nMicrosoft.exchange.relevance.peopleindex.dll| 15.1.2308.14| 20,788,112| 07-Jul-2021| 09:31| x64 \nMicrosoft.exchange.relevance.peopleranker.dll| 15.1.2308.14| 36,744| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.relevance.perm.dll| 15.1.2308.14| 97,656| 07-Jul-2021| 09:07| x64 \nMicrosoft.exchange.relevance.sassuggest.dll| 15.1.2308.14| 28,536| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.relevance.upm.dll| 15.1.2308.14| 72,056| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.routing.client.dll| 15.1.2308.14| 15,736| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.routing.eventlog.dll| 15.1.2308.14| 13,200| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.routing.server.exe| 15.1.2308.14| 59,256| 07-Jul-2021| 10:28| x86 \nMicrosoft.exchange.rpc.dll| 15.1.2308.14| 1,639,288| 07-Jul-2021| 09:31| x64 \nMicrosoft.exchange.rpcclientaccess.dll| 15.1.2308.14| 209,808| 07-Jul-2021| 10:24| x86 \nMicrosoft.exchange.rpcclientaccess.exmonhandler.dll| 15.1.2308.14| 60,304| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.rpcclientaccess.handler.dll| 15.1.2308.14| 517,504| 07-Jul-2021| 10:27| x86 \nMicrosoft.exchange.rpcclientaccess.monitoring.dll| 15.1.2308.14| 161,168| 07-Jul-2021| 09:50| x86 \nMicrosoft.exchange.rpcclientaccess.parser.dll| 15.1.2308.14| 721,800| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.rpcclientaccess.server.dll| 15.1.2308.14| 243,088| 07-Jul-2021| 10:29| x86 \nMicrosoft.exchange.rpcclientaccess.service.eventlog.dll| 15.1.2308.14| 20,872| 07-Jul-2021| 09:13| x64 \nMicrosoft.exchange.rpcclientaccess.service.exe| 15.1.2308.14| 35,216| 07-Jul-2021| 11:13| x86 \nMicrosoft.exchange.rpchttpmodules.dll| 15.1.2308.14| 42,376| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.dll| 15.1.2308.14| 56,208| 07-Jul-2021| 11:11| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.eventlog.dll| 15.1.2308.14| 27,536| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.rules.common.dll| 15.1.2308.14| 130,448| 07-Jul-2021| 09:41| x86 \nMicrosoft.exchange.saclwatcher.eventlog.dll| 15.1.2308.14| 14,736| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.saclwatcherservicelet.dll| 15.1.2308.14| 20,344| 07-Jul-2021| 10:35| x86 \nMicrosoft.exchange.safehtml.dll| 15.1.2308.14| 21,384| 07-Jul-2021| 09:05| x86 \nMicrosoft.exchange.sandbox.activities.dll| 15.1.2308.14| 267,640| 07-Jul-2021| 09:13| x86 \nMicrosoft.exchange.sandbox.contacts.dll| 15.1.2308.14| 110,992| 07-Jul-2021| 09:19| x86 \nMicrosoft.exchange.sandbox.core.dll| 15.1.2308.14| 112,528| 07-Jul-2021| 09:05| x86 \nMicrosoft.exchange.sandbox.services.dll| 15.1.2308.14| 622,456| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.search.bigfunnel.dll| 15.1.2308.14| 162,168| 07-Jul-2021| 10:54| x86 \nMicrosoft.exchange.search.bigfunnel.eventlog.dll| 15.1.2308.14| 12,176| 07-Jul-2021| 09:13| x64 \nMicrosoft.exchange.search.blingwrapper.dll| 15.1.2308.14| 19,328| 07-Jul-2021| 09:19| x86 \nMicrosoft.exchange.search.core.dll| 15.1.2308.14| 209,808| 07-Jul-2021| 10:24| x86 \nMicrosoft.exchange.search.ediscoveryquery.dll| 15.1.2308.14| 17,800| 07-Jul-2021| 10:56| x86 \nMicrosoft.exchange.search.engine.dll| 15.1.2308.14| 96,656| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.search.fast.configuration.dll| 15.1.2308.14| 16,776| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.search.fast.dll| 15.1.2308.14| 435,080| 07-Jul-2021| 10:29| x86 \nMicrosoft.exchange.search.files.dll| 15.1.2308.14| 274,832| 07-Jul-2021| 10:39| x86 \nMicrosoft.exchange.search.flighting.dll| 15.1.2308.14| 24,952| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.search.mdb.dll| 15.1.2308.14| 219,000| 07-Jul-2021| 10:27| x86 \nMicrosoft.exchange.search.service.exe| 15.1.2308.14| 26,512| 07-Jul-2021| 10:35| x86 \nMicrosoft.exchange.security.applicationencryption.dll| 15.1.2308.14| 162,184| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.security.dll| 15.1.2308.14| 1,555,848| 07-Jul-2021| 10:21| x86 \nMicrosoft.exchange.security.msarpsservice.exe| 15.1.2308.14| 19,848| 07-Jul-2021| 10:23| x86 \nMicrosoft.exchange.security.securitymsg.dll| 15.1.2308.14| 28,536| 07-Jul-2021| 09:10| x64 \nMicrosoft.exchange.server.storage.admininterface.dll| 15.1.2308.14| 222,608| 07-Jul-2021| 10:52| x86 \nMicrosoft.exchange.server.storage.common.dll| 15.1.2308.14| 1,110,928| 07-Jul-2021| 09:50| x86 \nMicrosoft.exchange.server.storage.diagnostics.dll| 15.1.2308.14| 212,368| 07-Jul-2021| 10:50| x86 \nMicrosoft.exchange.server.storage.directoryservices.dll| 15.1.2308.14| 113,528| 07-Jul-2021| 10:43| x86 \nMicrosoft.exchange.server.storage.esebackinterop.dll| 15.1.2308.14| 82,808| 07-Jul-2021| 09:52| x64 \nMicrosoft.exchange.server.storage.eventlog.dll| 15.1.2308.14| 80,776| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.server.storage.fulltextindex.dll| 15.1.2308.14| 66,440| 07-Jul-2021| 10:29| x86 \nMicrosoft.exchange.server.storage.ha.dll| 15.1.2308.14| 81,288| 07-Jul-2021| 10:45| x86 \nMicrosoft.exchange.server.storage.lazyindexing.dll| 15.1.2308.14| 207,752| 07-Jul-2021| 10:35| x86 \nMicrosoft.exchange.server.storage.logicaldatamodel.dll| 15.1.2308.14| 1,163,152| 07-Jul-2021| 10:38| x86 \nMicrosoft.exchange.server.storage.mapidisp.dll| 15.1.2308.14| 504,208| 07-Jul-2021| 10:47| x86 \nMicrosoft.exchange.server.storage.multimailboxsearch.dll| 15.1.2308.14| 47,504| 07-Jul-2021| 10:34| x86 \nMicrosoft.exchange.server.storage.physicalaccess.dll| 15.1.2308.14| 848,248| 07-Jul-2021| 10:28| x86 \nMicrosoft.exchange.server.storage.propertydefinitions.dll| 15.1.2308.14| 1,219,960| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.server.storage.propertytag.dll| 15.1.2308.14| 30,584| 07-Jul-2021| 09:52| x86 \nMicrosoft.exchange.server.storage.rpcproxy.dll| 15.1.2308.14| 120,704| 07-Jul-2021| 10:54| x86 \nMicrosoft.exchange.server.storage.storecommonservices.dll| 15.1.2308.14| 1,009,528| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.server.storage.storeintegritycheck.dll| 15.1.2308.14| 110,992| 07-Jul-2021| 10:43| x86 \nMicrosoft.exchange.server.storage.workermanager.dll| 15.1.2308.14| 34,704| 07-Jul-2021| 09:52| x86 \nMicrosoft.exchange.server.storage.xpress.dll| 15.1.2308.14| 19,344| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.servicehost.eventlog.dll| 15.1.2308.14| 14,712| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.servicehost.exe| 15.1.2308.14| 60,800| 07-Jul-2021| 10:34| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.dll| 15.1.2308.14| 50,568| 07-Jul-2021| 10:23| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.eventlog.dll| 15.1.2308.14| 14,216| 07-Jul-2021| 09:13| x64 \nMicrosoft.exchange.servicelets.unifiedpolicysyncservicelet.eventlog.dll| 15.1.2308.14| 14,216| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.services.common.dll| 15.1.2308.14| 74,104| 07-Jul-2021| 10:43| x86 \nMicrosoft.exchange.services.dll| 15.1.2308.14| 8,477,048| 07-Jul-2021| 11:30| x86 \nMicrosoft.exchange.services.eventlogs.dll| 15.1.2308.14| 30,072| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.services.ewshandler.dll| 15.1.2308.14| 633,736| 07-Jul-2021| 11:43| x86 \nMicrosoft.exchange.services.ewsserialization.dll| 15.1.2308.14| 1,651,080| 07-Jul-2021| 11:33| x86 \nMicrosoft.exchange.services.json.dll| 15.1.2308.14| 296,336| 07-Jul-2021| 11:37| x86 \nMicrosoft.exchange.services.messaging.dll| 15.1.2308.14| 43,384| 07-Jul-2021| 11:31| x86 \nMicrosoft.exchange.services.onlinemeetings.dll| 15.1.2308.14| 233,352| 07-Jul-2021| 10:24| x86 \nMicrosoft.exchange.services.surface.dll| 15.1.2308.14| 178,576| 07-Jul-2021| 11:39| x86 \nMicrosoft.exchange.services.wcf.dll| 15.1.2308.14| 348,536| 07-Jul-2021| 11:35| x86 \nMicrosoft.exchange.setup.acquirelanguagepack.dll| 15.1.2308.14| 56,712| 07-Jul-2021| 09:25| x86 \nMicrosoft.exchange.setup.bootstrapper.common.dll| 15.1.2308.14| 94,600| 07-Jul-2021| 09:27| x86 \nMicrosoft.exchange.setup.common.dll| 15.1.2308.14| 297,352| 07-Jul-2021| 11:27| x86 \nMicrosoft.exchange.setup.commonbase.dll| 15.1.2308.14| 35,704| 07-Jul-2021| 11:13| x86 \nMicrosoft.exchange.setup.console.dll| 15.1.2308.14| 27,016| 07-Jul-2021| 11:30| x86 \nMicrosoft.exchange.setup.gui.dll| 15.1.2308.14| 115,080| 07-Jul-2021| 11:30| x86 \nMicrosoft.exchange.setup.parser.dll| 15.1.2308.14| 54,152| 07-Jul-2021| 11:12| x86 \nMicrosoft.exchange.setup.signverfwrapper.dll| 15.1.2308.14| 75,152| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.sharedcache.caches.dll| 15.1.2308.14| 142,728| 07-Jul-2021| 10:20| x86 \nMicrosoft.exchange.sharedcache.client.dll| 15.1.2308.14| 24,952| 07-Jul-2021| 09:33| x86 \nMicrosoft.exchange.sharedcache.eventlog.dll| 15.1.2308.14| 15,224| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.sharedcache.exe| 15.1.2308.14| 58,768| 07-Jul-2021| 10:23| x86 \nMicrosoft.exchange.sharepointsignalstore.dll| 15.1.2308.14| 27,000| 07-Jul-2021| 09:17| x86 \nMicrosoft.exchange.slabmanifest.dll| 15.1.2308.14| 46,968| 07-Jul-2021| 09:07| x86 \nMicrosoft.exchange.sqm.dll| 15.1.2308.14| 46,968| 07-Jul-2021| 09:23| x86 \nMicrosoft.exchange.store.service.exe| 15.1.2308.14| 28,040| 07-Jul-2021| 10:56| x86 \nMicrosoft.exchange.store.worker.exe| 15.1.2308.14| 26,496| 07-Jul-2021| 10:54| x86 \nMicrosoft.exchange.storeobjectsservice.eventlog.dll| 15.1.2308.14| 13,688| 07-Jul-2021| 09:07| x64 \nMicrosoft.exchange.storeobjectsservice.exe| 15.1.2308.14| 31,632| 07-Jul-2021| 10:26| x86 \nMicrosoft.exchange.storeprovider.dll| 15.1.2308.14| 1,166,736| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.structuredquery.dll| 15.1.2308.14| 158,608| 07-Jul-2021| 09:07| x64 \nMicrosoft.exchange.symphonyhandler.dll| 15.1.2308.14| 628,088| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.syncmigration.eventlog.dll| 15.1.2308.14| 13,200| 07-Jul-2021| 09:10| x64 \nMicrosoft.exchange.syncmigrationservicelet.dll| 15.1.2308.14| 16,248| 07-Jul-2021| 11:13| x86 \nMicrosoft.exchange.systemprobemsg.dll| 15.1.2308.14| 13,192| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.textprocessing.dll| 15.1.2308.14| 221,560| 07-Jul-2021| 09:38| x86 \nMicrosoft.exchange.textprocessing.eventlog.dll| 15.1.2308.14| 13,680| 07-Jul-2021| 09:05| x64 \nMicrosoft.exchange.transport.agent.addressbookpolicyroutingagent.dll| 15.1.2308.14| 29,056| 07-Jul-2021| 10:44| x86 \nMicrosoft.exchange.transport.agent.antispam.common.dll| 15.1.2308.14| 138,632| 07-Jul-2021| 10:41| x86 \nMicrosoft.exchange.transport.agent.contentfilter.cominterop.dll| 15.1.2308.14| 21,880| 07-Jul-2021| 09:40| x86 \nMicrosoft.exchange.transport.agent.controlflow.dll| 15.1.2308.14| 40,328| 07-Jul-2021| 10:44| x86 \nMicrosoft.exchange.transport.agent.faultinjectionagent.dll| 15.1.2308.14| 22,928| 07-Jul-2021| 10:46| x86 \nMicrosoft.exchange.transport.agent.frontendproxyagent.dll| 15.1.2308.14| 21,392| 07-Jul-2021| 10:39| x86 \nMicrosoft.exchange.transport.agent.hygiene.dll| 15.1.2308.14| 212,872| 07-Jul-2021| 10:46| x86 \nMicrosoft.exchange.transport.agent.interceptoragent.dll| 15.1.2308.14| 98,704| 07-Jul-2021| 10:45| x86 \nMicrosoft.exchange.transport.agent.liveidauth.dll| 15.1.2308.14| 22,904| 07-Jul-2021| 10:39| x86 \nMicrosoft.exchange.transport.agent.malware.dll| 15.1.2308.14| 169,336| 07-Jul-2021| 10:56| x86 \nMicrosoft.exchange.transport.agent.malware.eventlog.dll| 15.1.2308.14| 18,312| 07-Jul-2021| 09:13| x64 \nMicrosoft.exchange.transport.agent.phishingdetection.dll| 15.1.2308.14| 20,856| 07-Jul-2021| 10:16| x86 \nMicrosoft.exchange.transport.agent.prioritization.dll| 15.1.2308.14| 31,616| 07-Jul-2021| 10:44| x86 \nMicrosoft.exchange.transport.agent.protocolanalysis.dbaccess.dll| 15.1.2308.14| 46,984| 07-Jul-2021| 10:43| x86 \nMicrosoft.exchange.transport.agent.search.dll| 15.1.2308.14| 30,088| 07-Jul-2021| 10:39| x86 \nMicrosoft.exchange.transport.agent.senderid.core.dll| 15.1.2308.14| 53,112| 07-Jul-2021| 10:14| x86 \nMicrosoft.exchange.transport.agent.sharedmailboxsentitemsroutingagent.dll| 15.1.2308.14| 44,920| 07-Jul-2021| 10:39| x86 \nMicrosoft.exchange.transport.agent.systemprobedrop.dll| 15.1.2308.14| 18,320| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.transport.agent.transportfeatureoverrideagent.dll| 15.1.2308.14| 46,456| 07-Jul-2021| 10:48| x86 \nMicrosoft.exchange.transport.agent.trustedmailagents.dll| 15.1.2308.14| 46,472| 07-Jul-2021| 10:43| x86 \nMicrosoft.exchange.transport.cloudmonitor.common.dll| 15.1.2308.14| 28,048| 07-Jul-2021| 09:19| x86 \nMicrosoft.exchange.transport.common.dll| 15.1.2308.14| 457,104| 07-Jul-2021| 10:08| x86 \nMicrosoft.exchange.transport.contracts.dll| 15.1.2308.14| 18,312| 07-Jul-2021| 10:28| x86 \nMicrosoft.exchange.transport.decisionengine.dll| 15.1.2308.14| 30,608| 07-Jul-2021| 09:34| x86 \nMicrosoft.exchange.transport.dll| 15.1.2308.14| 4,181,896| 07-Jul-2021| 10:37| x86 \nMicrosoft.exchange.transport.dsapiclient.dll| 15.1.2308.14| 182,136| 07-Jul-2021| 10:10| x86 \nMicrosoft.exchange.transport.eventlog.dll| 15.1.2308.14| 121,744| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.transport.extensibility.dll| 15.1.2308.14| 403,320| 07-Jul-2021| 10:12| x86 \nMicrosoft.exchange.transport.extensibilityeventlog.dll| 15.1.2308.14| 14,736| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.transport.flighting.dll| 15.1.2308.14| 86,928| 07-Jul-2021| 09:34| x86 \nMicrosoft.exchange.transport.logging.dll| 15.1.2308.14| 88,968| 07-Jul-2021| 10:11| x86 \nMicrosoft.exchange.transport.logging.search.dll| 15.1.2308.14| 68,496| 07-Jul-2021| 09:56| x86 \nMicrosoft.exchange.transport.loggingcommon.dll| 15.1.2308.14| 63,376| 07-Jul-2021| 09:55| x86 \nMicrosoft.exchange.transport.monitoring.dll| 15.1.2308.14| 430,456| 07-Jul-2021| 12:00| x86 \nMicrosoft.exchange.transport.net.dll| 15.1.2308.14| 122,256| 07-Jul-2021| 10:25| x86 \nMicrosoft.exchange.transport.protocols.contracts.dll| 15.1.2308.14| 17,800| 07-Jul-2021| 10:28| x86 \nMicrosoft.exchange.transport.protocols.dll| 15.1.2308.14| 29,056| 07-Jul-2021| 10:32| x86 \nMicrosoft.exchange.transport.protocols.httpsubmission.dll| 15.1.2308.14| 60,800| 07-Jul-2021| 10:31| x86 \nMicrosoft.exchange.transport.requestbroker.dll| 15.1.2308.14| 50,040| 07-Jul-2021| 09:19| x86 \nMicrosoft.exchange.transport.scheduler.contracts.dll| 15.1.2308.14| 33,160| 07-Jul-2021| 10:28| x86 \nMicrosoft.exchange.transport.scheduler.dll| 15.1.2308.14| 113,032| 07-Jul-2021| 10:31| x86 \nMicrosoft.exchange.transport.smtpshared.dll| 15.1.2308.14| 18,296| 07-Jul-2021| 09:19| x86 \nMicrosoft.exchange.transport.storage.contracts.dll| 15.1.2308.14| 52,112| 07-Jul-2021| 10:27| x86 \nMicrosoft.exchange.transport.storage.dll| 15.1.2308.14| 675,208| 07-Jul-2021| 10:29| x86 \nMicrosoft.exchange.transport.storage.management.dll| 15.1.2308.14| 21,904| 07-Jul-2021| 10:39| x86 \nMicrosoft.exchange.transport.sync.agents.dll| 15.1.2308.14| 17,800| 07-Jul-2021| 10:50| x86 \nMicrosoft.exchange.transport.sync.common.dll| 15.1.2308.14| 487,304| 07-Jul-2021| 10:48| x86 \nMicrosoft.exchange.transport.sync.common.eventlog.dll| 15.1.2308.14| 12,680| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.transport.sync.manager.dll| 15.1.2308.14| 306,040| 07-Jul-2021| 10:52| x86 \nMicrosoft.exchange.transport.sync.manager.eventlog.dll| 15.1.2308.14| 15,736| 07-Jul-2021| 09:13| x64 \nMicrosoft.exchange.transport.sync.migrationrpc.dll| 15.1.2308.14| 46,472| 07-Jul-2021| 10:50| x86 \nMicrosoft.exchange.transport.sync.worker.dll| 15.1.2308.14| 1,044,360| 07-Jul-2021| 10:54| x86 \nMicrosoft.exchange.transport.sync.worker.eventlog.dll| 15.1.2308.14| 15,248| 07-Jul-2021| 09:13| x64 \nMicrosoft.exchange.transportlogsearch.eventlog.dll| 15.1.2308.14| 18,824| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.transportsyncmanagersvc.exe| 15.1.2308.14| 18,808| 07-Jul-2021| 10:52| x86 \nMicrosoft.exchange.um.callrouter.exe| 15.1.2308.14| 22,392| 07-Jul-2021| 10:52| x86 \nMicrosoft.exchange.um.clientstrings.dll| 15.1.2308.14| 60,296| 07-Jul-2021| 09:15| x86 \nMicrosoft.exchange.um.grammars.dll| 15.1.2308.14| 211,856| 07-Jul-2021| 09:07| x86 \nMicrosoft.exchange.um.lad.dll| 15.1.2308.14| 120,720| 07-Jul-2021| 09:07| x64 \nMicrosoft.exchange.um.prompts.dll| 15.1.2308.14| 214,920| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.um.troubleshootingtool.shared.dll| 15.1.2308.14| 118,664| 07-Jul-2021| 09:21| x86 \nMicrosoft.exchange.um.ucmaplatform.dll| 15.1.2308.14| 239,480| 07-Jul-2021| 10:49| x86 \nMicrosoft.exchange.um.umcommon.dll| 15.1.2308.14| 925,064| 07-Jul-2021| 10:44| x86 \nMicrosoft.exchange.um.umcore.dll| 15.1.2308.14| 1,471,880| 07-Jul-2021| 10:47| x86 \nMicrosoft.exchange.um.umvariantconfiguration.dll| 15.1.2308.14| 32,632| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.unifiedcontent.dll| 15.1.2308.14| 41,848| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.unifiedcontent.exchange.dll| 15.1.2308.14| 24,976| 07-Jul-2021| 10:06| x86 \nMicrosoft.exchange.unifiedmessaging.eventlog.dll| 15.1.2308.14| 130,440| 07-Jul-2021| 09:11| x64 \nMicrosoft.exchange.unifiedpolicyfilesync.eventlog.dll| 15.1.2308.14| 15,248| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.unifiedpolicyfilesyncservicelet.dll| 15.1.2308.14| 83,344| 07-Jul-2021| 11:11| x86 \nMicrosoft.exchange.unifiedpolicysyncservicelet.dll| 15.1.2308.14| 50,064| 07-Jul-2021| 11:11| x86 \nMicrosoft.exchange.variantconfiguration.antispam.dll| 15.1.2308.14| 658,808| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.variantconfiguration.core.dll| 15.1.2308.14| 186,232| 07-Jul-2021| 09:07| x86 \nMicrosoft.exchange.variantconfiguration.dll| 15.1.2308.14| 67,472| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.variantconfiguration.eventlog.dll| 15.1.2308.14| 12,688| 07-Jul-2021| 09:10| x64 \nMicrosoft.exchange.variantconfiguration.excore.dll| 15.1.2308.14| 56,696| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.variantconfiguration.globalsettings.dll| 15.1.2308.14| 28,024| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.variantconfiguration.hygiene.dll| 15.1.2308.14| 120,720| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.variantconfiguration.protectionservice.dll| 15.1.2308.14| 31,632| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.variantconfiguration.threatintel.dll| 15.1.2308.14| 57,208| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.webservices.auth.dll| 15.1.2308.14| 35,728| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.webservices.dll| 15.1.2308.14| 1,054,072| 07-Jul-2021| 09:05| x86 \nMicrosoft.exchange.webservices.xrm.dll| 15.1.2308.14| 67,960| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.wlmservicelet.dll| 15.1.2308.14| 23,440| 07-Jul-2021| 10:36| x86 \nMicrosoft.exchange.wopiclient.dll| 15.1.2308.14| 77,192| 07-Jul-2021| 09:23| x86 \nMicrosoft.exchange.workingset.signalapi.dll| 15.1.2308.14| 17,288| 07-Jul-2021| 09:11| x86 \nMicrosoft.exchange.workingsetabstraction.signalapiabstraction.dll| 15.1.2308.14| 29,072| 07-Jul-2021| 09:09| x86 \nMicrosoft.exchange.workloadmanagement.dll| 15.1.2308.14| 505,232| 07-Jul-2021| 10:21| x86 \nMicrosoft.exchange.workloadmanagement.eventlogs.dll| 15.1.2308.14| 14,728| 07-Jul-2021| 09:09| x64 \nMicrosoft.exchange.workloadmanagement.throttling.configuration.dll| 15.1.2308.14| 36,752| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.workloadmanagement.throttling.dll| 15.1.2308.14| 66,448| 07-Jul-2021| 10:25| x86 \nMicrosoft.fast.contextlogger.json.dll| 15.1.2308.14| 19,344| 07-Jul-2021| 09:07| x86 \nMicrosoft.filtering.dll| 15.1.2308.14| 113,032| 07-Jul-2021| 09:36| x86 \nMicrosoft.filtering.exchange.dll| 15.1.2308.14| 57,208| 07-Jul-2021| 10:39| x86 \nMicrosoft.filtering.interop.dll| 15.1.2308.14| 15,248| 07-Jul-2021| 09:34| x86 \nMicrosoft.forefront.activedirectoryconnector.dll| 15.1.2308.14| 46,992| 07-Jul-2021| 09:56| x86 \nMicrosoft.forefront.activedirectoryconnector.eventlog.dll| 15.1.2308.14| 15,760| 07-Jul-2021| 09:13| x64 \nMicrosoft.forefront.filtering.common.dll| 15.1.2308.14| 23,952| 07-Jul-2021| 09:07| x86 \nMicrosoft.forefront.filtering.diagnostics.dll| 15.1.2308.14| 22,392| 07-Jul-2021| 09:05| x86 \nMicrosoft.forefront.filtering.eventpublisher.dll| 15.1.2308.14| 34,680| 07-Jul-2021| 09:13| x86 \nMicrosoft.forefront.management.powershell.format.ps1xml| Not applicable| 48,941| 07-Jul-2021| 11:25| Not applicable \nMicrosoft.forefront.management.powershell.types.ps1xml| Not applicable| 16,290| 07-Jul-2021| 11:25| Not applicable \nMicrosoft.forefront.monitoring.activemonitoring.local.components.dll| 15.1.2308.14| 1,518,992| 07-Jul-2021| 12:00| x86 \nMicrosoft.forefront.monitoring.activemonitoring.local.components.messages.dll| 15.1.2308.14| 13,200| 07-Jul-2021| 09:10| x64 \nMicrosoft.forefront.monitoring.management.outsidein.dll| 15.1.2308.14| 33,160| 07-Jul-2021| 11:45| x86 \nMicrosoft.forefront.recoveryactionarbiter.contract.dll| 15.1.2308.14| 18,320| 07-Jul-2021| 09:07| x86 \nMicrosoft.forefront.reporting.common.dll| 15.1.2308.14| 46,456| 07-Jul-2021| 10:41| x86 \nMicrosoft.forefront.reporting.ondemandquery.dll| 15.1.2308.14| 50,568| 07-Jul-2021| 10:44| x86 \nMicrosoft.isam.esent.collections.dll| 15.1.2308.14| 72,592| 07-Jul-2021| 09:23| x86 \nMicrosoft.isam.esent.interop.dll| 15.1.2308.14| 533,904| 07-Jul-2021| 09:17| x86 \nMicrosoft.managementgui.dll| 15.1.2308.14| 133,520| 07-Jul-2021| 09:07| x86 \nMicrosoft.mce.interop.dll| 15.1.2308.14| 24,440| 07-Jul-2021| 09:07| x86 \nMicrosoft.office.audit.dll| 15.1.2308.14| 123,784| 07-Jul-2021| 09:11| x86 \nMicrosoft.office.client.discovery.unifiedexport.dll| 15.1.2308.14| 593,272| 07-Jul-2021| 09:37| x86 \nMicrosoft.office.common.ipcommonlogger.dll| 15.1.2308.14| 42,360| 07-Jul-2021| 09:29| x86 \nMicrosoft.office.compliance.console.core.dll| 15.1.2308.14| 218,000| 07-Jul-2021| 12:55| x86 \nMicrosoft.office.compliance.console.dll| 15.1.2308.14| 854,904| 07-Jul-2021| 13:28| x86 \nMicrosoft.office.compliance.console.extensions.dll| 15.1.2308.14| 485,752| 07-Jul-2021| 13:00| x86 \nMicrosoft.office.compliance.core.dll| 15.1.2308.14| 413,064| 07-Jul-2021| 09:33| x86 \nMicrosoft.office.compliance.ingestion.dll| 15.1.2308.14| 36,216| 07-Jul-2021| 09:29| x86 \nMicrosoft.office.compliancepolicy.exchange.dar.dll| 15.1.2308.14| 85,392| 07-Jul-2021| 10:38| x86 \nMicrosoft.office.compliancepolicy.platform.dll| 15.1.2308.14| 1,782,160| 07-Jul-2021| 09:19| x86 \nMicrosoft.office.datacenter.activemonitoring.management.common.dll| 15.1.2308.14| 49,552| 07-Jul-2021| 10:36| x86 \nMicrosoft.office.datacenter.activemonitoring.management.dll| 15.1.2308.14| 27,528| 07-Jul-2021| 10:40| x86 \nMicrosoft.office.datacenter.activemonitoringlocal.dll| 15.1.2308.14| 174,984| 07-Jul-2021| 09:33| x86 \nMicrosoft.office.datacenter.monitoring.activemonitoring.recovery.dll| 15.1.2308.14| 166,288| 07-Jul-2021| 10:07| x86 \nMicrosoft.office365.datainsights.uploader.dll| 15.1.2308.14| 40,336| 07-Jul-2021| 09:05| x86 \nMicrosoft.online.box.shell.dll| 15.1.2308.14| 46,456| 07-Jul-2021| 09:07| x86 \nMicrosoft.powershell.hostingtools.dll| 15.1.2308.14| 67,976| 07-Jul-2021| 09:07| x86 \nMicrosoft.powershell.hostingtools_2.dll| 15.1.2308.14| 67,976| 07-Jul-2021| 09:07| x86 \nMicrosoft.tailoredexperiences.core.dll| 15.1.2308.14| 120,200| 07-Jul-2021| 09:31| x86 \nMigrateumcustomprompts.ps1| Not applicable| 19,122| 07-Jul-2021| 09:16| Not applicable \nModernpublicfoldertomailboxmapgenerator.ps1| Not applicable| 29,064| 07-Jul-2021| 09:15| Not applicable \nMovemailbox.ps1| Not applicable| 61,140| 07-Jul-2021| 09:15| Not applicable \nMovetransportdatabase.ps1| Not applicable| 30,602| 07-Jul-2021| 09:15| Not applicable \nMove_publicfolderbranch.ps1| Not applicable| 17,532| 07-Jul-2021| 09:15| Not applicable \nMpgearparser.dll| 15.1.2308.14| 99,728| 07-Jul-2021| 09:09| x64 \nMsclassificationadapter.dll| 15.1.2308.14| 248,704| 07-Jul-2021| 09:11| x64 \nMsexchangecompliance.exe| 15.1.2308.14| 78,728| 07-Jul-2021| 11:02| x86 \nMsexchangedagmgmt.exe| 15.1.2308.14| 25,464| 07-Jul-2021| 10:47| x86 \nMsexchangedelivery.exe| 15.1.2308.14| 38,800| 07-Jul-2021| 10:47| x86 \nMsexchangefrontendtransport.exe| 15.1.2308.14| 31,632| 07-Jul-2021| 10:39| x86 \nMsexchangehmhost.exe| 15.1.2308.14| 27,008| 07-Jul-2021| 12:01| x86 \nMsexchangehmrecovery.exe| 15.1.2308.14| 29,584| 07-Jul-2021| 10:07| x86 \nMsexchangemailboxassistants.exe| 15.1.2308.14| 72,568| 07-Jul-2021| 10:46| x86 \nMsexchangemailboxreplication.exe| 15.1.2308.14| 20,864| 07-Jul-2021| 10:56| x86 \nMsexchangemigrationworkflow.exe| 15.1.2308.14| 68,984| 07-Jul-2021| 11:02| x86 \nMsexchangerepl.exe| 15.1.2308.14| 71,048| 07-Jul-2021| 10:46| x86 \nMsexchangesubmission.exe| 15.1.2308.14| 123,264| 07-Jul-2021| 10:54| x86 \nMsexchangethrottling.exe| 15.1.2308.14| 39,824| 07-Jul-2021| 09:56| x86 \nMsexchangetransport.exe| 15.1.2308.14| 74,104| 07-Jul-2021| 09:56| x86 \nMsexchangetransportlogsearch.exe| 15.1.2308.14| 139,144| 07-Jul-2021| 10:40| x86 \nMsexchangewatchdog.exe| 15.1.2308.14| 55,696| 07-Jul-2021| 09:11| x64 \nMspatchlinterop.dll| 15.1.2308.14| 53,640| 07-Jul-2021| 09:19| x64 \nNativehttpproxy.dll| 15.1.2308.14| 91,512| 07-Jul-2021| 09:13| x64 \nNavigatorparser.dll| 15.1.2308.14| 636,808| 07-Jul-2021| 09:09| x64 \nNego2nativeinterface.dll| 15.1.2308.14| 19,320| 07-Jul-2021| 09:09| x64 \nNegotiateclientcertificatemodule.dll| 15.1.2308.14| 30,088| 07-Jul-2021| 09:09| x64 \nNewtestcasconnectivityuser.ps1| Not applicable| 22,264| 07-Jul-2021| 09:15| Not applicable \nNewtestcasconnectivityuserhosting.ps1| Not applicable| 24,579| 07-Jul-2021| 09:15| Not applicable \nNtspxgen.dll| 15.1.2308.14| 80,760| 07-Jul-2021| 09:11| x64 \nOleconverter.exe| 15.1.2308.14| 173,944| 07-Jul-2021| 09:13| x64 \nOutsideinmodule.dll| 15.1.2308.14| 87,952| 07-Jul-2021| 09:13| x64 \nOwaauth.dll| 15.1.2308.14| 92,040| 07-Jul-2021| 09:13| x64 \nOwasmime.msi| Not applicable| 720,896| 07-Jul-2021| 09:13| Not applicable \nPerf_common_extrace.dll| 15.1.2308.14| 245,136| 07-Jul-2021| 09:07| x64 \nPerf_exchmem.dll| 15.1.2308.14| 85,904| 07-Jul-2021| 09:09| x64 \nPipeline2.dll| 15.1.2308.14| 1,454,472| 07-Jul-2021| 09:25| x64 \nPowershell.rbachostingtools.dll_1bf4f3e363ef418781685d1a60da11c1| 15.1.2308.14| 41,352| 07-Jul-2021| 11:24| Not applicable \nPreparemoverequesthosting.ps1| Not applicable| 70,995| 07-Jul-2021| 09:15| Not applicable \nPrepare_moverequest.ps1| Not applicable| 73,229| 07-Jul-2021| 09:15| Not applicable \nProductinfo.managed.dll| 15.1.2308.14| 27,016| 07-Jul-2021| 09:09| x86 \nProxybinclientsstringsdll| 15.1.2308.14| 924,560| 07-Jul-2021| 09:13| x86 \nPublicfoldertomailboxmapgenerator.ps1| Not applicable| 23,238| 07-Jul-2021| 09:16| Not applicable \nQuietexe.exe| 15.1.2308.14| 14,736| 07-Jul-2021| 09:09| x86 \nRedistributeactivedatabases.ps1| Not applicable| 250,564| 07-Jul-2021| 09:19| Not applicable \nReinstalldefaulttransportagents.ps1| Not applicable| 21,655| 07-Jul-2021| 11:19| Not applicable \nRemoteexchange.ps1| Not applicable| 23,553| 07-Jul-2021| 11:24| Not applicable \nRemoveuserfrompfrecursive.ps1| Not applicable| 14,684| 07-Jul-2021| 09:16| Not applicable \nReplaceuserpermissiononpfrecursive.ps1| Not applicable| 15,002| 07-Jul-2021| 09:16| Not applicable \nReplaceuserwithuseronpfrecursive.ps1| Not applicable| 15,012| 07-Jul-2021| 09:15| Not applicable \nReplaycrimsonmsg.dll| 15.1.2308.14| 1,099,144| 07-Jul-2021| 09:07| x64 \nResetattachmentfilterentry.ps1| Not applicable| 15,496| 07-Jul-2021| 11:19| Not applicable \nResetcasservice.ps1| Not applicable| 21,707| 07-Jul-2021| 09:15| Not applicable \nReset_antispamupdates.ps1| Not applicable| 14,081| 07-Jul-2021| 09:13| Not applicable \nRestoreserveronprereqfailure.ps1| Not applicable| 15,161| 07-Jul-2021| 09:25| Not applicable \nResumemailboxdatabasecopy.ps1| Not applicable| 17,210| 07-Jul-2021| 09:19| Not applicable \nRightsmanagementwrapper.dll| 15.1.2308.14| 86,400| 07-Jul-2021| 09:18| x64 \nRollalternateserviceaccountpassword.ps1| Not applicable| 55,790| 07-Jul-2021| 09:16| Not applicable \nRpcperf.dll| 15.1.2308.14| 23,416| 07-Jul-2021| 09:09| x64 \nRpcproxyshim.dll| 15.1.2308.14| 39,304| 07-Jul-2021| 09:18| x64 \nRulesauditmsg.dll| 15.1.2308.14| 12,688| 07-Jul-2021| 09:09| x64 \nRwsperfcounters.xml| Not applicable| 22,996| 07-Jul-2021| 11:27| Not applicable \nSafehtmlnativewrapper.dll| 15.1.2308.14| 34,704| 07-Jul-2021| 09:10| x64 \nScanenginetest.exe| 15.1.2308.14| 956,280| 07-Jul-2021| 09:17| x64 \nScanningprocess.exe| 15.1.2308.14| 739,192| 07-Jul-2021| 09:29| x64 \nSearchdiagnosticinfo.ps1| Not applicable| 16,812| 07-Jul-2021| 09:16| Not applicable \nServicecontrol.ps1| Not applicable| 52,349| 07-Jul-2021| 09:25| Not applicable \nSetmailpublicfolderexternaladdress.ps1| Not applicable| 20,754| 07-Jul-2021| 09:15| Not applicable \nSettingsadapter.dll| 15.1.2308.14| 116,112| 07-Jul-2021| 09:13| x64 \nSetup.exe| 15.1.2308.14| 20,856| 07-Jul-2021| 09:29| x86 \nSetupui.exe| 15.1.2308.14| 49,040| 07-Jul-2021| 11:16| x86 \nSplit_publicfoldermailbox.ps1| Not applicable| 52,189| 07-Jul-2021| 09:15| Not applicable \nStartdagservermaintenance.ps1| Not applicable| 27,847| 07-Jul-2021| 09:19| Not applicable \nStatisticsutil.dll| 15.1.2308.14| 142,224| 07-Jul-2021| 09:19| x64 \nStopdagservermaintenance.ps1| Not applicable| 21,113| 07-Jul-2021| 09:19| Not applicable \nStoretsconstants.ps1| Not applicable| 15,830| 07-Jul-2021| 09:17| Not applicable \nStoretslibrary.ps1| Not applicable| 28,003| 07-Jul-2021| 09:18| Not applicable \nStore_mapi_net_bin_perf_x64_exrpcperf.dll| 15.1.2308.14| 28,536| 07-Jul-2021| 09:09| x64 \nSync_mailpublicfolders.ps1| Not applicable| 43,927| 07-Jul-2021| 09:15| Not applicable \nSync_modernmailpublicfolders.ps1| Not applicable| 43,973| 07-Jul-2021| 09:15| Not applicable \nTextconversionmodule.dll| 15.1.2308.14| 86,416| 07-Jul-2021| 09:10| x64 \nTroubleshoot_ci.ps1| Not applicable| 22,727| 07-Jul-2021| 09:17| Not applicable \nTroubleshoot_databaselatency.ps1| Not applicable| 33,433| 07-Jul-2021| 09:17| Not applicable \nTroubleshoot_databasespace.ps1| Not applicable| 30,029| 07-Jul-2021| 09:18| Not applicable \nUmservice.exe| 15.1.2308.14| 100,216| 07-Jul-2021| 10:50| x86 \nUmworkerprocess.exe| 15.1.2308.14| 38,264| 07-Jul-2021| 10:49| x86 \nUninstall_antispamagents.ps1| Not applicable| 15,453| 07-Jul-2021| 09:13| Not applicable \nUpdateapppoolmanagedframeworkversion.ps1| Not applicable| 14,030| 07-Jul-2021| 09:15| Not applicable \nUpdatecas.ps1| Not applicable| 35,363| 07-Jul-2021| 09:25| Not applicable \nUpdateconfigfiles.ps1| Not applicable| 19,762| 07-Jul-2021| 09:25| Not applicable \nUpdateserver.exe| 15.1.2308.14| 3,014,544| 07-Jul-2021| 09:23| x64 \nUpdate_malwarefilteringserver.ps1| Not applicable| 18,156| 07-Jul-2021| 09:16| Not applicable \nWeb.config_053c31bdd6824e95b35d61b0a5e7b62d| Not applicable| 32,048| 07-Jul-2021| 12:54| Not applicable \nWsbexchange.exe| 15.1.2308.14| 125,328| 07-Jul-2021| 09:21| x64 \nX400prox.dll| 15.1.2308.14| 103,312| 07-Jul-2021| 09:11| x64 \n_search.lingoperators.a| 15.1.2308.14| 34,680| 07-Jul-2021| 10:28| Not applicable \n_search.lingoperators.b| 15.1.2308.14| 34,680| 07-Jul-2021| 10:28| Not applicable \n_search.mailboxoperators.a| 15.1.2308.14| 289,144| 07-Jul-2021| 10:52| Not applicable \n_search.mailboxoperators.b| 15.1.2308.14| 289,144| 07-Jul-2021| 10:52| Not applicable \n_search.operatorschema.a| 15.1.2308.14| 483,192| 07-Jul-2021| 10:11| Not applicable \n_search.operatorschema.b| 15.1.2308.14| 483,192| 07-Jul-2021| 10:11| Not applicable \n_search.tokenoperators.a| 15.1.2308.14| 106,888| 07-Jul-2021| 10:26| Not applicable \n_search.tokenoperators.b| 15.1.2308.14| 106,888| 07-Jul-2021| 10:26| Not applicable \n_search.transportoperators.a| 15.1.2308.14| 64,904| 07-Jul-2021| 10:56| Not applicable \n_search.transportoperators.b| 15.1.2308.14| 64,904| 07-Jul-2021| 10:56| Not applicable \n \n### \n\n__\n\nMicrosoft Exchange Server 2016 Cumulative Update 20\n\nFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nActivemonitoringeventmsg.dll| 15.1.2242.12| 71,048| 07-Jul-2021| 09:29| x64 \nActivemonitoringexecutionlibrary.ps1| Not applicable| 29,518| 07-Jul-2021| 09:29| Not applicable \nAdduserstopfrecursive.ps1| Not applicable| 14,941| 07-Jul-2021| 09:29| Not applicable \nAdemodule.dll| 15.1.2242.12| 106,352| 07-Jul-2021| 09:20| x64 \nAirfilter.dll| 15.1.2242.12| 42,888| 07-Jul-2021| 09:29| x64 \nAjaxcontroltoolkit.dll| 15.1.2242.12| 92,552| 07-Jul-2021| 09:29| x86 \nAntispamcommon.ps1| Not applicable| 13,521| 07-Jul-2021| 09:29| Not applicable \nAsdat.msi| Not applicable| 5,087,232| 07-Jul-2021| 09:29| Not applicable \nAsentirs.msi| Not applicable| 77,824| 07-Jul-2021| 09:29| Not applicable \nAsentsig.msi| Not applicable| 73,728| 07-Jul-2021| 09:29| Not applicable \nBigfunnel.bondtypes.dll| 15.1.2242.12| 43,896| 07-Jul-2021| 09:29| x86 \nBigfunnel.common.dll| 15.1.2242.12| 63,880| 07-Jul-2021| 09:16| x86 \nBigfunnel.configuration.dll| 15.1.2242.12| 99,192| 07-Jul-2021| 10:57| x86 \nBigfunnel.entropy.dll| 15.1.2242.12| 44,416| 07-Jul-2021| 09:29| x86 \nBigfunnel.filter.dll| 15.1.2242.12| 54,152| 07-Jul-2021| 09:29| x86 \nBigfunnel.indexstream.dll| 15.1.2242.12| 54,152| 07-Jul-2021| 09:29| x86 \nBigfunnel.poi.dll| 15.1.2242.12| 203,656| 07-Jul-2021| 09:29| x86 \nBigfunnel.postinglist.dll| 15.1.2242.12| 122,232| 07-Jul-2021| 09:31| x86 \nBigfunnel.query.dll| 15.1.2242.12| 99,704| 07-Jul-2021| 09:18| x86 \nBigfunnel.ranking.dll| 15.1.2242.12| 79,240| 07-Jul-2021| 09:31| x86 \nBigfunnel.syntheticdatalib.dll| 15.1.2242.12| 3,634,552| 07-Jul-2021| 09:31| x86 \nBigfunnel.wordbreakers.dll| 15.1.2242.12| 46,456| 07-Jul-2021| 09:29| x86 \nCafe_airfilter_dll| 15.1.2242.12| 42,888| 07-Jul-2021| 09:29| x64 \nCafe_exppw_dll| 15.1.2242.12| 83,336| 07-Jul-2021| 09:29| x64 \nCafe_owaauth_dll| 15.1.2242.12| 92,040| 07-Jul-2021| 09:29| x64 \nCalcalculation.ps1| Not applicable| 42,129| 07-Jul-2021| 10:57| Not applicable \nCheckdatabaseredundancy.ps1| Not applicable| 94,618| 07-Jul-2021| 09:29| Not applicable \nChksgfiles.dll| 15.1.2242.12| 57,224| 07-Jul-2021| 09:29| x64 \nCitsconstants.ps1| Not applicable| 15,817| 07-Jul-2021| 09:29| Not applicable \nCitslibrary.ps1| Not applicable| 82,676| 07-Jul-2021| 09:29| Not applicable \nCitstypes.ps1| Not applicable| 14,456| 07-Jul-2021| 09:29| Not applicable \nClassificationengine_mce| 15.1.2242.12| 1,693,072| 07-Jul-2021| 09:29| Not applicable \nClusmsg.dll| 15.1.2242.12| 134,024| 07-Jul-2021| 09:20| x64 \nCoconet.dll| 15.1.2242.12| 48,008| 07-Jul-2021| 09:20| x64 \nCollectovermetrics.ps1| Not applicable| 81,656| 07-Jul-2021| 09:29| Not applicable \nCollectreplicationmetrics.ps1| Not applicable| 41,902| 07-Jul-2021| 09:29| Not applicable \nCommonconnectfunctions.ps1| Not applicable| 29,943| 07-Jul-2021| 11:35| Not applicable \nComplianceauditservice.exe| 15.1.2242.12| 39,808| 07-Jul-2021| 11:40| x86 \nConfigureadam.ps1| Not applicable| 22,796| 07-Jul-2021| 09:29| Not applicable \nConfigurecaferesponseheaders.ps1| Not applicable| 20,340| 07-Jul-2021| 09:29| Not applicable \nConfigurenetworkprotocolparameters.ps1| Not applicable| 19,782| 07-Jul-2021| 09:29| Not applicable \nConfiguresmbipsec.ps1| Not applicable| 39,840| 07-Jul-2021| 09:29| Not applicable \nConfigure_enterprisepartnerapplication.ps1| Not applicable| 22,295| 07-Jul-2021| 09:29| Not applicable \nConnectfunctions.ps1| Not applicable| 37,137| 07-Jul-2021| 11:35| Not applicable \nConnect_exchangeserver_help.xml| Not applicable| 30,412| 07-Jul-2021| 11:35| Not applicable \nConsoleinitialize.ps1| Not applicable| 24,244| 07-Jul-2021| 11:25| Not applicable \nConvertoabvdir.ps1| Not applicable| 20,065| 07-Jul-2021| 09:29| Not applicable \nConverttomessagelatency.ps1| Not applicable| 14,544| 07-Jul-2021| 09:29| Not applicable \nConvert_distributiongrouptounifiedgroup.ps1| Not applicable| 34,797| 07-Jul-2021| 09:29| Not applicable \nCreate_publicfoldermailboxesformigration.ps1| Not applicable| 27,924| 07-Jul-2021| 09:29| Not applicable \nCts.14.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 07-Jul-2021| 09:16| Not applicable \nCts.14.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 07-Jul-2021| 09:16| Not applicable \nCts.14.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 07-Jul-2021| 09:16| Not applicable \nCts.14.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 07-Jul-2021| 09:16| Not applicable \nCts.14.4.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 07-Jul-2021| 09:16| Not applicable \nCts.15.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 07-Jul-2021| 09:16| Not applicable \nCts.15.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 07-Jul-2021| 09:16| Not applicable \nCts.15.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 07-Jul-2021| 09:16| Not applicable \nCts.15.20.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 07-Jul-2021| 09:16| Not applicable \nCts.8.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 07-Jul-2021| 09:16| Not applicable \nCts.8.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 07-Jul-2021| 09:16| Not applicable \nCts.8.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 07-Jul-2021| 09:16| Not applicable \nCts_exsmime.dll| 15.1.2242.12| 380,816| 07-Jul-2021| 09:20| x64 \nCts_microsoft.exchange.data.common.dll| 15.1.2242.12| 1,686,928| 07-Jul-2021| 09:19| x86 \nCts_microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 07-Jul-2021| 09:16| Not applicable \nCts_policy.14.0.microsoft.exchange.data.common.dll| 15.1.2242.12| 13,192| 07-Jul-2021| 09:29| x86 \nCts_policy.14.1.microsoft.exchange.data.common.dll| 15.1.2242.12| 13,192| 07-Jul-2021| 09:29| x86 \nCts_policy.14.2.microsoft.exchange.data.common.dll| 15.1.2242.12| 13,200| 07-Jul-2021| 09:29| x86 \nCts_policy.14.3.microsoft.exchange.data.common.dll| 15.1.2242.12| 13,192| 07-Jul-2021| 09:29| x86 \nCts_policy.14.4.microsoft.exchange.data.common.dll| 15.1.2242.12| 13,184| 07-Jul-2021| 09:29| x86 \nCts_policy.15.0.microsoft.exchange.data.common.dll| 15.1.2242.12| 13,192| 07-Jul-2021| 09:29| x86 \nCts_policy.15.1.microsoft.exchange.data.common.dll| 15.1.2242.12| 13,192| 07-Jul-2021| 09:20| x86 \nCts_policy.15.2.microsoft.exchange.data.common.dll| 15.1.2242.12| 13,184| 07-Jul-2021| 09:18| x86 \nCts_policy.15.20.microsoft.exchange.data.common.dll| 15.1.2242.12| 13,176| 07-Jul-2021| 09:20| x86 \nCts_policy.8.0.microsoft.exchange.data.common.dll| 15.1.2242.12| 12,672| 07-Jul-2021| 09:19| x86 \nCts_policy.8.1.microsoft.exchange.data.common.dll| 15.1.2242.12| 12,680| 07-Jul-2021| 09:29| x86 \nCts_policy.8.2.microsoft.exchange.data.common.dll| 15.1.2242.12| 12,680| 07-Jul-2021| 09:29| x86 \nCts_policy.8.3.microsoft.exchange.data.common.dll| 15.1.2242.12| 12,680| 07-Jul-2021| 09:20| x86 \nDagcommonlibrary.ps1| Not applicable| 60,258| 07-Jul-2021| 09:29| Not applicable \nDependentassemblygenerator.exe| 15.1.2242.12| 22,416| 07-Jul-2021| 09:18| x86 \nDiaghelper.dll| 15.1.2242.12| 66,960| 07-Jul-2021| 09:19| x86 \nDiagnosticscriptcommonlibrary.ps1| Not applicable| 16,326| 07-Jul-2021| 09:29| Not applicable \nDisableinmemorytracing.ps1| Not applicable| 13,374| 07-Jul-2021| 09:29| Not applicable \nDisable_antimalwarescanning.ps1| Not applicable| 15,221| 07-Jul-2021| 09:29| Not applicable \nDisable_outsidein.ps1| Not applicable| 13,666| 07-Jul-2021| 09:29| Not applicable \nDisklockerapi.dll| Not applicable| 22,408| 07-Jul-2021| 09:29| x64 \nDlmigrationmodule.psm1| Not applicable| 39,592| 07-Jul-2021| 09:29| Not applicable \nDsaccessperf.dll| 15.1.2242.12| 45,944| 07-Jul-2021| 09:19| x64 \nDscperf.dll| 15.1.2242.12| 32,632| 07-Jul-2021| 09:29| x64 \nDup_cts_microsoft.exchange.data.common.dll| 15.1.2242.12| 1,686,928| 07-Jul-2021| 09:19| x86 \nDup_ext_microsoft.exchange.data.transport.dll| 15.1.2242.12| 601,464| 07-Jul-2021| 10:57| x86 \nEcpperfcounters.xml| Not applicable| 31,132| 07-Jul-2021| 09:29| Not applicable \nEdgeextensibility_microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 07-Jul-2021| 09:16| Not applicable \nEdgeextensibility_policy.8.0.microsoft.exchange.data.transport.dll| 15.1.2242.12| 13,176| 07-Jul-2021| 09:19| x86 \nEdgetransport.exe| 15.1.2242.12| 49,528| 07-Jul-2021| 10:57| x86 \nEext.14.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 07-Jul-2021| 09:16| Not applicable \nEext.14.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 07-Jul-2021| 09:16| Not applicable \nEext.14.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 07-Jul-2021| 09:16| Not applicable \nEext.14.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 07-Jul-2021| 09:16| Not applicable \nEext.14.4.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 07-Jul-2021| 09:16| Not applicable \nEext.15.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 07-Jul-2021| 09:16| Not applicable \nEext.15.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 07-Jul-2021| 09:16| Not applicable \nEext.15.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 07-Jul-2021| 09:16| Not applicable \nEext.15.20.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 07-Jul-2021| 09:16| Not applicable \nEext.8.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 07-Jul-2021| 09:16| Not applicable \nEext.8.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 07-Jul-2021| 09:16| Not applicable \nEext.8.