November 12, 2019—KB4525234 (Monthly Rollup)

2020-01-14T00:00:00

Description

None **IMPORTANT** Customers who have [purchased](<https://www.microsoft.com/en-us/cloud-platform/extended-security-updates>) the Extended Security Update (ESU) for on-premises versions of some operating systems must follow specific procedures to continue receiving security updates after extended support ends on January 14, 2020. For more information, see KB4522133 ## Improvements and fixes This security update includes improvements and fixes that were a part of update KB4520015(released October 15, 2019) and addresses the following issues: * Addresses an issue with temporary user profiles in an environment in which user profile disks (UPD) are deployed and cached roaming profiles are not deleted when the "Delete cached copies of roaming profiles" policy is enabled. * Provides protections against the Intel® Transactional Synchronization Extensions (Intel® TSX) Transaction Asynchronous Abort vulnerability ([CVE-2019-11135](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-11135>)). Use the registry settings as described in the Windows Server article_. _(These registry settings are disabled by default for Windows Server OS editions.) * Security updates to Microsoft Scripting Engine, Internet Explorer, Microsoft Graphics Component, Windows Input and Composition, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine. For more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>). ## Known issues in this update Microsoft is not currently aware of any issues with this update. ## How to get this update **Before installing this update****Prerequisite:**You must install the updates listed below and **_restart your device_** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes. 1. The April 9, 2019 servicing stack update (SSU) (KB4493730). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). 2. The latest SHA-2 update (KB4474419) released October 8, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. For more information on SHA-2 updates, see 2019 SHA-2 Code Signing Support requirement for Windows and WSUS. After installing the items above, Microsoft strongly recommends that you install the _latest _SSU (KB4526478). If you are using Windows Update, the latest SSU will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** ---|---|--- Windows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. Microsoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4525234>) website. Windows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2008 Service Pack 2**Classification**: Security Updates **File information**For a list of the files that are provided in this update, download the [file information for update 4525234](<https://download.microsoft.com/download/d/7/8/d780bb3a-fc1b-43bc-ae2d-b61a16f18914/4525234.csv>).

{"id": "KB4525234", "vendorId": null, "type": "mskb", "bulletinFamily": "microsoft", "title": "November 12, 2019\u2014KB4525234 (Monthly Rollup)", "description": "None\n**IMPORTANT** Customers who have [purchased](<https://www.microsoft.com/en-us/cloud-platform/extended-security-updates>) the Extended Security Update (ESU) for on-premises versions of some operating systems must follow specific procedures to continue receiving security updates after extended support ends on January 14, 2020. For more information, see KB4522133\n\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of update KB4520015(released October 15, 2019) and addresses the following issues:\n\n * Addresses an issue with temporary user profiles in an environment in which user profile disks (UPD) are deployed and cached roaming profiles are not deleted when the \"Delete cached copies of roaming profiles\" policy is enabled.\n * Provides protections against the Intel\u00ae Transactional Synchronization Extensions (Intel\u00ae TSX) Transaction Asynchronous Abort vulnerability ([CVE-2019-11135](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-11135>)). Use the registry settings as described in the Windows Server article_. _(These registry settings are disabled by default for Windows Server OS editions.)\n * Security updates to Microsoft Scripting Engine, Internet Explorer, Microsoft Graphics Component, Windows Input and Composition, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.\nFor more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\nMicrosoft is not currently aware of any issues with this update.\n\n## How to get this update\n\n**Before installing this update****Prerequisite:**You must install the updates listed below and **_restart your device_** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The April 9, 2019 servicing stack update (SSU) (KB4493730). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\n 2. The latest SHA-2 update (KB4474419) released October 8, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. For more information on SHA-2 updates, see 2019 SHA-2 Code Signing Support requirement for Windows and WSUS.\nAfter installing the items above, Microsoft strongly recommends that you install the _latest _SSU (KB4526478). If you are using Windows Update, the latest SSU will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4525234>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2008 Service Pack 2**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for update 4525234](<https://download.microsoft.com/download/d/7/8/d780bb3a-fc1b-43bc-ae2d-b61a16f18914/4525234.csv>). \n", "published": "2020-01-14T00:00:00", "modified": "2020-01-14T00:00:00", "epss": [{"cve": "CVE-2019-1411", "epss": 0.11422, "percentile": 0.94664, "modified": "2023-11-27"}, {"cve": "CVE-2019-1395", "epss": 0.00049, "percentile": 0.16388, "modified": "2023-11-27"}, {"cve": "CVE-2019-1393", "epss": 0.00049, "percentile": 0.16388, "modified": "2023-11-27"}, {"cve": "CVE-2019-1390", "epss": 0.01158, "percentile": 0.83258, "modified": "2023-11-27"}, {"cve": "CVE-2019-11135", "epss": 0.00062, "percentile": 0.24949, "modified": "2023-11-27"}, {"cve": "CVE-2019-1394", "epss": 0.00049, "percentile": 0.16388, "modified": "2023-11-27"}, {"cve": "CVE-2019-1391", "epss": 0.00043, "percentile": 0.07843, "modified": "2023-11-27"}, {"cve": "CVE-2019-1456", "epss": 0.02895, "percentile": 0.89697, "modified": "2023-11-27"}, {"cve": "CVE-2019-1412", "epss": 0.00046, "percentile": 0.14402, "modified": "2023-11-27"}, {"cve": "CVE-2019-1418", "epss": 0.0009, "percentile": 0.37922, "modified": "2023-11-27"}, {"cve": "CVE-2019-1432", "epss": 0.11422, "percentile": 0.94664, "modified": "2023-11-27"}, {"cve": "CVE-2019-1406", "epss": 0.01111, "percentile": 0.8288, "modified": "2023-11-27"}, {"cve": "CVE-2019-1441", "epss": 0.04138, "percentile": 0.91226, "modified": "2023-11-27"}, {"cve": "CVE-2019-1389", "epss": 0.00109, "percentile": 0.43833, "modified": "2023-11-27"}, {"cve": "CVE-2019-1439", "epss": 0.03227, "percentile": 0.90167, "modified": "2023-11-27"}, {"cve": "CVE-2019-0719", "epss": 0.00777, "percentile": 0.79303, "modified": "2023-11-26"}, {"cve": "CVE-2019-1407", "epss": 0.00043, "percentile": 0.07843, "modified": "2023-11-27"}, {"cve": "CVE-2019-1409", "epss": 0.00043, "percentile": 0.07843, "modified": "2023-11-27"}, {"cve": "CVE-2019-1399", "epss": 0.00043, "percentile": 0.07843, "modified": "2023-11-27"}, {"cve": "CVE-2019-1424", "epss": 0.00286, "percentile": 0.65283, "modified": "2023-11-27"}, {"cve": "CVE-2019-1408", "epss": 0.00097, "percentile": 0.40294, "modified": "2023-11-27"}, {"cve": "CVE-2019-1419", "epss": 0.08073, "percentile": 0.93646, "modified": "2023-11-27"}, {"cve": "CVE-2019-1397", "epss": 0.00109, "percentile": 0.43833, "modified": "2023-11-27"}, {"cve": "CVE-2019-1435", "epss": 0.00043, "percentile": 0.07843, "modified": "2023-11-27"}, {"cve": "CVE-2019-1405", "epss": 0.00104, "percentile": 0.4241, "modified": "2023-11-27"}, {"cve": "CVE-2019-1388", "epss": 0.17191, "percentile": 0.95565, "modified": "2023-11-27"}, {"cve": "CVE-2019-1429", "epss": 0.97139, "percentile": 0.99743, "modified": "2023-11-27"}, {"cve": "CVE-2019-1396", "epss": 0.00049, "percentile": 0.16388, "modified": "2023-11-27"}, {"cve": "CVE-2019-1384", "epss": 0.00157, "percentile": 0.52067, "modified": "2023-11-27"}, {"cve": "CVE-2019-1434", "epss": 0.00043, "percentile": 0.07843, "modified": "2023-11-27"}, {"cve": "CVE-2019-1433", "epss": 0.00043, "percentile": 0.07843, "modified": "2023-11-27"}, {"cve": "CVE-2019-0712", "epss": 0.00117, "percentile": 0.45416, "modified": "2023-11-26"}, {"cve": "CVE-2019-1415", "epss": 0.00043, "percentile": 0.07843, "modified": "2023-11-27"}], "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 9.3}, "severity": "HIGH", "exploitabilityScore": 8.6, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.1, "impactScore": 6.0}, "href": "https://support.microsoft.com/en-us/help/4525234", "reporter": "Microsoft", "references": [], "cvelist": ["CVE-2019-0712", "CVE-2019-0719", "CVE-2019-11135", "CVE-2019-1384", "CVE-2019-1388", "CVE-2019-1389", "CVE-2019-1390", "CVE-2019-1391", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1399", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1407", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1412", "CVE-2019-1415", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1424", "CVE-2019-1429", "CVE-2019-1432", "CVE-2019-1433", "CVE-2019-1434", "CVE-2019-1435", "CVE-2019-1439", "CVE-2019-1441", "CVE-2019-1456"], "immutableFields": [], "lastseen": "2023-11-28T09:44:13", "viewCount": 41, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2020:0279"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2019-11135"]}, {"type": "amazon", "idList": ["ALAS-2019-1318", "ALAS2-2019-1364"]}, {"type": "archlinux", "idList": ["ASA-201911-14"]}, {"type": "attackerkb", "idList": ["AKB:0D37CA24-1A96-4579-9FDE-ACADB531AEFE", "AKB:23989659-4C74-427C-A87C-23D8E9835EA8", "AKB:29D18865-A4E1-4B04-9126-2168B85571AB", "AKB:39AE7F32-95C6-4B33-B99F-293449699FB9", "AKB:9475B3F7-163D-4C32-909A-F5BB9172B38F", "AKB:D2BA8F47-FD4D-4828-A898-980F5C08397F"]}, {"type": "centos", "idList": ["CESA-2019:3834", "CESA-2019:3836", "CESA-2020:0366", "CESA-2020:0839"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-1472", "CPAI-2019-1473", "CPAI-2019-1474", "CPAI-2019-1476", "CPAI-2019-1477", "CPAI-2019-1478", "CPAI-2019-1479", "CPAI-2019-1480", "CPAI-2019-1754", "CPAI-2019-1755", "CPAI-2019-2667"]}, {"type": "cisa", "idList": ["CISA:60BECD302CACD014F496544254DCB720"]}, {"type": "cisa_kev", "idList": ["CISA-KEV-CVE-2019-1388", "CISA-KEV-CVE-2019-1405", "CISA-KEV-CVE-2019-1429"]}, {"type": "citrix", "idList": ["CTX263684"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:6AF202D824CCBDB8B52AD0B7707645BF", "CFOUNDRY:A9246B54233F05FAAFEBCA42A471540D", "CFOUNDRY:BC8FE7ADD7CE210F5A18A29FE6851CCC", "CFOUNDRY:F1FD906C8A4009015525A4BE5BA37775"]}, {"type": "cve", "idList": ["CVE-2019-0712", "CVE-2019-0719", "CVE-2019-0721", "CVE-2019-11135", "CVE-2019-1309", "CVE-2019-1310", "CVE-2019-1384", "CVE-2019-1388", "CVE-2019-1389", "CVE-2019-1390", "CVE-2019-1391", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1398", "CVE-2019-1399", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1407", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1412", "CVE-2019-1415", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1424", "CVE-2019-1426", "CVE-2019-1427", "CVE-2019-1428", "CVE-2019-1429", "CVE-2019-1432", "CVE-2019-1433", "CVE-2019-1434", "CVE-2019-1435", "CVE-2019-1437", "CVE-2019-1438", "CVE-2019-1439", "CVE-2019-1441", "CVE-2019-1456", "CVE-2019-19338"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1989-1:8096A", "DEBIAN:DLA-1990-1:DF706", "DEBIAN:DLA-2051-1:B1C56", "DEBIAN:DLA-2051-1:E78EE", "DEBIAN:DSA-4564-1:E0777", "DEBIAN:DSA-4564-1:F8764", "DEBIAN:DSA-4565-1:21F87", "DEBIAN:DSA-4565-1:A4209", "DEBIAN:DSA-4565-2:013FD", "DEBIAN:DSA-4565-2:D5727", "DEBIAN:DSA-4602-1:C29F7"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-11135", "DEBIANCVE:CVE-2019-19338"]}, {"type": "exploitdb", "idList": ["EDB-ID:47684", "EDB-ID:47805"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:35553BEFF42A94A5A731E9C926E550DD"]}, {"type": "f5", "idList": ["F5:K02912734", "F5:K84933088"]}, {"type": "fedora", "idList": ["FEDORA:07FF360D17A8", "FEDORA:224AE608F491", "FEDORA:267796076024", "FEDORA:2CDA460E9B22", "FEDORA:2E87261278ED", "FEDORA:308A766A87C1", "FEDORA:347EC6014770", "FEDORA:371E06040B12", "FEDORA:4002B