{"id": "CISA:C70D91615E3DC8B589B493118D474566", "type": "cisa", "bulletinFamily": "info", "title": "Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 ", "description": "Microsoft has released mitigations and workarounds to address a remote code execution vulnerability (CVE-2021-40444) in Microsoft Windows. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. This vulnerability has been detected in exploits in the wild. \n\nCISA encourages users and administrators to review [Microsoft\u2019s advisory](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444 >) and to implement the mitigations and workarounds.\n\nThis product is provided subject to this Notification and this [Privacy &amp; Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ncas/current-activity/2021/09/07/microsoft-releases-mitigations-and-workarounds-cve-2021-40444>); we'd welcome your feedback.\n", "published": "2021-09-07T00:00:00", "modified": "2021-09-07T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://us-cert.cisa.gov/ncas/current-activity/2021/09/07/microsoft-releases-mitigations-and-workarounds-cve-2021-40444", "reporter": "CISA", "references": ["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444"], "cvelist": ["CVE-2021-40444"], "immutableFields": [], "lastseen": "2021-09-08T18:11:10", "viewCount": 38, "enchantments": {"dependencies": {"references": [{"type": "attackerkb", "idList": ["AKB:F7CCD0B7-220B-49E5-A4DF-27E26B64A3F0"]}, {"type": "cve", "idList": ["CVE-2021-40444"]}, {"type": "kitploit", "idList": ["KITPLOIT:5550923684662771880", "KITPLOIT:3697667464193804316", "KITPLOIT:5184284878903042540"]}, {"type": "mssecure", "idList": ["MSSECURE:795E0A765679492C51FEFA2B19EAD597"]}, {"type": "mmpc", "idList": ["MMPC:795E0A765679492C51FEFA2B19EAD597"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:E0C479F55DF4C53A47CA2170110555AE"]}, {"type": "thn", "idList": ["THN:59AE75C78D4644BFA6AD90225B3DE0C1", "THN:67ECC712AB360F5A56F2434CDBF6B51F", "THN:D4E86BD8938D3B2E15104CA4922A51F8"]}, {"type": "kaspersky", "idList": ["KLA12277", "KLA12278"]}, {"type": "mskb", "idList": ["KB5005575", "KB5005563"]}, {"type": "nessus", "idList": ["SMB_NT_MS21_SEP_5005573.NASL", "SMB_NT_MS21_SEP_5005569.NASL", "SMB_NT_MS21_SEP_5005568.NASL", "SMB_NT_MS21_IE_SEPT_2021.NASL", "SMB_NT_MS21_SEP_INTERNET_EXPLORER.NASL", "SMB_NT_MS21_SEP_5005566.NASL", "SMB_NT_MS21_SEP_5005565.NASL", "SMB_NT_MS21_SEP_5005613.NASL"]}, {"type": "threatpost", "idList": ["THREATPOST:6D61C560E85ECD0A7A35C55E74849510", "THREATPOST:62DC935BF4DB4EF8A4F1E83519B1D5CD"]}, {"type": "krebs", "idList": ["KREBS:2EC42B845847A6DCFE50ECEB9FF61C29", "KREBS:409088FC2DFC219B74043104C2B672CC"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:DB54B348AF1AC41987150B5CE7B1BC66", "MALWAREBYTES:76333D1F0FCAFD79FA2EDD4A4CAFBB38"]}, {"type": "mscve", "idList": ["MS:CVE-2021-40444"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:CC071AA6971D64B0F7A596B2BBD5F046"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:5576D16DC39617927D8AEFF027CC0911"]}], "modified": "2021-09-08T18:11:10", "rev": 2}, "score": {"value": 5.2, "vector": "NONE", "modified": "2021-09-08T18:11:10", "rev": 2}, "vulnersScore": 5.2}, "wildExploited": true}

{"attackerkb": [{"lastseen": "2021-09-08T16:44:46", "description": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.\n\n \n**Recent assessments:** \n \n**JunquerGJ** at September 07, 2021 10:50pm UTC reported:\n\n * Vulnerable if default behaviour has been changed ( By default, Microsoft Office opens documents from the internet in Protected View or Application Guard for Office both of which prevent the current attack ) \n\n * Requires social engineering to be exploited \n\n * Workaround easy to deploy\n\n**ccondon-r7** at September 07, 2021 7:12pm UTC reported:\n\n * Vulnerable if default behaviour has been changed ( By default, Microsoft Office opens documents from the internet in Protected View or Application Guard for Office both of which prevent the current attack ) \n\n * Requires social engineering to be exploited \n\n * Workaround easy to deploy\n\n**NinjaOperator** at September 07, 2021 6:45pm UTC reported:\n\n * Vulnerable if default behaviour has been changed ( By default, Microsoft Office opens documents from the internet in Protected View or Application Guard for Office both of which prevent the current attack ) \n\n * Requires social engineering to be exploited \n\n * Workaround easy to deploy\n\nAssessed Attacker Value: 3 \nAssessed Attacker Value: 3Assessed Attacker Value: 2\n", "cvss3": {}, "published": "2021-09-02T00:00:00", "type": "attackerkb", "title": "CVE-2021-40444", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-02T00:00:00", "id": "AKB:F7CCD0B7-220B-49E5-A4DF-27E26B64A3F0", "href": "https://attackerkb.com/topics/6ojqzQoPox/cve-2021-40444", "cvss": {"score": 0.0, "vector": "NONE"}}], "cve": [{"lastseen": "2021-09-16T07:26:32", "description": "Microsoft MSHTML Remote Code Execution Vulnerability", "edition": 1, "cvss3": {}, "published": "2021-09-15T12:15:00", "title": "CVE-2021-40444", "type": "cve", "cwe": [], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-15T12:27:00", "cpe": [], "id": "CVE-2021-40444", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-40444", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}], "kitploit": [{"lastseen": "2021-09-16T14:39:46", "description": "[  ](<https://1.bp.blogspot.com/-X7RGnp89UBU/YUNCQ39MNeI/AAAAAAAAunU/ZpAc4HUyWtMEl7jz_yxyLBLvvXkpbacLwCNcBGAsYHQ/s1473/CVE-2021-40444_3_calc.png>)\n\n \n\n\nMalicious docx [ generator ](<https://www.kitploit.com/search/label/Generator> \"generator\" ) to exploit CVE-2021-40444 (Microsoft Office Word [ Remote ](<https://www.kitploit.com/search/label/Remote> \"Remote\" ) Code Execution) \n\n \n\n\nCreation of this Script is based on some [ reverse engineering ](<https://www.kitploit.com/search/label/Reverse%20Engineering> \"reverse engineering\" ) over the sample used in-the-wild: 938545f7bbe40738908a95da8cdeabb2a11ce2ca36b0f6a74deda9378d380a52 (docx file) \n\nYou need to install lcab first ( ` sudo apt-get install lcab ` ) \n\nCheck ` REPRODUCE.md ` for manual reproduce steps \n\nIf your generated cab is not working, try pointing out exploit.html URL to calc.cab \n\n \n** Using ** \n\n\nFirst generate a malicious docx document given a DLL, you can use the one at ` test/calc.dll ` which just pops a ` calc.exe ` from a call to ` system() `\n\n` python3 exploit.py generate test/calc.dll http://<SRV IP> `\n\n \n\n\n[  ](<https://1.bp.blogspot.com/-SdaSc2Sass4/YUNCYPNXwRI/AAAAAAAAunc/W83xraioxaEnxgZSQFj1eb2ZTdAcBiGOQCNcBGAsYHQ/s1007/CVE-2021-40444_1_gen.png>)\n\n \n\n\nOnce you generate the malicious docx (will be at ` out/ ` ) you can setup the server: \n\n` sudo python3 exploit.py host 80 `\n\n \n\n\n[  ](<https://1.bp.blogspot.com/-gTFup3vQ5eo/YUNCbV0QDBI/AAAAAAAAung/wvEOAQCmfakkFniNlJocSglFbVacX3S6QCNcBGAsYHQ/s866/CVE-2021-40444_2_srv.png>)\n\n \n\n\nFinally try the docx in a [ Windows ](<https://www.kitploit.com/search/label/Windows> \"Windows\" ) Virtual Machine: \n\n[  ](<https://1.bp.blogspot.com/-X7RGnp89UBU/YUNCQ39MNeI/AAAAAAAAunU/ZpAc4HUyWtMEl7jz_yxyLBLvvXkpbacLwCNcBGAsYHQ/s1473/CVE-2021-40444_3_calc.png>)\n\n \n\n\n** [ Download CVE-2021-40444 ](<https://github.com/lockedbyte/CVE-2021-40444> \"Download CVE-2021-40444\" ) **\n", "edition": 1, "cvss3": {}, "published": "2021-09-16T13:13:11", "title": "CVE-2021-40444 PoC - Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution)", "type": "kitploit", "bulletinFamily": "tools", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-16T13:13:11", "id": "KITPLOIT:3697667464193804316", "href": "http://www.kitploit.com/2021/09/cve-2021-40444-poc-malicious-docx.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-16T14:37:05", "description": "[  ](<https://1.bp.blogspot.com/-Eph2jPyIEs4/YTVMaWNoJNI/AAAAAAAAt7w/2fS0PnouBd0kTzMlCj8esDtcSXJolnV1wCK4BGAYYCw/s1600/plution_1-714956.png>)\n\n \n\n\nPlution is a convenient way to scan at scale for pages that are [ vulnerable ](<https://www.kitploit.com/search/label/Vulnerable> \"vulnerable\" ) to [ client side ](<https://www.kitploit.com/search/label/Client%20Side> \"client side\" ) [ prototype pollution ](<https://www.kitploit.com/search/label/Prototype%20Pollution> \"prototype pollution\" ) via a URL payload. In the default configuration, it will use a hardcoded payload that can detect 11 of the cases documented here: [ https://github.com/BlackFan/client-side-prototype-pollution/tree/master/pp ](<https://github.com/BlackFan/client-side-prototype-pollution/tree/master/pp> \"https://github.com/BlackFan/client-side-prototype-pollution/tree/master/pp\" )\n\n \n\n\n** What this is not ** \n\n\nThis is not a one stop shop. Prototype pollution is a complicated beast. This tool does nothing you couldn't do manually. This is not a polished bug-free super tool. It is functional but poorly coded and to be considered alpha at best. \n\n \n** How it works ** \n\n\nPlution appends a payload to supplied URLs, naviguates to each URL with [ headless chrome ](<https://www.kitploit.com/search/label/Headless%20Chrome> \"headless chrome\" ) and runs javascript on the page to verify if a prototype was successfully polluted. \n\n \n** how it is used ** \n\n\n * Basic scan, output only to screen: \n` cat URLs.txt | plution `\n\n * Scan with a supplied payload rather than hardcoded one: \n` cat URLs.txt|plution -p '__proto__.zzzc=example' ` \n** Note on custom payloads: The variable you are hoping to inject must be called or render to \"zzzc\". This is because 'window.zzzc' will be run on each page to verify pollution. **\n\n * Output: \n` Passing '-o' followed by a location will output only URLs of pages that were successfully polluted. `\n\n * Concurrency: \n\n\n * ` Pass the '-c' option to specify how many concurrent jobs are run (default is 5) `\n\n \n** questions and answers ** \n\n\n * How do I install it? \n` go get -u github.com/raverrr/plution `\n\n * why specifically limit it to checking if window.zzzc is defined? \n` zzzc is a short pattern that is unlikely to already be in a prototype. If you want more freedom in regards to the javascript use https://github.com/detectify/page-fetch instead `\n\n * Got a more specific question? \n` Ask me on twitter @divadbate. `\n\n \n \n\n\n** [ Download Plution ](<https://github.com/raverrr/plution> \"Download Plution\" ) **\n", "edition": 2, "cvss3": {}, "published": "2021-09-16T11:30:00", "title": "Plution - Prototype Pollution Scanner Using Headless Chrome", "type": "kitploit", "bulletinFamily": "tools", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-16T11:30:00", "id": "KITPLOIT:5184284878903042540", "href": "http://www.kitploit.com/2021/09/plution-prototype-pollution-scanner.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-16T20:38:49", "description": "[  ](<https://1.bp.blogspot.com/-LGMSUcdo2JM/YUK0T3V-wmI/AAAAAAAAumU/6VQzYIHfowQkYRjUfQivB78oB7xET-I8QCNcBGAsYHQ/s1218/DNSTake.png>)\n\n \n\n\nA fast tool to check missing hosted DNS zones that can lead to subdomain takeover. \n\n \n** What is a DNS takeover? ** \n\n\nDNS takeover [ vulnerabilities ](<https://www.kitploit.com/search/label/vulnerabilities> \"vulnerabilities\" ) occur when a subdomain (subdomain.example.com) or domain has its authoritative nameserver set to a provider (e.g. AWS Route 53, Akamai, Microsoft Azure, etc.) but the hosted zone has been removed or deleted. Consequently, when making a [ request for DNS records ](<https://www.diggui.com/#type=A&hostname=github.technology&nameserver=public&public=8.8.8.8&specify=&clientsubnet=&tcp=def&transport=def&mapped=def&nssearch=def&trace=def&recurse=def&edns=def&dnssec=def&subnet=def&cookie=def&all=def&cmd=def&question=def&answer=def&authority=def&additional=def&comments=def&stats=def&multiline=def&short=def&colorize=on> \"request for DNS records\" ) the server responds with a ` SERVFAIL ` error. This allo ws an attacker to create the missing hosted zone on the service that was being used and thus control all DNS records for that (sub)domain.\u00b9 \n\n \n\n\n** Installation ** \n \n** from Binary ** \n\n\nThe ez way! You can download a pre-built binary from [ releases page ](<https://github.com/pwnesia/dnstake/releases> \"releases page\" ) , just unpack and run! \n\n \n** from Source ** \n** NOTE: ** [ Go 1.16+ compiler ](<https://golang.org/doc/install> \"Go 1.16+ compiler\" ) should be installed &amp; configured! \n--- \n \nVery quick &amp; clean! \n \n \n \u25b6 go install github.com/pwnesia/dnstake/cmd/[email\u00a0protected]\n\n \n** \u2014 or ** \n\n\nManual building executable from source code: \n \n \n \u25b6 git clone https://github.com/pwnesia/dnstake \n \u25b6 cd dnstake/cmd/dnstake \n \u25b6 go build . \n \u25b6 (sudo) mv dnstake /usr/local/bin\n\n \n** Usage ** \n\n \n \n $ dnstake -h \n \n \u00b7\u2584\u2584\u2584\u2584 \u2590 \u2584 .\u2584\u2584 \u00b7\u2584\u2584\u2584\u2584\u2584 \u2584\u2584\u2584\u00b7 \u2584 \u2022\u2584 \u2584\u2584\u2584 . \n \u2588\u2588\u25aa \u2588\u2588 \u2022\u2588\u258c\u2590\u2588\u2590\u2588 \u2580.\u2022\u2588\u2588 \u2590\u2588 \u2580\u2588 \u2588\u258c\u2584\u258c\u25aa\u2580\u2584.\u2580\u00b7 \n \u2590\u2588\u00b7 \u2590\u2588\u258c\u2590\u2588\u2590\u2590\u258c\u2584\u2580\u2580\u2580\u2588\u2584\u2590\u2588.\u25aa\u2584\u2588\u2580\u2580\u2588 \u2590\u2580\u2580\u2584\u00b7\u2590\u2580\u2580\u25aa\u2584 \n \u2588\u2588. \u2588\u2588 \u2588\u2588\u2590\u2588\u258c\u2590\u2588\u2584\u25aa\u2590\u2588\u2590\u2588\u258c\u00b7\u2590\u2588 \u25aa\u2590\u258c\u2590\u2588.\u2588\u258c\u2590\u2588\u2584\u2584\u258c \n \u2580\u2580\u2580\u2580\u2580\u2022 \u2580&#9600 ; \u2588\u25aa \u2580\u2580\u2580\u2580 \u2580\u2580\u2580 \u2580 \u2580 \u00b7\u2580 \u2580 \u2580\u2580\u2580 \n \n (c) pwnesia.org \u2014 v0.0.1 \n \n Usage: \n [stdin] | dnstake [options] \n dnstake -t HOSTNAME [options] \n \n Options: \n -t, --target <HOST/FILE> Define single target host/list to check \n -c, --concurrent <i> Set the concurrency level (default: 25) \n -s, --silent Suppress errors and/or clean output \n -h, --help Display its help \n \n Examples: \n dnstake -t (sub.)domain.tld \n dnstake -t hosts.txt \n cat hosts.txt | dnstake \n subfinder -silent -d domain.tld | dnstake\n\n \n** Workflow ** \n\n\n** DNSTake ** use [ RetryableDNS client library ](<https://github.com/projectdiscovery/retryabledns> \"RetryableDNS client library\" ) to send DNS queries. Initial engagement using Google &amp; Cloudflare DNS as the resolver, then check &amp; [ fingerprinting ](<https://www.kitploit.com/search/label/Fingerprinting> \"fingerprinting\" ) the nameservers of target host \u2014 if there is one, it will resolving the target host again with its nameserver IPs as resolver, if it gets weird DNS status response (other than ` NOERROR ` / ` NXDOMAIN ` ), then it's [ vulnerable ](<https://www.kitploit.com/search/label/Vulnerable> \"vulnerable\" ) to be taken over. More or less [ like this ](<https://0xpatrik.com/content/images/2018/08/ns_automation-2.png> \"like this\" ) in form of a diagram. \n\nCurrently supported DNS providers, see [ here ](<https://github.com/indianajson/can-i-take-over-dns/blob/97104102c8ce911fd978521c703f26e1c547c613/README.md#dns-providers> \"here\" ) . \n\n \n** References ** \n\n\n * [1] [ https://github.com/indianajson/can-i-take-over-dns#what-is-a-dns-takeover ](<https://github.com/indianajson/can-i-take-over-dns#what-is-a-dns-takeover> \"https://github.com/indianajson/can-i-take-over-dns#what-is-a-dns-takeover\" )\n * [ https://0xpatrik.com/subdomain-takeover-ns/ ](<https://0xpatrik.com/subdomain-takeover-ns/> \"https://0xpatrik.com/subdomain-takeover-ns/\" )\n \n** License ** \n\n\n** DNSTake ** is [ distributed ](<https://www.kitploit.com/search/label/Distributed> \"distributed\" ) under MIT. See ` LICENSE ` . \n\n \n \n\n\n** [ Download Dnstake ](<https://github.com/pwnesia/dnstake> \"Download Dnstake\" ) **\n", "edition": 1, "cvss3": {}, "published": "2021-09-16T20:30:00", "title": "DNSTake - A Fast Tool To Check Missing Hosted DNS Zones That Can Lead To Subdomain Takeover", "type": "kitploit", "bulletinFamily": "tools", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-16T20:30:00", "id": "KITPLOIT:5550923684662771880", "href": "http://www.kitploit.com/2021/09/dnstake-fast-tool-to-check-missing.html", "cvss": {"score": 0.0, "vector": "NONE"}}], "securelist": [{"lastseen": "2021-09-17T10:36:44", "description": "\n\n## Summary\n\nLast week, Microsoft reported the remote code execution vulnerability CVE-2021-40444 in the MSHTML browser engine. According to the company, this vulnerability has already been used in targeted attacks against Microsoft Office users. In attempt to exploit this vulnerability, attackers create a document with a specially-crafted object. If a user opens the document, MS Office will download and execute a malicious script. \nAccording to our data, the same attacks are still happening all over the world. We are currently seeing attempts to exploit the CVE-2021-40444 vulnerability targeting companies in the research and development sector, the energy sector and large industrial sectors, banking and medical technology development sectors, as well as telecommunications and the IT sector. Due to its ease of exploitation and the few published [Proof-of-Concept](<https://encyclopedia.kaspersky.com/glossary/poc-proof-of-concept/?utm_source=securelist&utm_medium=blog&utm_campaign=termin-explanation>) (PoC), we expect to see an increase in attacks using this vulnerability.\n\n_Geography of CVE-2021-40444 exploitation attempts_\n\nKaspersky is aware of targeted attacks using CVE-2021-40444, and our products protect against attacks leveraging the vulnerability. Possible detection names are:\n\n * HEUR:Exploit.MSOffice.CVE-2021-40444.a\n * HEUR:Trojan.MSOffice.Agent.gen\n * PDM:Exploit.Win32.Generic\n\n[](<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/09/16133928/02-cve-2021-40444-kedr.png>) \n_Killchain generated by KEDR during execution of CVE-2021-40444 Proof-of-Concept _\n\nExperts at Kaspersky are monitoring the situation closely and improving mechanisms to detect this vulnerability using [Behavior Detection](<https://www.kaspersky.com/enterprise-security/wiki-section/products/behavior-based-protection>) and [Exploit Prevention](<https://www.kaspersky.com/enterprise-security/wiki-section/products/exploit-prevention>) components. Within our [Managed Detection and Response](<https://www.kaspersky.com/enterprise-security/managed-detection-and-response>) service, our SOC experts are able to detect when this vulnerability is expoited, investigate such attacks and notify customers.\n\n## Technical details\n\nThe remote code execution vulnerability CVE-2021-40444 was found in MSHTML, the Internet Explorer browser engine which is a component of modern Windows systems, both user and server. Moreover, the engine is often used by other programs to work with web content (e.g. MS Word or MS PowerPoint). \nIn order to exploit the vulnerability, attackers embed a special object in a Microsoft Office document containing an URL for a malicious script. If a victim opens the document, Microsoft Office will download the malicious script from the URL and run it using the MSHTML engine. Then the script can use ActiveX controls to perform malicious actions on the victim&#x27;s computer. For example, the original zero-day exploit which was used in targeted attacks at the time of detection used ActiveX controls to download and execute a Cobalt Strike payload. We are currently seeing various types of malware, mostly backdoors, which are delivered by exploiting the CVE-2021-40444 vulnerability.\n\n## Mitigations\n\n * Follow [Microsoft security update guidelines.](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444>)\n * Use the latest [Threat Intelligence information](<https://www.kaspersky.com/enterprise-security/threat-intelligence>) to keep up to date with TTPs used by threat actors.\n * Businesses should use a security solution that provides vulnerability, patch management and exploit prevention components, such as the [Automatic Exploit Prevention](<https://www.kaspersky.com/enterprise-security/wiki-section/products/exploit-prevention>) component in Kaspersky Endpoint Security for Business. The component monitors suspicious actions in applications and blocks malicious file execution.\n * Use solutions like [Kaspersky Endpoint Detection and Response](<https://www.kaspersky.com/enterprise-security/endpoint-detection-response-edr>) and [Kaspersky Managed Detection and Response](<https://www.kaspersky.com/enterprise-security/managed-detection-and-response>) service, which help identify and stop an attack at an early stage before the attackers achieve their final goal.\n\n## IoC\n\n**MD5** \n[ef32824c7388a848c263deb4c360fd64](<https://opentip.kaspersky.com/ef32824c7388a848c263deb4c360fd64/?utm_source=SL&utm_medium=SL&utm_campaign=SL>) \n[e58b75e1f588508de7c15a35e2553b86](<https://opentip.kaspersky.com/e58b75e1f588508de7c15a35e2553b86/?utm_source=SL&utm_medium=SL&utm_campaign=SL>) \n[e89dbc1097cfb8591430ff93d9952260](<https://opentip.kaspersky.com/e89dbc1097cfb8591430ff93d9952260/?utm_source=SL&utm_medium=SL&utm_campaign=SL>)\n\n**URL** \n[hidusi[.]com](<https://opentip.kaspersky.com/hidusi.com/?utm_source=SL&utm_medium=SL&utm_campaign=SL>) \n[103.231.14[.]134](<https://opentip.kaspersky.com/103.231.14.134/?utm_source=SL&utm_medium=SL&utm_campaign=SL>)", "cvss3": {}, "published": "2021-09-16T15:30:57", "type": "securelist", "title": "Exploitation of the CVE-2021-40444 vulnerability in MSHTML", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-16T15:30:57", "id": "SECURELIST:63306FA6D056BD9A04969409AC790D84", "href": "https://securelist.com/exploitation-of-the-cve-2021-40444-vulnerability-in-mshtml/104218/", "cvss": {"score": 0.0, "vector": "NONE"}}], "mmpc": [{"lastseen": "2021-09-17T19:13:56", "description": "In August, Microsoft Threat Intelligence Center (MSTIC) identified a small number of attacks (less than 10) that attempted to exploit a remote code execution vulnerability in MSHTML using specially crafted Microsoft Office documents. These attacks used the vulnerability, tracked as [CVE-2021-40444](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444>), as part of an initial access campaign that distributed custom Cobalt Strike Beacon loaders. These loaders communicated with an infrastructure that Microsoft associates with multiple cybercriminal campaigns, including human-operated ransomware.\n\nThe observed attack vector relies on a malicious ActiveX control that could be loaded by the browser rendering engine using a malicious Office document. Customers who enabled [attack surface reduction rules](<https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules?view=o365-worldwide>) to block Office from creating child processes are not impacted by the exploitation technique used in these attacks. While these attacks used a vulnerability to access entry point devices and run highly-privileged code, the secondary actions taken by the attackers still rely on stealing credentials and moving laterally to cause organization-wide impact. This illustrates the importance of investing in attack surface reduction, credential hygiene, and lateral movement mitigations. Customers are advised to apply the [security patch](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444>) for CVE-2021-40444 to fully mitigate this vulnerability.\n\nThis blog details our in-depth analysis of the attacks that used the CVE-2021-40444, provides detection details and investigation guidance for [Microsoft 365 Defender](<https://www.microsoft.com/en-us/microsoft-365/security/microsoft-365-defender>) customers, and lists mitigation steps for hardening networks against this and similar attacks. Our colleagues at [RiskIQ conducted their own analysis](<https://www.riskiq.com/blog/external-threat-management/wizard-spider-windows-0day-exploit/>) and coordinated with Microsoft in publishing this research.\n\n## Exploit delivery mechanism\n\nThe initial campaigns in August 2021 likely originated from emails impersonating contracts and legal agreements, where the documents themselves were hosted on file-sharing sites. The exploit document used an external oleObject relationship to embed exploitative JavaScript within MIME HTML remotely hosted content that results in (1) the download of a CAB file containing a DLL bearing an INF file extension, (2) decompression of that CAB file, and (3) execution of a function within that DLL. The DLL retrieves remotely hosted shellcode (in this instance, a custom Cobalt Strike Beacon loader) and loads it into _wabmig.exe_ (Microsoft address import tool.)\n\n\n\n_Figure 1. The original exploit vector: an externally targeted oleObject relationship definition bearing an MHTML handler prefix pointed at an HTML file hosted on infrastructure that has similar qualities to the Cobalt Strike Beacon infrastructure that the loader\u2019s payload communicates with._\n\nContent that is downloaded from an external source is tagged by the Windows operating system with a mark of the web, indicating it was downloaded from a potentially untrusted source. This invokes Protected Mode in Microsoft Office, requiring user interaction to disable it to run content such as macros. However, in this instance, when opened without a mark of the web present, the document\u2019s payload executed immediately without user interaction \u2013 indicating the abuse of a vulnerability.\n\n\n\n_Figure 2. Attack chain of DEV-0413 campaign that used CVE-2021-40444_\n\n## DEV-0413 observed exploiting CVE-2021-40444\n\nAs part of Microsoft\u2019s ongoing commitment to tracking both nation state and cybercriminal threat actors, we refer to the unidentified threat actor as a \u201cdevelopment group\u201d and utilize a threat actor naming structure with a prefix of \u201cDEV\u201d to indicate an emerging threat group or unique activity during the tracking and investigation phases before MSTIC reaches high confidence about the origin or identity of the actor behind an operation. MSTIC tracks a large cluster of cybercriminal activity involving Cobalt Strike infrastructure under the name DEV-0365.\n\nThe infrastructure we associate with DEV-0365 has several overlaps in behavior and unique identifying characteristics of Cobalt Strike infrastructure that suggest it was created or managed by a distinct set of operators. However, the follow-on activity from this infrastructure indicates multiple threat actors or clusters associated with human-operated ransomware attacks (including the deployment of Conti ransomware). One explanation is that DEV-0365 is involved in a form of command- and-control infrastructure as a service for cybercriminals.\n\nAdditionally, some of the infrastructure that hosted the oleObjects utilized in the August 2021 attacks abusing CVE-2021-40444 were also involved in the delivery of BazaLoader and Trickbot payloads -- activity that overlaps with a group Microsoft tracks as DEV-0193. DEV-0193 activities overlap with actions tracked by Mandiant as UNC1878.\n\nDue to the uncertainty surrounding the nature of the shared qualities of DEV-0365 infrastructure and the significant variation in malicious activity, MSTIC clustered the initial email campaign exploitation identified as CVE-2021-40444 activity separately, under DEV-0413.\n\nThe DEV-0413 campaign that used CVE-2021-40444 has been smaller and more targeted than other malware campaigns we have identified leveraging DEV-0365 infrastructure. We observed the earliest exploitation attempt of this campaign on August 18. The social engineering lure used in the campaign, initially highlighted by Mandiant, aligned with the business operations of targeted organizations, suggesting a degree of purposeful targeting. The campaign purported to seek a developer for a mobile application, with multiple application development organizations being targeted. In most instances, file-sharing services were abused to deliver the CVE-2021-40444-laden lure.\n\nIt is worth highlighting that while monitoring the DEV-0413 campaign, Microsoft identified active DEV-0413 infrastructure hosting CVE-2021-40444 content wherein basic security principles had not been applied. DEV-0413 did not limit the browser agents able to access the server to their malware implant or known targets, thereby permitting directory listing for their web server. In doing so, the attackers exposed their exploit to anyone who might have gained interest based on public social media discussion.\n\n\n\n_Figure 3. Content of the original DEV-0413 email lure seeking application developers_\n\nAt least one organization that was successfully compromised by DEV-0413 in their August campaign was previously compromised by a wave of similarly-themed malware that interacted with DEV-0365 infrastructure almost two months before the CVE-2021-40444 attack. It is currently not known whether the retargeting of this organization was intentional, but it reinforces the connection between DEV-0413 and DEV-0365 beyond sharing of infrastructure.\n\nIn a later wave of DEV-0413 activity on September 1, Microsoft identified a lure change from targeting application developers to a \u201csmall claims court\u201d legal threat.\n\n\n\n_Figure 4. Example of the \u201cSmall claims court\u201d lure utilized by DEV-0413__ _\n\n## Vulnerability usage timeline\n\nOn August 21, 2021, MSTIC observed a social media post by a Mandiant employee with experience tracking Cobalt Strike Beacon infrastructure. This post highlighted a Microsoft Word document (SHA-256: [3bddb2e1a85a9e06b9f9021ad301fdcde33e197225ae1676b8c6d0b416193ecf](<https://www.virustotal.com/gui/file/3bddb2e1a85a9e06b9f9021ad301fdcde33e197225ae1676b8c6d0b416193ecf>)) that had been uploaded to VirusTotal on August 19, 2021. The post\u2019s focus on this document was highlighting the custom Cobalt Strike Beacon loader and did not focus on the delivery mechanism.\n\nMSTIC analyzed the sample and determined that an anomalous oleObject relationship in the document was targeted at an external malicious HTML resource with an MHTML handler and likely leading to abuse of an undisclosed vulnerability. MSTIC immediately engaged the Microsoft Security Response Center and work began on a mitigation and patch. During this process, MSTIC collaborated with the original finder at Mandiant to reduce the discussion of the issue publicly and avoid drawing threat actor attention to the issues until a patch was available. Mandiant partnered with MSTIC and did their own reverse engineering assessment and submitted their findings to MSRC.\n\nOn September 7, 2021, Microsoft released a security advisory for CVE-2021-40444 containing a partial workaround. As a routine in these instances, Microsoft was working to ensure that the detections described in the advisory would be in place and a patch would be available before public disclosure. During the same time, a third-party researcher reported a sample to Microsoft from the same campaign originally shared by Mandiant. This sample was publicly disclosed on September 8. We observed a rise in exploitation attempts within 24 hours.\n\n\n\n_Figure 5. Graphic showing original exploitation on August 18 and attempted exploitation increasing after public disclosure _\n\nMicrosoft continues to monitor the situation and work to deconflict testing from actual exploitation. Since the public disclosure, Microsoft has observed multiple threat actors, including ransomware-as-a-service affiliates, adopting publicly disclosed proof-of-concept code into their toolkits. We will continue to provide updates as we learn more.\n\n## Mitigating the attacks\n\nMicrosoft has confirmed that the following [attack surface reduction rule](<https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction>) blocks activity associated with exploitation of CVE-2021-40444 at the time of publishing:\n\n * \u200bBlock all Office applications from creating child processes\n\nApply the following mitigations to reduce the impact of this threat and follow-on actions taken by attackers.\n\n * Apply the security updates for [CVE-2021-40444](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444>). Comprehensive updates addressing the vulnerabilities used in this campaign are available through the [September 2021 security updates](<https://msrc.microsoft.com/update-guide/>).\n * Run the latest version of your operating systems and applications. Turn on automatic updates or deploy the latest security updates as soon as they become available.\n * Use a supported platform, such as Windows 10, to take advantage of regular security updates.\n * Turn on [cloud-delivered protection](<https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-block-at-first-sight-microsoft-defender-antivirus?view=o365-worldwide>)in Microsoft Defender Antivirus or the equivalent for your antivirus product to cover rapidly evolving attacker tools and techniques. Cloud-based machine learning protections block the majority of new and unknown variants.\n * Turn on [tamper protection](<https://docs.microsoft.com/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection?view=o365-worldwide>)in Microsoft Defender for Endpoint, to prevent malicious changes to security settings.\n * Run [EDR in block mode](<https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/edr-in-block-mode?view=o365-worldwide>)so that Microsoft Defender for Endpoint can block malicious artifacts, even when your non-Microsoft antivirus doesn\u2019t detect the threat or when Microsoft Defender Antivirus is running in passive mode. EDR in block mode works behind the scenes to remediate malicious artifacts that are detected post-breach.\n * Enable [investigation and remediation](<https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/automated-investigations?view=o365-worldwide>)in full automated mode to allow Microsoft Defender for Endpoint to take immediate action on alerts to resolve breaches, significantly reducing alert volume.\n * Use [device discovery](<https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/device-discovery?view=o365-worldwide>)to increase your visibility into your network by finding unmanaged devices on your network and onboarding them to Microsoft Defender for Endpoint.\n\n## Microsoft 365 Defender detection details\n\n**Antivirus**\n\nMicrosoft Defender Antivirus detects threat components as the following malware:\n\n * [TrojanDownloader:O97M/Donoff.SA](<https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=TrojanDownloader:O97M/Donoff.SA&threatId=-2147225317>) \u2013 Detects the Word Doc files in the observed attacks\n * [TrojanDownloader:HTML/Donoff.SA](<https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=TrojanDownloader:HTML/Donoff.SA&threatId=-2147174205>) \u2013 Detects the remotely-loaded HTML\n * [Trojan:Win32/Agent.SA](<https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Win32/Agent.SA&threatId=-2147178093>) -- Detects the .inf(Dll)/CAB components in the observed attacks\n * [Trojan:Win32/CplLoader.A](<https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Win32/CplLoader.A&threatId=-2147178092>) \u2013 Blocks Rundll32/Control abuse used in this CVE exploitation\n * [Behavior:Win32/OfficeMhtInj.A](<https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Behavior:Win32/OfficeMhtInj.A&threatId=-2147178094>) \u2013 Detects the injection into wabmig.exe\n * [TrojanDownloader:O97M/Donoff.SA!CAB](<https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=TrojanDownloader:O97M/Donoff.SA!CAB&threatId=-2147173661>) \u2013 Detects CAB files in observed attacks\n * [TrojanDownloader:O97M/Donoff.SA!Gen](<https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=TrojanDownloader:O97M/Donoff.SA!Gen&threatId=-2147173660>) \u2013 Detects Office documents in observed attacks\n\n**Endpoint detection and response (EDR)**\n\nAlerts with the following titles in the security center can indicate threat activity on your network:\n\n * Possible exploitation of CVE-2021-40444 (requires Defender Antivirus as the Active AV)\n\nThe following alerts might also indicate threat activity associated with this threat. These alerts, however, can be triggered by unrelated threat activity and are not monitored in the status cards provided with this report.\n\n * Suspicious Behavior By Office Application (detects the anomalous process launches that happen in exploitation of this CVE, and other malicious behavior)\n * Suspicious use of Control Panel item\n\n**Microsoft Defender for Office365**\n\nSignals from Microsoft Defender for Office 365 informs Microsoft 365 Defender, which correlates cross-domain threat intelligence to deliver coordinated defense, that this vulnerability has been detected when a document is delivered via email when detonation is enabled.\n\nThe following alerts in your portal will indicate that a malicious attachment has been blocked, although these alerts are also used for many different threats:\n\n * Malware campaign detected and blocked\n * Malware campaign detected after delivery\n * Email messages containing malicious file removed after delivery\n\n## Advanced hunting\n\nTo locate possible exploitation activity, run the following queries.\n\n**Relative path traversal (requires Microsoft 365 Defender)**\n\nUse the following query to surface abuse of Control Panel objects (.cpl) via URL protocol handler path traversal as used in the original attack and public proof of concepts at time of publishing:\n\n`DeviceProcessEvents \n| where (FileName in~('control.exe','rundll32.exe') and ProcessCommandLine has '.cpl:') \nor ProcessCommandLine matches regex @'\\\".[a-zA-Z]{2,4}:\\.\\.\\/\\.\\.'`\n\n**Azure Sentinel **\n\nTo locate possible attacks that exploit the CVE-2021-40444 , Azure Sentinel customers can leverage the following detection query: [Azure Sentinel MSHTML exploit detection](<https://github.com/Azure/Azure-Sentinel/blob/master/Detections/MultipleDataSources/MSHTMLVuln.yaml>).\n\n \n\nThe post [Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability](<https://www.microsoft.com/security/blog/2021/09/15/analyzing-attacks-that-exploit-the-mshtml-cve-2021-40444-vulnerability/>) appeared first on [Microsoft Security Blog](<https://www.microsoft.com/security/blog>).", "cvss3": {}, "published": "2021-09-15T23:40:56", "type": "mmpc", "title": "Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-15T23:40:56", "id": "MMPC:795E0A765679492C51FEFA2B19EAD597", "href": "https://www.microsoft.com/security/blog/2021/09/15/analyzing-attacks-that-exploit-the-mshtml-cve-2021-40444-vulnerability/", "cvss": {"score": 0.0, "vector": "NONE"}}], "mssecure": [{"lastseen": "2021-09-17T18:55:39", "description": "In August, Microsoft Threat Intelligence Center (MSTIC) identified a small number of attacks (less than 10) that attempted to exploit a remote code execution vulnerability in MSHTML using specially crafted Microsoft Office documents. These attacks used the vulnerability, tracked as [CVE-2021-40444](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444>), as part of an initial access campaign that distributed custom Cobalt Strike Beacon loaders. These loaders communicated with an infrastructure that Microsoft associates with multiple cybercriminal campaigns, including human-operated ransomware.\n\nThe observed attack vector relies on a malicious ActiveX control that could be loaded by the browser rendering engine using a malicious Office document. Customers who enabled [attack surface reduction rules](<https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules?view=o365-worldwide>) to block Office from creating child processes are not impacted by the exploitation technique used in these attacks. While these attacks used a vulnerability to access entry point devices and run highly-privileged code, the secondary actions taken by the attackers still rely on stealing credentials and moving laterally to cause organization-wide impact. This illustrates the importance of investing in attack surface reduction, credential hygiene, and lateral movement mitigations. Customers are advised to apply the [security patch](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444>) for CVE-2021-40444 to fully mitigate this vulnerability.\n\nThis blog details our in-depth analysis of the attacks that used the CVE-2021-40444, provides detection details and investigation guidance for [Microsoft 365 Defender](<https://www.microsoft.com/en-us/microsoft-365/security/microsoft-365-defender>) customers, and lists mitigation steps for hardening networks against this and similar attacks. Our colleagues at [RiskIQ conducted their own analysis](<https://www.riskiq.com/blog/external-threat-management/wizard-spider-windows-0day-exploit/>) and coordinated with Microsoft in publishing this research.\n\n## Exploit delivery mechanism\n\nThe initial campaigns in August 2021 likely originated from emails impersonating contracts and legal agreements, where the documents themselves were hosted on file-sharing sites. The exploit document used an external oleObject relationship to embed exploitative JavaScript within MIME HTML remotely hosted content that results in (1) the download of a CAB file containing a DLL bearing an INF file extension, (2) decompression of that CAB file, and (3) execution of a function within that DLL. The DLL retrieves remotely hosted shellcode (in this instance, a custom Cobalt Strike Beacon loader) and loads it into _wabmig.exe_ (Microsoft address import tool.)\n\n\n\n_Figure 1. The original exploit vector: an externally targeted oleObject relationship definition bearing an MHTML handler prefix pointed at an HTML file hosted on infrastructure that has similar qualities to the Cobalt Strike Beacon infrastructure that the loader\u2019s payload communicates with._\n\nContent that is downloaded from an external source is tagged by the Windows operating system with a mark of the web, indicating it was downloaded from a potentially untrusted source. This invokes Protected Mode in Microsoft Office, requiring user interaction to disable it to run content such as macros. However, in this instance, when opened without a mark of the web present, the document\u2019s payload executed immediately without user interaction \u2013 indicating the abuse of a vulnerability.\n\n\n\n_Figure 2. Attack chain of DEV-0413 campaign that used CVE-2021-40444_\n\n## DEV-0413 observed exploiting CVE-2021-40444\n\nAs part of Microsoft\u2019s ongoing commitment to tracking both nation state and cybercriminal threat actors, we refer to the unidentified threat actor as a \u201cdevelopment group\u201d and utilize a threat actor naming structure with a prefix of \u201cDEV\u201d to indicate an emerging threat group or unique activity during the tracking and investigation phases before MSTIC reaches high confidence about the origin or identity of the actor behind an operation. MSTIC tracks a large cluster of cybercriminal activity involving Cobalt Strike infrastructure under the name DEV-0365.\n\nThe infrastructure we associate with DEV-0365 has several overlaps in behavior and unique identifying characteristics of Cobalt Strike infrastructure that suggest it was created or managed by a distinct set of operators. However, the follow-on activity from this infrastructure indicates multiple threat actors or clusters associated with human-operated ransomware attacks (including the deployment of Conti ransomware). One explanation is that DEV-0365 is involved in a form of command- and-control infrastructure as a service for cybercriminals.\n\nAdditionally, some of the infrastructure that hosted the oleObjects utilized in the August 2021 attacks abusing CVE-2021-40444 were also involved in the delivery of BazaLoader and Trickbot payloads -- activity that overlaps with a group Microsoft tracks as DEV-0193. DEV-0193 activities overlap with actions tracked by Mandiant as UNC1878.\n\nDue to the uncertainty surrounding the nature of the shared qualities of DEV-0365 infrastructure and the significant variation in malicious activity, MSTIC clustered the initial email campaign exploitation identified as CVE-2021-40444 activity separately, under DEV-0413.\n\nThe DEV-0413 campaign that used CVE-2021-40444 has been smaller and more targeted than other malware campaigns we have identified leveraging DEV-0365 infrastructure. We observed the earliest exploitation attempt of this campaign on August 18. The social engineering lure used in the campaign, initially highlighted by Mandiant, aligned with the business operations of targeted organizations, suggesting a degree of purposeful targeting. The campaign purported to seek a developer for a mobile application, with multiple application development organizations being targeted. In most instances, file-sharing services were abused to deliver the CVE-2021-40444-laden lure.\n\nIt is worth highlighting that while monitoring the DEV-0413 campaign, Microsoft identified active DEV-0413 infrastructure hosting CVE-2021-40444 content wherein basic security principles had not been applied. DEV-0413 did not limit the browser agents able to access the server to their malware implant or known targets, thereby permitting directory listing for their web server. In doing so, the attackers exposed their exploit to anyone who might have gained interest based on public social media discussion.\n\n\n\n_Figure 3. Content of the original DEV-0413 email lure seeking application developers_\n\nAt least one organization that was successfully compromised by DEV-0413 in their August campaign was previously compromised by a wave of similarly-themed malware that interacted with DEV-0365 infrastructure almost two months before the CVE-2021-40444 attack. It is currently not known whether the retargeting of this organization was intentional, but it reinforces the connection between DEV-0413 and DEV-0365 beyond sharing of infrastructure.\n\nIn a later wave of DEV-0413 activity on September 1, Microsoft identified a lure change from targeting application developers to a \u201csmall claims court\u201d legal threat.\n\n\n\n_Figure 4. Example of the \u201cSmall claims court\u201d lure utilized by DEV-0413__ _\n\n## Vulnerability usage timeline\n\nOn August 21, 2021, MSTIC observed a social media post by a Mandiant employee with experience tracking Cobalt Strike Beacon infrastructure. This post highlighted a Microsoft Word document (SHA-256: [3bddb2e1a85a9e06b9f9021ad301fdcde33e197225ae1676b8c6d0b416193ecf](<https://www.virustotal.com/gui/file/3bddb2e1a85a9e06b9f9021ad301fdcde33e197225ae1676b8c6d0b416193ecf>)) that had been uploaded to VirusTotal on August 19, 2021. The post\u2019s focus on this document was highlighting the custom Cobalt Strike Beacon loader and did not focus on the delivery mechanism.\n\nMSTIC analyzed the sample and determined that an anomalous oleObject relationship in the document was targeted at an external malicious HTML resource with an MHTML handler and likely leading to abuse of an undisclosed vulnerability. MSTIC immediately engaged the Microsoft Security Response Center and work began on a mitigation and patch. During this process, MSTIC collaborated with the original finder at Mandiant to reduce the discussion of the issue publicly and avoid drawing threat actor attention to the issues until a patch was available. Mandiant partnered with MSTIC and did their own reverse engineering assessment and submitted their findings to MSRC.\n\nOn September 7, 2021, Microsoft released a security advisory for CVE-2021-40444 containing a partial workaround. As a routine in these instances, Microsoft was working to ensure that the detections described in the advisory would be in place and a patch would be available before public disclosure. During the same time, a third-party researcher reported a sample to Microsoft from the same campaign originally shared by Mandiant. This sample was publicly disclosed on September 8. We observed a rise in exploitation attempts within 24 hours.\n\n\n\n_Figure 5. Graphic showing original exploitation on August 18 and attempted exploitation increasing after public disclosure _\n\nMicrosoft continues to monitor the situation and work to deconflict testing from actual exploitation. Since the public disclosure, Microsoft has observed multiple threat actors, including ransomware-as-a-service affiliates, adopting publicly disclosed proof-of-concept code into their toolkits. We will continue to provide updates as we learn more.\n\n## Mitigating the attacks\n\nMicrosoft has confirmed that the following [attack surface reduction rule](<https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction>) blocks activity associated with exploitation of CVE-2021-40444 at the time of publishing:\n\n * \u200bBlock all Office applications from creating child processes\n\nApply the following mitigations to reduce the impact of this threat and follow-on actions taken by attackers.\n\n * Apply the security updates for [CVE-2021-40444](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444>). Comprehensive updates addressing the vulnerabilities used in this campaign are available through the [September 2021 security updates](<https://msrc.microsoft.com/update-guide/>).\n * Run the latest version of your operating systems and applications. Turn on automatic updates or deploy the latest security updates as soon as they become available.\n * Use a supported platform, such as Windows 10, to take advantage of regular security updates.\n * Turn on [cloud-delivered protection](<https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-block-at-first-sight-microsoft-defender-antivirus?view=o365-worldwide>)in Microsoft Defender Antivirus or the equivalent for your antivirus product to cover rapidly evolving attacker tools and techniques. Cloud-based machine learning protections block the majority of new and unknown variants.\n * Turn on [tamper protection](<https://docs.microsoft.com/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection?view=o365-worldwide>)in Microsoft Defender for Endpoint, to prevent malicious changes to security settings.\n * Run [EDR in block mode](<https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/edr-in-block-mode?view=o365-worldwide>)so that Microsoft Defender for Endpoint can block malicious artifacts, even when your non-Microsoft antivirus doesn\u2019t detect the threat or when Microsoft Defender Antivirus is running in passive mode. EDR in block mode works behind the scenes to remediate malicious artifacts that are detected post-breach.\n * Enable [investigation and remediation](<https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/automated-investigations?view=o365-worldwide>)in full automated mode to allow Microsoft Defender for Endpoint to take immediate action on alerts to resolve breaches, significantly reducing alert volume.\n * Use [device discovery](<https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/device-discovery?view=o365-worldwide>)to increase your visibility into your network by finding unmanaged devices on your network and onboarding them to Microsoft Defender for Endpoint.\n\n## Microsoft 365 Defender detection details\n\n**Antivirus**\n\nMicrosoft Defender Antivirus detects threat components as the following malware:\n\n * [TrojanDownloader:O97M/Donoff.SA](<https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=TrojanDownloader:O97M/Donoff.SA&threatId=-2147225317>) \u2013 Detects the Word Doc files in the observed attacks\n * [TrojanDownloader:HTML/Donoff.SA](<https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=TrojanDownloader:HTML/Donoff.SA&threatId=-2147174205>) \u2013 Detects the remotely-loaded HTML\n * [Trojan:Win32/Agent.SA](<https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Win32/Agent.SA&threatId=-2147178093>) -- Detects the .inf(Dll)/CAB components in the observed attacks\n * [Trojan:Win32/CplLoader.A](<https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Win32/CplLoader.A&threatId=-2147178092>) \u2013 Blocks Rundll32/Control abuse used in this CVE exploitation\n * [Behavior:Win32/OfficeMhtInj.A](<https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Behavior:Win32/OfficeMhtInj.A&threatId=-2147178094>) \u2013 Detects the injection into wabmig.exe\n * [TrojanDownloader:O97M/Donoff.SA!CAB](<https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=TrojanDownloader:O97M/Donoff.SA!CAB&threatId=-2147173661>) \u2013 Detects CAB files in observed attacks\n * [TrojanDownloader:O97M/Donoff.SA!Gen](<https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=TrojanDownloader:O97M/Donoff.SA!Gen&threatId=-2147173660>) \u2013 Detects Office documents in observed attacks\n\n**Endpoint detection and response (EDR)**\n\nAlerts with the following titles in the security center can indicate threat activity on your network:\n\n * Possible exploitation of CVE-2021-40444 (requires Defender Antivirus as the Active AV)\n\nThe following alerts might also indicate threat activity associated with this threat. These alerts, however, can be triggered by unrelated threat activity and are not monitored in the status cards provided with this report.