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 07-Jul-2021| 09:16| Not applicable \nEext_policy.14.0.microsoft.exchange.data.transport.dll| 15.1.2242.12| 13,176| 07-Jul-2021| 09:29| x86 \nEext_policy.14.1.microsoft.exchange.data.transport.dll| 15.1.2242.12| 13,192| 07-Jul-2021| 09:18| x86 \nEext_policy.14.2.microsoft.exchange.data.transport.dll| 15.1.2242.12| 13,176| 07-Jul-2021| 09:19| x86 \nEext_policy.14.3.microsoft.exchange.data.transport.dll| 15.1.2242.12| 13,200| 07-Jul-2021| 09:19| x86 \nEext_policy.14.4.microsoft.exchange.data.transport.dll| 15.1.2242.12| 13,192| 07-Jul-2021| 09:20| x86 \nEext_policy.15.0.microsoft.exchange.data.transport.dll| 15.1.2242.12| 13,176| 07-Jul-2021| 09:29| x86 \nEext_policy.15.1.microsoft.exchange.data.transport.dll| 15.1.2242.12| 13,176| 07-Jul-2021| 09:19| x86 \nEext_policy.15.2.microsoft.exchange.data.transport.dll| 15.1.2242.12| 13,176| 07-Jul-2021| 09:20| x86 \nEext_policy.15.20.microsoft.exchange.data.transport.dll| 15.1.2242.12| 13,176| 07-Jul-2021| 09:16| x86 \nEext_policy.8.1.microsoft.exchange.data.transport.dll| 15.1.2242.12| 13,192| 07-Jul-2021| 09:20| x86 \nEext_policy.8.2.microsoft.exchange.data.transport.dll| 15.1.2242.12| 13,192| 07-Jul-2021| 09:29| x86 \nEext_policy.8.3.microsoft.exchange.data.transport.dll| 15.1.2242.12| 13,192| 07-Jul-2021| 09:29| x86 \nEnableinmemorytracing.ps1| Not applicable| 13,376| 07-Jul-2021| 09:29| Not applicable \nEnable_antimalwarescanning.ps1| Not applicable| 17,595| 07-Jul-2021| 09:29| Not applicable \nEnable_basicauthtooauthconverterhttpmodule.ps1| Not applicable| 18,620| 07-Jul-2021| 09:29| Not applicable \nEnable_crossforestconnector.ps1| Not applicable| 18,610| 07-Jul-2021| 09:29| Not applicable \nEnable_outlookcertificateauthentication.ps1| Not applicable| 22,948| 07-Jul-2021| 09:29| Not applicable \nEnable_outsidein.ps1| Not applicable| 13,659| 07-Jul-2021| 09:29| Not applicable \nEngineupdateserviceinterfaces.dll| 15.1.2242.12| 17,784| 07-Jul-2021| 10:57| x86 \nEscprint.dll| 15.1.2242.12| 20,368| 07-Jul-2021| 09:18| x64 \nEse.dll| 15.1.2242.12| 3,695,504| 07-Jul-2021| 09:29| x64 \nEseback2.dll| 15.1.2242.12| 325,000| 07-Jul-2021| 09:31| x64 \nEsebcli2.dll| 15.1.2242.12| 292,752| 07-Jul-2021| 09:29| x64 \nEseperf.dll| 15.1.2242.12| 116,104| 07-Jul-2021| 09:29| x64 \nEseutil.exe| 15.1.2242.12| 398,728| 07-Jul-2021| 09:29| x64 \nEsevss.dll| 15.1.2242.12| 44,424| 07-Jul-2021| 09:29| x64 \nEtweseproviderresources.dll| 15.1.2242.12| 82,312| 07-Jul-2021| 09:16| x64 \nEventperf.dll| 15.1.2242.12| 59,792| 07-Jul-2021| 09:18| x64 \nExchange.depthtwo.types.ps1xml| Not applicable| 40,105| 07-Jul-2021| 11:35| Not applicable \nExchange.format.ps1xml| Not applicable| 648,608| 07-Jul-2021| 11:35| Not applicable \nExchange.partial.types.ps1xml| Not applicable| 43,322| 07-Jul-2021| 11:35| Not applicable \nExchange.ps1| Not applicable| 20,803| 07-Jul-2021| 11:35| Not applicable \nExchange.support.format.ps1xml| Not applicable| 26,574| 07-Jul-2021| 11:26| Not applicable \nExchange.types.ps1xml| Not applicable| 365,145| 07-Jul-2021| 11:35| Not applicable \nExchangeudfcommon.dll| 15.1.2242.12| 121,744| 07-Jul-2021| 09:19| x86 \nExchangeudfs.dll| 15.1.2242.12| 269,688| 07-Jul-2021| 09:29| x86 \nExchmem.dll| 15.1.2242.12| 85,904| 07-Jul-2021| 09:19| x64 \nExchsetupmsg.dll| 15.1.2242.12| 19,320| 07-Jul-2021| 09:19| x64 \nExchucutil.ps1| Not applicable| 23,932| 07-Jul-2021| 09:29| Not applicable \nExdbfailureitemapi.dll| Not applicable| 27,000| 07-Jul-2021| 09:19| x64 \nExdbmsg.dll| 15.1.2242.12| 229,752| 07-Jul-2021| 09:19| x64 \nExeventperfplugin.dll| 15.1.2242.12| 25,488| 07-Jul-2021| 09:29| x64 \nExmime.dll| 15.1.2242.12| 364,936| 07-Jul-2021| 09:29| x64 \nExportedgeconfig.ps1| Not applicable| 27,403| 07-Jul-2021| 09:29| Not applicable \nExport_mailpublicfoldersformigration.ps1| Not applicable| 18,570| 07-Jul-2021| 09:29| Not applicable \nExport_modernpublicfolderstatistics.ps1| Not applicable| 28,866| 07-Jul-2021| 09:29| Not applicable \nExport_outlookclassification.ps1| Not applicable| 14,410| 07-Jul-2021| 09:20| Not applicable \nExport_publicfolderstatistics.ps1| Not applicable| 23,137| 07-Jul-2021| 09:29| Not applicable \nExport_retentiontags.ps1| Not applicable| 17,056| 07-Jul-2021| 09:29| Not applicable \nExppw.dll| 15.1.2242.12| 83,336| 07-Jul-2021| 09:29| x64 \nExprfdll.dll| 15.1.2242.12| 26,504| 07-Jul-2021| 09:29| x64 \nExrpc32.dll| 15.1.2242.12| 1,922,960| 07-Jul-2021| 09:31| x64 \nExrw.dll| 15.1.2242.12| 28,040| 07-Jul-2021| 09:19| x64 \nExsetdata.dll| 15.1.2242.12| 2,779,536| 07-Jul-2021| 10:57| x64 \nExsetup.exe| 15.1.2242.12| 35,192| 07-Jul-2021| 11:30| x86 \nExsetupui.exe| 15.1.2242.12| 193,400| 07-Jul-2021| 11:30| x86 \nExtrace.dll| 15.1.2242.12| 245,112| 07-Jul-2021| 09:16| x64 \nExt_microsoft.exchange.data.transport.dll| 15.1.2242.12| 601,464| 07-Jul-2021| 10:57| x86 \nExwatson.dll| 15.1.2242.12| 44,936| 07-Jul-2021| 09:20| x64 \nFastioext.dll| 15.1.2242.12| 60,280| 07-Jul-2021| 09:29| x64 \nFil06f84122c94c91a0458cad45c22cce20| Not applicable| 784,715| 07-Jul-2021| 13:08| Not applicable \nFil143a7a5d4894478a85eefc89a6539fc8| Not applicable| 1,909,229| 07-Jul-2021| 13:07| Not applicable \nFil19f527f284a0bb584915f9994f4885c3| Not applicable| 648,761| 07-Jul-2021| 13:08| Not applicable \nFil1a9540363a531e7fb18ffe600cffc3ce| Not applicable| 358,406| 07-Jul-2021| 13:08| Not applicable \nFil220d95210c8697448312eee6628c815c| Not applicable| 303,658| 07-Jul-2021| 13:08| Not applicable \nFil2cf5a31e239a45fabea48687373b547c| Not applicable| 652,727| 07-Jul-2021| 13:08| Not applicable \nFil397f0b1f1d7bd44d6e57e496decea2ec| Not applicable| 784,712| 07-Jul-2021| 13:08| Not applicable \nFil3ab126057b34eee68c4fd4b127ff7aee| Not applicable| 784,688| 07-Jul-2021| 13:08| Not applicable \nFil41bb2e5743e3bde4ecb1e07a76c5a7a8| Not applicable| 149,154| 07-Jul-2021| 13:07| Not applicable \nFil51669bfbda26e56e3a43791df94c1e9c| Not applicable| 9,346| 07-Jul-2021| 13:07| Not applicable \nFil558cb84302edfc96e553bcfce2b85286| Not applicable| 85,260| 07-Jul-2021| 13:07| Not applicable \nFil55ce217251b77b97a46e914579fc4c64| Not applicable| 648,755| 07-Jul-2021| 13:08| Not applicable \nFil5a9e78a51a18d05bc36b5e8b822d43a8| Not applicable| 1,597,359| 07-Jul-2021| 13:08| Not applicable \nFil5c7d10e5f1f9ada1e877c9aa087182a9| Not applicable| 1,597,359| 07-Jul-2021| 13:08| Not applicable \nFil6569a92c80a1e14949e4282ae2cc699c| Not applicable| 1,597,359| 07-Jul-2021| 13:08| Not applicable \nFil6a01daba551306a1e55f0bf6894f4d9f| Not applicable| 648,731| 07-Jul-2021| 13:08| Not applicable \nFil8863143ea7cd93a5f197c9fff13686bf| Not applicable| 648,761| 07-Jul-2021| 13:08| Not applicable \nFil8a8c76f225c7205db1000e8864c10038| Not applicable| 1,597,359| 07-Jul-2021| 13:08| Not applicable \nFil8cd999415d36ba78a3ac16a080c47458| Not applicable| 784,718| 07-Jul-2021| 13:08| Not applicable \nFil97913e630ff02079ce9889505a517ec0| Not applicable| 1,597,359| 07-Jul-2021| 13:08| Not applicable \nFilaa49badb2892075a28d58d06560f8da2| Not applicable| 785,742| 07-Jul-2021| 13:07| Not applicable \nFilae28aeed23ccb4b9b80accc2d43175b5| Not applicable| 648,758| 07-Jul-2021| 13:08| Not applicable \nFilb17f496f9d880a684b5c13f6b02d7203| Not applicable| 784,718| 07-Jul-2021| 13:08| Not applicable \nFilb94ca32f2654692263a5be009c0fe4ca| Not applicable| 2,564,949| 07-Jul-2021| 13:07| Not applicable \nFilbabdc4808eba0c4f18103f12ae955e5c| Not applicable| 341,904,608| 07-Jul-2021| 13:08| Not applicable \nFilc92cf2bf29bed21bd5555163330a3d07| Not applicable| 652,745| 07-Jul-2021| 13:07| Not applicable \nFilcc478d2a8346db20c4e2dc36f3400628| Not applicable| 784,718| 07-Jul-2021| 13:08| Not applicable \nFild26cd6b13cfe2ec2a16703819da6d043| Not applicable| 1,597,359| 07-Jul-2021| 13:08| Not applicable \nFilf2719f9dc8f7b74df78ad558ad3ee8a6| Not applicable| 785,724| 07-Jul-2021| 13:07| Not applicable \nFilfa5378dc76359a55ef20cc34f8a23fee| Not applicable| 1,427,187| 07-Jul-2021| 13:08| Not applicable \nFilteringconfigurationcommands.ps1| Not applicable| 18,263| 07-Jul-2021| 09:29| Not applicable \nFilteringpowershell.dll| 15.1.2242.12| 223,096| 07-Jul-2021| 10:57| x86 \nFilteringpowershell.format.ps1xml| Not applicable| 29,664| 07-Jul-2021| 10:57| Not applicable \nFiltermodule.dll| 15.1.2242.12| 180,104| 07-Jul-2021| 09:29| x64 \nFipexeuperfctrresource.dll| 15.1.2242.12| 15,224| 07-Jul-2021| 09:29| x64 \nFipexeventsresource.dll| 15.1.2242.12| 44,944| 07-Jul-2021| 09:29| x64 \nFipexperfctrresource.dll| 15.1.2242.12| 32,632| 07-Jul-2021| 09:29| x64 \nFirewallres.dll| 15.1.2242.12| 72,584| 07-Jul-2021| 09:16| x64 \nFms.exe| 15.1.2242.12| 1,350,032| 07-Jul-2021| 10:57| x64 \nForefrontactivedirectoryconnector.exe| 15.1.2242.12| 110,984| 07-Jul-2021| 09:19| x64 \nFpsdiag.exe| 15.1.2242.12| 18,824| 07-Jul-2021| 09:29| x86 \nFsccachedfilemanagedlocal.dll| 15.1.2242.12| 822,152| 07-Jul-2021| 09:19| x64 \nFscconfigsupport.dll| 15.1.2242.12| 56,720| 07-Jul-2021| 09:19| x86 \nFscconfigurationserver.exe| 15.1.2242.12| 430,968| 07-Jul-2021| 09:29| x64 \nFscconfigurationserverinterfaces.dll| 15.1.2242.12| 15,752| 07-Jul-2021| 09:29| x86 \nFsccrypto.dll| 15.1.2242.12| 208,776| 07-Jul-2021| 09:18| x64 \nFscipcinterfaceslocal.dll| 15.1.2242.12| 28,552| 07-Jul-2021| 09:15| x86 \nFscipclocal.dll| 15.1.2242.12| 38,288| 07-Jul-2021| 09:29| x86 \nFscsqmuploader.exe| 15.1.2242.12| 453,496| 07-Jul-2021| 09:29| x64 \nGetucpool.ps1| Not applicable| 19,807| 07-Jul-2021| 09:29| Not applicable \nGetvalidengines.ps1| Not applicable| 13,266| 07-Jul-2021| 09:29| Not applicable \nGet_antispamfilteringreport.ps1| Not applicable| 15,825| 07-Jul-2021| 09:29| Not applicable \nGet_antispamsclhistogram.ps1| Not applicable| 14,671| 07-Jul-2021| 09:29| Not applicable \nGet_antispamtopblockedsenderdomains.ps1| Not applicable| 15,743| 07-Jul-2021| 09:29| Not applicable \nGet_antispamtopblockedsenderips.ps1| Not applicable| 14,791| 07-Jul-2021| 09:29| Not applicable \nGet_antispamtopblockedsenders.ps1| Not applicable| 15,474| 07-Jul-2021| 09:29| Not applicable \nGet_antispamtoprblproviders.ps1| Not applicable| 14,701| 07-Jul-2021| 09:29| Not applicable \nGet_antispamtoprecipients.ps1| Not applicable| 14,826| 07-Jul-2021| 09:29| Not applicable \nGet_dleligibilitylist.ps1| Not applicable| 42,348| 07-Jul-2021| 09:29| Not applicable \nGet_exchangeetwtrace.ps1| Not applicable| 28,959| 07-Jul-2021| 09:29| Not applicable \nGet_publicfoldermailboxsize.ps1| Not applicable| 15,038| 07-Jul-2021| 09:29| Not applicable \nGet_storetrace.ps1| Not applicable| 50,627| 07-Jul-2021| 09:29| Not applicable \nHuffman_xpress.dll| 15.1.2242.12| 32,648| 07-Jul-2021| 09:29| x64 \nImportedgeconfig.ps1| Not applicable| 77,280| 07-Jul-2021| 09:29| Not applicable \nImport_mailpublicfoldersformigration.ps1| Not applicable| 29,492| 07-Jul-2021| 09:29| Not applicable \nImport_retentiontags.ps1| Not applicable| 28,830| 07-Jul-2021| 09:29| Not applicable \nInproxy.dll| 15.1.2242.12| 85,904| 07-Jul-2021| 09:20| x64 \nInstallwindowscomponent.ps1| Not applicable| 34,515| 07-Jul-2021| 10:57| Not applicable \nInstall_antispamagents.ps1| Not applicable| 17,945| 07-Jul-2021| 09:29| Not applicable \nInstall_odatavirtualdirectory.ps1| Not applicable| 17,999| 07-Jul-2021| 11:58| Not applicable \nInterop.activeds.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.1.2242.12| 107,408| 07-Jul-2021| 09:18| Not applicable \nInterop.adsiis.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.1.2242.12| 20,352| 07-Jul-2021| 09:19| Not applicable \nInterop.certenroll.dll| 15.1.2242.12| 142,720| 07-Jul-2021| 09:15| x86 \nInterop.licenseinfointerface.dll| 15.1.2242.12| 14,224| 07-Jul-2021| 09:31| x86 \nInterop.netfw.dll| 15.1.2242.12| 34,192| 07-Jul-2021| 09:15| x86 \nInterop.plalibrary.dll| 15.1.2242.12| 72,584| 07-Jul-2021| 09:16| x86 \nInterop.stdole2.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.1.2242.12| 27,016| 07-Jul-2021| 09:15| Not applicable \nInterop.taskscheduler.dll| 15.1.2242.12| 46,472| 07-Jul-2021| 09:15| x86 \nInterop.wuapilib.dll| 15.1.2242.12| 60,792| 07-Jul-2021| 09:18| x86 \nInterop.xenroll.dll| 15.1.2242.12| 39,816| 07-Jul-2021| 09:15| x86 \nKerbauth.dll| 15.1.2242.12| 62,856| 07-Jul-2021| 09:29| x64 \nLicenseinfointerface.dll| 15.1.2242.12| 643,472| 07-Jul-2021| 09:29| x64 \nLpversioning.xml| Not applicable| 20,446| 07-Jul-2021| 11:30| Not applicable \nMailboxdatabasereseedusingspares.ps1| Not applicable| 31,916| 07-Jul-2021| 09:29| Not applicable \nManagedavailabilitycrimsonmsg.dll| 15.1.2242.12| 138,616| 07-Jul-2021| 09:19| x64 \nManagedstorediagnosticfunctions.ps1| Not applicable| 125,853| 07-Jul-2021| 09:29| Not applicable \nManagescheduledtask.ps1| Not applicable| 36,352| 07-Jul-2021| 09:29| Not applicable \nMce.dll| 15.1.2242.12| 1,693,072| 07-Jul-2021| 09:29| x64 \nMeasure_storeusagestatistics.ps1| Not applicable| 29,519| 07-Jul-2021| 09:29| Not applicable \nMerge_publicfoldermailbox.ps1| Not applicable| 22,655| 07-Jul-2021| 09:29| Not applicable \nMicrosoft.database.isam.dll| 15.1.2242.12| 127,376| 07-Jul-2021| 09:31| x86 \nMicrosoft.dkm.proxy.dll| 15.1.2242.12| 25,976| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.activemonitoring.activemonitoringvariantconfig.dll| 15.1.2242.12| 68,496| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.activemonitoring.eventlog.dll| 15.1.2242.12| 17,800| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.addressbook.service.dll| 15.1.2242.12| 232,840| 07-Jul-2021| 11:25| x86 \nMicrosoft.exchange.addressbook.service.eventlog.dll| 15.1.2242.12| 15,752| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.airsync.airsyncmsg.dll| 15.1.2242.12| 43,384| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.airsync.comon.dll| 15.1.2242.12| 1,775,480| 07-Jul-2021| 11:04| x86 \nMicrosoft.exchange.airsync.dll1| 15.1.2242.12| 505,720| 07-Jul-2021| 11:54| Not applicable \nMicrosoft.exchange.airsynchandler.dll| 15.1.2242.12| 76,152| 07-Jul-2021| 11:57| x86 \nMicrosoft.exchange.anchorservice.dll| 15.1.2242.12| 135,560| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.antispam.eventlog.dll| 15.1.2242.12| 23,424| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.antispamupdate.eventlog.dll| 15.1.2242.12| 15,752| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.antispamupdatesvc.exe| 15.1.2242.12| 27,016| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.approval.applications.dll| 15.1.2242.12| 53,624| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.assistants.dll| 15.1.2242.12| 924,024| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.assistants.eventlog.dll| 15.1.2242.12| 25,976| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.assistants.interfaces.dll| 15.1.2242.12| 42,384| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.audit.azureclient.dll| 15.1.2242.12| 15,240| 07-Jul-2021| 11:27| x86 \nMicrosoft.exchange.auditlogsearch.eventlog.dll| 15.1.2242.12| 14,728| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.auditlogsearchservicelet.dll| 15.1.2242.12| 70,536| 07-Jul-2021| 11:25| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.dll| 15.1.2242.12| 94,608| 07-Jul-2021| 11:36| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.eventlog.dll| 15.1.2242.12| 13,176| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.authadmin.eventlog.dll| 15.1.2242.12| 15,752| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.authadminservicelet.dll| 15.1.2242.12| 36,744| 07-Jul-2021| 11:25| x86 \nMicrosoft.exchange.authservicehostservicelet.dll| 15.1.2242.12| 15,752| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.autodiscover.configuration.dll| 15.1.2242.12| 79,760| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.autodiscover.dll| 15.1.2242.12| 396,152| 07-Jul-2021| 11:06| x86 \nMicrosoft.exchange.autodiscover.eventlogs.dll| 15.1.2242.12| 21,384| 07-Jul-2021| 09:20| x64 \nMicrosoft.exchange.autodiscoverv2.dll| 15.1.2242.12| 57,224| 07-Jul-2021| 11:09| x86 \nMicrosoft.exchange.bandwidthmonitorservicelet.dll| 15.1.2242.12| 14,728| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.batchservice.dll| 15.1.2242.12| 35,720| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.cabutility.dll| 15.1.2242.12| 276,368| 07-Jul-2021| 09:16| x64 \nMicrosoft.exchange.certificatedeployment.eventlog.dll| 15.1.2242.12| 16,264| 07-Jul-2021| 09:20| x64 \nMicrosoft.exchange.certificatedeploymentservicelet.dll| 15.1.2242.12| 25,976| 07-Jul-2021| 11:25| x86 \nMicrosoft.exchange.certificatenotification.eventlog.dll| 15.1.2242.12| 13,712| 07-Jul-2021| 09:18| x64 \nMicrosoft.exchange.certificatenotificationservicelet.dll| 15.1.2242.12| 23,432| 07-Jul-2021| 11:25| x86 \nMicrosoft.exchange.clients.common.dll| 15.1.2242.12| 377,744| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.clients.eventlogs.dll| 15.1.2242.12| 83,848| 07-Jul-2021| 09:15| x64 \nMicrosoft.exchange.clients.owa.dll| 15.1.2242.12| 2,970,488| 07-Jul-2021| 11:57| x86 \nMicrosoft.exchange.clients.owa2.server.dll| 15.1.2242.12| 5,028,744| 07-Jul-2021| 11:54| x86 \nMicrosoft.exchange.clients.owa2.servervariantconfiguration.dll| 15.1.2242.12| 894,328| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.clients.security.dll| 15.1.2242.12| 413,584| 07-Jul-2021| 11:35| x86 \nMicrosoft.exchange.clients.strings.dll| 15.1.2242.12| 924,560| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.cluster.bandwidthmonitor.dll| 15.1.2242.12| 31,624| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.cluster.common.dll| 15.1.2242.12| 52,096| 07-Jul-2021| 09:16| x86 \nMicrosoft.exchange.cluster.common.extensions.dll| 15.1.2242.12| 21,904| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.cluster.diskmonitor.dll| 15.1.2242.12| 33,672| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.cluster.replay.dll| 15.1.2242.12| 3,478,408| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.cluster.replicaseeder.dll| 15.1.2242.12| 108,424| 07-Jul-2021| 09:31| x64 \nMicrosoft.exchange.cluster.replicavsswriter.dll| 15.1.2242.12| 288,648| 07-Jul-2021| 10:57| x64 \nMicrosoft.exchange.cluster.shared.dll| 15.1.2242.12| 621,944| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.common.agentconfig.transport.dll| 15.1.2242.12| 86,392| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.common.componentconfig.transport.dll| 15.1.2242.12| 1,827,704| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.common.directory.adagentservicevariantconfig.dll| 15.1.2242.12| 31,624| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.common.directory.directoryvariantconfig.dll| 15.1.2242.12| 466,312| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.common.directory.domtvariantconfig.dll| 15.1.2242.12| 25,976| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.common.directory.ismemberofresolverconfig.dll| 15.1.2242.12| 38,264| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.common.directory.tenantrelocationvariantconfig.dll| 15.1.2242.12| 102,800| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.common.directory.topologyservicevariantconfig.dll| 15.1.2242.12| 48,528| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.common.diskmanagement.dll| 15.1.2242.12| 67,464| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.common.dll| 15.1.2242.12| 172,936| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.common.encryption.variantconfig.dll| 15.1.2242.12| 113,552| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.common.il.dll| 15.1.2242.12| 13,704| 07-Jul-2021| 09:16| x86 \nMicrosoft.exchange.common.inference.dll| 15.1.2242.12| 130,448| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.common.optics.dll| 15.1.2242.12| 63,880| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.common.processmanagermsg.dll| 15.1.2242.12| 19,848| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.common.protocols.popimap.dll| 15.1.2242.12| 15,248| 07-Jul-2021| 09:15| x86 \nMicrosoft.exchange.common.search.dll| 15.1.2242.12| 107,912| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.common.search.eventlog.dll| 15.1.2242.12| 17,808| 07-Jul-2021| 09:20| x64 \nMicrosoft.exchange.common.smtp.dll| 15.1.2242.12| 51,592| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.common.suiteservices.suiteservicesvariantconfig.dll| 15.1.2242.12| 36,728| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.common.transport.azure.dll| 15.1.2242.12| 27,528| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.common.transport.monitoringconfig.dll| 15.1.2242.12| 1,042,320| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.commonmsg.dll| 15.1.2242.12| 29,064| 07-Jul-2021| 09:16| x64 \nMicrosoft.exchange.compliance.auditlogpumper.messages.dll| 15.1.2242.12| 13,192| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.compliance.auditservice.core.dll| 15.1.2242.12| 181,136| 07-Jul-2021| 11:38| x86 \nMicrosoft.exchange.compliance.auditservice.messages.dll| 15.1.2242.12| 30,096| 07-Jul-2021| 09:18| x64 \nMicrosoft.exchange.compliance.common.dll| 15.1.2242.12| 22,416| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.compliance.crimsonevents.dll| 15.1.2242.12| 85,880| 07-Jul-2021| 09:15| x64 \nMicrosoft.exchange.compliance.dll| 15.1.2242.12| 41,352| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.compliance.recordreview.dll| 15.1.2242.12| 37,264| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.compliance.supervision.dll| 15.1.2242.12| 50,552| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.compliance.taskcreator.dll| 15.1.2242.12| 33,144| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.compliance.taskdistributioncommon.dll| 15.1.2242.12| 1,100,152| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.compliance.taskdistributionfabric.dll| 15.1.2242.12| 206,712| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.compliance.taskplugins.dll| 15.1.2242.12| 210,832| 07-Jul-2021| 11:09| x86 \nMicrosoft.exchange.compression.dll| 15.1.2242.12| 17,272| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.configuration.certificateauth.dll| 15.1.2242.12| 37,752| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.configuration.certificateauth.eventlog.dll| 15.1.2242.12| 14,200| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.configuration.core.dll| 15.1.2242.12| 145,784| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.configuration.core.eventlog.dll| 15.1.2242.12| 14,224| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.configuration.delegatedauth.dll| 15.1.2242.12| 53,112| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.configuration.delegatedauth.eventlog.dll| 15.1.2242.12| 15,752| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.configuration.diagnosticsmodules.dll| 15.1.2242.12| 23,440| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.configuration.diagnosticsmodules.eventlog.dll| 15.1.2242.12| 13,176| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.configuration.failfast.dll| 15.1.2242.12| 54,672| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.configuration.failfast.eventlog.dll| 15.1.2242.12| 13,704| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.configuration.objectmodel.dll| 15.1.2242.12| 1,845,136| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.configuration.objectmodel.eventlog.dll| 15.1.2242.12| 30,088| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.configuration.redirectionmodule.dll| 15.1.2242.12| 68,496| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.configuration.redirectionmodule.eventlog.dll| 15.1.2242.12| 15,240| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.dll| 15.1.2242.12| 21,368| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.eventlog.dll| 15.1.2242.12| 13,176| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.connectiondatacollector.dll| 15.1.2242.12| 25,992| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.connections.common.dll| 15.1.2242.12| 169,872| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.connections.eas.dll| 15.1.2242.12| 330,120| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.connections.imap.dll| 15.1.2242.12| 173,960| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.connections.pop.dll| 15.1.2242.12| 71,048| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.contentfilter.wrapper.exe| 15.1.2242.12| 203,640| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.context.client.dll| 15.1.2242.12| 27,024| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.context.configuration.dll| 15.1.2242.12| 51,576| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.context.core.dll| 15.1.2242.12| 51,064| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.context.datamodel.dll| 15.1.2242.12| 46,992| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.core.strings.dll| 15.1.2242.12| 1,092,488| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.core.timezone.dll| 15.1.2242.12| 57,224| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.data.applicationlogic.deep.dll| 15.1.2242.12| 326,536| 07-Jul-2021| 09:15| x86 \nMicrosoft.exchange.data.applicationlogic.dll| 15.1.2242.12| 3,356,528| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.data.applicationlogic.eventlog.dll| 15.1.2242.12| 35,704| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.data.applicationlogic.monitoring.ifx.dll| 15.1.2242.12| 17,808| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.data.connectors.dll| 15.1.2242.12| 165,264| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.data.consumermailboxprovisioning.dll| 15.1.2242.12| 619,408| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.data.directory.dll| 15.1.2242.12| 7,783,288| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.data.directory.eventlog.dll| 15.1.2242.12| 80,248| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.data.dll| 15.1.2242.12| 1,786,744| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.data.groupmailboxaccesslayer.dll| 15.1.2242.12| 1,626,488| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.data.ha.dll| 15.1.2242.12| 362,360| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.data.imageanalysis.dll| 15.1.2242.12| 105,872| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.data.mailboxfeatures.dll| 15.1.2242.12| 15,752| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.data.mailboxloadbalance.dll| 15.1.2242.12| 224,656| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.data.mapi.dll| 15.1.2242.12| 186,760| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.data.metering.contracts.dll| 15.1.2242.12| 39,816| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.data.metering.dll| 15.1.2242.12| 119,176| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.data.msosyncxsd.dll| 15.1.2242.12| 968,080| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.data.notification.dll| 15.1.2242.12| 141,200| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.data.personaldataplatform.dll| 15.1.2242.12| 769,408| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.data.providers.dll| 15.1.2242.12| 139,656| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.data.provisioning.dll| 15.1.2242.12| 56,696| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.data.rightsmanagement.dll| 15.1.2242.12| 453,000| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.data.scheduledtimers.dll| 15.1.2242.12| 32,656| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.data.storage.clientstrings.dll| 15.1.2242.12| 256,392| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.data.storage.dll| 15.1.2242.12| 11,641,720| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.data.storage.eventlog.dll| 15.1.2242.12| 37,768| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.data.storageconfigurationresources.dll| 15.1.2242.12| 655,752| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.data.storeobjects.dll| 15.1.2242.12| 174,456| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.data.throttlingservice.client.dll| 15.1.2242.12| 36,216| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.data.throttlingservice.client.eventlog.dll| 15.1.2242.12| 14,224| 07-Jul-2021| 09:18| x64 \nMicrosoft.exchange.data.throttlingservice.eventlog.dll| 15.1.2242.12| 14,216| 07-Jul-2021| 09:20| x64 \nMicrosoft.exchange.datacenter.management.activemonitoring.recoveryservice.eventlog.dll| 15.1.2242.12| 14,712| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.datacenterstrings.dll| 15.1.2242.12| 72,568| 07-Jul-2021| 11:25| x86 \nMicrosoft.exchange.delivery.eventlog.dll| 15.1.2242.12| 13,176| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.diagnostics.certificatelogger.dll| 15.1.2242.12| 22,904| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.diagnostics.dll| 15.1.2242.12| 2,210,680| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.diagnostics.dll.deploy| 15.1.2242.12| 2,210,680| 07-Jul-2021| 09:29| Not applicable \nMicrosoft.exchange.diagnostics.performancelogger.dll| 15.1.2242.12| 23,944| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.diagnostics.service.common.dll| 15.1.2242.12| 546,696| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.diagnostics.service.eventlog.dll| 15.1.2242.12| 215,416| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.diagnostics.service.exchangejobs.dll| 15.1.2242.12| 193,424| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.diagnostics.service.exe| 15.1.2242.12| 146,312| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.diagnostics.service.fuseboxperfcounters.dll| 15.1.2242.12| 27,512| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.diagnosticsaggregation.eventlog.dll| 15.1.2242.12| 13,696| 07-Jul-2021| 09:20| x64 \nMicrosoft.exchange.diagnosticsaggregationservicelet.dll| 15.1.2242.12| 49,544| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.directory.topologyservice.eventlog.dll| 15.1.2242.12| 28,024| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.directory.topologyservice.exe| 15.1.2242.12| 208,776| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.disklocker.events.dll| 15.1.2242.12| 88,968| 07-Jul-2021| 09:16| x64 \nMicrosoft.exchange.disklocker.interop.dll| 15.1.2242.12| 32,648| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.drumtesting.calendarmigration.dll| 15.1.2242.12| 45,968| 07-Jul-2021| 11:01| x86 \nMicrosoft.exchange.drumtesting.common.dll| 15.1.2242.12| 18,808| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.dxstore.dll| 15.1.2242.12| 473,464| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.dxstore.ha.events.dll| 15.1.2242.12| 206,216| 07-Jul-2021| 09:16| x64 \nMicrosoft.exchange.dxstore.ha.instance.exe| 15.1.2242.12| 36,752| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.eac.flighting.dll| 15.1.2242.12| 131,448| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.edgecredentialsvc.exe| 15.1.2242.12| 21,896| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.edgesync.common.dll| 15.1.2242.12| 148,368| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.edgesync.datacenterproviders.dll| 15.1.2242.12| 220,048| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.edgesync.eventlog.dll| 15.1.2242.12| 23,928| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.edgesyncsvc.exe| 15.1.2242.12| 97,656| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.ediscovery.export.dll| 15.1.2242.12| 1,266,056| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.ediscovery.export.dll.deploy| 15.1.2242.12| 1,266,056| 07-Jul-2021| 09:29| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.application| Not applicable| 16,486| 07-Jul-2021| 10:57| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.exe.deploy| 15.1.2242.12| 87,416| 07-Jul-2021| 09:31| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.manifest| Not applicable| 67,455| 07-Jul-2021| 10:57| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.strings.dll.deploy| 15.1.2242.12| 52,104| 07-Jul-2021| 09:18| Not applicable \nMicrosoft.exchange.ediscovery.mailboxsearch.dll| 15.1.2242.12| 294,264| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.entities.birthdaycalendar.dll| 15.1.2242.12| 73,080| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.entities.booking.defaultservicesettings.dll| 15.1.2242.12| 45,968| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.entities.booking.dll| 15.1.2242.12| 218,488| 07-Jul-2021| 11:01| x86 \nMicrosoft.exchange.entities.booking.management.dll| 15.1.2242.12| 78,216| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.entities.bookings.dll| 15.1.2242.12| 35,728| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.entities.calendaring.dll| 15.1.2242.12| 932,240| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.entities.common.dll| 15.1.2242.12| 336,240| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.entities.connectors.dll| 15.1.2242.12| 52,624| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.entities.contentsubmissions.dll| 15.1.2242.12| 32,120| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.entities.context.dll| 15.1.2242.12| 60,816| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.entities.datamodel.dll| 15.1.2242.12| 854,408| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.entities.fileproviders.dll| 15.1.2242.12| 291,720| 07-Jul-2021| 11:01| x86 \nMicrosoft.exchange.entities.foldersharing.dll| 15.1.2242.12| 39,312| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.entities.holidaycalendars.dll| 15.1.2242.12| 76,152| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.entities.insights.dll| 15.1.2242.12| 166,776| 07-Jul-2021| 11:05| x86 \nMicrosoft.exchange.entities.meetinglocation.dll| 15.1.2242.12| 1,486,736| 07-Jul-2021| 11:05| x86 \nMicrosoft.exchange.entities.meetingparticipants.dll| 15.1.2242.12| 122,232| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.entities.meetingtimecandidates.dll| 15.1.2242.12| 12,327,304| 07-Jul-2021| 11:09| x86 \nMicrosoft.exchange.entities.onlinemeetings.dll| 15.1.2242.12| 264,056| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.entities.people.dll| 15.1.2242.12| 37,752| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.entities.peopleinsights.dll| 15.1.2242.12| 186,760| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.entities.reminders.dll| 15.1.2242.12| 64,376| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.entities.schedules.dll| 15.1.2242.12| 83,848| 07-Jul-2021| 11:01| x86 \nMicrosoft.exchange.entities.shellservice.dll| 15.1.2242.12| 63,888| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.entities.tasks.dll| 15.1.2242.12| 100,240| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.entities.xrm.dll| 15.1.2242.12| 144,760| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.entityextraction.calendar.dll| 15.1.2242.12| 270,200| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.eserepl.common.dll| 15.1.2242.12| 15,240| 07-Jul-2021| 09:16| x86 \nMicrosoft.exchange.eserepl.configuration.dll| 15.1.2242.12| 15,760| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.eserepl.dll| 15.1.2242.12| 130,448| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.ews.configuration.dll| 15.1.2242.12| 254,352| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.exchangecertificate.eventlog.dll| 15.1.2242.12| 13,192| 07-Jul-2021| 09:16| x64 \nMicrosoft.exchange.exchangecertificateservicelet.dll| 15.1.2242.12| 37,256| 07-Jul-2021| 11:25| x86 \nMicrosoft.exchange.extensibility.internal.dll| 15.1.2242.12| 640,904| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.extensibility.partner.dll| 15.1.2242.12| 37,240| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.federateddirectory.dll| 15.1.2242.12| 146,320| 07-Jul-2021| 11:35| x86 \nMicrosoft.exchange.ffosynclogmsg.dll| 15.1.2242.12| 13,176| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.frontendhttpproxy.dll| 15.1.2242.12| 594,312| 07-Jul-2021| 11:35| x86 \nMicrosoft.exchange.frontendhttpproxy.eventlogs.dll| 15.1.2242.12| 14,712| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.frontendtransport.monitoring.dll| 15.1.2242.12| 30,072| 07-Jul-2021| 12:15| x86 \nMicrosoft.exchange.griffin.variantconfiguration.dll| 15.1.2242.12| 99,704| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.hathirdpartyreplication.dll| 15.1.2242.12| 42,376| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.helpprovider.dll| 15.1.2242.12| 40,336| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.httpproxy.addressfinder.dll| 15.1.2242.12| 54,152| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.httpproxy.common.dll| 15.1.2242.12| 163,704| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.httpproxy.diagnostics.dll| 15.1.2242.12| 58,760| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.httpproxy.flighting.dll| 15.1.2242.12| 204,176| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.httpproxy.passivemonitor.dll| 15.1.2242.12| 17,784| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.httpproxy.proxyassistant.dll| 15.1.2242.12| 30,600| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.httpproxy.routerefresher.dll| 15.1.2242.12| 38,792| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.httpproxy.routeselector.dll| 15.1.2242.12| 48,520| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.httpproxy.routing.dll| 15.1.2242.12| 180,608| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.httpredirectmodules.dll| 15.1.2242.12| 36,744| 07-Jul-2021| 11:36| x86 \nMicrosoft.exchange.httputilities.dll| 15.1.2242.12| 25,992| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.hygiene.data.dll| 15.1.2242.12| 1,868,152| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.hygiene.diagnosisutil.dll| 15.1.2242.12| 54,664| 07-Jul-2021| 09:16| x86 \nMicrosoft.exchange.hygiene.eopinstantprovisioning.dll| 15.1.2242.12| 35,704| 07-Jul-2021| 11:26| x86 \nMicrosoft.exchange.idserialization.dll| 15.1.2242.12| 35,720| 07-Jul-2021| 09:15| x86 \nMicrosoft.exchange.imap4.eventlog.dll| 15.1.2242.12| 18,296| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.imap4.eventlog.dll.fe| 15.1.2242.12| 18,296| 07-Jul-2021| 09:29| Not applicable \nMicrosoft.exchange.imap4.exe| 15.1.2242.12| 263,056| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.imap4.exe.fe| 15.1.2242.12| 263,056| 07-Jul-2021| 10:57| Not applicable \nMicrosoft.exchange.imap4service.exe| 15.1.2242.12| 24,968| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.imap4service.exe.fe| 15.1.2242.12| 24,968| 07-Jul-2021| 10:57| Not applicable \nMicrosoft.exchange.imapconfiguration.dl1| 15.1.2242.12| 53,136| 07-Jul-2021| 10:57| Not applicable \nMicrosoft.exchange.inference.common.dll| 15.1.2242.12| 216,976| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.inference.hashtagsrelevance.dll| 15.1.2242.12| 32,136| 07-Jul-2021| 11:06| x64 \nMicrosoft.exchange.inference.peoplerelevance.dll| 15.1.2242.12| 281,992| 07-Jul-2021| 11:04| x86 \nMicrosoft.exchange.inference.ranking.dll| 15.1.2242.12| 18,824| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.inference.safetylibrary.dll| 15.1.2242.12| 83,848| 07-Jul-2021| 11:01| x86 \nMicrosoft.exchange.inference.service.eventlog.dll| 15.1.2242.12| 15,224| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.infoworker.assistantsclientresources.dll| 15.1.2242.12| 94,072| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.infoworker.common.dll| 15.1.2242.12| 1,840,512| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.infoworker.eventlog.dll| 15.1.2242.12| 71,544| 07-Jul-2021| 09:18| x64 \nMicrosoft.exchange.infoworker.meetingvalidator.dll| 15.1.2242.12| 175,504| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.instantmessaging.dll| 15.1.2242.12| 45,960| 07-Jul-2021| 09:16| x86 \nMicrosoft.exchange.irm.formprotector.dll| 15.1.2242.12| 159,624| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.irm.msoprotector.dll| 15.1.2242.12| 51,080| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.irm.ofcprotector.dll| 15.1.2242.12| 45,968| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.isam.databasemanager.dll| 15.1.2242.12| 30,584| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.isam.esebcli.dll| 15.1.2242.12| 100,240| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.jobqueue.eventlog.dll| 15.1.2242.12| 13,192| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.jobqueueservicelet.dll| 15.1.2242.12| 271,248| 07-Jul-2021| 11:38| x86 \nMicrosoft.exchange.killswitch.dll| 15.1.2242.12| 22,408| 07-Jul-2021| 09:15| x86 \nMicrosoft.exchange.killswitchconfiguration.dll| 15.1.2242.12| 33,656| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.loganalyzer.analyzers.auditing.dll| 15.1.2242.12| 18,320| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.analyzers.certificatelog.dll| 15.1.2242.12| 15,248| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.analyzers.cmdletinfralog.dll| 15.1.2242.12| 27,528| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.analyzers.easlog.dll| 15.1.2242.12| 30,600| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ecplog.dll| 15.1.2242.12| 22,416| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.analyzers.eventlog.dll| 15.1.2242.12| 66,424| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ewslog.dll| 15.1.2242.12| 29,576| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.analyzers.griffinperfcounter.dll| 15.1.2242.12| 19,848| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.loganalyzer.analyzers.groupescalationlog.dll| 15.1.2242.12| 20,360| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.analyzers.httpproxylog.dll| 15.1.2242.12| 19,336| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.loganalyzer.analyzers.hxservicelog.dll| 15.1.2242.12| 34,184| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.loganalyzer.analyzers.iislog.dll| 15.1.2242.12| 103,800| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.analyzers.lameventlog.dll| 15.1.2242.12| 31,624| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.loganalyzer.analyzers.migrationlog.dll| 15.1.2242.12| 15,760| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oabdownloadlog.dll| 15.1.2242.12| 20,856| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oauthcafelog.dll| 15.1.2242.12| 16,272| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.loganalyzer.analyzers.outlookservicelog.dll| 15.1.2242.12| 49,032| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owaclientlog.dll| 15.1.2242.12| 44,424| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owalog.dll| 15.1.2242.12| 38,280| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.analyzers.perflog.dll| 15.1.2242.12| 10,375,032| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.loganalyzer.analyzers.pfassistantlog.dll| 15.1.2242.12| 29,064| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.analyzers.rca.dll| 15.1.2242.12| 21,384| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.analyzers.restlog.dll| 15.1.2242.12| 24,456| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.loganalyzer.analyzers.store.dll| 15.1.2242.12| 15,232| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.loganalyzer.analyzers.transportsynchealthlog.dll| 15.1.2242.12| 21,872| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.core.dll| 15.1.2242.12| 89,488| 07-Jul-2021| 09:16| x86 \nMicrosoft.exchange.loganalyzer.extensions.auditing.dll| 15.1.2242.12| 20,872| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.extensions.certificatelog.dll| 15.1.2242.12| 26,504| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.extensions.cmdletinfralog.dll| 15.1.2242.12| 21,384| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.extensions.common.dll| 15.1.2242.12| 28,024| 07-Jul-2021| 09:18| x86 \nMicrosoft.exchange.loganalyzer.extensions.easlog.dll| 15.1.2242.12| 28,560| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.extensions.errordetection.dll| 15.1.2242.12| 36,232| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.extensions.ewslog.dll| 15.1.2242.12| 16,776| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.extensions.griffinperfcounter.dll| 15.1.2242.12| 19,856| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.extensions.groupescalationlog.dll| 15.1.2242.12| 15,240| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.extensions.httpproxylog.dll| 15.1.2242.12| 17,288| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.extensions.hxservicelog.dll| 15.1.2242.12| 19,848| 07-Jul-2021| 09:20| x86 \nMicrosoft.exchange.loganalyzer.extensions.iislog.dll| 15.1.2242.12| 57,224| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.extensions.migrationlog.dll| 15.1.2242.12| 17,800| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.extensions.oabdownloadlog.dll| 15.1.2242.12| 18,808| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.loganalyzer.extensions.oauthcafelog.dll| 15.1.2242.12| 16,264| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.extensions.outlookservicelog.dll| 15.1.2242.12| 17,800| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.extensions.owaclientlog.dll| 15.1.2242.12| 15,240| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.extensions.owalog.dll| 15.1.2242.12| 15,224| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.extensions.perflog.dll| 15.1.2242.12| 52,616| 07-Jul-2021| 09:19| x86 \nMicrosoft.exchange.loganalyzer.extensions.pfassistantlog.dll| 15.1.2242.12| 18,312| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.extensions.rca.dll| 15.1.2242.12| 34,168| 07-Jul-2021| 09:19| x86 \nMicrosoft.exchange.loganalyzer.extensions.restlog.dll| 15.1.2242.12| 17,288| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.loganalyzer.extensions.store.dll| 15.1.2242.12| 18,824| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.loganalyzer.extensions.transportsynchealthlog.dll| 15.1.2242.12| 43,400| 07-Jul-2021| 09:20| x86 \nMicrosoft.exchange.loguploader.dll| 15.1.2242.12| 165,240| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.loguploaderproxy.dll| 15.1.2242.12| 54,672| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.mailboxassistants.assistants.dll| 15.1.2242.12| 9,060,744| 07-Jul-2021| 12:06| x86 \nMicrosoft.exchange.mailboxassistants.attachmentthumbnail.dll| 15.1.2242.12| 33,168| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.mailboxassistants.common.dll| 15.1.2242.12| 124,280| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.mailboxassistants.crimsonevents.dll| 15.1.2242.12| 82,832| 07-Jul-2021| 09:18| x64 \nMicrosoft.exchange.mailboxassistants.eventlog.dll| 15.1.2242.12| 14,216| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.mailboxassistants.rightsmanagement.dll| 15.1.2242.12| 30,096| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.mailboxloadbalance.dll| 15.1.2242.12| 661,384| 07-Jul-2021| 11:08| x86 \nMicrosoft.exchange.mailboxloadbalance.serverstrings.dll| 15.1.2242.12| 63,352| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.mailboxreplicationservice.calendarsyncprovider.dll| 15.1.2242.12| 175,480| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.mailboxreplicationservice.common.dll| 15.1.2242.12| 2,784,144| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.mailboxreplicationservice.complianceprovider.dll| 15.1.2242.12| 53,112| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.mailboxreplicationservice.contactsyncprovider.dll| 15.1.2242.12| 151,944| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.mailboxreplicationservice.dll| 15.1.2242.12| 966,008| 07-Jul-2021| 11:06| x86 \nMicrosoft.exchange.mailboxreplicationservice.easprovider.dll| 15.1.2242.12| 185,208| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.mailboxreplicationservice.eventlog.dll| 15.1.2242.12| 31,608| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.mailboxreplicationservice.googledocprovider.dll| 15.1.2242.12| 39,824| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.mailboxreplicationservice.imapprovider.dll| 15.1.2242.12| 105,848| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.mailboxreplicationservice.mapiprovider.dll| 15.1.2242.12| 94,600| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.mailboxreplicationservice.popprovider.dll| 15.1.2242.12| 43,408| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyclient.dll| 15.1.2242.12| 18,824| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyservice.dll| 15.1.2242.12| 172,936| 07-Jul-2021| 11:06| x86 \nMicrosoft.exchange.mailboxreplicationservice.pstprovider.dll| 15.1.2242.12| 102,776| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.mailboxreplicationservice.remoteprovider.dll| 15.1.2242.12| 98,680| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.mailboxreplicationservice.storageprovider.dll| 15.1.2242.12| 188,304| 07-Jul-2021| 11:01| x86 \nMicrosoft.exchange.mailboxreplicationservice.syncprovider.dll| 15.1.2242.12| 43,400| 07-Jul-2021| 11:01| x86 \nMicrosoft.exchange.mailboxreplicationservice.xml.dll| 15.1.2242.12| 447,368| 07-Jul-2021| 09:16| x86 \nMicrosoft.exchange.mailboxreplicationservice.xrmprovider.dll| 15.1.2242.12| 89,976| 07-Jul-2021| 11:04| x86 \nMicrosoft.exchange.mailboxtransport.monitoring.dll| 15.1.2242.12| 107,896| 07-Jul-2021| 12:16| x86 \nMicrosoft.exchange.mailboxtransport.storedriveragents.dll| 15.1.2242.12| 371,080| 07-Jul-2021| 11:08| x86 \nMicrosoft.exchange.mailboxtransport.storedrivercommon.dll| 15.1.2242.12| 193,912| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.dll| 15.1.2242.12| 551,816| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.eventlog.dll| 15.1.2242.12| 16,248| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.mailboxtransport.submission.eventlog.dll| 15.1.2242.12| 15,736| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.dll| 15.1.2242.12| 321,400| 07-Jul-2021| 11:04| x86 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.eventlog.dll| 15.1.2242.12| 17,800| 07-Jul-2021| 09:20| x64 \nMicrosoft.exchange.mailboxtransport.syncdelivery.dll| 15.1.2242.12| 45,432| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.dll| 15.1.2242.12| 18,312| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.eventlog.dll| 15.1.2242.12| 12,672| 07-Jul-2021| 09:18| x64 \nMicrosoft.exchange.managedlexruntime.mppgruntime.dll| 15.1.2242.12| 20,872| 07-Jul-2021| 09:15| x86 \nMicrosoft.exchange.management.activedirectory.dll| 15.1.2242.12| 415,120| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.management.classificationdefinitions.dll| 15.1.2242.12| 1,269,624| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.management.compliancepolicy.dll| 15.1.2242.12| 39,304| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.management.controlpanel.basics.dll| 15.1.2242.12| 433,552| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.management.controlpanel.dll| 15.1.2242.12| 4,563,336| 07-Jul-2021| 13:19| x86 \nMicrosoft.exchange.management.controlpanel.owaoptionstrings.dll| 15.1.2242.12| 261,000| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.management.controlpanelmsg.dll| 15.1.2242.12| 33,656| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.management.deployment.analysis.dll| 15.1.2242.12| 94,096| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.management.deployment.dll| 15.1.2242.12| 591,248| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.management.deployment.xml.dll| 15.1.2242.12| 3,560,848| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.management.detailstemplates.dll| 15.1.2242.12| 67,984| 07-Jul-2021| 11:38| x86 \nMicrosoft.exchange.management.dll| 15.1.2242.12| 16,477,072| 07-Jul-2021| 11:22| x86 \nMicrosoft.exchange.management.edge.systemmanager.dll| 15.1.2242.12| 58,744| 07-Jul-2021| 11:27| x86 \nMicrosoft.exchange.management.infrastructure.asynchronoustask.dll| 15.1.2242.12| 23,952| 07-Jul-2021| 11:27| x86 \nMicrosoft.exchange.management.jitprovisioning.dll| 15.1.2242.12| 101,760| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.management.migration.dll| 15.1.2242.12| 543,608| 07-Jul-2021| 11:25| x86 \nMicrosoft.exchange.management.mobility.dll| 15.1.2242.12| 305,016| 07-Jul-2021| 11:25| x86 \nMicrosoft.exchange.management.nativeresources.dll| 15.1.2242.12| 131,984| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.management.powershell.support.dll| 15.1.2242.12| 418,704| 07-Jul-2021| 11:25| x86 \nMicrosoft.exchange.management.provisioning.dll| 15.1.2242.12| 275,856| 07-Jul-2021| 11:29| x86 \nMicrosoft.exchange.management.psdirectinvoke.dll| 15.1.2242.12| 70,536| 07-Jul-2021| 