609954A", "FEDORA:511A7608E6E1", "FEDORA:51B856067EB8", "FEDORA:5445B61185FA", "FEDORA:56A076119752", "FEDORA:59E3F606D998", "FEDORA:5BC786077CC2", "FEDORA:5F24260E9922", "FEDORA:5FE4A6076D31", "FEDORA:628EB603ECD0", "FEDORA:6D8F5627F513", "FEDORA:803AE30C6416", "FEDORA:87DAB6118614", "FEDORA:89A31604C861", "FEDORA:8C2F86119EC0", "FEDORA:8FEA960A4096", "FEDORA:94BC060A4ECF", "FEDORA:9E9D96119EC1", "FEDORA:B7184611861B", "FEDORA:BF5EC607125E", "FEDORA:C1D196119EC1", "FEDORA:C63426076F58", "FEDORA:C63656040AE1", "FEDORA:C7391611860D", "FEDORA:CB0956087865", "FEDORA:E9C7E608767D", "FEDORA:EC9F26076D31"]}, {"type": "freebsd", "idList": ["FBE10A8A-05A1-11EA-9DFA-F8B156AC3FF9"]}, {"type": "freebsd_advisory", "idList": ["FREEBSD_ADVISORY:FREEBSD-SA-19:26.MCU"]}, {"type": "gentoo", "idList": ["GLSA-202003-56"]}, {"type": "githubexploit", "idList": ["08F9C81B-86DF-514A-892F-E56CA3E6D09B", "6F0C2009-5131-5E06-87CE-53355275BF95", "8553B7CC-4A74-5F79-AB58-8447EBD1A034", "A954EF44-14A7-5992-87BC-C327FBBD385A"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:2E85097DC4FBE492B1CB6FAE84AFE126", "GOOGLEPROJECTZERO:4C8E7D595A367E9DA6260DA13FAF3886", "GOOGLEPROJECTZERO:A596034F451F58030932B2FC46FB6F38", "GOOGLEPROJECTZERO:C2A64C2133DFD2ACB457C2DD2790CBF7"]}, {"type": "hp", "idList": ["HP:C06502052"]}, {"type": "ibm", "idList": ["63B8DACF4D9207A80DC8478A9FE0FEBB4F6D6599EFEA8DD045EEBEA18CA79689", "F8CEB533FA9C1B8ED5CD7460C1ECAE11617B8D3B6DF044FE71A22BC22E7FA595"]}, {"type": "intel", "idList": ["INTEL:INTEL-SA-00270"]}, {"type": "kaspersky", "idList": ["KLA11605", "KLA11608", "KLA11871", "KLA12121"]}, {"type": "kitploit", "idList": ["KITPLOIT:3701426813255055656", "KITPLOIT:4761268611976240701"]}, {"type": "krebs", "idList": ["KREBS:B3F20C0C41C613971FDADBAE93382CDF", "KREBS:F5ECCD2DD57FDBC0A6062FA0AB5371FB"]}, {"type": "lenovo", "idList": ["LENOVO:PS500279-MULTI-VENDOR-BIOS-SECURITY-VULNERABILITIES-NOSID", "LENOVO:PS500279-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2019-0332", "MGASA-2019-0333", "MGASA-2019-0334", "MGASA-2019-0413", "MGASA-2020-0113"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT-WINDOWS-LOCAL-COMAHAWK-"]}, {"type": "mscve", "idList": ["MS:CVE-2019-0712", "MS:CVE-2019-0719", "MS:CVE-2019-11135", "MS:CVE-2019-1384", "MS:CVE-2019-1388", "MS:CVE-2019-1389", "MS:CVE-2019-1390", "MS:CVE-2019-1391", "MS:CVE-2019-1393", "MS:CVE-2019-1394", "MS:CVE-2019-1395", "MS:CVE-2019-1396", "MS:CVE-2019-1397", "MS:CVE-2019-1399", "MS:CVE-2019-1405", "MS:CVE-2019-1406", "MS:CVE-2019-1407", "MS:CVE-2019-1408", "MS:CVE-2019-1409", "MS:CVE-2019-1411", "MS:CVE-2019-1412", "MS:CVE-2019-1415", "MS:CVE-2019-1418", "MS:CVE-2019-1419", "MS:CVE-2019-1424", "MS:CVE-2019-1429", "MS:CVE-2019-1432", "MS:CVE-2019-1433", "MS:CVE-2019-1434", "MS:CVE-2019-1435", "MS:CVE-2019-1439", "MS:CVE-2019-1441", "MS:CVE-2019-1456"]}, {"type": "mskb", "idList": ["KB4516033", "KB4516065", "KB4523205", "KB4524570", "KB4525106", "KB4525232", "KB4525233", "KB4525235", "KB4525236", "KB4525237", "KB4525239", "KB4525241", "KB4525243", "KB4525245", "KB4525246", "KB4525250", "KB4525253"]}, {"type": "nessus", "idList": ["AL2_ALAS-2019-1364.NASL", "ALA_ALAS-2019-1318.NASL", "ALMA_LINUX_ALSA-2020-0279.NASL", "CENTOS8_RHSA-2020-0279.NASL", "CENTOS8_RHSA-2020-0339.NASL", "CENTOS_RHSA-2019-3834.NASL", "CENTOS_RHSA-2019-3836.NASL", "CENTOS_RHSA-2020-0366.NASL", "CENTOS_RHSA-2020-0839.NASL", "DEBIAN_DLA-1989.NASL", "DEBIAN_DLA-1990.NASL", "DEBIAN_DLA-2051.NASL", "DEBIAN_DSA-4564.NASL", "DEBIAN_DSA-4565.NASL", "DEBIAN_DSA-4602.NASL", "EULEROS_SA-2020-1112.NASL", "EULEROS_SA-2020-1158.NASL", "EULEROS_SA-2020-1342.NASL", "EULEROS_SA-2020-1396.NASL", "EULEROS_SA-2020-1430.NASL", "EULEROS_SA-2020-1536.NASL", "EULEROS_SA-2020-1790.NASL", "EULEROS_SA-2020-1792.NASL", "EULEROS_SA-2021-1684.NASL", "FEDORA_2019-1689D3FE07.NASL", "FEDORA_2019-376EC5C107.NASL", "FEDORA_2019-68D7F68507.NASL", "FEDORA_2019-7A3FC17778.NASL", "FEDORA_2019-CBB732F760.NASL", "FREEBSD_PKG_FBE10A8A05A111EA9DFAF8B156AC3FF9.NASL", "GENTOO_GLSA-202003-56.NASL", "MACOSX_FUSION_VMSA_2019_0021.NASL", "MICROSOFT_WINDOWS_SPEC_EXECUTION.NBIN", "NEWSTART_CGSL_NS-SA-2019-0264_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0266_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2020-0002_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2020-0021_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2020-0041_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2020-0108_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2022-0075_KERNEL.NASL", "NUTANIX_NXSA-AOS-5_11_3.NASL", "NUTANIX_NXSA-AOS-5_15_1.NASL", "NUTANIX_NXSA-AOS-5_16_0_1.NASL", "NUTANIX_NXSA-AOS-5_16_1.NASL", "NUTANIX_NXSA-AOS-5_16_1_3.NASL", "NUTANIX_NXSA-AOS-5_17.NASL", "NUTANIX_NXSA-AOS-5_17_0_3.NASL", "NUTANIX_NXSA-AOS-5_17_1.NASL", "NUTANIX_NXSA-AOS-5_18.NASL", "OPENSUSE-2019-2503.NASL", "OPENSUSE-2019-2504.NASL", "OPENSUSE-2019-2505.NASL", "OPENSUSE-2019-2506.NASL", "OPENSUSE-2019-2507.NASL", "OPENSUSE-2019-2508.NASL", "OPENSUSE-2019-2509.NASL", "OPENSUSE-2019-2510.NASL", "OPENSUSE-2019-2527.NASL", "OPENSUSE-2019-2528.NASL", "OPENSUSE-2019-2710.NASL", "ORACLELINUX_ELSA-2019-3832.NASL", "ORACLELINUX_ELSA-2019-3834.NASL", "ORACLELINUX_ELSA-2019-3836.NASL", "ORACLELINUX_ELSA-2019-4836.NASL", "ORACLELINUX_ELSA-2019-4837.NASL", "ORACLELINUX_ELSA-2019-4838.NASL", "ORACLELINUX_ELSA-2019-4839.NASL", "ORACLELINUX_ELSA-2019-4850.NASL", "ORACLELINUX_ELSA-2019-4854.NASL", "ORACLELINUX_ELSA-2019-4855.NASL", "ORACLELINUX_ELSA-2020-0279.NASL", "ORACLELINUX_ELSA-2020-0339.NASL", "ORACLELINUX_ELSA-2020-0366.NASL", "ORACLELINUX_ELSA-2020-0834.NASL", "ORACLEVM_OVMSA-2019-0052.NASL", "ORACLEVM_OVMSA-2019-0056.NASL", "ORACLEVM_OVMSA-2020-0026.NASL", "ORACLEVM_OVMSA-2020-0039.NASL", "PHOTONOS_PHSA-2019-1_0-0259_LINUX.NASL", "PHOTONOS_PHSA-2019-2_0-0191_LINUX.NASL", "REDHAT-RHSA-2019-3832.NASL", "REDHAT-RHSA-2019-3833.NASL", "REDHAT-RHSA-2019-3834.NASL", "REDHAT-RHSA-2019-3835.NASL", "REDHAT-RHSA-2019-3836.NASL", "REDHAT-RHSA-2019-3837.NASL", "REDHAT-RHSA-2019-3838.NASL", "REDHAT-RHSA-2019-3839.NASL", "REDHAT-RHSA-2019-3840.NASL", "REDHAT-RHSA-2019-3841.NASL", "REDHAT-RHSA-2019-3842.NASL", "REDHAT-RHSA-2019-3843.NASL", "REDHAT-RHSA-2019-3844.NASL", "REDHAT-RHSA-2019-3860.NASL", "REDHAT-RHSA-2019-3936.NASL", "REDHAT-RHSA-2020-0026.NASL", "REDHAT-RHSA-2020-0028.NASL", "REDHAT-RHSA-2020-0204.NASL", "REDHAT-RHSA-2020-0279.NASL", "REDHAT-RHSA-2020-0328.NASL", "REDHAT-RHSA-2020-0339.NASL", "REDHAT-RHSA-2020-0366.NASL", "REDHAT-RHSA-2020-0555.NASL", "REDHAT-RHSA-2020-0666.NASL", "REDHAT-RHSA-2020-0730.NASL", "REDHAT-RHSA-2020-0834.NASL", "REDHAT-RHSA-2020-0839.NASL", "REDHAT-RHSA-2020-1465.NASL", "ROCKY_LINUX_RLSA-2020-0279.NASL", "SLACKWARE_SSA_2019-320-01.NASL", "SL_20191113_KERNEL_ON_SL6_X.NASL", "SL_20191113_KERNEL_ON_SL7_X.NASL", "SL_20200205_QEMU_KVM_ON_SL7_X.NASL", "SL_20200317_KERNEL_ON_SL7_X.NASL", "SMB_NT_MS19_NOV_4523205.NASL", "SMB_NT_MS19_NOV_4524570.NASL", "SMB_NT_MS19_NOV_4525232.NASL", "SMB_NT_MS19_NOV_4525234.NASL", "SMB_NT_MS19_NOV_4525235.NASL", "SMB_NT_MS19_NOV_4525236.NASL", "SMB_NT_MS19_NOV_4525237.NASL", "SMB_NT_MS19_NOV_4525241.NASL", "SMB_NT_MS19_NOV_4525243.NASL", "SMB_NT_MS19_NOV_4525246.NASL", "SMB_NT_MS19_NOV_INTERNET_EXPLORER.NASL", "SMB_NT_MS19_SEP_4516065.NASL", "SUSE_SU-2019-14217-1.NASL", "SUSE_SU-2019-14218-1.NASL", "SUSE_SU-2019-14220-1.NASL", "SUSE_SU-2019-2946-1.NASL", "SUSE_SU-2019-2947-1.NASL", "SUSE_SU-2019-2948-1.NASL", "SUSE_SU-2019-2949-1.NASL", "SUSE_SU-2019-2950-1.NASL", "SUSE_SU-2019-2953-1.NASL", "SUSE_SU-2019-2954-1.NASL", "SUSE_SU-2019-2955-1.NASL", "SUSE_SU-2019-2956-1.NASL", "SUSE_SU-2019-2957-1.NASL", "SUSE_SU-2019-2958-1.NASL", "SUSE_SU-2019-2959-1.NASL", "SUSE_SU-2019-2960-1.NASL", "SUSE_SU-2019-2961-1.NASL", "SUSE_SU-2019-2962-1.NASL", "SUSE_SU-2019-2984-1.NASL", "SUSE_SU-2019-2986-1.NASL", "SUSE_SU-2019-2987-1.NASL", "SUSE_SU-2019-2988-1.NASL", "SUSE_SU-2019-3091-1.NASL", "SUSE_SU-2019-3200-1.NASL", "SUSE_SU-2019-3295-1.NASL", "SUSE_SU-2019-3297-1.NASL", "SUSE_SU-2019-3340-1.NASL", "SUSE_SU-2019-3348-1.NASL", "SUSE_SU-2020-0093-1.NASL", "SUSE_SU-2020-0334-1.NASL", "SUSE_SU-2020-0388-1.NASL", "SUSE_SU-2020-14444-1.NASL", "UBUNTU_USN-4182-1.NASL", "UBUNTU_USN-4182-3.NASL", "UBUNTU_USN-4183-1.NASL", "UBUNTU_USN-4183-2.NASL", "UBUNTU_USN-4184-1.NASL", "UBUNTU_USN-4184-2.NASL", "UBUNTU_USN-4185-1.NASL", "UBUNTU_USN-4185-3.NASL", "UBUNTU_USN-4186-1.NASL", "UBUNTU_USN-4186-3.NASL", "VIRTUOZZO_VZA-2019-089.NASL", "VMWARE_VMSA-2019-0020.NASL", "VMWARE_WORKSTATION_VMSA_2019_0021.NASL", "XEN_SERVER_XSA-305.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310108766", "OPENVAS:1361412562310108767", "OPENVAS:1361412562310704564", "OPENVAS:1361412562310704565", "OPENVAS:1361412562310704602", "OPENVAS:1361412562310815720", "OPENVAS:1361412562310815722", "OPENVAS:1361412562310815834", "OPENVAS:1361412562310815835", "OPENVAS:1361412562310815836", "OPENVAS:1361412562310815837", "OPENVAS:1361412562310815839", "OPENVAS:1361412562310844229", "OPENVAS:1361412562310844230", "OPENVAS:1361412562310844231", "OPENVAS:1361412562310844233", "OPENVAS:1361412562310844234", "OPENVAS:1361412562310844235", "OPENVAS:1361412562310844236", "OPENVAS:1361412562310844263", "OPENVAS:1361412562310844274", "OPENVAS:1361412562310844277", "OPENVAS:1361412562310852771", "OPENVAS:1361412562310852772", "OPENVAS:1361412562310852773", "OPENVAS:1361412562310852774", "OPENVAS:1361412562310852777", "OPENVAS:1361412562310852810", "OPENVAS:1361412562310852883", "OPENVAS:1361412562310852891", "OPENVAS:1361412562310852919", "OPENVAS:1361412562310852957", "OPENVAS:1361412562310876993", "OPENVAS:1361412562310876995", "OPENVAS:1361412562310876996", "OPENVAS:1361412562310876997", "OPENVAS:1361412562310876998", "OPENVAS:1361412562310876999", "OPENVAS:1361412562310877000", "OPENVAS:1361412562310877001", "OPENVAS:1361412562310877045", "OPENVAS:1361412562310877052", "OPENVAS:1361412562310877058", "OPENVAS:1361412562310877070", "OPENVAS:1361412562310877081", "OPENVAS:1361412562310877102", "OPENVAS:1361412562310877113", "OPENVAS:1361412562310877132", "OPENVAS:1361412562310877136", "OPENVAS:1361412562310877144", "OPENVAS:1361412562310877169", "OPENVAS:1361412562310877197", "OPENVAS:1361412562310877198", "OPENVAS:1361412562310877209", "OPENVAS:1361412562310877213", "OPENVAS:1361412562310877281", "OPENVAS:1361412562310877292", "OPENVAS:1361412562310877358", "OPENVAS:1361412562310877370", "OPENVAS:1361412562310877391", "OPENVAS:1361412562310877407", "OPENVAS:1361412562310877476", "OPENVAS:1361412562310877479", "OPENVAS:1361412562310877533", "OPENVAS:1361412562310877540", "OPENVAS:1361412562310877541", "OPENVAS:1361412562310877952", "OPENVAS:1361412562310883131", "OPENVAS:1361412562310883133", "OPENVAS:1361412562310883177", "OPENVAS:1361412562310883210", "OPENVAS:1361412562310891989", "OPENVAS:1361412562310891990", "OPENVAS:1361412562310892051", "OPENVAS:1361412562311220201112", "OPENVAS:1361412562311220201158", "OPENVAS:1361412562311220201342", "OPENVAS:1361412562311220201396", "OPENVAS:1361412562311220201430", "OPENVAS:1361412562311220201536", "OPENVAS:1361412562311220201790", "OPENVAS:1361412562311220201792"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2021"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-3832", "ELSA-2019-3834", "ELSA-2019-3836", "ELSA-2019-3872", "ELSA-2019-3979", "ELSA-2019-4256", "ELSA-2019-4836", "ELSA-2019-4837", "ELSA-2019-4838", "ELSA-2019-4839", "ELSA-2019-4850", "ELSA-2019-4854", "ELSA-2019-4855", "ELSA-2019-4867", "ELSA-2019-4868", "ELSA-2020-0279", "ELSA-2020-0366", "ELSA-2020-1016", "ELSA-2020-1116"]}, {"type": "osv", "idList": ["OSV:CVE-2019-11135", "OSV:DLA-1989-1", "OSV:DLA-1990-1", "OSV:DLA-2051-1", "OSV:DSA-4564-1", "OSV:DSA-4565-1", "OSV:DSA-4602-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:155433", "PACKETSTORM:155723"]}, {"type": "photon", "idList": ["PHSA-2019-0191", "PHSA-2019-0259", "PHSA-2019-1.0-0259", "PHSA-2019-2.0-0191", "PHSA-2019-3.0-0041"]}, {"type": "prion", "idList": ["PRION:CVE-2019-0712", "PRION:CVE-2019-0719", "PRION:CVE-2019-0721", "PRION:CVE-2019-11135", "PRION:CVE-2019-1309", "PRION:CVE-2019-1310", "PRION:CVE-2019-1384", "PRION:CVE-2019-1388", "PRION:CVE-2019-1389", "PRION:CVE-2019-1390", "PRION:CVE-2019-1391", "PRION:CVE-2019-1393", "PRION:CVE-2019-1394", "PRION:CVE-2019-1395", "PRION:CVE-2019-1396", "PRION:CVE-2019-1397", "PRION:CVE-2019-1398", "PRION:CVE-2019-1399