\n\n * Suspicious Behavior By Office Application (detects the anomalous process launches that happen in exploitation of this CVE, and other malicious behavior)\n * Suspicious use of Control Panel item\n\n**Microsoft Defender for Office365**\n\nSignals from Microsoft Defender for Office 365 informs Microsoft 365 Defender, which correlates cross-domain threat intelligence to deliver coordinated defense, that this vulnerability has been detected when a document is delivered via email when detonation is enabled.\n\nThe following alerts in your portal will indicate that a malicious attachment has been blocked, although these alerts are also used for many different threats:\n\n * Malware campaign detected and blocked\n * Malware campaign detected after delivery\n * Email messages containing malicious file removed after delivery\n\n## Advanced hunting\n\nTo locate possible exploitation activity, run the following queries.\n\n**Relative path traversal (requires Microsoft 365 Defender)**\n\nUse the following query to surface abuse of Control Panel objects (.cpl) via URL protocol handler path traversal as used in the original attack and public proof of concepts at time of publishing:\n\n`DeviceProcessEvents \n| where (FileName in~('control.exe','rundll32.exe') and ProcessCommandLine has '.cpl:') \nor ProcessCommandLine matches regex @'\\\".[a-zA-Z]{2,4}:\\.\\.\\/\\.\\.'`\n\n**Azure Sentinel **\n\nTo locate possible attacks that exploit the CVE-2021-40444 , Azure Sentinel customers can leverage the following detection query: [Azure Sentinel MSHTML exploit detection](<https://github.com/Azure/Azure-Sentinel/blob/master/Detections/MultipleDataSources/MSHTMLVuln.yaml>).\n\n \n\nThe post [Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability](<https://www.microsoft.com/security/blog/2021/09/15/analyzing-attacks-that-exploit-the-mshtml-cve-2021-40444-vulnerability/>) appeared first on [Microsoft Security Blog](<https://www.microsoft.com/security/blog>).", "cvss3": {}, "published": "2021-09-15T23:40:56", "type": "mssecure", "title": "Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-15T23:40:56", "id": "MSSECURE:795E0A765679492C51FEFA2B19EAD597", "href": "https://www.microsoft.com/security/blog/2021/09/15/analyzing-attacks-that-exploit-the-mshtml-cve-2021-40444-vulnerability/", "cvss": {"score": 0.0, "vector": "NONE"}}], "trendmicroblog": [{"lastseen": "2021-09-09T06:36:04", "description": "Microsoft has disclosed the existence of a new zero-day vulnerability that affects multiple versions of Windows. This vulnerability (designated as CVE-2021-40444) is currently delivered via malicious Office 365 documents and requires user input to open the file to trigger.", "cvss3": {}, "published": "2021-09-09T00:00:00", "type": "trendmicroblog", "title": "Remote Code Execution 0-Day (CVE-2021-40444) Hits Windows, Triggered Via Office Docs", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-09T00:00:00", "id": "TRENDMICROBLOG:E0C479F55DF4C53A47CA2170110555AE", "href": "https://www.trendmicro.com/en_us/research/21/i/remote-code-execution-zero-day--cve-2021-40444--hits-windows--tr.html", "cvss": {"score": 0.0, "vector": "NONE"}}], "krebs": [{"lastseen": "2021-09-08T15:25:09", "description": "**Microsoft Corp.** warns that attackers are exploiting a previously unknown vulnerability in **Windows 10** and many **Windows Server** versions to seize control over PCs when users open a malicious document or visit a booby-trapped website. There is currently no official patch for the flaw, but Microsoft has released recommendations for mitigating the threat.\n\n\n\nAccording to [a security advisory](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444>) from Redmond, the security hole [CVE-2021-40444](<https://us-cert.cisa.gov/ncas/current-activity/2021/09/07/microsoft-releases-mitigations-and-workarounds-cve-2021-40444>) affects the &quot;MSHTML&quot; component of **Internet Explorer** (IE) on **Windows 10** and many **Windows Server** versions. IE been slowly abandoned for more recent Windows browsers like **Edge**, but the same vulnerable component also is used by **Microsoft Office** applications for rendering web-based content.\n\n&quot;An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine,&quot; Microsoft wrote. &quot;The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.&quot;\n\nMicrosoft has not yet released a patch for CVE-2021-40444, but says users can mitigate the threat from this flaw by disabling the installation of all ActiveX controls in IE. Microsoft says the vulnerability is currently being used in targeted attacks, although its advisory credits three different entities with reporting the flaw.\n\nOn of the researchers credited -- **EXPMON** -- [said on Twitter](<https://twitter.com/EXPMON_/status/1435310341689331721>) that it had reproduced the attack on the latest Office 2019 / Office 365 on Windows 10.\n\n&quot;The exploit uses logical flaws so the exploitation is perfectly reliable (&amp; dangerous),&quot; EXPMON tweeted.\n\nWindows users could see an official fix for the bug as soon as September 14, when Microsoft is slated to release its monthly &quot;Patch Tuesday&quot; bundle of security updates.\n\nThis year has been a tough one for Windows users and so-called &quot;zero day&quot; threats, which refers to vulnerabilities that are not patched by current versions of the software in question, and are being actively exploited to break into vulnerable computers.\n\nVirtually every month in 2021 so far, Microsoft has been forced to respond to zero-day threats targeting huge swaths of its user base. In fact, by my count May was the only month so far this year that Microsoft didn&#x27;t release a patch to fix at least one zero-day attack in Windows or supported software.\n\nMany of those zero-days involve older Microsoft technologies or those that have been retired, like IE11; Microsoft [officially retired support for Microsoft Office 365 apps and services on IE11](<https://techcommunity.microsoft.com/t5/microsoft-365-blog/microsoft-365-apps-say-farewell-to-internet-explorer-11-and/ba-p/1591666>) last month. In July, Microsoft [rushed out a fix for the Print Nightmare vulnerability](<https://krebsonsecurity.com/2021/07/microsoft-issues-emergency-patch-for-windows-flaw/>) that was present in every supported version of Windows, only to see the patch cause problems for a number of Windows users.\n\nOn June&#x27;s Patch Tuesday, Microsoft [addressed six zero-day security holes](<https://krebsonsecurity.com/2021/06/microsoft-patches-six-zero-day-security-holes/>). And of course in March, hundreds of thousands of organizations running **Microsoft Exchange** email servers found those systems [compromised with backdoors thanks to four zero-day flaws in Exchange](<https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/>).", "cvss3": {}, "published": "2021-09-08T15:03:45", "type": "krebs", "title": "Microsoft: Attackers Exploiting Windows Zero-Day Flaw", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-08T15:03:45", "id": "KREBS:409088FC2DFC219B74043104C2B672CC", "href": "https://krebsonsecurity.com/2021/09/microsoft-attackers-exploiting-windows-zero-day-flaw/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-15T17:25:09", "description": "**Microsoft** today pushed software updates to plug dozens of security holes in Windows and related products, including a vulnerability that is already being exploited in active attacks. Also, **Apple** has issued an emergency update to fix a flaw that&#x27;s reportedly been abused to install spyware on **iOS** products, and **Google**&#x27;s got a new version of **Chrome** that tackles two zero-day flaws. Finally, Adobe has released critical security updates for **Acrobat**, **Reader** and a slew of other software.\n\n\n\nFour of the flaws fixed in this patch batch earned Microsoft&#x27;s most-dire &quot;critical&quot; rating, meaning they could be exploited by miscreants or malware to remotely compromise a Windows PC with little or no help from the user.\n\nTop of the critical heap is [CVE-2021-40444](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444>), which affects the \u201cMSHTML\u201d component of **Internet Explorer** (IE) on **Windows 10** and many **Windows Server** versions. In [a security advisory last week](<https://krebsonsecurity.com/2021/09/microsoft-attackers-exploiting-windows-zero-day-flaw/>), Microsoft warned attackers already are exploiting the flaw through **Microsoft Office** applications as well as IE.\n\nThe critical bug [CVE-2021-36965](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36965>) is interesting, as it involves a remote code execution flaw in &quot;WLAN AutoConfig,&quot; the component in Windows 10 and many Server versions that handles auto-connections to Wi-Fi networks. One mitigating factor here is that the attacker and target would have to be on the same network, although many systems are configured to auto-connect to Wi-Fi network names with which they have previously connected.\n\n**Allan Liska**, senior security architect at [Recorded Future](<https://www.recordedfuture.com>), said a similar vulnerability -- [CVE-2021-28316](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-28316>) -- was announced in April.\n\n&quot;CVE-2021-28316 was a security bypass vulnerability, not remote code execution, and it has never been reported as publicly exploited,&quot; Liska said. &quot;That being said, the ubiquity of systems deployed with WLAN AutoConfig enabled could make it an attractive target for exploitation.&quot;\n\nAnother critical weakness that enterprises using Azure should prioritize is [CVE-2021-38647](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38647>), which is a remote code execution bug in Azure Open Management Infrastructure (OMI) that has a CVSS Score of 9.8 (10 is the worst). It was [reported and detailed](<https://www.wiz.io/blog/secret-agent-exposes-azure-customers-to-unauthorized-code-execution>) by researchers at **Wiz.io**, who said CVE-2021-38647 was one of four bugs in Azure OMI they found that Microsoft patched this week.\n\n&quot;We conservatively estimate that thousands of Azure customers and millions of endpoints are affected,&quot; Wiz.io&#x27;s [Nir Ohfeld](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38647>) wrote. &quot;In a small sample of Azure tenants we analyzed, over 65% were unknowingly at risk.&quot;\n\nKevin** Breen** of [Immersive Labs](<https://www.immersivelabs.com/>) calls attention to several &quot;privilege escalation&quot; flaws fixed by Microsoft this month, noting that while these bugs carry lesser severity ratings, Microsoft considers them more likely to be exploited by bad guys and malware.\n\n&quot;[CVE-2021-38639](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38639>) and [CVE-2021-36975](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36975>) have also been listed as &#x27;exploitation more likely&#x27; and together cover the full range of supported Windows versions,&quot; Breem wrote. &quot;I am starting to feel like a broken record when talking about privilege escalation vulnerabilities. They typically have a lower CVSS score than something like Remote Code Execution, but these local exploits can be the linchpin in the post-exploitation phases of an experienced attacker. If you can block them here you have the potential to significantly limit their damage. If we assume a determined attacker will be able to infect a victim\u2019s device through social engineering or other techniques, I would argue that patching these is even more important than patching some other Remote Code execution vulnerabilities.&quot;\n\nApple on Monday pushed out [an urgent security update](<https://support.apple.com/en-us/HT212807>) to fix a &quot;zero-click&quot; iOS vulnerability ([CVE-2021-30860](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30860>)) reported by researchers at **Citizen Lab** that allows commands to be run when files are opened on certain Apple devices. [Citizen Lab found](<https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/>) that an exploit for CVE-2021-30860 was being used by the [NSO Group](<https://en.wikipedia.org/wiki/NSO_Group>), an Israeli tech company whose spyware enables the remote surveillance of smartphones.\n\n**Google** also released [a new version](<https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop.html>) of its **Chrome** browser on Monday to fix nine vulnerabilities, including two that are under active attack. If you&#x27;re running Chrome, keep a lookout for when you see an &quot;Update&quot; tab appear to the right of the address bar. If it&#x27;s been a while since you closed the browser, you might see the Update button turn from green to orange and then red. Green means an update has been available for two days; orange means four days have elapsed, and red means your browser is a week or more behind on important updates. Completely close and restart the browser to install any pending updates.\n\nAs it usually does on Patch Tuesday, Adobe also released new versions of Reader, Acrobat and [a large number of other products](<https://helpx.adobe.com/security.html>). Adobe says it is not aware of any exploits in the wild for any of the issues addressed in its updates today.\n\nFor a complete rundown of all patches released today and indexed by severity, check out the [always-useful Patch Tuesday roundup](<https://isc.sans.edu/forums/diary/Microsoft+September+2021+Patch+Tuesday/27834/>) from the **SANS Internet Storm Center**. And it\u2019s not a bad idea to hold off updating for a few days until Microsoft works out any kinks in the updates: [AskWoody.com](<https://www.askwoody.com/2021/september-2021-its-patch-day/>) usually has the lowdown on any patches that are causing problems for Windows users.\n\nOn that note, before you update _please_ make sure you have backed up your system and/or important files. It\u2019s not uncommon for a Windows update package to hose one\u2019s system or prevent it from booting properly, and some updates have been known to erase or corrupt files.\n\nSo do yourself a favor and backup before installing any patches. Windows 10 even has some [built-in tools](<https://lifehacker.com/how-to-back-up-your-computer-automatically-with-windows-1762867473>) to help you do that, either on a per-file/folder basis or by making a complete and bootable copy of your hard drive all at once.\n\nAnd if you wish to ensure Windows has been set to pause updating so you can back up your files and/or system before the operating system decides to reboot and install patches on its own schedule, [see this guide](<https://www.computerworld.com/article/3543189/check-to-make-sure-you-have-windows-updates-paused.html>).\n\nIf you experience glitches or problems installing any of these patches this month, please consider leaving a comment about it below; there\u2019s a decent chance other readers have experienced the same and may chime in here with useful tips.", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-09-14T21:00:42", "type": "krebs", "title": "Microsoft Patch Tuesday, September 2021 Edition", "bulletinFamily": "blog", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28316", "CVE-2021-30860", "CVE-2021-36965", "CVE-2021-36975", "CVE-2021-38639", "CVE-2021-38647", "CVE-2021-40444"], "modified": "2021-09-14T21:00:42", "id": "KREBS:2EC42B845847A6DCFE50ECEB9FF61C29", "href": "https://krebsonsecurity.com/2021/09/microsoft-patch-tuesday-september-2021-edition/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "threatpost": [{"lastseen": "2021-09-08T12:29:02", "description": "Both Microsoft and federal cybersecurity officials are urging organizations to use mitigations to combat a zero-day remote control execution (RCE) vulnerability in Windows that allows attackers to craft malicious Microsoft Office documents.\n\nMicrosoft has not revealed much about the MSHTML bug, tracked as [CVE-2021-40444](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40444>), beyond that it is \u201caware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents,\u201d according to an advisory released Tuesday.\n\nHowever, it\u2019s serious enough that the Cybersecurity and Infrastructure Security Agency (CISA) released [an advisory](<https://us-cert.cisa.gov/ncas/current-activity/2021/09/07/microsoft-releases-mitigations-and-workarounds-cve-2021-40444>) of its own alerting users and administrators to the vulnerability and recommending that they use the mitigations and workarounds Microsoft recommends.\n\nThe vulnerability allows an attacker to craft a malicious ActiveX control that can be used by a Microsoft Office document that hosts the browser rendering engine, according to Microsoft. \n[](<https://threatpost.com/infosec-insider-subscription-page/?utm_source=ART&utm_medium=ART&utm_campaign=InfosecInsiders_Newsletter_Promo/>)The attacker would then have to convince the user to open the malicious document for an attack to be successful, the company said. Moreover, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights, according to the advisory.\n\n## **Affecting More than Office**\n\nThough Microsoft is still investigating the vulnerability, it could prove to go beyond affecting just Microsoft Office documents due to the ubiquitous use of MSHTML on Windows, warned Jake Williams, co-founder and CTO at incident response firm [BreachQuest](<https://breachquest.com/>).\n\n\u201cIf you\u2019ve ever opened an application that seemingly \u2018magically\u2019 knows your proxy settings, that\u2019s likely because it uses MSHTML under the hood,\u201d he said in an e-mail to Threatpost. \u201cVulnerabilities like these tend to have extremely long lifetimes for exploitation in the wild.\u201d\n\nEven if the vulnerability\u2019s reach does not go beyond Office documents, its presence and the fact that attackers are already trying to exploit are worrisome enough for organizations to take immediate action, noted another security professional.\n\nMalicious Office documents are a popular tactic with cybercriminals and state-sponsored threat actors, and the vulnerability give them \u201cmore direct exploitation of a system and the usual tricking users to disable security controls,\u201d observed John Bambenek, principal threat hunter at digital IT and security operations firm [Netenrich](<https://netenrich.com/>).\n\n\u201cAs this is already being exploited, immediate patching should be done,\u201d he advised. \u201cHowever, this is a stark reminder that in 2021, we still can\u2019t send documents from point A to point B securely.\u201d\n\n## **Mitigations and Workarounds**\n\nMicrosoft has offered some advice for organizations affected by the vulnerability\u2014first discovered by Rick Cole of the Microsoft Security Response Center, Haifei Li of EXPMON, and Dhanesh Kizhakkinan, Bryce Abdo and Genwei Jiang of Mandiant\u2013until it can offer its own security update. That may come in the form of a Patch Tuesday fix or an out-of-band patch, depending on what researchers discover, the company said.\n\nUntil then, customers should keep anti-malware products up to date, though those who use automatic updates don\u2019t need to take action now, Microsoft said. For enterprise customers who manage updates, they should select the detection build 1.349.22.0 or newer and deploy it across their environments, the company added.\n\nWorkarounds for the flaw include disabling the installation of all ActiveX controls in Internet Explorer, which mitigates a potential attack, according to Microsoft.\n\n\u201cThis can be accomplished for all sites by updating the registry,\u201d the company said in its advisory. \u201cPreviously-installed ActiveX controls will continue to run, but do not expose this vulnerability.\u201d\n\nHowever, Microsoft warned organizations to take care when using the Registry Editor, because doing so incorrectly can \u201ccause serious problems that may require you to reinstall your operating system.\u201d \u201cUse Registry Editor at your own risk,\u201d the company advised.\n\n**It\u2019s time to evolve threat hunting into a pursuit of adversaries. **[**JOIN**](<https://threatpost.com/webinars/threat-hunting-catch-adversaries/?utm_source=ART&utm_medium=ART&utm_campaign=September_Cybersixgill_Webinar>)** Threatpost and Cybersixgill for **[**Threat Hunting to Catch Adversaries, Not Just Stop Attacks**](<https://threatpost.com/webinars/threat-hunting-catch-adversaries/?utm_source=ART&utm_medium=ART&utm_campaign=September_Cybersixgill_Webinar>)** and get a guided tour of the dark web and learn how to track threat actors before their next attack. **[**REGISTER NOW**](<https://threatpost.com/webinars/threat-hunting-catch-adversaries/?utm_source=ART&utm_medium=ART&utm_campaign=September_Cybersixgill_Webinar>)** for the LIVE discussion on Sept. 22 at 2 p.m. EST with Cybersixgill\u2019s Sumukh Tendulkar and Edan Cohen, along with independent researcher and vCISO Chris Roberts and Threatpost host Becky Bracken.**\n", "cvss3": {}, "published": "2021-09-08T12:24:51", "type": "threatpost", "title": "Microsoft, CISA Urge Mitigations for Zero-Day RCE Flaw in Windows", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-08T12:24:51", "id": "THREATPOST:62DC935BF4DB4EF8A4F1E83519B1D5CD", "href": "https://threatpost.com/microsoft-zero-day-rce-flaw-in-windows/169273/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-17T12:16:20", "description": "Criminals behind the Ryuk ransomware were early exploiters of the Windows MSHTML flaw, actively leveraging the bug in campaigns ahead of a patch released by [Microsoft](<https://threatpost.com/microsoft-patch-tuesday-exploited-windows-zero-day/169459/>) this week.\n\nCollaborative research by Microsoft and RiskIQ revealed campaigns by Ryuk threat actors early on that exploited the flaw, tracked as [CVE-2021-40444](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444>). The bug is a remote code execution (RCE) vulnerability in Windows that allows attackers to craft malicious Microsoft Office documents. The two [released](<https://www.microsoft.com/security/blog/2021/09/15/analyzing-attacks-that-exploit-the-mshtml-cve-2021-40444-vulnerability/>) [separate reports](<https://www.riskiq.com/blog/external-threat-management/wizard-spider-windows-0day-exploit/>) online this week to provide a look into who has been using the flaw\u2013which can be used to hide a malicious ActiveX control in an Office document\u2013in attacks, as well as their potential connections to known criminal groups.\n\n[](<https://threatpost.com/infosec-insider-subscription-page/?utm_source=ART&utm_medium=ART&utm_campaign=InfosecInsiders_Newsletter_Promo/>)\n\nSpecifically, most of the attacks that researchers analyzed used MSHTML as part of an initial access campaign that distributed custom Cobalt Strike Beacon loaders, which communicated with an infrastructure that is associated with multiple cybercriminal campaigns\u2013including human-operated ransomware, researchers from the Microsoft 365 Defender Threat Intelligence Team at the Microsoft Threat Intelligence Center (MSTIC) reported.\n\nRiskIQ identified the ransomware infrastructure as potentially belonging to the Russian-speaking [Wizard Spider](<https://threatpost.com/wizard-spider-upgrades-ryuk-ransomware/149853/>) crime syndicate, known to maintain and distribute Ryuk ransomware.\n\n\u201cBased on multiple overlapping patterns in network infrastructure setup and use, we assess with high confidence that the operators behind the zero-day campaign are using infrastructure affiliated with Wizard Spider (CrowdStrike), and/or related groups UNC1878 (FireEye/Mandiant) and Ryuk (public), who continue to use Ryuk/Conti and BazaLoader/BazarLoader malware in targeted ransomware campaigns,\u201d RiskIQ\u2019s Team Atlas wrote in its analysis.\n\nMicrosoft stopped short of specifically identifying the threat actors observed exploiting the MSHTML flaw, instead referring to unidentified perpetrators as \u201cdevelopment groups\u201d using the prefix \u201cDEV\u201d and a number to indicate an emerging threat group.\n\n## **Separate Campaigns, Threat Actors**\n\nIn its analysis, the company cites activity from three DEV groups since August that have been seen in attacks leveraging CVE-2021-40444: DEV-0365, DEV-0193 and DEV-0413.\n\nThe infrastructure the company associates with DEV-0365 was used in the Cobalt Strike campaigns and follow-on activity, indicating \u201cmultiple threat actors or clusters associated with human-operated ransomware attacks (including the deployment of Conti ransomware),\u201d according to researchers. However, DEV-0365 potentially may be involved only as a command-and-control infrastructure as a service for cybercriminals, the company said.\n\n\u201cAdditionally, some of the infrastructure that hosted the oleObjects utilized in the August 2021 attacks abusing CVE-2021-40444 were also involved in the delivery of BazaLoader and Trickbot payloads \u2014 activity that overlaps with a group Microsoft tracks as DEV-0193,\u201d the team said.\n\nMicrosoft attributed another campaign using the vulnerability to a group identified as DEV-0413. This campaign is \u201csmaller and more targeted than other malware campaigns we have identified leveraging DEV-0365 infrastructure,\u201d and was observed exploiting the flaw as early as Aug. 18.\n\nThe campaign used a social-engineering lure that aligned with the business operations of targeted organizations, \u201csuggesting a degree of purposeful targeting,\u201d the company observed.\n\n\u201cThe campaign purported to seek a developer for a mobile application, with multiple application development organizations being targeted,\u201d they wrote. \u201cIn most instances, file-sharing services were abused to deliver the CVE-2021-40444-laden lure.\u201d\n\n## **History of a Vulnerability**\n\nMicrosoft first [revealed](<https://threatpost.com/microsoft-zero-day-rce-flaw-in-windows/169273/>) the MSHTML zero-day vulnerability on Sept. 7, joining the Cybersecurity and Infrastructure Security Agency (CISA) in warning organizations of the bug and urging mitigations in separate alerts released that day.\n\nThe vulnerability allows an attacker to craft a malicious ActiveX control that can be used by a Microsoft Office document that hosts the browser rendering engine, according to Microsoft. \nSomeone would have to open the malicious document for an attack to be successful, the company said. This is why attackers use email campaigns with lures that appear relevant to their targets in the hopes that they will launch embedded documents, researchers said.\n\nIndeed, at least one of the campaigns Microsoft researchers observed included emails impersonating contracts and legal agreements to try to trick victims to opening the documents to distribute the payload.\n\nThough it\u2019s not completely certain if Wizard Spider is behind some of these early attacks, it\u2019s clear that ransomware operators are interested in exploiting the MSHTML flaw, according to RiskIQ.\n\nHowever, at this point, \u201cwe assume there has been limited deployment of this zero-day,\u201d researchers wrote. That means that even if known ransomware criminals are involved in the attacks, delivering ransomware may not be the ultimate goal of the campaigns, they observed.\n\n\u201cInstead, we assess with medium confidence that the goal of the operators behind the zero-day may, in fact be traditional espionage,\u201d RISKIQ\u2019s Team Atlas wrote. \u201cThis goal could easily be obscured by a ransomware deployment and blend into the current wave of targeted ransomware attacks.\u201d\n\nNo matter, organizations should take advantage of the patch Microsoft released this week for the vulnerability and update their systems now before more attacks occur, the company reiterated. \u201cCustomers are advised to apply the [security patch](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444>) for CVE-2021-40444 to fully mitigate this vulnerability,\u201d the MSTIC team wrote.\n\n**Rule #1 of Linux Security: **No cybersecurity solution is viable if you don\u2019t have the basics down. [**JOIN**](<https://threatpost.com/webinars/4-golden-rules-linux-security/?utm_source=ART&utm_medium=ART&utm_campaign=September_Uptycs_Webinar>) Threatpost and Linux security pros at Uptycs for a LIVE roundtable on the [**4 Golden Rules of Linux Security**](<https://threatpost.com/webinars/4-golden-rules-linux-security/?utm_source=ART&utm_medium=ART&utm_campaign=September_Uptycs_Webinar>). Your top takeaway will be a Linux roadmap to getting the basics right! [**REGISTER NOW**](<https://threatpost.com/webinars/4-golden-rules-linux-security/?utm_source=ART&utm_medium=ART&utm_campaign=September_Uptycs_Webinar>) and join the **LIVE event on Sept. 29 at Noon EST**. Joining Threatpost is Uptycs\u2019 Ben Montour and Rishi Kant who will spell out Linux security best practices and take your most pressing questions in real time.\n", "cvss3": {}, "published": "2021-09-17T12:07:59", "type": "threatpost", "title": "Microsoft MSHTML Flaw Exploited by Ryuk Ransomware Gang", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-17T12:07:59", "id": "THREATPOST:3C3F20C93519036CC712D1CA3A6D7C48", "href": "https://threatpost.com/microsoft-mshtml-ryuk-ransomware/174780/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-16T18:44:44", "description": "In [September\u2019s Patch Tuesday](<https://msrc.microsoft.com/update-guide/vulnerability>) crop of security fixes, Microsoft released patches for 66 CVEs, three of which are rated critical, and one of which \u2013 the Windows MSHTML zero-day \u2013 has been under active attack for nearly two weeks.\n\nOne other bug is listed as publicly known but isn\u2019t (yet) being exploited. Immersive Labs\u2019 Kevin Breen, director of cyber threat research, observed that with only one CVE under active attack in the wild, it\u2019s \u201cquite a light Patch Tuesday\u201d \u2013 at least on the surface, that is.\n\nThe flaws were found in Microsoft Windows and Windows components, Microsoft Edge (Chromium, iOS, and Android), Azure, Office and Office Components, SharePoint Server, Microsoft Windows DNS and the Windows Subsystem for Linux.\n\n[](<https://threatpost.com/infosec-insider-subscription-page/?utm_source=ART&utm_medium=ART&utm_campaign=InfosecInsiders_Newsletter_Promo/>)\n\nOf the 66 new CVEs patched today, three are rated critical, 62 are rated important, and one is rated moderate in severity.\n\nOver the past nine months of 2021, this is the seventh month in which Microsoft patched fewer than 100 CVEs, in stark contrast to 2020, when Redmond spent eight months gushing out more than 100 CVE patches per month. But while the overall number of vulnerabilities is lighter, the severity ratings have ticked up, as the [Zero Day Initiative](<https://www.zerodayinitiative.com/blog/2021/9/14/the-september-2021-security-update-review-kpgpb>) noted.\n\nSome observers pegged the top patching priority in this month\u2019s batch as being a fix for CVE-2021-40444: An important-rated vulnerability in Microsoft\u2019s MSHTML (Trident) engine that rates 8.8 out of 10 on the CVSS scale.\n\nDisclosed on Sept. 7, it\u2019s a painfully throbbing sore thumb, given that researchers developed a number of proof-of-concept (PoC) exploits showing how drop-dead simple it is to exploit, and attackers have been sharing guides on how to do just that.\n\n## Under Active Attack: CVE-2021-40444\n\nIt\u2019s been nearly two weeks since this serious, simple to exploit bug has been under active attack, and it\u2019s been nearly a week since attackers started to share blueprints on how to carry out an exploit.\n\nMicrosoft said last week that the flaw could let an attacker \u201ccraft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine,\u201d after which \u201cthe attacker would then have to convince the user to open the malicious document.\u201d Unfortunately, malicious macro attacks continue to be prevalent: In July, for example, legacy users of Microsoft Excel were being targeted in a malware campaign that used a [novel malware-obfuscation technique](<https://threatpost.com/microsoft-office-malware-protection-bypass/167652/>) to disable malicious macro warnings and deliver the ZLoader trojan.\n\nAn attacker would need to convince a user to open a specially crafted Microsoft Office document containing the exploit code.\n\nSatnam Narang, staff research engineer at Tenable, noted via email that there have been warnings that this vulnerability will be incorporated into malware payloads and used to distribute ransomware: A solid reason to put the patch at the top of your priority list.\n\n\u201cThere are no indications that this has happened yet, but with the patch now available, organizations should prioritize updating their systems as soon as possible,\u201d Narang told Threatpost.\n\nLast Wednesday, Sept. 8, [Kevin Beaumont](<https://twitter.com/GossiTheDog/status/1435515875025633282>) \u2013 head of the security operations center for U.K. fashion retailer Arcadia Group and a past senior threat intelligence analyst at Microsoft \u2013 [noted](<https://twitter.com/GossiTheDog/status/1435562870331293706>) that the exploit had been in the wild for about a week or more.\n\nIt got worse: Last Thursday, Sept. 9, threat actors began [sharing exploit how-tos](<https://www.bleepingcomputer.com/news/microsoft/windows-mshtml-zero-day-exploits-shared-on-hacking-forums/>) and PoCs for the Windows MSHTML zero-day. BleepingComputer gave it a try and found that the guides are \u201csimple to follow and [allow] anyone to create their own working version\u201d of the exploit, \u201cincluding a Python server to distribute the malicious documents and CAB files.\u201d\n\nIt took the publication all of 15 minutes to recreate the exploit.\n\nA week ago, on Tuesday, Sept. 7, Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) had [urged mitigations](<https://threatpost.com/microsoft-zero-day-rce-flaw-in-windows/169273/>) of the remote-code execution (RCE) flaw, which is found in all modern Windows operating systems.\n\nLast week, the company didn\u2019t say much about the bug in MSHTML, aka Trident, which is the HTML engine built into Windows since Internet Explorer debuted more than 20 years ago and which allows Windows to read and display HTML files.\n\nMicrosoft did say, however, that it was aware of targeted attacks trying to exploit it via specially crafted Microsoft Office documents.\n\nIn spite of there being no security updates available for the vulnerability at that time, MIcrosoft went ahead and disclosed it, along with mitigations meant to help prevent exploitation.\n\n## Mitigations That Don\u2019t Mitigate\n\nTracked as [CVE-2021-40444](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40444>), the flaw is serious enough that CISA sent its own advisory, alerting users and administrators and recommending that they use the mitigations and workarounds Microsoft recommended \u2013 mitigations that try to prevent exploitation by blocking ActiveX controls and Word/RTF document previews in Windows Explorer.\n\nEmphasis on \u201ctry to:\u201d Unfortunately, those mitigations proved to be less than foolproof, as researchers, including Beaumont, managed to [modify the exploit](<https://twitter.com/GossiTheDog/status/1435570418623070210>) so that it didn\u2019t use ActiveX, [effectively skirting Microsoft\u2019s mitigations](<https://www.bleepingcomputer.com/news/microsoft/windows-mshtml-zero-day-defenses-bypassed-as-new-info-emerges/>).\n\nThe Zero Day Initiative [said that](<https://www.zerodayinitiative.com/blog/2021/9/14/the-september-2021-security-update-review-kpgpb>) for now, the most-effective defense is \u201cto apply the patch and avoid Office docs you aren\u2019t expecting to receive.\u201d\n\nBe sure to carefully review and install [all the needed patches](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444>) for your setup: There\u2019s a long list of updates for specific platforms, and it\u2019s important not to slather on too thin a layer of protection.\n\nCredit for finding this bug goes to Rick Cole of MSTIC; Bryce Abdo, Dhanesh Kizhakkinan and Genwei Jiang, all from Mandiant; and Haifei Li of EXPMON.\n\n## Baddest Bug Award\n\nThe award for baddest bug \u2013 or at least, the one with the highest severity rating, with a CVSS score of 9.8 \u2013 goes to [CVE-2021-38647](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38647>): a critical remote-code execution (RCE) vulnerability in Open Management Infrastructure.\n\n[OMI is an open-source project](<https://github.com/microsoft/omi>) to further the development of a production-quality implementation of the [DMTF CIM/WBEM](<https://www.dmtf.org/standards/cim>) standards.\n\n\u201cThis vulnerability requires no user interaction or privileges, so an attacker can run their code on an affected system just by sending a specially crafted message to an affected system,\u201d the Zero Day Initiatve explained. That makes it high priority: ZDI recommended that OMI users test and deploy this one quickly.\n\n## Yet More PrintNightmare Patches\n\nMicrosoft also patched three elevation of privilege vulnerabilities in Windows Print Spooler ([CVE-2021-38667](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38667>), [CVE-2021-38671](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38671>) and [CVE-2021-40447](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40447>)), all rated important.\n\nThese are the three latest fixes in a steady [stream](<https://threatpost.com/cisa-mitigation-printnightmare-bug/167515/>) of [patches](<https://threatpost.com/microsoft-unpatched-printnightmare-zero-day/168613/>) for flaws in Windows Print Spooler that followed the [disclosure of PrintNightmare](<https://threatpost.com/poc-exploit-windows-print-spooler-bug/167430/>) in June. This probably won\u2019t be the last patch in that parade: Tenable\u2019s Narang told Threatpost that \u201cresearchers continue to discover ways to exploit Print Spooler\u201d and that the firm expects \u201ccontinued research in this area.\u201d\n\nOnly one \u2013 CVE-2021-38671 \u2013 of today\u2019s patch trio is rated as \u201cexploitation more likely.\u201d Regardless, organizations should prioritize patching these flaws as \u201cthey are extremely valuable to attackers in post-exploitation scenarios,\u201d Narang observed.\n\n## More \u2018Exploitation More Likely\u2019\n\nImmersive\u2019s Breen told Threatpost that a trio of local privilege-escalation vulnerabilities in the Windows Common Log File System Driver ([CVE-2021-36955](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36955>), [CVE-2021-36963](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36963>), [CVE-2021-38633](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38633>)) are also noteworthy, all of them being listed as \u201cexploitation more likely.\u201d\n\n\u201cLocal priv-esc vulnerabilities are a key component of almost every successful cyberattack, especially for the likes of ransomware operators who abuse this kind of exploit to gain the highest level of access,\u201d Breen said via email. \u201cThis allows them to disable antivirus, delete backups and ensure their encryptors can reach even the most sensitive of files.\u201d\n\nOne glaring example of that emerged in May, when hundreds of millions of [Dell users were found to be at risk](<https://threatpost.com/dell-kernel-privilege-bugs/165843/>) from kernel-privilege bugs. The bugs lurked undisclosed for 12 years, and could have allowed attackers to bypass security products, execute code and pivot to other parts of the network for lateral movement.\n\nThe three exploits Microsoft patched on Tuesday aren\u2019t remote, meaning that attackers need to have achieved code execution by other means. One such way would be via CVE-2021-40444.\n\nTwo other vulnerabilities \u2013 [CVE-2021-38639](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38639>) and [CVE-2021-36975](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36975>), both Win32k escalation of privilege flaws \u2013 have also been listed as \u201cexploitation more likely\u201d and, together, cover the full range of supported Windows versions.\n\nBreen said that he\u2019s starting to feel like a broken record when it comes to privilege escalation vulnerabilities. They\u2019re not rated as high a severity risk as RCE bugs, but \u201cthese local exploits can be the linchpin in the post-exploitation phases of an experienced attacker,\u201d he asserted. \u201cIf you can block them here you have the potential to significantly limit their damage.\u201d\n\nhe added, \u201cIf we assume a determined attacker will be able to infect a victim\u2019s device through social engineering or other techniques, I would argue that patching priv-esc vulnerabilities is even more important than patching some other remote code-execution vulns,\u201d Breen said.\n\n## Still, This RCE Is Pretty Important\n\nDanny Kim, a principal architect at Virsec who spent time at Microsoft during his graduate work on the OS security development team, wants security teams to pay attention to [CVE-2021-36965](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36965>) \u2013 an important-rated Windows WLAN AutoConfig Service RCE vulnerability \u2013 given its combination of severity (with a CVSS:3.0 base score of 8.8); no requirement for privilege escalation/user interaction to exploit; and breadth of affected Windows versions.\n\nThe WLAN AutoConfig Service is part of the mechanism that Windows 10 uses to choose the wireless network a computer will connect to, and to the Windows Scripting Engine, respectively.\n\nThe patch fixes a flaw that could allow network-adjacent attackers to run their code on affected systems at system level.\n\nAs the Zero Day Initiative explained, that means an attacker could \u201ccompletely take over the target \u2013 provided they are on an adjacent network.\u201d That would come in quite handy in a [coffee-shop attack](<https://threatpost.com/microsoft-wi-fi-protection/145053/>), where multiple people use an unsecured Wi-Fi network.\n\nThis one \u201cis especially alarming,\u201d Kim said: Think [SolarWinds](<https://threatpost.com/solarwinds-default-password-access-sales/162327/>) and PrintNightmare.\n\n\u201cAs recent trends have shown, remote code execution-based attacks are the most critical vulnerabilities that can lead to the largest negative impact on an enterprise, as we have seen in the Solarwinds and PrintNightmare attacks,\u201d he said in an email.\n\nKim said that in spite of the exploit code maturity being currently unproven, the vulnerability has been confirmed to exist, leaving an opening for attackers.\n\n\u201cIt specifically relies on the attacker being located in the same network, so it would not be surprising to see this vulnerability used in combination with another CVE/attack to achieve an attacker\u2019s end goal,\u201d he predicted. \u201cRemote code execution attacks can lead to unverified processes running on the server workload, only highlighting the need for constant, deterministic runtime monitoring. Without this protection in place, RCE attacks can lead to a total loss of confidentiality and integrity of an enterprise\u2019s data.\u201d\n\nThe Zero Day Initiative also found this one alarming. Even though it requires proximity to a target, it requires no privileges or user interaction, so \u201cdon\u2019t let the adjacent aspect of this bug diminish the severity,\u201d it said. \u201cDefinitely test and deploy this patch quickly.\u201d\n\n## And Don\u2019t Forget to Patch Chrome\n\nBreen told Threatpost via email that security teams should also pay attention to 25 vulnerabilities patched in Chrome and ported over to Microsoft\u2019s Chromium-based Edge.\n\nBrowsers are, after all, windows into things both private, sensitive and valuable to criminals, he said.\n\n\u201cI cannot underestimate the importance of patching your browsers and keeping them up to date,\u201d he stressed. \u201cAfter all, browsers are the way we interact with the internet and web-based services that contain all sorts of highly sensitive, valuable and private information. Whether you\u2019re thinking about your online banking or the data collected and stored by your organization\u2019s web apps, they could all be exposed by attacks that exploit the browser.\u201d\n\n**It\u2019s time to evolve threat hunting into a pursuit of adversaries. **[**JOIN**](<https://threatpost.com/webinars/threat-hunting-catch-adversaries/?utm_source=ART&utm_medium=ART&utm_campaign=September_Cybersixgill_Webinar>)** Threatpost and Cybersixgill for **[**Threat Hunting to Catch Adversaries, Not Just Stop Attacks**](<https://threatpost.com/webinars/threat-hunting-catch-adversaries/?utm_source=ART&utm_medium=ART&utm_campaign=September_Cybersixgill_Webinar>)** and get a guided tour of the dark web and learn how to track threat actors before their next attack. **[**REGISTER NOW**](<https://threatpost.com/webinars/threat-hunting-catch-adversaries/?utm_source=ART&utm_medium=ART&utm_campaign=September_Cybersixgill_Webinar>)** for the LIVE discussion on September 22 at 2 PM EST with Cybersixgill\u2019s Sumukh Tendulkar and Edan Cohen, along with researcher and vCISO Chris Roberts and Threatpost host Becky Bracken.**\n", "cvss3": {}, "published": "2021-09-14T20:29:14", "type": "threatpost", "title": "Microsoft Patches Actively Exploited Windows Zero-Day", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-36955", "CVE-2021-36963", "CVE-2021-36965", "CVE-2021-36975", "CVE-2021-38633", "CVE-2021-38639", "CVE-2021-38647", "CVE-2021-38667", "CVE-2021-38671", "CVE-2021-40444", "CVE-2021-40447"], "modified": "2021-09-14T20:29:14", "id": "THREATPOST:6D61C560E85ECD0A7A35C55E74849510", "href": "https://threatpost.com/microsoft-patch-tuesday-exploited-windows-zero-day/169459/", "cvss": {"score": 0.0, "vector": "NONE"}}], "thn": [{"lastseen": "2021-09-08T06:35:28", "description": "[](<https://thehackernews.com/images/-KnvkhCvOrtg/YTgvMst2aSI/AAAAAAAADvs/ibzrIC7hu6wR3f2vrtI3U2rW7SVg6UbKQCLcBGAsYHQ/s0/microsoft-office-hack.jpg>)\n\nMicrosoft on Tuesday warned of an actively exploited zero-day flaw impacting Internet Explorer that's being used to hijack vulnerable Windows systems by leveraging weaponized Office documents.\n\nTracked as CVE-2021-40444 (CVSS score: 8.8), the remote code execution flaw is rooted in MSHTML (aka Trident), a proprietary browser engine for the now-discontinued Internet Explorer and which is used in Office to render web content inside Word, Excel, and PowerPoint documents.\n\n\"Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents,\" the company [said](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444>).\n\n\"An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights,\" it added.\n\nThe Windows maker credited researchers from EXPMON and Mandiant for reporting the flaw, although the company did not disclose additional specifics about the nature of the attacks, the identity of the adversaries exploiting this zero-day, or their targets in light of real-world attacks.\n\nEXPMON, in a [tweet](<https://twitter.com/EXPMON_/status/1435309115883020296>), noted it found the vulnerability after detecting a \"highly sophisticated zero-day attack\" aimed at Microsoft Office users, adding it passed on its findings to Microsoft on Sunday. \"The exploit uses logical flaws so the exploitation is perfectly reliable (&amp; dangerous),\" EXPMON researchers said.\n\nHowever, it's worth pointing out that the current attack can be suppressed if Microsoft Office is run with default configurations, wherein documents downloaded from the web are opened in [Protected View](<https://support.microsoft.com/en-us/topic/what-is-protected-view-d6f09ac7-e6b9-4495-8e43-2bbcdbcb6653>) or [Application Guard for Office](<https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/install-app-guard?view=o365-worldwide>), which is designed to prevent untrusted files from accessing trusted resources in the compromised system.\n\nMicrosoft, upon completion of the investigation, is expected to either release a security update as part of its Patch Tuesday monthly release cycle or issue an out-of-band patch \"depending on customer needs.\" In the interim, the Windows maker is urging users and organizations to disable all ActiveX controls in Internet Explorer to mitigate any potential attack.\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {}, "published": "2021-09-08T03:37:00", "type": "thn", "title": "New 0-Day Attack Targeting Windows Users With Microsoft Office Documents", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-08T04:55:07", "id": "THN:D4E86BD8938D3B2E15104CA4922A51F8", "href": "https://thehackernews.com/2021/09/new-0-day-attack-targeting-windows.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-17T06:36:28", "description": "[](<https://thehackernews.com/images/-3vEprTVA4BI/YULvTEzYNCI/AAAAAAAADz0/RpSk1fU9GbcY7e98Gg2r8aBRvy73Z52kACLcBGAsYHQ/s0/cyberattack.jpg>)\n\nMicrosoft on Wednesday disclosed details of a targeted phishing campaign that leveraged a now-patched zero-day flaw in its MSHTML platform using specially-crafted Office documents to deploy Cobalt Strike Beacon on compromised Windows systems.\n\n\"These attacks used the vulnerability, tracked as [CVE-2021-40444](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40444>), as part of an initial access campaign that distributed custom Cobalt Strike Beacon loaders,\" Microsoft Threat Intelligence Center [said](<https://www.microsoft.com/security/blog/2021/09/15/analyzing-attacks-that-exploit-the-mshtml-cve-2021-40444-vulnerability/>) in a technical write-up. \"These loaders communicated with an infrastructure that Microsoft associates with multiple cybercriminal campaigns, including human-operated ransomware.\"\n\nDetails about CVE-2021-40444 (CVSS score: 8.8) first [emerged](<https://thehackernews.com/2021/09/new-0-day-attack-targeting-windows.html>) on September 7 after researchers from EXPMON alerted the Windows maker about a \"highly sophisticated zero-day attack\" aimed at Microsoft Office users by taking advantage of a remote code execution vulnerability in MSHTML (aka Trident), a proprietary browser engine for the now-discontinued Internet Explorer and which is used in Office to render web content inside Word, Excel, and PowerPoint documents.\n\n\"The observed attack vector relies on a malicious ActiveX control that could be loaded by the browser rendering engine using a malicious Office document,\" the researchers noted. Microsoft has since [rolled out a fix](<https://thehackernews.com/2021/09/microsoft-releases-patch-for-actively.html>) for the vulnerability as part of its Patch Tuesday updates a week later on September 14.\n\nThe Redmond-based tech giant attributed the activities to related cybercriminal clusters it tracks as DEV-0413 and DEV-0365, the latter of which is the company's moniker for the emerging threat group associated with creating and managing the Cobalt Strike infrastructure used in the attacks. The earliest exploitation attempt by DEV-0413 dates back to August 18.\n\nThe exploit delivery mechanism originates from emails impersonating contracts and legal agreements hosted on file-sharing sites. Opening the malware-laced document leads to the download of a Cabinet archive file containing a DLL bearing an INF file extension that, when decompressed, leads to the execution of a function within that DLL. The DLL, in turn, retrieves remotely hosted shellcode \u2014 a custom Cobalt Strike Beacon loader \u2014 and loads it into the Microsoft address import tool.\n\nAdditionally, Microsoft said some of the infrastructures that was used by DEV-0413 to host the malicious artifacts were also involved in the delivery of BazaLoader and Trickbot payloads, a separate set of activities the company monitors under the codename DEV-0193 (and by Mandiant as UNC1878).\n\n\"At least one organization that was successfully compromised by DEV-0413 in their August campaign was previously compromised by a wave of similarly-themed malware that interacted with DEV-0365 infrastructure almost two months before the CVE-2021-40444 attack,\" the researchers said. \"It is currently not known whether the retargeting of this organization was intentional, but it reinforces the connection between DEV-0413 and DEV-0365 beyond sharing of infrastructure.\"\n\nIn an independent investigation, Microsoft's RiskIQ subsidiary attributed the attacks with high confidence to a ransomware syndicate known as Wizard Spider aka Ryuk, noting that the network infrastructure employed to provide command-and-control to the Cobalt Strike Beacon implants spanned more than 200 active servers.