11:33| x86 \nMicrosoft.exchange.management.rbacdefinition.dll| 15.1.2242.12| 7,873,928| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.management.recipient.dll| 15.1.2242.12| 1,500,048| 07-Jul-2021| 11:26| x86 \nMicrosoft.exchange.management.reportingwebservice.dll| 15.1.2242.12| 145,296| 07-Jul-2021| 11:40| x86 \nMicrosoft.exchange.management.reportingwebservice.eventlog.dll| 15.1.2242.12| 13,688| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.management.snapin.esm.dll| 15.1.2242.12| 71,568| 07-Jul-2021| 11:27| x86 \nMicrosoft.exchange.management.systemmanager.dll| 15.1.2242.12| 1,249,160| 07-Jul-2021| 11:25| x86 \nMicrosoft.exchange.management.transport.dll| 15.1.2242.12| 1,876,344| 07-Jul-2021| 11:31| x86 \nMicrosoft.exchange.managementgui.dll| 15.1.2242.12| 5,225,864| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.managementmsg.dll| 15.1.2242.12| 36,240| 07-Jul-2021| 09:20| x64 \nMicrosoft.exchange.mapihttpclient.dll| 15.1.2242.12| 117,624| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.mapihttphandler.dll| 15.1.2242.12| 209,808| 07-Jul-2021| 11:27| x86 \nMicrosoft.exchange.messagesecurity.dll| 15.1.2242.12| 79,736| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.messagesecurity.messagesecuritymsg.dll| 15.1.2242.12| 17,272| 07-Jul-2021| 09:18| x64 \nMicrosoft.exchange.messagingpolicies.dlppolicyagent.dll| 15.1.2242.12| 156,024| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.messagingpolicies.edgeagents.dll| 15.1.2242.12| 65,936| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.messagingpolicies.eventlog.dll| 15.1.2242.12| 30,584| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.messagingpolicies.filtering.dll| 15.1.2242.12| 58,232| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.messagingpolicies.hygienerules.dll| 15.1.2242.12| 29,584| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.messagingpolicies.journalagent.dll| 15.1.2242.12| 175,480| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.messagingpolicies.redirectionagent.dll| 15.1.2242.12| 28,560| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.messagingpolicies.retentionpolicyagent.dll| 15.1.2242.12| 75,144| 07-Jul-2021| 11:01| x86 \nMicrosoft.exchange.messagingpolicies.rmsvcagent.dll| 15.1.2242.12| 207,248| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.messagingpolicies.rules.dll| 15.1.2242.12| 440,712| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.messagingpolicies.supervisoryreviewagent.dll| 15.1.2242.12| 83,344| 07-Jul-2021| 11:01| x86 \nMicrosoft.exchange.messagingpolicies.transportruleagent.dll| 15.1.2242.12| 35,216| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.messagingpolicies.unifiedpolicycommon.dll| 15.1.2242.12| 53,128| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.messagingpolicies.unjournalagent.dll| 15.1.2242.12| 96,632| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.migration.dll| 15.1.2242.12| 1,110,416| 07-Jul-2021| 11:05| x86 \nMicrosoft.exchange.migrationworkflowservice.eventlog.dll| 15.1.2242.12| 14,712| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.mobiledriver.dll| 15.1.2242.12| 135,544| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.monitoring.activemonitoring.local.components.dll| 15.1.2242.12| 5,155,704| 07-Jul-2021| 12:11| x86 \nMicrosoft.exchange.monitoring.servicecontextprovider.dll| 15.1.2242.12| 19,848| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.mrsmlbconfiguration.dll| 15.1.2242.12| 68,488| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.net.dll| 15.1.2242.12| 5,084,040| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.net.rightsmanagement.dll| 15.1.2242.12| 265,608| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.networksettings.dll| 15.1.2242.12| 37,752| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.notifications.broker.eventlog.dll| 15.1.2242.12| 14,216| 07-Jul-2021| 09:16| x64 \nMicrosoft.exchange.notifications.broker.exe| 15.1.2242.12| 549,752| 07-Jul-2021| 12:02| x86 \nMicrosoft.exchange.oabauthmodule.dll| 15.1.2242.12| 22,928| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.oabrequesthandler.dll| 15.1.2242.12| 106,384| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.oauth.core.dll| 15.1.2242.12| 291,728| 07-Jul-2021| 09:15| x86 \nMicrosoft.exchange.objectstoreclient.dll| 15.1.2242.12| 17,288| 07-Jul-2021| 09:18| x86 \nMicrosoft.exchange.odata.configuration.dll| 15.1.2242.12| 277,880| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.odata.dll| 15.1.2242.12| 2,992,520| 07-Jul-2021| 11:58| x86 \nMicrosoft.exchange.officegraph.common.dll| 15.1.2242.12| 88,968| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.officegraph.grain.dll| 15.1.2242.12| 101,768| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.officegraph.graincow.dll| 15.1.2242.12| 38,264| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.officegraph.graineventbasedassistants.dll| 15.1.2242.12| 45,432| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.officegraph.grainpropagationengine.dll| 15.1.2242.12| 58,256| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.officegraph.graintransactionstorage.dll| 15.1.2242.12| 147,344| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.officegraph.graintransportdeliveryagent.dll| 15.1.2242.12| 26,488| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.officegraph.graphstore.dll| 15.1.2242.12| 184,200| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.officegraph.permailboxkeys.dll| 15.1.2242.12| 26,488| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.officegraph.secondarycopyquotamanagement.dll| 15.1.2242.12| 38,280| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.officegraph.secondaryshallowcopylocation.dll| 15.1.2242.12| 55,672| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.officegraph.security.dll| 15.1.2242.12| 147,320| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.officegraph.semanticgraph.dll| 15.1.2242.12| 191,864| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.officegraph.tasklogger.dll| 15.1.2242.12| 33,680| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.partitioncache.dll| 15.1.2242.12| 28,024| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.passivemonitoringsettings.dll| 15.1.2242.12| 32,656| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.photogarbagecollectionservicelet.dll| 15.1.2242.12| 15,248| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.pop3.eventlog.dll| 15.1.2242.12| 17,296| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.pop3.eventlog.dll.fe| 15.1.2242.12| 17,296| 07-Jul-2021| 09:19| Not applicable \nMicrosoft.exchange.pop3.exe| 15.1.2242.12| 106,896| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.pop3.exe.fe| 15.1.2242.12| 106,896| 07-Jul-2021| 10:57| Not applicable \nMicrosoft.exchange.pop3service.exe| 15.1.2242.12| 24,976| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.pop3service.exe.fe| 15.1.2242.12| 24,976| 07-Jul-2021| 10:57| Not applicable \nMicrosoft.exchange.popconfiguration.dl1| 15.1.2242.12| 42,896| 07-Jul-2021| 10:57| Not applicable \nMicrosoft.exchange.popimap.core.dll| 15.1.2242.12| 264,056| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.popimap.core.dll.fe| 15.1.2242.12| 264,056| 07-Jul-2021| 10:57| Not applicable \nMicrosoft.exchange.powersharp.dll| 15.1.2242.12| 358,264| 07-Jul-2021| 09:19| x86 \nMicrosoft.exchange.powersharp.management.dll| 15.1.2242.12| 4,168,072| 07-Jul-2021| 11:33| x86 \nMicrosoft.exchange.powershell.configuration.dll| 15.1.2242.12| 326,024| 07-Jul-2021| 11:35| x64 \nMicrosoft.exchange.powershell.rbachostingtools.dll| 15.1.2242.12| 41,352| 07-Jul-2021| 11:35| x86 \nMicrosoft.exchange.protectedservicehost.exe| 15.1.2242.12| 30,608| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.protocols.fasttransfer.dll| 15.1.2242.12| 135,032| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.protocols.mapi.dll| 15.1.2242.12| 436,616| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.provisioning.eventlog.dll| 15.1.2242.12| 14,216| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.provisioningagent.dll| 15.1.2242.12| 224,120| 07-Jul-2021| 11:25| x86 \nMicrosoft.exchange.provisioningservicelet.dll| 15.1.2242.12| 105,848| 07-Jul-2021| 11:25| x86 \nMicrosoft.exchange.pst.dll| 15.1.2242.12| 168,840| 07-Jul-2021| 09:15| x86 \nMicrosoft.exchange.pst.dll.deploy| 15.1.2242.12| 168,840| 07-Jul-2021| 09:15| Not applicable \nMicrosoft.exchange.pswsclient.dll| 15.1.2242.12| 259,464| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.publicfolders.dll| 15.1.2242.12| 72,080| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.pushnotifications.crimsonevents.dll| 15.1.2242.12| 215,944| 07-Jul-2021| 09:18| x64 \nMicrosoft.exchange.pushnotifications.dll| 15.1.2242.12| 106,896| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.pushnotifications.publishers.dll| 15.1.2242.12| 425,872| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.pushnotifications.server.dll| 15.1.2242.12| 70,536| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.query.analysis.dll| 15.1.2242.12| 46,456| 07-Jul-2021| 11:05| x86 \nMicrosoft.exchange.query.configuration.dll| 15.1.2242.12| 206,728| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.query.core.dll| 15.1.2242.12| 163,192| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.query.ranking.dll| 15.1.2242.12| 342,408| 07-Jul-2021| 11:05| x86 \nMicrosoft.exchange.query.retrieval.dll| 15.1.2242.12| 149,392| 07-Jul-2021| 11:07| x86 \nMicrosoft.exchange.query.suggestions.dll| 15.1.2242.12| 95,096| 07-Jul-2021| 11:03| x86 \nMicrosoft.exchange.realtimeanalyticspublisherservicelet.dll| 15.1.2242.12| 127,352| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.relevance.core.dll| 15.1.2242.12| 63,360| 07-Jul-2021| 09:16| x86 \nMicrosoft.exchange.relevance.data.dll| 15.1.2242.12| 36,752| 07-Jul-2021| 10:57| x64 \nMicrosoft.exchange.relevance.mailtagger.dll| 15.1.2242.12| 17,808| 07-Jul-2021| 09:31| x64 \nMicrosoft.exchange.relevance.people.dll| 15.1.2242.12| 9,666,952| 07-Jul-2021| 11:01| x86 \nMicrosoft.exchange.relevance.peopleindex.dll| 15.1.2242.12| 20,788,088| 07-Jul-2021| 10:57| x64 \nMicrosoft.exchange.relevance.peopleranker.dll| 15.1.2242.12| 36,744| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.relevance.perm.dll| 15.1.2242.12| 97,672| 07-Jul-2021| 09:16| x64 \nMicrosoft.exchange.relevance.sassuggest.dll| 15.1.2242.12| 28,552| 07-Jul-2021| 10:57| x64 \nMicrosoft.exchange.relevance.upm.dll| 15.1.2242.12| 72,080| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.routing.client.dll| 15.1.2242.12| 15,736| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.routing.eventlog.dll| 15.1.2242.12| 13,176| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.routing.server.exe| 15.1.2242.12| 59,256| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.rpc.dll| 15.1.2242.12| 1,639,304| 07-Jul-2021| 10:57| x64 \nMicrosoft.exchange.rpcclientaccess.dll| 15.1.2242.12| 209,808| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.rpcclientaccess.exmonhandler.dll| 15.1.2242.12| 60,280| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.rpcclientaccess.handler.dll| 15.1.2242.12| 517,520| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.rpcclientaccess.monitoring.dll| 15.1.2242.12| 161,168| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.rpcclientaccess.parser.dll| 15.1.2242.12| 721,808| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.rpcclientaccess.server.dll| 15.1.2242.12| 243,088| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.rpcclientaccess.service.eventlog.dll| 15.1.2242.12| 20,856| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.rpcclientaccess.service.exe| 15.1.2242.12| 35,216| 07-Jul-2021| 11:25| x86 \nMicrosoft.exchange.rpchttpmodules.dll| 15.1.2242.12| 42,384| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.dll| 15.1.2242.12| 56,200| 07-Jul-2021| 11:25| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.eventlog.dll| 15.1.2242.12| 27,528| 07-Jul-2021| 09:16| x64 \nMicrosoft.exchange.rules.common.dll| 15.1.2242.12| 130,440| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.saclwatcher.eventlog.dll| 15.1.2242.12| 14,720| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.saclwatcherservicelet.dll| 15.1.2242.12| 20,368| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.safehtml.dll| 15.1.2242.12| 21,384| 07-Jul-2021| 09:15| x86 \nMicrosoft.exchange.sandbox.activities.dll| 15.1.2242.12| 267,656| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.sandbox.contacts.dll| 15.1.2242.12| 110,976| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.sandbox.core.dll| 15.1.2242.12| 112,520| 07-Jul-2021| 09:15| x86 \nMicrosoft.exchange.sandbox.services.dll| 15.1.2242.12| 622,472| 07-Jul-2021| 09:18| x86 \nMicrosoft.exchange.search.bigfunnel.dll| 15.1.2242.12| 162,184| 07-Jul-2021| 11:05| x86 \nMicrosoft.exchange.search.bigfunnel.eventlog.dll| 15.1.2242.12| 12,152| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.search.blingwrapper.dll| 15.1.2242.12| 19,336| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.search.core.dll| 15.1.2242.12| 209,808| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.search.ediscoveryquery.dll| 15.1.2242.12| 17,808| 07-Jul-2021| 11:07| x86 \nMicrosoft.exchange.search.engine.dll| 15.1.2242.12| 96,656| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.search.fast.configuration.dll| 15.1.2242.12| 16,776| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.search.fast.dll| 15.1.2242.12| 435,072| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.search.files.dll| 15.1.2242.12| 274,296| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.search.flighting.dll| 15.1.2242.12| 24,952| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.search.mdb.dll| 15.1.2242.12| 219,000| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.search.service.exe| 15.1.2242.12| 26,504| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.security.applicationencryption.dll| 15.1.2242.12| 162,168| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.security.dll| 15.1.2242.12| 1,555,848| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.security.msarpsservice.exe| 15.1.2242.12| 19,856| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.security.securitymsg.dll| 15.1.2242.12| 28,560| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.server.storage.admininterface.dll| 15.1.2242.12| 222,600| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.server.storage.common.dll| 15.1.2242.12| 1,110,928| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.server.storage.diagnostics.dll| 15.1.2242.12| 212,368| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.server.storage.directoryservices.dll| 15.1.2242.12| 113,528| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.server.storage.esebackinterop.dll| 15.1.2242.12| 82,824| 07-Jul-2021| 10:57| x64 \nMicrosoft.exchange.server.storage.eventlog.dll| 15.1.2242.12| 80,776| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.server.storage.fulltextindex.dll| 15.1.2242.12| 66,424| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.server.storage.ha.dll| 15.1.2242.12| 81,272| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.server.storage.lazyindexing.dll| 15.1.2242.12| 208,264| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.server.storage.logicaldatamodel.dll| 15.1.2242.12| 1,163,144| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.server.storage.mapidisp.dll| 15.1.2242.12| 504,200| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.server.storage.multimailboxsearch.dll| 15.1.2242.12| 47,496| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.server.storage.physicalaccess.dll| 15.1.2242.12| 848,264| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.server.storage.propertydefinitions.dll| 15.1.2242.12| 1,219,976| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.server.storage.propertytag.dll| 15.1.2242.12| 30,584| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.server.storage.rpcproxy.dll| 15.1.2242.12| 120,720| 07-Jul-2021| 11:01| x86 \nMicrosoft.exchange.server.storage.storecommonservices.dll| 15.1.2242.12| 1,009,552| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.server.storage.storeintegritycheck.dll| 15.1.2242.12| 110,968| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.server.storage.workermanager.dll| 15.1.2242.12| 34,696| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.server.storage.xpress.dll| 15.1.2242.12| 19,344| 07-Jul-2021| 09:19| x86 \nMicrosoft.exchange.servicehost.eventlog.dll| 15.1.2242.12| 14,712| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.servicehost.exe| 15.1.2242.12| 60,816| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.dll| 15.1.2242.12| 50,568| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.eventlog.dll| 15.1.2242.12| 14,216| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.servicelets.unifiedpolicysyncservicelet.eventlog.dll| 15.1.2242.12| 14,216| 07-Jul-2021| 09:18| x64 \nMicrosoft.exchange.services.common.dll| 15.1.2242.12| 74,104| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.services.dll| 15.1.2242.12| 8,476,536| 07-Jul-2021| 11:41| x86 \nMicrosoft.exchange.services.eventlogs.dll| 15.1.2242.12| 30,088| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.services.ewshandler.dll| 15.1.2242.12| 633,720| 07-Jul-2021| 11:55| x86 \nMicrosoft.exchange.services.ewsserialization.dll| 15.1.2242.12| 1,651,080| 07-Jul-2021| 11:46| x86 \nMicrosoft.exchange.services.json.dll| 15.1.2242.12| 296,336| 07-Jul-2021| 11:51| x86 \nMicrosoft.exchange.services.messaging.dll| 15.1.2242.12| 43,400| 07-Jul-2021| 11:44| x86 \nMicrosoft.exchange.services.onlinemeetings.dll| 15.1.2242.12| 233,336| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.services.surface.dll| 15.1.2242.12| 178,552| 07-Jul-2021| 11:52| x86 \nMicrosoft.exchange.services.wcf.dll| 15.1.2242.12| 348,552| 07-Jul-2021| 11:48| x86 \nMicrosoft.exchange.setup.acquirelanguagepack.dll| 15.1.2242.12| 56,720| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.setup.bootstrapper.common.dll| 15.1.2242.12| 94,584| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.setup.common.dll| 15.1.2242.12| 297,360| 07-Jul-2021| 11:39| x86 \nMicrosoft.exchange.setup.commonbase.dll| 15.1.2242.12| 35,704| 07-Jul-2021| 11:27| x86 \nMicrosoft.exchange.setup.console.dll| 15.1.2242.12| 27,016| 07-Jul-2021| 11:42| x86 \nMicrosoft.exchange.setup.gui.dll| 15.1.2242.12| 115,080| 07-Jul-2021| 11:41| x86 \nMicrosoft.exchange.setup.parser.dll| 15.1.2242.12| 54,136| 07-Jul-2021| 11:25| x86 \nMicrosoft.exchange.setup.signverfwrapper.dll| 15.1.2242.12| 75,144| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.sharedcache.caches.dll| 15.1.2242.12| 142,712| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.sharedcache.client.dll| 15.1.2242.12| 24,952| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.sharedcache.eventlog.dll| 15.1.2242.12| 15,240| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.sharedcache.exe| 15.1.2242.12| 58,760| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.sharepointsignalstore.dll| 15.1.2242.12| 27,016| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.slabmanifest.dll| 15.1.2242.12| 46,984| 07-Jul-2021| 09:15| x86 \nMicrosoft.exchange.sqm.dll| 15.1.2242.12| 46,992| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.store.service.exe| 15.1.2242.12| 28,048| 07-Jul-2021| 11:03| x86 \nMicrosoft.exchange.store.worker.exe| 15.1.2242.12| 26,512| 07-Jul-2021| 11:01| x86 \nMicrosoft.exchange.storeobjectsservice.eventlog.dll| 15.1.2242.12| 13,696| 07-Jul-2021| 09:15| x64 \nMicrosoft.exchange.storeobjectsservice.exe| 15.1.2242.12| 31,608| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.storeprovider.dll| 15.1.2242.12| 1,166,736| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.structuredquery.dll| 15.1.2242.12| 158,600| 07-Jul-2021| 09:16| x64 \nMicrosoft.exchange.symphonyhandler.dll| 15.1.2242.12| 628,112| 07-Jul-2021| 11:11| x86 \nMicrosoft.exchange.syncmigration.eventlog.dll| 15.1.2242.12| 13,192| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.syncmigrationservicelet.dll| 15.1.2242.12| 16,248| 07-Jul-2021| 11:26| x86 \nMicrosoft.exchange.systemprobemsg.dll| 15.1.2242.12| 13,192| 07-Jul-2021| 09:18| x64 \nMicrosoft.exchange.textprocessing.dll| 15.1.2242.12| 221,584| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.textprocessing.eventlog.dll| 15.1.2242.12| 13,712| 07-Jul-2021| 09:16| x64 \nMicrosoft.exchange.transport.agent.addressbookpolicyroutingagent.dll| 15.1.2242.12| 29,064| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.agent.antispam.common.dll| 15.1.2242.12| 138,616| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.agent.contentfilter.cominterop.dll| 15.1.2242.12| 21,904| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.agent.controlflow.dll| 15.1.2242.12| 40,328| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.agent.faultinjectionagent.dll| 15.1.2242.12| 22,920| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.agent.frontendproxyagent.dll| 15.1.2242.12| 21,392| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.agent.hygiene.dll| 15.1.2242.12| 212,344| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.transport.agent.interceptoragent.dll| 15.1.2242.12| 98,696| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.transport.agent.liveidauth.dll| 15.1.2242.12| 22,920| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.agent.malware.dll| 15.1.2242.12| 169,360| 07-Jul-2021| 11:08| x86 \nMicrosoft.exchange.transport.agent.malware.eventlog.dll| 15.1.2242.12| 18,312| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.transport.agent.phishingdetection.dll| 15.1.2242.12| 20,872| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.agent.prioritization.dll| 15.1.2242.12| 31,608| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.agent.protocolanalysis.dbaccess.dll| 15.1.2242.12| 46,984| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.agent.search.dll| 15.1.2242.12| 30,096| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.agent.senderid.core.dll| 15.1.2242.12| 53,136| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.agent.sharedmailboxsentitemsroutingagent.dll| 15.1.2242.12| 44,920| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.agent.systemprobedrop.dll| 15.1.2242.12| 18,296| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.agent.transportfeatureoverrideagent.dll| 15.1.2242.12| 46,472| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.transport.agent.trustedmailagents.dll| 15.1.2242.12| 46,472| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.cloudmonitor.common.dll| 15.1.2242.12| 28,040| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.transport.common.dll| 15.1.2242.12| 457,096| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.contracts.dll| 15.1.2242.12| 18,296| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.decisionengine.dll| 15.1.2242.12| 30,608| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.dll| 15.1.2242.12| 4,181,904| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.dsapiclient.dll| 15.1.2242.12| 182,144| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.eventlog.dll| 15.1.2242.12| 121,736| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.transport.extensibility.dll| 15.1.2242.12| 403,336| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.extensibilityeventlog.dll| 15.1.2242.12| 14,720| 07-Jul-2021| 09:18| x64 \nMicrosoft.exchange.transport.flighting.dll| 15.1.2242.12| 86,928| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.logging.dll| 15.1.2242.12| 88,968| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.logging.search.dll| 15.1.2242.12| 68,488| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.loggingcommon.dll| 15.1.2242.12| 63,352| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.monitoring.dll| 15.1.2242.12| 430,456| 07-Jul-2021| 12:13| x86 \nMicrosoft.exchange.transport.net.dll| 15.1.2242.12| 122,232| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.protocols.contracts.dll| 15.1.2242.12| 17,784| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.protocols.dll| 15.1.2242.12| 29,048| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.protocols.httpsubmission.dll| 15.1.2242.12| 60,792| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.requestbroker.dll| 15.1.2242.12| 50,056| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.transport.scheduler.contracts.dll| 15.1.2242.12| 33,144| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.scheduler.dll| 15.1.2242.12| 113,016| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.smtpshared.dll| 15.1.2242.12| 18,312| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.transport.storage.contracts.dll| 15.1.2242.12| 52,104| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.storage.dll| 15.1.2242.12| 675,192| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.storage.management.dll| 15.1.2242.12| 21,896| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.transport.sync.agents.dll| 15.1.2242.12| 17,800| 07-Jul-2021| 11:01| x86 \nMicrosoft.exchange.transport.sync.common.dll| 15.1.2242.12| 487,288| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.transport.sync.common.eventlog.dll| 15.1.2242.12| 12,688| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.transport.sync.manager.dll| 15.1.2242.12| 306,048| 07-Jul-2021| 11:02| x86 \nMicrosoft.exchange.transport.sync.manager.eventlog.dll| 15.1.2242.12| 15,736| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.transport.sync.migrationrpc.dll| 15.1.2242.12| 46,472| 07-Jul-2021| 11:02| x86 \nMicrosoft.exchange.transport.sync.worker.dll| 15.1.2242.12| 1,044,368| 07-Jul-2021| 11:05| x86 \nMicrosoft.exchange.transport.sync.worker.eventlog.dll| 15.1.2242.12| 15,240| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.transportlogsearch.eventlog.dll| 15.1.2242.12| 18,808| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.transportsyncmanagersvc.exe| 15.1.2242.12| 18,808| 07-Jul-2021| 11:04| x86 \nMicrosoft.exchange.um.callrouter.exe| 15.1.2242.12| 22,416| 07-Jul-2021| 11:01| x86 \nMicrosoft.exchange.um.clientstrings.dll| 15.1.2242.12| 60,304| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.um.grammars.dll| 15.1.2242.12| 211,832| 07-Jul-2021| 09:19| x86 \nMicrosoft.exchange.um.lad.dll| 15.1.2242.12| 120,720| 07-Jul-2021| 09:16| x64 \nMicrosoft.exchange.um.prompts.dll| 15.1.2242.12| 214,904| 07-Jul-2021| 09:18| x86 \nMicrosoft.exchange.um.troubleshootingtool.shared.dll| 15.1.2242.12| 118,672| 07-Jul-2021| 09:31| x86 \nMicrosoft.exchange.um.ucmaplatform.dll| 15.1.2242.12| 239,480| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.um.umcommon.dll| 15.1.2242.12| 925,048| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.um.umcore.dll| 15.1.2242.12| 1,471,888| 07-Jul-2021| 11:00| x86 \nMicrosoft.exchange.um.umvariantconfiguration.dll| 15.1.2242.12| 32,648| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.unifiedcontent.dll| 15.1.2242.12| 41,872| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.unifiedcontent.exchange.dll| 15.1.2242.12| 24,976| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.unifiedmessaging.eventlog.dll| 15.1.2242.12| 130,424| 07-Jul-2021| 09:29| x64 \nMicrosoft.exchange.unifiedpolicyfilesync.eventlog.dll| 15.1.2242.12| 15,224| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.unifiedpolicyfilesyncservicelet.dll| 15.1.2242.12| 83,320| 07-Jul-2021| 11:25| x86 \nMicrosoft.exchange.unifiedpolicysyncservicelet.dll| 15.1.2242.12| 50,040| 07-Jul-2021| 11:25| x86 \nMicrosoft.exchange.variantconfiguration.antispam.dll| 15.1.2242.12| 642,448| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.variantconfiguration.core.dll| 15.1.2242.12| 186,256| 07-Jul-2021| 09:16| x86 \nMicrosoft.exchange.variantconfiguration.dll| 15.1.2242.12| 67,472| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.variantconfiguration.eventlog.dll| 15.1.2242.12| 12,688| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.variantconfiguration.excore.dll| 15.1.2242.12| 56,712| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.variantconfiguration.globalsettings.dll| 15.1.2242.12| 27,536| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.variantconfiguration.hygiene.dll| 15.1.2242.12| 120,696| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.variantconfiguration.protectionservice.dll| 15.1.2242.12| 31,624| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.variantconfiguration.threatintel.dll| 15.1.2242.12| 57,208| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.webservices.auth.dll| 15.1.2242.12| 35,720| 07-Jul-2021| 09:18| x86 \nMicrosoft.exchange.webservices.dll| 15.1.2242.12| 1,054,088| 07-Jul-2021| 09:16| x86 \nMicrosoft.exchange.webservices.xrm.dll| 15.1.2242.12| 67,984| 07-Jul-2021| 09:18| x86 \nMicrosoft.exchange.wlmservicelet.dll| 15.1.2242.12| 23,440| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.wopiclient.dll| 15.1.2242.12| 77,192| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.workingset.signalapi.dll| 15.1.2242.12| 17,272| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.workingsetabstraction.signalapiabstraction.dll| 15.1.2242.12| 29,072| 07-Jul-2021| 09:29| x86 \nMicrosoft.exchange.workloadmanagement.dll| 15.1.2242.12| 505,224| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.workloadmanagement.eventlogs.dll| 15.1.2242.12| 14,736| 07-Jul-2021| 09:19| x64 \nMicrosoft.exchange.workloadmanagement.throttling.configuration.dll| 15.1.2242.12| 36,752| 07-Jul-2021| 10:57| x86 \nMicrosoft.exchange.workloadmanagement.throttling.dll| 15.1.2242.12| 66,448| 07-Jul-2021| 10:57| x86 \nMicrosoft.fast.contextlogger.json.dll| 15.1.2242.12| 19,328| 07-Jul-2021| 09:15| x86 \nMicrosoft.filtering.dll| 15.1.2242.12| 113,032| 07-Jul-2021| 10:57| x86 \nMicrosoft.filtering.exchange.dll| 15.1.2242.12| 57,232| 07-Jul-2021| 10:57| x86 \nMicrosoft.filtering.interop.dll| 15.1.2242.12| 15,224| 07-Jul-2021| 10:57| x86 \nMicrosoft.forefront.activedirectoryconnector.dll| 15.1.2242.12| 46,968| 07-Jul-2021| 10:57| x86 \nMicrosoft.forefront.activedirectoryconnector.eventlog.dll| 15.1.2242.12| 15,736| 07-Jul-2021| 09:29| x64 \nMicrosoft.forefront.filtering.common.dll| 15.1.2242.12| 23,944| 07-Jul-2021| 09:19| x86 \nMicrosoft.forefront.filtering.diagnostics.dll| 15.1.2242.12| 22,408| 07-Jul-2021| 09:15| x86 \nMicrosoft.forefront.filtering.eventpublisher.dll| 15.1.2242.12| 34,696| 07-Jul-2021| 09:20| x86 \nMicrosoft.forefront.management.powershell.format.ps1xml| Not applicable| 48,894| 07-Jul-2021| 11:37| Not applicable \nMicrosoft.forefront.management.powershell.types.ps1xml| Not applicable| 16,317| 07-Jul-2021| 11:37| Not applicable \nMicrosoft.forefront.monitoring.activemonitoring.local.components.dll| 15.1.2242.12| 1,517,960| 07-Jul-2021| 12:15| x86 \nMicrosoft.forefront.monitoring.activemonitoring.local.components.messages.dll| 15.1.2242.12| 13,200| 07-Jul-2021| 09:19| x64 \nMicrosoft.forefront.monitoring.management.outsidein.dll| 15.1.2242.12| 33,144| 07-Jul-2021| 11:58| x86 \nMicrosoft.forefront.recoveryactionarbiter.contract.dll| 15.1.2242.12| 18,312| 07-Jul-2021| 09:15| x86 \nMicrosoft.forefront.reporting.common.dll| 15.1.2242.12| 46,480| 07-Jul-2021| 10:57| x86 \nMicrosoft.forefront.reporting.ondemandquery.dll| 15.1.2242.12| 50,576| 07-Jul-2021| 10:57| x86 \nMicrosoft.isam.esent.collections.dll| 15.1.2242.12| 72,584| 07-Jul-2021| 10:57| x86 \nMicrosoft.isam.esent.interop.dll| 15.1.2242.12| 533,896| 07-Jul-2021| 09:29| x86 \nMicrosoft.managementgui.dll| 15.1.2242.12| 133,512| 07-Jul-2021| 09:15| x86 \nMicrosoft.mce.interop.dll| 15.1.2242.12| 24,448| 07-Jul-2021| 09:15| x86 \nMicrosoft.office.audit.dll| 15.1.2242.12| 123,792| 07-Jul-2021| 09:15| x86 \nMicrosoft.office.client.discovery.unifiedexport.dll| 15.1.2242.12| 593,296| 07-Jul-2021| 10:57| x86 \nMicrosoft.office.common.ipcommonlogger.dll| 15.1.2242.12| 42,376| 07-Jul-2021| 10:57| x86 \nMicrosoft.office.compliance.console.core.dll| 15.1.2242.12| 217,992| 07-Jul-2021| 13:21| x86 \nMicrosoft.office.compliance.console.dll| 15.1.2242.12| 854,904| 07-Jul-2021| 13:30| x86 \nMicrosoft.office.compliance.console.extensions.dll| 15.1.2242.12| 485,768| 07-Jul-2021| 13:25| x86 \nMicrosoft.office.compliance.core.dll| 15.1.2242.12| 413,064| 07-Jul-2021| 10:57| x86 \nMicrosoft.office.compliance.ingestion.dll| 15.1.2242.12| 36,232| 07-Jul-2021| 10:57| x86 \nMicrosoft.office.compliancepolicy.exchange.dar.dll| 15.1.2242.12| 84,864| 07-Jul-2021| 10:57| x86 \nMicrosoft.office.compliancepolicy.platform.dll| 15.1.2242.12| 1,782,152| 07-Jul-2021| 09:29| x86 \nMicrosoft.office.datacenter.activemonitoring.management.common.dll| 15.1.2242.12| 49,544| 07-Jul-2021| 10:57| x86 \nMicrosoft.office.datacenter.activemonitoring.management.dll| 15.1.2242.12| 27,536| 07-Jul-2021| 10:57| x86 \nMicrosoft.office.datacenter.activemonitoringlocal.dll| 15.1.2242.12| 174,984| 07-Jul-2021| 10:57| x86 \nMicrosoft.office.datacenter.monitoring.activemonitoring.recovery.dll| 15.1.2242.12| 165,776| 07-Jul-2021| 10:57| x86 \nMicrosoft.office365.datainsights.uploader.dll| 15.1.2242.12| 40,328| 07-Jul-2021| 09:15| x86 \nMicrosoft.online.box.shell.dll| 15.1.2242.12| 46,456| 07-Jul-2021| 09:16| x86 \nMicrosoft.powershell.hostingtools.dll| 15.1.2242.12| 67,984| 07-Jul-2021| 09:16| x86 \nMicrosoft.powershell.hostingtools_2.dll| 15.1.2242.12| 67,984| 07-Jul-2021| 09:16| x86 \nMicrosoft.tailoredexperiences.core.dll| 15.1.2242.12| 120,200| 07-Jul-2021| 10:57| x86 \nMigrateumcustomprompts.ps1| Not applicable| 19,122| 07-Jul-2021| 09:29| Not applicable \nModernpublicfoldertomailboxmapgenerator.ps1| Not applicable| 29,064| 07-Jul-2021| 09:29| Not applicable \nMovemailbox.ps1| Not applicable| 61,180| 07-Jul-2021| 09:29| Not applicable \nMovetransportdatabase.ps1| Not applicable| 30,602| 07-Jul-2021| 09:29| Not applicable \nMove_publicfolderbranch.ps1| Not applicable| 17,532| 07-Jul-2021| 09:29| Not applicable \nMpgearparser.dll| 15.1.2242.12| 99,704| 07-Jul-2021| 09:19| x64 \nMsclassificationadapter.dll| 15.1.2242.12| 248,712| 07-Jul-2021| 09:29| x64 \nMsexchangecompliance.exe| 15.1.2242.12| 78,728| 07-Jul-2021| 11:13| x86 \nMsexchangedagmgmt.exe| 15.1.2242.12| 25,464| 07-Jul-2021| 11:00| x86 \nMsexchangedelivery.exe| 15.1.2242.12| 38,776| 07-Jul-2021| 11:00| x86 \nMsexchangefrontendtransport.exe| 15.1.2242.12| 31,608| 07-Jul-2021| 10:57| x86 \nMsexchangehmhost.exe| 15.1.2242.12| 27,016| 07-Jul-2021| 12:14| x86 \nMsexchangehmrecovery.exe| 15.1.2242.12| 29,584| 07-Jul-2021| 10:57| x86 \nMsexchangemailboxassistants.exe| 15.1.2242.12| 72,592| 07-Jul-2021| 10:57| x86 \nMsexchangemailboxreplication.exe| 15.1.2242.12| 20,872| 07-Jul-2021| 11:07| x86 \nMsexchangemigrationworkflow.exe| 15.1.2242.12| 69,008| 07-Jul-2021| 11:14| x86 \nMsexchangerepl.exe| 15.1.2242.12| 71,040| 07-Jul-2021| 11:00| x86 \nMsexchangesubmission.exe| 15.1.2242.12| 123,280| 07-Jul-2021| 11:06| x86 \nMsexchangethrottling.exe| 15.1.2242.12| 39,800| 07-Jul-2021| 10:57| x86 \nMsexchangetransport.exe| 15.1.2242.12| 74,104| 07-Jul-2021| 10:57| x86 \nMsexchangetransportlogsearch.exe| 15.1.2242.12| 139,128| 07-Jul-2021| 10:57| x86 \nMsexchangewatchdog.exe| 15.1.2242.12| 55,688| 07-Jul-2021| 09:29| x64 \nMspatchlinterop.dll| 15.1.2242.12| 53,648| 07-Jul-2021| 09:31| x64 \nNativehttpproxy.dll| 15.1.2242.12| 91,528| 07-Jul-2021| 09:20| x64 \nNavigatorparser.dll| 15.1.2242.12| 636,808| 07-Jul-2021| 09:29| x64 \nNego2nativeinterface.dll| 15.1.2242.12| 19,344| 07-Jul-2021| 09:18| x64 \nNegotiateclientcertificatemodule.dll| 15.1.2242.12| 30,072| 07-Jul-2021| 09:18| x64 \nNewtestcasconnectivityuser.ps1| Not applicable| 22,284| 07-Jul-2021| 09:29| Not applicable \nNewtestcasconnectivityuserhosting.ps1| Not applicable| 24,579| 07-Jul-2021| 09:29| Not applicable \nNtspxgen.dll| 15.1.2242.12| 80,776| 07-Jul-2021| 09:20| x64 \nOleconverter.exe| 15.1.2242.12| 173,960| 07-Jul-2021| 09:20| x64 \nOutsideinmodule.dll| 15.1.2242.12| 87,928| 07-Jul-2021| 09:29| x64 \nOwaauth.dll| 15.1.2242.12| 92,040| 07-Jul-2021| 09:29| x64 \nOwasmime.msi| Not applicable| 716,800| 07-Jul-2021| 09:29| Not applicable \nPerf_common_extrace.dll| 15.1.2242.12| 245,112| 07-Jul-2021| 09:16| x64 \nPerf_exchmem.dll| 15.1.2242.12| 85,904| 07-Jul-2021| 09:19| x64 \nPipeline2.dll| 15.1.2242.12| 1,454,480| 07-Jul-2021| 10:57| x64 \nPowershell.rbachostingtools.dll_1bf4f3e363ef418781685d1a60da11c1| 15.1.2242.12| 41,352| 07-Jul-2021| 11:35| Not applicable \nPreparemoverequesthosting.ps1| Not applicable| 70,995| 07-Jul-2021| 09:29| Not applicable \nPrepare_moverequest.ps1| Not applicable| 73,229| 07-Jul-2021| 09:29| Not applicable \nProductinfo.managed.dll| 15.1.2242.12| 27,024| 07-Jul-2021| 09:16| x86 \nProxybinclientsstringsdll| 15.1.2242.12| 924,560| 07-Jul-2021| 09:29| x86 \nPublicfoldertomailboxmapgenerator.ps1| Not applicable| 23,238| 07-Jul-2021| 09:29| Not applicable \nQuietexe.exe| 15.1.2242.12| 14,728| 07-Jul-2021| 09:20| x86 \nRedistributeactivedatabases.ps1| Not applicable| 250,564| 07-Jul-2021| 09:29| Not applicable \nReinstalldefaulttransportagents.ps1| Not applicable| 21,675| 07-Jul-2021| 11:31| Not applicable \nRemoteexchange.ps1| Not applicable| 23,553| 07-Jul-2021| 11:35| Not applicable \nRemoveuserfrompfrecursive.ps1| Not applicable| 14,684| 07-Jul-2021| 09:29| Not applicable \nReplaceuserpermissiononpfrecursive.ps1| Not applicable| 15,002| 07-Jul-2021| 09:29| Not applicable \nReplaceuserwithuseronpfrecursive.ps1| Not applicable| 15,032| 07-Jul-2021| 09:29| Not applicable \nReplaycrimsonmsg.dll| 15.1.2242.12| 1,099,128| 07-Jul-2021| 09:16| x64 \nResetattachmentfilterentry.ps1| Not applicable| 15,496| 07-Jul-2021| 11:31| Not applicable \nResetcasservice.ps1| Not applicable| 21,727| 07-Jul-2021| 09:29| Not applicable \nReset_antispamupdates.ps1| Not applicable| 14,121| 07-Jul-2021| 09:29| Not applicable \nRestoreserveronprereqfailure.ps1| Not applicable| 15,121| 07-Jul-2021| 10:57| Not applicable \nResumemailboxdatabasecopy.ps1| Not applicable| 17,230| 07-Jul-2021| 09:29| Not applicable \nRightsmanagementwrapper.dll| 15.1.2242.12| 86,408| 07-Jul-2021| 09:29| x64 \nRollalternateserviceaccountpassword.ps1| Not applicable| 55,790| 07-Jul-2021| 09:29| Not applicable \nRpcperf.dll| 15.1.2242.12| 23,416| 07-Jul-2021| 09:20| x64 \nRpcproxyshim.dll| 15.1.2242.12| 39,304| 07-Jul-2021| 09:29| x64 \nRulesauditmsg.dll| 15.1.2242.12| 12,664| 07-Jul-2021| 09:29| x64 \nRwsperfcounters.xml| Not applicable| 23,024| 07-Jul-2021| 11:40| Not applicable \nSafehtmlnativewrapper.dll| 15.1.2242.12| 34,680| 07-Jul-2021| 09:19| x64 \nScanenginetest.exe| 15.1.2242.12| 956,296| 07-Jul-2021| 09:29| x64 \nScanningprocess.exe| 15.1.2242.12| 739,216| 07-Jul-2021| 10:57| x64 \nSearchdiagnosticinfo.ps1| Not applicable| 16,812| 07-Jul-2021| 09:29| Not applicable \nServicecontrol.ps1| Not applicable| 52,309| 07-Jul-2021| 10:57| Not applicable \nSetmailpublicfolderexternaladdress.ps1| Not applicable| 20,754| 07-Jul-2021| 09:29| Not applicable \nSettingsadapter.dll| 15.1.2242.12| 116,104| 07-Jul-2021| 09:29| x64 \nSetup.exe| 15.1.2242.12| 20,856| 07-Jul-2021| 10:57| x86 \nSetupui.exe| 15.1.2242.12| 49,016| 07-Jul-2021| 11:29| x86 \nSplit_publicfoldermailbox.ps1| Not applicable| 52,189| 07-Jul-2021| 09:29| Not applicable \nStartdagservermaintenance.ps1| Not applicable| 27,847| 07-Jul-2021| 09:29| Not applicable \nStatisticsutil.dll| 15.1.2242.12| 142,200| 07-Jul-2021| 09:29| x64 \nStopdagservermaintenance.ps1| Not applicable| 21,133| 07-Jul-2021| 09:29| Not applicable \nStoretsconstants.ps1| Not applicable| 15,830| 07-Jul-2021| 09:29| Not applicable \nStoretslibrary.ps1| Not applicable| 27,983| 07-Jul-2021| 09:29| Not applicable \nStore_mapi_net_bin_perf_x64_exrpcperf.dll| 15.1.2242.12| 28,552| 07-Jul-2021| 09:19| x64 \nSync_mailpublicfolders.ps1| Not applicable| 43,927| 07-Jul-2021| 09:29| Not applicable \nSync_modernmailpublicfolders.ps1| Not applicable| 43,973| 07-Jul-2021| 09:29| Not applicable \nTextconversionmodule.dll| 15.1.2242.12| 86,416| 07-Jul-2021| 09:29| x64 \nTroubleshoot_ci.ps1| Not applicable| 22,727| 07-Jul-2021| 09:29| Not applicable \nTroubleshoot_databaselatency.ps1| Not applicable| 33,433| 07-Jul-2021| 09:29| Not applicable \nTroubleshoot_databasespace.ps1| Not applicable| 30,029| 07-Jul-2021| 09:29| Not applicable \nUmservice.exe| 15.1.2242.12| 100,240| 07-Jul-2021| 11:02| x86 \nUmworkerprocess.exe| 15.1.2242.12| 38,280| 07-Jul-2021| 11:00| x86 \nUninstall_antispamagents.ps1| Not applicable| 15,493| 07-Jul-2021| 09:29| Not applicable \nUpdateapppoolmanagedframeworkversion.ps1| Not applicable| 14,030| 07-Jul-2021| 09:29| Not applicable \nUpdatecas.ps1| Not applicable| 32,968| 07-Jul-2021| 10:57| Not applicable \nUpdateconfigfiles.ps1| Not applicable| 19,722| 07-Jul-2021| 10:57| Not applicable \nUpdateserver.exe| 15.1.2242.12| 3,014,544| 07-Jul-2021| 09:31| x64 \nUpdate_malwarefilteringserver.ps1| Not applicable| 18,156| 07-Jul-2021| 09:29| Not applicable \nWeb.config_053c31bdd6824e95b35d61b0a5e7b62d| Not applicable| 31,816| 07-Jul-2021| 13:18| Not applicable \nWsbexchange.exe| 15.1.2242.12| 125,304| 07-Jul-2021| 09:31| x64 \nX400prox.dll| 15.1.2242.12| 103,296| 07-Jul-2021| 09:29| x64 \n_search.lingoperators.a| 15.1.2242.12| 34,704| 07-Jul-2021| 10:57| Not applicable \n_search.lingoperators.b| 15.1.2242.12| 34,704| 07-Jul-2021| 10:57| Not applicable \n_search.mailboxoperators.a| 15.1.2242.12| 289,160| 07-Jul-2021| 11:03| Not applicable \n_search.mailboxoperators.b| 15.1.2242.12| 289,160| 07-Jul-2021| 11:03| Not applicable \n_search.operatorschema.a| 15.1.2242.12| 483,192| 07-Jul-2021| 10:57| Not applicable \n_search.operatorschema.b| 15.1.2242.12| 483,192| 07-Jul-2021| 10:57| Not applicable \n_search.tokenoperators.a| 15.1.2242.12| 106,872| 07-Jul-2021| 10:57| Not applicable \n_search.tokenoperators.b| 15.1.2242.12| 106,872| 07-Jul-2021| 10:57| Not applicable \n_search.transportoperators.a| 15.1.2242.12| 64,904| 07-Jul-2021| 11:07| Not applicable \n_search.transportoperators.b| 15.1.2242.12| 64,904| 07-Jul-2021| 11:07| Not applicable \n \n## Information about protection and security\n\nProtect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151>)Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-07-13T00:00:00", "type": "mskb", "title": "Description of the security update for Microsoft Exchange Server 2016: July 13, 2021 (KB5004779)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.9, "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31196", "CVE-2021-31206", "CVE-2021-33768"], "modified": "2021-07-13T00:00:00", "id": "KB5004779", "href": "https://support.microsoft.com/en-us/help/5004779", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-28T09:54:39", "description": "None\nThis security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures (CVE):\n\n * [CVE-2021-31196 | Microsoft Exchange Server Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-31196>)\n * [CVE-2021-31206 | Microsoft Exchange Server Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-31206>)\n * [CVE-2021-34470 | Microsoft Exchange Server Elevation of Privilege Vulnerability](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-34470>)\n\n## Improvements in this update\n\n * The Exchange Server version number is now added to the HTTP response reply header. You can use this information to validate the security update status of Exchange-based servers in your network.\n\n**Important: **To be able to successfully install this security update, you must first follow the steps [in this article](<https://docs.microsoft.com/en-us/exchange/troubleshoot/administration/cannot-access-owa-or-ecp-if-oauth-expired>) to make sure that the server authentication certificate is present and is not expired. If the OAuth certificate is not present or is expired, republish the certificate before you install this update.\n\n## Known issues in this update\n\n * **Issue 1** \n \nWhen you try to manually install this security update by double-clicking the update file (.msp) to run it in Normal mode (that is, not as an administrator), some files are not correctly updated.When this issue occurs, you don\u2019t receive an error message or any indication that the security update was not correctly installed. However, Outlook Web Access (OWA) and the Exchange Control Panel (ECP) might stop working. \n \nThis issue occurs on servers that are using User Account Control (UAC). The issue occurs because the security update doesn\u2019t correctly stop certain Exchange-related services.\n\n**Note: **This issue does not occur if you install the update through Microsoft Update.\n\nTo avoid this issue, follow these steps to manually install this security update:\n 1. Select **Start**, and type **cmd**.\n 2. In the results, right-click **Command Prompt**, and then select **Run as administrator**.\n 3. If the **User Account Control** dialog box appears, verify that the default action is the action that you want, and then select **Continue**.\n 4. Type the full path of the .msp file, and then press Enter.\n * **Issue 2** \n \nExchange services might remain in a disabled state after you install this security update. This condition does not indicate that the update is not installed correctly. This condition might occur if the service control scripts experience a problem when they try to return Exchange services to their usual state. \n \nTo fix this issue, use Services Manager to restore the startup type to **Automatic**, and then start the affected Exchange services manually. To avoid this issue, run the security update at an elevated command prompt. For more information about how to open an elevated Command Prompt window, see [Start a Command Prompt as an Administrator](<https://technet.microsoft.com/en-us/library/cc947813\$v=ws.10\$.aspx>).\n * **Issue 3** \n \nWhen you block third-party cookies in a web browser, you might be continually prompted to trust a particular add-in even though you keep selecting the option to trust it. This issue occurs also in privacy window modes (such as InPrivate mode in Microsoft Edge). This issue occurs because browser restrictions prevent the response from being recorded. To record the response and enable the add-in, you must enable third-party cookies for the domain that's hosting OWA or Office Online Server in the browser settings. To enable this setting, refer to the specific support documentation for the browser.\n * **Issue 4** \n \nWhen you try to request free/busy information for a user in a different forest in a trusted cross-forest topology, the request fails and generates a \"(400) Bad Request\" error message. For more information and workarounds to this issue, see [\"(400) Bad Request\" error during Autodiscover for per-user free/busy in a trusted cross-forest topology](<https://support.microsoft.com/help/5003623>).