", "PRION:CVE-2019-1405", "PRION:CVE-2019-1406", "PRION:CVE-2019-1407", "PRION:CVE-2019-1408", "PRION:CVE-2019-1409", "PRION:CVE-2019-1411", "PRION:CVE-2019-1412", "PRION:CVE-2019-1415", "PRION:CVE-2019-1418", "PRION:CVE-2019-1419", "PRION:CVE-2019-1424", "PRION:CVE-2019-1426", "PRION:CVE-2019-1427", "PRION:CVE-2019-1428", "PRION:CVE-2019-1429", "PRION:CVE-2019-1432", "PRION:CVE-2019-1433", "PRION:CVE-2019-1434", "PRION:CVE-2019-1435", "PRION:CVE-2019-1437", "PRION:CVE-2019-1438", "PRION:CVE-2019-1439", "PRION:CVE-2019-1441", "PRION:CVE-2019-1456", "PRION:CVE-2019-19338"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:0082A77BD8EFFF48B406D107FEFD0DD3", "QUALYSBLOG:91FCE9434FEBAD3E701C317530323FD6"]}, {"type": "redhat", "idList": ["RHSA-2019:3832", "RHSA-2019:3833", "RHSA-2019:3834", "RHSA-2019:3835", "RHSA-2019:3836", "RHSA-2019:3837", "RHSA-2019:3838", "RHSA-2019:3839", "RHSA-2019:3840", "RHSA-2019:3841", "RHSA-2019:3842", "RHSA-2019:3843", "RHSA-2019:3844", "RHSA-2019:3860", "RHSA-2019:3936", "RHSA-2020:0026", "RHSA-2020:0028", "RHSA-2020:0204", "RHSA-2020:0279", "RHSA-2020:0328", "RHSA-2020:0339", "RHSA-2020:0366", "RHSA-2020:0555", "RHSA-2020:0666", "RHSA-2020:0730", "RHSA-2020:0834", "RHSA-2020:0839", "RHSA-2020:1465"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-11135", "RH:CVE-2019-19338"]}, {"type": "rocky", "idList": ["RLSA-2020:0279"]}, {"type": "securelist", "idList": ["SECURELIST:6E5BCE8A736D28A7E168E1CD5131CE3D", "SECURELIST:7286FDD05AF03323AEA8EDD25DF1604F", "SECURELIST:78C1216872C5187377E9C874AEDF73FC"]}, {"type": "slackware", "idList": ["SSA-2019-320-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2503-1", "OPENSUSE-SU-2019:2504-1", "OPENSUSE-SU-2019:2505-1", "OPENSUSE-SU-2019:2506-1", "OPENSUSE-SU-2019:2507-1", "OPENSUSE-SU-2019:2509-1", "OPENSUSE-SU-2019:2510-1", "OPENSUSE-SU-2019:2527-1", "OPENSUSE-SU-2019:2528-1", "OPENSUSE-SU-2019:2710-1"]}, {"type": "symantec", "idList": ["SMNTC-110690", "SMNTC-110691", "SMNTC-110692", "SMNTC-110697", "SMNTC-110701", "SMNTC-110702", "SMNTC-110703", "SMNTC-110705", "SMNTC-110711", "SMNTC-110715", "SMNTC-110727", "SMNTC-110728", "SMNTC-110729", "SMNTC-110730", "SMNTC-110731", "SMNTC-110736", "SMNTC-110740", "SMNTC-110741", "SMNTC-110742", "SMNTC-110743", "SMNTC-110745", "SMNTC-110762", "SMNTC-110765", "SMNTC-110772", "SMNTC-110774", "SMNTC-110782", "SMNTC-110783", "SMNTC-110784", "SMNTC-110790", "SMNTC-110791", "SMNTC-110805", "SMNTC-110808"]}, {"type": "talosblog", "idList": ["TALOSBLOG:3052A7B74E1E13F630CF51AB1B1A36D6", "TALOSBLOG:C3F889D9C3C954C42160A3C26034C2F6", "TALOSBLOG:D617C7EFD22C4CD2ECFE1B030BD80B0E", "TALOSBLOG:F543D5FEAB2BB1C90B9699F8AE8757F4"]}, {"type": "thn", "idList": ["THN:2317E195EA00288327BADFBE0E5DBA9A", "THN:ED17BB6E1286DD4E36EFE5877F25B545"]}, {"type": "threatpost", "idList": ["THREATPOST:5293ED4A454EC6487F8AA9DB9A0FF180", "THREATPOST:B9A717DA93642284A9408C7A11D5714E", "THREATPOST:C63BDB5BFB4AECB9F2F95F69E238122B"]}, {"type": "ubuntu", "idList": ["USN-4182-1", "USN-4182-2", "USN-4182-3", "USN-4182-4", "USN-4183-1", "USN-4183-2", "USN-4184-1", "USN-4184-2", "USN-4185-1", "USN-4185-2", "USN-4185-3", "USN-4186-1", "USN-4186-2", "USN-4186-3", "USN-4187-1", "USN-4188-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-11135", "UB:CVE-2019-19338"]}, {"type": "veracode", "idList": ["VERACODE:21944", "VERACODE:21958", "VERACODE:21959", "VERACODE:21960", "VERACODE:22480"]}, {"type": "virtuozzo", "idList": ["VZA-2019-088", "VZA-2019-089"]}, {"type": "vmware", "idList": ["VMSA-2019-0020"]}, {"type": "xen", "idList": ["XSA-305"]}, {"type": "zdi", "idList": ["ZDI-19-1016", "ZDI-19-973", "ZDI-19-974", "ZDI-19-975", "ZDI-19-976", "ZDI-19-977", "ZDI-19-980", "ZDI-19-981", "ZDI-19-982", "ZDI-19-983", "ZDI-19-984", "ZDI-19-985", "ZDI-19-986"]}, {"type": "zdt", "idList": ["1337DAY-ID-33561", "1337DAY-ID-33566", "1337DAY-ID-33685"]}]}, "score": {"value": 0.5, "vector": "NONE"}, "backreferences": {"references": [{"type": "almalinux", "idList": ["ALSA-2020:0279"]}, {"type": "amazon", "idList": ["ALAS-2019-1318"]}, {"type": "archlinux", "idList": ["ASA-201911-14"]}, {"type": "centos", "idList": ["CESA-2019:3834", "CESA-2019:3836", "CESA-2020:0839"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-1478"]}, {"type": "citrix", "idList": ["CTX263684"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:A9246B54233F05FAAFEBCA42A471540D", "CFOUNDRY:BC8FE7ADD7CE210F5A18A29FE6851CCC", "CFOUNDRY:F1FD906C8A4009015525A4BE5BA37775"]}, {"type": "cve", "idList": ["CVE-2019-11135", "CVE-2019-1396"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1989-1:8096A", "DEBIAN:DLA-1990-1:DF706", "DEBIAN:DSA-4564-1:E0777", "DEBIAN:DSA-4565-1:21F87"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-11135"]}, {"type": "f5", "idList": ["F5:K02912734"]}, {"type": "fedora", "idList": ["FEDORA:07FF360D17A8", "FEDORA:224AE608F491", "FEDORA:267796076024", "FEDORA:2CDA460E9B22", "FEDORA:2E87261278ED", "FEDORA:308A766A87C1", "FEDORA:347EC6014770", "FEDORA:371E06040B12", "FEDORA:4002B609954A", "FEDORA:511A7608E6E1", "FEDORA:51B856067EB8", "FEDORA:5445B61185FA", "FEDORA:56A076119752", "FEDORA:59E3F606D998", "FEDORA:5BC786077CC2", "FEDORA:5F24260E9922", "FEDORA:5FE4A6076D31", "FEDORA:628EB603ECD0", "FEDORA:6D8F5627F513", "FEDORA:803AE30C6416", "FEDORA:87DAB6118614", "FEDORA:89A31604C861", "FEDORA:8C2F86119EC0", "FEDORA:8FEA960A4096", "FEDORA:94BC060A4ECF", "FEDORA:9E9D96119EC1", "FEDORA:B7184611861B", "FEDORA:BF5EC607125E", "FEDORA:C1D196119EC1", "FEDORA:C63426076F58", "FEDORA:C63656040AE1", "FEDORA:C7391611860D", "FEDORA:CB0956087865", "FEDORA:E9C7E608767D", "FEDORA:EC9F26076D31"]}, {"type": "freebsd", "idList": ["FBE10A8A-05A1-11EA-9DFA-F8B156AC3FF9"]}, {"type": "gentoo", "idList": ["GLSA-202003-56"]}, {"type": "hp", "idList": ["HP:C06502052"]}, {"type": "kaspersky", "idList": ["KLA11608", "KLA11871"]}, {"type": "lenovo", "idList": ["LENOVO:PS500279-NOSID"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/FREEBSD-CVE-2019-11135/", "MSF:ILITIES/REDHAT-OPENSHIFT-CVE-2019-11135/", "MSF:ILITIES/REDHAT_LINUX-CVE-2019-11135/"]}, {"type": "mscve", "idList": ["MS:CVE-2019-11135", "MS:CVE-2019-1396"]}, {"type": "mskb", "idList": ["KB4525233", "KB4525237", "KB4525239", "KB4525241", "KB4525250", "KB4525253", "KB4526478"]}, {"type": "nessus", "idList": ["AL2_ALAS-2019-1364.NASL", "ALA_ALAS-2019-1318.NASL", "CENTOS_RHSA-2019-3834.NASL", "CENTOS_RHSA-2019-3836.NASL", "DEBIAN_DLA-1989.NASL", "DEBIAN_DLA-1990.NASL", "DEBIAN_DSA-4564.NASL", "DEBIAN_DSA-4565.NASL", "EULEROS_SA-2020-1342.NASL", "EULEROS_SA-2020-1430.NASL", "FEDORA_2019-1689D3FE07.NASL", "FEDORA_2019-376EC5C107.NASL", "FEDORA_2019-68D7F68507.NASL", "FEDORA_2019-7A3FC17778.NASL", "FREEBSD_PKG_FBE10A8A05A111EA9DFAF8B156AC3FF9.NASL", "GENTOO_GLSA-202003-56.NASL", "MACOSX_FUSION_VMSA_2019_0021.NASL", "MICROSOFT_OFFICE_UNSUPPORTED.NASL", "OPENSUSE-2019-2503.NASL", "OPENSUSE-2019-2504.NASL", "OPENSUSE-2019-2505.NASL", "OPENSUSE-2019-2506.NASL", "OPENSUSE-2019-2507.NASL", "OPENSUSE-2019-2508.NASL", "OPENSUSE-2019-2509.NASL", "OPENSUSE-2019-2510.NASL", "OPENSUSE-2019-2527.NASL", "OPENSUSE-2019-2528.NASL", "ORACLELINUX_ELSA-2019-3832.NASL", "ORACLELINUX_ELSA-2019-3834.NASL", "ORACLELINUX_ELSA-2019-3836.NASL", "ORACLELINUX_ELSA-2019-4836.NASL", "ORACLELINUX_ELSA-2019-4837.NASL", "ORACLELINUX_ELSA-2019-4838.NASL", "ORACLELINUX_ELSA-2019-4839.NASL", "ORACLELINUX_ELSA-2019-4850.NASL", "ORACLEVM_OVMSA-2019-0052.NASL", "ORACLEVM_OVMSA-2019-0056.NASL", "REDHAT-RHSA-2019-3832.NASL", "REDHAT-RHSA-2019-3833.NASL", "REDHAT-RHSA-2019-3834.NASL", "REDHAT-RHSA-2019-3835.NASL", "REDHAT-RHSA-2019-3836.NASL", "REDHAT-RHSA-2019-3837.NASL", "REDHAT-RHSA-2019-3838.NASL", "REDHAT-RHSA-2019-3839.NASL", "REDHAT-RHSA-2019-3840.NASL", "REDHAT-RHSA-2019-3841.NASL", "REDHAT-RHSA-2019-3842.NASL", "REDHAT-RHSA-2019-3843.NASL", "REDHAT-RHSA-2019-3844.NASL", "REDHAT-RHSA-2019-3860.NASL", "REDHAT-RHSA-2019-3936.NASL", "SLACKWARE_SSA_2019-320-01.NASL", "SL_20191113_KERNEL_ON_SL6_X.NASL", "SL_20191113_KERNEL_ON_SL7_X.NASL", "SMB_NT_MS19_NOV_4523205.NASL", "SMB_NT_MS19_NOV_4524570.NASL", "SMB_NT_MS19_NOV_4525232.NASL", "SMB_NT_MS19_NOV_4525234.NASL", "SMB_NT_MS19_NOV_4525235.NASL", "SMB_NT_MS19_NOV_4525236.NASL", "SMB_NT_MS19_NOV_4525237.NASL", "SMB_NT_MS19_NOV_4525241.NASL", "SMB_NT_MS19_NOV_4525243.NASL", "SMB_NT_MS19_NOV_4525246.NASL", "SUSE_SU-2019-14217-1.NASL", "SUSE_SU-2019-14218-1.NASL", "SUSE_SU-2019-14220-1.NASL", "SUSE_SU-2019-2946-1.NASL", "SUSE_SU-2019-2947-1.NASL", "SUSE_SU-2019-2948-1.NASL", "SUSE_SU-2019-2949-1.NASL", "SUSE_SU-2019-2950-1.NASL", "SUSE_SU-2019-2953-1.NASL", "SUSE_SU-2019-2954-1.NASL", "SUSE_SU-2019-2955-1.NASL", "SUSE_SU-2019-2956-1.NASL", "SUSE_SU-2019-2957-1.NASL", "SUSE_SU-2019-2958-1.NASL", "SUSE_SU-2019-2959-1.NASL", "SUSE_SU-2019-2960-1.NASL", "SUSE_SU-2019-2961-1.NASL", "SUSE_SU-2019-2962-1.NASL", "SUSE_SU-2019-2984-1.NASL", "SUSE_SU-2019-2986-1.NASL", "SUSE_SU-2019-2987-1.NASL", "SUSE_SU-2019-2988-1.NASL", "SUSE_SU-2020-14444-1.NASL", "UBUNTU_USN-4182-1.NASL", "UBUNTU_USN-4183-1.NASL", "UBUNTU_USN-4183-2.NASL", "UBUNTU_USN-4184-1.NASL", "UBUNTU_USN-4184-2.NASL", "UBUNTU_USN-4185-1.NASL", "UBUNTU_USN-4185-3.NASL", "UBUNTU_USN-4186-1.NASL", "UBUNTU_USN-4186-3.NASL", "VIRTUOZZO_VZA-2019-089.NASL", "VMWARE_VMSA-2019-0020.NASL", "VMWARE_WORKSTATION_VMSA_2019_0021.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704564", "OPENVAS:1361412562310704565", "OPENVAS:1361412562310815720", "OPENVAS:1361412562310815722", "OPENVAS:1361412562310815834", "OPENVAS:1361412562310815835", "OPENVAS:1361412562310815836", "OPENVAS:1361412562310815837", "OPENVAS:1361412562310815839", "OPENVAS:1361412562310844229", "OPENVAS:1361412562310844230", "OPENVAS:1361412562310844231", "OPENVAS:1361412562310844233", "OPENVAS:1361412562310844234", "OPENVAS:1361412562310844235", "OPENVAS:1361412562310844236", "OPENVAS:1361412562310852771", "OPENVAS:1361412562310852772", "OPENVAS:1361412562310852773", "OPENVAS:1361412562310852774", "OPENVAS:1361412562310852777", "OPENVAS:1361412562310876993", "OPENVAS:1361412562310876995", "OPENVAS:1361412562310876996", "OPENVAS:1361412562310876997", "OPENVAS:1361412562310876998", "OPENVAS:1361412562310876999", "OPENVAS:1361412562310877000", "OPENVAS:1361412562310877001", "OPENVAS:1361412562310883131", "OPENVAS:1361412562310883133", "OPENVAS:1361412562310891989", "OPENVAS:1361412562310891990"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2021"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-3832", "ELSA-2019-3834", "ELSA-2019-3836", "ELSA-2019-3872", "ELSA-2019-3979", "ELSA-2019-4836", "ELSA-2019-4837", "ELSA-2019-4838", "ELSA-2019-4839", "ELSA-2019-4850", "ELSA-2019-4854", "ELSA-2019-4855", "ELSA-2020-1016", "ELSA-2020-1116"]}, {"type": "photon", "idList": ["PHSA-2019-1.0-0259", "PHSA-2019-2.0-0191"]}, {"type": "redhat", "idList": ["RHSA-2019:3832", "RHSA-2019:3833", "RHSA-2019:3834", "RHSA-2019:3836", "RHSA-2019:3837", "RHSA-2019:3838", "RHSA-2019:3840", "RHSA-2019:3842", "RHSA-2019:3843", "RHSA-2019:3860", "RHSA-2019:3936"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-11135", "RH:CVE-2019-19338"]}, {"type": "slackware", "idList": ["SSA-2019-320-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2503-1", "OPENSUSE-SU-2019:2504-1", "OPENSUSE-SU-2019:2505-1", "OPENSUSE-SU-2019:2506-1", "OPENSUSE-SU-2019:2507-1", "OPENSUSE-SU-2019:2509-1", "OPENSUSE-SU-2019:2510-1", "OPENSUSE-SU-2019:2527-1", "OPENSUSE-SU-2019:2528-1"]}, {"type": "symantec", "idList": ["SMNTC-110705"]}, {"type": "talosblog", "idList": ["TALOSBLOG:D617C7EFD22C4CD2ECFE1B030BD80B0E"]}, {"type": "thn", "idList": ["THN:2317E195EA00288327BADFBE0E5DBA9A"]}, {"type": "ubuntu", "idList": ["USN-4182-1", "USN-4182-2", "USN-4183-1", "USN-4183-2", "USN-4184-1", "USN-4184-2", "USN-4185-1", "USN-4185-2", "USN-4185-3", "USN-4186-1", "USN-4186-2", "USN-4186-3", "USN-4187-1", "USN-4188-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-11135"]}, {"type": "virtuozzo", "idList": ["VZA-2019-088", "VZA-2019-089"]}, {"type": "vmware", "idList": ["VMSA-2019-0020"]}, {"type": "xen", "idList": ["XSA-305"]}, {"type": "zdi", "idList": ["ZDI-19-982"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2019-11135", "epss": 0.00049, "percentile": 0.15329, "modified": "2023-04-12"}, {"cve": "CVE-2019-1396", "epss": 0.00046, "percentile": 0.12845, "modified": "2023-04-12"}], "vulnersScore": 0.5}, "_state": {"dependencies": 1701165422, "score": 