\n\n\"The association of a zero-day exploit with a ransomware group, however remote, is troubling,\" RiskIQ researchers [said](<https://www.riskiq.com/blog/external-threat-management/wizard-spider-windows-0day-exploit/>). It suggests either that turnkey tools like zero-day exploits have found their way into the already robust ransomware-as-a-service (RaaS) ecosystem or that the more operationally sophisticated groups engaged in traditional, government-backed espionage are using criminally controlled infrastructure to misdirect and impede attribution.\"\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {}, "published": "2021-09-16T07:19:00", "type": "thn", "title": "Windows MSHTML 0-Day Exploited to Deploy Cobalt Strike Beacon in Targeted Attacks", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-17T04:50:45", "id": "THN:59AE75C78D4644BFA6AD90225B3DE0C1", "href": "https://thehackernews.com/2021/09/windows-mshtml-0-day-exploited-to.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-15T06:35:33", "description": "[](<https://thehackernews.com/images/-n2LTDkSYrUk/YUF8P0ggXPI/AAAAAAAADzE/Jk_5Hbl3Sf4AUwjPizqDaRZLrxWgrDizgCLcBGAsYHQ/s0/windows-update-download.jpg>)\n\nA day after [Apple](<https://thehackernews.com/2021/09/apple-issues-urgent-updates-to-fix-new.html>) and [Google](<https://thehackernews.com/2021/09/update-google-chrome-to-patch-2-new.html>) rolled out urgent security updates, Microsoft has [pushed software fixes](<https://msrc.microsoft.com/update-guide/releaseNote/2021-Sep>) as part of its monthly Patch Tuesday release cycle to plug 66 security holes affecting Windows and other components such as Azure, Office, BitLocker, and Visual Studio, including an [actively exploited zero-day](<https://thehackernews.com/2021/09/new-0-day-attack-targeting-windows.html>) in its MSHTML Platform that came to light last week. \n\nOf the 66 flaws, three are rated Critical, 62 are rated Important, and one is rated Moderate in severity. This is aside from the [20 vulnerabilities](<https://docs.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security>) in the Chromium-based Microsoft Edge browser that the company addressed since the start of the month.\n\nThe most important of the updates concerns a patch for [CVE-2021-40444](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40444>) (CVSS score: 8.8), an actively exploited remote code execution vulnerability in MSHTML that leverages malware-laced Microsoft Office documents, with EXPMON researchers noting \"the exploit uses logical flaws so the exploitation is perfectly reliable.\"\n\nAlso addressed is a publicly disclosed, but not actively exploited, zero-day flaw in Windows DNS. Designated as [CVE-2021-36968](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36968>), the elevation of privilege vulnerability is rated 7.8 in severity.\n\nOther flaws of note resolved by Microsoft involve a number of remote code execution bugs in Open Management Infrastructure ([CVE-2021-38647](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-38647>)), Windows WLAN AutoConfig Service ([CVE-2021-36965](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36965>)), Office ([CVE-2021-38659](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-38659>)), Visual Studio ([CVE-2021-36952](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36952>)), and Word ([CVE-2021-38656](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-38656>)) as well as a memory corruption flaw in Windows Scripting Engine ([CVE-2021-26435](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26435>))\n\nWhat's more, the Windows maker has rectified three privilege escalation flaws newly uncovered in its Print Spooler service ([CVE-2021-38667](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-38667>), [CVE-2021-38671](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-38671>), and [CVE-2021-40447](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40447>)), while [CVE-2021-36975](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36975>) and [CVE-2021-38639](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-38639>) (CVSS scores: 7.8), both of which relate to an elevation of privilege vulnerabilities in Win32k, are listed as 'exploitation more likely,' making it imperative that users move quickly to apply the security updates.\n\n### Software Patches From Other Vendors\n\nBesides Microsoft, patches have also been released by a number of other vendors to address several vulnerabilities, including -\n\n * [Adobe](<https://helpx.adobe.com/security.html/security/security-bulletin.ug.html>)\n * [Android](<https://source.android.com/security/bulletin/2021-09-01>)\n * [Apple](<https://thehackernews.com/2021/09/apple-issues-urgent-updates-to-fix-new.html>)\n * [Cisco](<https://tools.cisco.com/security/center/publicationListing.x>)\n * [Citrix](<https://support.citrix.com/search/#/All%20Products?ct=Software%20Updates,Security%20Bulletins&searchText=&sortBy=Modified%20date&pageIndex=1>)\n * Linux distributions [Oracle Linux](<https://linux.oracle.com/ords/f?p=105:21>), [Red Hat](<https://access.redhat.com/security/security-updates/#/security-advisories?q=&p=2&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory&documentKind=Errata>), and [SUSE](<https://lists.suse.com/pipermail/sle-security-updates/2021-September/thread.html>)\n * [SAP](<https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405>)\n * [Schneider Electric](<https://www.se.com/ww/en/work/support/cybersecurity/overview.jsp>), and\n * [Siemens](<https://new.siemens.com/global/en/products/services/cert.html#SecurityPublications>)\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {}, "published": "2021-09-15T05:00:00", "type": "thn", "title": "Microsoft Releases Patch for Actively Exploited Windows Zero-Day Vulnerability", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-26435", "CVE-2021-36952", "CVE-2021-36965", "CVE-2021-36968", "CVE-2021-36975", "CVE-2021-38639", "CVE-2021-38647", "CVE-2021-38656", "CVE-2021-38659", "CVE-2021-38667", "CVE-2021-38671", "CVE-2021-40444", "CVE-2021-40447"], "modified": "2021-09-15T05:00:22", "id": "THN:67ECC712AB360F5A56F2434CDBF6B51F", "href": "https://thehackernews.com/2021/09/microsoft-releases-patch-for-actively.html", "cvss": {"score": 0.0, "vector": "NONE"}}], "kaspersky": [{"lastseen": "2021-09-15T10:53:27", "description": "### *Detect date*:\n09/07/2021\n\n### *Severity*:\nHigh\n\n### *Description*:\nA remote code execution vulnerability was found in Microsoft Windows. Malicious users can exploit this vulnerability to execute arbitrary code.\n\n### *Affected products*:\nWindows Server 2012 R2 (Server Core installation) \nWindows 10 Version 21H1 for x64-based Systems \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows 10 Version 1909 for 32-bit Systems \nWindows Server 2022 \nWindows Server 2022 (Server Core installation) \nWindows 7 for 32-bit Systems Service Pack 1 \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows Server, version 2004 (Server Core installation) \nWindows Server 2016 (Server Core installation) \nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows 10 Version 1809 for ARM64-based Systems \nWindows 10 Version 20H2 for ARM64-based Systems \nWindows 10 Version 1809 for x64-based Systems \nWindows 10 Version 2004 for ARM64-based Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows Server 2016 \nWindows 10 Version 2004 for x64-based Systems \nWindows 10 Version 1909 for x64-based Systems \nWindows Server 2012 (Server Core installation) \nWindows 10 Version 2004 for 32-bit Systems \nWindows 10 Version 1607 for 32-bit Systems \nWindows 10 Version 1909 for ARM64-based Systems \nWindows 8.1 for x64-based systems \nWindows RT 8.1 \nWindows 10 for x64-based Systems \nWindows Server 2012 R2 \nWindows Server 2012 \nWindows 10 Version 1809 for 32-bit Systems \nWindows 10 Version 21H1 for 32-bit Systems \nWindows Server 2019 \nWindows 10 Version 1607 for x64-based Systems \nWindows 8.1 for 32-bit systems \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows Server 2019 (Server Core installation) \nWindows 10 Version 20H2 for x64-based Systems \nWindows 7 for x64-based Systems Service Pack 1 \nWindows Server 2008 for x64-based Systems Service Pack 2 \nWindows 10 Version 21H1 for ARM64-based Systems \nWindows Server, version 20H2 (Server Core Installation) \nWindows 10 for 32-bit Systems \nWindows 10 Version 20H2 for 32-bit Systems\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2021-40444](<https://nvd.nist.gov/vuln/detail/CVE-2021-40444>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows](<https://threats.kaspersky.com/en/product/Microsoft-Windows/>)\n\n### *CVE-IDS*:\n[CVE-2021-40444](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40444>)0.0Unknown", "cvss3": {}, "published": "2021-09-07T00:00:00", "type": "kaspersky", "title": "KLA12277 RCE vulnerability in Microsoft Windows", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-14T00:00:00", "id": "KLA12277", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12277/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-15T10:53:26", "description": "### *Detect date*:\n09/07/2021\n\n### *Severity*:\nHigh\n\n### *Description*:\nA remote code execution vulnerability was found in Microsoft Producy (Extended Security Update). Malicious users can exploit this vulnerability to execute arbitrary code.\n\n### *Affected products*:\nWindows Server 2012 R2 (Server Core installation) \nWindows 10 Version 21H1 for x64-based Systems \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows 10 Version 1909 for 32-bit Systems \nWindows Server 2022 \nWindows Server 2022 (Server Core installation) \nWindows 7 for 32-bit Systems Service Pack 1 \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows Server, version 2004 (Server Core installation) \nWindows Server 2016 (Server Core installation) \nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows 10 Version 1809 for ARM64-based Systems \nWindows 10 Version 20H2 for ARM64-based Systems \nWindows 10 Version 1809 for x64-based Systems \nWindows 10 Version 2004 for ARM64-based Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows Server 2016 \nWindows 10 Version 2004 for x64-based Systems \nWindows 10 Version 1909 for x64-based Systems \nWindows Server 2012 (Server Core installation) \nWindows 10 Version 2004 for 32-bit Systems \nWindows 10 Version 1607 for 32-bit Systems \nWindows 10 Version 1909 for ARM64-based Systems \nWindows 8.1 for x64-based systems \nWindows RT 8.1 \nWindows 10 for x64-based Systems \nWindows Server 2012 R2 \nWindows Server 2012 \nWindows 10 Version 1809 for 32-bit Systems \nWindows 10 Version 21H1 for 32-bit Systems \nWindows Server 2019 \nWindows 10 Version 1607 for x64-based Systems \nWindows 8.1 for 32-bit systems \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows Server 2019 (Server Core installation) \nWindows 10 Version 20H2 for x64-based Systems \nWindows 7 for x64-based Systems Service Pack 1 \nWindows Server 2008 for x64-based Systems Service Pack 2 \nWindows 10 Version 21H1 for ARM64-based Systems \nWindows Server, version 20H2 (Server Core Installation) \nWindows 10 for 32-bit Systems \nWindows 10 Version 20H2 for 32-bit Systems\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2021-40444](<https://nvd.nist.gov/vuln/detail/CVE-2021-40444>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows](<https://threats.kaspersky.com/en/product/Microsoft-Windows/>)\n\n### *CVE-IDS*:\n[CVE-2021-40444](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40444>)0.0Unknown", "cvss3": {}, "published": "2021-09-07T00:00:00", "type": "kaspersky", "title": "KLA12278 RCE vulnerability in Microsoft Products (ESU)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-14T00:00:00", "id": "KLA12278", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12278/", "cvss": {"score": 0.0, "vector": "NONE"}}], "mskb": [{"lastseen": "2021-09-15T20:14:00", "description": "None\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses an issue that causes Windows to generate many AppLocker or SmartLocker success events in the AppLocker EXE and DLL event channel.\n * Addresses an issue that prevents the ShellHWDetection service from starting on a Privileged Access Workstation (PAW) device and prevents you from managing BitLocker drive encryption.\n * Addresses an issue that causes PowerShell to create an infinite number of child directories. This issue occurs when you use the PowerShell **Move-Item** command to move a directory to one of its children. As a result, the volume fills up and the system stops responding. \n\nIf you installed earlier updates, only the new fixes contained in this package\nwill be downloaded and installed on your device.For more information about the\nresolved security vulnerabilities, please refer to the [Security Update\nGuide](https://portal.msrc.microsoft.com/security-guidance).\n\n### Windows 10 servicing stack update - 20348.220\n\nThis update makes quality improvements to the servicing stack, which is the\ncomponent that installs Windows updates. Servicing stack updates (SSU) ensure\nthat you have a robust and reliable servicing stack so that your devices can\nreceive and install Microsoft updates.\n\n## Known issues in this update\n\nMicrosoft is not currently aware of any issues with this update.\n\n## How to get this update\n\n **Before installing this update** Microsoft now combines the latest servicing\nstack update (SSU) for your operating system with the latest cumulative update\n(LCU). For general information about SSUs, see [Servicing stack\nupdates](https://docs.microsoft.com/en-us/windows/deployment/update/servicing-\nstack-updates) and [Servicing Stack Updates (SSU): Frequently Asked\nQuestions](/en-us/topic/servicing-stack-updates-ssu-frequently-asked-\nquestions-06b62771-1cb0-368c-09cf-87c4efc4f2fe).Prerequisite:You **must**\ninstall [KB5005039](/en-us/topic/august-10-2021-public-preview-security-\nupdate-kb5005039-b6268692-49ff-459a-ac8a-04788091fe0b), dated August 10, 2021,\nbefore installing the LCU. **Install this update** **Release Channel**|\n**Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded\nand installed automatically from Windows Update. \nWindows Update for Business| Yes| None. This update will be downloaded and\ninstalled automatically from Windows Update in accordance with configured\npolicies. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update,\ngo to the [Microsoft Update\nCatalog](https://www.catalog.update.microsoft.com/Search.aspx?q=KB5005575)\nwebsite. \nWindows Server Update Services (WSUS)| Yes| This update will automatically\nsync with WSUS if you configure **Products and Classifications** as follows:\n**Product** : Microsoft Server operating system-21H2 **Classification** :\nSecurity Updates \n \n **If you want to remove the LCU** To remove the LCU after installing the\ncombined SSU and LCU package, use the [DISM/Remove-\nPackage](https://docs.microsoft.com/en-us/windows-\nhardware/manufacture/desktop/dism-operating-system-package-servicing-command-\nline-options) command line option with the LCU package name as the argument.\nYou can find the package name by using this command: **DISM /online /get-\npackages**.Running [Windows Update Standalone\nInstaller](https://support.microsoft.com/en-us/topic/description-of-the-\nwindows-update-standalone-installer-in-windows-799ba3df-\nec7e-b05e-ee13-1cdae8f23b19) ( **wusa.exe** ) with the **/uninstall** switch\non the combined package will not work because the combined package contains\nthe SSU. You cannot remove the SSU from the system after installation.\n\n **File Information** For a list of the files that are provided in this\nupdate, download the [file information for cumulative update\n5005575](https://download.microsoft.com/download/4/d/c/4dc44ff9-41a1-4312-a033-b55efa9879ab/5005575.csv).For\na list of the files that are provided in the servicing stack update, download\nthe [file information for the SSU - version\n20348.220](https://download.microsoft.com/download/2/3/2/2326ef05-5b2e-4027-89cc-c33f991578bb/SSU_version_20348_220.csv).\n\n", "cvss3": {}, "published": "2021-09-07T07:00:00", "type": "mskb", "title": "September 14, 2021\u2014KB5005575 (OS Build 20348.230)", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-07T07:00:00", "id": "KB5005575", "href": "https://support.microsoft.com/en-us/help/5005575", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-15T20:13:52", "description": "None\n\n## **Summary**\n\nThis security update resolves vulnerabilities in Internet Explorer. To learn\nmore about these vulnerabilities, see [Microsoft Common Vulnerabilities and\nExposures](https://portal.msrc.microsoft.com/en-us/security-\nguidance).Additionally, see the following articles for more information about\ncumulative updates:\n\n * [Windows Server 2008 SP2 update history](https://support.microsoft.com/help/4343218)\n * [Windows 7 SP1 and Windows Server 2008 R2 SP1 update history](https://support.microsoft.com/help/4009469)\n * [Windows Server 2012 update history](https://support.microsoft.com/help/4009471)\n * [Windows 8.1 and Windows Server 2012 R2 update history](https://support.microsoft.com/help/4009470)\n\n **Important:**\n\n * As of February 11, 2020, Internet Explorer 10 is no longer in support. To get Internet Explorer 11 for Windows Server 2012 or Windows 8 Embedded Standard, see [KB4492872](https://support.microsoft.com/help/4492872). Install one of the following applicable updates to stay updated with the latest security fixes:\n * Cumulative Update for Internet Explorer 11 for Windows Server 2012.\n * Cumulative Update for Internet Explorer 11 for Windows 8 Embedded Standard.\n * The September 2021 Monthly Rollup.\n * Some customers using Windows Server 2008 R2 SP1 who activated their ESU multiple activation key (MAK) add-on before installing the January 14, 2020 updates might need to re-activate their key. Re-activation on affected devices should only be required once. For information on activation, see this [blog](https://aka.ms/Windows7ESU) post.\n * WSUS scan cab files will continue to be available for Windows 7 SP1 and Windows Server 2008 R2 SP1. If you have a subset of devices running these operating systems without ESU, they might show as non-compliant in your update management and compliance toolsets.\n\nThis article applies to the following:\n\n * Internet Explorer 11 on Windows Server 2012 R2\n * Internet Explorer 11 on Windows 8.1\n * Internet Explorer 11 on Windows Server 2012\n * Internet Explorer 11 on Windows Server 2008 R2 SP1\n * Internet Explorer 11 on Windows 7 SP1\n * Internet Explorer 9 on Windows Server 2008 SP2\n\n **Important:**\n\n * The fixes that are included in this update are also included in the September 2021 Security Monthly Quality Rollup. Installing either this update or the Security Monthly Quality Rollup installs the same fixes.\n * This update is not applicable for installation on a device on which the Security Monthly Quality Rollup from September 2021 (or a later month) is already installed. This is because that update contains all the same fixes that are included in this update.\n * If you use update management processes other than Windows Update and you automatically approve all security update classifications for deployment, this update, the September 2021 Security Only Quality Update, and the September 2021 Security Monthly Quality Rollup are deployed. We recommend that you review your update deployment rules to make sure that the desired updates are deployed.\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](https://technet.microsoft.com/library/hh825699).\n\n## **Known issues in this security update**\n\nWe are currently not aware of any issues in this update.\n\n## **How to get and install this update**\n\n **Before installing this update** To install Windows 7 SP1, Windows Server\n2008 R2 SP1, or Windows Server 2008 SP2 updates released on or after July\n2019, you must have the following required updates installed. If you use\nWindows Update, these required updates will be offered automatically as\nneeded.\n\n * Install the SHA-2 code signing support updates: \n \nFor Windows 7 SP1, Windows Server 2008 R2, and Windows Server 2008 SP2, you\nmust have the SHA-2 update\n([KB4474419](https://support.microsoft.com/help/4474419)) that is dated\nSeptember 23, 2019 or a later SHA-2 update installed and then restart your\ndevice before you apply this update. For more information about SHA-2 updates,\nsee [2019 SHA-2 Code Signing Support requirement for Windows and\nWSUS](https://support.microsoft.com/help/4472027). \n \nFor Windows 7 SP1 and Windows Server 2008 R2 SP1, you must have installed the\nservicing stack update (SSU)\n([KB4490628](https://support.microsoft.com/help/4490628)) that is dated March\n12, 2019. After update [KB4490628](https://support.microsoft.com/help/4490628)\nis installed, we recommend that you install the July 13, 2021 SSU\n([KB5004378](https://support.microsoft.com/help/5004378)) or a later SSU\nupdate. For more information about the latest SSU updates, see [ADV990001 |\nLatest Servicing Stack Updates](https://portal.msrc.microsoft.com/en-\nus/security-guidance/advisory/ADV990001). \n \nFor Windows Server 2008 SP2, you must have installed the servicing stack\nupdate (SSU) ([KB4493730](https://support.microsoft.com/help/4493730)) that is\ndated April 9, 2019. After update\n[KB4493730](https://support.microsoft.com/help/4493730) is installed, we\nrecommend that you install the October 13, 2020 SSU\n([KB4580971](https://support.microsoft.com/help/4580971)) or a later SSU\nupdate. For more information about the latest SSU updates, see [ADV990001 |\nLatest Servicing Stack Updates](https://portal.msrc.microsoft.com/en-\nus/security-guidance/advisory/ADV990001).\n\n * Install the Extended Security Update (ESU): \n \nFor Windows 7 SP1 and Windows Server 2008 R2 SP1, you must have installed the\n\"Extended Security Updates (ESU) Licensing Preparation Package\"\n([KB4538483](https://support.microsoft.com/en/help/4538483)) or the \"Update\nfor the Extended Security Updates (ESU) Licensing Preparation Package\"\n([KB4575903](https://support.microsoft.com/help/4575903)). The ESU licensing\npreparation package will be offered to you from WSUS. To get the standalone\npackage for ESU licensing preparation package, search for it in the [Microsoft\nUpdate Catalog](http://www.catalog.update.microsoft.com/home.aspx). \n \nFor Windows 7 SP1, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2,\nyou must have purchased the Extended Security Update (ESU) for on-premises\nversions of these operating systems and follow the procedures in\n[KB4522133](https://support.microsoft.com/help/4522133) to continue receiving\nsecurity updates after extended support ends. Extended support ends as\nfollows:\n\n * For Windows 7 SP1, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2, extended support ends on January 14, 2020.\n * For Windows Embedded Standard 7, extended support ends on October 13, 2020.\n\nFor more information about ESU and which editions are supported, see\n[KB4497181](https://support.microsoft.com/help/4497181). \n \nFor Windows Embedded Standard 7, Windows Management Instrumentation (WMI) must\nbe enabled to get updates from Windows Update or Windows Server Update\nServices. \n \nFor Windows Thin PC, you must have the August 11, 2020 SSU\n([KB4570673](https://support.microsoft.com/help/4570673)) or a later SSU\ninstalled to make sure you continue to get the extended security updates\nstarting with the October 13, 2020 updates. **Important** You must restart\nyour device after you install these required updates. **Install this update**\nTo install this update, use one of the following release channels. **Release\nChannel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other following options. \nWindows Update for Business| Yes| None. This update will be downloaded and\ninstalled automatically from Windows Update in accordance with configured\npolicies. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update,\ngo to the [Microsoft Update\nCatalog](https://www.catalog.update.microsoft.com/Search.aspx?q=KB5005563)\nwebsite. \nWindows Server Update Services (WSUS)| Yes| This update will automatically\nsynchronize with WSUS if you configure **Products and Classifications** as\nfollows: **Product** : Windows Server 2008 Service Pack 2, Windows 7 Service\nPack 1, Windows Server 2008 R2 Service Pack 1, Windows Server 2012, Windows\nEmbedded 8 Standard, Windows 8.1, Windows Server 2012 R2 **Classification** :\nSecurity Updates \n \n## **File information**\n\nThe English (United States) version of this software update installs files\nthat have the attributes that are listed in the following tables. **Note** The\nMANIFEST files (.manifest) and MUM files (.mum) that are installed are not\nlisted.\n\n### **Windows 8.1, Windows RT 8.1 and Windows Server 2012 R2**\n\n##\n\n __\n\nInternet Explorer 11 on all supported x86-based versions\n\n **File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nactxprxy.dll| 6.3.9600.20045| 4-Jun-2021| 21:32| 1,049,600 \nhlink.dll| 6.3.9600.19101| 18-Jul-2018| 20:55| 99,328 \npngfilt.dll| 11.0.9600.19963| 12-Feb-2021| 18:49| 58,368 \nurlmon.dll| 11.0.9600.20112| 13-Aug-2021| 19:19| 1,342,976 \niexplore.exe| 11.0.9600.19036| 24-May-2018| 22:24| 817,296 \nWininetPlugin.dll| 6.3.9600.17416| 30-Oct-2014| 20:12| 35,328 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 46,592 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 56,320 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 57,856 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 11:17| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 47,616 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 49,152 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 55,296 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 45,056 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 39,424 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 35,840 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 53,760 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:29| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:29| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 52,736 \nwininet.dll.mui| 11.0.9600.20112| 13-Aug-2021| 21:44| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:27| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:28| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:28| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:28| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 31,232 \nhtml.iec| 2019.0.0.18895| 1-Jan-2018| 20:51| 341,504 \ninetcpl.cpl| 11.0.9600.20045| 4-Jun-2021| 21:30| 2,058,752 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 307,200 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 293,888 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:52| 290,304 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 289,280 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 299,008 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 303,104 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:49| 282,112 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 20:58| 282,112 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 296,960 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 283,648 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 291,840 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 299,520 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 275,968 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:49| 290,816 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:49| 293,376 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 296,960 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 258,048 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:52| 256,512 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 289,280 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 288,256 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 285,184 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 295,424 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:52| 297,472 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 292,864 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 295,424 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 294,400 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 294,400 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 292,864 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 290,816 \nmshtml.dll.mui| 11.0.9600.20112| 13-Aug-2021| 21:45| 290,816 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 286,208 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:43| 281,600 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:43| 286,720 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:42| 292,352 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:43| 242,176 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 243,200 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 243,200 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:34| 73,728 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:33| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:34| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:35| 74,240 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:33| 78,848 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:34| 61,440 \nF12Resources.dll.mui| 11.0.9600.17278| 15-Aug-2014| 19:47| 61,440 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:33| 74,752 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:32| 62,464 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:27| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:27| 75,264 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:27| 68,608 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:29| 71,680 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:27| 73,216 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 41,472 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 37,888 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 68,608 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 74,240 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 70,656 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 71,168 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 71,680 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 71,168 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 69,632 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:39| 68,608 \nF12Resources.dll.mui| 11.0.9600.20112| 13-Aug-2021| 21:44| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 59,904 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 69,120 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:39| 29,696 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:34| 30,720 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:33| 30,720 \nJavaScriptCollectionAgent.dll| 11.0.9600.19963| 12-Feb-2021| 18:25| 60,416 \nDiagnosticsHub.ScriptedSandboxPlugin.dll| 11.0.9600.19963| 12-Feb-2021| 18:26|\n230,912 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:26| 46,080 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:24| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:24| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 51,712 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 54,272 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 11:10| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:24| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 45,056 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:13| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 39,936 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 39,424 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 51,200 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:02| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 48,640 \nurlmon.dll.mui| 11.0.9600.20112| 13-Aug-2021| 21:46| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:05| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 35,328 \nwininet.dll| 11.0.9600.20112| 13-Aug-2021| 19:27| 4,387,840 \njsproxy.dll| 11.0.9600.17416| 30-Oct-2014| 20:16| 47,104 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 114,176 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:09| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 124,928 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 122,880 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 130,048 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 138,240 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18666| 16-Apr-2017| 1:51| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 131,584 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 117,760 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 122,368 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 134,144 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:13| 107,008 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 1:46| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:11| 127,488 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:11| 128,512 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 88,064 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 1:47| 82,944 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 120,320 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 125,952 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:25| 128,000 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:25| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20112| 13-Aug-2021| 21:45| 124,416 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 13:56| 121,856 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:03| 115,712 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:04| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:04| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:04| 74,752 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:09| 75,776 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 75,776 \nieui.dll| 11.0.9600.18895| 1-Jan-2018| 20:44| 476,160 \niedkcs32.dll| 18.0.9600.20045| 4-Jun-2021| 21:34| 333,312 \ninstall.ins| Not versioned| 13-Aug-2021| 17:57| 464 \nieapfltr.dat| 10.0.9301.0| 23-Sep-2013| 19:20| 616,104 \nieapfltr.dll| 11.0.9600.20112| 13-Aug-2021| 19:16| 710,656 \niepeers.dll| 11.0.9600.19963| 12-Feb-2021| 18:20| 128,512 \nlicmgr10.dll| 11.0.9600.17416| 30-Oct-2014| 20:03| 27,136 \ntdc.ocx| 11.0.9600.19963| 12-Feb-2021| 18:24| 73,728 \nDiagnosticsHub.DataWarehouse.dll| 11.0.9600.18895| 1-Jan-2018| 20:55| 489,472 \niedvtool.dll| 11.0.9600.20045| 4-Jun-2021| 22:45| 772,608 \nDiagnosticsHub_is.dll| 11.0.9600.19963| 12-Feb-2021| 18:52| 38,912 \ndxtmsft.dll| 11.0.9600.19963| 12-Feb-2021| 18:29| 415,744 \ndxtrans.dll| 11.0.9600.19963| 12-Feb-2021| 18:20| 280,064 \nMicrosoft-Windows-IE-F12-Provider.ptxml| Not versioned| 15-Aug-2014| 15:51|\n11,892 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:34| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:35| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:36| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:33| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:34| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:33| 4,096 \nF12.dll.mui| 11.0.9600.17278| 15-Aug-2014| 19:47| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:32| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:32| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:26| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:26| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:29| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:29| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:31| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:37| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:37| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 4,096 \nF12.dll.mui| 11.0.9600.20112| 13-Aug-2021| 21:44| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:39| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:37| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:37| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:32| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:34| 3,584 \nDiagnosticsTap.dll| 11.0.9600.19963| 12-Feb-2021| 18:28| 175,104 \nF12Resources.dll| 11.0.9600.18939| 10-Feb-2018| 9:17| 10,948,096 \nF12Tools.dll| 11.0.9600.19963| 12-Feb-2021| 18:27| 256,000 \nF12.dll| 11.0.9600.19963| 12-Feb-2021| 18:17| 1,207,808 \nmsfeeds.dll| 11.0.9600.20112| 13-Aug-2021| 19:35| 696,320 \nmsfeeds.mof| Not versioned| 5-Feb-2014| 21:53| 1,518 \nmsfeedsbs.mof| Not versioned| 21-Aug-2013| 16:49| 1,574 \nmsfeedsbs.dll| 11.0.9600.19650| 11-Feb-2020| 4:57| 52,736 \nmsfeedssync.exe| 11.0.9600.17416| 30-Oct-2014| 20:25| 11,264 \nmshta.exe| 11.0.9600.17416| 30-Oct-2014| 20:28| 12,800 \nmshtmled.dll| 11.0.9600.19963| 12-Feb-2021| 18:21| 76,800 \nmshtml.dll| 11.0.9600.20112| 13-Aug-2021| 20:33| 20,294,144 \nmshtml.tlb| 11.0.9600.16518| 6-Feb-2014| 2:20| 2,724,864 \nMicrosoft-Windows-IE-HTMLRendering.ptxml| Not versioned| 5-Feb-2014| 21:40|\n3,228 \nIEAdvpack.dll| 11.0.9600.17416| 30-Oct-2014| 20:14| 112,128 \nieetwcollector.exe| 11.0.9600.18666| 16-Apr-2017| 0:47| 104,960 \nieetwproxystub.dll| 11.0.9600.17416| 30-Oct-2014| 20:23| 47,616 \nieetwcollectorres.dll| 11.0.9600.16518| 6-Feb-2014| 2:19| 4,096 \nielowutil.exe| 11.0.9600.19404| 9-Jul-2019| 20:06| 221,184 \nieproxy.dll| 11.0.9600.19963| 12-Feb-2021| 17:45| 310,784 \nIEShims.dll| 11.0.9600.20045| 4-Jun-2021| 21:12| 290,304 \niexpress.exe| 11.0.9600.17416| 30-Oct-2014| 20:27| 152,064 \nwextract.exe| 11.0.9600.17416| 30-Oct-2014| 20:28| 137,728 \nimgutil.dll| 11.0.9600.19963| 12-Feb-2021| 17:59| 40,448 \nExtExport.exe| 11.0.9600.17416| 30-Oct-2014| 20:20| 25,600 \nWindows Pop-up Blocked.wav| Not versioned| 23-Sep-2013| 19:58| 85,548 \nWindows Information Bar.wav| Not versioned| 23-Sep-2013| 19:58| 23,308 \nWindows Feed Discovered.wav| Not versioned| 23-Sep-2013| 19:58| 19,884 \nWindows Navigation Start.wav| Not versioned| 23-Sep-2013| 19:58| 11,340 \nbing.ico| Not versioned| 23-Sep-2013| 19:36| 5,430 \nieUnatt.exe| 11.0.9600.17416| 30-Oct-2014| 20:12| 115,712 \nMicrosoft-Windows-IE-InternetExplorer-ppdlic.xrm-ms| Not versioned|\n13-Aug-2021| 21:05| 2,956 \njsdbgui.dll| 11.0.9600.19963| 12-Feb-2021| 18:22| 459,776 \njsprofilerui.dll| 11.0.9600.19963| 12-Feb-2021| 18:22| 579,584 \nMemoryAnalyzer.dll| 11.0.9600.20045| 4-Jun-2021| 21:48| 1,399,296 \nMshtmlDac.dll| 11.0.9600.19867| 12-Oct-2020| 21:43| 64,000 \nnetworkinspection.dll| 11.0.9600.19846| 23-Sep-2020| 20:28| 1,075,200 \noccache.dll| 11.0.9600.17416| 30-Oct-2014| 19:48| 130,048 \ndesktop.ini| Not versioned| 18-Jun-2013| 5:18| 65 \nwebcheck.dll| 11.0.9600.19963| 12-Feb-2021| 18:13| 230,400 \ndesktop.ini| Not versioned| 18-Jun-2013| 5:19| 65 \npdm.dll| 12.0.41202.0| 30-Sep-2014| 16:00| 442,992 \nmsdbg2.dll| 12.0.41202.0| 30-Sep-2014| 16:00| 315,008 \npdmproxy100.dll| 12.0.41202.0| 30-Sep-2014| 16:00| 99,984 \nmsrating.dll| 11.0.9600.19507| 5-Oct-2019| 19:57| 168,960 \nicrav03.rat| Not versioned| 23-Sep-2013| 19:25| 8,798 \nticrf.rat| Not versioned| 23-Sep-2013| 19:26| 1,988 \niertutil.dll| 11.0.9600.20064| 14-Jun-2021| 21:16| 2,308,608 \nie4uinit.exe| 11.0.9600.19963| 12-Feb-2021| 18:11| 692,224 \niernonce.dll| 11.0.9600.17416| 30-Oct-2014| 20:15| 30,720 \niesetup.dll| 11.0.9600.17416| 30-Oct-2014| 20:24| 62,464 \nieuinit.inf| Not versioned| 12-Mar-2015| 18:55| 16,303 \ninseng.dll| 11.0.9600.17416| 30-Oct-2014| 19:56| 91,136 \niesysprep.dll| 11.0.9600.17416| 30-Oct-2014| 19:56| 90,624 \nTimeline.dll| 11.0.9600.19963| 12-Feb-2021| 18:23| 154,112 \nTimeline_is.dll| 11.0.9600.19963| 12-Feb-2021| 18:40| 124,928 \nTimeline.cpu.xml| Not versioned| 24-Jul-2014| 12:11| 3,197 \nVGX.dll| 11.0.9600.19963| 12-Feb-2021| 18:21| 818,176 \nurl.dll| 11.0.9600.17416| 30-Oct-2014| 20:24| 235,520 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,066,432 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,121,216 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,075,136 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,063,872 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,314,240 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,390,528 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,034,176 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:39| 2,033,152 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,255,872 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,061,312 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,326,016 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,019,840 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,071,040 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,082,816 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,170,368 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,153,984 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,291,712 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,283,520 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,052,096 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,301,952 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,093,056 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,075,648 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,299,392 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,094,592 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,316,800 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,305,536 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,278,912 \nieframe.dll.mui| 11.0.9600.20112| 13-Aug-2021| 21:48| 2,286,080 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,060,288 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,315,776 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,278,912 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,324,992 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,098,176 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 1,890,304 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 1,890,304 \nieframe.dll| 11.0.9600.20112| 13-Aug-2021| 19:47| 13,881,856 \nieframe.ptxml| Not versioned| 5-Feb-2014| 21:40| 24,486 \nieinstal.exe| 11.0.9600.18921| 9-Feb-2018| 21:35| 475,648 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:30| 526,294 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 499,654 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 552,337 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 944,559 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:38| 457,561 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 543,946 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 526,557 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 575,838 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:30| 570,737 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 548,119 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 639,271 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 525,504 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 488,488 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 548,494 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 559,343 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 535,067 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 541,455 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 804,470 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 503,909 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 521,583 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 420,082 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:28| 436,651 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:28| 436,651 \ninetres.admx| Not versioned| 11-Jan-2021| 19:25| 1,678,023 \ninetcomm.dll| 6.3.9600.20112| 13-Aug-2021| 19:39| 880,640 \nINETRES.dll| 6.3.9600.16384| 21-Aug-2013| 21:14| 84,480 \njscript9.dll| 11.0.9600.20112| 13-Aug-2021| 19:52| 4,119,040 \njscript9diag.dll| 11.0.9600.19963| 12-Feb-2021| 18:37| 620,032 \njscript.dll| 5.8.9600.20112| 13-Aug-2021| 19:56| 653,824 \nvbscript.dll| 5.8.9600.20112| 13-Aug-2021| 20:04| 498,176 \n \n##\n\n __\n\nInternet Explorer 11 on all supported x64-based versions\n\n **File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nactxprxy.dll| 6.3.9600.20045| 4-Jun-2021| 21:30| 2,882,048 \nhlink.dll| 6.3.9600.19101| 18-Jul-2018| 21:22| 108,544 \npngfilt.dll| 11.0.9600.19963| 12-Feb-2021| 19:18| 65,024 \nurlmon.dll| 11.0.9600.20112| 13-Aug-2021| 19:28| 1,562,624 \niexplore.exe| 11.0.9600.19036| 24-May-2018| 23:30| 817,296 \nWininetPlugin.dll| 6.3.9600.17416| 30-Oct-2014| 21:51| 43,008 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:35| 46,592 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:34| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:34| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:34| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:34| 56,320 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 16:01| 57,856 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 15:59| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:20| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 16:00| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 15:59| 47,616 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 15:58| 49,152 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:34| 55,296 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 16:02| 45,056 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 15:57| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 15:57| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:39| 39,424 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 35,840 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:39| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:39| 53,760 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:39| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:37| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:37| 52,736 \nwininet.dll.mui| 11.0.9600.20112| 13-Aug-2021| 23:22| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:37| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:27| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:27| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:27| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:27| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:34| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:34| 31,232 \nhtml.iec| 2019.0.0.20045| 4-Jun-2021| 22:23| 417,280 \ninetcpl.cpl| 11.0.9600.20045| 4-Jun-2021| 21:42| 2,132,992 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:16| 307,200 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:16| 293,888 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:16| 290,304 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:17| 289,280 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:18| 299,008 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:15| 303,104 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:15| 282,112 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:33| 282,112 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:15| 296,960 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:15| 283,648 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:16| 291,840 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:18| 299,520 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:15| 275,968 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:12| 290,816 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:12| 293,376 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:26| 296,960 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:26| 258,048 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:25| 256,512 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:25| 289,280 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:25| 288,256 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:25| 285,184 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:26| 295,424 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:25| 297,472 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:12| 292,864 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:13| 295,424 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:12| 294,400 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:12| 294,400 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:12| 290,816 \nmshtml.dll.mui| 11.0.9600.20112| 13-Aug-2021| 23:23| 290,816 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:13| 286,208 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:06| 281,600 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:04| 286,720 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:04| 292,352 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:04| 242,176 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:16| 243,200 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:17| 243,200 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 73,728 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:00| 74,240 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 78,848 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 61,440 \nF12Resources.dll.mui| 11.0.9600.17278| 15-Aug-2014| 20:19| 61,440 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:00| 74,752 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 62,464 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:04| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 75,264 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:01| 68,608 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 71,680 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 73,216 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 41,472 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 37,888 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 68,608 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:01| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 74,240 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 70,656 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 71,168 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 71,680 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 71,168 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 69,632 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 68,608 \nF12Resources.dll.mui| 11.0.9600.20112| 13-Aug-2021| 23:22| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 59,904 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:04| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 69,120 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 29,696 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 30,720 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 30,720 \nJavaScriptCollectionAgent.dll| 11.0.9600.19963| 12-Feb-2021| 18:47| 77,824 \nDiagnosticsHub.ScriptedSandboxPlugin.dll| 11.0.9600.19963| 12-Feb-2021| 18:49|\n276,480 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 46,080 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 51,712 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 54,272 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:08| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 45,056 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:19| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:19| 39,936 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:19| 39,424 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:19| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:19| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:19| 51,200 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:19| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 48,640 \nurlmon.dll.mui| 11.0.9600.20112| 13-Aug-2021| 23:23| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:14| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:15| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:15| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:15| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 35,328 \nwininet.dll| 11.0.9600.20112| 13-Aug-2021| 19:48| 4,858,880 \njsproxy.dll| 11.0.9600.17416| 30-Oct-2014| 21:57| 54,784 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:18| 114,176 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:16| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:17| 124,928 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:17| 122,880 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:17| 130,048 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:39| 138,240 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:38| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18666| 16-Apr-2017| 2:49| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:38| 131,584 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:39| 117,760 