\n * **Issue 5** \n \nAfter you install Microsoft Exchange Server 2019, 2016, or 2013, you can't access Outlook Web App (OWA) or Exchange Control Panel (ECP). For more information, see [Can't sign in to Outlook on the web or EAC if Exchange Server OAuth certificate is expired](<https://docs.microsoft.com/en-us/exchange/troubleshoot/administration/cannot-access-owa-or-ecp-if-oauth-expired>).\n\n## How to get and install the update\n\n### Method 1: Microsoft Update\n\nThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>).\n\n### Method 2: Microsoft Update Catalog\n\nTo get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5004778>) website.\n\n### Method 3: Microsoft Download Center\n\nYou can get the standalone update package through the Microsoft Download Center.\n\n * ![Download icon](https://support.content.office.net/en-us/media/2ae362dc-2179-d733-e930-e231c68a2c4a.png)[Download Security Update 10 for Exchange Server 2013 Cumulative Update 23 (KB5004778)](<https://www.microsoft.com/download/details.aspx?familyid=cae731a5-0d00-4f76-b2c6-84bd511e529f>)\n\n## More information\n\n### Security update deployment information\n\nFor deployment information about this update, see [security update deployment information: July 13, 2021](<https://support.microsoft.com/topic/24aa34b8-b210-41cf-adbb-44b8a9ae84dc>).\n\n### Security update replacement information\n\nThis security update replaces the following previously released updates:\n\n * [Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: May 11, 2021 (KB5003435)](<https://support.microsoft.com/help/5003435>)\n\n## File information\n\n### File hash information\n\nUpdate name| File name| | SHA256 hash \n---|---|---|--- \nExchange Server 2013 Cumulative Update 23| Exchange2013-KB5004778-x64-en.msp| | 661A09E1AB2F195DED29F5579108782FBA6D00D2A900EF9EE0F5F2F9CCD61DB6 \n \n### Exchange Server file information\n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.\n\n### \n\n__\n\nMicrosoft Exchange Server 2013 Cumulative Update 23\n\nFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nAdduserstopfrecursive.ps1| Not applicable| 15,054| 07-Jul-2021| 23:44| Not applicable \nAjaxcontroltoolkit.dll| 15.0.1497.23| 96,696| 07-Jul-2021| 23:45| x86 \nCafe_owaauth_dll| 15.0.1497.23| 91,568| 07-Jul-2021| 23:44| x64 \nCheckinvalidrecipients.ps1| Not applicable| 23,121| 07-Jul-2021| 23:44| Not applicable \nCitsconstants.ps1| Not applicable| 15,877| 07-Jul-2021| 23:45| Not applicable \nCitslibrary.ps1| Not applicable| 82,740| 07-Jul-2021| 23:45| Not applicable \nCitstypes.ps1| Not applicable| 14,540| 07-Jul-2021| 23:45| Not applicable \nCommonconnectfunctions.ps1| Not applicable| 30,007| 07-Jul-2021| 23:44| Not applicable \nConfigureadam.ps1| Not applicable| 23,383| 07-Jul-2021| 23:44| Not applicable \nConfigurecaferesponseheaders.ps1| Not applicable| 19,977| 07-Jul-2021| 23:44| Not applicable \nConfigurenetworkprotocolparameters.ps1| Not applicable| 19,348| 07-Jul-2021| 23:44| Not applicable \nConfiguresmbipsec.ps1| Not applicable| 39,903| 07-Jul-2021| 23:44| Not applicable \nConfigure_enterprisepartnerapplication.ps1| Not applicable| 22,332| 07-Jul-2021| 23:44| Not applicable \nConnectfunctions.ps1| Not applicable| 38,379| 07-Jul-2021| 23:44| Not applicable \nConnect_exchangeserver_help.xml| Not applicable| 30,432| 07-Jul-2021| 23:43| Not applicable \nConsoleinitialize.ps1| Not applicable| 24,308| 07-Jul-2021| 23:44| Not applicable \nConvertoabvdir.ps1| Not applicable| 20,129| 07-Jul-2021| 23:44| Not applicable \nConverttomessagelatency.ps1| Not applicable| 14,608| 07-Jul-2021| 23:44| Not applicable \nCts_microsoft.exchange.data.common.dll| 15.0.1497.23| 1,653,248| 07-Jul-2021| 23:45| x86 \nDiagnosticscriptcommonlibrary.ps1| Not applicable| 16,410| 07-Jul-2021| 23:45| Not applicable \nDisableinmemorytracing.ps1| Not applicable| 13,438| 07-Jul-2021| 23:44| Not applicable \nDisable_antimalwarescanning.ps1| Not applicable| 15,265| 07-Jul-2021| 23:44| Not applicable \nDisable_outsidein.ps1| Not applicable| 13,730| 07-Jul-2021| 23:45| Not applicable \nDup_cts_microsoft.exchange.data.common.dll| 15.0.1497.23| 1,653,248| 07-Jul-2021| 23:45| x86 \nDup_ext_microsoft.exchange.data.transport.dll| 15.0.1497.23| 396,752| 07-Jul-2021| 23:46| x86 \nEdgetransport.exe| 15.0.1497.23| 40,944| 07-Jul-2021| 23:45| x86 \nEnableinmemorytracing.ps1| Not applicable| 13,436| 07-Jul-2021| 23:45| Not applicable \nEnable_antimalwarescanning.ps1| Not applicable| 17,639| 07-Jul-2021| 23:45| Not applicable \nEnable_crossforestconnector.ps1| Not applicable| 18,674| 07-Jul-2021| 23:45| Not applicable \nEnable_outlookcertificateauthentication.ps1| Not applicable| 22,975| 07-Jul-2021| 23:45| Not applicable \nEnable_outsidein.ps1| Not applicable| 13,723| 07-Jul-2021| 23:45| Not applicable \nExchange.depthtwo.types.ps1xml| Not applicable| 38,399| 07-Jul-2021| 23:44| Not applicable \nExchange.format.ps1xml| Not applicable| 502,262| 07-Jul-2021| 23:44| Not applicable \nExchange.partial.types.ps1xml| Not applicable| 32,625| 07-Jul-2021| 23:44| Not applicable \nExchange.ps1| Not applicable| 20,595| 07-Jul-2021| 23:44| Not applicable \nExchange.support.format.ps1xml| Not applicable| 26,618| 07-Jul-2021| 23:45| Not applicable \nExchange.types.ps1xml| Not applicable| 334,333| 07-Jul-2021| 23:44| Not applicable \nExchucutil.ps1| Not applicable| 23,996| 07-Jul-2021| 23:45| Not applicable \nExportedgeconfig.ps1| Not applicable| 27,467| 07-Jul-2021| 23:45| Not applicable \nExport_mailpublicfoldersformigration.ps1| Not applicable| 36,594| 07-Jul-2021| 23:45| Not applicable \nExport_publicfolderstatistics.ps1| Not applicable| 23,205| 07-Jul-2021| 23:45| Not applicable \nExport_retentiontags.ps1| Not applicable| 17,120| 07-Jul-2021| 23:45| Not applicable \nExrpc32.dll| 15.0.1497.23| 1,683,376| 07-Jul-2021| 23:45| x64 \nExsetdata.dll| 15.0.1497.23| 1,749,936| 07-Jul-2021| 23:44| x64 \nExsetup.exe| 15.0.1497.23| 35,328| 07-Jul-2021| 23:45| x86 \nExsetupui.exe| 15.0.1497.23| 199,168| 07-Jul-2021| 23:45| x86 \nExt_microsoft.exchange.data.transport.dll| 15.0.1497.23| 396,752| 07-Jul-2021| 23:46| x86 \nFil00a59b0bf9ad6dbefafaeb21bc52cadc| Not applicable| 160,921| 10-Sep-2020| 08:09| Not applicable \nFil01265e3f95fffa90f103d6045ee1b646| Not applicable| 207,584| 10-Sep-2020| 08:08| Not applicable \nFil01464b610a1b9ca44bfd4aa2b20a0a47| Not applicable| 242,360| 10-Sep-2020| 08:08| Not applicable \nFil024514f3668d7fae2909c604a07f2cae| Not applicable| 118,512| 10-Sep-2020| 08:09| Not applicable \nFil02886dbc65954c74ff5f004a4de087d0| Not applicable| 382,584| 10-Sep-2020| 08:10| Not applicable \nFil02aa6af1a7515d4d79a36ff53c2451cc| Not applicable| 202,224| 10-Sep-2020| 08:10| Not applicable \nFil03094a694b8e463b811188f1414aafd9| Not applicable| 1,562| 10-Sep-2020| 08:10| Not applicable \nFil0346bb60fed433908e0d629870fa234f| Not applicable| 42,453| 10-Sep-2020| 08:10| Not applicable \nFil03d6f5ce7cdbd650b4e31b9b17bfebdf| Not applicable| 63,034| 10-Sep-2020| 08:09| Not applicable \nFil03df293f7a64512c7994f03b06b1cc9d| Not applicable| 122,028| 10-Sep-2020| 08:08| Not applicable \nFil04648c9ff8319a4b2f4228ef41f3d558| Not applicable| 188,610| 10-Sep-2020| 08:09| Not applicable \nFil04be20231e54d4b1b9ae0adcee287d33| Not applicable| 3,319| 10-Sep-2020| 08:10| Not applicable \nFil05bd0d7761664f4f3447bc8b82cba551| Not applicable| 260,796| 10-Sep-2020| 08:08| Not applicable \nFil07291eda8c3b4bef35c20b117bc4dc89| Not applicable| 11,065| 10-Sep-2020| 08:03| Not applicable \nFil073611cea59a04ae5959ec5466f4f770| Not applicable| 206,119| 10-Sep-2020| 08:10| Not applicable \nFil07a54aa7bb7bff7a7ebaa792bbf2dcc3| Not applicable| 12,920| 10-Sep-2020| 08:10| Not applicable \nFil07d1178f9b4ec96c22a8240722e0bf9f| Not applicable| 381,584| 10-Sep-2020| 08:09| Not applicable \nFil0807d7ff1190d89482f9590435e63704| Not applicable| 376,675| 10-Sep-2020| 08:09| Not applicable \nFil08a4c36edaa0a358721425799ae714fa| Not applicable| 243,898| 10-Sep-2020| 08:08| Not applicable \nFil092fbdf7953d47bcaec4c494ad2a4620| Not applicable| 142,751| 10-Sep-2020| 08:11| Not applicable \nFil093c3f7e3d75f52ac3ae90f8d5c582cc| Not applicable| 229,663| 10-Sep-2020| 08:08| Not applicable \nFil095e2ae2aad7e5fe67147fa275cf3657| Not applicable| 200,119| 10-Sep-2020| 08:09| Not applicable \nFil097d6a2a5acff36af3b3de457fece43f| Not applicable| 317,272| 10-Sep-2020| 08:08| Not applicable \nFil098cd77950ecc93e59a6d478029be507| Not applicable| 2,003,210| 10-Sep-2020| 08:06| Not applicable \nFil0994fb28dc0ef8f87218c621ae86e134| Not applicable| 286,293| 10-Sep-2020| 08:11| Not applicable \nFil0aff9b8e03ff8a9bb1517388f2c44d1a| Not applicable| 14,524| 10-Sep-2020| 08:10| Not applicable \nFil0bfa47954dd042005e90c2bd01cd0a37| Not applicable| 142,850| 10-Sep-2020| 08:08| Not applicable \nFil0d721f7ce4137c3bd63bdc89da0bb5cb| Not applicable| 236,086| 10-Sep-2020| 08:08| Not applicable \nFil0dbb9c355360df6a4459d2007004c9e3| Not applicable| 208,728| 10-Sep-2020| 08:10| Not applicable \nFil0dcd409d2cf1a0fe1b1d23995972047e| Not applicable| 264,787| 10-Sep-2020| 08:09| Not applicable \nFil0dd00b83250a9921930f80dfadd64420| Not applicable| 167,266| 10-Sep-2020| 08:10| Not applicable \nFil0ee631acb4cbeba6a8ce8838790ffba3| Not applicable| 225,959| 10-Sep-2020| 08:08| Not applicable \nFil0fe6c543ad5dce68f8da1d128ebff332| Not applicable| 303,122| 10-Sep-2020| 08:10| Not applicable \nFil0fefc0bb7650de7a8e100f27290b316c| Not applicable| 939| 10-Sep-2020| 08:10| Not applicable \nFil1049e7dbf56476ddca7fbcdd54f1b796| Not applicable| 146,378| 10-Sep-2020| 08:10| Not applicable \nFil11364618faea90d632e254088444fc52| Not applicable| 3,359| 10-Sep-2020| 08:10| Not applicable \nFil1173f6b39fe7c9d910b8dc5bd19521f8| Not applicable| 361,118| 10-Sep-2020| 08:09| Not applicable \nFil119e3a5d3db8bc97fc7e5f8e81f2f8ca| Not applicable| 197,448| 10-Sep-2020| 08:08| Not applicable \nFil1270dc39571f9c7aa6cfaadeff4f3640| Not applicable| 171,559| 10-Sep-2020| 08:07| Not applicable \nFil129c1192b00260084863bfb442d9ef93| Not applicable| 1,303| 10-Sep-2020| 08:10| Not applicable \nFil13fb2417bf46b85b2993d051b8ab7c66| Not applicable| 330,130| 10-Sep-2020| 08:08| Not applicable \nFil1426532f337ffd248ad8526e66f9fed6| Not applicable| 147,629| 10-Sep-2020| 08:09| Not applicable \nFil1591caf2c0ed95d3d7dc675a20701ee6| Not applicable| 114,064| 10-Sep-2020| 08:08| Not applicable \nFil15f38a12988013e8d68ce239be0d5f3d| Not applicable| 171,283| 10-Sep-2020| 08:08| Not applicable \nFil162350ffb26be403359faaf6c45406cf| Not applicable| 163,899| 10-Sep-2020| 08:08| Not applicable \nFil162b0371ffc6ab85232d5f1c2f4997e7| Not applicable| 9,782| 10-Sep-2020| 08:10| Not applicable \nFil1696980eba48067e2ae900f45faad78e| Not applicable| 1,875| 10-Sep-2020| 08:10| Not applicable \nFil16fca2f0aaead1fbec7a463ca606a1ec| Not applicable| 370,126| 10-Sep-2020| 08:08| Not applicable \nFil19183400565ab2ccc44ecaa477a5e3d1| Not applicable| 15,230| 10-Sep-2020| 08:03| Not applicable \nFil199e6bdb4f3b2b47c763319633da1136| Not applicable| 327,350| 10-Sep-2020| 08:08| Not applicable \nFil19ccdd118db9bfc3475814a4b4e08c08| Not applicable| 584,377| 10-Sep-2020| 08:08| Not applicable \nFil1a3b1da5816e3bb64056cf149788066b| Not applicable| 480,547| 10-Sep-2020| 08:10| Not applicable \nFil1ac6267c3eb50d8e405d35e06e7c7878| Not applicable| 15,933| 10-Sep-2020| 08:10| Not applicable \nFil1b70faaee4a16f481d3565f701d210d2| Not applicable| 194,186| 10-Sep-2020| 08:10| Not applicable \nFil1bb83920715900f568a44fea64ebdf14| Not applicable| 409,070| 10-Sep-2020| 08:10| Not applicable \nFil1bbf3e38efe960ca2113daaab481b364| Not applicable| 3,474| 10-Sep-2020| 08:10| Not applicable \nFil1e3e47d491e73bf0ce9bd6368a869661| Not applicable| 114,721| 10-Sep-2020| 08:09| Not applicable \nFil1ebaeefd7727d6252ca22a5e152fc343| Not applicable| 8,138| 10-Sep-2020| 08:10| Not applicable \nFil1f3158c2364004336fefd7fa8c62086b| Not applicable| 327,640| 10-Sep-2020| 08:09| Not applicable \nFil1f475a8603a1bbd01e1a40d53c813c9c| Not applicable| 315,635| 10-Sep-2020| 08:10| Not applicable \nFil1fff4b705c9647b4ff3f83b020b2e237| Not applicable| 370,164| 10-Sep-2020| 08:10| Not applicable \nFil2039f6f47019d7eb8d50a7d7387e1326| Not applicable| 118,107| 10-Sep-2020| 08:10| Not applicable \nFil208b9e5328593cd0b5013b4cae2713f9| Not applicable| 335,423| 10-Sep-2020| 08:08| Not applicable \nFil2093384b2fd2dd4694e4452e9aacfc18| Not applicable| 383,683| 10-Sep-2020| 08:07| Not applicable \nFil20b9a11913964b245854e564a94544ed| Not applicable| 144,647| 10-Sep-2020| 08:08| Not applicable \nFil20e584fabe14655761b29e602eed5cc9| Not applicable| 182,170| 10-Sep-2020| 08:07| Not applicable \nFil2143e07c2cac620dfefafd058902b0d3| Not applicable| 2,915| 10-Sep-2020| 08:10| Not applicable \nFil222a09c547b07ae712f31cf9175a5717| Not applicable| 116,530| 10-Sep-2020| 08:08| Not applicable \nFil2294c86871eb9882419d11de13a0e558| Not applicable| 866| 10-Sep-2020| 08:10| Not applicable \nFil2294eb56822388c24312aee15bef4d72| Not applicable| 3,423| 10-Sep-2020| 08:10| Not applicable \nFil235c6fa467f8662a9bcbd6fac8df465b| Not applicable| 117,287| 10-Sep-2020| 08:07| Not applicable \nFil240bcf2747ef1821d63068b04d54a07d| Not applicable| 163,794| 10-Sep-2020| 08:11| Not applicable \nFil24622e71b4f201522c30b5396079ebf9| Not applicable| 151,701| 10-Sep-2020| 08:08| Not applicable \nFil247b22302db2287f03bd385ba61ffe55| Not applicable| 398,137| 10-Sep-2020| 08:07| Not applicable \nFil25727a6a764ebd6cd89550c2c031c37c| Not applicable| 160,115| 10-Sep-2020| 08:08| Not applicable \nFil265b8ec6d4ed498b5382cfc1027491a2| Not applicable| 82,741| 10-Sep-2020| 08:09| Not applicable \nFil280c8cbd4386b442b5c94af6708eaac8| Not applicable| 16,625| 10-Sep-2020| 08:10| Not applicable \nFil283358d58bb98df0557b67b6f747c86a| Not applicable| 460,146| 10-Sep-2020| 08:07| Not applicable \nFil28b2b9d1b7e313e502a8835045c2d0d0| Not applicable| 15,031| 10-Sep-2020| 08:10| Not applicable \nFil2a6b0663833d438eea50ffe81c51ec83| Not applicable| 2,003,228| 10-Sep-2020| 08:05| Not applicable \nFil2adab262add65203b0c7c5bc1251e47f| Not applicable| 312,638| 10-Sep-2020| 08:08| Not applicable \nFil2b2ac38f6e7b4a0553da72f403582cd5| Not applicable| 1,727| 10-Sep-2020| 08:10| Not applicable \nFil2bd8c15c9164155f212951a70631823f| Not applicable| 5,285| 10-Sep-2020| 08:10| Not applicable \nFil2c21ffd8eb5ecd0f7c89a27b86951a7d| Not applicable| 10,821| 10-Sep-2020| 08:09| Not applicable \nFil2db733aabd2264a64057e89820aca13c| Not applicable| 13,759| 10-Sep-2020| 08:10| Not applicable \nFil2e63bcb4a6d04e10c147a6c3f92bfcab| Not applicable| 670,945| 10-Sep-2020| 08:09| Not applicable \nFil2e6b2f8c3954b6bbc8ab2a22d1438d67| Not applicable| 114,990| 10-Sep-2020| 08:09| Not applicable \nFil2eba4c3b1398dc2169d3a58cf26d7494| Not applicable| 3,169| 10-Sep-2020| 08:10| Not applicable \nFil2f58bbe281f35794e1fadfd2d5372340| Not applicable| 151,951| 10-Sep-2020| 08:09| Not applicable \nFil31e9f5684b0b5ea70746907556f64515| Not applicable| 296,876| 10-Sep-2020| 08:09| Not applicable \nFil32c87816f9a713092dc110787ef42586| Not applicable| 35,050| 10-Sep-2020| 08:08| Not applicable \nFil32ede05fb6827d1a783e56be2937e471| Not applicable| 153,091| 10-Sep-2020| 08:08| Not applicable \nFil344d9c6f4f02142eba8c624f965acd67| Not applicable| 121,941| 10-Sep-2020| 08:08| Not applicable \nFil363d000c227039f27c69b128287ff68e| Not applicable| 186,041| 10-Sep-2020| 08:07| Not applicable \nFil36da999539f10f4939d3c19fb7e77d53| Not applicable| 11,324| 10-Sep-2020| 08:09| Not applicable \nFil37589a1bee605be2ae1422c6d19521cd| Not applicable| 384,396| 10-Sep-2020| 08:09| Not applicable \nFil3804327ae3bca4c1a589eed2acaf0909| Not applicable| 1,739| 10-Sep-2020| 08:10| Not applicable \nFil38494a0e60def94d88e8724029463551| Not applicable| 83,497| 10-Sep-2020| 08:07| Not applicable \nFil3859e6d9c6cf748d05be23536b9221c4| Not applicable| 124,060| 10-Sep-2020| 08:10| Not applicable \nFil39ee1f35ad97bd462c3ac5aec000a1c0| Not applicable| 210,413| 10-Sep-2020| 08:10| Not applicable \nFil3a42ef50a1ae3edbb7a00bc22f3434e3| Not applicable| 24,337| 10-Sep-2020| 08:03| Not applicable \nFil3b12709b2a6d1f6a5a9d96edbc2a9dd2| Not applicable| 211,288| 10-Sep-2020| 08:09| Not applicable \nFil3b8cc2b36f720baad95be0910e9346eb| Not applicable| 154,799| 10-Sep-2020| 08:10| Not applicable \nFil3c3fb88b0193db7b45726833c054d1ed| Not applicable| 4,920| 10-Sep-2020| 08:10| Not applicable \nFil3cccb1e1cc9707666a7232847b28158a| Not applicable| 148,810| 10-Sep-2020| 08:10| Not applicable \nFil3d3af8f03141aadd16d3951f471e4ecd| Not applicable| 472,586| 10-Sep-2020| 08:10| Not applicable \nFil3d952efb9613d0f0fa9c884c2e197c47| Not applicable| 64,742| 10-Sep-2020| 08:07| Not applicable \nFil3d96340571dcbbca40f9dda36cf8cc23| Not applicable| 376,491| 10-Sep-2020| 08:08| Not applicable \nFil3db21a7c265bee0f8897197ab8184cbb| Not applicable| 407,449| 10-Sep-2020| 08:11| Not applicable \nFil3e7cd5352ab27351d37dc5a0d70eb5da| Not applicable| 8,202| 10-Sep-2020| 08:10| Not applicable \nFil401dc81859f7ddf0518e04d60fb6f0f0| Not applicable| 127,242| 10-Sep-2020| 08:08| Not applicable \nFil4032894f9d18775fe5b8f517b9446ed2| Not applicable| 247,259| 10-Sep-2020| 08:09| Not applicable \nFil426e71bd7d39fbdac2f9aac2641b16f3| Not applicable| 1,923| 10-Sep-2020| 08:10| Not applicable \nFil4278d1df336a84435b4ce9034fb1a172| Not applicable| 718| 10-Sep-2020| 08:10| Not applicable \nFil42a5edd14a3d3f555fcd6172e48921fb| Not applicable| 157,961| 10-Sep-2020| 08:09| Not applicable \nFil42c22971f1d5dc2196265e92d6da872f| Not applicable| 150,392| 10-Sep-2020| 08:11| Not applicable \nFil442f08df8632cfa5f8638445f7151f04| Not applicable| 956| 10-Sep-2020| 08:10| Not applicable \nFil449a3b586a9163232e7d21b204dff9e2| Not applicable| 1,316| 10-Sep-2020| 08:10| Not applicable \nFil44a698d38545e9cd051d9db8fdfc900e| Not applicable| 225,606| 10-Sep-2020| 08:10| Not applicable \nFil44afe89b21b16bf4b609ab451085526a| Not applicable| 373,865| 10-Sep-2020| 08:08| Not applicable \nFil44d189470b9393ed19ca08defd240a38| Not applicable| 216,698| 10-Sep-2020| 08:10| Not applicable \nFil45cd37ad6b0169d99d0eb6dcba7d08d9| Not applicable| 166,781| 10-Sep-2020| 08:10| Not applicable \nFil46233812dcee5af00423b2fc332d0c5d| Not applicable| 2,015,045| 10-Sep-2020| 08:05| Not applicable \nFil46ef8081ccac6e0c239c52cfc8c58dcf| Not applicable| 4,743| 10-Sep-2020| 08:07| Not applicable \nFil476b430823a50cf77d9968f03858d69d| Not applicable| 359,078| 10-Sep-2020| 08:08| Not applicable \nFil481ea15e0071beee36e6711fe55c7372| Not applicable| 307,725| 10-Sep-2020| 08:08| Not applicable \nFil4a3306ef5eda0d022a521f8bd6c3d940| Not applicable| 158,115| 10-Sep-2020| 08:08| Not applicable \nFil4a79082a6a63aa24efbd3f71b1a9f8e8| Not applicable| 139,064| 10-Sep-2020| 08:09| Not applicable \nFil4aa30f91267dc1dffacc9bb3f9e43367| Not applicable| 1,972| 10-Sep-2020| 08:10| Not applicable \nFil4b622a1d73e8a02febd3ad6f59e8b98c| Not applicable| 12,107| 10-Sep-2020| 08:10| Not applicable \nFil4bc634eae6f3c142c6ed8d2927520cc3| Not applicable| 5,653| 10-Sep-2020| 08:10| Not applicable \nFil4bd7eb36b7c3567f715d5365f8047204| Not applicable| 142,286| 10-Sep-2020| 08:10| Not applicable \nFil4c0ab8720533c89e68ce63e86d429dde| Not applicable| 381,163| 10-Sep-2020| 08:08| Not applicable \nFil4c177d04b538b102de0bc7af504ade88| Not applicable| 1,264| 10-Sep-2020| 08:10| Not applicable \nFil4cc43ed047118c3c70489c99f391ad41| Not applicable| 570,339| 10-Sep-2020| 08:08| Not applicable \nFil4cfa7a61721252f62fb29a0f1805bd48| Not applicable| 151,467| 10-Sep-2020| 08:09| Not applicable \nFil4d0f14d8c2b6b77898bcc5954a8335d4| Not applicable| 12,161| 10-Sep-2020| 08:10| Not applicable \nFil4d393ab247c2ec19d982c087d694252e| Not applicable| 485,168| 10-Sep-2020| 08:09| Not applicable \nFil4e4dfdf527ace3b42d88eaea58ad4e00| Not applicable| 110,057| 10-Sep-2020| 08:11| Not applicable \nFil4f050d584b052cef56c611c7a6fc0b4d| Not applicable| 440,314| 10-Sep-2020| 08:10| Not applicable \nFil4f0ff802c3382fc6cb28e90145915a91| Not applicable| 155,232| 10-Sep-2020| 08:08| Not applicable \nFil4fbdcc69c6687636e427226aab76d82c| Not applicable| 165,120| 10-Sep-2020| 08:08| Not applicable \nFil50c8b757b4933533069fdb8f6b905e0d| Not applicable| 158,190| 10-Sep-2020| 08:09| Not applicable \nFil50e303dde9fe96807796a25979e2814a| Not applicable| 252,966| 10-Sep-2020| 08:08| Not applicable \nFil538089ef224df4976d311e8302364c00| Not applicable| 1,152,608| 10-Sep-2020| 08:12| Not applicable \nFil5387207480a1873bc7ed50c9eaed89c7| Not applicable| 2,003,225| 10-Sep-2020| 08:06| Not applicable \nFil53acea05108c4f46ff21c66f40cfaeec| Not applicable| 150,387| 10-Sep-2020| 08:08| Not applicable \nFil540e2d0af94e0e486cae7a4a9e109676| Not applicable| 215,778| 10-Sep-2020| 08:10| Not applicable \nFil541882cdf469df98dbf0ac462de46344| Not applicable| 575,597| 10-Sep-2020| 08:09| Not applicable \nFil543079c26bd28998e4563bbd4cac1644| Not applicable| 4,186| 10-Sep-2020| 08:10| Not applicable \nFil54337210b89f5380a40a0904d6d860f8| Not applicable| 1,729| 10-Sep-2020| 08:10| Not applicable \nFil5542b08a74ea880a5f2bd8b269fc1231| Not applicable| 250,545| 10-Sep-2020| 08:09| Not applicable \nFil57beb556aec2d6e97c7b317de9f72304| Not applicable| 322,662| 10-Sep-2020| 08:08| Not applicable \nFil57fcce90719eee5eff1f954327649e53| Not applicable| 222,952| 10-Sep-2020| 08:08| Not applicable \nFil58337dc668f3e1a94ebd035dc310ef3a| Not applicable| 3,653| 10-Sep-2020| 08:10| Not applicable \nFil59074b5deefeb2b4d32b58953cb77f9e| Not applicable| 202,678| 10-Sep-2020| 08:07| Not applicable \nFil596d2b532682a216aced5af81a34785e| Not applicable| 371,817| 10-Sep-2020| 08:08| Not applicable \nFil5aef2df4d623713792ff2e54a0abea77| Not applicable| 3,391| 10-Sep-2020| 08:10| Not applicable \nFil5b481af97947b02636fefbad6cf5332e| Not applicable| 10,504| 10-Sep-2020| 08:10| Not applicable \nFil5b51bde4cf501f9d89d6fdd6084fb0dc| Not applicable| 76,238| 10-Sep-2020| 08:07| Not applicable \nFil5c8127dbccdda444e35671ff4a274fc5| Not applicable| 164,462| 10-Sep-2020| 08:08| Not applicable \nFil5cd88aaf0a21ddb716f1da478f29fe22| Not applicable| 68,607| 10-Sep-2020| 08:03| Not applicable \nFil5d2722dc3289787a79451240b7a88ef3| Not applicable| 1,218| 10-Sep-2020| 08:10| Not applicable \nFil5d6827cff217e4dfce3affa1aa55d8f3| Not applicable| 476,341| 10-Sep-2020| 08:09| Not applicable \nFil5e56ac7a5a17eeba25534e146a5b96c5| Not applicable| 187,286| 10-Sep-2020| 08:10| Not applicable \nFil5f4f6a29ca46dc40a4f6ac9b8b772ce3| Not applicable| 203,484| 10-Sep-2020| 08:09| Not applicable \nFil5fd4bc51ae2ad462403cdc6a0cf9ffd0| Not applicable| 311,764| 10-Sep-2020| 08:10| Not applicable \nFil604f37df9e3b6c4d7c48f14c35a26977| Not applicable| 126,177| 10-Sep-2020| 08:08| Not applicable \nFil610677a0034b8232f2b460d83c22ce46| Not applicable| 481,442| 10-Sep-2020| 08:09| Not applicable \nFil6133c70794989aad906ec1c690498770| Not applicable| 1,669| 10-Sep-2020| 08:10| Not applicable \nFil63179e1cb286b0ef11dc63dc6af82432| Not applicable| 14,116| 10-Sep-2020| 08:10| Not applicable \nFil6356fbacb88d6b1b13e09aadb6887fbe| Not applicable| 161,576| 10-Sep-2020| 08:10| Not applicable \nFil64dd0c27769e484c139e2503ec3eef51| Not applicable| 218,860| 10-Sep-2020| 08:10| Not applicable \nFil65080648928ede60012994a0baeca00b| Not applicable| 309,691| 10-Sep-2020| 08:09| Not applicable \nFil6ad129a5d744ab89f7b431d1d495262a| Not applicable| 60,605| 10-Sep-2020| 08:08| Not applicable \nFil6ae5c571deb81c557347776937eec424| Not applicable| 327,120| 10-Sep-2020| 08:08| Not applicable \nFil6c511826bfeecb77f6559c6b60d65511| Not applicable| 360,888| 10-Sep-2020| 08:09| Not applicable \nFil6c6539569c8b5a20bd7f4dc318576341| Not applicable| 305,628| 10-Sep-2020| 08:09| Not applicable \nFil6d0c3c83a060d3235e4a034bf754cdde| Not applicable| 139,720| 10-Sep-2020| 08:09| Not applicable \nFil6ec9b1a61bc1b1de3666c8f074b638b0| Not applicable| 102,157,937| 10-Sep-2020| 08:12| Not applicable \nFil6f8d2fab306d136e7656db49710c3a48| Not applicable| 3,636| 10-Sep-2020| 08:10| Not applicable \nFil6fe7b10d2287827cf3c81b58b9c8b8ff| Not applicable| 304,524| 10-Sep-2020| 08:10| Not applicable \nFil7189adae9ca485f37c0c74269ff71aca| Not applicable| 12,644| 10-Sep-2020| 08:10| Not applicable \nFil71e73a51dc2a21736116b8807bb466e8| Not applicable| 156,649| 10-Sep-2020| 08:09| Not applicable \nFil7207154834a23fbc29d011e71d208a39| Not applicable| 163,997| 10-Sep-2020| 08:10| Not applicable \nFil720fe9713dec6be87ee03bce38fbfc36| Not applicable| 321,069| 10-Sep-2020| 08:08| Not applicable \nFil7332c61fe6101e9bae82c487d99082df| Not applicable| 916| 10-Sep-2020| 08:10| Not applicable \nFil736e7b808675fe35044733ce258a9a73| Not applicable| 209,717| 10-Sep-2020| 08:09| Not applicable \nFil73c9286d8470aa113cba01507403eeba| Not applicable| 123,453| 10-Sep-2020| 08:10| Not applicable \nFil73dbdc432c5bb5f29330a83a9faa7ae1| Not applicable| 319,119| 10-Sep-2020| 08:10| Not applicable \nFil74f06c9b75edb14687c2262ad6ae2557| Not applicable| 310,368| 10-Sep-2020| 08:08| Not applicable \nFil7511efbde449570e1079881ef478d89f| Not applicable| 328,987| 10-Sep-2020| 08:10| Not applicable \nFil75c2cda8a128e765ff0af0755bfd328b| Not applicable| 145,359| 10-Sep-2020| 08:09| Not applicable \nFil7622d867b4e32c321108f9585ae213e0| Not applicable| 143,754| 10-Sep-2020| 08:10| Not applicable \nFil764919a245fe2bc500925814cddfbdad| Not applicable| 72,860| 10-Sep-2020| 08:03| Not applicable \nFil76a84f20ffd55d7ea12ac35d8380efd5| Not applicable| 425,083| 10-Sep-2020| 08:10| Not applicable \nFil7700cf10ad703df7c8918a0563a5e129| Not applicable| 170,409| 10-Sep-2020| 08:10| Not applicable \nFil780df069c247b8094634ab0404623781| Not applicable| 3,146| 10-Sep-2020| 08:10| Not applicable \nFil78360aa0f236f838f94a573fa0e591eb| Not applicable| 306,391| 10-Sep-2020| 08:10| Not applicable \nFil788ad7e3f4abc8bfb4327d0b98934699| Not applicable| 3,264| 10-Sep-2020| 08:10| Not applicable \nFil789b96ff5e7f5c36651793db27c8b262| Not applicable| 156,482| 10-Sep-2020| 08:10| Not applicable \nFil7975d5410f26d07f08de47940983d903| Not applicable| 11,720| 10-Sep-2020| 08:10| Not applicable \nFil798d3f63fe34287c86fffb74428a321a| Not applicable| 298,444| 10-Sep-2020| 08:11| Not applicable \nFil79b13a2c33d13735946561479fc859fa| Not applicable| 133,726| 10-Sep-2020| 08:11| Not applicable \nFil79c7a259268acf783baef95ca5b23ec1| Not applicable| 152,767| 10-Sep-2020| 08:07| Not applicable \nFil7a2063c960c5cb61395e7839f1297cb5| Not applicable| 4,115| 10-Sep-2020| 08:10| Not applicable \nFil7a403fcd3c2773230c350d8e1d3cebf7| Not applicable| 104,032| 10-Sep-2020| 08:03| Not applicable \nFil7a9f06943db3abcb09bf15ae13ff2cd2| Not applicable| 137,922| 10-Sep-2020| 08:08| Not applicable \nFil7b670339ef54eea40a7516c12d2f0e92| Not applicable| 486,258| 10-Sep-2020| 08:08| Not applicable \nFil7b9dcb919f1fd2e3a1f6f379fbfaeef0| Not applicable| 165,327| 10-Sep-2020| 08:09| Not applicable \nFil7bc288d1803d8c01d917d4ae3424dd04| Not applicable| 371,056| 10-Sep-2020| 08:10| Not applicable \nFil7be03a57aa609693fcd744981699f067| Not applicable| 214,670| 10-Sep-2020| 08:10| Not applicable \nFil7cd60b323924095924a33c83b8160967| Not applicable| 515,462| 10-Sep-2020| 08:08| Not applicable \nFil7cddc3f217fc9bd77c3335a3bbe74040| Not applicable| 316,645| 10-Sep-2020| 08:10| Not applicable \nFil7d3d44cb179d947736c393335bc1d8a5| Not applicable| 323,379| 10-Sep-2020| 08:08| Not applicable \nFil7e1364e8b092a71503bb6ab4c0c8d043| Not applicable| 317,812| 10-Sep-2020| 08:10| Not applicable \nFil7f88ed25a2323690ef4603fcd5965e29| Not applicable| 146,052| 10-Sep-2020| 08:08| Not applicable \nFil7fc67e0ea132a46fa0c81ae793c6fafb| Not applicable| 1,751| 10-Sep-2020| 08:10| Not applicable \nFil7ffa598af3dc4eba6484cfca34eff091| Not applicable| 487,790| 10-Sep-2020| 08:10| Not applicable \nFil7fffbc3b910469a09b1d0670696bd038| Not applicable| 298,276| 10-Sep-2020| 08:09| Not applicable \nFil802e831d6cd841b23e31f3ede7146efa| Not applicable| 160,374| 10-Sep-2020| 08:09| Not applicable \nFil8032f47eeca48977d2f693f7644627ce| Not applicable| 123,440| 10-Sep-2020| 08:08| Not applicable \nFil809e41480ae24ce8f65630fb91e72e3e| Not applicable| 191,320| 10-Sep-2020| 08:10| Not applicable \nFil819cef16705be45debd0be4d68755dbb| Not applicable| 22,679| 10-Sep-2020| 08:10| Not applicable \nFil819e4ee2c73b6dac7c9b217a2edccf64| Not applicable| 10,875| 10-Sep-2020| 08:10| Not applicable \nFil81c79182b21820eb762d4cc2ac59769f| Not applicable| 165,056| 10-Sep-2020| 08:08| Not applicable \nFil828666eab0d3bdc61f9fe757bd60e3a2| Not applicable| 375,074| 10-Sep-2020| 08:09| Not applicable \nFil832eb962b387b4e7631ffa4158cb28cc| Not applicable| 14,837| 10-Sep-2020| 08:10| Not applicable \nFil851524c7c4958c3155502d781c920d9b| Not applicable| 81,295| 10-Sep-2020| 08:10| Not applicable \nFil86eb489656c398a89c25641e80f48303| Not applicable| 121,319| 10-Sep-2020| 08:09| Not applicable \nFil86fd0667d62cefa2ae6e49f317434bd6| Not applicable| 384,644| 10-Sep-2020| 08:08| Not applicable \nFil88ec4eef108486342f6b6921bccaea93| Not applicable| 943,740| 10-Sep-2020| 08:12| Not applicable \nFil89331bf5c45adb0d8a8ea178cc079709| Not applicable| 300,269| 10-Sep-2020| 08:08| Not applicable \nFil8a10c1556c031a0905905396871c93f7| Not applicable| 310,330| 10-Sep-2020| 08:09| Not applicable \nFil8b153dea503da810e5e578642a5c28fe| Not applicable| 3,822| 10-Sep-2020| 08:10| Not applicable \nFil8c35bfdd38d7db1a373ae3b3a87a84b5| Not applicable| 164,030| 10-Sep-2020| 08:09| Not applicable \nFil8cbd0cddb9a1705309ebeabfe75fe38a| Not applicable| 319,024| 10-Sep-2020| 08:08| Not applicable \nFil8dc3b8e19a7e2e60f48bf22687139503| Not applicable| 3,314| 10-Sep-2020| 08:10| Not applicable \nFil8e9637e486491d4df1ea670c5b33eb16| Not applicable| 3,600| 10-Sep-2020| 08:10| Not applicable \nFil9007d7a068a4430d0ebefa4b039db1b4| Not applicable| 162,200| 10-Sep-2020| 08:10| Not applicable \nFil9032e5295c43ed35e2cd2820ebd6af91| Not applicable| 308,546| 10-Sep-2020| 08:08| Not applicable \nFil9050234bc32f4d53dcf496a54c13c1f0| Not applicable| 362,146| 10-Sep-2020| 08:09| Not applicable \nFil9052d1a7df067454a5205ba61f60202c| Not applicable| 414,847| 10-Sep-2020| 08:10| Not applicable \nFil907968cb2bdeead0a4c3dd51374b84f1| Not applicable| 160,076| 10-Sep-2020| 08:08| Not applicable \nFil90cb08f524bc6f2fd5d5c59c9e880a3b| Not applicable| 408,856| 10-Sep-2020| 08:10| Not applicable \nFil9141167468612be7f7ce04061b4ba430| Not applicable| 221,454| 10-Sep-2020| 08:10| Not applicable \nFil915152e03c7027618c1570479b195120| Not applicable| 115,620| 10-Sep-2020| 08:09| Not applicable \nFil9178f92f0a34fc57e83a4224c5cd4c6f| Not applicable| 123,425| 10-Sep-2020| 08:10| Not applicable \nFil91b888a87f12e84cd76b09d8a8239110| Not applicable| 317,225| 10-Sep-2020| 08:10| Not applicable \nFil922f0dc015ce910e694c684667216edf| Not applicable| 85,712| 10-Sep-2020| 08:10| Not applicable \nFil92839d18408beb0ccdd398fa8d63d256| Not applicable| 304,785| 10-Sep-2020| 08:08| Not applicable \nFil92b9f91110f3fc68adbba7781dca69f7| Not applicable| 955,169| 10-Sep-2020| 08:12| Not applicable \nFil936f4520f1f1a23512af78649723bd24| Not applicable| 1,787| 10-Sep-2020| 08:10| Not applicable \nFil95c4c617e843522bcbc5f0ea98be1499| Not applicable| 494,807| 10-Sep-2020| 08:10| Not applicable \nFil96195cf594115b0dbe9a6f0231ef1047| Not applicable| 313,299| 10-Sep-2020| 08:09| Not applicable \nFil963c3ba8ce3369f28a234d725b21bc1c| Not applicable| 4,281| 10-Sep-2020| 08:10| Not applicable \nFil9650173f54879818e5ec095eeb16ed0b| Not applicable| 396,015| 10-Sep-2020| 08:08| Not applicable \nFil966154a8118d7385953a6d219e5eb17c| Not applicable| 1,414| 10-Sep-2020| 08:10| Not applicable \nFil969cef7f118d3f325203fd0cb688b9ec| Not applicable| 2,110,683| 10-Sep-2020| 08:07| Not applicable \nFil96d73a0c451e93f8ea3773e8fe0fbbfc| Not applicable| 33,811| 10-Sep-2020| 08:11| Not applicable \nFil972290622741630c40e4aa0864c01aa4| Not applicable| 1,616| 10-Sep-2020| 08:10| Not applicable \nFil97937f8123552bc8e9d12b174086d31c| Not applicable| 469,857| 10-Sep-2020| 08:08| Not applicable \nFil97cbf02bb228d8da0527ece430405ab2| Not applicable| 301,969| 10-Sep-2020| 08:09| Not applicable \nFil986b652b14f678fe052fed9bba96162e| Not applicable| 163,883| 10-Sep-2020| 08:08| Not applicable \nFil98ef484ce7150b406e3016cd9924d142| Not applicable| 13,961| 10-Sep-2020| 08:10| Not applicable \nFil9956a513417bb5463e0ba651a166baf0| Not applicable| 514,510| 10-Sep-2020| 08:09| Not applicable \nFil9ad3820a6c3baa899d30b5c2befddb0f| Not applicable| 501,780| 10-Sep-2020| 08:09| Not applicable \nFil9bc19d53264a55a58e5f699c80356bb2| Not applicable| 1,818| 10-Sep-2020| 08:10| Not applicable \nFil9be11b2ba300199597d09229eada5f26| Not applicable| 14,295| 10-Sep-2020| 08:10| Not applicable \nFil9c53e682ec387e24b826b5f20d0d7744| Not applicable| 258,852| 10-Sep-2020| 08:09| Not applicable \nFil9cc47a8297b69ca8b92c5c5fbc5a72a9| Not applicable| 146,219| 10-Sep-2020| 08:09| Not applicable \nFil9d179c67312a815f3d90f05dd98d935f| Not applicable| 295,260| 10-Sep-2020| 08:08| Not applicable \nFil9d3115e00dd3480f86694eb0171e2ab7| Not applicable| 147,427| 10-Sep-2020| 08:08| Not applicable \nFil9de60681dee78970a404d53a64af2f30| Not applicable| 16,604| 10-Sep-2020| 08:10| Not applicable \nFil9e9c8fdc13f8e3438936117f467c32f2| Not applicable| 3,647| 10-Sep-2020| 08:10| Not applicable \nFil9ea96f90dc98136d2990b368e30cba7f| Not applicable| 314,432| 10-Sep-2020| 08:08| Not applicable \nFil9ef7a49aadd91bd2e7723a793c4ececa| Not applicable| 196,624| 10-Sep-2020| 08:07| Not applicable \nFil9f4a9c9c0df85e4de8cef75ad843a4bf| Not applicable| 853| 10-Sep-2020| 08:10| Not applicable \nFil9fa4d749b570205397f22bb7798f1ad8| Not applicable| 191,467| 10-Sep-2020| 08:07| Not applicable \nFil9fb5c95485bb8d9d33d5f93c5aaf64b2| Not applicable| 16,227| 10-Sep-2020| 08:10| Not applicable \nFil9fecbd76d57255e27cc95507f3aaab07| Not applicable| 329,540| 10-Sep-2020| 08:10| Not applicable \nFila2743c24f7094b33d0d4449897c866a6| Not applicable| 119,408| 10-Sep-2020| 08:08| Not applicable \nFila2f6a440343bc9ff6660fce140eadd2d| Not applicable| 448,596| 10-Sep-2020| 08:08| Not applicable \nFila505629643c3e008b8bd0e23a5c4e25d| Not applicable| 413,212| 10-Sep-2020| 08:09| Not applicable \nFila50b2e8bd5431612810b0fcf988a1828| Not applicable| 209,253| 10-Sep-2020| 08:11| Not applicable \nFila5363cc509db7b571c6c4c3cd9062471| Not applicable| 208,443| 10-Sep-2020| 08:10| Not applicable \nFila57f8bbbe3218e6ecf4f4d70668de2dc| Not applicable| 314,531| 10-Sep-2020| 08:08| Not applicable \nFila62c0ced269195777d4d83700b448c00| Not applicable| 380,561| 10-Sep-2020| 08:08| Not applicable \nFila702279a2573d1ed8f2fcdee9713c0dd| Not applicable| 209,728| 10-Sep-2020| 08:09| Not applicable \nFila8ced4b496da09516e99919d4eaf64f6| Not applicable| 159,063| 10-Sep-2020| 08:08| Not applicable \nFila8f5e5a43d97dfb60f41dfc1b8459851| Not applicable| 508,891| 10-Sep-2020| 08:08| Not applicable \nFila913026b0e770b0a0f627ace5a752454| Not applicable| 322,902| 10-Sep-2020| 08:09| Not applicable \nFilaac5e88adcaaf27436c416aa7a0165bd| Not applicable| 249,029| 10-Sep-2020| 08:09| Not applicable \nFilab134bb61b2e10157e892c40df3c7e86| Not applicable| 159,193| 10-Sep-2020| 08:09| Not applicable \nFilab5e2407151586fb17aa6a5e23983146| Not applicable| 380,417| 10-Sep-2020| 08:07| Not applicable \nFilab7106fec6a571b081793e6fd0772840| Not applicable| 324,317| 10-Sep-2020| 08:10| Not applicable \nFilab84c7b0ea2c18151bdec3362357de28| Not applicable| 382,607| 10-Sep-2020| 08:10| Not applicable \nFilacb3fe0c456bdeb57f38467806292a12| Not applicable| 169,689| 10-Sep-2020| 08:08| Not applicable \nFilad3a7da52bfdbcdc556e7afee04e466d| Not applicable| 370,571| 10-Sep-2020| 08:09| Not applicable \nFilae12f186604e1e9a1564f0bd8d3f02d3| Not applicable| 422,675| 10-Sep-2020| 08:11| Not applicable \nFilaef6c0ddd04caa6d726d5335dd817311| Not applicable| 202,927| 10-Sep-2020| 08:10| Not applicable \nFilafc694642ba5b6098760517160b0e8bf| Not applicable| 157,170| 10-Sep-2020| 08:08| Not applicable \nFilafe4ec5e5c84f4cbbd605478cefc5629| Not applicable| 3,090| 10-Sep-2020| 08:10| Not applicable \nFilb0d5f04a53228a377d15814c78465b27| Not applicable| 669| 10-Sep-2020| 08:10| Not applicable \nFilb20b3cc21a25081a4bca14731ed24d46| Not applicable| 4,473| 10-Sep-2020| 08:10| Not applicable \nFilb2511eb8cb15578d5607802d13cb5c4f| Not applicable| 160,204| 10-Sep-2020| 08:11| Not applicable \nFilb2d8808ed734ba4cdde6c0bb616a5918| Not applicable| 234,774| 10-Sep-2020| 08:09| Not applicable \nFilb38126b47351a15bc93f1845dc8aba35| Not applicable| 326,044| 10-Sep-2020| 08:09| Not applicable \nFilb3ecb6b553aa136a95f785fae49b7290| Not applicable| 318,445| 10-Sep-2020| 08:09| Not applicable \nFilb4e11fab484f7e28061acd0a0b998b2b| Not applicable| 297,352| 10-Sep-2020| 08:09| Not applicable \nFilb52f287490a4bf46c9cead71b6c6d32f| Not applicable| 377,427| 10-Sep-2020| 08:10| Not applicable \nFilb6922820d7c8951d2c0a274c0247a024| Not applicable| 929| 10-Sep-2020| 08:10| Not applicable \nFilb7953f6142a677d96f918f4748d335e8| Not applicable| 142,609| 10-Sep-2020| 08:10| Not applicable \nFilb7980f151e3ac5df2176c1c9232a3a97| Not applicable| 422,398| 10-Sep-2020| 08:10| Not applicable \nFilb7ebe5ea802d62f201cecf33058afa68| Not applicable| 158,931| 10-Sep-2020| 08:10| Not applicable \nFilb94ca32f2654692263a5be009c0fe4ca| Not applicable| 218,643| 10-Sep-2020| 08:12| Not applicable \nFilbaada6b445e5d018d30bae5f55810cbb| Not applicable| 11,531| 10-Sep-2020| 08:10| Not applicable \nFilbac509fa0e072d1cea52129ba1408636| Not applicable| 5,470| 10-Sep-2020| 08:10| Not applicable \nFilbae1886423fa60040987b70277c99a66| Not applicable| 212,585| 10-Sep-2020| 08:10| Not applicable \nFilbaee23394142e54df188a3681e7b00e0| Not applicable| 588,271| 10-Sep-2020| 08:09| Not applicable \nFilbb4be32d89ad2d104df2959499c2c5dd| Not applicable| 424,381| 10-Sep-2020| 08:10| Not applicable \nFilbc0374f21dbcf9dcd43948267292d827| Not applicable| 151,684| 10-Sep-2020| 08:09| Not applicable \nFilbce863d9e87e78f7b216f9063068fd70| Not applicable| 13,803| 10-Sep-2020| 08:10| Not applicable \nFilbe0b71d79825d6251a88a486de2a0fae| Not applicable| 175,794| 10-Sep-2020| 08:08| Not applicable \nFilbe5c25571628b164d9b0abeae72c357a| Not applicable| 14,488| 10-Sep-2020| 08:03| Not applicable \nFilbe8804efe450de6f32592158385173af| Not applicable| 162,776| 10-Sep-2020| 08:09| Not applicable \nFilbec2fefb4339db1cb2a2a81c626af5b8| Not applicable| 148,912| 10-Sep-2020| 08:10| Not applicable \nFilbf439d900d8e8c938a91453ceef33748| Not applicable| 385,061| 10-Sep-2020| 08:10| Not applicable \nFilbfe5e54bbcd75097a2290bb9ffbf9129| Not applicable| 158,084| 10-Sep-2020| 08:09| Not applicable \nFilbfebb0e9f43c859d9b0a3079fb790dca| Not applicable| 140,997| 10-Sep-2020| 08:08| Not applicable \nFilc0360124072910524d4b1e78f11ea314| Not applicable| 149,305| 10-Sep-2020| 08:10| Not applicable \nFilc070c10edde57f91e2b923f53638b156| Not applicable| 122,287| 10-Sep-2020| 08:09| Not applicable \nFilc0a74236d5938545f3dd0d2e81fe5145| Not applicable| 609,713| 10-Sep-2020| 08:09| Not applicable \nFilc1246ec6443f5fdece97bee947f338b8| Not applicable| 163,350| 10-Sep-2020| 08:08| Not applicable \nFilc166412dec3b545aa718384ccdc0c3d1| Not applicable| 22,512| 10-Sep-2020| 08:10| Not applicable \nFilc244723fb935bd0d0901b33c0fa3fef4| Not applicable| 309,279| 10-Sep-2020| 08:09| Not applicable \nFilc2f5ff7a8957ea0ec0b802705b42e323| Not applicable| 166,161| 10-Sep-2020| 08:08| Not applicable \nFilc320fdef8521e5bb17a5c121a74e650e| Not applicable| 305,137| 10-Sep-2020| 08:11| Not applicable \nFilc3e271840e8b5de0e4ed893a9b69de17| Not applicable| 82,108| 10-Sep-2020| 08:10| Not applicable \nFilc3f3571f7d40d7ad31bcbde165570280| Not applicable| 7,684| 10-Sep-2020| 08:10| Not applicable \nFilc42459f85335dc5b0e754ebf75734c79| Not applicable| 118,946| 10-Sep-2020| 08:10| Not applicable \nFilc4ab4e05a6193193ef464c60fae6cbd7| Not applicable| 120,705| 10-Sep-2020| 08:09| Not applicable \nFilc5ae06f5615759f92b67380884df008e| Not applicable| 117,623| 10-Sep-2020| 08:10| Not applicable \nFilc5c55afa5d74d23f6b65f3216e37d317| Not applicable| 1,526| 10-Sep-2020| 08:10| Not applicable \nFilc786628612d2b1a245c8c71b29c30be3| Not applicable| 398,338| 10-Sep-2020| 08:09| Not applicable \nFilc830aa3bd6a85d79ebf456c5e64b8035| Not applicable| 379,187| 10-Sep-2020| 08:09| Not applicable \nFilc8e516689a540bc63bb961f4097b7e57| Not applicable| 160,137| 10-Sep-2020| 08:10| Not applicable \nFilc8e6da9f10502e8ad2295645fd80d4e5| Not applicable| 121,496| 10-Sep-2020| 08:08| Not applicable \nFilc96a599a80f3de2e07c515d63158e572| Not applicable| 330,578| 10-Sep-2020| 08:10| Not applicable \nFilc9c9f098bfe576e332d5448e341d7275| Not applicable| 153,366| 10-Sep-2020| 08:08| Not applicable \nFilca014992a789c86d642b1454a84b0471| Not applicable| 375,852| 10-Sep-2020| 08:08| Not applicable \nFilca135d6cdf9927dde76343b8e7366baf| Not applicable| 162,198| 10-Sep-2020| 08:10| Not applicable \nFilca3d26a73693291377b5eed5ddcaa0f1| Not applicable| 161,841| 10-Sep-2020| 08:10| Not applicable \nFilcac638de4b1f902ff58a662d4dac3d29| Not applicable| 56,854| 10-Sep-2020| 08:07| Not applicable \nFilcb5fa00024c3bc85ae7c993808e1b884| Not applicable| 120,208| 10-Sep-2020| 08:09| Not applicable \nFilcc0fdd022d9f5d8bc8ec46b80403d2e2| Not applicable| 1,589| 10-Sep-2020| 08:10| Not applicable \nFilcc30666b183d540fe06d8954d0f2413b| Not applicable| 3,297| 10-Sep-2020| 08:10| Not applicable \nFilcc721cc9dd7ee55eb0e0698f712731d7| Not applicable| 2,003,228| 10-Sep-2020| 08:07| Not applicable \nFilccbc2448b8815f8b825a84cc78bb511c| Not applicable| 11,405| 10-Sep-2020| 08:10| Not applicable \nFilcd270becc68f50bf28755be77714be9e| Not applicable| 394,132| 10-Sep-2020| 08:10| Not applicable \nFilcd886455496c5ec1862cf4aa506be262| Not applicable| 117,895| 10-Sep-2020| 08:08| Not applicable \nFilcddc4ce9e9c46991c0b22e91ba3704ba| Not applicable| 160,587| 10-Sep-2020| 08:10| Not applicable \nFilcff1dd14fb439fc7e9daa9dcb3e116c5| Not applicable| 12,932| 10-Sep-2020| 08:10| Not applicable \nFild034d7905a9a668488c8afd111f03890| Not applicable| 317,800| 10-Sep-2020| 08:11| Not applicable \nFild134087dcd6c80d2440a6f01ca531d43| Not applicable| 274,174| 10-Sep-2020| 08:09| Not applicable \nFild14c12465bfbd20e37f23e7a26295b48| Not applicable| 365,935| 10-Sep-2020| 08:07| Not applicable \nFild1b8d036a9c84b39ee432dce4f6d746f| Not applicable| 139,345| 10-Sep-2020| 08:09| Not applicable \nFild22b63170e5bf9a8ba95b20e77f6931a| Not applicable| 121,042| 10-Sep-2020| 08:10| Not applicable \nFild303b30a374c6671b361236e01f4b5cf| Not applicable| 164,590| 10-Sep-2020| 08:10| Not applicable \nFild4549c48b4b688ecc880a1f283799d3f| Not applicable| 498,379| 10-Sep-2020| 08:09| Not applicable \nFild4b4f55d65650fb68d8ae661f35a6cf3| Not applicable| 310,507| 10-Sep-2020| 08:09| Not applicable \nFild4cd251093d729f1a42047080c2778eb| Not applicable| 306,546| 10-Sep-2020| 08:08| Not applicable \nFild51a17d6f91520b346fc51bc3328726b| Not applicable| 145,877| 10-Sep-2020| 08:11| Not applicable \nFild59daa81d7473621e57441d6ea0f15c0| Not applicable| 194,497| 10-Sep-2020| 08:10| Not applicable \nFild5bfe2feae3b6b40e6b16de030127c67| Not applicable| 155,310| 10-Sep-2020| 08:10| Not applicable \nFild5d8126bec59238a69351a093c4464d0| Not applicable| 3,790| 10-Sep-2020| 08:10| Not applicable \nFild5f03da3e3a095d1f2b4a304a98bf729| Not applicable| 157,712| 10-Sep-2020| 08:10| Not applicable \nFild68d4f36aac52c3202cf238e1f1e2964| Not applicable| 145,618| 10-Sep-2020| 08:09| Not applicable \nFild7148cc0a8a831b0690ba7edff9c89fd| Not applicable| 309,585| 10-Sep-2020| 08:09| Not applicable \nFild83a4ac68665cb7498564f6a2fa90824| Not applicable| 192,430| 10-Sep-2020| 08:08| Not applicable \nFild84b6ccde6dad97a33cce010b6cf5541| Not applicable| 340,402| 10-Sep-2020| 08:08| Not applicable \nFild87dcf579f0d9dcbe4e7662caabee77e| Not applicable| 1,363| 10-Sep-2020| 08:10| Not applicable \nFild8a7c51dd3b9661c0d3937db06a0f6cc| Not applicable| 155,414| 10-Sep-2020| 08:11| Not applicable \nFild9013e15b94e09b08396c315e0631a52| Not applicable| 316,058| 10-Sep-2020| 08:10| Not applicable \nFild95c9ba0d427e30ab018118c4f8473b3| Not applicable| 389,600| 10-Sep-2020| 08:08| Not applicable \nFilda6a4ae71e1b6b7ccfcb6a63a2127d4d| Not applicable| 1,749| 10-Sep-2020| 08:10| Not applicable \nFildaad8f46b98411d7cb5457607ddc0097| Not applicable| 5,141| 10-Sep-2020| 08:10| Not applicable \nFildade2b2752b156e32704242e66737bf6| Not applicable| 3,404| 10-Sep-2020| 08:10| Not applicable \nFildaf7959b7c75db4261e040beb7293a13| Not applicable| 5,396| 10-Sep-2020| 08:10| Not applicable \nFildb3335f7da7296c0cebb1f9dcf0a13b6| Not applicable| 166,555| 10-Sep-2020| 08:10| Not applicable \nFildb508355a4e407081cba2130e65d580e| Not applicable| 327,332| 10-Sep-2020| 08:08| Not applicable \nFildb5fd75c40a38a12961a5701f3dd077c| Not applicable| 11,205| 10-Sep-2020| 08:08| Not applicable \nFildc8c47decc0a980dde3b8835cbb1da3b| Not applicable| 143,173| 10-Sep-2020| 08:09| Not applicable \nFildcfc7c65952f1370410a552a0c3bdacb| Not applicable| 143,634| 10-Sep-2020| 08:07| Not applicable \nFildd3233d5a669fbdbc6e1395b93273f67| Not applicable| 147,257| 10-Sep-2020| 08:08| Not applicable \nFildd420a21b6ff581e2f8cba46cf9cfc00| Not applicable| 13,697| 10-Sep-2020| 08:10| Not applicable \nFildd57d9330db1e4c1c5076183b76a0429| Not applicable| 159,581| 10-Sep-2020| 08:10| Not applicable \nFilde7edfbc94e0445055094a8412075849| Not applicable| 317,167| 10-Sep-2020| 08:08| Not applicable \nFildeb1eb5e06fd4f9ea01b736f7c5d3489| Not applicable| 4,463| 10-Sep-2020| 08:10| Not applicable \nFildeef0cc1dbfd12d4e4898acabeb8cc0a| Not applicable| 161,351| 10-Sep-2020| 08:10| Not applicable \nFildf1f940d4440482646f7e07b21c8977c| Not applicable| 400,048| 10-Sep-2020| 08:10| Not applicable \nFildf479c394a62a395362bac2175f263d9| Not applicable| 154,989| 10-Sep-2020| 08:08| Not applicable \nFile04ef21eb384d6ce69ac422ca5d202c8| Not applicable| 148,550| 10-Sep-2020| 08:08| Not applicable \nFile09f49833cf1f2443418e2be8f1e0004| Not applicable| 3,998| 10-Sep-2020| 08:10| Not applicable \nFile1425ffca08865888d2e0a662b85f22f| Not applicable| 194,027| 10-Sep-2020| 08:11| Not applicable \nFile2554c88cacc807d5b821e2d2e7977e7| Not applicable| 14,799| 10-Sep-2020| 08:10| Not applicable \nFile2a091148b8ca423a6f1f046e0adf881| Not applicable| 4,257| 10-Sep-2020| 08:10| Not applicable \nFile3b0bd2216637faabef0676a9e81a5a6| Not applicable| 215,571| 10-Sep-2020| 