1701165812, "epss": 0}, "_internal": {"score_hash": "f03aa2dbe19154e68a186960f8259053"}, "kb": "KB4525234", "msrc": "", "mscve": "CVE-2019-1396", "msplatform": "", "msfamily": "ESU", "msimpact": "Elevation of Privilege", "msseverity": "Important", "superseeds": ["KB2839229", "KB4512476", "KB917159", "KB4018466", "KB4020322", "KB933729", "KB4019149", "KB2506223", "KB4339291", "KB938829", "KB4516026", "KBNone", "KB955069", "KB2862966", "KB2556532", "KB3081320", "KB968537", "KB3204724", "KB929969", "KB3161561", "KB4022013", "KB923414", "KB4042120", "KB2724197", "KB4056944", "KB2633952", "KB938464", "KB4093223", "KB3087135", "KB979306", "KB2753842", "KB2588516", "KB2279986", "KB971468", "KB976098", "KB935839", "KB4021903", "KB4022887", "KB2412687", "KB2855844", "KB4012864", "KB2536276", "KB3121918", "KB4056941", "KB2507618", "KB4022883", "KB2840149", "KB3148851", "KB4058165", "KB4041671", "KB2160329", "KB4130957", "KB4048970", "KB2845690", "KB3046049", "KB4042121", "KB3070102", "KB4295656", "KB3045171", "KB2476490", "KB2939576", "KB2508429", "KB893086", "KB4038874", "KB3162835", "KB931784", "KB3146706", "KB2660465", "KB4015383", "KB3039066", "KB2443685", "KB4340583", "KB956802", "KB4034741", "KB4503273", "KB2707511", "KB3204723", "KB933360", "KB885492", "KB3033395", "KB2849470", "KB4458010", "KB2158563", "KB2876284", "KB2918614", "KB2691442", "KB3013455", "KB3045999", "KB942763", "KB4341832", "KB3216916", "KB4025240", "KB2570791", "KB4035055", "KB4056615", "KB4015195", "KB3145739", "KB2778344", "KB971486", "KB2719985", "KB2957503", "KB2876315", "KB3126041", "KB3121212", "KB3006226", "KB3182203", "KB969947", "KB980232", "KB4089344", "KB3192321", "KB4499149", "KB2973201", "KB4467706", "KB3088195", "KB3078601", "KB3191203", "KB3101246", "KB4487023", "KB3033890", "KB3087039", "KB3034344", "KB2922229", "KB4014793", "KB914389", "KB4011981", "KB4230467", "KB3035132", "KB982802", "KB960225", "KB2993651", "KB2863058", "KB958687", "KB4042122", "KB2525694", "KB2536275", "KB981852", "KB2378111", "KB3140410", "KB4022746", "KB2758857", "KB2868626", "KB4339284", "KB2756822", "KB3170377", "KB2829361", "KB2659262", "KB4018490", "KB4093224", "KB4480968", "KB3050514", "KB3211308", "KB2585542", "KB2876331", "KB3029944", "KB2688338", "KB921398", "KB4018196", "KB2655992", "KB2779030", "KB3063858", "KB4057893", "KB4012497", "KB961371", "KB3079757", "KB3204808", "KB982214", "KB3072630", "KB3146963", "KB3023562", "KB981793", "KB3057839", "KB2761226", "KB4343674", "KB2883150", "KB2207566", "KB4018885", "KB2904266", "KB2976897", "KB2981580", "KB4047170", "KB4056759", "KB3011780", "KB911565", "KB957095", "KB3073921", "KB2799494", "KB925486", "KB4073080", "KB4489880", "KB3130896", "KB4074837", "KB3080446", "KB2876217", "KB956841", "KB2555917", "KB958869", "KB4093478", "KB2658846", "KB4463097", "KB3072633", "KB3216775", "KB4340937", "KB3198483", "KB3217845", "KB3175024", "KB2868623", "KB970238", "KB2992611", "KB4493471", "KB3153199", "KB4048968", "KB3168965", "KB2813170", "KB2633171", "KB4019206", "KB970653", "KB3153731", "KB936021", "KB943055", "KB2718523", "KB3184122", "KB3000061", "KB3156017", "KB2930275", "KB4507452", "KB943460", "KB3124000", "KB3067505", "KB978251", "KB3203884", "KB4471325", "KB4344104", "KB2898715", "KB2393802", "KB920958", "KB3100465", "KB2479628", "KB4039266", "KB2757638", "KB951072", "KB4130978", "KB3153171", "KB2916036", "KB3077657", "KB980436", "KB3061518", "KB2859537", "KB2709162", "KB3139852", "KB2835361", "KB972270", "KB4012598", "KB2079403", "KB2286198", "KB2567053", "KB2850851", "KB3140735", "KB3126593", "KB3156013", "KB4042007", "KB3097877", "KB957097", "KB955839", "KB948590", "KB4339854", "KB2957189", "KB3046482", "KB3139940", "KB3203859", "KB4520002", "KB958690", "KB3109094", "KB979683", "KB3198234", "KB3101746", "KB2360937", "KB3177186", "KB2478971", "KB2790655", "KB3161664", "KB4087398", "KB3198510", "KB936782", "KB2847311", "KB4468323", "KB2834886", "KB4050795", "KB954211", "KB2978668", "KB2731847", "KB977165", "KB3134214", "KB2296199", "KB2993958", "KB4019204", "KB4074603", "KB2778930", "KB3035131", "KB2436673", "KB3177723", "KB2511455", "KB3076895", "KB2639417", "KB3032323", "KB981957", "KB4049068", "KB4294413", "KB4051956", "KB2893984", "KB3079904", "KB3002885", "KB2485376", "KB938127", "KB4015380", "KB3164033", "KB979559", "KB3124001", "KB3178034", "KB2676562", "KB2808735", "KB3164035", "KB3191256", "KB2779562", "KB2926765", "KB917734", "KB4015193", "KB2641653", "KB4131188", "KB4025674", "KB3069392", "KB3167679", "KB3177725", "KB4093753", "KB2563894", "KB3046306", "KB3194371"], "parentseeds": ["KB5022340", "KB5021289", "KB5011534", "KB5015866", "KB5020019", "KB4561670", "KB5028222", "KB5008274", "KB5012658", "KB5014752", "KB4556860", "KB5004305", "KB5006736", "KB5003661", "KB4571730", "KB5004955", "KB4565536", "KB5010384", "KB5017358", "KB4537810", "KB5032254", "KB5031416", "KB4580378", "KB4541506", "KB5026408", "KB4601360", "KB4550951", "KB5003210", "KB5014010", "KB4586807", "KB4530695", "KB5023755", "KB5007263", "KB5001389", "KB5027279", "KB5000844", "KB4577064", "KB4592498", "KB5030271", "KB5029318", "KB5018450", "KB5005090", "KB4534303", "KB5016669", "KB5022890", "KB5009627", "KB4598288", "KB5025271", "KB5005606"], "msproducts": ["9344", "10336", "10287", "9318", "9312", "9311"], "affectedProducts": ["Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Internet Explorer 9", "Windows Server 2008 for Itanium-Based Systems Service Pack 2"], "supportAreaPaths": [], "supportAreaPathNodes": [], "primarySupportAreaPath": []}

{"nessus": [{"lastseen": "2023-05-24T14:31:38", "description": "The remote Windows host is missing security update 4525239 or cumulative update 4525234. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0719) \n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-1389, CVE-2019-1397)\n\n - A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel. An attacker who successfully exploited the vulnerability could downgrade aspects of the connection allowing for further modification of the transmission. (CVE-2019-1424)\n\n - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory.\n (CVE-2019-1411, CVE-2019-1432)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-11135)\n\n - An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1388)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1429)\n\n - A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. (CVE-2019-1384)\n\n - An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-1434)\n\n - An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations. (CVE-2019-1415)\n\n - An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. (CVE-2019-1454)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. (CVE-2019-0712)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1393, CVE-2019-1394, CVE-2019-1395, CVE-2019-1396, CVE-2019-1408)\n\n - An information vulnerability exists when Windows Modules Installer Service improperly discloses file information.\n Successful exploitation of the vulnerability could allow the attacker to read the contents of a log file on disk.\n (CVE-2019-1418)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1390)\n\n - An information disclosure vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. (CVE-2019-1412)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1439)\n\n - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-1406)\n\n - An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1405)\n\n - A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n There are multiple ways an attacker could exploit the vulnerability, such as by either convincing a user to open a specially crafted document, or by convincing a user to visit a webpage that contains specially crafted embedded OpenType fonts. The update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts. (CVE-2019-1419, CVE-2019-1456)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-1399)\n\n - An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2019-1407, CVE-2019-1433, CVE-2019-1435)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1441)\n\n - An information disclosure vulnerability exists when the Windows Remote Procedure Call (RPC) runtime improperly initializes objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.\n (CVE-2019-1409)\n\n - A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. (CVE-2019-1391)", "cvss3": {}, "published": "2019-11-12T00:00:00", "type": "nessus", "title": "KB4525239: Windows Server 2008 November 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0712", "CVE-2019-0719", "CVE-2019-11135", "CVE-2019-1384", "CVE-2019-1388", "CVE-2019-1389", "CVE-2019-1390", "CVE-2019-1391", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1399", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1407", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1412", "CVE-2019-1415", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1424", "CVE-2019-1429", "CVE-2019-1432", "CVE-2019-1433", "CVE-2019-1434", "CVE-2019-1435", "CVE-2019-1439", "CVE-2019-1441", "CVE-2019-1454", "CVE-2019-1456"], "modified": "2023-04-08T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_NOV_4525234.NASL", "href": "https://www.tenable.com/plugins/nessus/130904", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130904);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/08\");\n\n script_cve_id(\n \"CVE-2019-0712\",\n \"CVE-2019-0719\",\n \"CVE-2019-1384\",\n \"CVE-2019-1388\",\n \"CVE-2019-1389\",\n \"CVE-2019-1390\",\n \"CVE-2019-1391\",\n \"CVE-2019-1393\",\n \"CVE-2019-1394\",\n \"CVE-2019-1395\",\n \"CVE-2019-1396\",\n \"CVE-2019-1397\",\n \"CVE-2019-1399\",\n \"CVE-2019-1405\",\n \"CVE-2019-1406\",\n \"CVE-2019-1407\",\n \"CVE-2019-1408\",\n \"CVE-2019-1409\",\n \"CVE-2019-1411\",\n \"CVE-2019-1412\",\n \"CVE-2019-1415\",\n \"CVE-2019-1418\",\n \"CVE-2019-1419\",\n \"CVE-2019-1424\",\n \"CVE-2019-1429\",\n \"CVE-2019-1432\",\n \"CVE-2019-1433\",\n \"CVE-2019-1434\",\n \"CVE-2019-1435\",\n \"CVE-2019-1439\",\n \"CVE-2019-1441\",\n \"CVE-2019-1454\",\n \"CVE-2019-1456\",\n \"CVE-2019-11135\"\n );\n script_xref(name:\"MSKB\", value:\"4525234\");\n script_xref(name:\"MSKB\", value:\"4525239\");\n script_xref(name:\"MSFT\", value:\"MS19-4525234\");\n script_xref(name:\"MSFT\", value:\"MS19-4525239\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/05\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/04/28\");\n\n script_name(english:\"KB4525239: Windows Server 2008 November 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4525239\nor cumulative update 4525234. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V Network Switch on a host server fails\n to properly validate input from an authenticated user\n on a guest operating system. (CVE-2019-0719) \n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-1389, CVE-2019-1397)\n\n - A security feature bypass vulnerability exists when\n Windows Netlogon improperly handles a secure\n communications channel. An attacker who successfully\n exploited the vulnerability could downgrade aspects of\n the connection allowing for further modification of the\n transmission. (CVE-2019-1424)\n\n - An information disclosure vulnerability exists when\n DirectWrite improperly discloses the contents of its\n memory. An attacker who successfully exploited the\n vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how DirectWrite handles objects in memory.\n (CVE-2019-1411, CVE-2019-1432)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-11135)\n\n - An elevation of privilege vulnerability exists in the\n Windows Certificate Dialog when it does not properly\n enforce user privileges. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1388)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1429)\n\n - A security feature bypass vulnerability exists where a\n NETLOGON message is able to obtain the session key and\n sign messages. (CVE-2019-1384)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Windows kernel-mode driver fails to\n properly handle objects in memory. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code in kernel mode. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2019-1434)\n\n - An elevation of privilege vulnerability exists in\n Windows Installer because of the way Windows Installer\n handles certain filesystem operations. (CVE-2019-1415)\n\n - An elevation of privilege vulnerability exists when the\n Windows User Profile Service (ProfSvc) improperly\n handles symlinks. An attacker who successfully exploited\n this vulnerability could delete files and folders in an\n elevated context. (CVE-2019-1454)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V Network Switch on a host server fails to\n properly validate input from a privileged user on a\n guest operating system. An attacker who successfully\n exploited the vulnerability could cause the host server\n to crash. (CVE-2019-0712)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1393, CVE-2019-1394,\n CVE-2019-1395, CVE-2019-1396, CVE-2019-1408)\n\n - An information vulnerability exists when Windows Modules\n Installer Service improperly discloses file information.\n Successful exploitation of the vulnerability could allow\n the attacker to read the contents of a log file on disk.\n (CVE-2019-1418)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1390)\n\n - An information disclosure vulnerability exists in\n Windows Adobe Type Manager Font Driver (ATMFD.dll) when\n it fails to properly handle objects in memory. An\n attacker who successfully exploited this vulnerability\n could potentially read data that was not intended to be\n disclosed. Note that this vulnerability would not allow\n an attacker to execute code or to elevate their user\n rights directly, but it could be used to obtain\n information that could be used to try to further\n compromise the affected system. (CVE-2019-1412)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1439)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-1406)\n\n - An elevation of privilege vulnerability exists when the\n Windows Universal Plug and Play (UPnP) service\n improperly allows COM object creation. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. (CVE-2019-1405)\n\n - A remote code execution vulnerability exists in\n Microsoft Windows when the Windows Adobe Type Manager\n Library improperly handles specially crafted OpenType\n fonts. For all systems except Windows 10, an attacker\n who successfully exploited the vulnerability could\n execute code remotely. For systems running Windows 10,\n an attacker who successfully exploited the vulnerability\n could execute code in an AppContainer sandbox context\n with limited privileges and capabilities. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n There are multiple ways an attacker could exploit the\n vulnerability, such as by either convincing a user to\n open a specially crafted document, or by convincing a\n user to visit a webpage that contains specially crafted\n embedded OpenType fonts. The update addresses the\n vulnerability by correcting how the Windows Adobe Type\n Manager Library handles OpenType fonts. (CVE-2019-1419,\n CVE-2019-1456)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-1399)\n\n - An elevation of privilege vulnerability exists when the\n Windows Graphics Component improperly handles objects in\n memory. An attacker who successfully exploited this\n vulnerability could run processes in an elevated\n context. (CVE-2019-1407, CVE-2019-1433, CVE-2019-1435)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-1441)\n\n - An information disclosure vulnerability exists when the\n Windows Remote Procedure Call (RPC) runtime improperly\n initializes objects in memory. An attacker who\n successfully exploited this vulnerability could obtain\n information to further compromise the users system.\n (CVE-2019-1409)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2019-1391)\");\n # https://support.microsoft.com/en-us/help/4525234/windows-server-2008-update-kb4525234\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f741cc55\");\n # https://support.microsoft.com/en-us/help/4525239/windows-server-2008-update-kb4525239\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?be8de061\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4525239 or Cumulative Update KB4525234.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1441\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1384\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft UPnP Local Privilege Elevation Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-11\";\nkbs = make_list('4525234', '4525239');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.0\",\n sp:2,\n rollup_date:\"11_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4525234, 4525239])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:32:22", "description": "The remote Windows host is missing security update 4525233 or cumulative update 4525235. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0719)\n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-1389, CVE-2019-1397)\n\n - A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel. An attacker who successfully exploited the vulnerability could downgrade aspects of the connection allowing for further modification of the transmission. (CVE-2019-1424)\n\n - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory.\n (CVE-2019-1411, CVE-2019-1432)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-11135)\n\n - An elevation of privilege vulnerability exists when ActiveX Installer service may allow access to files without proper authentication. An attacker who successfully exploited the vulnerability could potentially access unauthorized files. (CVE-2019-1382)\n\n - An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1388)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1429)\n\n - A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. (CVE-2019-1384)\n\n - An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-1434)\n\n - An information vulnerability exists when Windows Modules Installer Service improperly discloses file information.\n Successful exploitation of the vulnerability could allow the attacker to read the contents of a log file on disk.\n (CVE-2019-1418)\n\n - An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. (CVE-2019-1454)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. (CVE-2019-0712)\n\n - A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. (CVE-2018-12207, CVE-2019-1391)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1393, CVE-2019-1394, CVE-2019-1395, CVE-2019-1396, CVE-2019-1408)\n\n - An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations. (CVE-2019-1415)\n\n - An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2019-1407, CVE-2019-1433, CVE-2019-1435, CVE-2019-1438)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1390)\n\n - An information disclosure vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. (CVE-2019-1412)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1439)\n\n - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-1406)\n\n - An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1405)\n\n - A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n There are multiple ways an attacker could exploit the vulnerability, such as by either convincing a user to open a specially crafted document, or by convincing a user to visit a webpage that contains specially crafted embedded OpenType fonts. The update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts. (CVE-2019-1419, CVE-2019-1456)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-1399)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1441)\n\n - An information disclosure vulnerability exists when the Windows Remote Procedure Call (RPC) runtime improperly initializes objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.\n (CVE-2019-1409)\n\n - An elevation of privilege vulnerability exists in the way that the iphlpsvc.dll handles file creation allowing for a file overwrite. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1422)", "cvss3": {}, "published": "2019-11-12T00:00:00", "type": "nessus", "title": "KB4525233: Windows 7 and Windows Server 2008 R2 November 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12207", "CVE-2019-0712", "CVE-2019-0719", "CVE-2019-11135", "CVE-2019-1382", "CVE-2019-1384", "CVE-2019-1388", "CVE-2019-1389", "CVE-2019-1390", "CVE-2019-1391", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1399", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1407", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1412", "CVE-2019-1415", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1422", "CVE-2019-1424", "CVE-2019-1429", "CVE-2019-1432", "CVE-2019-1433", "CVE-2019-1434", "CVE-2019-1435", "CVE-2019-1438", "CVE-2019-1439", "CVE-2019-1441", "CVE-2019-1454", "CVE-2019-1456"], "modified": "2023-04-08T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_NOV_4525235.NASL", "href": "https://www.tenable.com/plugins/nessus/130905", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130905);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/08\");\n\n script_cve_id(\n \"CVE-2018-12207\",\n \"CVE-2019-0712\",\n \"CVE-2019-0719\",\n \"CVE-2019-1382\",\n \"CVE-2019-1384\",\n \"CVE-2019-1388\",\n \"CVE-2019-1389\",\n \"CVE-2019-1390\",\n \"CVE-2019-1391\",\n \"CVE-2019-1393\",\n \"CVE-2019-1394\",\n \"CVE-2019-1395\",\n \"CVE-2019-1396\",\n \"CVE-2019-1397\",\n \"CVE-2019-1399\",\n \"CVE-2019-1405\",\n \"CVE-2019-1406\",\n \"CVE-2019-1407\",\n \"CVE-2019-1408\",\n \"CVE-2019-1409\",\n \"CVE-2019-1411\",\n \"CVE-2019-1412\",\n \"CVE-2019-1415\",\n \"CVE-2019-1418\",\n \"CVE-2019-1419\",\n \"CVE-2019-1422\",\n \"CVE-2019-1424\",\n \"CVE-2019-1429\",\n \"CVE-2019-1432\",\n \"CVE-2019-1433\",\n \"CVE-2019-1434\",\n \"CVE-2019-1435\",\n \"CVE-2019-1438\",\n \"CVE-2019-1439\",\n \"CVE-2019-1441\",\n \"CVE-2019-1454\",\n \"CVE-2019-1456\",\n \"CVE-2019-11135\"\n );\n script_xref(name:\"MSKB\", value:\"4525235\");\n script_xref(name:\"MSKB\", value:\"4525233\");\n script_xref(name:\"MSFT\", value:\"MS19-4525235\");\n script_xref(name:\"MSFT\", value:\"MS19-4525233\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/05\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/04/28\");\n\n script_name(english:\"KB4525233: Windows 7 and Windows Server 2008 R2 November 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4525233\nor cumulative update 4525235. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V Network Switch on a host server fails\n to properly validate input from an authenticated user\n on a guest operating system. (CVE-2019-0719)\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-1389, CVE-2019-1397)\n\n - A security feature bypass vulnerability exists when\n Windows Netlogon improperly handles a secure\n communications channel. An attacker who successfully\n exploited the vulnerability could downgrade aspects of\n the connection allowing for further modification of the\n transmission. (CVE-2019-1424)\n\n - An information disclosure vulnerability exists when\n DirectWrite improperly discloses the contents of its\n memory. An attacker who successfully exploited the\n vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how DirectWrite handles objects in memory.\n (CVE-2019-1411, CVE-2019-1432)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-11135)\n\n - An elevation of privilege vulnerability exists when\n ActiveX Installer service may allow access to files\n without proper authentication. An attacker who\n successfully exploited the vulnerability could\n potentially access unauthorized files. (CVE-2019-1382)\n\n - An elevation of privilege vulnerability exists in the\n Windows Certificate Dialog when it does not properly\n enforce user privileges. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1388)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1429)\n\n - A security feature bypass vulnerability exists where a\n NETLOGON message is able to obtain the session key and\n sign messages. (CVE-2019-1384)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Windows kernel-mode driver fails to\n properly handle objects in memory. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code in kernel mode. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2019-1434)\n\n - An information vulnerability exists when Windows Modules\n Installer Service improperly discloses file information.\n Successful exploitation of the vulnerability could allow\n the attacker to read the contents of a log file on disk.