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:40| 122,368 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:17| 134,144 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:40| 107,008 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 2:53| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:36| 127,488 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:21| 128,512 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:19| 88,064 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 2:53| 82,944 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:18| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:18| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:21| 120,320 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:18| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:19| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:17| 125,952 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:17| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:16| 128,000 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:17| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:18| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:16| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20112| 13-Aug-2021| 23:22| 124,416 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:18| 121,856 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:13| 115,712 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:14| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:13| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:13| 74,752 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:16| 75,776 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:17| 75,776 \nieui.dll| 11.0.9600.20045| 4-Jun-2021| 22:15| 615,936 \niedkcs32.dll| 18.0.9600.20045| 4-Jun-2021| 21:45| 381,952 \ninstall.ins| Not versioned| 13-Aug-2021| 17:52| 464 \nieapfltr.dat| 10.0.9301.0| 23-Sep-2013| 19:22| 616,104 \nieapfltr.dll| 11.0.9600.20112| 13-Aug-2021| 19:11| 800,768 \niepeers.dll| 11.0.9600.19963| 12-Feb-2021| 18:41| 145,920 \nlicmgr10.dll| 11.0.9600.17416| 30-Oct-2014| 21:40| 33,280 \ntdc.ocx| 11.0.9600.19963| 12-Feb-2021| 18:47| 88,064 \nDiagnosticsHub.DataWarehouse.dll| 11.0.9600.18895| 1-Jan-2018| 21:32| 666,624 \niedvtool.dll| 11.0.9600.20045| 5-Jun-2021| 0:16| 950,784 \nDiagnosticsHub_is.dll| 11.0.9600.19963| 12-Feb-2021| 19:21| 50,176 \ndxtmsft.dll| 11.0.9600.19963| 12-Feb-2021| 18:53| 491,008 \ndxtrans.dll| 11.0.9600.19963| 12-Feb-2021| 18:40| 316,416 \nEscMigPlugin.dll| 11.0.9600.19963| 12-Feb-2021| 19:01| 124,416 \nescUnattend.exe| 11.0.9600.19326| 25-Mar-2019| 22:54| 87,040 \nMicrosoft-Windows-IE-F12-Provider.ptxml| Not versioned| 15-Aug-2014| 15:51|\n11,892 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:00| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 4,096 \nF12.dll.mui| 11.0.9600.17278| 15-Aug-2014| 20:19| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:04| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:01| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:01| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:01| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:04| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:01| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:04| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 4,096 \nF12.dll.mui| 11.0.9600.20112| 13-Aug-2021| 23:23| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 3,584 \nDiagnosticsTap.dll| 11.0.9600.19963| 12-Feb-2021| 18:51| 245,248 \nF12Resources.dll| 11.0.9600.17496| 21-Nov-2014| 19:00| 10,949,120 \nF12Tools.dll| 11.0.9600.19963| 12-Feb-2021| 18:50| 372,224 \nF12.dll| 11.0.9600.20045| 4-Jun-2021| 21:50| 1,422,848 \nmsfeeds.dll| 11.0.9600.20112| 13-Aug-2021| 19:42| 809,472 \nmsfeeds.mof| Not versioned| 5-Feb-2014| 21:54| 1,518 \nmsfeedsbs.mof| Not versioned| 21-Aug-2013| 23:54| 1,574 \nmsfeedsbs.dll| 11.0.9600.19650| 11-Feb-2020| 5:16| 60,416 \nmsfeedssync.exe| 11.0.9600.17416| 30-Oct-2014| 22:08| 12,800 \nmshta.exe| 11.0.9600.17416| 30-Oct-2014| 22:12| 13,824 \nmshtmled.dll| 11.0.9600.20045| 4-Jun-2021| 21:55| 92,672 \nmshtml.dll| 11.0.9600.20112| 13-Aug-2021| 22:07| 25,759,232 \nmshtml.tlb| 11.0.9600.16518| 6-Feb-2014| 3:30| 2,724,864 \nMicrosoft-Windows-IE-HTMLRendering.ptxml| Not versioned| 5-Feb-2014| 21:41|\n3,228 \nIEAdvpack.dll| 11.0.9600.17416| 30-Oct-2014| 21:54| 132,096 \nieetwcollector.exe| 11.0.9600.18895| 1-Jan-2018| 21:17| 116,224 \nieetwproxystub.dll| 11.0.9600.18895| 1-Jan-2018| 21:28| 48,640 \nieetwcollectorres.dll| 11.0.9600.16518| 6-Feb-2014| 3:30| 4,096 \nielowutil.exe| 11.0.9600.17416| 30-Oct-2014| 21:55| 222,720 \nieproxy.dll| 11.0.9600.20045| 4-Jun-2021| 21:13| 870,400 \nIEShims.dll| 11.0.9600.19650| 11-Feb-2020| 4:29| 387,072 \niexpress.exe| 11.0.9600.17416| 30-Oct-2014| 22:10| 167,424 \nwextract.exe| 11.0.9600.17416| 30-Oct-2014| 22:12| 143,872 \nimgutil.dll| 11.0.9600.19963| 12-Feb-2021| 18:08| 51,712 \nWindows Pop-up Blocked.wav| Not versioned| 23-Sep-2013| 20:25| 85,548 \nWindows Information Bar.wav| Not versioned| 23-Sep-2013| 20:25| 23,308 \nWindows Feed Discovered.wav| Not versioned| 23-Sep-2013| 20:25| 19,884 \nWindows Navigation Start.wav| Not versioned| 23-Sep-2013| 20:25| 11,340 \nbing.ico| Not versioned| 23-Sep-2013| 19:51| 5,430 \nieUnatt.exe| 11.0.9600.17416| 30-Oct-2014| 21:51| 144,384 \nMicrosoft-Windows-IE-InternetExplorer-ppdlic.xrm-ms| Not versioned|\n13-Aug-2021| 22:36| 2,956 \njsdbgui.dll| 11.0.9600.19963| 12-Feb-2021| 18:43| 591,872 \njsprofilerui.dll| 11.0.9600.19963| 12-Feb-2021| 18:44| 628,736 \nMemoryAnalyzer.dll| 11.0.9600.19963| 12-Feb-2021| 19:01| 1,862,656 \nMshtmlDac.dll| 11.0.9600.19846| 23-Sep-2020| 21:25| 88,064 \nnetworkinspection.dll| 11.0.9600.19963| 12-Feb-2021| 18:38| 1,217,024 \noccache.dll| 11.0.9600.17416| 30-Oct-2014| 21:19| 152,064 \ndesktop.ini| Not versioned| 18-Jun-2013| 7:43| 65 \nwebcheck.dll| 11.0.9600.20045| 4-Jun-2021| 21:44| 262,144 \ndesktop.ini| Not versioned| 18-Jun-2013| 7:44| 65 \npdm.dll| 12.0.41202.0| 30-Sep-2014| 16:01| 579,192 \nmsdbg2.dll| 12.0.41202.0| 30-Sep-2014| 16:01| 403,592 \npdmproxy100.dll| 12.0.41202.0| 30-Sep-2014| 16:01| 107,152 \nmsrating.dll| 11.0.9600.18895| 1-Jan-2018| 20:56| 199,680 \nicrav03.rat| Not versioned| 23-Sep-2013| 19:32| 8,798 \nticrf.rat| Not versioned| 23-Sep-2013| 19:32| 1,988 \niertutil.dll| 11.0.9600.20064| 14-Jun-2021| 21:56| 2,916,864 \nie4uinit.exe| 11.0.9600.19963| 12-Feb-2021| 18:28| 728,064 \niernonce.dll| 11.0.9600.17416| 30-Oct-2014| 21:56| 34,304 \niesetup.dll| 11.0.9600.17416| 30-Oct-2014| 22:06| 66,560 \nieuinit.inf| Not versioned| 12-Mar-2015| 18:58| 16,303 \ninseng.dll| 11.0.9600.19101| 18-Jul-2018| 21:03| 107,520 \niesysprep.dll| 11.0.9600.17416| 30-Oct-2014| 21:29| 111,616 \nTimeline.dll| 11.0.9600.19963| 12-Feb-2021| 18:45| 219,648 \nTimeline_is.dll| 11.0.9600.19963| 12-Feb-2021| 19:07| 172,032 \nTimeline.cpu.xml| Not versioned| 24-Jul-2014| 11:58| 3,197 \nVGX.dll| 11.0.9600.19963| 12-Feb-2021| 18:43| 1,018,880 \nurl.dll| 11.0.9600.17416| 30-Oct-2014| 22:06| 237,568 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,066,432 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,121,216 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,075,136 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,063,872 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,314,240 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,390,528 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,034,176 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 23:22| 2,033,152 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:13| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:13| 2,255,872 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,061,312 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,326,016 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,019,840 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,071,040 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,082,816 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:18| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:17| 2,170,368 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:17| 2,153,984 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:15| 2,291,712 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:16| 2,283,520 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:17| 2,052,096 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:17| 2,301,952 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:18| 2,093,056 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:11| 2,075,648 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:10| 2,299,392 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:10| 2,094,592 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:12| 2,316,800 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:10| 2,305,536 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:11| 2,278,912 \nieframe.dll.mui| 11.0.9600.20112| 13-Aug-2021| 23:24| 2,286,080 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:11| 2,060,288 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:13| 2,315,776 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:13| 2,278,912 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:13| 2,324,992 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:13| 2,098,176 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 1,890,304 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 1,890,304 \nieframe.dll| 11.0.9600.20112| 13-Aug-2021| 19:52| 15,506,432 \nieframe.ptxml| Not versioned| 5-Feb-2014| 21:41| 24,486 \nieinstal.exe| 11.0.9600.18639| 25-Mar-2017| 10:20| 492,032 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:00| 526,294 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:00| 499,654 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:59| 552,337 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:01| 944,559 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:14| 457,561 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:00| 543,946 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:01| 526,557 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:59| 575,838 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:01| 570,737 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:56| 548,119 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:56| 639,271 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:57| 525,504 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:56| 488,488 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:56| 548,494 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:56| 559,343 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:02| 535,067 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:02| 541,455 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:03| 804,470 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:00| 503,909 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:02| 521,583 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:02| 420,082 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:59| 436,651 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:59| 436,651 \ninetres.admx| Not versioned| 8-Feb-2021| 20:02| 1,678,023 \ninetcomm.dll| 6.3.9600.20112| 13-Aug-2021| 19:48| 1,033,216 \nINETRES.dll| 6.3.9600.16384| 22-Aug-2013| 4:43| 84,480 \njscript9.dll| 11.0.9600.20112| 13-Aug-2021| 20:47| 5,508,096 \njscript9diag.dll| 11.0.9600.19963| 12-Feb-2021| 19:03| 814,592 \njscript.dll| 5.8.9600.20112| 13-Aug-2021| 20:12| 785,408 \nvbscript.dll| 5.8.9600.20112| 13-Aug-2021| 20:22| 581,120 \niexplore.exe| 11.0.9600.19036| 24-May-2018| 22:24| 817,296 \nhtml.iec| 2019.0.0.18895| 1-Jan-2018| 20:51| 341,504 \nieui.dll| 11.0.9600.18895| 1-Jan-2018| 20:44| 476,160 \niepeers.dll| 11.0.9600.19963| 12-Feb-2021| 18:20| 128,512 \ntdc.ocx| 11.0.9600.19963| 12-Feb-2021| 18:24| 73,728 \ndxtmsft.dll| 11.0.9600.19963| 12-Feb-2021| 18:29| 415,744 \ndxtrans.dll| 11.0.9600.19963| 12-Feb-2021| 18:20| 280,064 \nmsfeeds.dll| 11.0.9600.20112| 13-Aug-2021| 19:35| 696,320 \nmsfeeds.mof| Not versioned| 5-Feb-2014| 21:53| 1,518 \nmshta.exe| 11.0.9600.17416| 30-Oct-2014| 20:28| 12,800 \nmshtmled.dll| 11.0.9600.19963| 12-Feb-2021| 18:21| 76,800 \nmshtml.dll| 11.0.9600.20112| 13-Aug-2021| 20:33| 20,294,144 \nmshtml.tlb| 11.0.9600.16518| 6-Feb-2014| 2:20| 2,724,864 \nwow64_Microsoft-Windows-IE-HTMLRendering.ptxml| Not versioned| 5-Feb-2014|\n21:43| 3,228 \nieetwproxystub.dll| 11.0.9600.17416| 30-Oct-2014| 20:23| 47,616 \nieUnatt.exe| 11.0.9600.17416| 30-Oct-2014| 20:12| 115,712 \noccache.dll| 11.0.9600.17416| 30-Oct-2014| 19:48| 130,048 \nwebcheck.dll| 11.0.9600.19963| 12-Feb-2021| 18:13| 230,400 \niernonce.dll| 11.0.9600.17416| 30-Oct-2014| 20:15| 30,720 \niesetup.dll| 11.0.9600.17416| 30-Oct-2014| 20:24| 62,464 \nieuinit.inf| Not versioned| 12-Mar-2015| 18:55| 16,303 \niesysprep.dll| 11.0.9600.17416| 30-Oct-2014| 19:56| 90,624 \nieframe.dll| 11.0.9600.20112| 13-Aug-2021| 19:47| 13,881,856 \nie9props.propdesc| Not versioned| 23-Sep-2013| 19:34| 2,843 \nwow64_ieframe.ptxml| Not versioned| 5-Feb-2014| 21:43| 24,486 \njscript9.dll| 11.0.9600.20112| 13-Aug-2021| 19:52| 4,119,040 \njscript9diag.dll| 11.0.9600.19963| 12-Feb-2021| 18:37| 620,032 \njscript.dll| 5.8.9600.20112| 13-Aug-2021| 19:56| 653,824 \nvbscript.dll| 5.8.9600.20112| 13-Aug-2021| 20:04| 498,176 \nactxprxy.dll| 6.3.9600.20045| 4-Jun-2021| 21:32| 1,049,600 \nhlink.dll| 6.3.9600.19101| 18-Jul-2018| 20:55| 99,328 \npngfilt.dll| 11.0.9600.19963| 12-Feb-2021| 18:49| 58,368 \nurlmon.dll| 11.0.9600.20112| 13-Aug-2021| 19:19| 1,342,976 \nWininetPlugin.dll| 6.3.9600.17416| 30-Oct-2014| 20:12| 35,328 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 46,592 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 56,320 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 57,856 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 11:17| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 47,616 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 49,152 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 55,296 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 45,056 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 39,424 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 35,840 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 53,760 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:29| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:29| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 52,736 \nwininet.dll.mui| 11.0.9600.20112| 13-Aug-2021| 21:44| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:27| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:28| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:28| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:28| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 31,232 \ninetcpl.cpl| 11.0.9600.20045| 4-Jun-2021| 21:30| 2,058,752 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 307,200 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 293,888 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:52| 290,304 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 289,280 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 299,008 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 303,104 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:49| 282,112 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 20:58| 282,112 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 296,960 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 283,648 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 291,840 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 299,520 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 275,968 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:49| 290,816 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:49| 293,376 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 296,960 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 258,048 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:52| 256,512 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 289,280 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 288,256 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 285,184 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 295,424 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:52| 297,472 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 292,864 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 295,424 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 294,400 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 294,400 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 292,864 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 290,816 \nmshtml.dll.mui| 11.0.9600.20112| 13-Aug-2021| 21:45| 290,816 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 286,208 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:43| 281,600 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:43| 286,720 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:42| 292,352 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:43| 242,176 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 243,200 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 243,200 \nJavaScriptCollectionAgent.dll| 11.0.9600.19963| 12-Feb-2021| 18:25| 60,416 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:26| 46,080 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:24| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:24| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 51,712 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 54,272 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 11:10| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:24| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 45,056 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:13| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 39,936 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 39,424 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 51,200 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:02| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 48,640 \nurlmon.dll.mui| 11.0.9600.20112| 13-Aug-2021| 21:46| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:05| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 35,328 \nwininet.dll| 11.0.9600.20112| 13-Aug-2021| 19:27| 4,387,840 \njsproxy.dll| 11.0.9600.17416| 30-Oct-2014| 20:16| 47,104 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 114,176 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:09| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 124,928 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 122,880 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 130,048 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 138,240 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18666| 16-Apr-2017| 1:51| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 131,584 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 117,760 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 122,368 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 134,144 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:13| 107,008 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 1:46| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:11| 127,488 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:11| 128,512 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 88,064 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 1:47| 82,944 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 120,320 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 125,952 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:25| 128,000 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:25| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20112| 13-Aug-2021| 21:45| 124,416 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 13:56| 121,856 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:03| 115,712 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:04| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:04| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:04| 74,752 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:09| 75,776 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 75,776 \niedkcs32.dll| 18.0.9600.20045| 4-Jun-2021| 21:34| 333,312 \ninstall.ins| Not versioned| 13-Aug-2021| 17:57| 464 \nieapfltr.dat| 10.0.9301.0| 23-Sep-2013| 19:20| 616,104 \nieapfltr.dll| 11.0.9600.20112| 13-Aug-2021| 19:16| 710,656 \nlicmgr10.dll| 11.0.9600.17416| 30-Oct-2014| 20:03| 27,136 \niedvtool.dll| 11.0.9600.20045| 4-Jun-2021| 22:45| 772,608 \nDiagnosticsTap.dll| 11.0.9600.19963| 12-Feb-2021| 18:28| 175,104 \nF12Tools.dll| 11.0.9600.19963| 12-Feb-2021| 18:27| 256,000 \nmsfeedsbs.mof| Not versioned| 21-Aug-2013| 16:49| 1,574 \nmsfeedsbs.dll| 11.0.9600.19650| 11-Feb-2020| 4:57| 52,736 \nmsfeedssync.exe| 11.0.9600.17416| 30-Oct-2014| 20:25| 11,264 \nIEAdvpack.dll| 11.0.9600.17416| 30-Oct-2014| 20:14| 112,128 \nielowutil.exe| 11.0.9600.19404| 9-Jul-2019| 20:06| 221,184 \nieproxy.dll| 11.0.9600.19963| 12-Feb-2021| 17:45| 310,784 \nIEShims.dll| 11.0.9600.20045| 4-Jun-2021| 21:12| 290,304 \niexpress.exe| 11.0.9600.17416| 30-Oct-2014| 20:27| 152,064 \nwextract.exe| 11.0.9600.17416| 30-Oct-2014| 20:28| 137,728 \nimgutil.dll| 11.0.9600.19963| 12-Feb-2021| 17:59| 40,448 \nExtExport.exe| 11.0.9600.17416| 30-Oct-2014| 20:20| 25,600 \njsdbgui.dll| 11.0.9600.19963| 12-Feb-2021| 18:22| 459,776 \njsprofilerui.dll| 11.0.9600.19963| 12-Feb-2021| 18:22| 579,584 \nMshtmlDac.dll| 11.0.9600.19867| 12-Oct-2020| 21:43| 64,000 \nnetworkinspection.dll| 11.0.9600.19846| 23-Sep-2020| 20:28| 1,075,200 \npdm.dll| 12.0.41202.0| 30-Sep-2014| 16:00| 442,992 \nmsdbg2.dll| 12.0.41202.0| 30-Sep-2014| 16:00| 315,008 \npdmproxy100.dll| 12.0.41202.0| 30-Sep-2014| 16:00| 99,984 \nmsrating.dll| 11.0.9600.19507| 5-Oct-2019| 19:57| 168,960 \nicrav03.rat| Not versioned| 23-Sep-2013| 19:25| 8,798 \nticrf.rat| Not versioned| 23-Sep-2013| 19:26| 1,988 \niertutil.dll| 11.0.9600.20064| 14-Jun-2021| 21:16| 2,308,608 \ninseng.dll| 11.0.9600.17416| 30-Oct-2014| 19:56| 91,136 \nVGX.dll| 11.0.9600.19963| 12-Feb-2021| 18:21| 818,176 \nurl.dll| 11.0.9600.17416| 30-Oct-2014| 20:24| 235,520 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,066,432 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,121,216 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,075,136 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,063,872 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,314,240 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,390,528 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,034,176 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:39| 2,033,152 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,255,872 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,061,312 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,326,016 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,019,840 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,071,040 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,082,816 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,170,368 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,153,984 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,291,712 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,283,520 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,052,096 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,301,952 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,093,056 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,075,648 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,299,392 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,094,592 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,316,800 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,305,536 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,278,912 \nieframe.dll.mui| 11.0.9600.20112| 13-Aug-2021| 21:48| 2,286,080 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,060,288 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,315,776 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,278,912 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,324,992 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,098,176 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 1,890,304 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 1,890,304 \nieinstal.exe| 11.0.9600.18921| 9-Feb-2018| 21:35| 475,648 \ninetcomm.dll| 6.3.9600.20112| 13-Aug-2021| 19:39| 880,640 \nINETRES.dll| 6.3.9600.16384| 21-Aug-2013| 21:14| 84,480 \n \n##\n\n __\n\nInternet Explorer 11 on all supported Arm-based versions\n\n **File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nactxprxy.dll| 6.3.9600.20045| 4-Jun-2021| 20:58| 1,064,960 \nhlink.dll| 6.3.9600.19101| 18-Jul-2018| 20:30| 68,608 \npngfilt.dll| 11.0.9600.19963| 12-Feb-2021| 18:21| 47,616 \nurlmon.dll| 11.0.9600.20112| 13-Aug-2021| 18:58| 1,035,264 \niexplore.exe| 11.0.9600.19867| 12-Oct-2020| 22:01| 807,816 \nWininetPlugin.dll| 6.3.9600.16384| 21-Aug-2013| 19:52| 33,792 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 46,592 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 56,320 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 57,856 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 10:19| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 47,616 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 49,152 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 55,296 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 45,056 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 39,424 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 35,840 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:10| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 53,760 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:07| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 52,736 \nwininet.dll.mui| 11.0.9600.20112| 13-Aug-2021| 20:44| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:07| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:06| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:06| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:06| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:06| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 31,232 \nhtml.iec| 2019.0.0.20045| 4-Jun-2021| 21:28| 320,000 \ninetcpl.cpl| 11.0.9600.20045| 4-Jun-2021| 21:05| 2,007,040 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 307,200 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 293,888 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 290,304 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 289,280 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 299,008 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 303,104 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 282,112 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:16| 282,112 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:52| 296,960 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 283,648 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 291,840 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 299,520 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 275,968 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:52| 290,816 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 293,376 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 296,960 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 258,048 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 256,512 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 289,280 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 288,256 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 285,184 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 295,424 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 297,472 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:50| 292,864 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:50| 295,424 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 294,400 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:50| 294,400 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:50| 292,864 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 290,816 \nmshtml.dll.mui| 11.0.9600.20112| 13-Aug-2021| 20:47| 290,816 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:50| 286,208 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:48| 281,600 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:48| 286,720 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:48| 292,352 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:48| 242,176 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 243,200 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 243,200 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 73,728 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 74,240 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 78,848 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 61,440 \nF12Resources.dll.mui| 11.0.9600.17278| 15-Aug-2014| 18:39| 61,440 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 74,752 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 62,464 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 75,264 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:28| 68,608 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 71,680 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 73,216 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 41,472 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 37,888 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 68,608 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 74,240 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 70,656 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 71,168 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 71,680 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 71,168 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 69,632 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:26| 68,608 \nF12Resources.dll.mui| 11.0.9600.20112| 13-Aug-2021| 20:46| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 59,904 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:26| 69,120 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 29,696 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 30,720 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 30,720 \nJavaScriptCollectionAgent.dll| 11.0.9600.19963| 12-Feb-2021| 18:03| 63,488 \nDiagnosticsHub.ScriptedSandboxPlugin.dll| 11.0.9600.19963| 12-Feb-2021| 18:04|\n215,552 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 46,080 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 51,712 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 54,272 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 10:09| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:04| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 45,056 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:54| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:53| 39,936 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:53| 39,424 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:53| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:53| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:53| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:53| 51,200 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:53| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 48,640 \nurlmon.dll.mui| 11.0.9600.20112| 13-Aug-2021| 20:45| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:59| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:58| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:58| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:58| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 35,328 \nwininet.dll| 11.0.9600.20112| 13-Aug-2021| 18:59| 4,147,712 \njsproxy.dll| 11.0.9600.17416| 30-Oct-2014| 19:43| 39,936 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 114,176 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 124,928 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 122,880 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 130,048 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 138,240 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18698| 14-May-2017| 12:41| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 131,584 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 117,760 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 122,368 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 134,144 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 107,008 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 0:14| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 127,488 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 128,512 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 88,064 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 0:14| 82,944 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 120,320 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 125,952 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 128,000 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20112| 13-Aug-2021| 20:45| 124,416 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 121,856 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:21| 115,712 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:21| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:22| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:21| 74,752 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 75,776 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 75,776 \nieui.dll| 11.0.9600.19650| 11-Feb-2020| 4:46| 427,520 \niedkcs32.dll| 18.0.9600.19963| 12-Feb-2021| 17:52| 292,864 \ninstall.ins| Not versioned| 13-Aug-2021| 17:53| 464 \nieapfltr.dat| 10.0.9301.0| 23-Sep-2013| 19:22| 616,104 \nieapfltr.dll| 11.0.9600.20112| 13-Aug-2021| 19:02| 548,864 \niepeers.dll| 11.0.9600.19963| 12-Feb-2021| 17:59| 107,008 \nlicmgr10.dll| 11.0.9600.17416| 30-Oct-2014| 19:34| 23,552 \ntdc.ocx| 11.0.9600.19963| 12-Feb-2021| 18:02| 62,464 \nDiagnosticsHub.DataWarehouse.dll| 11.0.9600.17416| 30-Oct-2014| 19:52| 495,616 \niedvtool.dll| 11.0.9600.20045| 4-Jun-2021| 21:19| 726,016 \nDiagnosticsHub_is.dll| 11.0.9600.19963| 12-Feb-2021| 18:22| 39,936 \ndxtmsft.dll| 11.0.9600.19963| 12-Feb-2021| 18:06| 364,032 \ndxtrans.dll| 11.0.9600.19963| 12-Feb-2021| 17:58| 221,696 \nMicrosoft-Windows-IE-F12-Provider.ptxml| Not versioned| 15-Aug-2014| 15:50|\n11,892 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:20| 4,096 \nF12.dll.mui| 11.0.9600.17278| 15-Aug-2014| 18:39| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:28| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:17| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:26| 4,096 \nF12.dll.mui| 11.0.9600.20112| 13-Aug-2021| 20:44| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:26| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:26| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:26| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 3,584 \nDiagnosticsTap.dll| 11.0.9600.20045| 4-Jun-2021| 21:17| 175,616 \nF12Resources.dll| 11.0.9600.17496| 21-Nov-2014| 17:44| 10,948,608 \nF12Tools.dll| 11.0.9600.20045| 4-Jun-2021| 21:16| 263,680 \nF12.dll| 11.0.9600.20045| 4-Jun-2021| 21:08| 1,186,304 \nmsfeeds.dll| 11.0.9600.20112| 13-Aug-2021| 19:14| 587,776 \nmsfeeds.mof| Not versioned| 5-Feb-2014| 21:51| 1,518 \nmsfeedsbs.mof| Not versioned| 21-Aug-2013| 16:43| 1,574 \nmsfeedsbs.dll| 11.0.9600.19650| 11-Feb-2020| 4:34| 43,520 \nmsfeedssync.exe| 11.0.9600.16384| 21-Aug-2013| 20:05| 11,776 \nmshtmled.dll| 11.0.9600.19963| 12-Feb-2021| 18:00| 73,216 \nmshtml.dll| 11.0.9600.20112| 13-Aug-2021| 19:15| 16,228,864 \nmshtml.tlb| 11.0.9600.16518| 6-Feb-2014| 1:36| 2,724,864 \nMicrosoft-Windows-IE-HTMLRendering.ptxml| Not versioned| 5-Feb-2014| 21:39|\n3,228 \nIEAdvpack.dll| 11.0.9600.16384| 21-Aug-2013| 19:54| 98,816 \nieetwcollector.exe| 11.0.9600.18658| 5-Apr-2017| 10:29| 98,816 \nieetwproxystub.dll| 11.0.9600.16518| 6-Feb-2014| 1:23| 43,008 \nieetwcollectorres.dll| 11.0.9600.16518| 6-Feb-2014| 1:36| 4,096 \nielowutil.exe| 11.0.9600.17031| 22-Feb-2014| 1:32| 222,208 \nieproxy.dll| 11.0.9600.19963| 12-Feb-2021| 17:33| 308,224 \nIEShims.dll| 11.0.9600.19650| 11-Feb-2020| 4:11| 268,800 \nimgutil.dll| 11.0.9600.19963| 12-Feb-2021| 17:43| 34,816 \nWindows Pop-up Blocked.wav| Not versioned| 23-Sep-2013| 20:25| 85,548 \nWindows Information Bar.wav| Not versioned| 23-Sep-2013| 20:25| 23,308 \nWindows Feed Discovered.wav| Not versioned| 23-Sep-2013| 20:25| 19,884 \nWindows Navigation Start.wav| Not versioned| 23-Sep-2013| 20:25| 11,340 \nbing.ico| Not versioned| 23-Sep-2013| 19:51| 5,430 \nieUnatt.exe| 11.0.9600.16518| 6-Feb-2014| 1:12| 112,128 \nMicrosoft-Windows-IE-InternetExplorer-ppdlic.xrm-ms| Not versioned|\n13-Aug-2021| 20:15| 2,956 \njsdbgui.dll| 11.0.9600.19963| 12-Feb-2021| 18:01| 457,216 \njsprofilerui.dll| 11.0.9600.19963| 12-Feb-2021| 18:01| 574,976 \nMemoryAnalyzer.dll| 11.0.9600.19963| 12-Feb-2021| 18:12| 1,935,360 \nMshtmlDac.dll| 11.0.9600.19867| 12-Oct-2020| 21:22| 60,928 \nnetworkinspection.dll| 11.0.9600.19963| 12-Feb-2021| 17:57| 1,105,408 \noccache.dll| 11.0.9600.19867| 12-Oct-2020| 21:01| 121,856 \ndesktop.ini| Not versioned| 18-Jun-2013| 7:46| 65 \nwebcheck.dll| 11.0.9600.19867| 12-Oct-2020| 20:57| 201,216 \ndesktop.ini| Not versioned| 18-Jun-2013| 7:46| 65 \npdm.dll| 12.0.20712.1| 26-Jul-2013| 10:03| 420,752 \nmsdbg2.dll| 12.0.20712.1| 26-Jul-2013| 10:03| 295,320 \npdmproxy100.dll| 12.0.20712.1| 26-Jul-2013| 10:03| 76,712 \nmsrating.dll| 11.0.9600.17905| 15-Jun-2015| 12:46| 157,184 \nicrav03.rat| Not versioned| 23-Sep-2013| 19:32| 8,798 \nticrf.rat| Not versioned| 23-Sep-2013| 19:32| 1,988 \niertutil.dll| 11.0.9600.20064| 14-Jun-2021| 20:45| 2,186,240 \nie4uinit.exe| 11.0.9600.19963| 12-Feb-2021| 17:52| 678,400 \niernonce.dll| 11.0.9600.16518| 6-Feb-2014| 1:15| 28,160 \niesetup.dll| 11.0.9600.16518| 6-Feb-2014| 1:23| 59,904 \nieuinit.inf| Not versioned| 12-Mar-2015| 18:46| 16,303 \ninseng.dll| 11.0.9600.16384| 21-Aug-2013| 19:35| 77,312 \niesysprep.dll| 11.0.9600.17416| 30-Oct-2014| 19:28| 87,552 \nTimeline.dll| 11.0.9600.19963| 12-Feb-2021| 18:02| 155,648 \nTimeline_is.dll| 11.0.9600.19963| 12-Feb-2021| 18:14| 130,048 \nTimeline.cpu.xml| Not versioned| 24-Jul-2014| 12:09| 3,197 \nVGX.dll| 11.0.9600.19963| 12-Feb-2021| 18:00| 734,720 \nurl.dll| 11.0.9600.17416| 30-Oct-2014| 19:49| 236,032 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:51| 2,066,432 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:51| 2,121,216 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:51| 2,075,136 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:51| 2,063,872 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:51| 2,314,240 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:54| 2,390,528 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,034,176 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:03| 2,033,152 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:54| 2,255,872 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,061,312 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:51| 2,326,016 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:54| 2,019,840 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,071,040 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,082,816 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,170,368 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,153,984 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,291,712 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,283,520 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,052,096 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,301,952 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,093,056 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,075,648 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,299,392 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,094,592 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,316,800 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,305,536 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,278,912 \nieframe.dll.mui| 11.0.9600.20112| 13-Aug-2021| 20:46| 2,286,080 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,060,288 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:49| 2,315,776 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:49| 2,278,912 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:48| 2,324,992 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:49| 2,098,176 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:51| 1,890,304 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:50| 1,890,304 \nieframe.dll| 11.0.9600.20112| 13-Aug-2021| 19:10| 12,315,136 \nieframe.ptxml| Not versioned| 5-Feb-2014| 21:38| 24,486 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:34| 526,294 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:34| 499,654 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:34| 552,337 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:32| 944,559 \nInetRes.adml| Not versioned| 12-Feb-2021| 18:45| 457,561 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:32| 543,946 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:32| 526,557 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:33| 575,838 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:32| 570,737 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:31| 548,119 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:31| 639,271 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:31| 525,504 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:31| 488,488 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:31| 548,494 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:30| 559,343 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:30| 535,067 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:30| 541,455 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:30| 804,470 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:30| 503,909 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:30| 521,583 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:30| 420,082 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:33| 436,651 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:33| 436,651 \ninetres.admx| Not versioned| 11-Jan-2021| 19:24| 1,678,023 \ninetcomm.dll| 6.3.9600.20112| 13-Aug-2021| 19:17| 675,328 \nINETRES.dll| 6.3.9600.16384| 21-Aug-2013| 20:15| 84,480 \njscript9.dll| 11.0.9600.20112| 13-Aug-2021| 19:13| 3,571,712 \njscript9diag.dll| 11.0.9600.20045| 4-Jun-2021| 21:23| 557,568 \njscript.dll| 5.8.9600.20112| 13-Aug-2021| 19:31| 516,096 \nvbscript.dll| 5.8.9600.20112| 13-Aug-2021| 19:37| 403,968 \n \n### **Windows Server 2012**\n\n##\n\n __\n\nInternet Explorer 11 on all supported x86-based versions\n\n **File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nFileinfo.xml| Not Applicable| 20-Aug-21| 0:38| 590,629 \nIe11-windows6.2-kb5005563-x86-express.cab| Not Applicable| 19-Aug-21| 23:14|\n726,202 \nIe11-windows6.2-kb5005563-x86.msu| Not Applicable| 19-Aug-21| 22:46|\n27,627,035 \nIe11-windows6.2-kb5005563-x86.psf| Not Applicable| 19-Aug-21| 22:59|\n184,419,043 \nPackageinfo.xml| Not Applicable| 20-Aug-21| 0:38| 1,133 \nPackagestructure.xml| Not Applicable| 20-Aug-21| 0:38| 149,422 \nPrebvtpackageinfo.xml| Not Applicable| 20-Aug-21| 0:38| 573 \nIe11-windows6.2-kb5005563-x86.cab| Not Applicable| 19-Aug-21| 22:35|\n27,497,280 \nIe11-windows6.2-kb5005563-x86.xml| Not Applicable| 19-Aug-21| 22:39| 450 \nWsusscan.cab| Not Applicable| 19-Aug-21| 22:42| 173,732 \nUrlmon.dll| 11.0.9600.20112| 14-Aug-21| 2:19| 1,342,976 \nIexplore.exe| 11.0.9600.20112| 19-Aug-21| 18:56| 810,384 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:57| 46,592 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:57| 52,736 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:58| 51,200 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:59| 51,200 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:59| 56,320 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:00| 57,856 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:01| 54,272 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:01| 47,616 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:03| 49,152 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:03| 55,296 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:04| 45,056 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:04| 51,712 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:05| 51,712 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:05| 53,248 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:06| 39,424 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:07| 35,840 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:08| 50,176 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:08| 51,200 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:09| 50,688 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:10| 52,736 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:10| 53,760 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:11| 54,272 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:12| 54,272 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:12| 52,736 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:13| 51,200 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:14| 53,248 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:14| 52,736 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 51,712 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 50,688 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:16| 50,688 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:17| 50,176 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:18| 30,720 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:19| 30,720 \nInetcpl.cpl| 11.0.9600.20112| 14-Aug-21| 2:35| 2,058,752 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:57| 307,200 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:57| 293,888 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:58| 290,304 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:59| 289,280 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:59| 299,008 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:00| 303,104 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:58| 282,112 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:01| 296,960 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:02| 283,648 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:02| 291,840 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:03| 299,520 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:04| 275,968 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:04| 290,816 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:05| 293,376 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:05| 296,960 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:06| 258,048 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:07| 256,512 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:08| 289,280 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:09| 288,256 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:09| 285,184 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:10| 295,424 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:10| 297,472 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:11| 292,864 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:12| 295,424 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:12| 294,400 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:13| 294,400 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:14| 292,864 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:14| 290,816 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 288,768 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 286,208 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:16| 281,600 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:17| 286,720 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:17| 292,352 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:18| 242,176 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:19| 243,200 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:57| 46,080 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:57| 50,176 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:58| 48,640 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:59| 49,664 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:59| 51,712 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:00| 54,272 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:01| 50,176 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:02| 47,616 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:02| 49,152 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:03| 50,688 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:04| 45,056 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:04| 49,152 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:05| 49,152 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:05| 49,664 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:06| 39,936 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:07| 39,424 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:08| 47,616 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:09| 48,640 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:10| 51,200 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:10| 50,688 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:11| 49,664 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:12| 50,176 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:12| 49,152 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:13| 48,640 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:14| 50,176 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:14| 48,640 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 49,664 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 48,640 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:16| 48,128 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:17| 49,152 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:17| 48,128 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:18| 35,328 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:19| 35,328 \nJsproxy.dll| 11.0.9600.20112| 14-Aug-21| 2:58| 47,104 \nWininet.dll| 11.0.9600.20112| 14-Aug-21| 2:27| 4,387,840 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 18:57| 114,176 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 18:57| 130,560 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 18:58| 124,928 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 18:59| 122,880 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 18:59| 130,048 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:00| 138,240 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:58| 114,688 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:01| 131,584 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:01| 117,760 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:02| 122,368 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:03| 134,144 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:03| 107,008 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:04| 123,392 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:05| 127,488 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:06| 128,512 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:06| 88,576 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:07| 82,944 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:08| 125,440 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:08| 123,392 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:09| 120,320 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:10| 130,560 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:10| 129,024 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:11| 125,952 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:12| 129,024 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:13| 128,000 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:13| 123,904 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:14| 129,024 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:14| 123,904 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 124,416 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 121,856 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:16| 115,712 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:17| 123,904 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:17| 125,440 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:18| 72,704 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:19| 73,728 \nMsfeedsbs.dll| 11.0.9600.20112| 14-Aug-21| 2:42| 52,736 \nMsfeedsbs.mof| Not Applicable| 14-Aug-21| 1:11| 1,574 \nMsfeedssync.exe| 11.0.9600.20112| 14-Aug-21| 3:04| 11,776 \nMicrosoft-windows-ie-htmlrendering.ptxml| Not Applicable| 14-Aug-21| 1:03|\n3,228 \nMshtml.dll| 11.0.9600.20112| 14-Aug-21| 3:33| 20,294,144 \nMshtml.tlb| 11.0.9600.20112| 14-Aug-21| 3:13| 2,724,864 \nIeproxy.dll| 11.0.9600.20112| 14-Aug-21| 2:14| 310,784 \nIeshims.dll| 11.0.9600.20112| 14-Aug-21| 2:18| 290,304 \nIertutil.dll| 11.0.9600.20112| 14-Aug-21| 3:07| 2,308,608 \nSqmapi.dll| 6.2.9200.16384| 19-Aug-21| 18:56| 228,256 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:57| 2,066,432 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:58| 2,121,216 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:58| 2,075,648 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:59| 2,063,872 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:00| 2,314,240 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:01| 2,390,528 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:58| 2,033,152 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:01| 2,307,584 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:02| 2,255,872 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:03| 2,061,312 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:03| 2,326,016 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:04| 2,019,840 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:05| 2,071,040 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:05| 2,082,816 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:06| 2,307,584 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:07| 2,170,368 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:07| 2,153,984 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:08| 2,291,712 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:09| 2,283,520 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:09| 2,052,096 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:10| 2,301,952 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:11| 2,093,056 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:11| 2,075,648 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:12| 2,299,392 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:13| 2,094,592 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:13| 2,316,800 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:14| 2,305,536 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 2,278,912 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 2,285,568 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:16| 2,060,288 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:16| 2,315,776 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:17| 2,279,424 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:18| 2,324,992 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:18| 2,098,176 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:19| 1,890,304 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:20| 1,890,304 \nIeframe.dll| 11.0.9600.20112| 14-Aug-21| 2:47| 13,881,856 \nIeframe.ptxml| Not Applicable| 14-Aug-21| 1:03| 24,486 \nInetres.adml| Not Applicable| 19-Aug-21| 18:57| 463,373 \nInetres.adml| Not Applicable| 19-Aug-21| 18:57| 751,311 \nInetres.adml| Not Applicable| 19-Aug-21| 18:58| 526,343 \nInetres.adml| Not Applicable| 19-Aug-21| 18:59| 499,704 \nInetres.adml| Not Applicable| 19-Aug-21| 18:59| 552,387 \nInetres.adml| Not Applicable| 19-Aug-21| 19:00| 944,608 \nInetres.adml| Not Applicable| 19-Aug-21| 20:58| 457,561 \nInetres.adml| Not Applicable| 19-Aug-21| 19:01| 543,999 \nInetres.adml| Not Applicable| 19-Aug-21| 19:01| 751,450 \nInetres.adml| Not Applicable| 19-Aug-21| 19:02| 526,608 \nInetres.adml| Not Applicable| 19-Aug-21| 19:03| 575,885 \nInetres.adml| Not Applicable| 19-Aug-21| 19:04| 463,373 \nInetres.adml| Not Applicable| 19-Aug-21| 19:04| 751,280 \nInetres.adml| Not Applicable| 19-Aug-21| 19:05| 570,788 \nInetres.adml| Not Applicable| 19-Aug-21| 19:05| 548,169 \nInetres.adml| Not Applicable| 19-Aug-21| 19:06| 639,283 \nInetres.adml| Not Applicable| 19-Aug-21| 19:07| 525,516 \nInetres.adml| Not Applicable| 19-Aug-21| 19:08| 751,436 \nInetres.adml| Not Applicable| 19-Aug-21| 19:08| 751,502 \nInetres.adml| Not Applicable| 19-Aug-21| 19:09| 488,537 \nInetres.adml| Not Applicable| 19-Aug-21| 19:10| 548,544 \nInetres.adml| Not Applicable| 19-Aug-21| 19:10| 559,394 \nInetres.adml| Not Applicable| 19-Aug-21| 19:11| 535,116 \nInetres.adml| Not Applicable| 19-Aug-21| 19:12| 541,503 \nInetres.adml| Not Applicable| 19-Aug-21| 19:12| 751,424 \nInetres.adml| Not Applicable| 19-Aug-21| 19:13| 804,520 \nInetres.adml| Not Applicable| 19-Aug-21| 19:14| 751,417 \nInetres.adml| Not Applicable| 19-Aug-21| 19:14| 751,408 \nInetres.adml| Not Applicable| 19-Aug-21| 19:15| 751,145 \nInetres.adml| Not Applicable| 19-Aug-21| 19:16| 503,958 \nInetres.adml| Not Applicable| 19-Aug-21| 19:16| 751,433 \nInetres.adml| Not Applicable| 19-Aug-21| 19:17| 521,634 \nInetres.adml| Not Applicable| 19-Aug-21| 19:17| 751,363 \nInetres.adml| Not Applicable| 19-Aug-21| 19:18| 420,094 \nInetres.adml| Not Applicable| 19-Aug-21| 19:19| 436,663 \nInetres.admx| Not Applicable| 21-Mar-21| 4:22| 1,678,023 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:57| 29,184 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:57| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:58| 32,768 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:59| 33,280 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:00| 35,328 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:00| 37,888 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:57| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:01| 34,304 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:01| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:02| 33,280 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:03| 34,304 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:03| 27,648 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:04| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:05| 34,304 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:05| 33,792 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:06| 23,040 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:07| 22,016 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:08| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:09| 31,232 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:10| 34,304 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:10| 35,840 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:11| 32,768 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:12| 33,280 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:12| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:13| 34,816 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:14| 33,280 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:14| 32,256 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 32,768 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:16| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:17| 30,720 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:17| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:18| 16,384 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:19| 16,896 \nJscript9.dll| 11.0.9600.20112| 14-Aug-21| 2:52| 4,119,040 \nJscript9diag.dll| 11.0.9600.20112| 14-Aug-21| 2:55| 620,032 \nJscript.dll| 5.8.9600.20112| 14-Aug-21| 2:56| 653,824 \nVbscript.dll| 5.8.9600.20112| 14-Aug-21| 3:04| 498,176 \nPackage.cab| Not Applicable| 19-Aug-21| 22:40| 300,569 \n \n##\n\n __\n\nInternet Explorer 11 on all supported x64-based versions\n\n **File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nFileinfo.xml| Not versioned| 20-Aug-21| 1:18| 918,967 \nIe11-windows6.2-kb5005563-x64-express.cab| Not versioned| 19-Aug-21| 23:17|\n1,228,067 \nIe11-windows6.2-kb5005563-x64.msu| Not versioned| 19-Aug-21| 22:49| 48,216,838 \nIe11-windows6.2-kb5005563-x64.psf| Not versioned| 19-Aug-21| 23:05|\n282,897,531 \nPackageinfo.xml| Not versioned| 20-Aug-21| 1:18| 1,228 \nPackagestructure.xml| Not versioned| 20-Aug-21| 1:18| 239,770 \nPrebvtpackageinfo.xml| Not versioned| 20-Aug-21| 1:18| 652 \nIe11-windows6.2-kb5005563-x64.cab| Not versioned| 19-Aug-21| 22:39| 48,118,529 \nIe11-windows6.2-kb5005563-x64.xml| Not versioned| 19-Aug-21| 22:39| 452 \nWsusscan.cab| Not versioned| 19-Aug-21| 22:44| 175,450 \nUrlmon.dll| 11.0.9600.20112| 14-Aug-21| 2:28| 1,562,624 \nIexplore.exe| 11.0.9600.20112| 19-Aug-21| 20:26| 810,376 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:27| 46,592 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:28| 52,736 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:28| 51,200 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:29| 51,200 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:30| 56,320 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:30| 57,856 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 21:32| 49,664 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:31| 54,272 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:32| 47,616 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:32| 49,152 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:33| 55,296 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:34| 45,056 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:34| 51,712 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:35| 51,712 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:36| 53,248 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:37| 39,424 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:37| 35,840 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:38| 50,176 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:38| 51,200 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:39| 50,688 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:39| 52,736 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:40| 53,760 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:41| 54,272 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:42| 52,736 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:43| 51,200 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:43| 53,248 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:44| 52,736 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:44| 51,712 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:45| 50,688 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:46| 50,688 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:46| 50,176 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:47| 50,176 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:48| 30,720 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:49| 30,720 \nInetcpl.cpl| 11.0.9600.20112| 14-Aug-21| 2:40| 2,132,992 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:27| 307,200 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:28| 293,888 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:28| 290,304 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:29| 289,280 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:30| 299,008 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:30| 303,104 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 21:32| 282,112 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:31| 296,960 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:32| 283,648 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:32| 291,840 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:33| 299,520 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:34| 275,968 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:35| 290,816 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:35| 293,376 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:36| 296,960 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:36| 258,048 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:37| 256,512 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:38| 289,280 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:38| 288,256 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:39| 285,184 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:39| 295,424 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:40| 297,472 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:41| 292,864 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:41| 295,424 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:42| 294,400 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:43| 294,400 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:44| 292,864 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:44| 290,816 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:44| 288,768 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:46| 286,208 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:46| 281,600 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:46| 286,720 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:47| 292,352 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:48| 242,176 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:48| 243,200 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:49| 243,200 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:27| 46,080 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:28| 50,176 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:28| 48,640 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:29| 49,664 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:30| 51,712 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:31| 54,272 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 21:32| 48,128 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:31| 50,176 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:32| 47,616 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:32| 49,152 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:33| 50,688 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:34| 45,056 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:35| 49,152 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:36| 49,664 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:36| 39,936 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:37| 39,424 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:38| 47,616 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:39| 48,640 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:40| 51,200 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:40| 50,688 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:41| 49,664 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:41| 50,176 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:42| 49,152 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:43| 48,640 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:43| 50,176 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:44| 48,640 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:45| 49,664 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:45| 48,640 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:46| 48,128 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:47| 49,152 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:47| 48,128 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:48| 35,328 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:49| 35,328 \nJsproxy.dll| 11.0.9600.20112| 14-Aug-21| 3:16| 54,784 \nWininet.dll| 11.0.9600.20112| 14-Aug-21| 2:48| 4,858,880 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:27| 114,176 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:28| 130,560 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:28| 124,928 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:29| 122,880 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:30| 130,048 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:30| 138,240 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 21:33| 114,688 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:31| 131,584 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:32| 117,760 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:32| 122,368 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:33| 134,144 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:34| 107,008 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:34| 123,392 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:35| 127,488 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:36| 128,512 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:37| 88,576 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:37| 82,944 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:38| 125,440 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:38| 123,392 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:39| 120,320 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:40| 130,560 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:40| 129,024 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:41| 125,952 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:41| 129,024 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:42| 128,000 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:43| 123,904 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:43| 129,024 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:44| 123,904 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:45| 124,416 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:45| 121,856 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:46| 115,712 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:47| 123,904 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:47| 125,440 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:48| 72,704 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:49| 73,728 \nMsfeedsbs.dll| 11.0.9600.20112| 14-Aug-21| 2:53| 60,416 \nMsfeedsbs.mof| Not versioned| 14-Aug-21| 1:03| 1,574 \nMsfeedssync.exe| 11.0.9600.20112| 14-Aug-21| 3:24| 13,312 \nMicrosoft-windows-ie-htmlrendering.ptxml| Not versioned| 14-Aug-21| 0:51|\n3,228 \nMshtml.dll| 11.0.9600.20112| 14-Aug-21| 5:07| 25,759,232 \nMshtml.tlb| 11.0.9600.20112| 14-Aug-21| 3:35| 2,724,864 \nIeproxy.dll| 11.0.9600.20112| 14-Aug-21| 2:10| 870,400 \nIeshims.dll| 11.0.9600.20112| 14-Aug-21| 2:15| 387,072 \nIertutil.dll| 11.0.9600.20112| 14-Aug-21| 3:30| 2,916,864 \nSqmapi.dll| 6.2.9200.16384| 19-Aug-21| 20:26| 286,096 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:27| 2,066,432 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:28| 2,121,216 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:29| 2,075,648 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:29| 2,063,872 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:30| 2,314,240 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:31| 2,390,528 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 21:32| 2,033,152 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:31| 2,307,584 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:32| 2,255,872 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:33| 2,061,312 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:33| 2,326,016 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:34| 2,019,840 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:35| 2,071,040 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:35| 2,082,816 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:36| 2,307,584 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:37| 2,170,368 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:37| 2,153,984 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:38| 2,291,712 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:39| 2,283,520 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:39| 2,052,096 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:40| 2,301,952 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:40| 2,093,056 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:41| 2,075,648 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:42| 2,299,392 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:42| 2,094,592 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:43| 2,316,800 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:44| 2,305,536 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:44| 2,278,912 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:45| 2,285,568 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:46| 2,060,288 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:46| 2,315,776 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:47| 2,279,424 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:47| 2,324,992 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:48| 2,098,176 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:49| 1,890,304 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:50| 1,890,304 \nIeframe.dll| 11.0.9600.20112| 14-Aug-21| 2:52| 15,506,432 \nIeframe.ptxml| Not versioned| 14-Aug-21| 0:50| 24,486 \nInetres.adml| Not versioned| 19-Aug-21| 20:27| 463,373 \nInetres.adml| Not versioned| 19-Aug-21| 20:28| 751,275 \nInetres.adml| Not versioned| 19-Aug-21| 20:28| 526,348 \nInetres.adml| Not versioned| 19-Aug-21| 20:29| 499,703 \nInetres.adml| Not versioned| 19-Aug-21| 20:30| 552,385 \nInetres.adml| Not versioned| 19-Aug-21| 20:30| 944,608 \nInetres.adml| Not versioned| 19-Aug-21| 21:33| 457,561 \nInetres.adml| Not versioned| 19-Aug-21| 20:31| 543,993 \nInetres.adml| Not versioned| 19-Aug-21| 20:32| 751,549 \nInetres.adml| Not versioned| 19-Aug-21| 20:32| 526,607 \nInetres.adml| Not versioned| 19-Aug-21| 20:33| 575,888 \nInetres.adml| Not versioned| 19-Aug-21| 20:34| 463,373 \nInetres.adml| Not versioned| 19-Aug-21| 20:34| 751,415 \nInetres.adml| Not versioned| 19-Aug-21| 20:35| 570,790 \nInetres.adml| Not versioned| 19-Aug-21| 20:36| 548,171 \nInetres.adml| Not versioned| 19-Aug-21| 20:36| 639,283 \nInetres.adml| Not versioned| 19-Aug-21| 20:37| 525,516 \nInetres.adml| Not versioned| 19-Aug-21| 20:38| 751,258 \nInetres.adml| Not versioned| 19-Aug-21| 20:38| 751,415 \nInetres.adml| Not versioned| 19-Aug-21| 20:39| 488,538 \nInetres.adml| Not versioned| 19-Aug-21| 20:39| 548,544 \nInetres.adml| Not versioned| 19-Aug-21| 20:40| 559,392 \nInetres.adml| Not versioned| 19-Aug-21| 20:41| 535,118 \nInetres.adml| Not versioned| 19-Aug-21| 20:41| 541,505 \nInetres.adml| Not versioned| 19-Aug-21| 20:42| 751,201 \nInetres.adml| Not versioned| 19-Aug-21| 20:43| 804,521 \nInetres.adml| Not versioned| 19-Aug-21| 20:43| 751,577 \nInetres.adml| Not versioned| 19-Aug-21| 20:44| 751,384 \nInetres.adml| Not versioned| 19-Aug-21| 20:44| 751,345 \nInetres.adml| Not versioned| 19-Aug-21| 20:45| 503,959 \nInetres.adml| Not versioned| 19-Aug-21| 20:46| 751,347 \nInetres.adml| Not versioned| 19-Aug-21| 20:47| 521,634 \nInetres.adml| Not versioned| 19-Aug-21| 20:47| 751,305 \nInetres.adml| Not versioned| 19-Aug-21| 20:48| 420,094 \nInetres.adml| Not versioned| 19-Aug-21| 20:49| 436,663 \nInetres.admx| Not versioned| 11-Jul-21| 1:55| 1,678,023 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:27| 29,184 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:28| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:28| 32,768 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:29| 33,280 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:30| 35,328 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:31| 37,888 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 21:32| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:31| 34,304 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:32| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:32| 33,280 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:33| 34,304 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:34| 27,648 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:34| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:35| 34,304 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:36| 33,792 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:36| 23,040 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:37| 22,016 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:38| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:39| 31,232 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:39| 34,304 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:40| 35,840 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:41| 32,768 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:41| 33,280 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:42| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:43| 34,816 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:44| 33,280 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:44| 32,256 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:44| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:45| 32,768 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:46| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:47| 30,720 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:47| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:48| 16,384 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:48| 16,896 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:49| 16,896 \nJscript9.dll| 11.0.9600.20112| 14-Aug-21| 3:47| 5,508,096 \nJscript9diag.dll| 11.0.9600.20112| 14-Aug-21| 3:12| 814,592 \nJscript.dll| 5.8.9600.20112| 14-Aug-21| 3:12| 785,408 \nVbscript.dll| 5.8.9600.20112| 14-Aug-21| 3:22| 581,120 \nIexplore.exe| 11.0.9600.20112| 19-Aug-21| 18:56| 810,384 \nMshtml.dll| 11.0.9600.20112| 14-Aug-21| 3:33| 20,294,144 \nMshtml.tlb| 11.0.9600.20112| 14-Aug-21| 3:13| 2,724,864 \nWow64_microsoft-windows-ie-htmlrendering.ptxml| Not versioned| 14-Aug-21|\n1:05| 3,228 \nIe9props.propdesc| Not versioned| 21-Mar-21| 3:55| 2,843 \nIeframe.dll| 11.0.9600.20112| 14-Aug-21| 2:47| 13,881,856 \nWow64_ieframe.ptxml| Not versioned| 14-Aug-21| 1:05| 24,486 \nJscript9.dll| 11.0.9600.20112| 14-Aug-21| 2:52| 4,119,040 \nJscript9diag.dll| 11.0.9600.20112| 14-Aug-21| 2:55| 620,032 \nJscript.dll| 5.8.9600.20112| 14-Aug-21| 2:56| 653,824 \nVbscript.dll| 5.8.9600.20112| 14-Aug-21| 3:04| 498,176 \nUrlmon.dll| 11.0.9600.20112| 14-Aug-21| 2:19| 1,342,976 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:57| 46,592 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:57| 52,736 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:58| 51,200 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:59| 51,200 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:59| 56,320 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:00| 57,856 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:58| 49,664 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:01| 54,272 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:01| 47,616 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:03| 49,152 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:03| 55,296 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:04| 45,056 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:04| 51,712 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:05| 51,712 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:05| 53,248 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:06| 39,424 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:07| 35,840 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:08| 50,176 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:08| 51,200 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:09| 50,688 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:10| 52,736 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:10| 53,760 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:11| 54,272 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:12| 54,272 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:12| 52,736 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:13| 51,200 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:14| 53,248 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:14| 52,736 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 51,712 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 50,688 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:16| 50,688 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:17| 50,176 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:18| 30,720 \nWininet.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:19| 30,720 \nInetcpl.cpl| 11.0.9600.20112| 14-Aug-21| 2:35| 2,058,752 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:57| 307,200 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:57| 293,888 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:58| 290,304 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:59| 289,280 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:59| 299,008 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:00| 303,104 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:58| 282,112 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:01| 296,960 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:02| 283,648 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:02| 291,840 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:03| 299,520 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:04| 275,968 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:04| 290,816 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:05| 293,376 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:05| 296,960 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:06| 258,048 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:07| 256,512 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:08| 289,280 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:09| 288,256 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:09| 285,184 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:10| 295,424 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:10| 297,472 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:11| 292,864 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:12| 295,424 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:12| 294,400 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:13| 294,400 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:14| 292,864 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:14| 290,816 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 288,768 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 286,208 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:16| 281,600 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:17| 286,720 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:17| 292,352 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:18| 242,176 \nMshtml.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:19| 243,200 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:57| 46,080 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:57| 50,176 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:58| 48,640 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:59| 49,664 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:59| 51,712 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:00| 54,272 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:57| 48,128 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:01| 50,176 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:02| 47,616 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:02| 49,152 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:03| 50,688 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:04| 45,056 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:04| 49,152 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:05| 49,152 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:05| 49,664 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:06| 39,936 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:07| 39,424 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:08| 47,616 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:09| 48,640 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:10| 51,200 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:10| 50,688 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:11| 49,664 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:12| 50,176 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:12| 49,152 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:13| 48,640 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:14| 50,176 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:14| 48,640 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 49,664 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 48,640 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:16| 48,128 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:17| 49,152 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:17| 48,128 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:18| 35,328 \nUrlmon.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:19| 35,328 \nJsproxy.dll| 11.0.9600.20112| 14-Aug-21| 2:58| 47,104 \nWininet.dll| 11.0.9600.20112| 14-Aug-21| 2:27| 4,387,840 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 18:57| 114,176 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 18:57| 130,560 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 18:58| 124,928 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 18:59| 122,880 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 18:59| 130,048 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:00| 138,240 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 20:58| 114,688 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:01| 131,584 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:01| 117,760 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:02| 122,368 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:03| 134,144 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:03| 107,008 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:04| 123,392 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:05| 127,488 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:06| 128,512 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:06| 88,576 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:07| 82,944 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:08| 125,440 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:08| 123,392 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:09| 120,320 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:10| 130,560 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:10| 129,024 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:11| 125,952 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:12| 129,024 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:13| 128,000 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:13| 123,904 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:14| 129,024 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:14| 123,904 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 124,416 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 121,856 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:16| 115,712 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:17| 123,904 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:17| 125,440 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:18| 72,704 \nInetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-21| 19:19| 73,728 \nMsfeedsbs.dll| 11.0.9600.20112| 14-Aug-21| 2:42| 52,736 \nMsfeedsbs.mof| Not versioned| 14-Aug-21| 1:11| 1,574 \nMsfeedssync.exe| 11.0.9600.20112| 14-Aug-21| 3:04| 11,776 \nIeproxy.dll| 11.0.9600.20112| 14-Aug-21| 2:14| 310,784 \nIeshims.dll| 11.0.9600.20112| 14-Aug-21| 2:18| 290,304 \nIertutil.dll| 11.0.9600.20112| 14-Aug-21| 3:07| 2,308,608 \nSqmapi.dll| 6.2.9200.16384| 19-Aug-21| 18:56| 228,256 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:57| 2,066,432 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:58| 2,121,216 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:58| 2,075,648 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:59| 2,063,872 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:00| 2,314,240 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:01| 2,390,528 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:58| 2,033,152 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:01| 2,307,584 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:02| 2,255,872 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:03| 2,061,312 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:03| 2,326,016 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:04| 2,019,840 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:05| 2,071,040 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:05| 2,082,816 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:06| 2,307,584 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:07| 2,170,368 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:07| 2,153,984 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:08| 2,291,712 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:09| 2,283,520 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:09| 2,052,096 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:10| 2,301,952 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:11| 2,093,056 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:11| 2,075,648 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:12| 2,299,392 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:13| 2,094,592 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:13| 2,316,800 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:14| 2,305,536 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 2,278,912 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 2,285,568 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:16| 2,060,288 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:16| 2,315,776 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:17| 2,279,424 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:18| 2,324,992 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:18| 2,098,176 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:19| 1,890,304 \nIeframe.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:20| 1,890,304 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:57| 29,184 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:57| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:58| 32,768 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 18:59| 33,280 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:00| 35,328 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:00| 37,888 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 20:57| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:01| 34,304 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:01| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:02| 33,280 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:03| 34,304 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:03| 27,648 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:04| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:05| 34,304 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:05| 33,792 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:06| 23,040 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:07| 22,016 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:08| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:09| 31,232 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:10| 34,304 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:10| 35,840 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:11| 32,768 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:12| 33,280 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:12| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:13| 34,816 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:14| 33,280 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:14| 32,256 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:15| 32,768 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:16| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:17| 30,720 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:17| 29,696 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:18| 16,384 \nJscript9.dll.mui| 11.0.9600.20112| 19-Aug-21| 19:19| 16,896 \nPackage.cab| Not versioned| 19-Aug-21| 22:40| 302,983 \n \n### **Windows 7 and Windows Server 2008 R2**\n\n##\n\n __\n\nInternet Explorer 11 on all supported x86-based versions\n\n **File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nurlmon.dll| 11.0.9600.20112| 13-Aug-2021| 19:19| 1,342,976 \niexplore.exe| 11.0.9600.20112| 19-Aug-2021| 18:17| 810,400 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 31,744 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 36,352 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 35,328 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 34,816 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 36,864 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 39,424 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 32,768 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 37,376 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 33,280 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 34,816 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 38,400 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 30,720 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 34,816 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 35,328 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 36,864 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 25,600 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 24,576 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 35,840 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 34,304 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 34,304 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 36,352 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 35,840 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 34,816 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 35,840 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 35,840 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 34,304 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 35,840 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 34,816 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 34,816 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 34,816 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 33,280 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 34,304 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 34,304 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 20,992 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 21,504 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 21,504 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 46,592 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 52,736 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 51,200 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 51,200 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 56,320 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 57,856 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 49,664 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 54,272 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 47,616 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 49,152 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 55,296 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 45,056 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 51,712 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 51,712 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 53,248 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 39,424 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 35,840 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 50,176 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 51,200 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 50,688 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 52,736 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 53,760 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 54,272 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 54,272 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 52,736 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 51,200 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 53,248 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 52,736 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 51,712 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 50,688 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 50,688 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 50,176 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 50,176 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 30,720 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 30,720 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 30,720 \ninetcpl.cpl| 11.0.9600.20112| 13-Aug-2021| 19:35| 2,058,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 10,752 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 307,200 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 293,888 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 290,304 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 289,280 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 299,008 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 303,104 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 282,112 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 296,960 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 283,648 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 291,840 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 299,520 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 275,968 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 290,816 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 293,376 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 296,960 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 258,048 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 256,512 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 289,280 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 288,256 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 285,184 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 295,424 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 297,472 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 292,864 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 295,424 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 294,400 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 294,400 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 292,864 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 290,816 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 288,768 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 286,208 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 281,600 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 286,720 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 292,352 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 242,176 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 243,200 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 243,200 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 65,536 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 73,728 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 67,584 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 67,584 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 74,240 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 78,848 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 61,440 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 74,752 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 62,464 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 68,096 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 75,264 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 65,536 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 68,608 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 72,192 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 73,216 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 41,472 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 37,888 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 68,608 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 67,584 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 65,536 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 74,240 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 70,656 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 71,168 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 71,680 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 71,168 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 69,632 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 68,096 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 68,608 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 68,096 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 65,536 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 59,904 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 65,536 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 69,120 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 29,696 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 30,720 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 30,720 \nJavaScriptCollectionAgent.dll| 11.0.9600.20112| 13-Aug-2021| 19:45| 60,416 \nDiagnosticsHub.ScriptedSandboxPlugin.dll| 11.0.9600.20112| 13-Aug-2021| 19:46|\n230,912 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 46,080 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 50,176 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 48,640 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 49,664 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 51,712 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 54,272 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 48,128 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 50,176 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 47,616 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 49,152 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 50,688 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 45,056 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 49,152 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 49,152 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 49,664 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 39,936 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 39,424 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 47,616 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 47,616 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 48,640 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 51,200 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 50,688 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 49,664 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 50,176 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 49,152 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 48,640 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 50,176 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 48,640 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 49,664 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 48,640 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 48,128 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 49,152 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 48,128 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 35,328 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 35,328 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 35,328 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 9,728 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 9,728 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 11,264 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 9,728 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 9,216 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 7,680 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 7,680 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 9,728 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 9,728 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 9,728 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 6,656 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 6,656 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 6,656 \nwininet.dll| 11.0.9600.20112| 13-Aug-2021| 19:27| 4,387,840 \njsproxy.dll| 11.0.9600.20112| 13-Aug-2021| 19:58| 47,104 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 114,176 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 130,560 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 124,928 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 122,880 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 