08:11| Not applicable \nFile3f54d4045f48da2f6084516bace3e1e| Not applicable| 163,145| 10-Sep-2020| 08:09| Not applicable \nFile45d1d7c137c59f6c1ffaab0ebc51f77| Not applicable| 292,978| 10-Sep-2020| 08:09| Not applicable \nFile54255e6002ed95d61afd7c75a5fa948| Not applicable| 370,103| 10-Sep-2020| 08:11| Not applicable \nFile5789132b8eb5f2f7efa7697590cf45c| Not applicable| 156,176| 10-Sep-2020| 08:09| Not applicable \nFile5dacfcc6f5dfff94990a84e026c4de2| Not applicable| 17,437| 10-Sep-2020| 08:10| Not applicable \nFile70589c97d754e78d2fe2fed99eaebcc| Not applicable| 314,666| 10-Sep-2020| 08:09| Not applicable \nFile71648118f1d0c1951edbcaa777d3a56| Not applicable| 251,235| 10-Sep-2020| 08:09| Not applicable \nFile783cced0fcba1ff313575bb1ca1c68c| Not applicable| 364,541| 10-Sep-2020| 08:08| Not applicable \nFile7c5afad77df85fd91512963f2fbf6e6| Not applicable| 34,450| 10-Sep-2020| 08:09| Not applicable \nFile88a06b53e20b9e6752aa61d8e189c10| Not applicable| 155,990| 10-Sep-2020| 08:09| Not applicable \nFile8b19ea66e7ffe68e3352d0de6ef2729| Not applicable| 407,248| 10-Sep-2020| 08:10| Not applicable \nFile93062b648276336059fa449db4153a3| Not applicable| 12,123| 10-Sep-2020| 08:10| Not applicable \nFilea581cb50d1d2cd077771d63c5b6dc51| Not applicable| 21,265| 10-Sep-2020| 08:10| Not applicable \nFileae73d48fc92a17e014b0abe1700f303| Not applicable| 156,338| 10-Sep-2020| 08:09| Not applicable \nFilec4338229af7da65b4b819322b30edda| Not applicable| 3,944| 10-Sep-2020| 08:10| Not applicable \nFilec7f6fc187f8be14de5ec034c2d85229| Not applicable| 118,511| 10-Sep-2020| 08:11| Not applicable \nFilecdb8669c113ce265be59f27aebb63c7| Not applicable| 201,438| 10-Sep-2020| 08:08| Not applicable \nFileeb9f8d46d03aa02e3a639c1190925ca| Not applicable| 4,194| 10-Sep-2020| 08:10| Not applicable \nFilefd2c6f724098d78412ccee1a36009ec| Not applicable| 367,647| 10-Sep-2020| 08:10| Not applicable \nFilf0c07502f8d3141d66a6c1fd4a71ca59| Not applicable| 4,352| 10-Sep-2020| 08:10| Not applicable \nFilf1324936e054d2474bba214d9e6855a0| Not applicable| 390,378| 10-Sep-2020| 08:08| Not applicable \nFilf1b4b77518eb47dc1959750fec59dcdc| Not applicable| 558,426| 10-Sep-2020| 08:08| Not applicable \nFilf1dbefccbfa368491a69955663586af4| Not applicable| 234,623| 10-Sep-2020| 08:09| Not applicable \nFilf21ccdcd3e87189b3373cbe88465bbed| Not applicable| 160,091| 10-Sep-2020| 08:08| Not applicable \nFilf257fa6642fbb757e3f26de753df4489| Not applicable| 322,187| 10-Sep-2020| 08:09| Not applicable \nFilf29a31a400ab7bfd670be114c615e00e| Not applicable| 440,018| 10-Sep-2020| 08:07| Not applicable \nFilf3015d007a6f5f56a11032dcd1ce8969| Not applicable| 1,875| 10-Sep-2020| 08:10| Not applicable \nFilf312b9f00ef669d78efe9b0d80f99896| Not applicable| 209,647| 10-Sep-2020| 08:10| Not applicable \nFilf31637de0f0a1e59a079df18e7f11f70| Not applicable| 532,038| 10-Sep-2020| 08:09| Not applicable \nFilf423a2f8e32497160710c8152115c908| Not applicable| 739| 10-Sep-2020| 08:10| Not applicable \nFilf4f7477b721b363112253d772077f40a| Not applicable| 44,908| 10-Sep-2020| 08:10| Not applicable \nFilf57cc0e30babe3fc1f5dcf14ffe60ce6| Not applicable| 569,467| 10-Sep-2020| 08:09| Not applicable \nFilf588408b53c88d5458d0bdfcabd56663| Not applicable| 162,184| 10-Sep-2020| 08:08| Not applicable \nFilf5c3373f3ffd93654bd1b1876513b75f| Not applicable| 63,356| 10-Sep-2020| 08:08| Not applicable \nFilf6d8842a14339881592611f23bb7b252| Not applicable| 11,215| 10-Sep-2020| 08:11| Not applicable \nFilf703fe4b5a67deaaa43a5f6ec9473805| Not applicable| 510,613| 10-Sep-2020| 08:10| Not applicable \nFilf7b4e504538e95c386061696b9d45120| Not applicable| 487,727| 10-Sep-2020| 08:11| Not applicable \nFilf7ecfde79d2a28e873992ce54d255fa4| Not applicable| 12,496| 10-Sep-2020| 08:10| Not applicable \nFilf8694f2cec5c365c0ef11b2f23dec843| Not applicable| 348,665| 10-Sep-2020| 08:11| Not applicable \nFilf90a123a3d43f3927c5318df051b9542| Not applicable| 492,011| 10-Sep-2020| 08:08| Not applicable \nFilf90f4fab546e82b6ef9b90297aef9ad7| Not applicable| 449,767| 10-Sep-2020| 08:08| Not applicable \nFilf992eef20268ccc0eb06557927ff1afd| Not applicable| 1,226| 10-Sep-2020| 08:10| Not applicable \nFilf9a6877dcf00a67a311f48dad50b7e9b| Not applicable| 62,482| 10-Sep-2020| 08:08| Not applicable \nFilf9b49c84aebc070c43e273a673e1cf99| Not applicable| 14,419| 10-Sep-2020| 08:03| Not applicable \nFilf9e067ad79a7547e26462a712cbd2234| Not applicable| 166,529| 10-Sep-2020| 08:08| Not applicable \nFilf9f6edd39dceaf9e49f9eb33efd6947e| Not applicable| 13,469| 10-Sep-2020| 08:10| Not applicable \nFilfac323bdf8297e52cb9758bc0f107bdf| Not applicable| 272,915| 10-Sep-2020| 08:09| Not applicable \nFilfc185af7dea156a27d3ffbbb82d11e73| Not applicable| 1,874| 10-Sep-2020| 08:10| Not applicable \nFilfca646dd1df179d1706cdf713ccc1069| Not applicable| 11,309| 10-Sep-2020| 08:10| Not applicable \nFilfd686744556fc950cd80295cb80aff43| Not applicable| 249,760| 10-Sep-2020| 08:08| Not applicable \nFilfe0ef3ae7100cf23dd43d3efa4f0a0e9| Not applicable| 433,228| 10-Sep-2020| 08:08| Not applicable \nFilfe13d9d3d88bb5b431d4a796b8541c66| Not applicable| 63,672| 10-Sep-2020| 08:08| Not applicable \nFilfe1f533df46bf985ea2b2ab30e5d6a35| Not applicable| 161,408| 10-Sep-2020| 08:08| Not applicable \nFilfefeffa72c0a131333c1a98e9bb695c0| Not applicable| 45,162| 10-Sep-2020| 08:10| Not applicable \nFilff7006991aa221e3c40687aae0081106| Not applicable| 3,184| 10-Sep-2020| 08:10| Not applicable \nFilteringconfigurationcommands.ps1| Not applicable| 18,299| 07-Jul-2021| 23:45| Not applicable \nGetucpool.ps1| Not applicable| 19,851| 07-Jul-2021| 23:45| Not applicable \nGetvalidengines.ps1| Not applicable| 13,350| 07-Jul-2021| 23:45| Not applicable \nGet_publicfoldermailboxsize.ps1| Not applicable| 15,102| 07-Jul-2021| 23:45| Not applicable \nImportedgeconfig.ps1| Not applicable| 77,324| 07-Jul-2021| 23:45| Not applicable \nImport_mailpublicfoldersformigration.ps1| Not applicable| 36,514| 07-Jul-2021| 23:45| Not applicable \nImport_retentiontags.ps1| Not applicable| 28,894| 07-Jul-2021| 23:45| Not applicable \nLpversioning.xml| Not applicable| 20,418| 07-Jul-2021| 23:44| Not applicable \nMerge_publicfoldermailbox.ps1| Not applicable| 45,400| 07-Jul-2021| 23:45| Not applicable \nMicrosoft.ceres.datalossprevention.dll.90160000_1164_0000_1000_1000000ff1ce| 16.0.1497.23| 873,992| 07-Jul-2021| 23:41| Not applicable \nMicrosoft.dkm.proxy.dll| 15.0.1497.23| 32,704| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.addressbook.service.dll| 15.0.1497.23| 218,576| 07-Jul-2021| 23:46| x86 \nMicrosoft.exchange.airsync.dll1| 15.0.1497.23| 1,676,288| 07-Jul-2021| 23:45| Not applicable \nMicrosoft.exchange.airsynchandler.dll| 15.0.1497.23| 59,392| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.anchorservice.dll| 15.0.1497.23| 137,688| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.antispamupdatesvc.exe| 15.0.1497.23| 27,624| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.approval.applications.dll| 15.0.1497.23| 53,208| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.assistants.dll| 15.0.1497.23| 339,416| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.auditlogsearchservicelet.dll| 15.0.1497.23| 70,616| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.authadminservicelet.dll| 15.0.1497.23| 36,312| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.authservicehostservicelet.dll| 15.0.1497.23| 15,832| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.autodiscover.dll| 15.0.1497.23| 360,408| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.autodiscoverv2.dll| 15.0.1497.23| 31,680| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.batchservice.dll| 15.0.1497.23| 33,200| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.certificatedeploymentservicelet.dll| 15.0.1497.23| 26,584| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.certificatenotificationservicelet.dll| 15.0.1497.23| 23,536| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.clients.common.dll| 15.0.1497.23| 165,320| 07-Jul-2021| 23:48| x86 \nMicrosoft.exchange.clients.owa.dll| 15.0.1497.23| 3,030,464| 07-Jul-2021| 23:48| x86 \nMicrosoft.exchange.clients.owa2.server.dll| 15.0.1497.23| 2,269,632| 07-Jul-2021| 23:48| x86 \nMicrosoft.exchange.clients.security.dll| 15.0.1497.23| 156,096| 07-Jul-2021| 23:48| x86 \nMicrosoft.exchange.cluster.common.extensions.dll| 15.0.1497.23| 22,464| 07-Jul-2021| 23:48| x86 \nMicrosoft.exchange.cluster.replay.dll| 15.0.1497.23| 2,698,688| 07-Jul-2021| 23:48| x86 \nMicrosoft.exchange.cluster.replicaseeder.dll| 15.0.1497.23| 107,968| 07-Jul-2021| 23:48| x64 \nMicrosoft.exchange.cluster.replicavsswriter.dll| 15.0.1497.23| 287,680| 07-Jul-2021| 23:48| x64 \nMicrosoft.exchange.cluster.shared.dll| 15.0.1497.23| 462,784| 07-Jul-2021| 23:48| x86 \nMicrosoft.exchange.common.diskmanagement.dll| 15.0.1497.23| 55,744| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.common.dll| 15.0.1497.23| 157,632| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.common.inference.dll| 15.0.1497.23| 39,360| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.compliance.dll| 15.0.1497.23| 85,440| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.compliance.taskdistributioncommon.dll| 15.0.1497.23| 173,032| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.compliance.taskdistributionfabric.dll| 15.0.1497.23| 74,704| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.compliance.taskplugins.dll| 15.0.1497.23| 25,552| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.compression.dll| 15.0.1497.23| 17,856| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.configuration.certificateauth.dll| 15.0.1497.23| 37,832| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.configuration.core.dll| 15.0.1497.23| 111,048| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.configuration.delegatedauth.dll| 15.0.1497.23| 53,712| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.configuration.diagnosticsmodules.dll| 15.0.1497.23| 24,024| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.configuration.failfast.dll| 15.0.1497.23| 55,272| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.configuration.objectmodel.dll| 15.0.1497.23| 1,455,080| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.configuration.redirectionmodule.dll| 15.0.1497.23| 71,656| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.dll| 15.0.1497.23| 21,456| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.connections.common.dll| 15.0.1497.23| 77,248| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.connections.eas.dll| 15.0.1497.23| 235,952| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.connections.imap.dll| 15.0.1497.23| 115,136| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.connections.pop.dll| 15.0.1497.23| 74,688| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.core.strings.dll| 15.0.1497.23| 599,488| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.data.applicationlogic.dll| 15.0.1497.23| 1,271,816| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.data.directory.dll| 15.0.1497.23| 6,639,112| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.data.dll| 15.0.1497.23| 1,378,808| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.data.groupmailboxaccesslayer.dll| 15.0.1497.23| 314,368| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.data.ha.dll| 15.0.1497.23| 82,440| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.data.imageanalysis.dll| 15.0.1497.23| 108,040| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.data.mapi.dll| 15.0.1497.23| 175,104| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.data.metering.contracts.dll| 15.0.1497.23| 31,240| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.data.metering.dll| 15.0.1497.23| 99,336| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.data.providers.dll| 15.0.1497.23| 141,312| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.data.storage.clientstrings.dll| 15.0.1497.23| 143,872| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.data.storage.dll| 15.0.1497.23| 8,145,928| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.data.throttlingservice.client.dll| 15.0.1497.23| 36,360| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.datacenterstrings.dll| 15.0.1497.23| 75,224| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.diagnostics.certificatelogger.dll| 15.0.1497.23| 22,960| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.diagnostics.dll| 15.0.1497.23| 1,934,784| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.diagnostics.performancelogger.dll| 15.0.1497.23| 24,008| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.diagnostics.service.common.dll| 15.0.1497.23| 321,968| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.diagnostics.service.exchangejobs.dll| 15.0.1497.23| 134,600| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.diagnostics.service.exe| 15.0.1497.23| 127,432| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.diagnosticsaggregationservicelet.dll| 15.0.1497.23| 50,648| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.directory.topologyservice.exe| 15.0.1497.23| 192,992| 07-Jul-2021| 23:46| x86 \nMicrosoft.exchange.dxstore.dll| 15.0.1497.23| 279,488| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.dxstore.ha.instance.exe| 15.0.1497.23| 20,928| 07-Jul-2021| 23:48| x86 \nMicrosoft.exchange.edgecredentialsvc.exe| 15.0.1497.23| 21,992| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.edgesync.common.dll| 15.0.1497.23| 153,552| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.edgesync.datacenterproviders.dll| 15.0.1497.23| 225,256| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.edgesyncsvc.exe| 15.0.1497.23| 98,256| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.ediscovery.export.dll| 15.0.1497.23| 1,126,376| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.ediscovery.export.dll.deploy| 15.0.1497.23| 1,126,376| 07-Jul-2021| 23:44| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.application| Not applicable| 16,490| 08-Jul-2021| 00:41| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.manifest| Not applicable| 67,554| 08-Jul-2021| 00:19| Not applicable \nMicrosoft.exchange.ediscovery.mailboxsearch.dll| 15.0.1497.23| 295,888| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.entities.birthdaycalendar.dll| 15.0.1497.23| 56,272| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.entities.calendaring.dll| 15.0.1497.23| 208,360| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.entities.common.dll| 15.0.1497.23| 155,088| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.entities.datamodel.dll| 15.0.1497.23| 137,168| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.entities.holidaycalendars.dll| 15.0.1497.23| 35,280| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.entities.people.dll| 15.0.1497.23| 37,328| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.eserepl.configuration.dll| 15.0.1497.23| 16,320| 07-Jul-2021| 23:48| x86 \nMicrosoft.exchange.eserepl.dll| 15.0.1497.23| 118,720| 07-Jul-2021| 23:48| x86 \nMicrosoft.exchange.exchangecertificateservicelet.dll| 15.0.1497.23| 37,336| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.extensibility.internal.dll| 15.0.1497.23| 560,104| 07-Jul-2021| 23:46| x86 \nMicrosoft.exchange.extensibility.partner.dll| 15.0.1497.23| 15,824| 07-Jul-2021| 23:46| x86 \nMicrosoft.exchange.federateddirectory.dll| 15.0.1497.23| 76,760| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.frontendhttpproxy.dll| 15.0.1497.23| 571,840| 07-Jul-2021| 23:48| x86 \nMicrosoft.exchange.hathirdpartyreplication.dll| 15.0.1497.23| 42,944| 07-Jul-2021| 23:48| x86 \nMicrosoft.exchange.helpprovider.dll| 15.0.1497.23| 39,416| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.httpproxy.addressfinder.dll| 15.0.1497.23| 31,168| 07-Jul-2021| 23:48| x86 \nMicrosoft.exchange.httpproxy.common.dll| 15.0.1497.23| 95,680| 07-Jul-2021| 23:48| x86 \nMicrosoft.exchange.httpproxy.diagnostics.dll| 15.0.1497.23| 35,264| 07-Jul-2021| 23:48| x86 \nMicrosoft.exchange.httpproxy.proxyassistant.dll| 15.0.1497.23| 17,856| 07-Jul-2021| 23:48| x86 \nMicrosoft.exchange.httpproxy.routerefresher.dll| 15.0.1497.23| 21,448| 07-Jul-2021| 23:48| x86 \nMicrosoft.exchange.httpproxy.routeselector.dll| 15.0.1497.23| 35,264| 07-Jul-2021| 23:48| x86 \nMicrosoft.exchange.httpproxy.routing.dll| 15.0.1497.23| 63,936| 07-Jul-2021| 23:48| x86 \nMicrosoft.exchange.httpredirectmodules.dll| 15.0.1497.23| 27,072| 07-Jul-2021| 23:48| x86 \nMicrosoft.exchange.httputilities.dll| 15.0.1497.23| 20,928| 07-Jul-2021| 23:48| x86 \nMicrosoft.exchange.hygiene.data.dll| 15.0.1497.23| 1,033,696| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.imap4.exe| 15.0.1497.23| 230,320| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.imap4.exe.fe| 15.0.1497.23| 230,320| 07-Jul-2021| 23:44| Not applicable \nMicrosoft.exchange.imap4service.exe| 15.0.1497.23| 25,024| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.imap4service.exe.fe| 15.0.1497.23| 25,024| 07-Jul-2021| 23:44| Not applicable \nMicrosoft.exchange.inference.common.dll| 15.0.1497.23| 71,680| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.inference.mdbcommon.dll| 15.0.1497.23| 75,776| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.inference.peoplerelevance.dll| 15.0.1497.23| 93,696| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.inference.pipeline.dll| 15.0.1497.23| 21,480| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.inference.ranking.dll| 15.0.1497.23| 19,448| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.infoworker.assistantsclientresources.dll| 15.0.1497.23| 35,328| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.infoworker.common.dll| 15.0.1497.23| 1,662,464| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.infoworker.meetingvalidator.dll| 15.0.1497.23| 164,352| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.jobqueueservicelet.dll| 15.0.1497.23| 84,952| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.live.domainservices.dll| 15.0.1497.23| 122,352| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oabdownloadlog.dll| 15.0.1497.23| 20,424| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.loganalyzer.extensions.oabdownloadlog.dll| 15.0.1497.23| 18,888| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.loguploader.dll| 15.0.1497.23| 159,680| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.loguploaderproxy.dll| 15.0.1497.23| 61,376| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.mailboxloadbalance.dll| 15.0.1497.23| 346,032| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.mailboxloadbalance.serverstrings.dll| 15.0.1497.23| 43,440| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.mailboxloadbalanceclient.dll| 15.0.1497.23| 24,504| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.mailboxreplicationservice.common.dll| 15.0.1497.23| 1,523,656| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.mailboxreplicationservice.dll| 15.0.1497.23| 639,424| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.mailboxreplicationservice.easprovider.dll| 15.0.1497.23| 106,432| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.mailboxreplicationservice.imapprovider.dll| 15.0.1497.23| 61,872| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.mailboxreplicationservice.mapiprovider.dll| 15.0.1497.23| 91,568| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.mailboxreplicationservice.popprovider.dll| 15.0.1497.23| 42,416| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyclient.dll| 15.0.1497.23| 121,776| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyservice.dll| 15.0.1497.23| 148,424| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.mailboxreplicationservice.pstprovider.dll| 15.0.1497.23| 82,352| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.mailboxreplicationservice.remoteprovider.dll| 15.0.1497.23| 72,624| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.mailboxreplicationservice.storageprovider.dll| 15.0.1497.23| 120,240| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.mailboxreplicationservice.upgrade14to15.dll| 15.0.1497.23| 276,424| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.mailboxtransport.storedrivercommon.dll| 15.0.1497.23| 140,248| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.dll| 15.0.1497.23| 517,104| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.dll| 15.0.1497.23| 191,960| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.management.compliancepolicy.dll| 15.0.1497.23| 38,872| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.management.controlpanel.dll| 15.0.1497.23| 6,405,544| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.management.controlpanel.owaoptionstrings.dll| 15.0.1497.23| 286,120| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.management.deployment.analysis.dll| 15.0.1497.23| 96,728| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.management.deployment.dll| 15.0.1497.23| 614,872| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.management.detailstemplates.dll| 15.0.1497.23| 70,072| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.management.dll| 15.0.1497.23| 19,303,408| 07-Jul-2021| 23:44| x64 \nMicrosoft.exchange.management.edge.systemmanager.dll| 15.0.1497.23| 60,840| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.management.mobility.dll| 15.0.1497.23| 306,648| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.management.powershell.support.dll| 15.0.1497.23| 229,336| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.management.psdirectinvoke.dll| 15.0.1497.23| 47,064| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.management.rbacdefinition.dll| 15.0.1497.23| 6,657,520| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.management.recipient.dll| 15.0.1497.23| 854,488| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.management.reportingwebservice.dll| 15.0.1497.23| 146,344| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.management.snapin.esm.dll| 15.0.1497.23| 73,144| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.management.systemmanager.dll| 15.0.1497.23| 1,273,768| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.management.transport.dll| 15.0.1497.23| 764,376| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.managementgui.dll| 15.0.1497.23| 5,352,360| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.mapihttpclient.dll| 15.0.1497.23| 115,136| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.mapihttphandler.dll| 15.0.1497.23| 192,488| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.messagesecurity.dll| 15.0.1497.23| 78,824| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.messagingpolicies.edgeagents.dll| 15.0.1497.23| 66,024| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.messagingpolicies.hygienerules.dll| 15.0.1497.23| 28,648| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.messagingpolicies.journalagent.dll| 15.0.1497.23| 173,032| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.messagingpolicies.redirectionagent.dll| 15.0.1497.23| 25,576| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.messagingpolicies.rmsvcagent.dll| 15.0.1497.23| 153,064| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.messagingpolicies.rules.dll| 15.0.1497.23| 309,736| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.messagingpolicies.transportruleagent.dll| 15.0.1497.23| 34,280| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.messagingpolicies.unjournalagent.dll| 15.0.1497.23| 98,784| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.migration.dll| 15.0.1497.23| 962,032| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.migrationmonitor.dll| 15.0.1497.23| 144,880| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.mobiledriver.dll| 15.0.1497.23| 139,256| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.monitoring.activemonitoring.local.components.dll| 15.0.1497.23| 3,922,944| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.monitoring.servicecontextprovider.dll| 15.0.1497.23| 20,480| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.net.dll| 15.0.1497.23| 4,034,504| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.notifications.broker.exe| 15.0.1497.23| 173,000| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.notifications.brokerapi.dll| 15.0.1497.23| 56,240| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.oabauthmodule.dll| 15.0.1497.23| 20,992| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.oabrequesthandler.dll| 15.0.1497.23| 73,216| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.photogarbagecollectionservicelet.dll| 15.0.1497.23| 15,320| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.pop3.exe| 15.0.1497.23| 92,616| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.pop3.exe.fe| 15.0.1497.23| 92,616| 07-Jul-2021| 23:44| Not applicable \nMicrosoft.exchange.pop3service.exe| 15.0.1497.23| 25,032| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.pop3service.exe.fe| 15.0.1497.23| 25,032| 07-Jul-2021| 23:44| Not applicable \nMicrosoft.exchange.popimap.core.dll| 15.0.1497.23| 209,864| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.popimap.core.dll.fe| 15.0.1497.23| 209,864| 07-Jul-2021| 23:44| Not applicable \nMicrosoft.exchange.powersharp.management.dll| 15.0.1497.23| 4,177,904| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.powershell.configuration.dll| 15.0.1497.23| 261,544| 07-Jul-2021| 23:45| x64 \nMicrosoft.exchange.powershell.rbachostingtools.dll| 15.0.1497.23| 41,384| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.protectedservicehost.exe| 15.0.1497.23| 29,144| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.protocols.fasttransfer.dll| 15.0.1497.23| 134,120| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.protocols.mapi.dll| 15.0.1497.23| 406,488| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.provisioningagent.dll| 15.0.1497.23| 228,312| 07-Jul-2021| 23:44| x64 \nMicrosoft.exchange.provisioningservicelet.dll| 15.0.1497.23| 80,880| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.pushnotifications.dll| 15.0.1497.23| 105,416| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.pushnotifications.publishers.dll| 15.0.1497.23| 408,008| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.pushnotifications.server.dll| 15.0.1497.23| 72,648| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.rpc.dll| 15.0.1497.23| 1,466,824| 07-Jul-2021| 23:49| x64 \nMicrosoft.exchange.rpcclientaccess.dll| 15.0.1497.23| 150,504| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.rpcclientaccess.exmonhandler.dll| 15.0.1497.23| 62,440| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.rpcclientaccess.handler.dll| 15.0.1497.23| 483,816| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.rpcclientaccess.monitoring.dll| 15.0.1497.23| 149,480| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.rpcclientaccess.parser.dll| 15.0.1497.23| 733,632| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.rpcclientaccess.server.dll| 15.0.1497.23| 207,848| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.rpcclientaccess.service.exe| 15.0.1497.23| 31,688| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.rpchttpmodules.dll| 15.0.1497.23| 41,448| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.dll| 15.0.1497.23| 51,160| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.rules.common.dll| 15.0.1497.23| 137,152| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.saclwatcherservicelet.dll| 15.0.1497.23| 20,440| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.search.core.dll| 15.0.1497.23| 290,248| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.search.engine.dll| 15.0.1497.23| 97,224| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.search.fast.dll| 15.0.1497.23| 329,160| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.search.mdb.dll| 15.0.1497.23| 175,048| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.search.query.dll| 15.0.1497.23| 95,176| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.search.service.exe| 15.0.1497.23| 29,128| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.security.dll| 15.0.1497.23| 804,352| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.security.msarpsservice.exe| 15.0.1497.23| 19,968| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.server.storage.admininterface.dll| 15.0.1497.23| 216,024| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.server.storage.common.dll| 15.0.1497.23| 413,144| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.server.storage.diagnostics.dll| 15.0.1497.23| 190,960| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.server.storage.directoryservices.dll| 15.0.1497.23| 95,704| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.server.storage.esebackinterop.dll| 15.0.1497.23| 82,904| 07-Jul-2021| 23:44| x64 \nMicrosoft.exchange.server.storage.fulltextindex.dll| 15.0.1497.23| 67,056| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.server.storage.ha.dll| 15.0.1497.23| 82,392| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.server.storage.lazyindexing.dll| 15.0.1497.23| 190,936| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.server.storage.logicaldatamodel.dll| 15.0.1497.23| 822,744| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.server.storage.mapidisp.dll| 15.0.1497.23| 426,968| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.server.storage.multimailboxsearch.dll| 15.0.1497.23| 48,088| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.server.storage.physicalaccess.dll| 15.0.1497.23| 561,112| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.server.storage.propertydefinitions.dll| 15.0.1497.23| 784,856| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.server.storage.propertytag.dll| 15.0.1497.23| 30,680| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.server.storage.rpcproxy.dll| 15.0.1497.23| 118,744| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.server.storage.storecommonservices.dll| 15.0.1497.23| 738,264| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.server.storage.storeintegritycheck.dll| 15.0.1497.23| 93,144| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.server.storage.workermanager.dll| 15.0.1497.23| 34,800| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.servicehost.exe| 15.0.1497.23| 54,744| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.dll| 15.0.1497.23| 49,136| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.services.dll| 15.0.1497.23| 7,786,480| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.services.onlinemeetings.dll| 15.0.1497.23| 214,528| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.setup.acquirelanguagepack.dll| 15.0.1497.23| 58,880| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.setup.bootstrapper.common.dll| 15.0.1497.23| 84,992| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.setup.common.dll| 15.0.1497.23| 308,224| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.setup.commonbase.dll| 15.0.1497.23| 35,832| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.setup.console.dll| 15.0.1497.23| 27,648| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.setup.gui.dll| 15.0.1497.23| 120,832| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.setup.parser.dll| 15.0.1497.23| 54,272| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.sharedcache.client.dll| 15.0.1497.23| 22,976| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.sharedcache.exe| 15.0.1497.23| 56,824| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.sharepointsignalstore.dll| 15.0.1497.23| 29,632| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.sqm.dll| 15.0.1497.23| 48,064| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.store.service.exe| 15.0.1497.23| 25,072| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.store.worker.exe| 15.0.1497.23| 26,592| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.storedriver.dll| 15.0.1497.23| 77,296| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.storeprovider.dll| 15.0.1497.23| 998,392| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.syncmigrationservicelet.dll| 15.0.1497.23| 15,832| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.textprocessing.dll| 15.0.1497.23| 151,488| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.transport.agent.addressbookpolicyroutingagent.dll| 15.0.1497.23| 24,592| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.transport.agent.antispam.common.dll| 15.0.1497.23| 96,272| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.transport.agent.contentfilter.cominterop.dll| 15.0.1497.23| 22,544| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.transport.agent.frontendproxyagent.dll| 15.0.1497.23| 20,496| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.transport.agent.hygiene.dll| 15.0.1497.23| 217,104| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.transport.agent.interceptoragent.dll| 15.0.1497.23| 103,952| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.transport.agent.liveidauth.dll| 15.0.1497.23| 17,936| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.transport.agent.malware.dll| 15.0.1497.23| 133,088| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.transport.agent.phishingdetection.dll| 15.0.1497.23| 21,520| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.transport.agent.prioritization.dll| 15.0.1497.23| 29,712| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.transport.agent.protocolanalysis.dbaccess.dll| 15.0.1497.23| 48,144| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.transport.agent.search.dll| 15.0.1497.23| 30,216| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.transport.agent.senderid.core.dll| 15.0.1497.23| 54,288| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.transport.agent.sharedmailboxsentitemsroutingagent.dll| 15.0.1497.23| 28,648| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.transport.agent.systemprobedrop.dll| 15.0.1497.23| 17,936| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.transport.agent.trustedmailagents.dll| 15.0.1497.23| 45,072| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.transport.common.dll| 15.0.1497.23| 39,416| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.transport.dll| 15.0.1497.23| 3,539,960| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.transport.logging.search.dll| 15.0.1497.23| 73,720| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.transport.loggingcommon.dll| 15.0.1497.23| 59,896| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.transport.scheduler.contracts.dll| 15.0.1497.23| 21,496| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.transport.scheduler.dll| 15.0.1497.23| 61,944| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.transport.storage.contracts.dll| 15.0.1497.23| 27,640| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.transport.storage.dll| 15.0.1497.23| 35,320| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.transport.sync.agents.dll| 15.0.1497.23| 17,904| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.transport.sync.common.dll| 15.0.1497.23| 515,584| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.transport.sync.manager.dll| 15.0.1497.23| 316,920| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.transport.sync.migrationrpc.dll| 15.0.1497.23| 47,104| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.transport.sync.worker.dll| 15.0.1497.23| 1,079,800| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.transportsyncmanagersvc.exe| 15.0.1497.23| 18,424| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.um.callrouter.exe| 15.0.1497.23| 22,528| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.um.clientstrings.dll| 15.0.1497.23| 63,464| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.um.ucmaplatform.dll| 15.0.1497.23| 244,712| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.um.umcommon.dll| 15.0.1497.23| 967,168| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.um.umcore.dll| 15.0.1497.23| 1,515,520| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.unifiedcontent.dll| 15.0.1497.23| 40,448| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.unifiedcontent.exchange.dll| 15.0.1497.23| 23,040| 07-Jul-2021| 23:45| x86 \nMicrosoft.exchange.unifiedpolicysyncservicelet.dll| 15.0.1497.23| 38,888| 07-Jul-2021| 23:44| x86 \nMicrosoft.exchange.variantconfiguration.dll| 15.0.1497.23| 761,792| 07-Jul-2021| 23:49| x86 \nMicrosoft.exchange.workloadmanagement.dll| 15.0.1497.23| 193,528| 07-Jul-2021| 23:41| x86 \nMicrosoft.filtering.exchange.dll| 15.0.1497.23| 47,584| 07-Jul-2021| 23:45| x86 \nMicrosoft.forefront.activedirectoryconnector.dll| 15.0.1497.23| 47,072| 07-Jul-2021| 23:45| x86 \nMicrosoft.forefront.management.powershell.format.ps1xml| Not applicable| 23,730| 07-Jul-2021| 23:44| Not applicable \nMicrosoft.forefront.management.powershell.types.ps1xml| Not applicable| 16,361| 07-Jul-2021| 23:44| Not applicable \nMicrosoft.forefront.monitoring.activemonitoring.local.components.dll| 15.0.1497.23| 1,170,960| 07-Jul-2021| 23:45| x86 \nMicrosoft.forefront.monitoring.management.outsidein.dll| 15.0.1497.23| 31,232| 07-Jul-2021| 23:45| x86 \nMicrosoft.forefront.reporting.common.dll| 15.0.1497.23| 42,464| 07-Jul-2021| 23:45| x86 \nMicrosoft.forefront.reporting.ondemandquery.dll| 15.0.1497.23| 37,856| 07-Jul-2021| 23:45| x86 \nMicrosoft.isam.esent.interop.dll| 15.0.1497.23| 473,568| 07-Jul-2021| 23:45| x86 \nMicrosoft.office.compliancepolicy.exchange.dar.dll| 15.0.1497.23| 80,360| 07-Jul-2021| 23:44| x86 \nMicrosoft.office.compliancepolicy.platform.dll| 15.0.1497.23| 1,244,096| 07-Jul-2021| 23:49| x86 \nMicrosoft.office.datacenter.activemonitoring.management.common.dll| 15.0.1497.23| 51,712| 07-Jul-2021| 23:44| x86 \nMicrosoft.office.datacenter.activemonitoring.management.dll| 15.0.1497.23| 28,160| 07-Jul-2021| 23:45| x86 \nMicrosoft.office.datacenter.activemonitoringlocal.dll| 15.0.1497.23| 544,704| 07-Jul-2021| 23:49| x86 \nMicrosoft.office.datacenter.monitoring.activemonitoring.recovery.dll| 15.0.1497.23| 166,400| 07-Jul-2021| 23:45| x86 \nMicrosoft.office.datacenter.workertaskframeworkinternalprovider.dll| 15.0.1497.23| 252,352| 07-Jul-2021| 23:49| x86 \nMigrateumcustomprompts.ps1| Not applicable| 19,186| 07-Jul-2021| 23:45| Not applicable \nMovemailbox.ps1| Not applicable| 61,268| 07-Jul-2021| 23:45| Not applicable \nMovetransportdatabase.ps1| Not applicable| 30,666| 07-Jul-2021| 23:45| Not applicable \nMove_publicfolderbranch.ps1| Not applicable| 35,194| 07-Jul-2021| 23:45| Not applicable \nMsexchangedagmgmt.exe| 15.0.1497.23| 22,976| 07-Jul-2021| 23:48| x86 \nMsexchangedelivery.exe| 15.0.1497.23| 31,720| 07-Jul-2021| 23:44| x86 \nMsexchangefrontendtransport.exe| 15.0.1497.23| 25,592| 07-Jul-2021| 23:45| x86 \nMsexchangehmhost.exe| 15.0.1497.23| 25,600| 07-Jul-2021| 23:45| x86 \nMsexchangehmworker.exe| 15.0.1497.23| 34,816| 07-Jul-2021| 23:45| x86 \nMsexchangemailboxassistants.exe| 15.0.1497.23| 2,391,512| 07-Jul-2021| 23:44| x86 \nMsexchangemailboxreplication.exe| 15.0.1497.23| 20,400| 07-Jul-2021| 23:44| x86 \nMsexchangemigrationworkflow.exe| 15.0.1497.23| 46,000| 07-Jul-2021| 23:44| x86 \nMsexchangerepl.exe| 15.0.1497.23| 65,984| 07-Jul-2021| 23:48| x86 \nMsexchangesubmission.exe| 15.0.1497.23| 61,912| 07-Jul-2021| 23:44| x86 \nMsexchangethrottling.exe| 15.0.1497.23| 40,456| 07-Jul-2021| 23:45| x86 \nMsexchangetransport.exe| 15.0.1497.23| 77,304| 07-Jul-2021| 23:45| x86 \nMsexchangetransportlogsearch.exe| 15.0.1497.23| 143,352| 07-Jul-2021| 23:45| x86 \nMspatchlinterop.dll| 15.0.1497.23| 53,680| 07-Jul-2021| 23:44| x64 \nNewtestcasconnectivityuser.ps1| Not applicable| 22,328| 07-Jul-2021| 23:45| Not applicable \nNewtestcasconnectivityuserhosting.ps1| Not applicable| 24,643| 07-Jul-2021| 23:45| Not applicable \nOwaauth.dll| 15.0.1497.23| 91,568| 07-Jul-2021| 23:44| x64 \nPostexchange2000_schema99.ldf| Not applicable| 6,495| 07-Jul-2021| 19:16| Not applicable \nPostexchange2003_schema99.ldf| Not applicable| 41,776| 07-Jul-2021| 19:16| Not applicable \nPostwindows2003_schema99.ldf| Not applicable| 5,544| 07-Jul-2021| 19:16| Not applicable \nPowershell.rbachostingtools.dll_1bf4f3e363ef418781685d1a60da11c1| 15.0.1497.23| 41,384| 07-Jul-2021| 23:45| Not applicable \nPreparemoverequesthosting.ps1| Not applicable| 71,059| 07-Jul-2021| 23:45| Not applicable \nPrepare_moverequest.ps1| Not applicable| 73,293| 07-Jul-2021| 23:45| Not applicable \nPublicfoldertomailboxmapgenerator.ps1| Not applicable| 46,538| 07-Jul-2021| 23:45| Not applicable \nReinstalldefaulttransportagents.ps1| Not applicable| 20,800| 07-Jul-2021| 23:45| Not applicable \nRemoteexchange.ps1| Not applicable| 21,845| 07-Jul-2021| 23:44| Not applicable \nRemoveuserfrompfrecursive.ps1| Not applicable| 14,795| 07-Jul-2021| 23:45| Not applicable \nReplaceuserpermissiononpfrecursive.ps1| Not applicable| 15,111| 07-Jul-2021| 23:45| Not applicable \nReplaceuserwithuseronpfrecursive.ps1| Not applicable| 15,125| 07-Jul-2021| 23:45| Not applicable \nResetattachmentfilterentry.ps1| Not applicable| 15,540| 07-Jul-2021| 23:45| Not applicable \nResetcasservice.ps1| Not applicable| 21,771| 07-Jul-2021| 23:45| Not applicable \nRightsmanagementwrapper.dll| 15.0.1497.23| 79,280| 07-Jul-2021| 23:45| x64 \nRollalternateserviceaccountpassword.ps1| Not applicable| 55,850| 07-Jul-2021| 23:45| Not applicable \nRpcproxyshim.dll| 15.0.1497.23| 40,368| 07-Jul-2021| 23:45| x64 \nRwsperfcounters.xml| Not applicable| 22,996| 07-Jul-2021| 23:44| Not applicable \nSchema99.ldf| Not applicable| 26,237| 07-Jul-2021| 19:16| Not applicable \nSchemaadam.ldf| Not applicable| 348,383| 07-Jul-2021| 19:16| Not applicable \nSchemaversion.ldf| Not applicable| 1,905| 07-Jul-2021| 19:16| Not applicable \nSearchdiagnosticinfo.ps1| Not applicable| 16,876| 07-Jul-2021| 23:45| Not applicable \nSetup.exe| 15.0.1497.23| 20,992| 07-Jul-2021| 23:45| x86 \nSetupui.exe| 15.0.1497.23| 49,152| 07-Jul-2021| 23:45| x86 \nSplit_publicfoldermailbox.ps1| Not applicable| 104,500| 07-Jul-2021| 23:45| Not applicable \nStoretsconstants.ps1| Not applicable| 15,894| 07-Jul-2021| 23:45| Not applicable \nStoretslibrary.ps1| Not applicable| 28,067| 07-Jul-2021| 23:45| Not applicable \nTranscodingservice.exe| 15.0.1497.23| 124,336| 07-Jul-2021| 23:45| x64 \nTroubleshoot_ci.ps1| Not applicable| 22,791| 07-Jul-2021| 23:45| Not applicable \nTroubleshoot_databaselatency.ps1| Not applicable| 33,497| 07-Jul-2021| 23:45| Not applicable \nTroubleshoot_databasespace.ps1| Not applicable| 30,093| 07-Jul-2021| 23:45| Not applicable \nUglobal.js| Not applicable| 866,860| 07-Jul-2021| 23:01| Not applicable \nUmservice.exe| 15.0.1497.23| 102,888| 07-Jul-2021| 23:44| x86 \nUmworkerprocess.exe| 15.0.1497.23| 38,400| 07-Jul-2021| 23:44| x86 \nUpdateapppoolmanagedframeworkversion.ps1| Not applicable| 14,094| 07-Jul-2021| 23:45| Not applicable \nUpdate_malwarefilteringserver.ps1| Not applicable| 18,587| 07-Jul-2021| 23:45| Not applicable \nWeb.config_053c31bdd6824e95b35d61b0a5e7b62d| Not applicable| 30,135| 07-Jul-2021| 23:06| Not applicable \nWsbexchange.exe| 15.0.1497.23| 124,848| 07-Jul-2021| 23:45| x64 \n_search.mailboxoperators.a| 15.0.1497.23| 130,504| 07-Jul-2021| 23:44| Not applicable \n_search.mailboxoperators.b| 15.0.1497.23| 130,504| 07-Jul-2021| 23:44| Not applicable \n_search.tokenoperators.a| 15.0.1497.23| 80,320| 07-Jul-2021| 23:44| Not applicable \n_search.tokenoperators.b| 15.0.1497.23| 80,320| 07-Jul-2021| 23:44| Not applicable \n_search.transportoperators.a| 15.0.1497.23| 43,976| 07-Jul-2021| 23:44| Not applicable \n_search.transportoperators.b| 15.0.1497.23| 43,976| 07-Jul-2021| 23:44| Not applicable \n \n## Information about protection and security\n\nProtect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151>)Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-07-13T00:00:00", "type": "mskb", "title": "Description of the security update for Microsoft Exchange Server 2013: July 13, 2021 (KB5004778)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.9, "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31196", "CVE-2021-31206", "CVE-2021-34470"], "modified": "2021-07-13T00:00:00", "id": "KB5004778", "href": "https://support.microsoft.com/en-us/help/5004778", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-28T09:54:23", "description": "None\n**Important: **This regularly scheduled cumulative update contains all the security fixes of the security updates in June and other previous security updates..\n\nCumulative Update 21 for Microsoft Exchange Server 2016 was released on June 29, 2021. This cumulative update includes fixes for nonsecurity issues and all previously released fixes for security and nonsecurity issues. These fixes will also be included in later [cumulative updates for Exchange Server 2016](<https://docs.microsoft.com/Exchange/new-features/build-numbers-and-release-dates>).\n\nThis update also includes new daylight saving time (DST) updates for Exchange Server 2016. For more information about DST, see [Daylight Saving Time Help and Support Center](<https://docs.microsoft.com/troubleshoot/windows-client/system-management-components/daylight-saving-time-help-support>).\n\n## New feature in this cumulative update\n\nMicrosoft Exchange Server 2016 now supports integration with Windows Antimalware Scan Interface (AMSI). This feature enables an AMSI-capable antivirus or antimalware solution to scan content in HTTP requests that're sent to the Exchange Server. Additionally, it will block a malicious request before it's handled by Exchange. For more details, see [More about AMSI integration with Exchange Server](<https://techcommunity.microsoft.com/t5/exchange-team-blog/more-about-amsi-integration-with-exchange-server/ba-p/2572371>).\n\n## Known issues in this cumulative update\n\n * In multidomain Active Directory forests in which Exchange is installed or has been prepared previously by using the **/PrepareDomain** option in Setup, this action must be completed after the **/PrepareAD** command for this cumulative update has been completed and the changes are replicated to all domains. Setup will try to run the **/PrepareAD** command during the first server installation. Installation will finish only if the user who initiated Setup has the appropriate permissions.\n * **About the /PrepareDomain operation in multidomain:** \n \nThe **/PrepareDomain** operation automatically runs in the Active Directory domain in which the **/PrepareAD **command is run. However, it may be unable to update other domains in the forest. Therefore, a domain administrator should run the **/PrepareDomain** in other domains in the forest.