130,048 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 138,240 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 114,688 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 131,584 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 117,760 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 122,368 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 134,144 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 107,008 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 123,392 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 127,488 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 128,512 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 88,576 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 82,944 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 125,440 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 123,392 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 120,320 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 130,560 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 129,024 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 125,952 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 129,024 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 128,000 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 129,024 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 124,416 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 121,856 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 115,712 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 125,440 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 72,704 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 73,728 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 73,728 \niedkcs32.dll| 18.0.9600.20112| 19-Aug-2021| 18:17| 341,920 \ninstall.ins| Not versioned| 13-Aug-2021| 17:57| 464 \nieapfltr.dat| 10.0.9301.0| 20-Mar-2021| 20:53| 616,104 \nieapfltr.dll| 11.0.9600.20112| 13-Aug-2021| 19:16| 710,656 \ntdc.ocx| 11.0.9600.20112| 13-Aug-2021| 19:44| 73,728 \nDiagnosticsHub.DataWarehouse.dll| 11.0.9600.20112| 13-Aug-2021| 20:06| 489,472 \niedvtool.dll| 11.0.9600.20112| 13-Aug-2021| 20:33| 772,608 \nDiagnosticsHub_is.dll| 11.0.9600.20112| 13-Aug-2021| 20:07| 38,912 \ndxtmsft.dll| 11.0.9600.20112| 13-Aug-2021| 19:49| 415,744 \ndxtrans.dll| 11.0.9600.20112| 13-Aug-2021| 19:41| 280,064 \nMicrosoft-Windows-IE-F12-Provider.ptxml| Not versioned| 13-Aug-2021| 18:03|\n11,892 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 3,584 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 3,584 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 3,584 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 3,584 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 3,584 \nDiagnosticsTap.dll| 11.0.9600.20112| 13-Aug-2021| 19:48| 175,104 \nF12Resources.dll| 11.0.9600.20112| 13-Aug-2021| 20:10| 10,948,096 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 2,048 \nF12Tools.dll| 11.0.9600.20112| 13-Aug-2021| 19:47| 256,000 \nF12.dll| 11.0.9600.20112| 13-Aug-2021| 19:39| 1,207,808 \nmsfeeds.dll| 11.0.9600.20112| 13-Aug-2021| 19:35| 696,320 \nmsfeeds.mof| Not versioned| 13-Aug-2021| 18:11| 1,518 \nmsfeedsbs.mof| Not versioned| 13-Aug-2021| 18:11| 1,574 \nmsfeedsbs.dll| 11.0.9600.20112| 13-Aug-2021| 19:42| 52,736 \nmsfeedssync.exe| 11.0.9600.20112| 13-Aug-2021| 20:04| 11,776 \nhtml.iec| 2019.0.0.20112| 13-Aug-2021| 20:03| 341,504 \nmshtmled.dll| 11.0.9600.20112| 13-Aug-2021| 19:41| 76,800 \nmshtmlmedia.dll| 11.0.9600.20112| 13-Aug-2021| 19:33| 1,155,584 \nmshtml.dll| 11.0.9600.20112| 13-Aug-2021| 20:33| 20,294,144 \nmshtml.tlb| 11.0.9600.20112| 13-Aug-2021| 20:13| 2,724,864 \nMicrosoft-Windows-IE-HTMLRendering.ptxml| Not versioned| 13-Aug-2021| 18:03|\n3,228 \nieetwcollector.exe| 11.0.9600.20112| 13-Aug-2021| 19:56| 104,960 \nieetwproxystub.dll| 11.0.9600.20112| 13-Aug-2021| 20:03| 47,616 \nieetwcollectorres.dll| 11.0.9600.20112| 13-Aug-2021| 20:13| 4,096 \nielowutil.exe| 11.0.9600.20112| 13-Aug-2021| 19:57| 221,184 \nieproxy.dll| 11.0.9600.20112| 13-Aug-2021| 19:14| 310,784 \nIEShims.dll| 11.0.9600.20112| 13-Aug-2021| 19:18| 290,304 \nWindows Pop-up Blocked.wav| Not versioned| 20-Mar-2021| 21:02| 85,548 \nWindows Information Bar.wav| Not versioned| 20-Mar-2021| 21:02| 23,308 \nWindows Feed Discovered.wav| Not versioned| 20-Mar-2021| 21:02| 19,884 \nWindows Navigation Start.wav| Not versioned| 20-Mar-2021| 21:02| 11,340 \nbing.ico| Not versioned| 20-Mar-2021| 20:55| 5,430 \nieUnatt.exe| 11.0.9600.20112| 13-Aug-2021| 19:56| 115,712 \nMicrosoft-Windows-IE-InternetExplorer-ppdlic.xrm-ms| Not versioned|\n19-Aug-2021| 20:18| 2,956 \njsprofilerui.dll| 11.0.9600.20112| 13-Aug-2021| 19:43| 579,584 \nMemoryAnalyzer.dll| 11.0.9600.20112| 13-Aug-2021| 19:53| 1,399,296 \nMshtmlDac.dll| 11.0.9600.20112| 13-Aug-2021| 20:02| 64,000 \nnetworkinspection.dll| 11.0.9600.20112| 13-Aug-2021| 19:39| 1,075,200 \noccache.dll| 11.0.9600.20112| 13-Aug-2021| 19:40| 130,048 \ndesktop.ini| Not versioned| 20-Mar-2021| 20:54| 65 \nwebcheck.dll| 11.0.9600.20112| 13-Aug-2021| 19:35| 230,400 \ndesktop.ini| Not versioned| 20-Mar-2021| 20:54| 65 \nmsrating.dll| 11.0.9600.20112| 13-Aug-2021| 19:43| 168,960 \nicrav03.rat| Not versioned| 20-Mar-2021| 20:54| 8,798 \nticrf.rat| Not versioned| 20-Mar-2021| 20:54| 1,988 \niertutil.dll| 11.0.9600.20112| 13-Aug-2021| 20:07| 2,308,608 \nsqmapi.dll| 6.2.9200.16384| 19-Aug-2021| 18:17| 228,232 \nie4uinit.exe| 11.0.9600.20112| 13-Aug-2021| 19:34| 692,224 \niernonce.dll| 11.0.9600.20112| 13-Aug-2021| 19:58| 30,720 \niesetup.dll| 11.0.9600.20112| 13-Aug-2021| 20:04| 62,464 \nieuinit.inf| Not versioned| 13-Aug-2021| 18:56| 16,303 \ninseng.dll| 11.0.9600.20112| 13-Aug-2021| 19:44| 91,136 \nTimeline.dll| 11.0.9600.20112| 13-Aug-2021| 19:43| 154,112 \nTimeline_is.dll| 11.0.9600.20112| 13-Aug-2021| 19:58| 124,928 \nTimeline.cpu.xml| Not versioned| 20-Mar-2021| 20:54| 3,197 \nVGX.dll| 11.0.9600.20112| 13-Aug-2021| 19:41| 818,176 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 2,066,432 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 2,121,216 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 2,075,648 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 2,063,872 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 2,314,240 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 2,390,528 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 3,584 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 2,033,152 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 2,307,584 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 2,255,872 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 2,061,312 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 2,326,016 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 3,584 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 2,019,840 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 2,071,040 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 2,082,816 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 3,584 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 2,307,584 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 2,170,368 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 2,153,984 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 2,291,712 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 2,283,520 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 2,052,096 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 2,301,952 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 3,584 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 2,093,056 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 2,075,648 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 2,299,392 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 2,094,592 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 2,316,800 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 3,584 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 2,305,536 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 2,278,912 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 2,285,568 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 3,584 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 2,060,288 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 2,315,776 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 2,279,424 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 2,324,992 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 2,098,176 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 1,890,304 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 1,890,304 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 3,072 \nieframe.dll| 11.0.9600.20112| 13-Aug-2021| 19:47| 13,881,856 \nieui.dll| 11.0.9600.20112| 13-Aug-2021| 19:58| 476,160 \nieframe.ptxml| Not versioned| 13-Aug-2021| 18:03| 24,486 \nieinstal.exe| 11.0.9600.20112| 13-Aug-2021| 19:41| 475,648 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:18| 463,373 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:18| 751,393 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:19| 526,345 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:20| 499,704 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:20| 552,385 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:21| 944,608 \nInetRes.adml| Not versioned| 19-Aug-2021| 20:19| 457,561 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:22| 543,996 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:22| 751,291 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:23| 526,607 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:24| 575,888 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:24| 463,373 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:25| 751,492 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:26| 570,786 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:26| 548,169 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:27| 639,283 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:28| 525,516 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:28| 751,380 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:29| 751,403 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:30| 488,537 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:30| 548,546 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:31| 559,391 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:32| 535,116 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:32| 541,506 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:33| 751,385 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:34| 804,522 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:34| 751,502 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:35| 751,349 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:35| 751,327 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:36| 503,959 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:37| 751,523 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:37| 521,630 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:38| 751,288 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:39| 420,094 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:39| 436,663 \nInetRes.adml| Not versioned| 19-Aug-2021| 18:40| 436,663 \ninetres.admx| Not versioned| 20-Mar-2021| 21:22| 1,678,023 \nMsSpellCheckingFacility.exe| 6.3.9600.20112| 13-Aug-2021| 19:51| 668,672 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 29,184 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 32,768 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 33,280 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 35,328 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 37,888 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 34,304 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 33,280 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 34,304 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 27,648 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 34,304 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 33,792 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 23,040 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 22,016 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 31,232 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 34,304 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 35,840 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 32,768 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 33,280 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 34,816 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 33,280 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 32,256 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 32,768 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 30,720 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 16,384 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 16,896 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 16,896 \njscript9.dll| 11.0.9600.20112| 13-Aug-2021| 19:52| 4,119,040 \njscript9diag.dll| 11.0.9600.20112| 13-Aug-2021| 19:55| 620,032 \njscript.dll| 5.8.9600.20112| 13-Aug-2021| 19:56| 653,824 \nvbscript.dll| 5.8.9600.20112| 13-Aug-2021| 20:04| 498,176 \n \n##\n\n __\n\nInternet Explorer 11 on all supported x64-based versions\n\n **File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nurlmon.dll| 11.0.9600.20112| 13-Aug-2021| 19:28| 1,562,624 \niexplore.exe| 11.0.9600.20112| 19-Aug-2021| 19:48| 810,376 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:49| 31,744 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:50| 36,352 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:50| 35,328 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:51| 34,816 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:51| 36,864 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:52| 39,424 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:53| 32,768 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 37,376 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 33,280 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:54| 34,816 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 38,400 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 30,720 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:56| 34,816 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 35,328 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 36,864 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:58| 25,600 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 24,576 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 35,840 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:00| 34,304 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:00| 34,304 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:01| 36,352 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 35,840 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 34,816 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:03| 35,840 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 35,840 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 34,304 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 35,840 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 34,816 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:06| 34,816 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 34,816 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:08| 33,280 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:08| 34,304 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:09| 34,304 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:10| 20,992 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:10| 21,504 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:11| 21,504 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:49| 46,592 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:50| 52,736 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:50| 51,200 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:51| 51,200 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:51| 56,320 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:52| 57,856 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:53| 49,664 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 54,272 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 47,616 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:54| 49,152 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 55,296 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 45,056 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:56| 51,712 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 51,712 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 53,248 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:58| 39,424 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 35,840 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 50,176 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:00| 51,200 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:00| 50,688 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:01| 52,736 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 53,760 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 54,272 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:03| 54,272 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 52,736 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 51,200 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 53,248 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 52,736 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:06| 51,712 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 50,688 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 50,688 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:08| 50,176 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:09| 50,176 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:09| 30,720 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:10| 30,720 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:11| 30,720 \ninetcpl.cpl| 11.0.9600.20112| 13-Aug-2021| 19:40| 2,132,992 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:49| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:50| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:50| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:51| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:52| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:52| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:53| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:54| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:56| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:58| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:00| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:00| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:01| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:03| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:06| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:08| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:09| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:09| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:10| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:11| 10,752 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:49| 307,200 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:50| 293,888 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:50| 290,304 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:51| 289,280 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:51| 299,008 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 303,104 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:53| 282,112 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 296,960 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:54| 283,648 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:54| 291,840 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 299,520 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 275,968 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:56| 290,816 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 293,376 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 296,960 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:58| 258,048 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 256,512 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 289,280 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:00| 288,256 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:00| 285,184 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:01| 295,424 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 297,472 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 292,864 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:03| 295,424 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 294,400 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 294,400 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 292,864 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 290,816 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:06| 288,768 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 286,208 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 281,600 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:08| 286,720 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:09| 292,352 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:09| 242,176 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:10| 243,200 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:11| 243,200 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:49| 65,536 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:50| 73,728 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:50| 67,584 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:51| 67,584 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:52| 74,240 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:52| 78,848 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:53| 61,440 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 74,752 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 62,464 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:54| 68,096 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 75,264 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 65,536 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:56| 68,608 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 72,192 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 73,216 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:58| 41,472 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 37,888 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 68,608 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:00| 67,584 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:00| 65,536 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:01| 74,240 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 70,656 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 71,168 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:03| 71,680 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 71,168 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 69,632 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 68,096 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 68,608 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:06| 68,096 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 65,536 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 59,904 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:08| 65,536 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:09| 69,120 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:09| 29,696 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:10| 30,720 \nF12Resources.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:11| 30,720 \nJavaScriptCollectionAgent.dll| 11.0.9600.20112| 13-Aug-2021| 19:57| 77,824 \nDiagnosticsHub.ScriptedSandboxPlugin.dll| 11.0.9600.20112| 13-Aug-2021| 19:58|\n276,480 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:49| 46,080 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:50| 50,176 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:50| 48,640 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:51| 49,664 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:51| 51,712 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:52| 54,272 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:53| 48,128 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 50,176 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 47,616 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:54| 49,152 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 50,688 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 45,056 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:56| 49,152 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 49,152 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:58| 49,664 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:58| 39,936 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 39,424 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 47,616 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:00| 47,616 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:01| 48,640 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:01| 51,200 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 50,688 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 49,664 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:03| 50,176 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 49,152 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 48,640 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 50,176 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 48,640 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:06| 49,664 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 48,640 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 48,128 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:08| 49,152 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:09| 48,128 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:09| 35,328 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:10| 35,328 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:11| 35,328 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:49| 9,728 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:50| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:50| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:51| 9,728 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:52| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 11,264 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:53| 9,728 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:54| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:54| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 9,216 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:56| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:58| 7,680 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 7,680 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:00| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:00| 9,728 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:01| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:03| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:06| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 9,728 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 9,728 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:08| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:09| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:09| 6,656 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:10| 6,656 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:11| 6,656 \nwininet.dll| 11.0.9600.20112| 13-Aug-2021| 19:48| 4,858,880 \njsproxy.dll| 11.0.9600.20112| 13-Aug-2021| 20:16| 54,784 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 19:49| 114,176 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 19:50| 130,560 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 19:51| 124,928 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 19:51| 122,880 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 19:51| 130,048 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 19:52| 138,240 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 20:53| 114,688 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 131,584 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 117,760 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 19:54| 122,368 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 134,144 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 107,008 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 19:56| 123,392 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 127,488 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 128,512 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 19:58| 88,576 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 82,944 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 125,440 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 20:00| 123,392 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 20:01| 120,320 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 20:01| 130,560 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 129,024 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 125,952 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 20:03| 129,024 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 128,000 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 129,024 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 20:06| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 20:06| 124,416 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 121,856 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 115,712 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 20:08| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 20:09| 125,440 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 20:10| 72,704 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 20:10| 73,728 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 20:11| 73,728 \niedkcs32.dll| 18.0.9600.20112| 19-Aug-2021| 19:48| 390,544 \ninstall.ins| Not versioned| 13-Aug-2021| 17:52| 464 \nieapfltr.dat| 10.0.9301.0| 5-Mar-2021| 22:14| 616,104 \nieapfltr.dll| 11.0.9600.20112| 13-Aug-2021| 19:11| 800,768 \ntdc.ocx| 11.0.9600.20112| 13-Aug-2021| 19:57| 88,064 \nDiagnosticsHub.DataWarehouse.dll| 11.0.9600.20112| 13-Aug-2021| 20:25| 666,624 \niedvtool.dll| 11.0.9600.20112| 13-Aug-2021| 22:07| 950,784 \nDiagnosticsHub_is.dll| 11.0.9600.20112| 13-Aug-2021| 20:27| 50,176 \ndxtmsft.dll| 11.0.9600.20112| 13-Aug-2021| 20:03| 491,008 \ndxtrans.dll| 11.0.9600.20112| 13-Aug-2021| 19:51| 316,416 \nMicrosoft-Windows-IE-F12-Provider.ptxml| Not versioned| 13-Aug-2021| 17:50|\n11,892 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:49| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:49| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:50| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:51| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:52| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:53| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:54| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:56| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:58| 3,584 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 3,584 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:00| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:00| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:01| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:01| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:03| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:06| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:08| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:09| 4,096 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:09| 3,584 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:10| 3,584 \nF12.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:11| 3,584 \nDiagnosticsTap.dll| 11.0.9600.20112| 13-Aug-2021| 20:02| 245,248 \nF12Resources.dll| 11.0.9600.20112| 13-Aug-2021| 20:30| 10,949,120 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:49| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:50| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:50| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:51| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:52| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:52| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:53| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:54| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:56| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:58| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:00| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:01| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:01| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:03| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:06| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:08| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:09| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:09| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:10| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:11| 2,048 \nF12Tools.dll| 11.0.9600.20112| 13-Aug-2021| 20:01| 372,224 \nF12.dll| 11.0.9600.20112| 13-Aug-2021| 19:48| 1,422,848 \nmsfeeds.dll| 11.0.9600.20112| 13-Aug-2021| 19:42| 809,472 \nmsfeeds.mof| Not versioned| 13-Aug-2021| 18:03| 1,518 \nmsfeedsbs.mof| Not versioned| 13-Aug-2021| 18:03| 1,574 \nmsfeedsbs.dll| 11.0.9600.20112| 13-Aug-2021| 19:53| 60,416 \nmsfeedssync.exe| 11.0.9600.20112| 13-Aug-2021| 20:24| 13,312 \nhtml.iec| 2019.0.0.20112| 13-Aug-2021| 20:22| 417,280 \nmshtmled.dll| 11.0.9600.20112| 13-Aug-2021| 19:53| 92,672 \nmshtmlmedia.dll| 11.0.9600.20112| 13-Aug-2021| 19:40| 1,359,872 \nmshtml.dll| 11.0.9600.20112| 13-Aug-2021| 22:07| 25,759,232 \nmshtml.tlb| 11.0.9600.20112| 13-Aug-2021| 20:35| 2,724,864 \nMicrosoft-Windows-IE-HTMLRendering.ptxml| Not versioned| 13-Aug-2021| 17:51|\n3,228 \nieetwcollector.exe| 11.0.9600.20112| 13-Aug-2021| 20:12| 116,224 \nieetwproxystub.dll| 11.0.9600.20112| 13-Aug-2021| 20:22| 48,640 \nieetwcollectorres.dll| 11.0.9600.20112| 13-Aug-2021| 20:34| 4,096 \nielowutil.exe| 11.0.9600.20112| 13-Aug-2021| 20:14| 222,720 \nieproxy.dll| 11.0.9600.20112| 13-Aug-2021| 19:10| 870,400 \nIEShims.dll| 11.0.9600.20112| 13-Aug-2021| 19:15| 387,072 \nWindows Pop-up Blocked.wav| Not versioned| 5-Mar-2021| 22:16| 85,548 \nWindows Information Bar.wav| Not versioned| 5-Mar-2021| 22:16| 23,308 \nWindows Feed Discovered.wav| Not versioned| 5-Mar-2021| 22:16| 19,884 \nWindows Navigation Start.wav| Not versioned| 5-Mar-2021| 22:16| 11,340 \nbing.ico| Not versioned| 5-Mar-2021| 22:15| 5,430 \nieUnatt.exe| 11.0.9600.20112| 13-Aug-2021| 20:12| 144,384 \nMicrosoft-Windows-IE-InternetExplorer-ppdlic.xrm-ms| Not versioned|\n19-Aug-2021| 20:52| 2,956 \njsprofilerui.dll| 11.0.9600.20112| 13-Aug-2021| 19:54| 628,736 \nMemoryAnalyzer.dll| 11.0.9600.20112| 13-Aug-2021| 20:10| 1,862,656 \nMshtmlDac.dll| 11.0.9600.20112| 13-Aug-2021| 20:21| 88,064 \nnetworkinspection.dll| 11.0.9600.20112| 13-Aug-2021| 19:49| 1,217,024 \noccache.dll| 11.0.9600.20112| 13-Aug-2021| 19:49| 152,064 \ndesktop.ini| Not versioned| 5-Mar-2021| 22:14| 65 \nwebcheck.dll| 11.0.9600.20112| 13-Aug-2021| 19:42| 262,144 \ndesktop.ini| Not versioned| 5-Mar-2021| 22:14| 65 \nmsrating.dll| 11.0.9600.20112| 13-Aug-2021| 19:53| 199,680 \nicrav03.rat| Not versioned| 5-Mar-2021| 22:14| 8,798 \nticrf.rat| Not versioned| 5-Mar-2021| 22:14| 1,988 \niertutil.dll| 11.0.9600.20112| 13-Aug-2021| 20:30| 2,916,864 \nsqmapi.dll| 6.2.9200.16384| 19-Aug-2021| 19:48| 286,088 \nie4uinit.exe| 11.0.9600.20112| 13-Aug-2021| 19:40| 728,064 \niernonce.dll| 11.0.9600.20112| 13-Aug-2021| 20:15| 34,304 \niesetup.dll| 11.0.9600.20112| 13-Aug-2021| 20:23| 66,560 \nieuinit.inf| Not versioned| 13-Aug-2021| 18:52| 16,303 \ninseng.dll| 11.0.9600.20112| 13-Aug-2021| 19:56| 107,520 \nTimeline.dll| 11.0.9600.20112| 13-Aug-2021| 19:55| 219,648 \nTimeline_is.dll| 11.0.9600.20112| 13-Aug-2021| 20:15| 172,032 \nTimeline.cpu.xml| Not versioned| 5-Mar-2021| 22:14| 3,197 \nVGX.dll| 11.0.9600.20112| 13-Aug-2021| 19:53| 1,018,880 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:49| 2,066,432 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:49| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:50| 2,121,216 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:50| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:50| 2,075,648 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:50| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:51| 2,063,872 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:51| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:52| 2,314,240 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:52| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:52| 2,390,528 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:52| 3,584 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:53| 2,033,152 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:53| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 2,307,584 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:54| 2,255,872 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:54| 2,061,312 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:54| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 2,326,016 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 3,584 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:56| 2,019,840 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:56| 2,071,040 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:56| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 2,082,816 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 3,584 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:58| 2,307,584 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:58| 2,170,368 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:58| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 2,153,984 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:00| 2,291,712 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:00| 2,283,520 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:00| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:01| 2,052,096 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:00| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:01| 2,301,952 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:01| 3,584 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 2,093,056 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:03| 2,075,648 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:03| 2,299,392 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:03| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 2,094,592 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 2,316,800 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 3,584 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 2,305,536 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:06| 2,278,912 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:06| 2,285,568 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:06| 3,584 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 2,060,288 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:08| 2,315,776 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:08| 2,279,424 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:08| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:09| 2,324,992 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:09| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:10| 2,098,176 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:09| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:10| 1,890,304 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:10| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:11| 1,890,304 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:11| 3,072 \nieframe.dll| 11.0.9600.20112| 13-Aug-2021| 19:52| 15,506,432 \nieui.dll| 11.0.9600.20112| 13-Aug-2021| 20:14| 615,936 \nieframe.ptxml| Not versioned| 13-Aug-2021| 17:50| 24,486 \nieinstal.exe| 11.0.9600.20112| 13-Aug-2021| 19:51| 492,032 \nInetRes.adml| Not versioned| 19-Aug-2021| 19:49| 463,373 \nInetRes.adml| Not versioned| 19-Aug-2021| 19:50| 751,460 \nInetRes.adml| Not versioned| 19-Aug-2021| 19:50| 526,344 \nInetRes.adml| Not versioned| 19-Aug-2021| 19:51| 499,707 \nInetRes.adml| Not versioned| 19-Aug-2021| 19:52| 552,390 \nInetRes.adml| Not versioned| 19-Aug-2021| 19:52| 944,611 \nInetRes.adml| Not versioned| 19-Aug-2021| 20:53| 457,561 \nInetRes.adml| Not versioned| 19-Aug-2021| 19:53| 543,995 \nInetRes.adml| Not versioned| 19-Aug-2021| 19:53| 751,322 \nInetRes.adml| Not versioned| 19-Aug-2021| 19:54| 526,606 \nInetRes.adml| Not versioned| 19-Aug-2021| 19:55| 575,890 \nInetRes.adml| Not versioned| 19-Aug-2021| 19:55| 463,373 \nInetRes.adml| Not versioned| 19-Aug-2021| 19:56| 751,159 \nInetRes.adml| Not versioned| 19-Aug-2021| 19:57| 570,788 \nInetRes.adml| Not versioned| 19-Aug-2021| 19:57| 548,168 \nInetRes.adml| Not versioned| 19-Aug-2021| 19:58| 639,283 \nInetRes.adml| Not versioned| 19-Aug-2021| 19:59| 525,516 \nInetRes.adml| Not versioned| 19-Aug-2021| 19:59| 751,384 \nInetRes.adml| Not versioned| 19-Aug-2021| 20:00| 751,462 \nInetRes.adml| Not versioned| 19-Aug-2021| 20:01| 488,539 \nInetRes.adml| Not versioned| 19-Aug-2021| 20:01| 548,544 \nInetRes.adml| Not versioned| 19-Aug-2021| 20:02| 559,392 \nInetRes.adml| Not versioned| 19-Aug-2021| 20:02| 535,117 \nInetRes.adml| Not versioned| 19-Aug-2021| 20:03| 541,508 \nInetRes.adml| Not versioned| 19-Aug-2021| 20:04| 751,367 \nInetRes.adml| Not versioned| 19-Aug-2021| 20:04| 804,518 \nInetRes.adml| Not versioned| 19-Aug-2021| 20:05| 751,481 \nInetRes.adml| Not versioned| 19-Aug-2021| 20:05| 751,405 \nInetRes.adml| Not versioned| 19-Aug-2021| 20:06| 751,372 \nInetRes.adml| Not versioned| 19-Aug-2021| 20:07| 503,957 \nInetRes.adml| Not versioned| 19-Aug-2021| 20:07| 751,322 \nInetRes.adml| Not versioned| 19-Aug-2021| 20:08| 521,632 \nInetRes.adml| Not versioned| 19-Aug-2021| 20:09| 751,407 \nInetRes.adml| Not versioned| 19-Aug-2021| 20:09| 420,094 \nInetRes.adml| Not versioned| 19-Aug-2021| 20:10| 436,663 \nInetRes.adml| Not versioned| 19-Aug-2021| 20:11| 436,663 \ninetres.admx| Not versioned| 10-Jul-2021| 18:55| 1,678,023 \nMsSpellCheckingFacility.exe| 6.3.9600.20112| 13-Aug-2021| 20:06| 970,752 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:49| 29,184 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:49| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:50| 32,768 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:51| 33,280 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:51| 35,328 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:52| 37,888 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:53| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:53| 34,304 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:54| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:54| 33,280 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 34,304 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:55| 27,648 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:56| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 34,304 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:57| 33,792 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:58| 23,040 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 22,016 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 19:59| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:00| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:01| 31,232 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:01| 34,304 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 35,840 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:02| 32,768 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:03| 33,280 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:04| 34,816 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 33,280 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:05| 32,256 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:06| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 32,768 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:07| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:08| 30,720 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:09| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:09| 16,384 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:10| 16,896 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:11| 16,896 \njscript9.dll| 11.0.9600.20112| 13-Aug-2021| 20:47| 5,508,096 \njscript9diag.dll| 11.0.9600.20112| 13-Aug-2021| 20:12| 814,592 \njscript.dll| 5.8.9600.20112| 13-Aug-2021| 20:12| 785,408 \nvbscript.dll| 5.8.9600.20112| 13-Aug-2021| 20:22| 581,120 \niexplore.exe| 11.0.9600.20112| 19-Aug-2021| 18:17| 810,400 \ntdc.ocx| 11.0.9600.20112| 13-Aug-2021| 19:44| 73,728 \ndxtmsft.dll| 11.0.9600.20112| 13-Aug-2021| 19:49| 415,744 \ndxtrans.dll| 11.0.9600.20112| 13-Aug-2021| 19:41| 280,064 \nmsfeeds.dll| 11.0.9600.20112| 13-Aug-2021| 19:35| 696,320 \nmsfeeds.mof| Not versioned| 13-Aug-2021| 18:11| 1,518 \nmshtmled.dll| 11.0.9600.20112| 13-Aug-2021| 19:41| 76,800 \nmshtmlmedia.dll| 11.0.9600.20112| 13-Aug-2021| 19:33| 1,155,584 \nmshtml.dll| 11.0.9600.20112| 13-Aug-2021| 20:33| 20,294,144 \nmshtml.tlb| 11.0.9600.20112| 13-Aug-2021| 20:13| 2,724,864 \nwow64_Microsoft-Windows-IE-HTMLRendering.ptxml| Not versioned| 13-Aug-2021|\n18:05| 3,228 \nieetwproxystub.dll| 11.0.9600.20112| 13-Aug-2021| 20:03| 47,616 \nieUnatt.exe| 11.0.9600.20112| 13-Aug-2021| 19:56| 115,712 \noccache.dll| 11.0.9600.20112| 13-Aug-2021| 19:40| 130,048 \nwebcheck.dll| 11.0.9600.20112| 13-Aug-2021| 19:35| 230,400 \niernonce.dll| 11.0.9600.20112| 13-Aug-2021| 19:58| 30,720 \niesetup.dll| 11.0.9600.20112| 13-Aug-2021| 20:04| 62,464 \nieuinit.inf| Not versioned| 13-Aug-2021| 18:56| 16,303 \nieframe.dll| 11.0.9600.20112| 13-Aug-2021| 19:47| 13,881,856 \nieui.dll| 11.0.9600.20112| 13-Aug-2021| 19:58| 476,160 \nie9props.propdesc| Not versioned| 20-Mar-2021| 20:55| 2,843 \nwow64_ieframe.ptxml| Not versioned| 13-Aug-2021| 18:05| 24,486 \njscript9.dll| 11.0.9600.20112| 13-Aug-2021| 19:52| 4,119,040 \njscript9diag.dll| 11.0.9600.20112| 13-Aug-2021| 19:55| 620,032 \njscript.dll| 5.8.9600.20112| 13-Aug-2021| 19:56| 653,824 \nvbscript.dll| 5.8.9600.20112| 13-Aug-2021| 20:04| 498,176 \nurlmon.dll| 11.0.9600.20112| 13-Aug-2021| 19:19| 1,342,976 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 31,744 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 36,352 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 35,328 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 34,816 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 36,864 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 39,424 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 32,768 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 37,376 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 33,280 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 34,816 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 38,400 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 30,720 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 34,816 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 35,328 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 36,864 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 25,600 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 24,576 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 35,840 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 34,304 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 34,304 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 36,352 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 35,840 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 34,816 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 35,840 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 35,840 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 34,304 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 35,840 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 34,816 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 34,816 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 34,816 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 33,280 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 34,304 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 34,304 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 20,992 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 21,504 \nwebcheck.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 21,504 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 46,592 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 52,736 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 51,200 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 51,200 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 56,320 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 57,856 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 49,664 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 54,272 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 47,616 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 49,152 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 55,296 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 45,056 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 51,712 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 51,712 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 53,248 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 39,424 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 35,840 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 50,176 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 51,200 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 50,688 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 52,736 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 53,760 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 54,272 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 54,272 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 52,736 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 51,200 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 53,248 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 52,736 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 51,712 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 50,688 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 50,688 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 50,176 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 50,176 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 30,720 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 30,720 \nwininet.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 30,720 \ninetcpl.cpl| 11.0.9600.20112| 13-Aug-2021| 19:35| 2,058,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 10,752 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 307,200 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 293,888 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 290,304 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 289,280 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 299,008 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 303,104 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 282,112 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 296,960 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 283,648 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 291,840 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 299,520 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 275,968 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 290,816 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 293,376 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 296,960 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 258,048 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 256,512 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 289,280 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 288,256 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 285,184 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 295,424 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 297,472 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 292,864 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 295,424 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 294,400 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 294,400 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 292,864 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 290,816 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 288,768 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 286,208 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 281,600 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 286,720 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 292,352 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 242,176 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 243,200 \nmshtml.