\n * **About the permission question:** \n \nBecause the **/PrepareAD** is triggered in Setup, if the user who initiates Setup isn't a member of Schema Admins and Enterprise Admins, the readiness check will fail, and you receive the following error messages.**Error 1:**\n\nThe Active Directory schema isn't up-to-date, and this user account isn't a member of the 'Schema Admins' and/or 'Enterprise Admins' groups. For more informaion, visit: <http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setipreadiness.SchemaUpdateRequired.aspx>.\n\n \n**Error 2:**\n\nGlobal updates need to be made to Active Directory, and this user account isn't a member of the 'Enterprise Admins'group. For more information, visit: <http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.GlobalUpdateRequred.aspx>.\n\n \nTo avoid the errors, either the user should join Schema Admins and Enterprise Admins groups or another user in Schema Admins and Enterprise Admins groups should manually run **/PrepareAD** for this Cumulative Update first. Then, the Exchange admin user can start Setup.\n * Autodiscover Event ID 1 occurs after you install Cumulative Update 14 for Exchange Server 2016. For more information, see KB 4532190.\n * \"500 Unexpected Error\" when trying to create a user mailbox in ECP. For more information, see KB 5001874.\n * \"Cannot Send Mail - Your mailbox is full\" error when you use iPhone mail to send very large attachments. For more information, see [KB 5004622](<https://support.microsoft.com/help/5004622>).\n\n## Issues that this cumulative update fixes\n\nThis cumulative update also fixes the issues that are described in the following Microsoft Knowledge Base articles:\n\n * [5004612](<https://support.microsoft.com/help/5004612>) Message body not displayed in OWA if the message was added in Outlook to a new mailbox\n * [5004613](<https://support.microsoft.com/help/5004613>) OutOfMemory exception when moving a public folder that has a large ICS sync state\n * [5004614](<https://support.microsoft.com/help/5004614>) Korean text is garbled in calendar invitation to a user with a Chinese display name\n * [5004615](<https://support.microsoft.com/help/5004615>) \"InvalidOperationException\" and Store Worker process crashes during mailbox move\n * [5004616](<https://support.microsoft.com/help/5004616>) Changing the email address in EAC doesn't work in modern browsers\n * [5004618](<https://support.microsoft.com/help/5004618>) MSExchangeMailboxAssistants 4999 Crash in ELCAssistant.InvokeInternalAssistant with System.NullReferenceException\n * [5004619](<https://support.microsoft.com/help/5004619>) Mailbox creation through ECP fails after installing Exchange Server 2019 or 2016 April update\n * [5004629](<https://support.microsoft.com/help/5004629>) No version updating after you install Exchange Server 2016\n\n## Get Cumulative Update 21 for Exchange Server 2016\n\n### Download Center\n\n![Download](https://support.content.office.net/en-us/media/dea9ad89-e39c-09ee-0d36-67beddb48e26.png)[Download Cumulative Update 21 for Exchange Server 2016 (KB5003611) now](<https://www.microsoft.com/download/details.aspx?FamilyID=88e4107e-a9a6-4847-959d-98e6e5d46f4a>)![Download](https://support.content.office.net/en-us/media/dea9ad89-e39c-09ee-0d36-67beddb48e26.png)[Download Exchange Server 2016 CU 21 UM Language Packs now](<https://www.microsoft.com/download/details.aspx?FamilyID=34d3b97f-2e82-481a-a0ab-70d6cfcfdbbe>) \n**Notes**\n\n * The Cumulative Update 21 package can be used to run a new installation of Exchange Server 2016 or to upgrade an existing Exchange Server 2016 installation to Cumulative Update 21.\n * You don't have to install any previously released Exchange Server 2016 cumulative updates or service packs before you install Cumulative Update 21.\n\n## Cumulative update information\n\n### Prerequisites\n\nThis cumulative update requires Microsoft .NET Framework 4.8.A component that's used within Exchange Server requires a new Visual C++ component to be installed together with Exchange Server. This prerequisite can be downloaded at [Visual C++ Redistributable Packages for Visual Studio 2013](<https://www.microsoft.com/download/details.aspx?id=40784>). For more information, see [KB 4295081](<https://support.microsoft.com/help/4295081>).For more information about the prerequisites to set up Exchange Server 2016, see [Exchange Server 2016 prerequisites](<https://docs.microsoft.com/Exchange/plan-and-deploy/prerequisites>).\n\n### Restart requirement\n\nYou may have to restart the computer after you apply this cumulative update package.\n\n### Registry information\n\nYou don't have to make any changes to the registry after you apply this cumulative update package.\n\n### Removal information\n\nAfter you install this cumulative update package, you can't uninstall the package to revert to an earlier version of Exchange Server 2016. If you uninstall this cumulative update package, Exchange Server 2016 is removed from the server.\n\n## File information\n\n### File hash information\n\nFile name| SHA256 hash \n---|--- \nExchangeServer2016-x64-cu21.iso| 403EFE9589709461FCC09B332894C4ED1F0D93414D9DBDCED1A0967727C47063 \n \n## More information\n\nFor more information about the deployment of Exchange Server 2016, see [Release notes for Exchange Server 2016](<https://docs.microsoft.com/Exchange/release-notes>). \n \nFor more information about the coexistence of Exchange Server 2016 and earlier versions of Exchange Server in the same environment, see [Exchange Server 2016 system requirements](<https://docs.microsoft.com/Exchange/plan-and-deploy/system-requirements>). \n \nFor more information about other Exchange updates, see [Exchange Server Updates: Build numbers and release dates](<https://docs.microsoft.com/Exchange/new-features/build-numbers-and-release-dates>).\n\n## References\n\nLearn about the terminology that Microsoft uses to describe software updates.\n\n## Change history\n\nThe following table summarizes some of the most important changes to this topic.Date| Description \n---|--- \nAugust 30, 2021| Added a \"New feature in this cumulative update\" section.\n", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-30T00:00:00", "type": "mskb", "title": "Cumulative Update 21 for Exchange Server 2016 (KB5003611)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 5.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.2, "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-34470"], "modified": "2021-08-30T00:00:00", "id": "KB5003611", "href": "https://support.microsoft.com/en-us/help/5003611", "cvss": {"score": 5.2, "vector": "AV:A/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-11-28T09:54:23", "description": "None\n**Important: **This regularly scheduled cumulative update contains all the security fixes of the security updates in June and other previous security updates..\n\nCumulative Update 10 for Microsoft Exchange Server 2019 was released on June 29, 2021. It includes fixes for nonsecurity issues and all previously released fixes for security and nonsecurity issues. These fixes will also be included in later [cumulative updates for Exchange Server 2019](<https://docs.microsoft.com/Exchange/new-features/build-numbers-and-release-dates>). \n\nThis update also includes new daylight saving time (DST) updates for Exchange Server 2019. For more information about DST, see [Daylight Saving Time Help and Support Center](<https://docs.microsoft.com/troubleshoot/windows-client/system-management-components/daylight-saving-time-help-support>).\n\n## New feature in this cumulative update\n\nMicrosoft Exchange Server 2019 now supports integration with Windows Antimalware Scan Interface (AMSI). This feature enables an AMSI-capable antivirus or antimalware solution to scan content in HTTP requests that're sent to the Exchange Server. Additionally, it will block a malicious request before it's handled by Exchange. For more details, see [More about AMSI integration with Exchange Server](<https://techcommunity.microsoft.com/t5/exchange-team-blog/more-about-amsi-integration-with-exchange-server/ba-p/2572371>).\n\n## Known issues in this cumulative update\n\n * In multidomain Active Directory forests in which Exchange is installed or was prepared previously by using the **/PrepareDomain** option in Setup, this action must be completed after the **/PrepareAD** command for this cumulative update has been completed and the changes are replicated to all domains. Setup will try to run the **/PrepareAD** command during the first server installation. Installation will finish only if the user who initiated Setup has the appropriate permissions.\n * **About the /PrepareDomain operation in multidomain:** \n \nThe **/PrepareDomain** operation automatically runs in the Active Directory domain in which the **/PrepareAD **command is run. However, it may be unable to update other domains in the forest. Therefore, a domain administrator should run the **/PrepareDomain** in other domains in the forest.\n * **About the permission question:** \n \nBecause **/PrepareAD** is triggered in Setup, if the user who initiates Setup isn't a member of Schema Admins and Enterprise Admins, the readiness check will fail and you receive the following error messages.**Error 1:**\n\nThe Active Directory schema isn't up-to-date, and this user account isn't a member of the 'Schema Admins' and/or 'Enterprise Admins' groups. For more informaion, visit: <http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setipreadiness.SchemaUpdateRequired.aspx>.\n\n \n**Error 2:**\n\nGlobal updates need to be made to Active Directory, and this user account isn't a member of the 'Enterprise Admins'group. For more information, visit: <http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.GlobalUpdateRequred.aspx>.\n\n * Autodiscover Event ID 1 occurs after you install Cumulative Update 3 for Exchange Server 2019. For more information, see KB 4532190.\n * \"500 Unexpected Error\" when trying to create a user mailbox in ECP. For more information, see KB 5001874.\n * \"Cannot Send Mail - Your mailbox is full\" error when you use iPhone mail to send very large attachments. For more information, see [KB 5004622](<https://support.microsoft.com/help/5004622>).\n\n## Issues that this cumulative update fixes\n\nThis cumulative update also fixes the issues that are described in the following Microsoft Knowledge Base articles:\n\n * [5004612](<https://support.microsoft.com/help/5004612>) Message body not displayed in OWA if the message was added in Outlook to a new mailbox\n * [5004613](<https://support.microsoft.com/help/5004613>) OutOfMemory exception when moving a public folder that has a large ICS sync state\n * [5004614](<https://support.microsoft.com/help/5004614>) Korean text is garbled in calendar invitation to a user with a Chinese display name\n * [5004615](<https://support.microsoft.com/help/5004615>) \"InvalidOperationException\" and Store Worker process crashes during mailbox move\n * [5004616](<https://support.microsoft.com/help/5004616>) Changing the email address in EAC doesn't work in modern browsers\n * [5004617](<https://support.microsoft.com/help/5004617>) TLS 1.2 is not set as default after you install Exchange 2019 with Edge Transport role\n * [5004618](<https://support.microsoft.com/help/5004618>) MSExchangeMailboxAssistants 4999 Crash in ELCAssistant.InvokeInternalAssistant with System.NullReferenceException\n * [5004619](<https://support.microsoft.com/help/5004619>) Mailbox creation through ECP fails after installing Exchange Server 2019 or 2016 April update\n\n## Get Cumulative Update 10 for Exchange Server 2019\n\n### Volume Licensing Center\n\nTo get Cumulative Update 10 for Exchange Server 2019, go to [Microsoft Volume Licensing Center](<https://www.microsoft.com/Licensing/servicecenter/default.aspx>).**Note** The Cumulative Update 10 package can be used to run a new installation of Exchange Server 2019 or to upgrade an existing Exchange Server 2019 installation to Cumulative Update 10.\n\n## Cumulative update information\n\n### Prerequisites\n\nThis cumulative update requires Microsoft .NET Framework 4.8.A component that's used within Exchange Server requires a new Visual C++ component to be installed together with Exchange Server. This prerequisite can be downloaded at [Visual C++ Redistributable Package for Visual Studio 2012](<https://www.microsoft.com/download/details.aspx?id=30679>).For more information about the prerequisites to set up Exchange Server 2019, see [Exchange 2019 prerequisites](<https://docs.microsoft.com/Exchange/plan-and-deploy/prerequisites>).\n\n### Restart requirement\n\nYou might have to restart the computer after you apply this cumulative update package.\n\n### Registry information\n\nYou don't have to make any changes to the registry after you apply this cumulative update package.\n\n### Removal information\n\nAfter you install this cumulative update package, you can't uninstall the package to revert to an earlier version of Exchange Server 2019. If you uninstall this cumulative update package, Exchange Server 2019 is removed from the server.\n\n## File information\n\n### File hash information\n\nFile name| SHA256 hash \n---|--- \nExchangeServer2019-x64-cu10.iso| A5ABE84FDF53750D631CB4064CAE5E84C293EAD8B94367826925B90BEE6C1EAF \n \n## More information\n\nFor more information about the deployment of Exchange Server 2019, see [Release notes for Exchange Server 2019](<https://docs.microsoft.com/Exchange/release-notes>). \n \nFor more information about the coexistence of Exchange Server 2019 and earlier versions of Exchange Server in the same environment, see [Exchange Server 2019 system requirements](<https://docs.microsoft.com/Exchange/plan-and-deploy/system-requirements>). \n \nFor more information about other Exchange updates, see [Exchange Server Updates: Build numbers and release dates](<https://docs.microsoft.com/Exchange/new-features/build-numbers-and-release-dates>).\n\n## References\n\nLearn about the terminology that Microsoft uses to describe software updates.\n\n## Change history\n\nThe following table summarizes some of the most important changes to this topic.Date| Description \n---|--- \nAugust 30, 2021| Added a \"New feature in this cumulative update\" section.\n", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-30T00:00:00", "type": "mskb", "title": "Cumulative Update 10 for Exchange Server 2019 (KB5003612)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 5.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.2, "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-34470"], "modified": "2021-08-30T00:00:00", "id": "KB5003612", "href": "https://support.microsoft.com/en-us/help/5003612", "cvss": {"score": 5.2, "vector": "AV:A/AC:L/Au:S/C:P/I:P/A:P"}}], "prion": [{"lastseen": "2023-11-22T00:49:02", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31206, CVE-2021-34473.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-14T18:15:00", "type": "prion", "title": "Remote code execution", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31196", "CVE-2021-31206", "CVE-2021-34473"], "modified": "2021-07-17T03:31:00", "id": "PRION:CVE-2021-31196", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2021-31196", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T00:53:29", "description": "Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33768, CVE-2021-34470.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-14T18:15:00", "type": "prion", "title": "Privilege escalation", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33768", "CVE-2021-34470", "CVE-2021-34523"], "modified": "2022-07-12T17:42:00", "id": "PRION:CVE-2021-34523", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2021-34523", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T00:52:35", "description": "Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-34470, CVE-2021-34523.", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-14T18:15:00", "type": "prion", "title": "Privilege escalation", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 5.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.2, "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33768", "CVE-2021-34470", "CVE-2021-34523"], "modified": "2022-05-03T16:04:00", "id": "PRION:CVE-2021-33768", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2021-33768", "cvss": {"score": 5.2, "vector": "AV:A/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T00:53:23", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31196, CVE-2021-31206.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-14T18:15:00", "type": "prion", "title": "Remote code execution", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31196", "CVE-2021-31206", "CVE-2021-34473"], "modified": "2022-07-12T17:42:00", "id": "PRION:CVE-2021-34473", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2021-34473", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T00:49:03", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31196, CVE-2021-34473.", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-07-14T18:15:00", "type": "prion", "title": "Remote code execution", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.9, "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31196", "CVE-2021-31206", "CVE-2021-34473"], "modified": "2021-09-20T12:20:00", "id": "PRION:CVE-2021-31206", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2021-31206", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T00:53:23", "description": "Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33768, CVE-2021-34523.", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-14T18:15:00", "type": "prion", "title": "Privilege escalation", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 5.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.2, "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33768", "CVE-2021-34470", "CVE-2021-34523"], "modified": "2022-07-12T17:42:00", "id": "PRION:CVE-2021-34470", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2021-34470", "cvss": {"score": 5.2, "vector": "AV:A/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T00:53:52", "description": "A vulnerability in the Universal Plug-and-Play (UPnP) service of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of incoming UPnP traffic. An attacker could exploit this vulnerability by sending a crafted UPnP request to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a DoS condition. Cisco has not released software updates that address this vulnerability.", "cvss3": {"cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2021-08-18T20:15:00", "type": "prion", "title": "Input validation", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-34730"], "modified": "2022-10-27T12:46:00", "id": "PRION:CVE-2021-34730", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2021-34730", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T01:47:29", "description": "Improper access control in Citrix XenMobile Server 10.12 before RP2, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.10 before RP6 and Citrix XenMobile Server before 10.9 RP5 and leads to the ability to read arbitrary files.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-08-17T16:15:00", "type": "prion", "title": "Improper access control", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8209"], "modified": "2020-08-20T15:41:00", "id": "PRION:CVE-2020-8209", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2020-8209", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-11-22T00:49:04", "description": "Microsoft Exchange Server Security Feature Bypass Vulnerability", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-11T19:15:00", "type": "prion", "title": "Security feature bypass", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31207"], "modified": "2023-08-08T14:21:00", "id": "PRION:CVE-2021-31207", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2021-31207", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T02:09:34", "description": "An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-12-27T14:15:00", "type": "prion", "title": "Directory traversal", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19781"], "modified": "2023-01-20T16:21:00", "id": "PRION:CVE-2019-19781", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2019-19781", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T00:30:56", "description": "A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system of the affected device. Cisco has not released software updates that address this vulnerability.", "cvss3": {"cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2021-04-08T04:15:00", "type": "prion", "title": "Input validation", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1459"], "modified": "2022-08-05T17:36:00", "id": "PRION:CVE-2021-1459", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2021-1459", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "attackerkb": [{"lastseen": "2023-10-18T16:33:04", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31196, CVE-2021-34473.\n\n \n**Recent assessments:** \n \n**NinjaOperator** at July 14, 2021 7:15pm UTC reported:\n\nThis remote code execution (RCE) vulnerability affects Microsoft Exchange Server 2013/ CU23/2016 CU20/2016 CU21/2019 CU10. \nAnd according to FireEye exploit code is available. \nI will share more information once MSFT releases more details\n\nAssessed Attacker Value: 0 \nAssessed Attacker Value: 0Assessed Attacker Value: 0\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-14T00:00:00", "type": "attackerkb", "title": "CVE-2021-31206", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31196", "CVE-2021-31206", "CVE-2021-34473"], "modified": "2023-10-07T00:00:00", "id": "AKB:C4CD066B-E590-48F0-96A7-FFFAFC3D23CC", "href": "https://attackerkb.com/topics/oAhIZujU2O/cve-2021-31206", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-10-18T16:43:37", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31196, CVE-2021-31206.\n\n \n**Recent assessments:** \n \n**gwillcox-r7** at July 14, 2021 5:15pm UTC reported:\n\nFrom <https://blog.talosintelligence.com/2021/07/microsoft-patch-tuesday-for-july-2021.html> there was a note that this vulnerability seems to have been used in some Exchange Server APT attacks detailed at <https://blog.talosintelligence.com/2021/03/hafnium-update.html> however it wasn\u2019t disclosed that this vulnerability was patched despite being patched back in April 2021. Since this was under active exploitation it is recommended to patch this vulnerability if you haven\u2019t applied April 2021\u2019s patch updates already.\n\nSuccessful exploitation will result in RCE on affected Exchange Servers, and requires no prior user privileges, so patch this soon!\n\nAssessed Attacker Value: 5 \nAssessed Attacker Value: 5Assessed Attacker Value: 3\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-14T00:00:00", "type": "attackerkb", "title": "CVE-2021-34473", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31196", "CVE-2021-31206", "CVE-2021-34473"], "modified": "2021-07-20T00:00:00", "id": "AKB:BDCF4DDE-714E-40C0-B4D9-2B4ECBAD31FF", "href": "https://attackerkb.com/topics/pUK1MXLZkW/cve-2021-34473", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-10-18T16:38:40", "description": "Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33768, CVE-2021-34470.\n\n \n**Recent assessments:** \n \nAssessed Attacker Value: 0 \nAssessed Attacker Value: 0Assessed Attacker Value: 0\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-14T00:00:00", "type": "attackerkb", "title": "CVE-2021-34523", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33768", "CVE-2021-34470", "CVE-2021-34523"], "modified": "2023-10-07T00:00:00", "id": "AKB:6F1D646E-2CDB-4382-A212-30728A7DB899", "href": "https://attackerkb.com/topics/RY7LpTmyCj/cve-2021-34523", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-10-25T18:06:52", "description": "ProxyShell is an exploit chain targeting on-premise installations of Microsoft Exchange Server. It was demonstrated by Orange Tsai at Pwn2Own in April 2021 and is comprised of three CVEs that, when chained, allow a remote unauthenticated attacker to execute arbitrary code on vulnerable targets. The three CVEs are CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207.\n\nDetails are available in Orange Tsai\u2019s [Black Hat USA 2020 talk](<https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-ProxyLogon-Is-Just-The-Tip-Of-The-Iceberg-A-New-Attack-Surface-On-Microsoft-Exchange-Server.pdf>) and follow-on [blog series](<https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html>). ProxyShell is being broadly exploited in the wild as of August 12, 2021.\n\n \n**Recent assessments:** \n \n**ccondon-r7** at August 12, 2021 9:19pm UTC reported:\n\nCheck out the [Rapid7 analysis](<https://attackerkb.com/topics/xbr3tcCFT3/proxyshell-exploit-chain/rapid7-analysis>) for details on the exploit chain. Seems like a lot of the PoC implementations so far are using admin mailboxes, but I\u2019d imagine folks are going to start finding ways around that soon.\n\nAssessed Attacker Value: 5 \nAssessed Attacker Value: 5Assessed Attacker Value: 4\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-20T00:00:00", "type": "attackerkb", "title": "ProxyShell Exploit Chain", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31207", "CVE-2021-34473", "CVE-2021-34523"], "modified": "2021-08-20T00:00:00", "id": "AKB:116FDAE6-8C6E-473E-8D39-247560D01C09", "href": "https://attackerkb.com/topics/xbr3tcCFT3/proxyshell-exploit-chain", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-10-18T16:38:41", "description": "Microsoft Exchange Server Security Feature Bypass Vulnerability\n\n \n**Recent assessments:** \n \nAssessed Attacker Value: 0 \nAssessed Attacker Value: 0Assessed Attacker Value: 0\n", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-11T00:00:00", "type": "attackerkb", "title": "CVE-2021-31207", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31207"], "modified": "2023-10-07T00:00:00", "id": "AKB:5E706DDA-98EC-49CA-AB21-4814DAF26444", "href": "https://attackerkb.com/topics/5F0CGZWw61/cve-2021-31207", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-10-18T16:43:31", "description": "An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.\n\n \n**Recent assessments:** \n \n**kevthehermit** at February 22, 2020 12:29am UTC reported:\n\nAWS had pre built AMIs for these appliances built and supplied to the market place by Citrix.\n\nAt the time of release and for several weeks afterwards, they were still available in their default vulnerable state. Whilst AWS have removed the vulnerable images any AWS account that subscribed to a specific AMI will still have the default vulnerable version.\n\nIf you use this kind of setup it is important to remove any old AMIs and replace them, do not assume that patches will be applied to exising AMIs\n\n**zeroSteiner** at January 02, 2020 3:42pm UTC reported:\n\nAWS had pre built AMIs for these appliances built and supplied to the market place by Citrix.\n\nAt the time of release and for several weeks afterwards, they were still available in their default vulnerable state. Whilst AWS have removed the vulnerable images any AWS account that subscribed to a specific AMI will still have the default vulnerable version.\n\nIf you use this kind of setup it is important to remove any old AMIs and replace them, do not assume that patches will be applied to exising AMIs\n\n**dmelcher5151** at April 16, 2020 12:56am UTC reported:\n\nAWS had pre built AMIs for these appliances built and supplied to the market place by Citrix.\n\nAt the time of release and for several weeks afterwards, they were still available in their default vulnerable state. Whilst AWS have removed the vulnerable images any AWS account that subscribed to a specific AMI will still have the default vulnerable version.\n\nIf you use this kind of setup it is important to remove any old AMIs and replace them, do not assume that patches will be applied to exising AMIs\n\n**bcook-r7** at January 11, 2020 7:23pm UTC reported:\n\nAWS had pre built AMIs for these appliances built and supplied to the market place by Citrix.\n\nAt the time of release and for several weeks afterwards, they were still available in their default vulnerable state. Whilst AWS have removed the vulnerable images any AWS account that subscribed to a specific AMI will still have the default vulnerable version.\n\nIf you use this kind of setup it is important to remove any old AMIs and replace them, do not assume that patches will be applied to exising AMIs\n\n**hrbrmstr** at May 12, 2020 7:56pm UTC reported:\n\nAWS had pre built AMIs for these appliances built and supplied to the market place by Citrix.\n\nAt the time of release and for several weeks afterwards, they were still available in their default vulnerable state. Whilst AWS have removed the vulnerable images any AWS account that subscribed to a specific AMI will still have the default vulnerable version.\n\nIf you use this kind of setup it is important to remove any old AMIs and replace them, do not assume that patches will be applied to exising AMIs\n\n**gwillcox-r7** at October 20, 2020 5:51pm UTC reported:\n\nAWS had pre built AMIs for these appliances built and supplied to the market place by Citrix.\n\nAt the time of release and for several weeks afterwards, they were still available in their default vulnerable state. Whilst AWS have removed the vulnerable images any AWS account that subscribed to a specific AMI will still have the default vulnerable version.\n\nIf you use this kind of setup it is important to remove any old AMIs and replace them, do not assume that patches will be applied to exising AMIs\n\nAssessed Attacker Value: 5 \nAssessed Attacker Value: 5Assessed Attacker Value: 5\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-05T00:00:00", "type": "attackerkb", "title": "CVE-2019-19781", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19781"], "modified": "2023-10-06T00:00:00", "id": "AKB:AFC76977-D355-470D-A7F6-FEF7A8352B65", "href": "https://attackerkb.com/topics/x22buZozYJ/cve-2019-19781", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nuclei": [{"lastseen": "2023-12-06T22:30:02", "description": "\n Microsoft Exchange Server is vulnerable to a remote code execution vulnerability. This CVE ID is unique from CVE-2021-31196, CVE-2021-31206.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-10T00:00:00", "type": "nuclei", "title": "Exchange Server - Remote Code Execution", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31196", "CVE-2021-31206", "CVE-2021-34473"], "modified": "2023-12-06T00:00:00", "id": "NUCLEI:CVE-2021-34473", "href": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-34473.yaml", "sourceData": "id: CVE-2021-34473\n\ninfo:\n name: Exchange Server - Remote Code Execution\n author: arcc,intx0x80,dwisiswant0,r3dg33k\n severity: critical\n description: |\n Microsoft Exchange Server is vulnerable to a remote code execution vulnerability. This CVE ID is unique from CVE-2021-31196, CVE-2021-31206.\n remediation: Apply Microsoft Exchange Server 2019 Cumulative Update 9 or upgrade to the latest version.\n reference:\n - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34473\n - https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html\n - https://peterjson.medium.com/reproducing-the-proxyshell-pwn2own-exploit-49743a4ea9a1\n - https://nvd.nist.gov/vuln/detail/CVE-2021-34473\n - https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34473\n classification:\n cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n cvss-score: 9.8\n cve-id: CVE-2021-34473\n cwe-id: CWE-918\n epss-score: 0.97344\n epss-percentile: 0.99871\n cpe: cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*\n metadata:\n max-request: 2\n vendor: microsoft\n product: exchange_server\n tags: cve,cve2021,ssrf,rce,exchange,kev,microsoft\n\nhttp:\n - method: GET\n path:\n - '{{BaseURL}}/autodiscover/autodiscover.json?@test.com/owa/?&Email=autodiscover/autodiscover.json%3F@test.com'\n - '{{BaseURL}}/autodiscover/autodiscover.json?@test.com/mapi/nspi/?&Email=autodiscover/autodiscover.json%3F@test.com'\n\n matchers:\n - type: word\n part: body\n words:\n - \"Microsoft.Exchange.Clients.Owa2.Server.Core.OwaADUserNotFoundException\"\n - \"Exchange MAPI/HTTP Connectivity Endpoint\"\n condition: or\n# digest: 4b0a00483046022100f75d492f63706f474b434d73438e13192c04f2009078ff2b149ac2886029f275022100badcf1560a783579f90514eddff33a7dce30befceed6034afad43af220017808:922c64590222798bb761d5b6d8e72950", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T22:23:16", "description": "\n Citrix XenMobile Server 10.12 before RP2, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.10 before RP6, and Citrix XenMobile Server before 10.9 RP5 are susceptible to local file inclusion vulnerabilities.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-11-16T00:00:00", "type": "nuclei", "title": "Citrix XenMobile Server - Local File Inclusion", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8209"], "modified": "2023-12-05T00:00:00", "id": "NUCLEI:CVE-2020-8209", "href": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2020/CVE-2020-8209.yaml", "sourceData": "id: CVE-2020-8209\n\ninfo:\n name: Citrix XenMobile Server - Local File Inclusion\n author: dwisiswant0\n severity: high\n description: |\n Citrix XenMobile Server 10.12 before RP2, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.10 before RP6, and Citrix XenMobile Server before 10.9 RP5 are susceptible to local file inclusion vulnerabilities.\n reference:\n - https://swarm.ptsecurity.com/path-traversal-on-citrix-xenmobile-server/\n - https://support.citrix.com/article/CTX277457\n - https://nvd.nist.gov/vuln/detail/CVE-2020-8209\n remediation: |\n Apply the latest security patches or updates provided by Citrix to fix the vulnerability.\n reference:\n - https://support.citrix.com/article/CTX277457\n classification:\n cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\n cvss-score: 7.5\n cve-id: CVE-2020-8209\n cwe-id: CWE-22\n epss-score: 0.97101\n epss-percentile: 0.99723\n cpe: cpe:2.3:a:citrix:xenmobile_server:*:*:*:*:*:*:*:*\n metadata:\n max-request: 1\n vendor: citrix\n product: xenmobile_server\n tags: cve,cve2020,citrix,lfi,xenmobile\n\nhttp:\n - method: GET\n path:\n - \"{{BaseURL}}/jsp/help-sb-download.jsp?sbFileName=../../../etc/passwd\"\n\n matchers-condition: and\n matchers:\n - type: word\n part: header\n words:\n - \"fileDownload=true\"\n - \"application/octet-stream\"\n - \"attachment;\"\n condition: and\n\n - type: regex\n part: body\n regex:\n - \"root:.*:0:0:\"\n\n# digest: 4b0a00483046022100a9e722e8446f133693e0be4d211d24151bc012e619524b88989747d079f88e8902210093ea22706ce9fb4c64f31f28d38c27c3589c33b23882f931921b00ee162e9447:922c64590222798bb761d5b6d8e72950", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-06T22:08:59", "description": "Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0 are susceptible to directory traversal vulnerabilities.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-04-05T00:00:00", "type": "nuclei", "title": "Citrix ADC and Gateway - Directory Traversal", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19781"], "modified": "2023-12-05T00:00:00", "id": "NUCLEI:CVE-2019-19781", "href": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2019/CVE-2019-19781.yaml", "sourceData": "id: CVE-2019-19781\n\ninfo:\n name: Citrix ADC and Gateway - Directory Traversal\n author: organiccrap,geeknik\n severity: critical\n description: Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0 are susceptible to directory traversal vulnerabilities.\n remediation: |\n Apply the necessary security patches provided by Citrix to fix the directory traversal vulnerability.\n reference:\n - https://support.citrix.com/article/CTX267027\n - https://nvd.nist.gov/vuln/detail/CVE-2019-19781\n - https://www.kb.cert.org/vuls/id/619785\n - http://packetstormsecurity.com/files/155904/Citrix-Application-Delivery-Controller-Gateway-Remote-Code-Execution.html\n - http://packetstormsecurity.com/files/155905/Citrix-Application-Delivery-Controller-Gateway-Remote-Code-Execution-Traversal.html\n classification:\n cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n cvss-score: 9.8\n cve-id: CVE-2019-19781\n cwe-id: CWE-22\n epss-score: 0.97507\n epss-percentile: 0.99981\n cpe: cpe:2.3:o:citrix:application_delivery_controller_firmware:10.5:*:*:*:*:*:*:*\n metadata:\n max-request: 1\n vendor: citrix\n product: application_delivery_controller_firmware\n tags: lfi,kev,packetstorm,cve,cve2019,citrix\n\nhttp:\n - method: GET\n path:\n - \"{{BaseURL}}/vpn/../vpns/cfg/smb.conf\"\n\n matchers-condition: and\n matchers:\n - type: word\n words:\n - \"[global]\"\n\n - type: status\n status:\n - 200\n\n# digest: 4b0a004830460221008ba66f8c52100ac5401082fe3f2689a5668c8cbb1ac52fe37ca37f6a09fa89f9022100c822c38a64664678f9a581c2585c25d1347ed30de7e9b2237c9f6e7926297d61:922c64590222798bb761d5b6d8e72950", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "thn": [{"lastseen": "2022-05-09T12:39:27", "description": "[![Hive Ransomware](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEgG4LpJKxqUO2-qxnPcHk7kZshWlpcUJf4apWnuuu8g9A2r0wcvybcwpf7lOoNA63j4bRBhFvjSOcGs6VNIFsmjXTIplZEkjAFtBn3cM6NGJ0rIS2GGGAKNgL2WQIm_-fjXlryklUzygBckkBMBoeHlXhheLR9onLzGHVYPSgJnrJE7GbCsqTLo57hD/s728-e1000/hive-ransomware.jpg)](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEgG4LpJKxqUO2-qxnPcHk7kZshWlpcUJf4apWnuuu8g9A2r0wcvybcwpf7lOoNA63j4bRBhFvjSOcGs6VNIFsmjXTIplZEkjAFtBn3cM6NGJ0rIS2GGGAKNgL2WQIm_-fjXlryklUzygBckkBMBoeHlXhheLR9onLzGHVYPSgJnrJE7GbCsqTLo57hD/s728-e100/hive-ransomware.jpg>)\n\nA recent Hive ransomware attack carried out by an affiliate involved the exploitation of \"ProxyShell\" vulnerabilities in the Microsoft Exchange Server that were disclosed last year to encrypt an unnamed customer's network.\n\n\"The actor managed to achieve its malicious goals and encrypt the environment in less than 72 hours from the initial compromise,\" Varonis security researcher, Nadav Ovadia, [said](<https://www.varonis.com/blog/hive-ransomware-analysis>) in a post-mortem analysis of the incident. \n\nHive, which was [first observed](<https://thehackernews.com/2022/02/master-key-for-hive-ransomware.html>) in June 2021, follows the lucrative ransomware-as-a-service (RaaS) scheme adopted by other cybercriminal groups in recent years, enabling affiliates to deploy the file-encrypting malware after gaining a foothold into their victims' networks.\n\n[ProxyShell](<https://thehackernews.com/2021/08/hackers-actively-searching-for.html>) \u2014 tracked as CVE-2021-31207, CVE-2021-34523, and CVE-2021-34473 \u2014 involves a combination of security feature bypass, privilege escalation, and remote code execution in the Microsoft Exchange Server, effectively granting the attacker the ability to execute arbitrary code on affected servers.\n\nThe issues were addressed by Microsoft as part of its Patch Tuesday updates for April and May 2021.\n\nIn this case, successful exploitation of the flaws allowed the adversary to deploy web shells on the compromised server, using them to run malicious PowerShell code with SYSTEM privileges to create a new backdoor administrator user, hijack the domain admin account, and perform lateral movement.\n\n[![Hive Ransomware](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEgbU5YaGjiHhZvFPL5Fqh7rHbVldX6X-unk-Mq6dP0icasfzkogYQnkRDy9ZUNWr3oca2oh6FGdjSzMm5uyXe1DLzwsty4H8hXGZia0azIu3Q24ZyBwemMQXMvu5dpzZQn-9MUl_WWAG5opQBaoXlyg6Esg2eBVWtdYcBrz5l7yZPDtCD1v9nzKF-D8/s728-e1000/hive.jpg)](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEgbU5YaGjiHhZvFPL5Fqh7rHbVldX6X-unk-Mq6dP0icasfzkogYQnkRDy9ZUNWr3oca2oh6FGdjSzMm5uyXe1DLzwsty4H8hXGZia0azIu3Q24ZyBwemMQXMvu5dpzZQn-9MUl_WWAG5opQBaoXlyg6Esg2eBVWtdYcBrz5l7yZPDtCD1v9nzKF-D8/s728-e100/hive.jpg>)\n\nThe web shells used in the attack are said to have been sourced from a [public git repository](<https://github.com/ThePacketBender/webshells>) and given filenames containing a random mix of characters to evade detection, Ovadia said. Also executed was an additional obfuscated PowerShell script that's part of the Cobalt Strike framework.\n\nFrom there, the threat actor moved to scan the network for valuable files, before proceeding to deploy the Golang ransomware executable (named \"Windows.exe\") to complete the encryption process and display the ransom note to the victim.\n\nOther operations carried out by the malware include deleting shadow copies, turning off security products, and clearing Windows event logs to avoid detection, prevent recovery, and ensure that the encryption happens without any hiccup.\n\nIf anything, the findings are yet another indicator that patching for known vulnerabilities is key to thwarting cyberattacks and other nefarious activities.\n\n\"Ransomware attacks have grown significantly over the past years and remain the preferred method of threat actors aiming to maximize profits,\" Ovadia said. \"It may potentially harm an organization's reputation, disrupt regular operations and lead to temporary, and possibly permanent, loss of sensitive data.\"\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-04-21T10:00:00", "type": "thn", "title": "New Incident Report Reveals How Hive Ransomware Targets Organizations", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31207", "CVE-2021-34473", "CVE-2021-34523"], "modified": "2022-04-21T10:00:58", "id": "THN:84E53E1CA489F43A3D68EC1B18D6C2E2", "href": "https://thehackernews.com/2022/04/new-incident-report-reveals-how-hive.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-09T12:37:24", "description": "[![ProxyShell Flaws](https://thehackernews.com/new-images/img/a/AVvXsEihM5iYK8V59Az6V_QU4QfgIeRF_0hGVdMPzkolUAVIW-fNuFPicRQP8GVCKVzA_FETzCTUZXWBI67kH6LRZTLGCO5eI9UumwAso17F_kIigeX8Y7Z41AMwAPgq1iysoZkTTX-VU5eO4nCRvjFq57tq6FcnFZd3DBb3A8kWOZ253GJWm-fH0WFE7Fna)](<https://thehackernews.com/new-images/img/a/AVvXsEihM5iYK8V59Az6V_QU4QfgIeRF_0hGVdMPzkolUAVIW-fNuFPicRQP8GVCKVzA_FETzCTUZXWBI67kH6LRZTLGCO5eI9UumwAso17F_kIigeX8Y7Z41AMwAPgq1iysoZkTTX-VU5eO4nCRvjFq57tq6FcnFZd3DBb3A8kWOZ253GJWm-fH0WFE7Fna>)\n\nThe U.S. Cybersecurity and Infrastructure Security Agency is warning of active exploitation attempts that leverage the latest line of \"**ProxyShell**\" Microsoft Exchange vulnerabilities that were patched earlier this May, including deploying LockFile ransomware on compromised systems.\n\nTracked as CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207, the vulnerabilities enable adversaries to bypass ACL controls, elevate privileges on the Exchange PowerShell backend, effectively permitting the attacker to perform unauthenticated, remote code execution. While the former two were addressed by Microsoft on April 13, a patch for CVE-2021-31207 was shipped as part of the Windows maker's May Patch Tuesday updates.\n\n\"An attacker exploiting these vulnerabilities could execute arbitrary code on a vulnerable machine,\" CISA [said](<https://us-cert.cisa.gov/ncas/current-activity/2021/08/21/urgent-protect-against-active-exploitation-proxyshell>).\n\nThe development comes a little over a week after cybersecurity researchers sounded the alarm on [opportunistic scanning and exploitation](<https://thehackernews.com/2021/08/hackers-actively-searching-for.html>) of unpatched Exchange servers by taking advantage of the ProxyShell attack chain.\n\n[![ProxyShell Flaws](https://thehackernews.com/new-images/img/a/AVvXsEi9pcvxkZCqcBcriArdPtNn0AWuIafJEeUPlEHsu4z-oKwZf3gzsprTbCyyBAmMBzU-gFoDqTD8zWP4vrlEdDv_w5I3I5iSFyAS8RZ2p_jjRO0sOXbKoN31TMsPPfb0BXXZt8m7aM2SAtTFrkZ3hdSN1FSLaynBoGiYDkl78s_i0T5Kva4eudH21Jzf)](<https://thehackernews.com/new-images/img/a/AVvXsEi9pcvxkZCqcBcriArdPtNn0AWuIafJEeUPlEHsu4z-oKwZf3gzsprTbCyyBAmMBzU-gFoDqTD8zWP4vrlEdDv_w5I3I5iSFyAS8RZ2p_jjRO0sOXbKoN31TMsPPfb0BXXZt8m7aM2SAtTFrkZ3hdSN1FSLaynBoGiYDkl78s_i0T5Kva4eudH21Jzf>) \n--- \nImage Source: [Huntress Labs](<https://www.huntress.com/blog/rapid-response-microsoft-exchange-servers-still-vulnerable-to-proxyshell-exploit>) \n \nOriginally demonstrated at the [Pwn2Own hacking contest](<https://thehackernews.com/2021/04/windows-ubuntu-zoom-safari-ms-exchange.html>) in April this year, ProxyShell is part of a broader trio of exploit chains discovered by DEVCORE security researcher Orange Tsai that includes ProxyLogon and ProxyOracle, the latter of which concerns two remote code execution flaws that could be employed to recover a user's password in plaintext format.\n\n\"They're backdooring boxes with webshells that drop other webshells and also executables that periodically call out,\" researcher Kevin Beaumont [noted](<https://twitter.com/GossiTheDog/status/1425844380376735746>) last week.\n\nNow according to researchers from Huntress Labs, at least [five distinct styles of web shells](<https://www.huntress.com/blog/rapid-response-microsoft-exchange-servers-still-vulnerable-to-proxyshell-exploit>) have been observed as deployed to vulnerable Microsoft Exchange servers, with over over 100 incidents reported related to the exploit between August 17 and 18. Web shells grant the attackers remote access to the compromised servers, but it isn't clear exactly what the goals are or the extent to which all the flaws were used.\n\nMore than 140 web shells have been detected across no fewer than 1,900 unpatched Exchanger servers to date, Huntress Labs CEO Kyle Hanslovan [tweeted](<https://twitter.com/KyleHanslovan/status/1428804893423382532>), adding \"impacted [organizations] thus far include building manufacturing, seafood processors, industrial machinery, auto repair shops, a small residential airport and more.\"\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-22T09:51:00", "type": "thn", "title": "WARNING: Microsoft Exchange Under Attack With ProxyShell Flaws", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31207", "CVE-2021-34473", "CVE-2021-34523"], "modified": "2021-08-23T13:28:25", "id": "THN:5BE77895D84D1FB816C73BB1661CE8EB", "href": "https://thehackernews.com/2021/08/microsoft-exchange-under-attack-with.