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 243,200 \nJavaScriptCollectionAgent.dll| 11.0.9600.20112| 13-Aug-2021| 19:45| 60,416 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 46,080 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 50,176 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 48,640 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 49,664 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 51,712 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 54,272 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 48,128 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 50,176 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 47,616 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 49,152 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 50,688 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 45,056 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 49,152 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 49,152 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 49,664 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 39,936 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 39,424 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 47,616 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 47,616 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 48,640 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 51,200 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 50,688 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 49,664 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 50,176 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 49,152 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 48,640 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 50,176 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 48,640 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 49,664 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 48,640 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 48,128 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 49,152 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 48,128 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 35,328 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 35,328 \nurlmon.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 35,328 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 9,728 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 9,728 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 11,264 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 9,728 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 9,216 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 7,680 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 7,680 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 9,728 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 10,752 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 9,728 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 9,728 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 10,240 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 6,656 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 6,656 \noccache.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 6,656 \nwininet.dll| 11.0.9600.20112| 13-Aug-2021| 19:27| 4,387,840 \njsproxy.dll| 11.0.9600.20112| 13-Aug-2021| 19:58| 47,104 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 114,176 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 130,560 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 124,928 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 122,880 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 130,048 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 138,240 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 114,688 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 131,584 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 117,760 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 122,368 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 134,144 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 107,008 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 123,392 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 127,488 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 128,512 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 88,576 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 82,944 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 125,440 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 123,392 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 120,320 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 130,560 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 129,024 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 125,952 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 129,024 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 128,000 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 129,024 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 124,416 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 121,856 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 115,712 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 125,440 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 72,704 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 73,728 \ninetcpl.cpl.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 73,728 \niedkcs32.dll| 18.0.9600.20112| 19-Aug-2021| 18:17| 341,920 \ninstall.ins| Not versioned| 13-Aug-2021| 17:57| 464 \nieapfltr.dat| 10.0.9301.0| 20-Mar-2021| 20:53| 616,104 \nieapfltr.dll| 11.0.9600.20112| 13-Aug-2021| 19:16| 710,656 \niedvtool.dll| 11.0.9600.20112| 13-Aug-2021| 20:33| 772,608 \nDiagnosticsTap.dll| 11.0.9600.20112| 13-Aug-2021| 19:48| 175,104 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 2,048 \nF12Tools.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 2,048 \nF12Tools.dll| 11.0.9600.20112| 13-Aug-2021| 19:47| 256,000 \nmsfeedsbs.mof| Not versioned| 13-Aug-2021| 18:11| 1,574 \nmsfeedsbs.dll| 11.0.9600.20112| 13-Aug-2021| 19:42| 52,736 \nmsfeedssync.exe| 11.0.9600.20112| 13-Aug-2021| 20:04| 11,776 \nhtml.iec| 2019.0.0.20112| 13-Aug-2021| 20:03| 341,504 \nielowutil.exe| 11.0.9600.20112| 13-Aug-2021| 19:57| 221,184 \nieproxy.dll| 11.0.9600.20112| 13-Aug-2021| 19:14| 310,784 \nIEShims.dll| 11.0.9600.20112| 13-Aug-2021| 19:18| 290,304 \njsprofilerui.dll| 11.0.9600.20112| 13-Aug-2021| 19:43| 579,584 \nMshtmlDac.dll| 11.0.9600.20112| 13-Aug-2021| 20:02| 64,000 \nnetworkinspection.dll| 11.0.9600.20112| 13-Aug-2021| 19:39| 1,075,200 \nmsrating.dll| 11.0.9600.20112| 13-Aug-2021| 19:43| 168,960 \nicrav03.rat| Not versioned| 20-Mar-2021| 20:54| 8,798 \nticrf.rat| Not versioned| 20-Mar-2021| 20:54| 1,988 \niertutil.dll| 11.0.9600.20112| 13-Aug-2021| 20:07| 2,308,608 \nsqmapi.dll| 6.2.9200.16384| 19-Aug-2021| 18:17| 228,232 \ninseng.dll| 11.0.9600.20112| 13-Aug-2021| 19:44| 91,136 \nVGX.dll| 11.0.9600.20112| 13-Aug-2021| 19:41| 818,176 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 2,066,432 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 2,121,216 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 2,075,648 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 2,063,872 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 2,314,240 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 2,390,528 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 3,584 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 2,033,152 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 2,307,584 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 2,255,872 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 2,061,312 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 2,326,016 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 3,584 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 2,019,840 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 2,071,040 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 2,082,816 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 3,584 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 2,307,584 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 2,170,368 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 2,153,984 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 2,291,712 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 2,283,520 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 2,052,096 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 2,301,952 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 3,584 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 2,093,056 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 2,075,648 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 2,299,392 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 2,094,592 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 2,316,800 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 3,584 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 2,305,536 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 2,278,912 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 2,285,568 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 3,584 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 2,060,288 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 2,315,776 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 2,279,424 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 2,324,992 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 2,098,176 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 1,890,304 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 3,072 \nieframe.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 1,890,304 \nieui.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 3,072 \nieinstal.exe| 11.0.9600.20112| 13-Aug-2021| 19:41| 475,648 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 29,184 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:18| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:19| 32,768 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:20| 33,280 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 35,328 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:21| 37,888 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 20:19| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 34,304 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:22| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:23| 33,280 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 34,304 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:24| 27,648 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:25| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 34,304 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:26| 33,792 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:27| 23,040 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:28| 22,016 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:29| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 31,232 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:30| 34,304 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:31| 35,840 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 32,768 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:32| 33,280 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:33| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 34,816 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:34| 33,280 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:35| 32,256 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:36| 32,768 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:37| 30,720 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:38| 29,696 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 16,384 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:39| 16,896 \njscript9.dll.mui| 11.0.9600.20112| 19-Aug-2021| 18:40| 16,896 \n \n### **Windows Server 2008**\n\n##\n\n __\n\nInternet Explorer 9 on all supported x86-based versions\n\n **File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nurlmon.dll| 9.0.8112.21591| 9-Sep-2021| 2:06| 1,142,784 \niexplore.exe| 9.0.8112.21591| 9-Sep-2021| 2:17| 751,512 \ninetcpl.cpl| 9.0.8112.21591| 9-Sep-2021| 2:05| 1,427,968 \nwininet.dll| 9.0.8112.21591| 9-Sep-2021| 2:06| 1,132,544 \njsproxy.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 75,776 \nWininetPlugin.dll| 1.0.0.1| 9-Sep-2021| 2:05| 66,048 \ntdc.ocx| 9.0.8112.21591| 9-Sep-2021| 2:05| 63,488 \niedvtool.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 678,912 \ndxtmsft.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 354,304 \ndxtrans.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 223,744 \nmsfeeds.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 607,744 \nmsfeeds.mof| Not versioned| 9-Sep-2021| 1:40| 1,518 \nmsfeedsbs.mof| Not versioned| 9-Sep-2021| 1:40| 1,574 \nmsfeedsbs.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 41,472 \nmsfeedssync.exe| 9.0.8112.21591| 9-Sep-2021| 2:05| 10,752 \nmshta.exe| 9.0.8112.21591| 9-Sep-2021| 2:05| 11,776 \nhtml.iec| 2019.0.0.21586| 9-Sep-2021| 2:08| 367,616 \nmshtmled.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 72,704 \nmshtml.dll| 9.0.8112.21591| 9-Sep-2021| 2:10| 12,845,056 \nmshtml.tlb| 9.0.8112.21591| 9-Sep-2021| 2:05| 2,382,848 \nielowutil.exe| 9.0.8112.21591| 9-Sep-2021| 2:05| 223,232 \nieproxy.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 195,072 \nIEShims.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 194,560 \nExtExport.exe| 9.0.8112.21591| 9-Sep-2021| 2:05| 22,528 \nWindows Pop-up Blocked.wav| Not versioned| 11-Mar-2021| 0:00| 85,548 \nWindows Information Bar.wav| Not versioned| 11-Mar-2021| 0:00| 23,308 \nWindows Feed Discovered.wav| Not versioned| 11-Mar-2021| 0:00| 19,884 \nWindows Navigation Start.wav| Not versioned| 11-Mar-2021| 0:00| 11,340 \nieUnatt.exe| 9.0.8112.21591| 9-Sep-2021| 2:05| 142,848 \njsdbgui.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 387,584 \niertutil.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 1,808,384 \nsqmapi.dll| 6.0.6000.16386| 9-Sep-2021| 2:17| 142,744 \nVGX.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 769,024 \nurl.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 231,936 \nieframe.dll| 9.0.8112.21591| 9-Sep-2021| 2:07| 9,757,696 \nieui.dll| 9.0.8112.21591| 9-Sep-2021| 2:03| 176,640 \nieinstal.exe| 9.0.8112.21591| 9-Sep-2021| 2:05| 474,624 \nInetRes.adml| Not versioned| 9-Sep-2021| 2:23| 393,813 \ninetres.admx| Not versioned| 11-Mar-2021| 0:10| 1,601,204 \njsdebuggeride.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 104,448 \njscript.dll| 5.8.7601.21586| 9-Sep-2021| 2:05| 723,456 \njscript9.dll| 9.0.8112.21591| 9-Sep-2021| 2:11| 1,819,648 \nvbscript.dll| 5.8.7601.21586| 9-Sep-2021| 2:05| 434,176 \n \n##\n\n __\n\nInternet Explorer 9 on all supported x64-based versions\n\n **File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nurlmon.dll| 9.0.8112.21591| 9-Sep-2021| 3:16| 1,391,616 \niexplore.exe| 9.0.8112.21591| 9-Sep-2021| 3:31| 757,656 \ninetcpl.cpl| 9.0.8112.21591| 9-Sep-2021| 3:15| 1,494,528 \nwininet.dll| 9.0.8112.21591| 9-Sep-2021| 3:16| 1,395,200 \njsproxy.dll| 9.0.8112.21591| 9-Sep-2021| 3:15| 97,280 \nWininetPlugin.dll| 1.0.0.1| 9-Sep-2021| 3:15| 86,528 \ntdc.ocx| 9.0.8112.21591| 9-Sep-2021| 3:14| 76,800 \niedvtool.dll| 9.0.8112.21591| 9-Sep-2021| 3:15| 887,808 \ndxtmsft.dll| 9.0.8112.21591| 9-Sep-2021| 3:14| 452,608 \ndxtrans.dll| 9.0.8112.21591| 9-Sep-2021| 3:14| 281,600 \nmsfeeds.dll| 9.0.8112.21591| 9-Sep-2021| 3:15| 729,088 \nmsfeeds.mof| Not versioned| 9-Sep-2021| 2:48| 1,518 \nmsfeedsbs.mof| Not versioned| 9-Sep-2021| 2:48| 1,574 \nmsfeedsbs.dll| 9.0.8112.21591| 9-Sep-2021| 3:14| 55,296 \nmsfeedssync.exe| 9.0.8112.21591| 9-Sep-2021| 3:14| 11,264 \nmshta.exe| 9.0.8112.21591| 9-Sep-2021| 3:14| 12,800 \nhtml.iec| 2019.0.0.21586| 9-Sep-2021| 3:19| 448,512 \nmshtmled.dll| 9.0.8112.21591| 9-Sep-2021| 3:14| 96,256 \nmshtml.dll| 9.0.8112.21591| 9-Sep-2021| 3:24| 18,812,416 \nmshtml.tlb| 9.0.8112.21591| 9-Sep-2021| 3:14| 2,382,848 \nielowutil.exe| 9.0.8112.21591| 9-Sep-2021| 3:15| 223,744 \nieproxy.dll| 9.0.8112.21591| 9-Sep-2021| 3:15| 550,912 \nIEShims.dll| 9.0.8112.21591| 9-Sep-2021| 3:15| 305,664 \nWindows Pop-up Blocked.wav| Not versioned| 11-Mar-2021| 0:00| 85,548 \nWindows Information Bar.wav| Not versioned| 11-Mar-2021| 0:00| 23,308 \nWindows Feed Discovered.wav| Not versioned| 11-Mar-2021| 0:00| 19,884 \nWindows Navigation Start.wav| Not versioned| 11-Mar-2021| 0:00| 11,340 \nieUnatt.exe| 9.0.8112.21591| 9-Sep-2021| 3:15| 173,056 \njsdbgui.dll| 9.0.8112.21591| 9-Sep-2021| 3:15| 499,200 \niertutil.dll| 9.0.8112.21591| 9-Sep-2021| 3:15| 2,163,200 \nsqmapi.dll| 6.0.6000.16386| 9-Sep-2021| 3:31| 176,024 \nVGX.dll| 9.0.8112.21591| 9-Sep-2021| 3:15| 997,376 \nurl.dll| 9.0.8112.21591| 9-Sep-2021| 3:15| 237,056 \nieframe.dll| 9.0.8112.21591| 9-Sep-2021| 3:17| 10,944,000 \nieui.dll| 9.0.8112.21591| 9-Sep-2021| 3:12| 248,320 \nieinstal.exe| 9.0.8112.21591| 9-Sep-2021| 3:15| 490,496 \nInetRes.adml| Not versioned| 9-Sep-2021| 3:37| 393,813 \ninetres.admx| Not versioned| 11-Mar-2021| 0:10| 1,601,204 \njsdebuggeride.dll| 9.0.8112.21591| 9-Sep-2021| 3:15| 141,312 \njscript.dll| 5.8.7601.21586| 9-Sep-2021| 3:15| 818,176 \njscript9.dll| 9.0.8112.21591| 9-Sep-2021| 3:21| 2,358,784 \nvbscript.dll| 5.8.7601.21586| 9-Sep-2021| 3:15| 583,680 \niexplore.exe| 9.0.8112.21591| 9-Sep-2021| 2:17| 751,512 \nieUnatt.exe| 9.0.8112.21591| 9-Sep-2021| 2:05| 142,848 \nurlmon.dll| 9.0.8112.21591| 9-Sep-2021| 2:06| 1,142,784 \ninetcpl.cpl| 9.0.8112.21591| 9-Sep-2021| 2:05| 1,427,968 \nwininet.dll| 9.0.8112.21591| 9-Sep-2021| 2:06| 1,132,544 \njsproxy.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 75,776 \nWininetPlugin.dll| 1.0.0.1| 9-Sep-2021| 2:05| 66,048 \ntdc.ocx| 9.0.8112.21591| 9-Sep-2021| 2:05| 63,488 \niedvtool.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 678,912 \ndxtmsft.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 354,304 \ndxtrans.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 223,744 \nmsfeeds.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 607,744 \nmsfeeds.mof| Not versioned| 9-Sep-2021| 1:40| 1,518 \nmsfeedsbs.mof| Not versioned| 9-Sep-2021| 1:40| 1,574 \nmsfeedsbs.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 41,472 \nmsfeedssync.exe| 9.0.8112.21591| 9-Sep-2021| 2:05| 10,752 \nmshta.exe| 9.0.8112.21591| 9-Sep-2021| 2:05| 11,776 \nhtml.iec| 2019.0.0.21586| 9-Sep-2021| 2:08| 367,616 \nmshtmled.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 72,704 \nmshtml.dll| 9.0.8112.21591| 9-Sep-2021| 2:10| 12,845,056 \nmshtml.tlb| 9.0.8112.21591| 9-Sep-2021| 2:05| 2,382,848 \nielowutil.exe| 9.0.8112.21591| 9-Sep-2021| 2:05| 223,232 \nieproxy.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 195,072 \nIEShims.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 194,560 \nExtExport.exe| 9.0.8112.21591| 9-Sep-2021| 2:05| 22,528 \njsdbgui.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 387,584 \niertutil.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 1,808,384 \nsqmapi.dll| 6.0.6000.16386| 9-Sep-2021| 2:17| 142,744 \nVGX.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 769,024 \nurl.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 231,936 \nieframe.dll| 9.0.8112.21591| 9-Sep-2021| 2:07| 9,757,696 \nieui.dll| 9.0.8112.21591| 9-Sep-2021| 2:03| 176,640 \nieinstal.exe| 9.0.8112.21591| 9-Sep-2021| 2:05| 474,624 \njsdebuggeride.dll| 9.0.8112.21591| 9-Sep-2021| 2:05| 104,448 \njscript.dll| 5.8.7601.21586| 9-Sep-2021| 2:05| 723,456 \njscript9.dll| 9.0.8112.21591| 9-Sep-2021| 2:11| 1,819,648 \nvbscript.dll| 5.8.7601.21586| 9-Sep-2021| 2:05| 434,176 \n \n## **Information about protection and security**\n\n * Protect yourself online: [Windows Security support](https://support.microsoft.com/hub/4099151/windows-security-help)\n * Learn how we guard against cyber threats: [Microsoft Security](https://www.microsoft.com/security)\n\n## **References**\n\nLearn about the [terminology](https://support.microsoft.com/help/824684) that\nMicrosoft uses to describe software updates.\n\n", "cvss3": {}, "published": "2021-09-07T07:00:00", "type": "mskb", "title": "KB5005563: Cumulative security update for Internet Explorer: September 14, 2021", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-07T07:00:00", "id": "KB5005563", "href": "https://support.microsoft.com/en-us/help/5005563", "cvss": {"score": 0.0, "vector": "NONE"}}], "nessus": [{"lastseen": "2021-09-16T23:46:57", "description": "The Microsoft Internet Explorer installation on the remote host is affected by a remote code execution vulnerability.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L"}, "published": "2021-09-10T00:00:00", "type": "nessus", "title": "Security Updates for Microsoft Internet Explorer OOB (Sept 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-13T00:00:00", "cpe": ["cpe:/a:microsoft:ie"], "id": "SMB_NT_MS21_IE_SEPT_2021.NASL", "href": "https://www.tenable.com/plugins/nessus/153214", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153214);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/13\");\n\n script_cve_id(\"CVE-2021-40444\");\n\n script_name(english:\"Security Updates for Microsoft Internet Explorer OOB (Sept 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft Internet Explorer installation on the remote host is affected by a remote code execution vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft Internet Explorer installation on the remote host is affected by a remote code execution vulnerability.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444\");\n script_set_attribute(attribute:\"solution\", value:\n\"Review the Microsoft advisory for registry settings & workaround guidance.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:C/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-40444\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:ie\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\ninclude('install_func.inc');\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nvar os = get_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2', win7:'1', win8:'0', win81:'0', win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nvar productname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif ((\"Windows 8\" >< productname && \"8.1\" >!< productname) || \"Vista\" >< productname)\n audit(AUDIT_OS_SP_NOT_VULN);\n\nvar share = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nregistry_init();\nvar key, res, hklm;\nhklm = registry_hive_connect(hive:HKEY_LOCAL_MACHINE, exit_on_fail:TRUE);\n\n# if these keys are not set, all of them, to 3, you are vuln...\nvar keys2chk = make_list(\n \"SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\1001\",\n \"SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\1001\",\n \"SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\1001\",\n \"SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\1001\",\n \"SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0\\1004\",\n \"SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1\\1004\",\n \"SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2\\1004\",\n \"SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3\\1004\"\n);\n\nvar report = 'The following registry keys were missing or not set correctly: \\n' ; \nvar vuln = FALSE;\n\nforeach var zone_chks (keys2chk)\n{\n res = get_registry_value(handle:hklm, item:zone_chks); \n\n if (empty_or_null(res))\n {\n report += ' - ' + zone_chks + ' is empty.\\n';\n vuln = TRUE;\n }\n else if (res != 3)\n {\n report += ' - ' + zone_chks + ' is set to [' + res + '].\\n';\n vuln = TRUE;\n }\n}\n\nif (vuln)\n{\n var port = kb_smb_transport();\n security_report_v4(port:port, severity:SECURITY_HOLE, extra:report);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_INST_VER_NOT_VULN, 'Internet Explorer');\n}\n", "cvss": {"score": 8.3, "vector": "AV:N/AC:M/Au:N/C:P/I:C/A:P"}}, {"lastseen": "2021-09-16T23:46:19", "description": "The Internet Explorer installation on the remote host is missing a security update. It is, therefore, affected by a memory corruption error in the scripting engine. An unauthenticated, remote attacker can exploit this to execute arbitrary commands. (CVE-2021-40444)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-09-14T00:00:00", "type": "nessus", "title": "Security Updates for Internet Explorer (September 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-14T00:00:00", "cpe": ["cpe:/a:microsoft:ie"], "id": "SMB_NT_MS21_SEP_INTERNET_EXPLORER.NASL", "href": "https://www.tenable.com/plugins/nessus/153374", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153374);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/14\");\n\n script_cve_id(\"CVE-2021-40444\");\n script_xref(name:\"MSKB\", value:\"5005563\");\n script_xref(name:\"MSKB\", value:\"5005606\");\n script_xref(name:\"MSKB\", value:\"5005613\");\n script_xref(name:\"MSKB\", value:\"5005623\");\n script_xref(name:\"MSKB\", value:\"5005633\");\n script_xref(name:\"MSFT\", value:\"MS21-5005563\");\n script_xref(name:\"MSFT\", value:\"MS21-5005606\");\n script_xref(name:\"MSFT\", value:\"MS21-5005613\");\n script_xref(name:\"MSFT\", value:\"MS21-5005623\");\n script_xref(name:\"MSFT\", value:\"MS21-5005633\");\n script_name(english:\"Security Updates for Internet Explorer (September 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Internet Explorer installation on the remote host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Internet Explorer installation on the remote host is missing a security update. It is, therefore, affected by a\nmemory corruption error in the scripting engine. An unauthenticated, remote attacker can exploit this to execute\narbitrary commands. (CVE-2021-40444)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/topic/5005563\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/topic/5005606\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/topic/5005613\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/topic/5005623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/topic/5005633\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released the following security updates to address this issue: \n -KB5005563\n -KB5005606\n -KB5005613\n -KB5005623\n -KB5005633\");\n\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-40444\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:ie\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_func.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nvar bulletin = 'MS21-09';\nvar kbs = make_list(\n '5005563',\n '5005606',\n '5005613',\n '5005623',\n '5005633'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_WARNING);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nvar os = get_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2', win7:'1', win8:'0', win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nvar productname = get_kb_item_or_exit('SMB/ProductName', exit_code:1);\nif ('Windows 8' >< productname && '8.1' >!< productname)\n audit(AUDIT_OS_SP_NOT_VULN);\nif ('Vista' >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nif (hotfix_check_server_core() == 1) audit(AUDIT_WIN_SERVER_CORE);\n\nvar share = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n # Windows 8.1 / Windows Server 2012 R2\n # Internet Explorer 11\n hotfix_is_vulnerable(os:'6.3', sp:0, file:'mshtml.dll', version:'11.0.9600.20120', min_version:'11.0.9600.16000', dir:'\\\\system32', bulletin:bulletin, kb:'5005563') ||\n\n # Windows Server 2012\n # Internet Explorer 11\n hotfix_is_vulnerable(os:'6.2', sp:0, file:'mshtml.dll', version:'11.0.9600.20120', min_version:'11.0.9600.16000', dir:'\\\\system32', bulletin:bulletin, kb:'5005563') ||\n\n # Windows 7 / Server 2008 R2\n # Internet Explorer 11\n hotfix_is_vulnerable(os:'6.1', sp:1, file:'mshtml.dll', version:'11.0.9600.20120', min_version:'11.0.9600.16000', dir:'\\\\system32', bulletin:bulletin, kb:'5005563') ||\n\n # Windows Server 2008\n # Internet Explorer 9\n hotfix_is_vulnerable(os:'6.0', sp:2, file:'mshtml.dll', version:'9.0.8112.21591', min_version:'9.0.8112.16000', dir:'\\\\system32', bulletin:bulletin, kb:'5005563')\n)\n{\n var report = '\\nNote: The fix for this issue is available in either of the following updates:\\n';\n report += ' - KB5005563 : Cumulative Security Update for Internet Explorer\\n';\n\n if(os == '6.3')\n {\n report += ' - KB5005613 : Windows 8.1 / Server 2012 R2 Monthly Rollup\\n';\n hotfix_add_report(bulletin:bulletin, kb:'5005613', report);\n }\n else if(os == '6.2')\n {\n report += ' - KB5005623 : Windows Server 2012 Monthly Rollup\\n';\n hotfix_add_report(bulletin:bulletin, kb:'5005623', report);\n }\n else if(os == '6.1')\n {\n report += ' - KB5005633 : Windows 7 / Server 2008 R2 Monthly Rollup\\n';\n hotfix_add_report(bulletin:bulletin, kb:'5005633', report);\n }\n else if(os == '6.0')\n {\n report += ' - KB5005606 : Windows Server 2008 Monthly Rollup\\n';\n hotfix_add_report(bulletin:bulletin, kb:'5005606', report);\n }\n\n set_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n\n var port = kb_smb_transport();\n\n hotfix_security_warning();\n hotfix_check_fversion_end();\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-18T13:21:36", "description": "The remote Windows host is missing security update 5005627 or cumulative update 5005613. It is, therefore, affected by multiple vulnerabilities :\n\n - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2021-26435)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-36960, CVE-2021-36962, CVE-2021-36969, CVE-2021-36972, CVE-2021-38629, CVE-2021-38635, CVE-2021-38636)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-36965, CVE-2021-36958, CVE-2021-40444)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-36955, CVE-2021-36963, CVE-2021-36964, CVE-2021-36974, CVE-2021-38628, CVE-2021-38630, CVE-2021-38633, CVE-2021-38638, CVE-2021-38639, CVE-2021-38667, CVE-2021-38671, CVE-2021-40447)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-36961)\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2021-38624)\n\n - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. (CVE-2021-36959)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-09-14T00:00:00", "type": "nessus", "title": "KB5005627: Windows 8.1 and Windows Server 2012 R2 September 2021 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26435", "CVE-2021-36955", "CVE-2021-36958", "CVE-2021-36959", "CVE-2021-36960", "CVE-2021-36961", "CVE-2021-36962", "CVE-2021-36963", "CVE-2021-36964", "CVE-2021-36965", "CVE-2021-36969", "CVE-2021-36972", "CVE-2021-36974", "CVE-2021-38624", "CVE-2021-38628", "CVE-2021-38629", "CVE-2021-38630", "CVE-2021-38633", "CVE-2021-38635", "CVE-2021-38636", "CVE-2021-38638", "CVE-2021-38639", "CVE-2021-38667", "CVE-2021-38671", "CVE-2021-40444", "CVE-2021-40447"], "modified": "2021-09-17T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_SEP_5005613.NASL", "href": "https://www.tenable.com/plugins/nessus/153375", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153375);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/17\");\n\n script_cve_id(\n \"CVE-2021-26435\",\n \"CVE-2021-36955\",\n \"CVE-2021-36958\",\n \"CVE-2021-36959\",\n \"CVE-2021-36960\",\n \"CVE-2021-36961\",\n \"CVE-2021-36962\",\n \"CVE-2021-36963\",\n \"CVE-2021-36964\",\n \"CVE-2021-36965\",\n \"CVE-2021-36969\",\n \"CVE-2021-36972\",\n \"CVE-2021-36974\",\n \"CVE-2021-38624\",\n \"CVE-2021-38628\",\n \"CVE-2021-38629\",\n \"CVE-2021-38630\",\n \"CVE-2021-38633\",\n \"CVE-2021-38635\",\n \"CVE-2021-38636\",\n \"CVE-2021-38638\",\n \"CVE-2021-38639\",\n \"CVE-2021-38667\",\n \"CVE-2021-38671\",\n \"CVE-2021-40444\",\n \"CVE-2021-40447\"\n );\n script_xref(name:\"MSKB\", value:\"5005627\");\n script_xref(name:\"MSKB\", value:\"5005613\");\n script_xref(name:\"MSFT\", value:\"MS21-5005627\");\n script_xref(name:\"MSFT\", value:\"MS21-5005613\");\n script_xref(name:\"IAVA\", value:\"2021-A-0431\");\n script_xref(name:\"IAVA\", value:\"2021-A-0429\");\n\n script_name(english:\"KB5005627: Windows 8.1 and Windows Server 2012 R2 September 2021 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5005627\nor cumulative update 5005613. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - An memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2021-26435)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-36960, CVE-2021-36962,\n CVE-2021-36969, CVE-2021-36972, CVE-2021-38629,\n CVE-2021-38635, CVE-2021-38636)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-36965, \n CVE-2021-36958, CVE-2021-40444)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-36955, CVE-2021-36963, CVE-2021-36964,\n CVE-2021-36974, CVE-2021-38628, CVE-2021-38630,\n CVE-2021-38633, CVE-2021-38638, CVE-2021-38639,\n CVE-2021-38667, CVE-2021-38671, CVE-2021-40447)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-36961)\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2021-38624)\n\n - A session spoofing vulnerability exists. An attacker can\n exploit this to perform actions with the privileges of\n another user. (CVE-2021-36959)\");\n # https://support.microsoft.com/en-us/topic/september-14-2021-kb5005627-security-only-update-3404d598-7d6e-4007-93e8-49438460791f\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c74eba5d\");\n # https://support.microsoft.com/en-us/topic/september-14-2021-kb5005613-monthly-rollup-47b217aa-8d33-4b29-b444-77fcbe57410b\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f099b11d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB5005627 or Cumulative Update KB5005613.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36965\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_func.inc');\ninclude('misc_func.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = \"MS21-09\";\nkbs = make_list('5005627', '5005613');\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Windows 8 EOL\nproductname = get_kb_item_or_exit('SMB/ProductName', exit_code:1);\nif (\"Windows 8\" >< productname && \"8.1\" >!< productname)\n audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.3\",\n sp:0,\n rollup_date:'09_2021',\n bulletin:bulletin,\n rollup_kb_list:[5005627, 5005613])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-18T13:21:37", "description": "The remote Windows host is missing security update 5005569.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2021-26435)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-36960, CVE-2021-36962, CVE-2021-36969, CVE-2021-36972, CVE-2021-38629, CVE-2021-38635, CVE-2021-38636)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-36955, CVE-2021-36963, CVE-2021-36964, CVE-2021-36967, CVE-2021-36973, CVE-2021-36974, CVE-2021-38628, CVE-2021-38630, CVE-2021-38633, CVE-2021-38634, CVE-2021-38638, CVE-2021-38639, CVE-2021-38667, CVE-2021-38671, CVE-2021-40447)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-36965, CVE-2021-36958, CVE-2021-40444)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-36961)\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2021-38624)\n\n - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. (CVE-2021-36959)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-09-14T00:00:00", "type": "nessus", "title": "KB5005569: Windows 10 version 1507 LTS September 2021 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26435", "CVE-2021-36955", "CVE-2021-36958", "CVE-2021-36959", "CVE-2021-36960", "CVE-2021-36961", "CVE-2021-36962", "CVE-2021-36963", "CVE-2021-36964", "CVE-2021-36965", "CVE-2021-36967", "CVE-2021-36969", "CVE-2021-36972", "CVE-2021-36973", "CVE-2021-36974", "CVE-2021-38624", "CVE-2021-38628", "CVE-2021-38629", "CVE-2021-38630", "CVE-2021-38633", "CVE-2021-38634", "CVE-2021-38635", "CVE-2021-38636", "CVE-2021-38638", "CVE-2021-38639", "CVE-2021-38667", "CVE-2021-38671", "CVE-2021-40444", "CVE-2021-40447"], "modified": "2021-09-17T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_SEP_5005569.NASL", "href": "https://www.tenable.com/plugins/nessus/153372", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153372);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/17\");\n\n script_cve_id(\n \"CVE-2021-26435\",\n \"CVE-2021-36955\",\n \"CVE-2021-36958\",\n \"CVE-2021-36959\",\n \"CVE-2021-36960\",\n \"CVE-2021-36961\",\n \"CVE-2021-36962\",\n \"CVE-2021-36963\",\n \"CVE-2021-36964\",\n \"CVE-2021-36965\",\n \"CVE-2021-36967\",\n \"CVE-2021-36969\",\n \"CVE-2021-36972\",\n \"CVE-2021-36973\",\n \"CVE-2021-36974\",\n \"CVE-2021-38624\",\n \"CVE-2021-38628\",\n \"CVE-2021-38629\",\n \"CVE-2021-38630\",\n \"CVE-2021-38633\",\n \"CVE-2021-38634\",\n \"CVE-2021-38635\",\n \"CVE-2021-38636\",\n \"CVE-2021-38638\",\n \"CVE-2021-38639\",\n \"CVE-2021-38667\",\n \"CVE-2021-38671\",\n \"CVE-2021-40444\",\n \"CVE-2021-40447\"\n );\n script_xref(name:\"MSKB\", value:\"5005569\");\n script_xref(name:\"MSFT\", value:\"MS21-5005569\");\n script_xref(name:\"IAVA\", value:\"2021-A-0431\");\n script_xref(name:\"IAVA\", value:\"2021-A-0429\");\n\n script_name(english:\"KB5005569: Windows 10 version 1507 LTS September 2021 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5005569.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2021-26435)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-36960, CVE-2021-36962,\n CVE-2021-36969, CVE-2021-36972, CVE-2021-38629,\n CVE-2021-38635, CVE-2021-38636)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-36955, CVE-2021-36963, CVE-2021-36964,\n CVE-2021-36967, CVE-2021-36973, CVE-2021-36974,\n CVE-2021-38628, CVE-2021-38630, CVE-2021-38633,\n CVE-2021-38634, CVE-2021-38638, CVE-2021-38639,\n CVE-2021-38667, CVE-2021-38671, CVE-2021-40447)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-36965,\n CVE-2021-36958, CVE-2021-40444)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-36961)\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2021-38624)\n\n - A session spoofing vulnerability exists. An attacker can\n exploit this to perform actions with the privileges of\n another user. (CVE-2021-36959)\");\n # https://support.microsoft.com/en-us/topic/september-14-2021-kb5005569-os-build-10240-19060-0de156d8-d616-49bb-ad8d-3cf352611ca4\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?322a809c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB5005569.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36965\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_func.inc');\ninclude('misc_func.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = \"MS21-09\";\nkbs = make_list('5005569');\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:'10240',\n rollup_date:'09_2021',\n bulletin:bulletin,\n rollup_kb_list:[5005569])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-18T13:19:23", "description": "The remote Windows host is missing security update 5005573.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2021-26435)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-36960, CVE-2021-36962, CVE-2021-36969, CVE-2021-36972, CVE-2021-38629, CVE-2021-38635, CVE-2021-38636)\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2021-38624, CVE-2021-38632)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-36955, CVE-2021-36963, CVE-2021-36964, CVE-2021-36967, CVE-2021-36973, CVE-2021-36974, CVE-2021-38628, CVE-2021-38630, CVE-2021-38633, CVE-2021-38634, CVE-2021-38638, CVE-2021-38639, CVE-2021-38667, CVE-2021-38671, CVE-2021-40447)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-36965, CVE-2021-36958, CVE-2021-40444)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-36961)\n\n - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. (CVE-2021-36959)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-09-14T00:00:00", "type": "nessus", "title": "KB5005573: Windows 10 Version 1607 and Windows Server 2016 September 2021 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26435", "CVE-2021-36955", "CVE-2021-36958", "CVE-2021-36959", "CVE-2021-36960", "CVE-2021-36961", "CVE-2021-36962", "CVE-2021-36963", "CVE-2021-36964", "CVE-2021-36965", "CVE-2021-36967", "CVE-2021-36969", "CVE-2021-36972", "CVE-2021-36973", "CVE-2021-36974", "CVE-2021-38624", "CVE-2021-38628", "CVE-2021-38629", "CVE-2021-38630", "CVE-2021-38632", "CVE-2021-38633", "CVE-2021-38634", "CVE-2021-38635", "CVE-2021-38636", "CVE-2021-38638", "CVE-2021-38639", "CVE-2021-38667", "CVE-2021-38671", "CVE-2021-40444", "CVE-2021-40447"], "modified": "2021-09-17T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_SEP_5005573.NASL", "href": "https://www.tenable.com/plugins/nessus/153377", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153377);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/17\");\n\n script_cve_id(\n \"CVE-2021-26435\",\n \"CVE-2021-36955\",\n \"CVE-2021-36958\",\n \"CVE-2021-36959\",\n \"CVE-2021-36960\",\n \"CVE-2021-36961\",\n \"CVE-2021-36962\",\n \"CVE-2021-36963\",\n \"CVE-2021-36964\",\n \"CVE-2021-36965\",\n \"CVE-2021-36967\",\n \"CVE-2021-36969\",\n \"CVE-2021-36972\",\n \"CVE-2021-36973\",\n \"CVE-2021-36974\",\n \"CVE-2021-38624\",\n \"CVE-2021-38628\",\n \"CVE-2021-38629\",\n \"CVE-2021-38630\",\n \"CVE-2021-38632\",\n \"CVE-2021-38633\",\n \"CVE-2021-38634\",\n \"CVE-2021-38635\",\n \"CVE-2021-38636\",\n \"CVE-2021-38638\",\n \"CVE-2021-38639\",\n \"CVE-2021-38667\",\n \"CVE-2021-38671\",\n \"CVE-2021-40444\",\n \"CVE-2021-40447\"\n );\n script_xref(name:\"MSKB\", value:\"5005573\");\n script_xref(name:\"MSFT\", value:\"MS21-5005573\");\n script_xref(name:\"IAVA\", value:\"2021-A-0431\");\n script_xref(name:\"IAVA\", value:\"2021-A-0429\");\n\n script_name(english:\"KB5005573: Windows 10 Version 1607 and Windows Server 2016 September 2021 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5005573.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2021-26435)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-36960, CVE-2021-36962,\n CVE-2021-36969, CVE-2021-36972, CVE-2021-38629,\n CVE-2021-38635, CVE-2021-38636)\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2021-38624, CVE-2021-38632)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-36955, CVE-2021-36963, CVE-2021-36964,\n CVE-2021-36967, CVE-2021-36973, CVE-2021-36974,\n CVE-2021-38628, CVE-2021-38630, CVE-2021-38633,\n CVE-2021-38634, CVE-2021-38638, CVE-2021-38639,\n CVE-2021-38667, CVE-2021-38671, CVE-2021-40447)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-36965,\n CVE-2021-36958, CVE-2021-40444)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-36961)\n\n - A session spoofing vulnerability exists. An attacker can\n exploit this to perform actions with the privileges of\n another user. (CVE-2021-36959)\");\n # https://support.microsoft.com/en-us/topic/september-14-2021-kb5005573-os-build-14393-4651-48853795-3857-4485-a2bf-f15b39464b41\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?be42cfd3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB5005573.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36965\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_func.inc');\ninclude('misc_func.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = \"MS21-09\";\nkbs = make_list('5005573');\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:'14393',\n rollup_date:'09_2021',\n bulletin:bulletin,\n rollup_kb_list:[5005573])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-18T13:18:36", "description": "The remote Windows host is missing security update 5005568.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-36954, CVE-2021-36955, CVE-2021-36963, CVE-2021-36964, CVE-2021-36966, CVE-2021-36967, CVE-2021-36973, CVE-2021-36974, CVE-2021-36975, CVE-2021-38628, CVE-2021-38630, CVE-2021-38633, CVE-2021-38634, CVE-2021-38638, CVE-2021-38639, CVE-2021-38667, CVE-2021-38671, CVE-2021-40447)\n\n - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2021-26435)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-36960, CVE-2021-36962, CVE-2021-36969, CVE-2021-36972, CVE-2021-38629, CVE-2021-38635, CVE-2021-38636, CVE-2021-38637)\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2021-38624, CVE-2021-38632)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-36965, CVE-2021-36958, CVE-2021-40444)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-36961)\n\n - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. (CVE-2021-36959)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-09-14T00:00:00", "type": "nessus", "title": "KB5005568: Windows 10 Version 1809 and Windows Server 2019 September 2021 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26435", "CVE-2021-36954", "CVE-2021-36955", "CVE-2021-36958", "CVE-2021-36959", "CVE-2021-36960", "CVE-2021-36961", "CVE-2021-36962", "CVE-2021-36963", "CVE-2021-36964", "CVE-2021-36965", "CVE-2021-36966", "CVE-2021-36967", "CVE-2021-36969", "CVE-2021-36972", "CVE-2021-36973", "CVE-2021-36974", "CVE-2021-36975", "CVE-2021-38624", "CVE-2021-38628", "CVE-2021-38629", "CVE-2021-38630", "CVE-2021-38632", "CVE-2021-38633", "CVE-2021-38634", "CVE-2021-38635", "CVE-2021-38636", "CVE-2021-38637", "CVE-2021-38638", "CVE-2021-38639", "CVE-2021-38667", "CVE-2021-38671", "CVE-2021-40444", "CVE-2021-40447"], "modified": "2021-09-17T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_SEP_5005568.NASL", "href": "https://www.tenable.com/plugins/nessus/153373", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153373);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/17\");\n\n script_cve_id(\n \"CVE-2021-26435\",\n \"CVE-2021-36954\",\n \"CVE-2021-36955\",\n \"CVE-2021-36958\",\n \"CVE-2021-36959\",\n \"CVE-2021-36960\",\n \"CVE-2021-36961\",\n \"CVE-2021-36962\",\n \"CVE-2021-36963\",\n \"CVE-2021-36964\",\n \"CVE-2021-36965\",\n \"CVE-2021-36966\",\n \"CVE-2021-36967\",\n \"CVE-2021-36969\",\n \"CVE-2021-36972\",\n \"CVE-2021-36973\",\n \"CVE-2021-36974\",\n \"CVE-2021-36975\",\n \"CVE-2021-38624\",\n \"CVE-2021-38628\",\n \"CVE-2021-38629\",\n \"CVE-2021-38630\",\n \"CVE-2021-38632\",\n \"CVE-2021-38633\",\n \"CVE-2021-38634\",\n \"CVE-2021-38635\",\n \"CVE-2021-38636\",\n \"CVE-2021-38637\",\n \"CVE-2021-38638\",\n \"CVE-2021-38639\",\n \"CVE-2021-38667\",\n \"CVE-2021-38671\",\n \"CVE-2021-40444\",\n \"CVE-2021-40447\"\n );\n script_xref(name:\"MSKB\", value:\"5005568\");\n script_xref(name:\"MSFT\", value:\"MS21-5005568\");\n script_xref(name:\"IAVA\", value:\"2021-A-0431\");\n script_xref(name:\"IAVA\", value:\"2021-A-0429\");\n\n script_name(english:\"KB5005568: Windows 10 Version 1809 and Windows Server 2019 September 2021 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5005568.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-36954, CVE-2021-36955, CVE-2021-36963,\n CVE-2021-36964, CVE-2021-36966, CVE-2021-36967,\n CVE-2021-36973, CVE-2021-36974, CVE-2021-36975,\n CVE-2021-38628, CVE-2021-38630, CVE-2021-38633,\n CVE-2021-38634, CVE-2021-38638, CVE-2021-38639,\n CVE-2021-38667, CVE-2021-38671, CVE-2021-40447)\n\n - An memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2021-26435)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-36960, CVE-2021-36962,\n CVE-2021-36969, CVE-2021-36972, CVE-2021-38629,\n CVE-2021-38635, CVE-2021-38636, CVE-2021-38637)\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2021-38624, CVE-2021-38632)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-36965, \n CVE-2021-36958, CVE-2021-40444)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-36961)\n\n - A session spoofing vulnerability exists. An attacker can\n exploit this to perform actions with the privileges of\n another user. (CVE-2021-36959)\");\n # https://support.microsoft.com/en-us/topic/september-14-2021-kb5005568-os-build-17763-2183-d19b2778-204a-4c09-a0c3-23dc28d5deac\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?54269929\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB5005568.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36965\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_func.inc');\ninclude('misc_func.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = \"MS21-09\";\nkbs = make_list('5005568');\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:'17763',\n rollup_date:'09_2021',\n bulletin:bulletin,\n rollup_kb_list:[5005568])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-18T13:19:23", "description": "The remote Windows host is missing security update 5005566.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-36954, CVE-2021-36955, CVE-2021-36963, CVE-2021-36964, CVE-2021-36966, CVE-2021-36967, CVE-2021-36973, CVE-2021-36974, CVE-2021-36975, CVE-2021-38628, CVE-2021-38630, CVE-2021-38633, CVE-2021-38634, CVE-2021-38638, CVE-2021-38639, CVE-2021-38667, CVE-2021-38671, CVE-2021-40447)\n\n - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2021-26435)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-36960, CVE-2021-36962, CVE-2021-36969, CVE-2021-36972, CVE-2021-38629, CVE-2021-38635, CVE-2021-38636, CVE-2021-38637)\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2021-38624, CVE-2021-38632)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-36965, CVE-2021-36958, CVE-2021-40444))\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-36961)\n\n - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. (CVE-2021-36959)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-09-14T00:00:00", "type": "nessus", "title": "KB5005566: Windows 10 version 1909 / Windows Server 1909 Security Update (September 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26435", "CVE-2021-36954", "CVE-2021-36955", "CVE-2021-36958", "CVE-2021-36959", "CVE-2021-36960", "CVE-2021-36961", "CVE-2021-36962", "CVE-2021-36963", "CVE-2021-36964", "CVE-2021-36965", "CVE-2021-36966", "CVE-2021-36967", "CVE-2021-36969", "CVE-2021-36972", "CVE-2021-36973", "CVE-2021-36974", "CVE-2021-36975", "CVE-2021-38624", "CVE-2021-38628", "CVE-2021-38629", "CVE-2021-38630", "CVE-2021-38632", "CVE-2021-38633", "CVE-2021-38634", "CVE-2021-38635", "CVE-2021-38636", "CVE-2021-38637", "CVE-2021-38638", "CVE-2021-38639", "CVE-2021-38667", "CVE-2021-38671", "CVE-2021-40444", "CVE-2021-40447"], "modified": "2021-09-17T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_SEP_5005566.NASL", "href": "https://www.tenable.com/plugins/nessus/153383", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153383);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/17\");\n\n script_cve_id(\n \"CVE-2021-26435\",\n \"CVE-2021-36954\",\n \"CVE-2021-36955\",\n \"CVE-2021-36958\",\n \"CVE-2021-36959\",\n \"CVE-2021-36960\",\n \"CVE-2021-36961\",\n \"CVE-2021-36962\",\n \"CVE-2021-36963\",\n \"CVE-2021-36964\",\n \"CVE-2021-36965\",\n \"CVE-2021-36966\",\n \"CVE-2021-36967\",\n \"CVE-2021-36969\",\n \"CVE-2021-36972\",\n \"CVE-2021-36973\",\n \"CVE-2021-36974\",\n \"CVE-2021-36975\",\n \"CVE-2021-38624\",\n \"CVE-2021-38628\",\n \"CVE-2021-38629\",\n \"CVE-2021-38630\",\n \"CVE-2021-38632\",\n \"CVE-2021-38633\",\n \"CVE-2021-38634\",\n \"CVE-2021-38635\",\n \"CVE-2021-38636\",\n \"CVE-2021-38637\",\n \"CVE-2021-38638\",\n \"CVE-2021-38639\",\n \"CVE-2021-38667\",\n \"CVE-2021-38671\",\n \"CVE-2021-40444\",\n \"CVE-2021-40447\"\n );\n script_xref(name:\"MSKB\", value:\"5005566\");\n script_xref(name:\"MSFT\", value:\"MS21-5005566\");\n script_xref(name:\"IAVA\", value:\"2021-A-0431\");\n script_xref(name:\"IAVA\", value:\"2021-A-0429\");\n\n script_name(english:\"KB5005566: Windows 10 version 1909 / Windows Server 1909 Security Update (September 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5005566.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-36954, CVE-2021-36955, CVE-2021-36963,\n CVE-2021-36964, CVE-2021-36966, CVE-2021-36967,\n CVE-2021-36973, CVE-2021-36974, CVE-2021-36975,\n CVE-2021-38628, CVE-2021-38630, CVE-2021-38633,\n CVE-2021-38634, CVE-2021-38638, CVE-2021-38639,\n CVE-2021-38667, CVE-2021-38671, CVE-2021-40447)\n\n - An memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2021-26435)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-36960, CVE-2021-36962,\n CVE-2021-36969, CVE-2021-36972, CVE-2021-38629,\n CVE-2021-38635, CVE-2021-38636, CVE-2021-38637)\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2021-38624, CVE-2021-38632)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-36965,\n CVE-2021-36958, CVE-2021-40444))\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-36961)\n\n - A session spoofing vulnerability exists. An attacker can\n exploit this to perform actions with the privileges of\n another user. (CVE-2021-36959)\");\n # https://support.microsoft.com/en-us/topic/september-14-2021-kb5005566-os-build-18363-1801-c2535eb5-9e8a-4127-a923-0c6a643bba1d\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ff9fca7f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB5005566.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36965\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-09';\nkbs = make_list(\n '5005566'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n sp:0,\n os_build:'18363',\n rollup_date:'09_2021',\n bulletin:bulletin,\n rollup_kb_list:[5005566])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-18T13:21:33", "description": "The remote Windows host is missing security update 5005565.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-36954, CVE-2021-36955, CVE-2021-36963, CVE-2021-36964, CVE-2021-36966, CVE-2021-36967, CVE-2021-36973, CVE-2021-36974, CVE-2021-36975, CVE-2021-38628, CVE-2021-38630, CVE-2021-38633, CVE-2021-38634, CVE-2021-38638, CVE-2021-38639, CVE-2021-38667, CVE-2021-38671, CVE-2021-40447)\n\n - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2021-26435)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-36960, CVE-2021-36962, CVE-2021-36969, CVE-2021-36972, CVE-2021-38629, CVE-2021-38635, CVE-2021-38636, CVE-2021-38637)\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2021-38624, CVE-2021-38632)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-36965, CVE-2021-36958, CVE-2021-40444)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-36961)\n\n - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. (CVE-2021-36959)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-09-14T00:00:00", "type": "nessus", "title": "KB5005565: Windows 10 Version 2004 / Windows 10 Version 20H2 / Windows 10 Version 21H1 Security Update (September 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26435", "CVE-2021-36954", "CVE-2021-36955", "CVE-2021-36958", "CVE-2021-36959", "CVE-2021-36960", "CVE-2021-36961", "CVE-2021-36962", "CVE-2021-36963", "CVE-2021-36964", "CVE-2021-36965", "CVE-2021-36966", "CVE-2021-36967", "CVE-2021-36969", "CVE-2021-36972", "CVE-2021-36973", "CVE-2021-36974", "CVE-2021-36975", "CVE-2021-38624", "CVE-2021-38628", "CVE-2021-38629", "CVE-2021-38630", "CVE-2021-38632", "CVE-2021-38633", "CVE-2021-38634", "CVE-2021-38635", "CVE-2021-38636", "CVE-2021-38637", "CVE-2021-38638", "CVE-2021-38639", "CVE-2021-38667", "CVE-2021-38671", "CVE-2021-40444", "CVE-2021-40447"], "modified": "2021-09-17T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_SEP_5005565.NASL", "href": "https://www.tenable.com/plugins/nessus/153381", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153381);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/17\");\n\n script_cve_id(\n \"CVE-2021-26435\",\n \"CVE-2021-36954\",\n \"CVE-2021-36955\",\n \"CVE-2021-36958\",\n \"CVE-2021-36959\",\n \"CVE-2021-36960\",\n \"CVE-2021-36961\",\n \"CVE-2021-36962\",\n \"CVE-2021-36963\",\n \"CVE-2021-36964\",\n \"CVE-2021-36965\",\n \"CVE-2021-36966\",\n \"CVE-2021-36967\",\n \"CVE-2021-36969\",\n \"CVE-2021-36972\",\n \"CVE-2021-36973\",\n \"CVE-2021-36974\",\n \"CVE-2021-36975\",\n \"CVE-2021-38624\",\n \"CVE-2021-38628\",\n \"CVE-2021-38629\",\n \"CVE-2021-38630\",\n \"CVE-2021-38632\",\n \"CVE-2021-38633\",\n \"CVE-2021-38634\",\n \"CVE-2021-38635\",\n \"CVE-2021-38636\",\n \"CVE-2021-38637\",\n \"CVE-2021-38638\",\n \"CVE-2021-38639\",\n \"CVE-2021-38667\",\n \"CVE-2021-38671\",\n \"CVE-2021-40444\",\n \"CVE-2021-40447\"\n );\n script_xref(name:\"MSKB\", value:\"5005565\");\n script_xref(name:\"MSFT\", value:\"MS21-5005565\");\n script_xref(name:\"IAVA\", value:\"2021-A-0431\");\n script_xref(name:\"IAVA\", value:\"2021-A-0429\");\n\n script_name(english:\"KB5005565: Windows 10 Version 2004 / Windows 10 Version 20H2 / Windows 10 Version 21H1 Security Update (September 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5005565.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-36954, CVE-2021-36955, CVE-2021-36963,\n CVE-2021-36964, CVE-2021-36966, CVE-2021-36967,\n CVE-2021-36973, CVE-2021-36974, CVE-2021-36975,\n CVE-2021-38628, CVE-2021-38630, CVE-2021-38633,\n CVE-2021-38634, CVE-2021-38638, CVE-2021-38639,\n CVE-2021-38667, CVE-2021-38671, CVE-2021-40447)\n\n - An memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2021-26435)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-36960, CVE-2021-36962,\n CVE-2021-36969, CVE-2021-36972, CVE-2021-38629,\n CVE-2021-38635, CVE-2021-38636, CVE-2021-38637)\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2021-38624, CVE-2021-38632)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-36965,\n CVE-2021-36958, CVE-2021-40444)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-36961)\n\n - A session spoofing vulnerability exists. An attacker can\n exploit this to perform actions with the privileges of\n another user. (CVE-2021-36959)\");\n # https://support.microsoft.com/en-us/topic/september-14-2021-kb5005565-os-builds-19041-1237-19042-1237-and-19043-1237-292cf8ed-f97b-4cd8-9883-32b71e3e6b44\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?45dd819c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB5005565.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36965\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-09';\nkbs = make_list(\n '5005565'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n sp:0,\n os_build:'19041',\n rollup_date:'09_2021',\n bulletin:bulletin,\n rollup_kb_list:[5005565])\n||\n smb_check_rollup(os:'10',\n sp:0,\n os_build:'19042',\n rollup_date:'09_2021',\n bulletin:bulletin,\n rollup_kb_list:[5005565]) \n||\n smb_check_rollup(os:'10',\n sp:0,\n os_build:'19043',\n rollup_date:'09_2021',\n bulletin:bulletin,\n rollup_kb_list:[5005565])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "malwarebytes": [{"lastseen": "2021-09-13T12:35:29", "description": "Several researchers have independently reported a 0-day remote code execution vulnerability in MSHTML to Microsoft. The reason it was reported by several researchers probably lies in the fact that a limited number of attacks using this vulnerability have been identified, as per Microsoft\u2019s [security update](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444>). \n\n> Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents.\n\nMSHTML is a software component used to render web pages on Windows. Although it&#x27;s most commonly associated with Internet Explorer, it is also used in other software including versions of Skype, Microsoft Outlook, Visual Studio, and others.\n\nMalwarebytes, as shown lower in this article, blocks the related malicious powershell code execution.\n\n### CVE-2021-40444\n\nPublicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. Its goal is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services). This one has been assigned the designation [CVE-2021-40444](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40444>) and received a CVSS score of 8.8 out of 10. The CVSS standards are used to help security researchers, software users, and vulnerability tracking organizations measure and report on the severity of vulnerabilities. CVSS can also help security teams and developers prioritize threats and allocate resources effectively.\n\nThe Cybersecurity and Infrastructure Security Agency took to Twitter to [encourage](<https://twitter.com/USCERT_gov/status/1435342618704191491>) users and organizations to review Microsoft&#x27;s mitigations and workarounds to address CVE-2021-40444.\n\n### ActiveX\n\nBecause MSHTML is the beating heart of Internet Explorer, the vulnerability also exists in that browser. Although given its limited use, there is little risk of infection by that vector. Microsoft Office applications however, use the MSHTML component to display web content in Office documents.\n\nThe attack depends on MSHTML loading a specially crafted ActiveX control when the target opens a malicious Office document. The loaded ActiveX control can then run arbitrary code to infect the system with more malware.\n\nSo, the attacker will have to trick the user into opening a malicious document. But we all know how good some attackers are at this.\n\n### Mitigation\n\nAt the moment all supported Windows versions are vulnerable. Since there is no patch available yet, Microsoft proposes a few methods to block these attacks.\n\n * Disable the installation of all ActiveX controls in Internet Explorer via the registry. Previously-installed ActiveX controls will still run, but no new ones will be added, including malicious ones.\n * Open documents from the Internet in Protected View or Application Guard for Office, both of which prevent the current attack. This is a default setting but it may have been changed.\n\nDespite the lack of a ready patch, all versions of Malwarebytes currently block this threat, as shown below. Malwarebytes also detects the eventual payload, Cobalt Strike, and has done so for years, meaning that even if a threat actor had disabled anti-exploit, then Cobalt Strike itself would still be detected. \n\n\n\nA screenshot from Malwarebytes Teams showing active detection of this threat\n\nA screenshot from Malwarebytes Nebula showing active detection of this threat\n\nA screenshot of Malwarebytes Teams blocking the final payload\n\nA screenshot of Malwarebytes Anti-Exploit blocking the exploit payload process\n\n### Registry changes\n\nModifying the registry may create unforeseen results, so create a backup before you change it! It may also come in handy when you want to undo the changes at a later point.\n\nTo create a backup, open Regedit and drill down to the key you want to back up (if it exists):\n\n`HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones`\n\nRight click the key in the left side of the registry pane and select &quot;Export&quot;. Follow the prompts and save the created reg file with a name and in a location where you can easily find it.\n\n\n\nTo make the recommended changes, open a text file and paste in the following script. Make sure that all of the code box content is pasted into the text file!\n \n \n Windows Registry Editor Version 5.00\n \n [HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0]\n \"1001\"=dword:00000003\n \"1004\"=dword:00000003\n \n [HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1]\n \"1001\"=dword:00000003\n \"1004\"=dword:00000003\n \n [HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2]\n \"1001\"=dword:00000003\n \"1004\"=dword:00000003\n \n [HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3]\n \"1001\"=dword:00000003\n \"1004\"=dword:00000003\n \n\nSave the file with a .reg file extension. Right-click the file and select Merge. You&#x27;ll be prompted about adding the information to the registry, agree, and then reboot your machine.\n\n## Update september 9, 2021\n\nIt has taken researchers only a few days to circumvent the mitigations proposed by Microsoft. Once they were able to find a sample of a malicious Word document, they have started analyzing how it works and along the way poked holes in the defense strategies proposed by Microsoft.\n\nOne of the wobbly pillars is the Mark-of-the-Web (MoTW) flag that is given to downloaded files. This only blocks the exploit unless a user clicks on the &#x27;Enable Editing&#x27; buttons. Sadly, experience has learned us that it is not a good idea to trust that they won&#x27;t do that. Another problem with this flag is that it doesn&#x27;t survive when it is handled by other applications, like for example, unzipping. Another problem are certain filetypes that use the same MSHTML to view webcontent, but are not protected by Office&#x27;s Protected View security feature. Researcher [Will Dormann](<https://twitter.com/wdormann/status/1435951560006189060>) was able to replicate the attasck using an RTF file.\n\nThe registry fix we posted to prevent ActiveX controls from running in Internet Explorer, were supposed to effectively block the current attacks. But, security researcher Kevin Beaumont has already [discovered a way](<https://twitter.com/GossiTheDog/status/1435570418623070210>) to bypass Microsoft&#x27;s current mitigations to exploit this vulnerability.\n\n### The attack chain\n\nThe researchers have also managed to reconstruct the attack chain with the use of a limited set of samples of malicious docx files. \n\n * Once a user clicks on the &#x27;Enable Editing&#x27; button, the exploit will load a _side.html_ file by using the mhtml protocol to open a URL. The _side.html _file is hosted at a remote site and will be loaded as a Word template.\n * The Internet Explorer browser will be started to load the HTML, and its obfuscated JavaScript code will exploit the CVE-2021-40444 vulnerability to create a malicious ActiveX control.\n * This ActiveX control will download a _ministry.cab_ file from a remote site.\n * And extract a _championship.inf_ file, which is actually a DLL, and execute it as a CPL file by using rundll32.exe.\n * The ultimate payload is a Cobalt Strike beacon, which would allow the threat actor to gain remote access to the device.\n\nGiven the few days that are left until next patch Tuesday, it is doubtful whether Microsoft will be able to come up with an effective patch.\n\nConsider me one happy camper that Malwarebytes does not rely on the MoTW flag.\n\n_This is what happened when I tried to &quot;edit&quot; the Word doc the researchers analyzed_\n\n## Update september 13, 2021\n\nAs [reported by BleepingComputer](<https://www.bleepingcomputer.com/news/microsoft/windows-mshtml-zero-day-exploits-shared-on-hacking-forums/>) threat actors are sharing PoCs, tutorials and exploits on hacking forums, so that every script kiddy and wannabe hacker can follow step-by-step instructions to build their own attacks. Since the method we mentioned that uses an RTF file even works in Windows explorer file previews. This means this vulnerability can be exploited by viewing a malicious document using the Windows Explorer preview feature.\n\nSince this was discovered, Microsoft has added the following mitigation to disable previewing of RTF and Word documents:\n\n 1. In the Registry Editor (regedit.exe), navigate to the appropriate registry key: **For Word documents, navigate to these keys:**\n * HKEY_CLASSES_ROOT.docx\\ShellEx{8895b1c6-b41f-4c1c-a562-0d564250836f}\n * HKEY_CLASSES_ROOT.doc\\ShellEx{8895b1c6-b41f-4c1c-a562-0d564250836f}\n * HKEY_CLASSES_ROOT.docm\\ShellEx{8895b1c6-b41f-4c1c-a562-0d564250836f} **For rich text files (RTF), navigate to this key:**\n * HKEY_CLASSES_ROOT.rtf\\ShellEx{8895b1c6-b41f-4c1c-a562-0d564250836f}\n 2. Export a copy of the Registry key as a backup.\n 3. Now double-click **Name** and in the **Edit String** dialog box, delete the Value Data.\n 4. Click **OK**,\n\nWord document and RTF file previews are now disabled in Windows Explorer.\n\nTo enable Windows Explorer preview for these documents, double-click on the backup .reg file you created in step 2 above.\n\nStay safe,everyone!\n\nThe post [[updated] Windows MSHTML zero-day actively exploited, mitigations required](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/09/windows-mshtml-zero-day-actively-exploited-mitigations-required/>) appeared first on [Malwarebytes Labs](<https://blog.malwarebytes.com>).", "cvss3": {}, "published": "2021-09-08T11:04:07", "type": "malwarebytes", "title": "[updated] Windows MSHTML zero-day actively exploited, mitigations required", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-08T11:04:07", "id": "MALWAREBYTES:DB54B348AF1AC41987150B5CE7B1BC66", "href": "https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/09/windows-mshtml-zero-day-actively-exploited-mitigations-required/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-17T16:35:06", "description": "The September 2021 Patch Tuesday could be remembered as the _final_ patching attempt in the PrintNightmare\u2026 nightmare. The ease with which the vulnerabilities [shrugged off the August patches](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/08/microsofts-printnightmare-continues-shrugs-off-patch-tuesday-fixes/>) doesn\u2019t look to get a rerun. So far we haven\u2019t seen any indications that this patch is so easy to circumvent.\n\nThe total count of fixes for this Patch Tuesday tallies up to 86, including 26 for Microsoft Edge alone. Only a few of these vulnerabilities are listed as zero-days and two of them are &quot;old friends&quot;. There is a third, less-likely-to-be-exploited one, and then we get to introduce a whole new set of vulnerabilities nicknamed OMIGOD, for reasons that will become obvious.\n\nAzure was the subject of five CVE\u2019s, one of them listed as critical. The four that affect the Open Management Infrastructure (OMI) were found by researchers, grouped together and received the nickname OMIGOD.\n\n### PrintNightmare\n\nPrintNightmare is the name of a set of vulnerabilities that allow a standard user on a Windows network to execute arbitrary code on an affected machine (including domain controllers) as SYSTEM, allowing them to elevate their privileges as far as domain admin. Users trigger the flaw by simply feeding a malicious printer driver to a vulnerable machine, and could use their new-found superpowers to install programs; view, change, or delete data; or create new accounts with full user rights.\n\nThe problem was made worse by significant [confusion](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/07/patch-now-emergency-fix-for-printnightmare-released-by-microsoft/>) about whether PrintNightmare was a known, patched problem or an entirely new problem, and by repeated, at best partially-successful, attempts to patch it.\n\nThis month, Microsoft patched the remaining Print Spooler vulnerabilities under [CVE-2021-36958](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36958>). Fingers crossed.\n\n### MSHTML\n\nThis zero-day vulnerability that felt like a ghost from the past (it involved ActiveX, remember that?) was only [found last week](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/09/windows-mshtml-zero-day-actively-exploited-mitigations-required/>), but has attracted significant attention. It was listed as [CVE-2021-40444](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444>), a Remote Code Execution (RCE) vulnerability in Microsoft MSHTML. \n\nThreat actors were sharing PoCs, tutorials and exploits on hacking forums, so that every script kiddy and wannabe hacker was able to follow step-by-step instructions in order to launch their own attacks. Microsoft published mitigation instructions that disabled the installation of new ActiveX controls, but this turned out to be easy to work around for attackers.\n\nGiven the short window of opportunity, there was some doubt about whether a fix would be included in this Patch Tuesday, but it looks like Microsoft managed to pull it off.\n\n### DNS elevation of privilege vulnerability\n\nThis vulnerability was listed as [CVE-2021-36968](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36968>) and affects systems running Windows Server 2008 R2 SP1, SP2 and Windows 7 SP1. It exists due to an application that does not properly impose security restrictions in Windows DNS. The vulnerability is listed as a zero-day because it has been publicly disclosed, not because it is actively being exploited.\n\nMicrosoft says that exploitation is \u201cless likely\u201d, perhaps because it requires initial authentication and can only be exploited locally. If these conditions are met this bug can be used to accomplish elevation of privilege (EoP). \n\n### OMIGOD\n\nOMIGOD is the name for a set of four vulnerabilities in the Open Management Infrastructure (OMI) that you will find embedded in many popular Azure services. The CVEs are:\n\n * [CVE-2021-38647](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-38647>) OMI RCE Vulnerability with a [CVSS score](<https://blog.malwarebytes.com/malwarebytes-news/2020/05/how-cvss-works-characterizing-and-scoring-vulnerabilities/>) of 9.8 out of 10.\n * [CVE-2021-38648](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38648>) Open Management Infrastructure Elevation of Privilege Vulnerability\n * [CVE-2021-38645](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38645>) Open Management Infrastructure Elevation of Privilege Vulnerability\n * [CVE-2021-38649](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38649>) Open Management Infrastructure Elevation of Privilege Vulnerability\n\nThe [researchers](<https://www.wiz.io/blog/secret-agent-exposes-azure-customers-to-unauthorized-code-execution>) that discovered the vulnerabilities consider OMIGOD to be a result of the supply-chain risks that come with using open-source code:\n\n> Wiz\u2019s research team recently discovered a series of alarming vulnerabilities that highlight the supply chain risk of open source code, particularly for customers of cloud computing services.\n\nOMI runs as root (the highest privilege level) and is activated within Azure when users enable certain services, like distributed logging, or other management tools and services. It&#x27;s likely that many users aren&#x27;t even aware they have it running.\n\nThe RCE vulnerability (CVE-2021-38647) can be exploited in situations where the OMI ports are accessible to the Internet to allow for remote management. In this configuration, any user can communicate with it using a UNIX socket or via an HTTP API, and any user can abuse it to remotely execute code or escalate privileges.\n\nA coding mistake means that any incoming request to the service _without_ an authorization header has its privileges default to uid=0, gid=0, which is root. \n \nOMIGOD, right?\n\nThe researchers report that the flaw can only be used to remotely takeover a target when OMI exposes the HTTPS management port externally. This is the default configuration when installed standalone and in Azure Configuration Management or System Center Operations Manager (SCOM). Other Azure services (such as Log Analytics) do not expose this port, so in those cases the scope is limited to local privilege escalation.\n\nThey advise all Azure customers to connect to their Azure VMs and run the commands below in their terminal to ensure OMI is updated to the latest version:\n\n * For Debian systems (e.g., Ubuntu): `dpkg -l omi`\n * For Redhat based system (e.g., Fedora, CentOS, RHEL): `rpm -qa omi`\n\nIf OMI isn\u2019t installed, the commands won&#x27;t return any results, and your machine isn\u2019t vulnerable. Version 1.6.8.1 is the patched version. All earlier versions need to be patched.\n\n## Update September 17, 2021\n\nAfter a proof-of-concept exploit was published on code hosting website GitHub, attackers we re noticed to be looking for Linux servers running on Microsoft\u2019s Azure cloud infrastructure. These systems are vulnerable to the security flaw called OMIGOD.\n\nAccording to reports from security researchers the attackers use the OMIGOD exploit, to deploy malware that ensnares the hacked server into cryptomining or DDoS botnets.\n\nThe post [[updated] Patch now! PrintNightmare over, MSHTML fixed, a new horror appears \u2026 OMIGOD](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/09/patch-now-printnightmare-over-mshtml-fixed-a-new-horror-appears-omigod/>) appeared first on [Malwarebytes Labs](<https://blog.malwarebytes.com>).", "cvss3": {}, "published": "2021-09-15T13:19:48", "type": "malwarebytes", "title": "[updated] Patch now! PrintNightmare over, MSHTML fixed, a new horror appears \u2026 OMIGOD", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2021-36958", "CVE-2021-36968", "CVE-2021-38645", "CVE-2021-38647", "CVE-2021-38648", "CVE-2021-38649", "CVE-2021-40444"], "modified": "2021-09-15T13:19:48", "id": "MALWAREBYTES:76333D1F0FCAFD79FA2EDD4A4CAFBB38", "href": "https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/09/patch-now-printnightmare-over-mshtml-fixed-a-new-horror-appears-omigod/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "mscve": [{"lastseen": "2021-09-18T02:44:59", "description": "Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents.\n\nAn attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.\n\nMicrosoft Defender Antivirus and Microsoft Defender for Endpoint both provide detection and protections for the known vulnerability. Customers should keep antimalware products up to date. Customers who utilize automatic updates do not need to take additional action. Enterprise customers who manage updates should select the detection build 1.349.22.0 or newer and deploy it across their environments. Microsoft Defender for Endpoint alerts will be displayed as: \u201cSuspicious Cpl File Execution\u201d.\n\nUpon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.\n\nPlease see the **Mitigations** and **Workaround** sections for important information about steps you can take to protect your system from this vulnerability.\n\n**UPDATE** September 14, 2021: Microsoft has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. Please see the FAQ for important information about which updates are applicable to your system.\n", "cvss3": {}, "published": "2021-09-07T07:00:00", "type": "mscve", "title": "Microsoft MSHTML Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-14T07:00:00", "id": "MS:CVE-2021-40444", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40444", "cvss": {"score": 0.0, "vector": "NONE"}}], "rapid7blog": [{"lastseen": "2021-09-15T05:17:34", "description": "\n\nMicrosoft has fixed a total of 60 vulnerabilities this month, including two publicly disclosed 0-days. Fortunately there are only a few issues rated critical this month with the vast majority of the remainder being rated important. Here\u2019s three big things you can go patch right now.\n\n### MSHTML Remote Code Execution 0-day ([CVE-2021-40444](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40444>))\n\nThe hot topic this month is the most recent remote code execution 0-day vulnerability in MSHTML. When it was first discovered it was only being used in a limited number of attacks, however this quickly changed once instructions for exploiting the vulnerability were published online. This vulnerability was severe enough to warrant publishing patches for older operating systems including Windows 7, Windows Server 2008 R2, and Windows Server 2008. Now that updates have been published for this vulnerability they should be applied as soon as possible.\n\n### Windows DNS Local Elevation of Privilege ([CVE-2021-36968](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36968>))\n\nThis is the second publicly disclosed vulnerability updated this month. While the details surrounding this CVE are sparse, we do know that Microsoft has not detected exploitation in the wild. \n\n### Updates to PrintNightmare ([CVE-2021-1678](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1678>))\n\nMicrosoft has made additional patches available for older operating systems. If you were previously unable to patch against this vulnerability you may want to review this new information.\n\n## Summary Graphs\n\n\n\n## Summary Tables\n\n## Azure Vulnerabilities\n\nCVE | Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-38647](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38647>) | Open Management Infrastructure Remote Code Execution Vulnerability | No | No | 9.8 | Yes \n[CVE-2021-38645](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38645>) | Open Management Infrastructure Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-38648](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38648>) | Open Management Infrastructure Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-38649](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38649>) | Open Management Infrastructure Elevation of Privilege Vulnerability | No | No | 7 | Yes \n[CVE-2021-40448](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40448>) | Microsoft Accessibility Insights for Android Information Disclosure Vulnerability | No | No | 6.3 | Yes \n[CVE-2021-36956](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36956>) | Azure Sphere Information Disclosure Vulnerability | No | No | 4.4 | Yes \n \n## Browser Vulnerabilities\n\nCVE | Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-38642](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38642>) | Microsoft Edge for iOS Spoofing Vulnerability | No | No | 6.1 | No \n[CVE-2021-38641](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38641>) | Microsoft Edge for Android Spoofing Vulnerability | No | No | 6.1 | No \n[CVE-2021-26439](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26439>) | Microsoft Edge for Android Information Disclosure Vulnerability | No | No | 4.6 | No \n[CVE-2021-38669](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38669>) | Microsoft Edge (Chromium-based) Tampering Vulnerability | No | No | 6.4 | Yes \n[CVE-2021-26436](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26436>) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | No | No | 6.1 | No \n[CVE-2021-36930](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36930>) | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | No | No | 5.3 | No \n[CVE-2021-30632](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30632>) | Chromium: CVE-2021-30632 Out of bounds write in V8 | No | No | | Yes \n[CVE-2021-30624](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30624>) | Chromium: CVE-2021-30624 Use after free in Autofill | No | No | | Yes \n[CVE-2021-30623](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30623>) | Chromium: CVE-2021-30623 Use after free in Bookmarks | No | No | | Yes \n[CVE-2021-30622](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30622>) | Chromium: CVE-2021-30622 Use after free in WebApp Installs | No | No | | Yes \n[CVE-2021-30621](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30621>) | Chromium: CVE-2021-30621 UI Spoofing in Autofill | No | No | | Yes \n[CVE-2021-30620](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30620>) | Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink | No | No | | Yes \n[CVE-2021-30619](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30619>) | Chromium: CVE-2021-30619 UI Spoofing in Autofill | No | No | | Yes \n[CVE-2021-30618](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30618>) | Chromium: CVE-2021-30618 Inappropriate implementation in DevTools | No | No | | Yes \n[CVE-2021-30617](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30617>) | Chromium: CVE-2021-30617 Policy bypass in Blink | No | No | | Yes \n[CVE-2021-30616](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30616>) | Chromium: CVE-2021-30616 Use after free in Media | No | No | | Yes \n[CVE-2021-30615](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30615>) | Chromium: CVE-2021-30615 Cross-origin data leak in Navigation | No | No | | Yes \n[CVE-2021-30614](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30614>) | Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip | No | No | | Yes \n[CVE-2021-30613](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30613>) | Chromium: CVE-2021-30613 Use after free in Base internals | No | No | | Yes \n[CVE-2021-30612](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30612>) | Chromium: CVE-2021-30612 Use after free in WebRTC | No | No | | Yes \n[CVE-2021-30611](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30611>) | Chromium: CVE-2021-30611 Use after free in WebRTC | No | No | | Yes \n[CVE-2021-30610](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30610>) | Chromium: CVE-2021-30610 Use after free in Extensions API | No | No | | Yes \n[CVE-2021-30609](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30609>) | Chromium: CVE-2021-30609 Use after free in Sign-In | No | No | | Yes \n[CVE-2021-30608](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30608>) | Chromium: CVE-2021-30608 Use after free in Web Share | No | No | | Yes \n[CVE-2021-30607](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30607>) | Chromium: CVE-2021-30607 Use after free in Permissions | No | No | | Yes \n[CVE-2021-30606](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30606>) | Chromium: CVE-2021-30606 Use after free in Blink | No | No | | Yes \n \n## Developer Tools Vulnerabilities\n\nCVE | Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-36952](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36952>) | Visual Studio Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-26434](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26434>) | Visual Studio Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-26437](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26437>) | Visual Studio Code Spoofing Vulnerability | No | No | 5.5 | No \n \n## ESU Vulnerabilities\n\nCVE | Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-38625](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38625>) | Windows Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-38626](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38626>) | Windows Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-36968](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36968>) | Windows DNS Elevation of Privilege Vulnerability | No | Yes | 7.8 | No \n \n## Microsoft Dynamics Vulnerabilities\n\nCVE | Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-40440](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40440>) | Microsoft Dynamics Business Central Cross-site Scripting Vulnerability | No | No | 5.4 | No \n \n## Microsoft Office Vulnerabilities\n\nCVE | Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-38656](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38656>) | Microsoft Word Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-38651](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38651>) | Microsoft SharePoint Server Spoofing Vulnerability | No | No | 7.6 | No \n[CVE-2021-38652](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38652>) | Microsoft SharePoint Server Spoofing Vulnerability | No | No | 7.6 | No \n[CVE-2021-38653](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38653>) | Microsoft Office Visio Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-38654](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38654>) | Microsoft Office Visio Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-38650](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38650>) | Microsoft Office Spoofing Vulnerability | No | No | 7.6 | Yes \n[CVE-2021-38659](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38659>) | Microsoft Office Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-38658](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38658>) | Microsoft Office Graphics Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-38660](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38660>) | Microsoft Office Graphics Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-38657](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38657>) | Microsoft Office Graphics Component Information Disclosure Vulnerability | No | No | 6.1 | Yes \n[CVE-2021-38646](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38646>) | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-38655](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38655>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n \n## Windows Vulnerabilities\n\nCVE | Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-36967](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36967>) | Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability | No | No | 8 | No \n[CVE-2021-36966](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36966>) | Windows Subsystem for Linux Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-38637](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38637>) | Windows Storage Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-36972](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36972>) | Windows SMB Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-36974](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36974>) | Windows SMB Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-36973](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36973>) | Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-38624](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38624>) | Windows Key Storage Provider Security Feature Bypass Vulnerability | No | No | 6.5 | Yes \n[CVE-2021-36954](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36954>) | Windows Bind Filter Driver Elevation of Privilege Vulnerability | No | No | 8.8 | No \n[CVE-2021-36975](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36975>) | Win32k Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-38634](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38634>) | Microsoft Windows Update Client Elevation of Privilege Vulnerability | No | No | 7.1 | No \n[CVE-2021-38644](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38644>) | Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-38661](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38661>) | HEVC Video Extensions Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-38632](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38632>) | BitLocker Security Feature Bypass Vulnerability | No | No | 5.7 | Yes \n \n## Windows ESU Vulnerabilities\n\nCVE | Title | Exploited | Disclosed | CVSS3 | FAQ \n---|---|---|---|---|--- \n[CVE-2021-36965](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36965>) | Windows WLAN AutoConfig Service Remote Code Execution Vulnerability | No | No | 8.8 | No \n[CVE-2021-26435](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26435>) | Windows Scripting Engine Memory Corruption Vulnerability | No | No | 8.1 | Yes \n[CVE-2021-36960](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36960>) | Windows SMB Information Disclosure Vulnerability | No | No | 7.5 | Yes \n[CVE-2021-36969](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36969>) | Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-38635](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38635>) | Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-38636](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38636>) | Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-38667](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38667>) | Windows Print Spooler Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-38671](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38671>) | Windows Print Spooler Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-40447](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40447>) | Windows Print Spooler Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-36962](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36962>) | Windows Installer Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-36961](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36961>) | Windows Installer Denial of Service Vulnerability | No | No | 5.5 | No \n[CVE-2021-36964](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36964>) | Windows Event Tracing Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-38630](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38630>) | Windows Event Tracing Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-36955](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36955>) | Windows Common Log File System Driver Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-36963](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36963>) | Windows Common Log File System Driver Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-38633](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38633>) | Windows Common Log File System Driver Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-36959](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36959>) | Windows Authenticode Spoofing Vulnerability | No | No | 5.5 | No \n[CVE-2021-38629](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38629>) | Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability | No | No | 6.5 | Yes \n[CVE-2021-38628](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38628>) | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-38638](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38638>) | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-38639](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38639>) | Win32k Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-40444](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40444>) | Microsoft MSHTML Remote Code Execution Vulnerability | Yes | Yes | 8.8 | Yes", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-09-15T03:44:31", "type": "rapid7blog", "title": "Patch Tuesday - September 2021", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1678", "CVE-2021-26434", "CVE-2021-26435", "CVE-2021-26436", "CVE-2021-26437", "CVE-2021-26439", "CVE-2021-30606", "CVE-2021-30607", "CVE-2021-30608", "CVE-2021-30609", "CVE-2021-30610", "CVE-2021-30611", "CVE-2021-30612", "CVE-2021-30613", "CVE-2021-30614", "CVE-2021-30615", "CVE-2021-30616", "CVE-2021-30617", "CVE-2021-30618", "CVE-2021-30619", "CVE-2021-30620", "CVE-2021-30621", "CVE-2021-30622", "CVE-2021-30623", "CVE-2021-30624", "CVE-2021-30632", "CVE-2021-36930", "CVE-2021-36952", "CVE-2021-36954", "CVE-2021-36955", "CVE-2021-36956", "CVE-2021-36959", "CVE-2021-36960", "CVE-2021-36961", "CVE-2021-36962", "CVE-2021-36963", "CVE-2021-36964", "CVE-2021-36965", "CVE-2021-36966", "CVE-2021-36967", "CVE-2021-36968", "CVE-2021-36969", "CVE-2021-36972", "CVE-2021-36973", "CVE-2021-36974", "CVE-2021-36975", "CVE-2021-38624", "CVE-2021-38625", "CVE-2021-38626", "CVE-2021-38628", "CVE-2021-38629", "CVE-2021-38630", "CVE-2021-38632", "CVE-2021-38633", "CVE-2021-38634", "CVE-2021-38635", "CVE-2021-38636", "CVE-2021-38637", "CVE-2021-38638", "CVE-2021-38639", "CVE-2021-38641", "CVE-2021-38642", "CVE-2021-38644", "CVE-2021-38645", "CVE-2021-38646", "CVE-2021-38647", "CVE-2021-38648", "CVE-2021-38649", "CVE-2021-38650", "CVE-2021-38651", "CVE-2021-38652", "CVE-2021-38653", "CVE-2021-38654", "CVE-2021-38655", "CVE-2021-38656", "CVE-2021-38657", "CVE-2021-38658", "CVE-2021-38659", "CVE-2021-38660", "CVE-2021-38661", "CVE-2021-38667", "CVE-2021-38669", "CVE-2021-38671", "CVE-2021-40440", "CVE-2021-40444", "CVE-2021-40447", "CVE-2021-40448"], "modified": "2021-09-15T03:44:31", "id": "RAPID7BLOG:CC071AA6971D64B0F7A596B2BBD5F046", "href": "https://blog.rapid7.com/2021/09/15/patch-tuesday-september-2021/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "qualysblog": [{"lastseen": "2021-09-16T10:35:06", "description": "### Microsoft Patch Tuesday \u2013 September 2021\n\nMicrosoft patched 60 vulnerabilities in their September 2021 Patch Tuesday release, and an additional 26 CVEs since September 1st. Among the 60 released in the September Patch Tuesday, 3 of them are rated as critical severity, one as moderate, and 56 as important.\n\n#### Critical Microsoft Vulnerabilities Patched\n\n[CVE-2021-40444](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444>) - Microsoft MSHTML Remote Code Execution Vulnerability \n\nThis vulnerability has been publicly disclosed and is known to be exploited. The vulnerability allows for remote code execution via MSHTML, a component used by Internet Explorer and Office. Microsoft also released a workaround to show how users can disable ActiveX controls in IE. The vendor has assigned a CVSSv3 base score of 8.8. It should be prioritized for patching.\n\n[CVE-2021-26435](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26435>) - Windows Scripting Engine Memory Corruption Vulnerability \n\nMicrosoft released patches addressing a critical remote code execution vulnerability in Windows Scripting Engine. The exploitation of this vulnerability requires an attacker to convince users to click a link and then open a specially-crafted file. The vendor has assigned a CVSSv3 base score of 8.8. It should be prioritized for patching. \n\n[CVE-2021-36965](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36965>) - Windows WLAN AutoConfig Service Remote Code Execution Vulnerability \n\nThis vulnerability does not allow user interaction and also has a low complexity for attack. The vendor has assigned a CVSSv3 base score of 8.8. It should be prioritized for patching.\n\n[CVE-2021-38633](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38633>), [CVE-2021-36963](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36963>) - Windows Common Log File System Driver Elevation of Privilege Vulnerability \n\nThe vulnerabilities allow an attacker to gain elevated privileges to make changes to the victim\u2019s system. These CVEs have a high likelihood of exploitability and is assigned a CVSSv3 base score of 7.8 by the vendor. It should be prioritized for patching. \n\n[CVE-2021-38671](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38671>) - Windows Print Spooler Elevation of Privilege Vulnerability\n\nThis CVE has a high likelihood of exploitability and is assigned a CVSSv3 base score of 7.8 by the vendor. It should be prioritized for patching.\n\n### Qualys QIDs Providing Coverage\n\n**QID**| **Title**| **Severity**| **CVE ID** \n---|---|---|--- \n375861| Microsoft Edge Based On Chromium Prior to 93.0.961.47 Multiple Vulnerabilities| High| _CVE-2021-30632_ \n110390| Microsoft Office and Microsoft Office Services and Web Apps Security Update September 2021| High| _CVE-2021-38655,CVE-2021-38650,CVE-2021-38654,CVE-2021-38653,CVE-2021-38658,CVE-2021-38646,CVE-2021-38660,CVE-2021-38657,CVE-2021-38656,CVE-2021-38659_ \n110391| Microsoft SharePoint Enterprise Server Multiple Vulnerabilities September 2021| Medium| _CVE-2021-38651,CVE-2021-38652_ \n375860| Azure Open Management Infrastructure Multiple Vulnerabilities| Medium | CVE-2021-38645 CVE-2021-38647 CVE-2021-38648 CVE-2021-38649 \n \n91821| \nMicrosoft Cumulative Security Update for Internet Explorer (KB5005563) \n| Medium| _KB5005563 _ \n375854| Visual Studio Code Spoofing Vulnerability | Medium| _CVE-2021-26437 _ \n45505| Microsoft MSHTML Remote Code Execution Vulnerability Active X Controls Disabled (Mitigation for CVE-2021-40444 Enabled)| Low| \n91815| Microsoft Visual Studio Security Update for September 2021 | Medium | _CVE-2021-26434 CVE-2021-36952 _ \n91816| Microsoft Windows Security Update for September 2021| High| _CVE-2021-38667,CVE-2021-38639,CVE-2021-38638,CVE-2021-38637,CVE-2021-26435,CVE-2021-40447,CVE-2021-38671,CVE-2021-36965,CVE-2021-36967,CVE-2021-36974,CVE-2021-36972,CVE-2021-36966,CVE-2021-36969,CVE-2021-36973,CVE-2021-36962,CVE-2021-36961,CVE-2021-36964,CVE-2021-36963,CVE-2021-36959,CVE-2021-36968,CVE-2021-36975,CVE-2021-38636,CVE-2021-38635,CVE-2021-38633,CVE-2021-38629,CVE-2021-38628,CVE-2021-38634,CVE-2021-38632,CVE-2021-38630,CVE-2021-38624,CVE-2021-36955,CVE-2021-36954,CVE-2021-36960,CVE-2021-36958_ \n91817| Microsoft Dynamics Business Central Cross-Site Scripting (XSS) Vulnerability September 2021| Medium| _CVE-2021-40440_ \n91818| Microsoft Windows Kernel Elevation of Privilege Vulnerability September 2021| High| _CVE-2021-38625,CVE-2021-38626_ \n91819| Microsoft Windows Codecs Library HEVC Video Extensions Remote Code Execution (RCE) Vulnerability - September 2021| High| _CVE-2021-38661 _ \n91820| Microsoft MPEG-2 Video Extension Remote Code Execution (RCE) Vulnerability| High| _CVE-2021-38644 _ \n \n### Adobe Patch Tuesday \u2013 September 2021\n\nAdobe addressed [61 CVEs](<https://helpx.adobe.com/security.html>) this Patch Tuesday impacting Adobe Acrobat and Reader, ColdFusion, Premiere Pro, Adobe InCopy, Adobe SVG-Native Viewer, InDesign, Framemaker, Creative Cloud Desktop Apps, Photoshop Elements, Premiere Elements, Digital Editions, Genuine Service, Photoshop, XMP Toolit SDK and Experience Manager.\n\nThe patches for Adobe Acrobat and Reader, ColdFusion and Experience Manager are labeled as [Priority 2](<https://helpx.adobe.com/security/severity-ratings.html>), while the remaining patches are labeled as [Priority 3](<https://helpx.adobe.com/security/severity-ratings.html>). \n\n**Adobe Security Bulletin**| **QID**| **Severity**| **CVE ID** \n---|---|---|--- \nAdobe Security Update for Adobe Acrobat and Adobe Reader (APSB21-55) | 375845| Medium| _CVE-2021-39841, CVE-2021-39863, CVE-2021-39857, CVE-2021-39856, CVE-2021-39855, CVE-2021-39844, CVE-2021-39861, CVE-2021-39858, CVE-2021-39843, CVE-2021-39846, CVE-2021-39845, CVE-2021-35982, CVE-2021-39859, CVE-2021-39840, CVE-2021-39842, CVE-2021-39839, CVE-2021-39838,CVE-2021-39837,CVE-2021-39836,CVE-2021-39860,CVE-2021-39852,CVE-2021-39854,CVE-2021-39853,CVE-2021-39850,CVE-2021-39849,CVE-2021-39851_ \n \n### Discover Patch Tuesday Vulnerabilities in VMDR\n\nQualys VMDR automatically detects new Patch Tuesday vulnerabilities using continuous updates to its Knowledge Base (KB).\n\nYou can see all your impacted hosts by these vulnerabilities using the following QQL query:\n\n`vulnerabilities.vulnerability:(qid:`375861` OR qid:`110390` OR qid:`110391` OR qid:`375860` OR qid:`91821` OR qid:`375854` OR qid:`45505` OR qid:`91815` OR qid:`91816` OR qid:`91817` OR qid:`91818` OR qid:`91819` OR qid:`91820`)`\n\n\n\n### Respond by Patching\n\nVMDR rapidly remediates Windows hosts by deploying the most relevant and applicable per-technology version patches. You can simply select respective QIDs in the Patch Catalog and filter on the \u201cMissing\u201d patches to identify and deploy the applicable, available patches in one go.\n\nThe following QQL will return the missing patches pertaining to this Patch Tuesday.\n\n`(qid:`375861` OR qid:`110390` OR qid:`110391` OR qid:`375860` OR qid:`91821` OR qid:`375854` OR qid:`45505` OR qid:`91815` OR qid:`91816` OR qid:`91817` OR qid:`91818` OR qid:`91819` OR qid:`91820`)`\n\n\n\n### Patch Tuesday Dashboard\n\nThe current updated Patch Tuesday dashboards are available in [Dashboard Toolbox: 2021 Patch Tuesday Dashboard](<https://success.qualys.com/discussions/s/article/000006505>).\n\n### Webinar Series: This Month in Vulnerabilities and Patches\n\nTo help customers leverage the seamless integration between Qualys VMDR and Patch Management and reduce the median time to remediate critical vulnerabilities, the Qualys Research team is hosting a monthly webinar series [_T_](<https://event.on24.com/wcc/r/3411753/DC43289F29EF66CAE5CF62637F8CB6E3>)_[his Month in Vulnerabilities and Patches](<https://event.on24.com/wcc/r/3411753/DC43289F29EF66CAE5CF62637F8CB6E3>)_.\n\nWe discuss some of the key vulnerabilities disclosed in the past month and how to patch them: \n\n * Microsoft Patch Tuesday, September 2021 \n * Adobe Patch Tuesday, September 2021 \n\n[Join us live or watch on demand!](<https://event.on24.com/wcc/r/3411753/DC43289F29EF66CAE5CF62637F8CB6E3>)\n\nThursday, September 16, 2021 or later on demand\n\n### About Patch Tuesday\n\nPatch Tuesday QIDs are published at [Security Alerts](<https://www.qualys.com/research/security-alerts/>), typically late in the evening of [Patch Tuesday](<https://blog.qualys.com/tag/patch-tuesday>), followed shortly after by [PT dashboards](<https://qualys-secure.force.com/discussions/s/article/000006505>).", "cvss3": {}, "published": "2021-09-14T18:56:17", "type": "qualysblog", "title": "Microsoft and Adobe Patch Tuesday (September 2021) \u2013 Microsoft 60 Vulnerabilities with 3 Critical, Adobe 61 Vulnerabilities", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2021-26434", "CVE-2021-26435", "CVE-2021-26437", "CVE-2021-30632", "CVE-2021-35982", "CVE-2021-36952", "CVE-2021-36954", "CVE-2021-36955", "CVE-2021-36958", "CVE-2021-36959", "CVE-2021-36960", "CVE-2021-36961", "CVE-2021-36962", "CVE-2021-36963", "CVE-2021-36964", "CVE-2021-36965", "CVE-2021-36966", "CVE-2021-36967", "CVE-2021-36968", "CVE-2021-36969", "CVE-2021-36972", "CVE-2021-36973", "CVE-2021-36974", "CVE-2021-36975", "CVE-2021-38624", "CVE-2021-38625", "CVE-2021-38626", "CVE-2021-38628", "CVE-2021-38629", "CVE-2021-38630", "CVE-2021-38632", "CVE-2021-38633", "CVE-2021-38634", "CVE-2021-38635", "CVE-2021-38636", "CVE-2021-38637", "CVE-2021-38638", "CVE-2021-38639", "CVE-2021-38644", "CVE-2021-38645", "CVE-2021-38646", "CVE-2021-38647", "CVE-2021-38648", "CVE-2021-38649", "CVE-2021-38650", "CVE-2021-38651", "CVE-2021-38652", "CVE-2021-38653", "CVE-2021-38654", "CVE-2021-38655", "CVE-2021-38656", "CVE-2021-38657", "CVE-2021-38658", "CVE-2021-38659", "CVE-2021-38660", "CVE-2021-38661", "CVE-2021-38667", "CVE-2021-38671", "CVE-2021-39836", "CVE-2021-39837", "CVE-2021-39838", "CVE-2021-39839", "CVE-2021-39840", "CVE-2021-39841", "CVE-2021-39842", "CVE-2021-39843", "CVE-2021-39844", "CVE-2021-39845", "CVE-2021-39846", "CVE-2021-39849", "CVE-2021-39850", "CVE-2021-39851", "CVE-2021-39852", "CVE-2021-39853", "CVE-2021-39854", "CVE-2021-39855", "CVE-2021-39856", "CVE-2021-39857", "CVE-2021-39858", "CVE-2021-39859", "CVE-2021-39860", "CVE-2021-39861", "CVE-2021-39863", "CVE-2021-40440", "CVE-2021-40444", "CVE-2021-40447"], "modified": "2021-09-14T18:56:17", "id": "QUALYSBLOG:5576D16DC39617927D8AEFF027CC0911", "href": "https://blog.qualys.com/category/vulnerabilities-threat-research", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}