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-09T12:37:14", "description": "[![APT Hacking Group](https://thehackernews.com/new-images/img/a/AVvXsEiQk7skJEo49QfN4ESusan9jBZfTXapDKpnR6CXuJbaNKUBpx7nO684Vj5RRctI8hh09KwyntDYPyeQI-HbWC03E5Uo4ABDXXj3vfb774Dv1G65e03iX30VM0pcCe5hQfxnkW-u1V4gZgZ3L2et_QXqceUwFJfPQDg8aUOWSagSt-l0OGRquNTiLEso=s728-e1000)](<https://thehackernews.com/new-images/img/a/AVvXsEiQk7skJEo49QfN4ESusan9jBZfTXapDKpnR6CXuJbaNKUBpx7nO684Vj5RRctI8hh09KwyntDYPyeQI-HbWC03E5Uo4ABDXXj3vfb774Dv1G65e03iX30VM0pcCe5hQfxnkW-u1V4gZgZ3L2et_QXqceUwFJfPQDg8aUOWSagSt-l0OGRquNTiLEso>)\n\nA previously undocumented threat actor has been identified as behind a string of attacks targeting fuel, energy, and aviation production industries in Russia, the U.S., India, Nepal, Taiwan, and Japan with the goal of stealing data from compromised networks.\n\nCybersecurity company Positive Technologies dubbed the advanced persistent threat (APT) group ChamelGang \u2014 referring to their chameleellonic capabilities, including disguising \"its malware and network infrastructure under legitimate services of Microsoft, TrendMicro, McAfee, IBM, and Google.\" \n\n\"To achieve their goal, the attackers used a trending penetration method\u2014supply chain,\" the researchers [said](<https://www.ptsecurity.com/ww-en/about/news/positive-technologies-uncovers-new-apt-group-attacking-russia-s-fuel-and-energy-complex-and-aviation-production-industry/>) of one of the incidents investigated by the firm. \"The group compromised a subsidiary and penetrated the target company's network through it. Trusted relationship attacks are rare today due to the complexity of their execution. Using this method [\u2026], the ChamelGang group was able to achieve its goal and steal data from the compromised network.\"\n\nIntrusions mounted by the adversary are believed to have commenced at the end of March 2021, with later attacks in August leveraging what's called the [ProxyShell](<https://thehackernews.com/2021/08/hackers-actively-searching-for.html>) chain of vulnerabilities affecting Microsoft Exchange Servers, the technical details of which were first revealed at the Black Hat USA 2021 security conference earlier that month.\n\n[![Microsoft](https://thehackernews.com/new-images/img/a/AVvXsEgpU90FEVyvHUv6m3vUITmIj4tJ_Kexp6cw5No4dV8_Po339DpYJtWa0Z-_BTv7hBE9_EkkSjRVlbP2lsM6MxD-x1p1yD_mQOhRoeiBy9vjPZXWBKrrJlJlvEbl4QdL8woMTd4XIY2ZGusd5N0uFaCwXBUiwFnJnXGfU0C-ESawdO8FR9OB4njoQ6oc=s728-e1000)](<https://thehackernews.com/new-images/img/a/AVvXsEgpU90FEVyvHUv6m3vUITmIj4tJ_Kexp6cw5No4dV8_Po339DpYJtWa0Z-_BTv7hBE9_EkkSjRVlbP2lsM6MxD-x1p1yD_mQOhRoeiBy9vjPZXWBKrrJlJlvEbl4QdL8woMTd4XIY2ZGusd5N0uFaCwXBUiwFnJnXGfU0C-ESawdO8FR9OB4njoQ6oc>)\n\nThe attack in March is also notable for the fact that the operators breached a subsidiary organization to gain access to an unnamed energy company's network by exploiting a flaw in Red Hat JBoss Enterprise Application ([CVE-2017-12149](<https://access.redhat.com/security/cve/CVE-2017-12149>)) to remotely execute commands on the host and deploy malicious payloads that enable the actor to launch the malware with elevated privileges, laterally pivot across the network, and perform reconnaissance, before deploying a backdoor called DoorMe.\n\n\"The infected hosts were controlled by the attackers using the public utility FRP (fast reverse proxy), written in Golang,\" the researchers said. \"This utility allows connecting to a reverse proxy server. The attackers' requests were routed using the socks5 plugin through the server address obtained from the configuration data.\"\n\nOn the other hand, the August attack against a Russian company in the aviation production sector involved the exploitation of ProxyShell flaws (CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207) to drop additional web shells and conduct remote reconnaissance on the compromised node, ultimately leading to the installation of a modified version of the DoorMe implant that comes with expanded capabilities to run arbitrary commands and carry out file operations.\n\n\"Targeting the fuel and energy complex and aviation industry in Russia isn't unique \u2014 this sector is one of the three most frequently attacked,\" Positive Technologies' Head of Threat Analysis, Denis Kuvshinov, said. \"However, the consequences are serious: Most often such attacks lead to financial or data loss\u2014in 84% of all cases last year, the attacks were specifically created to steal data, and that causes major financial and reputational damage.\"\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-04T12:48:00", "type": "thn", "title": "A New APT Hacking Group Targeting Fuel, Energy, and Aviation Industries", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12149", "CVE-2021-31207", "CVE-2021-34473", "CVE-2021-34523"], "modified": "2021-10-04T12:48:16", "id": "THN:E95B6A75073DA71CEC73B2E4F0B13622", "href": "https://thehackernews.com/2021/10/a-new-apt-hacking-group-targeting-fuel.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-09T12:39:14", "description": "[![Microsoft Exchange Servers](https://thehackernews.com/images/-4bW5O7qDy3g/YRY939zQM4I/AAAAAAAADho/RUV3iIGj654Ml8xKhGo8MXIEWtGwsL1ywCLcBGAsYHQ/s728-e1000/ms-exchnage.jpg)](<https://thehackernews.com/images/-4bW5O7qDy3g/YRY939zQM4I/AAAAAAAADho/RUV3iIGj654Ml8xKhGo8MXIEWtGwsL1ywCLcBGAsYHQ/s0/ms-exchnage.jpg>)\n\nThreat actors are actively carrying out opportunistic [scanning](<https://twitter.com/bad_packets/status/1425598895569006594>) and [exploitation](<https://twitter.com/GossiTheDog/status/1425844380376735746>) of Exchange servers using a new exploit chain leveraging a trio of flaws affecting on-premises installations, making them the latest set of bugs after ProxyLogon vulnerabilities were exploited en masse at the start of the year.\n\nThe remote code execution flaws have been collectively dubbed \"ProxyShell.\" At least 30,000 machines are affected by the vulnerabilities, [according](<https://isc.sans.edu/diary/27732>) to a Shodan scan performed by Jan Kopriva of SANS Internet Storm Center.\n\n\"Started to see in the wild exploit attempts against our honeypot infrastructure for the Exchange ProxyShell vulnerabilities,\" NCC Group's Richard Warren [tweeted](<https://twitter.com/buffaloverflow/status/1425831100157349890>), noting that one of the intrusions resulted in the deployment of a \"C# aspx webshell in the /aspnet_client/ directory.\"\n\nPatched in early March 2021, [ProxyLogon](<https://devco.re/blog/2021/08/06/a-new-attack-surface-on-MS-exchange-part-1-ProxyLogon/>) is the moniker for CVE-2021-26855, a server-side request forgery vulnerability in Exchange Server that permits an attacker to take control of a vulnerable server as an administrator, and which can be chained with another post-authentication arbitrary-file-write vulnerability, CVE-2021-27065, to achieve code execution.\n\nThe vulnerabilities came to light after Microsoft [spilled the beans](<https://thehackernews.com/2021/03/urgent-4-actively-exploited-0-day-flaws.html>) on a Beijing-sponsored hacking operation that leveraged the weaknesses to strike entities in the U.S. for purposes of exfiltrating information in what the company described as limited and targeted attacks.\n\nSince then, the Windows maker has fixed six more flaws in its mail server component, two of which are called [ProxyOracle](<https://devco.re/blog/2021/08/06/a-new-attack-surface-on-MS-exchange-part-2-ProxyOracle/>), which enables an adversary to recover the user's password in plaintext format.\n\nThree other issues \u2014 known as ProxyShell \u2014 could be abused to bypass ACL controls, elevate privileges on Exchange PowerShell backend, effectively authenticating the attacker and allowing for remote code execution. Microsoft noted that both CVE-2021-34473 and CVE-2021-34523 were inadvertently omitted from publication until July.\n\n**ProxyLogon:**\n\n * [**CVE-2021-26855**](<https://thehackernews.com/2021/03/microsoft-issues-security-patches-for.html>) \\- Microsoft Exchange Server Remote Code Execution Vulnerability (Patched on March 2)\n * [**CVE-2021-26857**](<https://thehackernews.com/2021/03/microsoft-issues-security-patches-for.html>) \\- Microsoft Exchange Server Remote Code Execution Vulnerability (Patched on March 2)\n * [**CVE-2021-26858**](<https://thehackernews.com/2021/03/microsoft-issues-security-patches-for.html>) \\- Microsoft Exchange Server Remote Code Execution Vulnerability (Patched on March 2)\n * [**CVE-2021-27065**](<https://thehackernews.com/2021/03/microsoft-issues-security-patches-for.html>) \\- Microsoft Exchange Server Remote Code Execution Vulnerability (Patched on March 2)\n\n**ProxyOracle:**\n\n * [**CVE-2021-31195**](<https://thehackernews.com/2021/05/latest-microsoft-windows-updates-patch.html>) \\- Microsoft Exchange Server Remote Code Execution Vulnerability (Patched on May 11)\n * [**CVE-2021-31196**](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31196>) \\- Microsoft Exchange Server Remote Code Execution Vulnerability (Patched on July 13)\n\n**ProxyShell:**\n\n * [**CVE-2021-31207**](<https://thehackernews.com/2021/05/latest-microsoft-windows-updates-patch.html>) \\- Microsoft Exchange Server Security Feature Bypass Vulnerability (Patched on May 11)\n * [**CVE-2021-34473**](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34473>) \\- Microsoft Exchange Server Remote Code Execution Vulnerability (Patched on April 13, advisory released on July 13)\n * [**CVE-2021-34523**](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34523>) \\- Microsoft Exchange Server Elevation of Privilege Vulnerability (Patched on April 13, advisory released on July 13)\n\n**Other:**\n\n * [**CVE-2021-33768**](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-33768>) \\- Microsoft Exchange Server Elevation of Privilege Vulnerability (Patched on July 13)\n\nOriginally demonstrated at the [Pwn2Own hacking competition](<https://thehackernews.com/2021/04/windows-ubuntu-zoom-safari-ms-exchange.html>) this April, technical details of the ProxyShell attack chain were disclosed by DEVCORE researcher Orange Tsai at the [Black Hat USA 2021](<https://www.blackhat.com/us-21/briefings/schedule/index.html#proxylogon-is-just-the-tip-of-the-iceberg-a-new-attack-surface-on-microsoft-exchange-server-23442>) and [DEF CON](<https://www.youtube.com/watch?v=5mqid-7zp8k>) security conferences last week. To prevent exploitation attempts, organizations are highly recommended to install updates released by Microsoft.\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-13T09:46:00", "type": "thn", "title": "Hackers Actively Searching for Unpatched Microsoft Exchange Servers", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26855", "CVE-2021-26857", "CVE-2021-26858", "CVE-2021-27065", "CVE-2021-31195", "CVE-2021-31196", "CVE-2021-31207", "CVE-2021-33768", "CVE-2021-34473", "CVE-2021-34523"], "modified": "2021-08-13T09:46:09", "id": "THN:FA40708E1565483D14F9A31FC019FCE1", "href": "https://thehackernews.com/2021/08/hackers-actively-searching-for.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-09T12:39:13", "description": "[![Cisco Small Business Routers](https://thehackernews.com/new-images/img/a/AVvXsEjGZxTcYnkXh6HDVDSZkRgT1ih3facMYGJel-0ujHKyQ8ezAnyb3Dd3no9pCiXfcSQw9hmPDL-URQy1LkFV4JaCrFP6Gl4RVb_dsI-iwJRcIxDcw1WY-2oTqdi6HnpwnhLJz8I2sPLCCDZP45h4SjVZQLYlQ-bzcgd0czHvKFMNfDV-X4_3hNU-4qFb)](<https://thehackernews.com/new-images/img/a/AVvXsEjGZxTcYnkXh6HDVDSZkRgT1ih3facMYGJel-0ujHKyQ8ezAnyb3Dd3no9pCiXfcSQw9hmPDL-URQy1LkFV4JaCrFP6Gl4RVb_dsI-iwJRcIxDcw1WY-2oTqdi6HnpwnhLJz8I2sPLCCDZP45h4SjVZQLYlQ-bzcgd0czHvKFMNfDV-X4_3hNU-4qFb>)\n\nA critical vulnerability in Cisco Small Business Routers will not be patched by the networking equipment giant, since the devices reached end-of-life in 2019.\n\nTracked as **CVE-2021-34730** (CVSS score: 9.8), the issue resides in the routers' Universal Plug-and-Play (UPnP) service, enabling an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition.\n\nThe vulnerability, which the company said is due to improper validation of incoming UPnP traffic, could be abused to send a specially-crafted UPnP request to an affected device, resulting in remote code execution as the root user on the underlying operating system.\n\n\"Cisco has not released and will not release software updates to address the vulnerability,\" the company [noted](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-sb-rv-overflow-htpymMB5>) in an advisory published Wednesday. \"The Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers have [entered the end-of-life process](<https://www.cisco.com/c/en/us/products/collateral/routers/small-business-rv-series-routers/eos-eol-notice-c51-742771.pdf>). Customers are encouraged to migrate to the Cisco Small Business RV132W, RV160, or RV160W Routers.\"\n\nThe issue impacts the following products \u2014\n\n * RV110W Wireless-N VPN Firewalls\n * RV130 VPN Routers\n * RV130W Wireless-N Multifunction VPN Routers\n * RV215W Wireless-N VPN Routers\n\nIn the absence of a patch, Cisco recommends customers to disable UPnP on the LAN interface. Quentin Kaiser of IoT Inspector Research Lab has been credited with reporting the vulnerability.\n\n\"All too often, after a system or service is replaced, the legacy system or service is left running 'just in case' it is needed again. The problem lies in the fact that \u2014 like in the case of this vulnerability in the Universal Plug-and-Play service \u2014 the legacy system or service is usually not kept up to date with security updates or configurations,\" said Dean Ferrando, systems engineer manager (EMEA) at Tripwire.\n\n\"This makes it an excellent target for bad actors, which is why organizations that are still using these old VPN routers should immediately take actions to update their devices. This should be part of an overall effort to harden systems across the entire attack surface, which helps to safeguard the integrity of digital assets and protect against vulnerabilities and common security threats which may be leveraged as entry points,\" Ferrando added.\n\nCVE-2021-34730 marks the second time the company has followed the approach of not releasing fixes for end-of-life routers since the start of the year. Earlier this April, Cisco urged users to upgrade their routers as a countermeasure to resolve a similar remote code execution bug ([CVE-2021-1459](<https://thehackernews.com/2021/04/cisco-will-not-patch-critical-rce-flaw.html>)) affecting RV110W VPN firewall and Small Business RV130, RV130W, and RV215W routers.\n\nIn addition, Cisco has also issued an alert for a [critical BadAlloc flaw](<https://thehackernews.com/2021/08/badalloc-flaw-affects-blackberry-qnx.html>) impacting BlackBerry QNX Real-Time Operating System (RTOS) that came to light earlier this week, [stating](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-qnx-TOxjVPdL>) that the company is \"investigating its product line to determine which products and services may be affected by this vulnerability.\"\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-20T06:47:00", "type": "thn", "title": "Critical Flaw Found in Older Cisco Small Business Routers Won't Be Fixed", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1459", "CVE-2021-34730"], "modified": "2021-08-20T10:10:52", "id": "THN:0B1D114F0E9F363E39DF54A7DB4324F9", "href": "https://thehackernews.com/2021/08/critical-flaw-found-in-older-cisco.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-10-04T12:04:40", "description": "[![ProxyNotShell](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEh6538WifO-pQPlUhACBuUX_jTbrSpW305DDSQv2XtGhWolinz3L4Hgy3yckiql7NJG9L9tFcb9ZFIPr1a1yBf9bvlyuXOAhhxdrgegxaIMeSIxRzX7JFkUbAULNHo8UzppH76EuY77JOotsyc1FYph-TCqk5DAr4GPj--2TvKuoLT8Tucw6ssJeCOa/s728-e1000/proxynotshell.jpg)](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEh6538WifO-pQPlUhACBuUX_jTbrSpW305DDSQv2XtGhWolinz3L4Hgy3yckiql7NJG9L9tFcb9ZFIPr1a1yBf9bvlyuXOAhhxdrgegxaIMeSIxRzX7JFkUbAULNHo8UzppH76EuY77JOotsyc1FYph-TCqk5DAr4GPj--2TvKuoLT8Tucw6ssJeCOa/s728-e100/proxynotshell.jpg>)\n\nNicknamed ProxyNotShell, a new exploit used in the wild takes advantage of the recently published Microsoft Server-Side Request Forgery (SSRF) vulnerability CVE-2022-41040 and a second vulnerability, CVE-2022-41082 that allows Remote Code Execution (RCE) when PowerShell is available to unidentified attackers.\n\nBased on ProxyShell, this new zero-day abuse risk leverage a chained attack similar to the one used in the 2021 ProxyShell attack that exploited the combination of multiple vulnerabilities - CVE-2021-34523, CVE-2021-34473, and CVE-2021-31207 \u2013 to permit a remote actor to execute arbitrary code.\n\nDespite the potential severity of attacks using them, ProxyShell vulnerabilities are still on CISA's list of top 2021 routinely exploited vulnerabilities.\n\n## Meet ProxyNotShell \n\nRecorded on September 19, 2022, CVE-2022-41082 is an attack vector targeting Microsoft's Exchange Servers, enabling attacks of low complexity with low privileges required. Impacted services, if vulnerable, enable an authenticated attacker to compromise the underlying exchange server by leveraging existing exchange PowerShell, which could result in a full compromise.\n\nWith the help of CVE-2022-41040, another Microsoft vulnerability also recorded on September 19, 2022, an attacker can remotely trigger CVE-2022-41082 to remotely execute commands.\n\nThough a user needs to have the privilege to access CVE-2022-41040, which should curtail the vulnerability accessibility to attackers, the required level of privilege is low.\n\nAt the time of writing, Microsoft has not yet issued a patch but recommends that users [add a blocking rule](<https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/>) as a mitigation measure.\n\nBoth vulnerabilities were uncovered during an active attack against GTSC, a Vietnamese organization called GTSC, granting attackers access to some of their clients. Though neither vulnerability on its own is particularly dangerous, exploits chaining them together could potentially lead to catastrophic breaches.\n\nThe chained vulnerabilities could grant an outsider attacker the ability to read emails directly off an organization's server the ability to breach the organization with CVE-2022-41040 Remote Code Execution and implant malware on the organization's Exchange Server with CVE-2022-41082.\n\nThough it appears that attackers would need some level of authentication to activate the chained vulnerabilities exploit, the exact level of authentication required \u2013 rated \"Low\" by Microsoft \u2013 is not yet clarified. Yet, this required low authentication level should effectively prevent a massive, automated attack targeting every Exchange server around the globe. This hopefully will prevent a replay of the 2021 ProxyShell debacle.\n\nYet, finding a single valid email address/password combination on a given Exchange server should not be overly difficult, and, as this attack bypasses MFA or FIDO token validation to log into Outlook Web Access, a single compromised email address/password combination is all that is needed.\n\n## Mitigating ProxyNotShell Exposure\n\nAt the time of writing, Microsoft has not yet issued a patch but recommends that users [add a blocking rule](<https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/>) as a mitigation measure of unknown efficacy.\n\nBlocking incoming traffic to Exchange Servers holding critical asserts is also an option, though only practicable if such a measure does not impact vital operations and should ideally be perceived as a temporary measure pending Microsoft's issuance of a verified patch.\n\n## Assessing ProxyNotShell Exposure\n\nAs the current mitigation options are either of unverified efficacy or potentially damaging to the smooth running of operations, evaluating the degree of exposure to ProxyNotShell might prevent taking potentially disruptive unnecessary preventative measures, or indicate which assets to preemptively migrate to unexposed servers.\n\nCymulate Research Lab has developed a [custom-made assessment for ProxyNotShell](<https://cymulate.com/free-trial/>) that enable organizations to estimate exactly their degree of exposure to ProxyNotShell.\n\nA ProxyNotShell attack vector has been added to the advanced scenarios templates, and running it on your environment yields the necessary information to validate exposure \u2013 or lack thereof - to ProxyNotShell.\n\n[![ProxyNotShell](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEgOoxz7w2_H46l72-JIWEEozP6gnLHfSQt_wbm1RRkjB0NOn2rBaB0wW4-jBFx4wbMgPAmXZvOdPPwjnUFX2u8zbdJZLSXKMAoft6Skt3EXk_gH1ehXK9DLBpHKouidVH9WE9P1SQs3h-s1VAfGKtHqeXaxkjtGS4lDIItWgmQo1FSLk_6z6fV7ZtQw/s728-e1000/222.png)](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEgOoxz7w2_H46l72-JIWEEozP6gnLHfSQt_wbm1RRkjB0NOn2rBaB0wW4-jBFx4wbMgPAmXZvOdPPwjnUFX2u8zbdJZLSXKMAoft6Skt3EXk_gH1ehXK9DLBpHKouidVH9WE9P1SQs3h-s1VAfGKtHqeXaxkjtGS4lDIItWgmQo1FSLk_6z6fV7ZtQw/s728-e100/222.png>)\n\n[![ProxyNotShell](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEiqGWTwc-0vwEKrwSp1s7coId4IRI3KelQKVBG1iXsx0N32996O0Lprr0PA035V1oLkFpdjQ1euXlqcL0le7gsuWoWI9NSCEBW0Nj-OCQZn8ovDyuK-b-MtVYhjKmGIWuZO5IkdqNRBvKSiWttxGP46GmxjlZtpI_FSz2728WiqkvKTOoOJIp0KrjOH/s728-e1000/111.png)](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEiqGWTwc-0vwEKrwSp1s7coId4IRI3KelQKVBG1iXsx0N32996O0Lprr0PA035V1oLkFpdjQ1euXlqcL0le7gsuWoWI9NSCEBW0Nj-OCQZn8ovDyuK-b-MtVYhjKmGIWuZO5IkdqNRBvKSiWttxGP46GmxjlZtpI_FSz2728WiqkvKTOoOJIp0KrjOH/s728-e100/111.png>)\n\nUntil verified patches are available from Microsoft, assessing exposure to ProxyNotShell to evaluate exactly which servers are potential targets is the most cost-efficient way to evaluate exactly which assets are exposed and devise targeted preemptive measures with maximum impact.\n\n_Note: This article is contributed by [Cymulate Research Labs](<https://cymulate.com/>)._\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-04T08:05:00", "type": "thn", "title": "ProxyNotShell \u2013 the New Proxy Hell?", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31207", "CVE-2021-34473", "CVE-2021-34523", "CVE-2022-41040", "CVE-2022-41082"], "modified": "2022-10-04T10:19:04", "id": "THN:54023E40C0AA4CB15793A39F3AF102AB", "href": "https://thehackernews.com/2022/10/proxynotshell-new-proxy-hell.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-09T12:38:05", "description": "[![](https://thehackernews.com/new-images/img/a/AVvXsEjiGzDP_Q8TgakrIFP6H8c0NlSHHH4ztdEtesv8G-AaS-LvfiauO6JgcrFpPKfplpRuqYssvepWzyhQaLMIPqPzyt00vE0kNEL3qEg1k1YRQpWZouKa_km8jD-kuKbNBXugV_MhYndYW41kM6o2z77T4oOGQlDGhGk-HA0tZfdol-RO_fCE6o7N54uW)](<https://thehackernews.com/new-images/img/a/AVvXsEjiGzDP_Q8TgakrIFP6H8c0NlSHHH4ztdEtesv8G-AaS-LvfiauO6JgcrFpPKfplpRuqYssvepWzyhQaLMIPqPzyt00vE0kNEL3qEg1k1YRQpWZouKa_km8jD-kuKbNBXugV_MhYndYW41kM6o2z77T4oOGQlDGhGk-HA0tZfdol-RO_fCE6o7N54uW>)\n\nThreat actors are exploiting ProxyLogon and ProxyShell exploits in unpatched Microsoft Exchange Servers as part of an ongoing spam campaign that leverages stolen email chains to bypass security software and deploy malware on vulnerable systems.\n\nThe findings come from Trend Micro following an investigation into a number of intrusions in the Middle East that culminated in the distribution of a never-before-seen loader dubbed SQUIRRELWAFFLE. First publicly [documented](<https://thehackernews.com/2021/10/hackers-using-squirrelwaffle-loader-to.html>) by Cisco Talos, the attacks are believed to have commenced in mid-September 2021 via laced Microsoft Office documents.\n\n\"It is known for sending its malicious emails as replies to pre-existing email chains, a tactic that lowers a victim's guard against malicious activities,\" researchers Mohamed Fahmy, Sherif Magdy, Abdelrhman Sharshar [said](<https://www.trendmicro.com/en_us/research/21/k/Squirrelwaffle-Exploits-ProxyShell-and-ProxyLogon-to-Hijack-Email-Chains.html>) in a report published last week. \"To be able to pull this off, we believe it involved the use of a chain of both ProxyLogon and ProxyShell exploits.\"\n\n[ProxyLogon](<https://thehackernews.com/2021/03/urgent-4-actively-exploited-0-day-flaws.html>) and [ProxyShell](<https://thehackernews.com/2021/08/microsoft-exchange-under-attack-with.html>) refer to a collection of flaws in Microsoft Exchange Servers that could enable a threat actor to elevate privileges and remotely execute arbitrary code, effectively granting the ability to take control of the vulnerable machines. While the ProxyLogon flaws were addressed in March, the ProxyShell bugs were patched in a series of updates released in May and July.\n\n[![](https://thehackernews.com/new-images/img/a/AVvXsEhYwBTFRq5MuslNIXJAtZNZ-q9Ik0Wyu_z6HVG8loZsBaeJR_tXRLvm18OZvIJYeeOyYp0DVHZdMg8sdqe9H3ePEot8dMGuNuC25YWuyp09kuYsm_qh2nU_3dlFK7X2kVXn-DYmtklqChAj_2BOpas4TFiWcbPR3PtoX5RKukcpGn0sd1S8Ubdqo1bu)](<https://thehackernews.com/new-images/img/a/AVvXsEhYwBTFRq5MuslNIXJAtZNZ-q9Ik0Wyu_z6HVG8loZsBaeJR_tXRLvm18OZvIJYeeOyYp0DVHZdMg8sdqe9H3ePEot8dMGuNuC25YWuyp09kuYsm_qh2nU_3dlFK7X2kVXn-DYmtklqChAj_2BOpas4TFiWcbPR3PtoX5RKukcpGn0sd1S8Ubdqo1bu>) \n--- \nDLL infection flow \n \nTrend Micro said it observed the use of public exploits for CVE-2021-26855 (ProxyLogon), CVE-2021-34473, and CVE-2021-34523 (ProxyShell) on three of the Exchange servers that were compromised in different intrusions, using the access to hijack legitimate email threads and send malicious spam messages as replies, thereby increasing the likelihood that unsuspecting recipients will open the emails.\n\n\"Delivering the malicious spam using this technique to reach all the internal domain users will decrease the possibility of detecting or stopping the attack, as the mail getaways will not be able to filter or quarantine any of these internal emails,\" the researchers said, adding the attackers behind the operation did not carry out lateral movement or install additional malware so as to stay under the radar and avoid triggering any alerts.\n\nThe attack chain involves rogue email messages containing a link that, when clicked, drops a Microsoft Excel or Word file. Opening the document, in turn, prompts the recipient to enable macros, ultimately leading to the download and execution of the SQUIRRELWAFFLE malware loader, which acts as a medium to fetch final-stage payloads such as Cobalt Strike and Qbot.\n\nThe development marks a new escalation in phishing campaigns where a threat actor has breached corporate Microsoft Exchange email servers to gain unauthorized access to their internal mail systems and distribute malicious emails in an attempt to infect users with malware.\n\n\"SQUIRRELWAFFLE campaigns should make users wary of the different tactics used to mask malicious emails and files,\" the researchers concluded. \"Emails that come from trusted contacts may not be enough of an indicator that whatever link or file included in the email is safe.\"\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-22T11:47:00", "type": "thn", "title": "Hackers Exploiting ProxyLogon and ProxyShell Flaws in Spam Campaigns", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26855", "CVE-2021-34473", "CVE-2021-34523"], "modified": "2021-11-23T07:33:36", "id": "THN:0D80EEB03C07D557AA62E071C7A7C619", "href": "https://thehackernews.com/2021/11/hackers-exploiting-proxylogon-and.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-09-16T04:03:41", "description": "[![Iranian Hackers](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEjUqmffIx48KtQdHxTXb4TQfvElel4yvoLc_Uq-nF3atp_DnKXEvX_r4s4FR-V9kItxokvkUgH3L-QP1uH3JrII_VtRNnXYXU3EYxwsreIbOgCkHKHN4AbWxtUPY5tKaH8u6YvYBd2oA_JReHSU1gNdaKY11tzzrlCHhUSTJzZr4yGRgnN-fUCAb2Mv/s728-e1000/iranian-hackers.jpg)](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEjUqmffIx48KtQdHxTXb4TQfvElel4yvoLc_Uq-nF3atp_DnKXEvX_r4s4FR-V9kItxokvkUgH3L-QP1uH3JrII_VtRNnXYXU3EYxwsreIbOgCkHKHN4AbWxtUPY5tKaH8u6YvYBd2oA_JReHSU1gNdaKY11tzzrlCHhUSTJzZr4yGRgnN-fUCAb2Mv/s728-e100/iranian-hackers.jpg>)\n\nThe U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Wednesday announced sweeping sanctions against ten individuals and two entities backed by Iran's Islamic Revolutionary Guard Corps (IRGC) for their involvement in ransomware attacks at least since October 2020.\n\nThe agency said the cyber activity mounted by the individuals is partially attributable to intrusion sets tracked under the names APT35, Charming Kitten, Nemesis Kitten, Phosphorus, and TunnelVision.\n\n\"This group has launched extensive campaigns against organizations and officials across the globe, particularly targeting U.S. and Middle Eastern defense, diplomatic, and government personnel, as well as private industries including media, energy, business services, and telecommunications,\" the Treasury [said](<https://home.treasury.gov/news/press-releases/jy0948>).\n\nThe Nemesis Kitten actor, which is also known as [Cobalt Mirage](<https://thehackernews.com/2022/05/iranian-hackers-leveraging-bitlocker.html>), [DEV-0270](<https://thehackernews.com/2022/09/microsoft-warns-of-ransomware-attacks.html>), and [UNC2448](<https://thehackernews.com/2022/09/iranian-apt42-launched-over-30.html>), has come under the scanner in recent months for its pattern of ransomware attacks for opportunistic revenue generation using Microsoft's built-in BitLocker tool to encrypt files on compromised devices.\n\nMicrosoft and Secureworks have characterized DEV-0270 as a subgroup of [Phosphorus](<https://thehackernews.com/2022/09/iranian-hackers-target-high-value.html>) (aka Cobalt Illusion), with ties to another actor referred to as [TunnelVision](<https://thehackernews.com/2022/02/iranian-hackers-targeting-vmware.html>). The Windows maker also assessed with low confidence that \"some of DEV-0270's ransomware attacks are a form of moonlighting for personal or company-specific revenue generation.\"\n\nWhat's more, independent analyses from the two cybersecurity firms as well as Google-owned [Mandiant](<https://thehackernews.com/2022/09/iranian-apt42-launched-over-30.html>) has revealed the group's connections to two companies Najee Technology (which functions under the aliases Secnerd and Lifeweb) and Afkar System, both of which have been subjected to U.S. sanctions.\n\nIt's worth noting that Najee Technology and Afkar System's connections to the Iranian intelligence agency were first flagged by an anonymous anti-Iranian regime entity called [Lab Dookhtegan](<https://thehackernews.com/2021/05/researchers-uncover-iranian-state.html>) [earlier](<https://mobile.twitter.com/LabDookhtegan2/status/1520355269695442945>) this [year](<https://mobile.twitter.com/LabDookhtegan2/status/1539960629867401218>).\n\n\"The model of Iranian government intelligence functions using contractors blurs the lines between the actions tasked by the government and the actions that the private company takes on its own initiative,\" Secureworks said in a [new report](<https://www.secureworks.com/blog/opsec-mistakes-reveal-cobalt-mirage-threat-actors>) detailing the activities of Cobalt Mirage.\n\nWhile exact links between the two companies and IRGC remain unclear, the method of private Iranian firms acting as fronts or providing support for intelligence operations is well established over the years, including that of [ITSecTeam (ITSEC), Mersad](<https://www.justice.gov/opa/pr/seven-iranians-working-islamic-revolutionary-guard-corps-affiliated-entities-charged>), [Emennet Pasargad](<https://thehackernews.com/2021/11/us-charged-2-iranians-hackers-for.html>), and [Rana Intelligence Computing Company](<https://thehackernews.com/2020/09/iranian-hackers-sanctioned.html>).\n\nOn top of that, the Secureworks probe into a June 2022 Cobalt Mirage incident showed that a PDF file containing the ransom note was created on December 17, 2021, by an \"Ahmad Khatibi\" and timestamped at UTC+03:30 time zone, which corresponds to the Iran Standard Time. Khatibi, incidentally, happens to be the CEO and owner of the Iranian company Afkar System.\n\nAhmad Khatibi Aghda is also part of the 10 individuals sanctioned by the U.S., alongside Mansour Ahmadi, the CEO of Najee Technology, and other employees of the two enterprises who are said to be complicit in targeting various networks globally by leveraging well-known security flaws to gain initial access to further follow-on attacks.\n\nSome of the [exploited flaws](<https://www.cisa.gov/uscert/ncas/alerts/aa22-257a>), according to a [joint cybersecurity advisory](<https://www.cisa.gov/uscert/ncas/current-activity/2022/09/14/iranian-islamic-revolutionary-guard-corps-affiliated-cyber-actors>) released by Australia, Canada, the U.K., and the U.S., as part of the IRGC-affiliated actor activity are as follows -\n\n * Fortinet FortiOS path traversal vulnerability ([CVE-2018-13379](<https://thehackernews.com/2021/09/hackers-leak-vpn-account-passwords-from.html>))\n * Fortinet FortiOS default configuration vulnerability ([CVE-2019-5591](<https://thehackernews.com/2021/08/unpatched-remote-hacking-zero-day-flaw.html>))\n * Fortinet FortiOS SSL VPN 2FA bypass vulnerability ([CVE-2020-12812](<https://thehackernews.com/2021/08/unpatched-remote-hacking-zero-day-flaw.html>))\n * [ProxyShell](<https://thehackernews.com/2021/08/hackers-actively-searching-for.html>) (CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207), and\n * [Log4Shell](<https://thehackernews.com/2021/12/new-apache-log4j-update-released-to.html>) (CVE-2021-44228, CVE-2021-45046, and/or CVE-2021-45105)\n\n\"Khatibi is among the cyber actors who gained unauthorized access to victim networks to encrypt the network with BitLocker and demand a ransom for the decryption keys,\" the U.S. government said, in addition to adding him to the FBI's [Most Wanted list](<https://www.fbi.gov/wanted/cyber/ahmad-khatibi-aghda>).\n\n\"He leased network infrastructure used in furtherance of this malicious cyber group's activities, he participated in compromising victims' networks, and he engaged in ransom negotiations with victims.\"\n\nCoinciding with the sanctions, the Justice Department separately [indicted](<https://www.justice.gov/usao-nj/pr/three-iranian-nationals-charged-engaging-computer-intrusions-and-ransomware-style>) Ahmadi, Khatibi, and a third Iranian national named Amir Hossein Nickaein Ravari for engaging in a criminal extortion scheme to inflict damage and losses to victims located in the U.S., Israel, and Iran.\n\nAll three individuals have been charged with one count of conspiring to commit computer fraud and related activity in connection with computers; one count of intentionally damaging a protected computer; and one count of transmitting a demand in relation to damaging a protected computer. Ahmadi has also been charged with one more count of intentionally damaging a protected computer.\n\nThat's not all. The U.S. State Department has also [announced monetary rewards](<https://www.state.gov/sanctioning-iranians-for-malicious-cyber-acts/>) of up to $10 million for any information about [Mansour, Khatibi, and Nikaeen](<https://rewardsforjustice.net/index/?jsf=jet-engine:rewards-grid&tax=cyber:3266>) and their whereabouts.\n\n\"These defendants may have been hacking and extorting victims \u2013 including critical infrastructure providers \u2013 for their personal gain, but the charges reflect how criminals can flourish in the safe haven that the Government of Iran has created and is responsible for,\" Assistant Attorney General Matthew Olsen said.\n\nThe development comes close on the heels of [sanctions](<https://thehackernews.com/2022/09/us-imposes-new-sanctions-on-iran-over.html>) imposed by the U.S. against Iran's Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence, Esmaeil Khatib, for engaging in cyber-enabled activities against the nation and its allies.\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-09-15T06:49:00", "type": "thn", "title": "U.S. Charges 3 Iranian Hackers and Sanctions Several Others Over Ransomware Attacks", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-13379", "CVE-2019-5591", "CVE-2020-12812", "CVE-2021-31207", "CVE-2021-34473", "CVE-2021-34523", "CVE-2021-44228", "CVE-2021-45046", "CVE-2021-45105"], "modified": "2022-09-16T03:17:57", "id": "THN:802C6445DD27FFC7978D22CC3182AD58", "href": "https://thehackernews.com/2022/09/us-charges-3-iranian-hackers-and.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-09T12:40:08", "description": "[![ransomware attack on hospitals](https://thehackernews.com/images/-YFnAQDBLWlw/X2h9bFB25hI/AAAAAAAAAyE/jMecIXHH_sMcXYoQN-b9qTiy868SAREGgCLcBGAsYHQ/s728-e1000/ransomware-attack-on-hospital.jpg)](<https://thehackernews.com/images/-YFnAQDBLWlw/X2h9bFB25hI/AAAAAAAAAyE/jMecIXHH_sMcXYoQN-b9qTiy868SAREGgCLcBGAsYHQ/s728/ransomware-attack-on-hospital.jpg>)\n\n \nGerman authorities last week [disclosed](<https://apnews.com/cf8f8eee1adcec69bcc864f2c4308c94>) that a ransomware attack on the University Hospital of D\u00fcsseldorf (UKD) caused a failure of IT systems, resulting in the death of a woman who had to be sent to another hospital that was 20 miles away.\n\nThe incident marks the first recorded casualty as a consequence of cyberattacks on critical healthcare facilities, which has ramped up in recent months.\n\nThe attack, which exploited a Citrix ADC [CVE-2019-19781](<https://www.citrix.com/blogs/2020/01/24/citrix-releases-final-fixes-for-cve-2019-19781/>) vulnerability to cripple the hospital systems on September 10, is said to have been \"misdirected\" in that it was originally intended for Heinrich Heine University, according to an extortion note left by the perpetrators.\n\nAfter law enforcement contacted the threat actors and informed them that they had encrypted a hospital, the operators behind the attack withdrew the ransom demand and provided the decryption key.\n\nThe case is currently being treated as a homicide, BBC News [reported](<https://www.bbc.com/news/technology-54204356>) over the weekend.\n\n### Unpatched Vulnerabilities Become Gateway to Ransomware Attacks\n\nAlthough several ransomware gangs said early on in the pandemic that they would not deliberately [target hospitals or medical facilities](<https://thehackernews.com/2016/11/hospital-cyber-attack-virus.html>), the recurring attacks [prompted the Interpol](<https://thehackernews.com/2020/04/cronavirus-hackers.html>) to issue a warning cautioning hospitals against ransomware attacks designed to lock them out of their critical systems in an attempt to extort payments.\n\nWeak credentials and VPN vulnerabilities have proven to be a blessing in disguise for threat actors to break into the internal networks of businesses and organizations, leading cybersecurity agencies in the U.S. and U.K. to publish [multiple](<https://thehackernews.com/2020/09/iranian-hackers-sanctioned.html>) [advisories](<https://www.ncsc.gov.uk/news/citrix-alert>) about active exploitation of the flaws.\n\n\"The [Federal Office for Information Security] is becoming increasingly aware of incidents in which Citrix systems were compromised before the security updates that were made available in January 2020 were installed,\" the German cybersecurity agency [said](<https://www.bsi.bund.de/DE/Presse/Pressemitteilungen/Presse2020/UKDuesseldorf_170920.html>) in an alert last week.\n\n\"This means that attackers still have access to the system and the networks behind it even after the security gap has been closed. This possibility is currently increasingly being used to carry out attacks on affected organizations.\"\n\nThe development also coincides with a fresh [advisory](<https://www.ncsc.gov.uk/news/alert-targeted-ransomware-attacks-on-uk-education-sector>) from the U.K. National Cyber Security Centre (NCSC), which said it's observed an uptick in ransomware incidents targeting educational institutions at least since August 2020, while urging schools and universities to implement a \"defence in depth\" strategy to defend against such malware attacks.\n\nSome of the affected institutions included [Newcastle](<https://www.ncl.ac.uk/itservice/latest-news/>) and [Northumbria](<https://www.bbc.com/news/uk-england-tyne-53989404>) Universities, among others.\n\nCiting Remote Desktop Protocol (RDP), vulnerable software or hardware, and email phishing as the three most common infection vectors, the agency [recommended](<https://blog.emsisoft.com/en/36921/8-critical-steps-to-take-after-a-ransomware-attack-ransomware-response-guide-for-businesses/>) organizations to maintain up-to-date offline backups, adopt endpoint malware protection, secure RDP services using multi-factor authentication, and have an effective patch management strategy in place.\n\n### A Spike in Ransomware Infections\n\nIf anything, the ransomware crisis seems to be only getting worse. [Historical data](<https://sites.temple.edu/care/ci-rw-attacks/>) gathered by Temple University's CARE cybersecurity lab has shown that there have been a total of 687 publicly disclosed cases in the U.S. since 2013, with 2019 and 2020 alone accounting for more than half of all reported incidents (440).\n\nGovernment facilities, educational institutions, and healthcare organizations are the most frequently hit sectors, as per the analysis.\n\nAnd if 2020 is any indication, attacks against colleges and universities are showing no signs of slowing down.\n\n[![](https://thehackernews.com/images/-w1AP-pVwnR0/X2h7szFvYJI/AAAAAAAAAx4/R2M_VI5F2gUCV9Dq0WYitww8OQ_Uz2P1gCLcBGAsYHQ/s0/ransomware-malware-attack-on-universities.jpg)](<https://thehackernews.com/images/-w1AP-pVwnR0/X2h7szFvYJI/AAAAAAAAAx4/R2M_VI5F2gUCV9Dq0WYitww8OQ_Uz2P1gCLcBGAsYHQ/s0/ransomware-malware-attack-on-universities.jpg>)\n\nAllan Liska, a threat intelligence analyst at Recorded Future, revealed there had been at least 80 publicly reported ransomware infections targeting the education sector to date this year, a massive jump from 43 ransomware attacks for the whole of 2019.\n\n\"Part of this change can be attributed to extortion sites, which force more victims to announce attacks,\" Liska said in a [tweet](<https://twitter.com/uuallan/status/1307684719593746432>). \"But, in general, ransomware actors have more interest in going after colleges and universities, and they are often easy targets.\"\n\nYou can read more about NCSC's mitigation measures [here](<https://www.ncsc.gov.uk/guidance/mitigating-malware-and-ransomware-attacks>). For more guidance on proofing businesses against ransomware attacks, head to US Cybersecurity Security and Infrastructure Security Agency's response guide [here](<https://us-cert.cisa.gov/security-publications/Ransomware>).\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-09-21T10:20:00", "type": "thn", "title": "A Patient Dies After Ransomware Attack Paralyzes German Hospital Systems", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19781"], "modified": "2020-09-21T10:34:14", "id": "THN:EB3F9784BB2A52721953F128D1B3EAEC", "href": "https://thehackernews.com/2020/09/a-patient-dies-after-ransomware-attack.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-09T12:38:52", "description": "[![Citrix ADC Vulnerability](https://thehackernews.com/images/-C3dSDFvJiqA/XiW3-49gerI/AAAAAAAABUA/ZZoejAM3OJUPzdMEoE_ef-Wyi7-BtaokACLcBGAsYHQ/s728-e100/Citrix-ADC-Gateway-hacking.jpg)](<https://thehackernews.com/images/-C3dSDFvJiqA/XiW3-49gerI/AAAAAAAABUA/ZZoejAM3OJUPzdMEoE_ef-Wyi7-BtaokACLcBGAsYHQ/s728-e100/Citrix-ADC-Gateway-hacking.jpg>)\n\nCitrix has finally started rolling out security patches for a critical [vulnerability in ADC and Gateway](<https://thehackernews.com/2020/01/citrix-adc-gateway-exploit.html>) software that attackers started exploiting in the wild earlier this month after the company announced the existence of the issue without releasing any permanent fix. \n \nI wish I could say, \"better late than never,\" but since hackers don't waste time or miss any opportunity to exploit vulnerable systems, even a short window of time resulted in the compromise of hundreds of Internet exposed Citrix ADC and Gateway systems. \n \nAs explained earlier on The Hacker News, the vulnerability, tracked as **CVE-2019-19781**, is a path traversal issue that could allow unauthenticated remote attackers to execute arbitrary code on several versions of Citrix ADC and Gateway products, as well as on the two older versions of Citrix SD-WAN WANOP. \n \nRated critical with CVSS v3.1 base score 9.8, the issue was discovered by Mikhail Klyuchnikov, a security researcher at Positive Technologies, who responsibly reported it to Citrix in early December. \n \nThe vulnerability is actively being exploited in the wild since last week by dozens of hacking groups and individual attackers\u2014thanks to the public release of multiple [proofs-of-concept exploit code](<https://thehackernews.com/2020/01/citrix-adc-gateway-exploit.html>). \n \nAccording to cyber security [experts](<https://twitter.com/0xDUDE/status/1218988914272362496?s=08>), as of today, there are over 15,000 publicly accessible vulnerable Citrix ADC and Gateway servers that attackers can exploit overnight to target potential enterprise networks. \n \nFireEye experts found an attack campaign where someone was compromising vulnerable Citrix ADCs to install a previously-unseen payload, dubbed \"[NotRobin](<https://www.fireeye.com/blog/threat-research/2020/01/vigilante-deploying-mitigation-for-citrix-netscaler-vulnerability-while-maintaining-backdoor.html>),\" that scans systems for cryptominers and malware deployed by other potential attackers and removes them to maintain exclusive backdoor access. \n \n\n\n> [#Citrix](<https://twitter.com/hashtag/Citrix?src=hash&ref_src=twsrc%5Etfw>) released a free tool that analyzes available log sources and system forensic artifacts to identify whether an ADC appliance has potentially been compromised using CVE-2019-19781 security flaw. \n \nYou can find the tool and instructions here: <https://t.co/eewijzI2l9>[#infosec](<https://twitter.com/hashtag/infosec?src=hash&ref_src=twsrc%5Etfw>) <https://t.co/YKMwgPzmYE>\n> \n> \u2014 The Hacker News (@TheHackersNews) [January 22, 2020](<https://twitter.com/TheHackersNews/status/1219994163581554689?ref_src=twsrc%5Etfw>)\n\n \n \n\"This actor exploits NetScaler devices using CVE-2019-19781 to execute shell commands on the compromised device,\" FireEye said. \n \n\"FireEye believes that the actor behind NOTROBIN has been opportunistically compromising NetScaler devices, possibly to prepare for an upcoming campaign. They remove other known malware, potentially to avoid detection by administrators.\" \n \n\n\n## Citrix Patch Timeline: Stay Tuned for More Software Updates!\n\n \nLast week Citrix [announced a timeline](<https://twitter.com/TheHackersNews/status/1216239812249702401>), promising to release patched firmware updates for all supported versions of ADC and Gateway software before the end of January 2020, as shown in the chart. \n\n\n[![Citrix ADC and Gateway Software](https://thehackernews.com/images/-GFKY1pukwgU/XiWsvTjWRzI/AAAAAAAABT0/6B9St94Mff0LZyZw6yzG2oMefLn6gMgGACLcBGAsYHQ/s728-e100/Citrix-ADC-Gateway.jpg)](<https://thehackernews.com/images/-GFKY1pukwgU/XiWsvTjWRzI/AAAAAAAABT0/6B9St94Mff0LZyZw6yzG2oMefLn6gMgGACLcBGAsYHQ/s728-e100/Citrix-ADC-Gateway.jpg>)\n\nAs part of its [first batch of updates](<https://www.citrix.com/blogs/2020/01/19/vulnerability-update-first-permanent-fixes-available-timeline-accelerated/>), Citrix today released permanent patches for ADC versions 11.1 and 12.0 that also apply to \"ADC and Gateway VPX hosted on ESX, Hyper-V, KVM, XenServer, Azure, AWS, GCP or on a Citrix ADC Service Delivery Appliance (SDX).\" \n \n\"It is necessary to upgrade all Citrix ADC and Citrix Gateway 11.1 instances (MPX or VPX) to build 11.1.63.15 to install the security vulnerability fixes. It is necessary to upgrade all Citrix ADC and Citrix Gateway 12.0 instances (MPX or VPX) to build 12.0.63.13 to install the security vulnerability fixes,\" Citrix said in its advisory. \n \n\"We urge customers to install these fixes immediately,\" the company said. \"If you have not already done so, you need to apply the previously supplied mitigation to ADC versions 12.1, 13, 10.5, and SD-WAN WANOP versions 10.2.6 and 11.0.3 until the fixes for those versions are available.\" \n \nThe company also warned that customers with multiple ADC versions in production must apply the correct version of patch to each system separately. \n \nBesides installing available patches for supported versions and applying the recommended mitigation for unpatched systems, Citrix ADC administrators are also advised to monitor their device logs for attacks. \n \n**UPDATE \u2014 **Citrix on Thursday also released [second batch of permanent security patches](<https://www.citrix.com/blogs/2020/01/23/fixes-now-available-for-citrix-adc-citrix-gateway-versions-12-1-and-13-0/>) for critical RCE vulnerability affecting ADC and Gateway versions 12.1 and 13.0.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-20T14:24:00", "type": "thn", "title": "Citrix Releases Patches for Critical ADC Vulnerability Under Active Attack", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19781"], "modified": "2020-01-24T07:05:37", "id": "THN:166AAAF7F04EF01C9E049500387BD1FD", "href": "https://thehackernews.com/2020/01/citrix-adc-patch-update.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-09T12:38:53", "description": "[![citrix adc and gateway vulnerability](https://thehackernews.com/images/-_9-nocA92TI/XhmeU1ZwSqI/AAAAAAAA2KQ/m0YexAlFrVQzvw1H2fYT8uoiFY33g82DQCLcBGAsYHQ/s728-e100/citrix-adc-gateway-vulnerability.jpg)](<https://thehackernews.com/images/-_9-nocA92TI/XhmeU1ZwSqI/AAAAAAAA2KQ/m0YexAlFrVQzvw1H2fYT8uoiFY33g82DQCLcBGAsYHQ/s728-e100/citrix-adc-gateway-vulnerability.jpg>)\n\nIt's now or never to prevent your enterprise servers running vulnerable versions of Citrix application delivery, load balancing, and Gateway solutions from getting hacked by remote attackers. \n \nWhy the urgency? Earlier today, multiple groups publicly released weaponized proof-of-concept exploit code [[1](<https://github.com/trustedsec/cve-2019-19781>), [2](<https://github.com/projectzeroindia/CVE-2019-19781>)] for a recently disclosed remote code execution vulnerability in Citrix's NetScaler ADC and Gateway products that could allow anyone to leverage them to take full control over potential enterprise targets. \n \nJust before the last Christmas and year-end holidays, Citrix [announced](<https://support.citrix.com/article/CTX267027>) that its Citrix Application Delivery Controller (ADC) and Citrix Gateway are vulnerable to a critical path traversal flaw (CVE-2019-19781) that could allow an unauthenticated attacker to perform arbitrary code execution on vulnerable servers. \n \nCitrix confirmed that the flaw affects all supported version of the software, including: \n \n\n\n * Citrix ADC and Citrix Gateway version 13.0 all supported builds\n * Citrix ADC and NetScaler Gateway version 12.1 all supported builds\n * Citrix ADC and NetScaler Gateway version 12.0 all supported builds\n * Citrix ADC and NetScaler Gateway version 11.1 all supported builds\n * Citrix NetScaler ADC and NetScaler Gateway version 10.5 all supported builds\n \nThe company made the disclose without releasing any security patches for vulnerable software; instead, [Citrix offered mitigation](<https://support.citrix.com/article/CTX267679>) to help administrators guard their servers against potential remote attacks\u2060\u2014and even at the time of writing, there's no patch available almost 23 days after disclosure. \n \n\n\n \nThrough the cyberattacks against vulnerable servers were [first seen in the wild](<https://twitter.com/sans_isc/status/1213228049011007489>) last week when hackers developed private exploit after reverse engineering mitigation information, the public release of weaponized PoC would now make it easier for low-skilled script kiddies to launch cyberattacks against vulnerable organizations. \n \nAccording to [Shodan](<https://beta.shodan.io/search/facet?query=http.waf%3A%22Citrix+NetScaler%22&facet=org>), at the time of writing, there are over 125,400 Citrix ADC or Gateway servers publicly accessible and can be exploited overnight if not taken offline or protected using available mitigation. \n \nWhile discussing [technical details](<https://www.mdsec.co.uk/2020/01/deep-dive-to-citrix-adc-remote-code-execution-cve-2019-19781/>) of the flaw in a blog post published yesterday, MDSsec also released a video demonstration of the exploit they developed but chose not to release it at this moment. \n \nBesides applying the recommended mitigation, Citrix ADC administrators are also advised to monitor their device logs for attacks.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-11T10:21:00", "type": "thn", "title": "PoC Exploits Released for Citrix ADC and Gateway RCE Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19781"], "modified": "2020-01-11T10:22:37", "id": "THN:6ED39786EE29904C7E93F7A0E35A39CB", "href": "https://thehackernews.com/2020/01/citrix-adc-gateway-exploit.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "rapid7blog": [{"lastseen": "2021-10-06T15:02:24", "description": "![For Microsoft Exchange Server Vulnerabilities, Patching Remains Patchy](https://blog.rapid7.com/content/images/2021/10/exchange-server.jpg)\n\nIf you've been keeping tabs on the state of vulnerabilities, you've probably noticed that Microsoft Exchange has been in the news more than usual lately. Back in March 2021, Microsoft [acknowledged a series of threats](<https://www.rapid7.com/blog/post/2021/03/03/mass-exploitation-of-exchange-server-zero-day-cves-what-you-need-to-know/>) exploiting zero-day CVEs in on-premises instances of Exchange Server. Since then, several related exploit chains targeting Exchange have [continued to be exploited in the wild](<https://www.rapid7.com/blog/post/2021/08/12/proxyshell-more-widespread-exploitation-of-microsoft-exchange-servers/>).\n\nMicrosoft [quickly](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34473>) [released](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34523>) [patches](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31207>) to help security teams keep attackers out of their Exchange environments. So, what does the state of patching look like today among organizations running impacted instances of Exchange?\n\nThe answer is more mixed \u2014 and more troubling \u2014 than you'd expect.\n\n## What is Exchange, and why should you care?\n\nExchange is a popular email and messaging service that runs on Windows Server operating systems, providing email and calendaring services to tens of thousands of organizations. It also integrates with unified messaging, video chat, and phone services. That makes Exchange an all-in-one messaging service that can handle virtually all communication streams for an enterprise customer.\n\nAn organization's Exchange infrastructure can contain copious amounts of sensitive business and customer information in the form of emails and a type of shared mailbox called Public Folders. This is one of the reasons why Exchange Server vulnerabilities pose such a significant threat. Once compromised, Exchange's search mechanisms can make this data easy to find for attackers, and a robust rules engine means attackers can create hard-to-find automation that forwards data out of the organization.\n\nAn attacker who manages to get into an organization's Exchange Server could gain visibility into their Active Directory or even compromise it. They could also steal credentials and impersonate an authentic user, making phishing and other attempts at fraud more likely to land with targeted victims.\n\n## Sizing up the threats\n\nThe credit for discovering this recent family of Exchange Server vulnerabilities goes primarily to security researcher Orange Tsai, who overviewed them in an August 2021 [Black Hat talk](<https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-ProxyLogon-Is-Just-The-Tip-Of-The-Iceberg-A-New-Attack-Surface-On-Microsoft-Exchange-Server.pdf>). He cited 8 vulnerabilities, which resulted in 3 exploit chains:\n\n * ****ProxyLogon:**** This vulnerability could allow attackers to use pre-authentication server-side request forgery (SSRF) plus a post-authentication arbitrary file write, resulting in remote code execution (RCE) on the server.\n * ****ProxyOracle:**** With a cookie from an authenticated user (obtained through a reflected XSS link), a Padding Oracle attack could provide an intruder with plain-text credentials for the user.\n * ****ProxyShell: ****Using a pre-authentication access control list (ACL) bypass, a PrivEsc (not going up to become an administrator but down to a user mailbox), and a post-authentication arbitrary file write, this exploit chain could allow attackers to execute an RCE attack.\n\nGiven the sensitivity of Exchange Server data and the availability of [patches and resources from Microsoft](<https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server/>) to help defend against these threats, you'd think adoption of these patches would be almost universal. But unfortunately, the picture of patching for this family of vulnerabilities is still woefully incomplete.\n\n## A patchwork of patch statuses\n\nIn Rapid7's OCTO team, we keep tabs on the exposure for major vulnerabilities like these, to keep our customers and the security community apprised of where these threats stand and if they might be at risk. To get a good look at the patch status among Exchange Servers for this family of attack chains, we had to develop new techniques for fingerprinting Exchange versions so we could determine which specific hotfixes had been applied.\n\nWith a few tweaks, we were able to adjust our measurement approach to get a clear enough view that we can draw some strong conclusions about the patch statuses of Exchange Servers on the public-facing internet. Here's what we found:\n\n * Out of the 306,552 Exchange OWA servers we observed, 222,145 \u2014 or 72.4% \u2014were running an impacted version of Exchange (this includes 2013, 2016, and 2019).\n * Of the impacted servers, 29.08% were still unpatched for the ProxyShell vulnerability, and 2.62% were partially patched. That makes 31.7% of servers that may still be vulnerable.\n\n![For Microsoft Exchange Server Vulnerabilities, Patching Remains Patchy](https://blog.rapid7.com/content/images/2021/10/proxyshell_summary_2021.10.01.png)\n\nTo put it another, starker way: 6 months after patches have been available for the ProxyLogon family of vulnerabilities, 1 in 3 impacted Exchange Servers are still susceptible to attacks using the ProxyShell method.\n\nWhen we sort this data by the Exchange Server versions that organizations are using, we see the uncertainty in patch status tends to cluster around specific versions, particularly 2013 Cumulative Update 23. \n\n![For Microsoft Exchange Server Vulnerabilities, Patching Remains Patchy](https://blog.rapid7.com/content/images/2021/10/proxyshell_detailed_2021.10.01.png)\n\nWe also pulled the server header for these instances with the goal of using the version of IIS as a proxy indicator of what OS the servers may be running \u2014 and we found an alarmingly large proportion of instances that were running end-of-life servers and/or operating systems, for which Microsoft no longer issues patch updates.\n\n![For Microsoft Exchange Server Vulnerabilities, Patching Remains Patchy](https://blog.rapid7.com/content/images/2021/10/proxyshell_os_2021.10.01.png)\n\nThat group includes the two bars on the left of this graph, which represent 2007 and 2010 Exchange Server versions: 75,300 instances of 2010 and 8,648 instances of 2007 are still running out there on the internet, roughly 27% of all instances we observed. Organizations still operating these products can count themselves lucky that ProxyShell and ProxyLogon don't impact these older versions of Exchange (as far as we know). But that doesn't mean those companies are out of the woods \u2014 if you still haven't replaced Exchange Server 2010, you're probably also doing other risky things in your environment.\n\nLooking ahead, the next group of products that will go end-of-life are the Windows Server 2012 and 2012 R2 operating systems, represented in green and yellow, respectively, within the graph. That means 92,641 instances of Exchange \u2014 nearly a third of all Exchange Servers on the internet \u2014 will be running unsupported operating systems for which Microsoft isn't obligated to provide security fixes after they go end-of-life in 2023.\n\n## What you can do now\n\nIt's a matter of when, not if, we encounter the next family of vulnerabilities that lets attackers have a field day with huge sets of sensitive data like those contained in Exchange Servers. And for companies that haven't yet patched, ProxyShell and its related attack chains are still a real threat. Here's what you can do now to proactively mitigate these vulnerabilities.\n\n * First things first: If your organization is running one of the 1 in 3 affected instances that are vulnerable due to being unpatched, [install the appropriate patch](<https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server/>) right away.\n * Stay current with patch updates as a routine priority. It is possible to build Exchange environments with near-100% uptimes, so there isn't much argument to be made for foregoing critical patches in order to prevent production interruptions.\n * If you're running a version of Exchange Server or Windows OS that will soon go end-of-life, start planning for how you'll update to products that Microsoft will continue to support with patches. This way, you'll be able to quickly and efficiently mitigate vulnerabilities that arise, before attackers take advantage of them.\n\nIf you're already a Rapid7 customer, there's good news: [InsightVM](<https://www.rapid7.com/products/insightvm/>) already has authenticated scans to detect these vulnerabilities, so users of the product should already have a good sense of where their Exchange environments stand. On the offensive side, your red teams and penetration testers can highlight the risk of running vulnerable Exchange instances with modules exercising [ProxyLogon](<https://www.rapid7.com/db/modules/exploit/windows/http/exchange_proxylogon_rce/>) and [ProxyShell](<https://www.rapid7.com/db/modules/exploit/windows/http/exchange_proxyshell_rce/>). And as our research team continues to develop techniques for getting this kind of detailed information about exposures, we ensure our products know about those methods so they can more effectively help customers understand their vulnerabilities.\n\nBut for all of us, these vulnerabilities are a reminder that security requires a proactive mindset \u2014 and failing to cover the basics like upgrading to supported products and installing security updates leaves organizations at risk when a particularly thorny set of attack chains rears its head.\n\n#### NEVER MISS A BLOG\n\nGet the latest stories, expertise, and news about security today.\n\nSubscribe", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-06T14:07:12", "type": "rapid7blog", "title": "For Microsoft Exchange Server Vulnerabilities, Patching Remains Patchy", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31207", "CVE-2021-34473", "CVE-2021-34523"], "modified": "2021-10-06T14:07:12", "id": "RAPID7BLOG:D47FB88807F2041B8820156ECFB85720", "href": "https://blog.rapid7.com/2021/10/06/for-microsoft-exchange-server-vulnerabilities-patching-remains-patchy/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-20T20:19:12", "description": "## Anyone enjoy making chains?\n\n![Metasploit Wrap-Up](https://blog.rapid7.com/content/images/2021/08/metasploit-blg-2-small.png)\n\nThe community is hard at work building chains to pull sessions out of vulnerable Exchange servers. This week Rapid7's own [wvu](<https://github.com/wvu-r7>) & [Spencer McIntyre](<https://github.com/zeroSteiner>) added a module that implements the ProxyShell exploit chain originally demonstrated by [Orange Tsai](<https://twitter.com/orange_8361>). The module also benefited from research and analysis by [Jang](<https://twitter.com/testanull>), [PeterJson](<https://twitter.com/peterjson>), [brandonshi123](<https://github.com/brandonshiyay>), and [mekhalleh (RAMELLA S\u00e9bastien)](<https://twitter.com/Mekhalleh>) to make it as simple as finding an email for an administrator of vulnerable version of exchange as the entrypoint to chain [CVE-2021-31207](<https://attackerkb.com/topics/5F0CGZWw61/cve-2021-31207?referrer=blog>), [CVE-2021-34523](<https://attackerkb.com/topics/RY7LpTmyCj/cve-2021-34523?referrer=blog>), & [CVE-2021-34473](<https://attackerkb.com/topics/pUK1MXLZkW/cve-2021-34473?referrer=blog>) into sessions for everyone to enjoy.\n\n## Great to see some GSoC value in the wild.\n\nWith Google Summer of Code 2021 moving into its final phases, [pingport80](<https://github.com/pingport80>) had 4 PRs land in this week's release. These improvements and fixes to interactions with sessions make post exploitation tasks more accessible, bringing the community more capabilities and stability along the way.\n\n## New module content (2)\n\n * [Lucee Administrator imgProcess.cfm Arbitrary File Write](<https://github.com/rapid7/metasploit-framework/pull/15525>) by [wvu](<https://github.com/wvu-r7>),, [iamnoooob](<https://github.com/iamnoooob>), and [rootxharsh](<https://github.com/rootxharsh>), which exploits [CVE-2021-21307](<https://attackerkb.com/topics/16OOl6KSdo/cve-2021-21307?referrer=blog>) \\- An unauthenticated user is permitted to make requests through the `imgProcess.cfm` endpoint, and using the `file` parameter which contains a directory traversal vulnerability, they can write a file to an arbitrary location. Combining the two capabilities, this module writes a CFML script to the vulnerable server and achieves unauthenticated code execution as the user running the Lucee server.\n * [Microsoft Exchange ProxyShell RCE](<https://github.com/rapid7/metasploit-framework/pull/15561>) by [wvu](<https://github.com/wvu-r7>), [Jang](<https://twitter.com/testanull>), [Orange Tsai](<https://twitter.com/orange_8361>), [PeterJson](<https://twitter.com/peterjson>), [Spencer McIntyre](<https://github.com/zeroSteiner>), [brandonshi123](<https://github.com/brandonshiyay>), and [mekhalleh (RAMELLA S\u00e9bastien)](<https://twitter.com/Mekhalleh>), which exploits [CVE-2021-31207](<https://attackerkb.com/topics/5F0CGZWw61/cve-2021-31207?referrer=blog>) \\- Added an exploit for the ProxyShell attack chain against Microsoft Exchange Server.\n\n## Enhancements and features\n\n * [#15540](<https://github.com/rapid7/metasploit-framework/pull/15540>) from [dwelch-r7](<https://github.com/dwelch-r7>) \\- This adds an option to `cmd_execute` to have the command run in a subshell by Meterpreter.\n * [#15556](<https://github.com/rapid7/metasploit-framework/pull/15556>) from [pingport80](<https://github.com/pingport80>) \\- This adds shell session compatibility to the `post/windows/gather/enum_unattend` module.\n * [#15564](<https://github.com/rapid7/metasploit-framework/pull/15564>) from [pingport80](<https://github.com/pingport80>) \\- This adds support to the `get_env` and `command_exists?` post API methods for Powershell session types.\n\n## Bugs fixed\n\n * [#15303](<https://github.com/rapid7/metasploit-framework/pull/15303>) from [pingport80](<https://github.com/pingport80>) \\- This PR ensures that the shell `dir` command returns a list.\n * [#15332](<https://github.com/rapid7/metasploit-framework/pull/15332>) from [pingport80](<https://github.com/pingport80>) \\- This improves localization support and compatibly in the session post API related to the `rename_file` method.\n * [#15539](<https://github.com/rapid7/metasploit-framework/pull/15539>) from [tomadimitrie](<https://github.com/tomadimitrie>) \\- This improves the OS version in the `check` method of `exploit/windows/local/cve_2018_8453_win32k_priv_esc`.\n * [#15546](<https://github.com/rapid7/metasploit-framework/pull/15546>) from [timwr](<https://github.com/timwr>) \\- This ensures that the UUID URLs of stageless reverse_http(s) payloads are stored in the database so that they can be properly tracked with payload UUID tracking. This also fixes an error caused by accessing contents of a url list without checking if it's valid first.\n * [#15570](<https://github.com/rapid7/metasploit-framework/pull/15570>) from [adfoster-r7](<https://github.com/adfoster-r7>) \\- This fixes a bug in the `auxiliary/scanner/smb/smb_enum_gpp` module where the path that was being generated by the module caused an SMB exception to be raised.\n\n## Get it\n\nAs always, you can update to the latest Metasploit Framework with `msfupdate` and you can get more details on the changes since the last blog post from GitHub:\n\n * [Pull Requests 6.1.0...6.1.1](<https://github.com/rapid7/metasploit-framework/pulls?q=is:pr+merged:%222021-08-12T17%3A57%3A38%2B01%3A00..2021-08-20T05%3A13%3A43-05%3A00%22>)\n * [Full diff 6.1.0...6.1.1](<https://github.com/rapid7/metasploit-framework/compare/6.1.0...6.1.1>)\n\nIf you are a `git` user, you can clone the [Metasploit Framework repo](<https://github.com/rapid7/metasploit-framework>) (master branch) for the latest. To install fresh without using git, you can use the open-source-only [Nightly Installers](<https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers>) or the [binary installers](<https://www.rapid7.com/products/metasploit/download.jsp>) (which also include the commercial edition).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-08-20T19:12:00", "type": "rapid7blog", "title": "Metasploit Wrap-Up", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21307", "CVE-2021-31207", "CVE-2021-34473", "CVE-2021-34523"], "modified": "2021-08-20T19:12:00", "id": "RAPID7BLOG:7B1DD656DC72802EE7230867267A5A16", "href": "https://blog.rapid7.com/2021/08/20/metasploit-wrap-up-126/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-25T18:57:37", "description": "![ProxyShell: More Widespread Exploitation of Microsoft Exchange Servers](https://blog.rapid7.com/content/images/2021/08/proxyshell-august.jpg)\n\n_This attack is ongoing. See the `Updates` section at the end of this post for new information as it comes to light. Rapid7 also has a [technical analysis of the ProxyShell exploit chain](<https://attackerkb.com/topics/xbr3tcCFT3/proxyshell-exploit-chain/rapid7-analysis>) in AttackerKB._\n\nOn August 5, 2021, in [a Black Hat USA talk](<https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-ProxyLogon-Is-Just-The-Tip-Of-The-Iceberg-A-New-Attack-Surface-On-Microsoft-Exchange-Server.pdf>), DEVCORE researcher Orange Tsai shared information on [several exploit chains](<https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html>) targeting on-premises installations of Microsoft Exchange Server. Among the exploit chains presented were ProxyLogon, which was [exploited en masse in February and March](<https://www.rapid7.com/blog/post/2021/03/03/mass-exploitation-of-exchange-server-zero-day-cves-what-you-need-to-know/>) of 2021, and ProxyShell, an attack chain originally demonstrated at the Pwn2Own hacking competition this past April. As of August 12, 2021, multiple researchers have detected widespread opportunistic [scanning](<https://twitter.com/bad_packets/status/1425598895569006594>) and [exploitation](<https://twitter.com/GossiTheDog/status/1425844380376735746>) of Exchange servers using the ProxyShell chain.\n\nAccording to Orange Tsai's demonstration, the ProxyShell exploit chain allows a remote unauthenticated attacker to execute arbitrary commands on a vulnerable on-premises instance of Microsoft Exchange Server via port 443. The exploit is comprised of three discrete CVEs:\n\n * [CVE-2021-34473](<https://www.rapid7.com/db/vulnerabilities/msft-cve-2021-34473/>), a remote code execution vulnerability [patched April 13, 2021](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34473>)\n * [CVE-2021-34523](<https://www.rapid7.com/db/vulnerabilities/msft-cve-2021-34523/>), an elevation of privilege vulnerability [patched April 13, 2021](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34523>)\n * [CVE-2021-31207](<https://www.rapid7.com/db/vulnerabilities/msft-cve-2021-31207/>), a security feature bypass [patched May 11, 2021](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31207>)\n\n_While CVE-2021-34473 and CVE-2021-34523 were patched in April, Microsoft\u2019s advisories note that they were inadvertently omitted from publication until July._\n\nWhen chained, these vulnerabilities allow the attacker to bypass ACL controls, send a request to a PowerShell back-end, and elevate privileges, effectively authenticating the attacker and allowing for remote code execution. Both public and private proof-of-concept exploits have been released as of August 18, 2021\u2014not surprising, since ProxyShell was first demonstrated more than four months ago at Pwn2Own. A number of [technical analyses](<https://y4y.space/2021/08/12/my-steps-of-reproducing-proxyshell/>) of the chain have also [been published](<https://peterjson.medium.com/reproducing-the-proxyshell-pwn2own-exploit-49743a4ea9a1>). See Rapid7's exploit chain analysis [in AttackerKB](<https://attackerkb.com/topics/xbr3tcCFT3/proxyshell-exploit-chain/rapid7-analysis>).\n\nNotably, there has been confusion about which CVE is which across various advisories and research descriptions \u2014 Microsoft, for instance, describes CVE-2021-34473 as a remote code execution vulnerability, but [Orange Tsai\u2019s Black Hat slides](<https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-ProxyLogon-Is-Just-The-Tip-Of-The-Iceberg-A-New-Attack-Surface-On-Microsoft-Exchange-Server.pdf>) list CVE-2021-34473 as the initial ACL bypass. Community researchers have also [expressed confusion](<https://twitter.com/GossiTheDog/status/1424791670076411905>) over CVE numbering across the ProxyShell chain, but ultimately, the takeaway is the same: Organizations that have not patched these vulnerabilities should do so on an emergency basis and invoke incident response protocols to look for indicators of compromise.\n\n## Affected products\n\nThe following versions of Exchange Server are vulnerable to all three ProxyShell CVEs:\n\n * Microsoft Exchange Server 2019 Cumulative Update 9\n * Microsoft Exchange Server 2019 Cumulative Update 8\n * Microsoft Exchange Server 2016 Cumulative Update 20\n * Microsoft Exchange Server 2016 Cumulative Update 19\n * Microsoft Exchange Server 2013 Cumulative Update 23\n\nOrganizations that rely on on-premises installations of Exchange Server and are not able to move to O365 should ensure that all Exchange instances are patched on a zero-day basis. In order to do this, it is vital that defenders keep up-to-date with quarterly Cumulative Updates, since Microsoft only releases security fixes for [the most recent Cumulative Update versions](<https://docs.microsoft.com/en-us/exchange/new-features/updates>).\n\nWhile ProxyShell and March\u2019s ProxyLogon exploit chain are the two attacks that have already resulted in widespread exploitation, they are not the only exploit chains targeting on-premises Exchange servers. Exchange continues to be valuable and accessible attack surface area for both sophisticated and run-of-the-mill threat actors, and we will certainly see additional widespread exploitation in the future.\n\nRead more from our emergent threat response team on [high-priority attack surface area](<https://www.rapid7.com/blog/post/2021/08/12/popular-attack-surfaces-august-2021-what-you-need-to-know/>), including Windows Print Spooler and Pulse Connect Secure VPNs.\n\n## Rapid7 customers\n\nInsightVM and Nexpose customers can assess their exposure to all three ProxyShell CVEs with authenticated vulnerability checks.\n\nThe following attacker behavior detection is available InsightIDR customers:\n\n * Suspicious Process - Process Spawned By Outlook Web Access\n\nThis detection will identify processes spawned by Microsoft IIS processes that have been configured to serve as Outlook Web Access web servers for Microsoft Exchange. Rogue processes being spawned may be an indication of a successful attack against these systems and has been observed targeted by various malicious actors.\n\nIf this detection fires in your environment, you should determine whether it is part of authorized administrator activity. Examine the parent process that spawned the command, and anything else that process may have spawned. If this activity is not benign or expected, consider rebuilding the host from a known, good source and having any possibly affected users change their passwords.\n\n## Updates\n\n**August 25, 2021:** Rapid7 estimates that there are over 84,000 Exchange servers that appear vulnerable to the ProxyShell attack chain. \n![ProxyShell: More Widespread Exploitation of Microsoft Exchange Servers](https://blog.rapid7.com/content/images/2021/08/8.25.ProxyShell.png)\n\n**August 23, 2021:** Multiple sources have now [reported](<https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/lockfile-ransomware-new-petitpotam-windows>) that at least one ransomware gang (LockFile) is chaining ProxyShell with PetitPotam (CVE-2021-36942) to compromise Windows domain controllers. See [Rapid7's blog on PetitPotam](<https://www.rapid7.com/blog/post/2021/08/03/petitpotam-novel-attack-chain-can-fully-compromise-windows-domains-running-ad-cs/>) for patching and additional required mitigation advice.\n\n**August 21, 2021:** Rapid7's Managed Detection and Response (MDR) and Incident Response (IR) teams have noted a significant uptick in Exchange exploitation by multiple threat actors. Community researchers have also noted that attackers are exploiting the ProxyShell vulnerabilities to drop webshells and [spread ransomware](<https://doublepulsar.com/multiple-threat-actors-including-a-ransomware-gang-exploiting-exchange-proxyshell-vulnerabilities-c457b1655e9c>) on vulnerable targets.\n\nWe are monitoring for additional attacker behavior and will update this blog as further information comes to light.\n\n**August 16, 2021:** We have begun to see public proof-of-concept (PoC) code implementing the ProxyShell exploit chain. Exploitation is ongoing.\n\n#### NEVER MISS A BLOG\n\nGet the latest stories, expertise, and news about security today.\n\nSubscribe", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-08-12T21:08:43", "type": "rapid7blog", "title": "ProxyShell: More Widespread Exploitation of Microsoft Exchange Servers", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31207", "CVE-2021-34473", "CVE-2021-34523", "CVE-2021-36942"], "modified": "2021-08-12T21:08:43", "id": "RAPID7BLOG:03B1EB65D8A7CFE486943E2472225BA1", "href": "https://blog.rapid7.com/2021/08/12/proxyshell-more-widespread-exploitation-of-microsoft-exchange-servers/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-09T17:28:27", "description": "![Conti Ransomware Group Internal Chats Leaked Over Russia-Ukraine Conflict](https://blog.rapid7.com/content/images/2022/03/contileaks.jpg)\n\n**_UPDATE: _**_As of March 2, 2022, Conti began taking down exposed infrastructure as a result of the chat disclosure. At that time, we assessed that due to their sophisticated capability, deep funding, and quick recovery from exposed infrastructure in November 2021, they remained an active and significant threat. As of March 9, 2022, our threat intelligence team has observed a resumption of normal operations from Conti._\n\nOn February 27, Twitter user [@ContiLeaks](<https://twitter.com/contileaks>) released a trove of chat logs from the ransomware group, Conti \u2013 a sophisticated ransomware group whose manual was publicly [leaked last year](<https://blog.talosintelligence.com/2021/09/Conti-leak-translation.html>). Ahead of the chat log disclosures, Conti pledged their support for the Russian Government following the Russian invasion of Ukraine. However, a number of members sided with Ukraine, causing strife within the organization. Two days later, Conti posted a second message revising their statement to condemn the war and to strike back only if Russian critical infrastructure is targeted.\n\n![Conti Ransomware Group Internal Chats Leaked Over Russia-Ukraine Conflict](https://blog.rapid7.com/content/images/2022/03/image3.png)_Conti announcement of support for Russian government_\n\n![Conti Ransomware Group Internal Chats Leaked Over Russia-Ukraine Conflict](https://blog.rapid7.com/content/images/2022/03/image1.jpg)_Conti walk-back of their support for Russia_\n\n![Conti Ransomware Group Internal Chats Leaked Over Russia-Ukraine Conflict](https://blog.rapid7.com/content/images/2022/03/image4.png)_@ContiLeaks announcement of the release_\n\nAt the time of the leak, a file titled `1.tgz` was released on the \u201cAnonFiles\u201d website, containing 14 megabytes of chat logs across 393 JSON files. However, some of the messages were encrypted and could not be read, so the information provided is necessarily incomplete. The remaining files contained internal Conti communications, screenshots of tools, and discussions of their exploits and design processes. \n\nOn February 28 and March 1, a bevy of additional files were posted, along with a number of pro-Ukraine tweets. Among both sets of leaked messages, there were a number of usernames and passwords for a variety of accounts. Additionally, user @ContiLeaks shared access details for a number of alleged Conti command and control servers, plus storage servers for stolen files. However, we have not accessed any of the data necessitating access to remote servers or the use of usernames and passwords, and we strongly recommend against doing so. \n\n@ContiLeaks also shared a file that they purport to be the source code for the Conti ransomware but declined to share the password except with \u201ctrusted parties.\u201d @ContiLeaks did, however, name one alleged Conti developer, providing their email address and Github. The scale of the leaked information suggests that the leaker is likely either a very senior member of the group or a coalition of disgruntled Conti affiliates.\n\n## Conti is a business \u2013 and a well-funded one\n\nMuch of the discussion within the chat logs concerns fairly mundane things \u2013 interviewing potential operators of the group, payment for services, out-of-office messages, gossip, and discussions of products. Based on the leaked chats, the Conti interview process actually looks a lot like a standard technical interview, with coding exercises to be performed hosted on public code repositories, salary negotiations, and the status of ongoing products. \n\nIn addition to other financial information related to specific actors, the leaked chats have revealed Conti\u2019s primary Bitcoin address, which contains over **two billion USD** as of February 28, 2022. Moreover, a conversation on April 9, 2021 between \u201cmango\u201d and \u201cjohnyboy77\u201d indicates Russian FSB involvement in some portion of their funding and that the FSB were interested in files from the media outlet Bellingcat on \u201cNavalny\u201d \u2013 an apparent reference to Alexei Navalny, the currently imprisoned opposition leader in Russia.\n\n## Conti development\n\nConti seems to operate much like a software company \u2013 the chat logs disclose concerns with the development of specific features for targets and a particular difficulty in encrypting very large files. The Conti team also attempted to get demos of popular endpoint detection software with the intent to develop their malware to avoid detection.\n\nTwo of the actors, \u201clemur\u201d and \u201cterry\u201d shared phishing templates (included verbatim in Appendix B at the end of this post) to be used against potential targets. Conti gains initial access in many ways, with phishing a popular line of attack due in part to its relatively high efficacy and low cost. Conti often uses phishing emails to establish a presence on targeted networks.\n\nA screenshot of the Conti control panel was also leaked, showing a number of compromised hosts and a breakdown of the operating systems, antiviruses, user rights, and detailed information about the infected assets.\n\n![Conti Ransomware Group Internal Chats Leaked Over Russia-Ukraine Conflict](https://blog.rapid7.com/content/images/2022/03/image2.png)_Conti control panel_\n\nFurther discussions detailed the use of infrastructure against targets, disclosing a number of both known and unknown Conti command and control domains. At the time of this post, only a small number of the previously unknown command and control domains appear to be active. Conversations between two operators, \u201cStern\u201d and \u201cBentley\u201d discuss the use of third parties for malicious documents, favoring certain providers over others. They also discuss logistics for how to deliver ransomware without being detected by dynamic analysis. In a conversation between the two back in June of 2021, Stern discloses that Conti wants to start their own cryptocurrency but does not know who to work with. There is no evidence that anything came of this desire, and Conti continues to use Bitcoin for their ransoms. \n\n## Other groups assert they are strictly business\n\nIn stark contrast to Conti, other groups have made it clear to the public that despite their \u201cbusiness model,\u201d they take no public stance on this crisis. LockBit is remaining aloof from the conflict and made it clear that they intend to operate as usual. Although it is believed that LockBit is a Russian organization, they assert that \u201cwe are all simple and peaceful people, we are all Earthlings,\u201d and \u201cfor us it is just business and we are all apolitical.\u201d Another ransomware group, ALPHV, claims to be \u201cextremely saddened\u201d by Conti\u2019s pledge of support and condemns Conti. Their message concludes, \u201cThe Internet, and even more so its dark side, is not the place for politics.\u201d\n\n## Rumors of Conti\u2019s demise have been greatly exaggerated\n\nConti\u2019s payment and \u201csupport\u201d portal is still live, even following the infighting and leaks. Conti has repeatedly proven to be one of the most capable ransomware actors and these chats indicate that the group is well-organized and still very well-funded despite the schism. Any suggestion that these leaks spell the end for Conti is overstated, and we expect that Conti will continue to be a powerful player in the ransomware space.\n\n## What you can do\n\nWe are keeping an eye on dark web activity related to Conti and other ransomware groups and want to reiterate the following steps for protecting yourself from ransomware: \n\n\n * User education, especially related to well-crafted phishing campaigns\n * Asset and vulnerability management, including reducing your external attack surface\n * Multi-factor authentication \n\n\nAdditionally, it is worth ensuring that you are well-guarded against the exploits and malware commonly used by Conti (vulnerabilities provided in Appendix A at the end of this post). Furthermore, security teams should also take some time to review [CISA\u2019s recent report on the group](<https://www.cisa.gov/uscert/ncas/alerts/aa21-265a>). For further discussion on how to protect yourself from ransomware, see our [ransomware playbook](<https://www.rapid7.com/solutions/ransomware/>). \n\n\n## Appendix A \u2013 Conti known exploited vulnerabilities\n\nCVE-2017-0143, CVE-2017-0144, CVE-2017-0145, CVE-2017-0146 (MS17-010; EternalBlue/EternalSynergy/EternalChampion)\n\nCVE-2020-1472 (ZeroLogon)\n\nCVE-2021-34527 (PrintNightmare)\n\nCVE-2021-44228 (Log4Shell)\n\nCVE-2021-34473, CVE-2021-34523, CVE-2021-31207 (ProxyShell/ProxyLogon)\n\n## Appendix B \u2013 Phishing templates\n\n{Greetings|Hello|Good afternoon|Hi|Good day|Greeting|Good morning|Good evening}! \n{Here|Right here|In this letter|With this letter} we {send|direct} you {all the|all the necessary|the most important} {documentation|papers|documents|records} {regarding|concerning|relating to} your {payment|deposit payment|last payment} {#|\u2116|No. }\u041d\u041e\u041c\u0415\u0420 \u041f\u041b\u0410\u0422\u0415\u0416\u0410, right {as we|as we have} {discussed|revealed} {not so long ago|not too long ago|recently|just recently|not long ago}. Please {review the|check the|take a look at} \u0430ll {necessary|required|important} {information|data} in the {file attached|attached file}. \n\u0422: {Payment|Deposit payment} {invoice|receipt} {#|\u2116|No. }\u041d\u041e\u041c\u0415\u0420 \u0418\u041d\u0412\u041e\u0419\u0421\u0410 {prepared|formed} \nD: {payment|deposit|dep|paym}_{info|information|data}\n\n{Hello|Greetings|Greetings to you|Good evening|Good morning|Good day|Good afternoon}{!|,|.|} \nYour {order|purchase order|online order} was {successfully|correctly|timely} {paid|compensated|covered} by you {yesterday|today|recently}. Your {documentation|docs|papers} and {bank check|receipt|paycheck} {can be found|are listed} in the {attached file|file attached}. \nT: {Invoice|Given invoice|Bill} {we|we have|we\u2019ve} {sent|mailed|delivered} to you {is paid|is covered|is processed}. \nD: {Purchase order|Order} {verification|approval}\n\n{Hello|Greetings|Greetings to you|Good evening|Good morning|Good day|Good afternoon}{!|,|.|} \n{We are contacting you to|This is to|This mail is to} {notify|remind} you {about|regarding} your {debt|unprocessed payment} for {our last|the recent|our recent} {contract|agreement}. All {compensation|payment} {data|information}, {agreement|contract} and prepared legal {documents|documentation} {can be found|are located} in the {file attached|attached file}. \nT: {Missing|Additional} payment {information|details|info} reminder \nD: {Contract|Agreement} 2815/2 {case|claim}\n\n{Hello|Greetings|Greetings to you|Good evening|Good morning|Good day|Good afternoon}{!|,|.|} \n{Your payment|Your advance payment|Your obligatory payment|Payment you sent|Payment you made} was {successfully|correctly|timely|properly} {achieved|accomplished|approved|affirmed|received|obtained|collected|processed}. All {required documentation|necessary documents|important documentation|documents you need|details that can be important|essential documents} {can be found|you can find} in the {attached file|file attached}. \nT: {Invoicing|Invoice|Agreement|Contract|Payment} {info|data|information|details} \nD: {Receipt|Bill} {id|ID|Number|number|No.|No.|No|#|##} 3212-inv8\n\n{Greetings|Hello|Good day|Good afternoon}{!|,|} \n{Thank you for|We are thankful for|We are grateful for|Many thanks for} {your|your recent} {on-line order|purchase order|order}. {We|Our financiers have|Our team has|We have|Our shop has} {received|collected|processed|checked} your {payment|advance payment|money transfer|funds transfer} \u041d\u041e\u041c\u0415\u0420 \u041f\u0415\u0420\u0415\u0412\u041e\u0414\u0410. Now we {are and ready to|begin to} {pack|prepare|compose} your {shipment|order|box}. Your {parcel|packet|shipment|box} {will|is going to|would} {arrive|be delivered} to {you|your residence} within {4|5|6|four|five|six} {days|business days}. \n{Total|Full|Whole} {order|purchase|payment} sum: \u0421\u0423\u041c\u041c\u0410 \nYou {can find|will find} {all|full} {relative information|order info|order and payment details} and your {receipt|check} \u041d\u041e\u041c\u0415\u0420 \u0427\u0415\u041a\u0410 {in|in the} {attached file|file attached}. \n{Thank you!|Have a nice day!} \n\u0422\u0415\u041c\u042b: Your {order|purchase|on-line order|last order} \u041d\u041e\u041c\u0415\u0420 \u0417\u0410\u041a\u0410\u0417\u0410 payment {processed|obtained|received} \n\u0410\u0422\u0422\u0410\u0427\u0418: \nord_conf \nfull.details \ncompl_ord_7847 \nbuyer_auth_doc \ninfo_summr \ncustomer_docs \nspec-ed_info\n\n \n_**Additional reading**_\n\n * _[Russia/Ukraine Conflict: What Is Rapid7 Doing to Protect My Organization?](<https://www.rapid7.com/blog/post/2022/02/25/russia-ukraine-conflict-what-is-rapid7-doing-to-protect-my-organization/>)_\n * _[Staying Secure in a Global Cyber Conflict](<https://www.rapid7.com/blog/post/2022/02/25/russia-ukraine-staying-secure-in-a-global-cyber-conflict/>)_\n * _[Prudent Cybersecurity Preparation for the Potential Russia-Ukraine Conflict](<https://www.rapid7.com/blog/post/2022/02/15/prudent-cybersecurity-preparation-for-the-potential-russia-ukraine-conflict/>)_\n\n#### NEVER MISS A BLOG\n\nGet the latest stories, expertise, and news about security today.\n\nSubscribe", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2022-03-01T19:15:58", "type": "rapid7blog", "title": "Conti Ransomware Group Internal Chats Leaked Over Russia-Ukraine Conflict", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vector