\n (CVE-2019-1418)\n\n - An elevation of privilege vulnerability exists when the\n Windows User Profile Service (ProfSvc) improperly\n handles symlinks. An attacker who successfully exploited\n this vulnerability could delete files and folders in an\n elevated context. (CVE-2019-1454)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V Network Switch on a host server fails to\n properly validate input from a privileged user on a\n guest operating system. An attacker who successfully\n exploited the vulnerability could cause the host server\n to crash. (CVE-2019-0712)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-12207,\n CVE-2019-1391)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1393, CVE-2019-1394,\n CVE-2019-1395, CVE-2019-1396, CVE-2019-1408)\n\n - An elevation of privilege vulnerability exists in\n Windows Installer because of the way Windows Installer\n handles certain filesystem operations. (CVE-2019-1415)\n\n - An elevation of privilege vulnerability exists when the\n Windows Graphics Component improperly handles objects in\n memory. An attacker who successfully exploited this\n vulnerability could run processes in an elevated\n context. (CVE-2019-1407, CVE-2019-1433, CVE-2019-1435,\n CVE-2019-1438)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1390)\n\n - An information disclosure vulnerability exists in\n Windows Adobe Type Manager Font Driver (ATMFD.dll) when\n it fails to properly handle objects in memory. An\n attacker who successfully exploited this vulnerability\n could potentially read data that was not intended to be\n disclosed. Note that this vulnerability would not allow\n an attacker to execute code or to elevate their user\n rights directly, but it could be used to obtain\n information that could be used to try to further\n compromise the affected system. (CVE-2019-1412)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1439)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-1406)\n\n - An elevation of privilege vulnerability exists when the\n Windows Universal Plug and Play (UPnP) service\n improperly allows COM object creation. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. (CVE-2019-1405)\n\n - A remote code execution vulnerability exists in\n Microsoft Windows when the Windows Adobe Type Manager\n Library improperly handles specially crafted OpenType\n fonts. For all systems except Windows 10, an attacker\n who successfully exploited the vulnerability could\n execute code remotely. For systems running Windows 10,\n an attacker who successfully exploited the vulnerability\n could execute code in an AppContainer sandbox context\n with limited privileges and capabilities. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n There are multiple ways an attacker could exploit the\n vulnerability, such as by either convincing a user to\n open a specially crafted document, or by convincing a\n user to visit a webpage that contains specially crafted\n embedded OpenType fonts. The update addresses the\n vulnerability by correcting how the Windows Adobe Type\n Manager Library handles OpenType fonts. (CVE-2019-1419,\n CVE-2019-1456)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-1399)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-1441)\n\n - An information disclosure vulnerability exists when the\n Windows Remote Procedure Call (RPC) runtime improperly\n initializes objects in memory. An attacker who\n successfully exploited this vulnerability could obtain\n information to further compromise the users system.\n (CVE-2019-1409)\n\n - An elevation of privilege vulnerability exists in the\n way that the iphlpsvc.dll handles file creation allowing\n for a file overwrite. An attacker who successfully\n exploited the vulnerability could execute code with\n elevated permissions. (CVE-2019-1422)\");\n # https://support.microsoft.com/en-us/help/4525235/windows-7-update-kb4525235\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f8b9842b\");\n # https://support.microsoft.com/en-us/help/4525233/windows-7-update-kb4525233\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8d32296c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4525233 or Cumulative Update KB4525235.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1441\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1384\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft UPnP Local Privilege Elevation Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-11\";\nkbs = make_list('4525235', '4525233');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win7:'1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.1\",\n sp:1,\n rollup_date:\"11_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4525235, 4525233])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:31:11", "description": "The remote Windows host is missing security update 4525253 or cumulative update 4525246. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0719)\n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-1389, CVE-2019-1397)\n\n - A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel. An attacker who successfully exploited the vulnerability could downgrade aspects of the connection allowing for further modification of the transmission. (CVE-2019-1424)\n\n - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory.\n (CVE-2019-1411, CVE-2019-1432)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-11135)\n\n - An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1388)\n\n - A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. The security update addresses the vulnerability by ensuring splwow64.exe properly handles these calls.. (CVE-2019-1380)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1429)\n\n - A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. (CVE-2019-1384)\n\n - An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-1434)\n\n - An information vulnerability exists when Windows Modules Installer Service improperly discloses file information.\n Successful exploitation of the vulnerability could allow the attacker to read the contents of a log file on disk.\n (CVE-2019-1418)\n\n - An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. (CVE-2019-1454)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. (CVE-2019-0712)\n\n - A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. (CVE-2018-12207, CVE-2019-1391)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1393, CVE-2019-1394, CVE-2019-1395, CVE-2019-1396, CVE-2019-1408)\n\n - An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations. (CVE-2019-1415)\n\n - An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2019-1407, CVE-2019-1433, CVE-2019-1435, CVE-2019-1438)\n\n - An information disclosure vulnerability exists when the Windows Servicing Stack allows access to unprivileged file locations. An attacker who successfully exploited the vulnerability could potentially access unauthorized files. (CVE-2019-1381)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1390)\n\n - An information disclosure vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. (CVE-2019-1412)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1439)\n\n - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-1406)\n\n - An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1405)\n\n - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1392)\n\n - A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n There are multiple ways an attacker could exploit the vulnerability, such as by either convincing a user to open a specially crafted document, or by convincing a user to visit a webpage that contains specially crafted embedded OpenType fonts. The update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts. (CVE-2019-1419, CVE-2019-1456)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-1399)\n\n - An elevation of privilege vulnerability exists when ActiveX Installer service may allow access to files without proper authentication. An attacker who successfully exploited the vulnerability could potentially access unauthorized files. (CVE-2019-1382)\n\n - An information disclosure vulnerability exists when the Windows Remote Procedure Call (RPC) runtime improperly initializes objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.\n (CVE-2019-1409)\n\n - An elevation of privilege vulnerability exists in the way that the iphlpsvc.dll handles file creation allowing for a file overwrite. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1422)", "cvss3": {}, "published": "2019-11-12T00:00:00", "type": "nessus", "title": "KB4525253: Windows Server 2012 November 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12207", "CVE-2019-0712", "CVE-2019-0719", "CVE-2019-11135", "CVE-2019-1380", "CVE-2019-1381", "CVE-2019-1382", "CVE-2019-1384", "CVE-2019-1388", "CVE-2019-1389", "CVE-2019-1390", "CVE-2019-1391", "CVE-2019-1392", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1399", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1407", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1412", "CVE-2019-1415", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1422", "CVE-2019-1424", "CVE-2019-1429", "CVE-2019-1432", "CVE-2019-1433", "CVE-2019-1434", "CVE-2019-1435", "CVE-2019-1438", "CVE-2019-1439", "CVE-2019-1454", "CVE-2019-1456"], "modified": "2023-04-08T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_NOV_4525246.NASL", "href": "https://www.tenable.com/plugins/nessus/130910", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130910);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/08\");\n\n script_cve_id(\n \"CVE-2018-12207\",\n \"CVE-2019-0712\",\n \"CVE-2019-0719\",\n \"CVE-2019-1380\",\n \"CVE-2019-1381\",\n \"CVE-2019-1382\",\n \"CVE-2019-1384\",\n \"CVE-2019-1388\",\n \"CVE-2019-1389\",\n \"CVE-2019-1390\",\n \"CVE-2019-1391\",\n \"CVE-2019-1392\",\n \"CVE-2019-1393\",\n \"CVE-2019-1394\",\n \"CVE-2019-1395\",\n \"CVE-2019-1396\",\n \"CVE-2019-1397\",\n \"CVE-2019-1399\",\n \"CVE-2019-1405\",\n \"CVE-2019-1406\",\n \"CVE-2019-1407\",\n \"CVE-2019-1408\",\n \"CVE-2019-1409\",\n \"CVE-2019-1411\",\n \"CVE-2019-1412\",\n \"CVE-2019-1415\",\n \"CVE-2019-1418\",\n \"CVE-2019-1419\",\n \"CVE-2019-1422\",\n \"CVE-2019-1424\",\n \"CVE-2019-1429\",\n \"CVE-2019-1432\",\n \"CVE-2019-1433\",\n \"CVE-2019-1434\",\n \"CVE-2019-1435\",\n \"CVE-2019-1438\",\n \"CVE-2019-1439\",\n \"CVE-2019-1454\",\n \"CVE-2019-1456\",\n \"CVE-2019-11135\"\n );\n script_xref(name:\"MSKB\", value:\"4525253\");\n script_xref(name:\"MSKB\", value:\"4525246\");\n script_xref(name:\"MSFT\", value:\"MS19-4525253\");\n script_xref(name:\"MSFT\", value:\"MS19-4525246\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/05\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/04/28\");\n\n script_name(english:\"KB4525253: Windows Server 2012 November 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4525253\nor cumulative update 4525246. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A remote code execution vulnerability exists when \n Windows Hyper-V Network Switch on a host server fails\n to properly validate input from an authenticated user\n on a guest operating system. (CVE-2019-0719)\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-1389, CVE-2019-1397)\n\n - A security feature bypass vulnerability exists when\n Windows Netlogon improperly handles a secure\n communications channel. An attacker who successfully\n exploited the vulnerability could downgrade aspects of\n the connection allowing for further modification of the\n transmission. (CVE-2019-1424)\n\n - An information disclosure vulnerability exists when\n DirectWrite improperly discloses the contents of its\n memory. An attacker who successfully exploited the\n vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how DirectWrite handles objects in memory.\n (CVE-2019-1411, CVE-2019-1432)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-11135)\n\n - An elevation of privilege vulnerability exists in the\n Windows Certificate Dialog when it does not properly\n enforce user privileges. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1388)\n\n - A local elevation of privilege vulnerability exists in\n how splwow64.exe handles certain calls. An attacker who\n successfully exploited the vulnerability could elevate\n privileges on an affected system from low-integrity to\n medium-integrity. This vulnerability by itself does not\n allow arbitrary code execution; however, it could allow\n arbitrary code to be run if the attacker uses it in\n combination with another vulnerability (such as a remote\n code execution vulnerability or another elevation of\n privilege vulnerability) that is capable of leveraging\n the elevated privileges when code execution is\n attempted. The security update addresses the\n vulnerability by ensuring splwow64.exe properly handles\n these calls.. (CVE-2019-1380)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1429)\n\n - A security feature bypass vulnerability exists where a\n NETLOGON message is able to obtain the session key and\n sign messages. (CVE-2019-1384)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Windows kernel-mode driver fails to\n properly handle objects in memory. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code in kernel mode. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2019-1434)\n\n - An information vulnerability exists when Windows Modules\n Installer Service improperly discloses file information.\n Successful exploitation of the vulnerability could allow\n the attacker to read the contents of a log file on disk.\n (CVE-2019-1418)\n\n - An elevation of privilege vulnerability exists when the\n Windows User Profile Service (ProfSvc) improperly\n handles symlinks. An attacker who successfully exploited\n this vulnerability could delete files and folders in an\n elevated context. (CVE-2019-1454)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V Network Switch on a host server fails to\n properly validate input from a privileged user on a\n guest operating system. An attacker who successfully\n exploited the vulnerability could cause the host server\n to crash. (CVE-2019-0712)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-12207,\n CVE-2019-1391)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1393, CVE-2019-1394,\n CVE-2019-1395, CVE-2019-1396, CVE-2019-1408)\n\n - An elevation of privilege vulnerability exists in\n Windows Installer because of the way Windows Installer\n handles certain filesystem operations. (CVE-2019-1415)\n\n - An elevation of privilege vulnerability exists when the\n Windows Graphics Component improperly handles objects in\n memory. An attacker who successfully exploited this\n vulnerability could run processes in an elevated\n context. (CVE-2019-1407, CVE-2019-1433, CVE-2019-1435,\n CVE-2019-1438)\n\n - An information disclosure vulnerability exists when the\n Windows Servicing Stack allows access to unprivileged\n file locations. An attacker who successfully exploited\n the vulnerability could potentially access unauthorized\n files. (CVE-2019-1381)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1390)\n\n - An information disclosure vulnerability exists in\n Windows Adobe Type Manager Font Driver (ATMFD.dll) when\n it fails to properly handle objects in memory. An\n attacker who successfully exploited this vulnerability\n could potentially read data that was not intended to be\n disclosed. Note that this vulnerability would not allow\n an attacker to execute code or to elevate their user\n rights directly, but it could be used to obtain\n information that could be used to try to further\n compromise the affected system. (CVE-2019-1412)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1439)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-1406)\n\n - An elevation of privilege vulnerability exists when the\n Windows Universal Plug and Play (UPnP) service\n improperly allows COM object creation. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. (CVE-2019-1405)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2019-1392)\n\n - A remote code execution vulnerability exists in\n Microsoft Windows when the Windows Adobe Type Manager\n Library improperly handles specially crafted OpenType\n fonts. For all systems except Windows 10, an attacker\n who successfully exploited the vulnerability could\n execute code remotely. For systems running Windows 10,\n an attacker who successfully exploited the vulnerability\n could execute code in an AppContainer sandbox context\n with limited privileges and capabilities. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n There are multiple ways an attacker could exploit the\n vulnerability, such as by either convincing a user to\n open a specially crafted document, or by convincing a\n user to visit a webpage that contains specially crafted\n embedded OpenType fonts. The update addresses the\n vulnerability by correcting how the Windows Adobe Type\n Manager Library handles OpenType fonts. (CVE-2019-1419,\n CVE-2019-1456)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-1399)\n\n - An elevation of privilege vulnerability exists when\n ActiveX Installer service may allow access to files\n without proper authentication. An attacker who\n successfully exploited the vulnerability could\n potentially access unauthorized files. (CVE-2019-1382)\n\n - An information disclosure vulnerability exists when the\n Windows Remote Procedure Call (RPC) runtime improperly\n initializes objects in memory. An attacker who\n successfully exploited this vulnerability could obtain\n information to further compromise the users system.\n (CVE-2019-1409)\n\n - An elevation of privilege vulnerability exists in the\n way that the iphlpsvc.dll handles file creation allowing\n for a file overwrite. An attacker who successfully\n exploited the vulnerability could execute code with\n elevated permissions. (CVE-2019-1422)\");\n # https://support.microsoft.com/en-us/help/4525253/windows-server-2012-update-kb4525253\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?34c18afd\");\n # https://support.microsoft.com/en-us/help/4525246/windows-server-2012-update-kb4525246\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ad214b5b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4525253 or Cumulative Update KB4525246.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1406\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1384\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft UPnP Local Privilege Elevation Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-11\";\nkbs = make_list('4525253', '4525246');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win8:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Windows 8 EOL\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.2\",\n sp:0,\n rollup_date:\"11_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4525253, 4525246])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:32:23", "description": "The remote Windows host is missing security update 4525250 or cumulative update 4525243. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0719)\n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-1389, CVE-2019-1397)\n\n - A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel. An attacker who successfully exploited the vulnerability could downgrade aspects of the connection allowing for further modification of the transmission. (CVE-2019-1424)\n\n - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory.\n (CVE-2019-1411, CVE-2019-1432)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-11135)\n\n - An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1388)\n\n - A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. The security update addresses the vulnerability by ensuring splwow64.exe properly handles these calls.. (CVE-2019-1380)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1429)\n\n - A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. (CVE-2019-1384)\n\n - An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-1434)\n\n - An information vulnerability exists when Windows Modules Installer Service improperly discloses file information.\n Successful exploitation of the vulnerability could allow the attacker to read the contents of a log file on disk.\n (CVE-2019-1418)\n\n - An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. (CVE-2019-1454)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. (CVE-2019-0712)\n\n - A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. (CVE-2018-12207, CVE-2019-1391)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1393, CVE-2019-1394, CVE-2019-1395, CVE-2019-1396, CVE-2019-1408)\n\n - An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations. (CVE-2019-1415)\n\n - An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2019-1407, CVE-2019-1433, CVE-2019-1435, CVE-2019-1438)\n\n - An information disclosure vulnerability exists when the Windows Servicing Stack allows access to unprivileged file locations. An attacker who successfully exploited the vulnerability could potentially access unauthorized files. (CVE-2019-1381)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1390)\n\n - An information disclosure vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. (CVE-2019-1412)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1439)\n\n - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-1406)\n\n - An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1405)\n\n - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1392)\n\n - A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n There are multiple ways an attacker could exploit the vulnerability, such as by either convincing a user to open a specially crafted document, or by convincing a user to visit a webpage that contains specially crafted embedded OpenType fonts. The update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts. (CVE-2019-1419, CVE-2019-1456)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-1399)\n\n - An elevation of privilege vulnerability exists when ActiveX Installer service may allow access to files without proper authentication. An attacker who successfully exploited the vulnerability could potentially access unauthorized files. (CVE-2019-1382)\n\n - An information disclosure vulnerability exists when the Windows Remote Procedure Call (RPC) runtime improperly initializes objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.\n (CVE-2019-1409)\n\n - An elevation of privilege vulnerability exists in the way that the iphlpsvc.dll handles file creation allowing for a file overwrite. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1422)", "cvss3": {}, "published": "2019-11-12T00:00:00", "type": "nessus", "title": "KB4525250: Windows 8.1 and Windows Server 2012 R2 November 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12207", "CVE-2019-0712", "CVE-2019-0719", "CVE-2019-11135", "CVE-2019-1380", "CVE-2019-1381", "CVE-2019-1382", "CVE-2019-1384", "CVE-2019-1388", "CVE-2019-1389", "CVE-2019-1390", "CVE-2019-1391", "CVE-2019-1392", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1399", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1407", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1412", "CVE-2019-1415", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1422", "CVE-2019-1424", "CVE-2019-1429", "CVE-2019-1432", "CVE-2019-1433", "CVE-2019-1434", "CVE-2019-1435", "CVE-2019-1438", "CVE-2019-1439", "CVE-2019-1454", "CVE-2019-1456"], "modified": "2023-04-08T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_NOV_4525243.NASL", "href": "https://www.tenable.com/plugins/nessus/130909", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130909);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/08\");\n\n script_cve_id(\n \"CVE-2018-12207\",\n \"CVE-2019-0712\",\n \"CVE-2019-0719\",\n \"CVE-2019-1380\",\n \"CVE-2019-1381\",\n \"CVE-2019-1382\",\n \"CVE-2019-1384\",\n \"CVE-2019-1388\",\n \"CVE-2019-1389\",\n \"CVE-2019-1390\",\n \"CVE-2019-1391\",\n \"CVE-2019-1392\",\n \"CVE-2019-1393\",\n \"CVE-2019-1394\",\n \"CVE-2019-1395\",\n \"CVE-2019-1396\",\n \"CVE-2019-1397\",\n \"CVE-2019-1399\",\n \"CVE-2019-1405\",\n \"CVE-2019-1406\",\n \"CVE-2019-1407\",\n \"CVE-2019-1408\",\n \"CVE-2019-1409\",\n \"CVE-2019-1411\",\n \"CVE-2019-1412\",\n \"CVE-2019-1415\",\n \"CVE-2019-1418\",\n \"CVE-2019-1419\",\n \"CVE-2019-1422\",\n \"CVE-2019-1424\",\n \"CVE-2019-1429\",\n \"CVE-2019-1432\",\n \"CVE-2019-1433\",\n \"CVE-2019-1434\",\n \"CVE-2019-1435\",\n \"CVE-2019-1438\",\n \"CVE-2019-1439\",\n \"CVE-2019-1454\",\n \"CVE-2019-1456\",\n \"CVE-2019-11135\"\n );\n script_xref(name:\"MSKB\", value:\"4525243\");\n script_xref(name:\"MSKB\", value:\"4525250\");\n script_xref(name:\"MSFT\", value:\"MS19-4525243\");\n script_xref(name:\"MSFT\", value:\"MS19-4525250\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/05\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/04/28\");\n\n script_name(english:\"KB4525250: Windows 8.1 and Windows Server 2012 R2 November 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4525250\nor cumulative update 4525243. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V Network Switch on a host server fails\n to properly validate input from an authenticated user\n on a guest operating system. (CVE-2019-0719)\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-1389, CVE-2019-1397)\n\n - A security feature bypass vulnerability exists when\n Windows Netlogon improperly handles a secure\n communications channel. An attacker who successfully\n exploited the vulnerability could downgrade aspects of\n the connection allowing for further modification of the\n transmission. (CVE-2019-1424)\n\n - An information disclosure vulnerability exists when\n DirectWrite improperly discloses the contents of its\n memory. An attacker who successfully exploited the\n vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how DirectWrite handles objects in memory.\n (CVE-2019-1411, CVE-2019-1432)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-11135)\n\n - An elevation of privilege vulnerability exists in the\n Windows Certificate Dialog when it does not properly\n enforce user privileges. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1388)\n\n - A local elevation of privilege vulnerability exists in\n how splwow64.exe handles certain calls. An attacker who\n successfully exploited the vulnerability could elevate\n privileges on an affected system from low-integrity to\n medium-integrity. This vulnerability by itself does not\n allow arbitrary code execution; however, it could allow\n arbitrary code to be run if the attacker uses it in\n combination with another vulnerability (such as a remote\n code execution vulnerability or another elevation of\n privilege vulnerability) that is capable of leveraging\n the elevated privileges when code execution is\n attempted. The security update addresses the\n vulnerability by ensuring splwow64.exe properly handles\n these calls.. (CVE-2019-1380)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1429)\n\n - A security feature bypass vulnerability exists where a\n NETLOGON message is able to obtain the session key and\n sign messages. (CVE-2019-1384)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Windows kernel-mode driver fails to\n properly handle objects in memory. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code in kernel mode. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2019-1434)\n\n - An information vulnerability exists when Windows Modules\n Installer Service improperly discloses file information.\n Successful exploitation of the vulnerability could allow\n the attacker to read the contents of a log file on disk.\n (CVE-2019-1418)\n\n - An elevation of privilege vulnerability exists when the\n Windows User Profile Service (ProfSvc) improperly\n handles symlinks. An attacker who successfully exploited\n this vulnerability could delete files and folders in an\n elevated context. (CVE-2019-1454)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V Network Switch on a host server fails to\n properly validate input from a privileged user on a\n guest operating system. An attacker who successfully\n exploited the vulnerability could cause the host server\n to crash. (CVE-2019-0712)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-12207,\n CVE-2019-1391)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1393, CVE-2019-1394,\n CVE-2019-1395, CVE-2019-1396, CVE-2019-1408)\n\n - An elevation of privilege vulnerability exists in\n Windows Installer because of the way Windows Installer\n handles certain filesystem operations. (CVE-2019-1415)\n\n - An elevation of privilege vulnerability exists when the\n Windows Graphics Component improperly handles objects in\n memory. An attacker who successfully exploited this\n vulnerability could run processes in an elevated\n context. (CVE-2019-1407, CVE-2019-1433, CVE-2019-1435,\n CVE-2019-1438)\n\n - An information disclosure vulnerability exists when the\n Windows Servicing Stack allows access to unprivileged\n file locations. An attacker who successfully exploited\n the vulnerability could potentially access unauthorized\n files. (CVE-2019-1381)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1390)\n\n - An information disclosure vulnerability exists in\n Windows Adobe Type Manager Font Driver (ATMFD.dll) when\n it fails to properly handle objects in memory. An\n attacker who successfully exploited this vulnerability\n could potentially read data that was not intended to be\n disclosed. Note that this vulnerability would not allow\n an attacker to execute code or to elevate their user\n rights directly, but it could be used to obtain\n information that could be used to try to further\n compromise the affected system. (CVE-2019-1412)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1439)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-1406)\n\n - An elevation of privilege vulnerability exists when the\n Windows Universal Plug and Play (UPnP) service\n improperly allows COM object creation. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. (CVE-2019-1405)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2019-1392)\n\n - A remote code execution vulnerability exists in\n Microsoft Windows when the Windows Adobe Type Manager\n Library improperly handles specially crafted OpenType\n fonts. For all systems except Windows 10, an attacker\n who successfully exploited the vulnerability could\n execute code remotely. For systems running Windows 10,\n an attacker who successfully exploited the vulnerability\n could execute code in an AppContainer sandbox context\n with limited privileges and capabilities. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n There are multiple ways an attacker could exploit the\n vulnerability, such as by either convincing a user to\n open a specially crafted document, or by convincing a\n user to visit a webpage that contains specially crafted\n embedded OpenType fonts. The update addresses the\n vulnerability by correcting how the Windows Adobe Type\n Manager Library handles OpenType fonts. (CVE-2019-1419,\n CVE-2019-1456)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-1399)\n\n - An elevation of privilege vulnerability exists when\n ActiveX Installer service may allow access to files\n without proper authentication. An attacker who\n successfully exploited the vulnerability could\n potentially access unauthorized files. (CVE-2019-1382)\n\n - An information disclosure vulnerability exists when the\n Windows Remote Procedure Call (RPC) runtime improperly\n initializes objects in memory. An attacker who\n successfully exploited this vulnerability could obtain\n information to further compromise the users system.\n (CVE-2019-1409)\n\n - An elevation of privilege vulnerability exists in the\n way that the iphlpsvc.dll handles file creation allowing\n for a file overwrite. An attacker who successfully\n exploited the vulnerability could execute code with\n elevated permissions. (CVE-2019-1422)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/4525243/windows-8-1-kb4525243\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/4525250/windows-8-1-kb4525250\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4525250 or Cumulative Update KB4525243.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1406\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1384\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft UPnP Local Privilege Elevation Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-11\";\nkbs = make_list('4525243', '4525250');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Windows 8 EOL\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname && \"8.1\" >!< productname)\n audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.3\",\n sp:0,\n rollup_date:\"11_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4525243, 4525250])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:32:13", "description": "The remote Windows host is missing security update 4525236. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0719)\n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-1389, CVE-2019-1397)\n\n - A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel. An attacker who successfully exploited the vulnerability could downgrade aspects of the connection allowing for further modification of the transmission. (CVE-2019-1424)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-11135)\n\n - An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1374)\n\n - An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1388)\n\n - A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. The security update addresses the vulnerability by ensuring splwow64.exe properly handles these calls.. (CVE-2019-1380)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1429)\n\n - A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. (CVE-2019-1384)\n\n - An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2019-1407, CVE-2019-1433, CVE-2019-1435, CVE-2019-1438)\n\n - An information vulnerability exists when Windows Modules Installer Service improperly discloses file information.\n Successful exploitation of the vulnerability could allow the attacker to read the contents of a log file on disk.\n (CVE-2019-1418)\n\n - An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. (CVE-2019-1454)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. (CVE-2019-0712)\n\n - A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. (CVE-2018-12207, CVE-2019-1391)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1393, CVE-2019-1394, CVE-2019-1395, CVE-2019-1396, CVE-2019-1408)\n\n - An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations. (CVE-2019-1415)\n\n - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory.\n (CVE-2019-1411)\n\n - An information disclosure vulnerability exists when the Windows Servicing Stack allows access to unprivileged file locations. An attacker who successfully exploited the vulnerability could potentially access unauthorized files. (CVE-2019-1381)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1390)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1436)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1439)\n\n - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-1406)\n\n - An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1405)\n\n - A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n There are multiple ways an attacker could exploit the vulnerability, such as by either convincing a user to open a specially crafted document, or by convincing a user to visit a webpage that contains specially crafted embedded OpenType fonts. The update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts. (CVE-2019-1419, CVE-2019-1456)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-1399)\n\n - An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The update addresses the vulnerability by correcting the way the Windows Data Sharing Service handles file operations. (CVE-2019-1383, CVE-2019-1417)\n\n - An elevation of privilege vulnerability exists when ActiveX Installer service may allow access to files without proper authentication. An attacker who successfully exploited the vulnerability could potentially access unauthorized files. (CVE-2019-1382)\n\n - An information disclosure vulnerability exists when the Windows Remote Procedure Call (RPC) runtime improperly initializes objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.\n (CVE-2019-1409)\n\n - An elevation of privilege vulnerability exists in the way that the dssvc.dll handles file creation allowing for a file overwrite or creation in a secured location.\n An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1420)\n\n - An elevation of privilege vulnerability exists in the way that the iphlpsvc.dll handles file creation allowing for a file overwrite. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1422)", "cvss3": {}, "published": "2019-11-12T00:00:00", "type": "nessus", "title": "KB4525236: Windows 10 Version 1607 and Windows Server 2016 November 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12207", "CVE-2019-0712", "CVE-2019-0719", "CVE-2019-11135", "CVE-2019-1374", "CVE-2019-1380", "CVE-2019-1381", "CVE-2019-1382", "CVE-2019-1383", "CVE-2019-1384", "CVE-2019-1388", "CVE-2019-1389", "CVE-2019-1390", "CVE-2019-1391", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1399", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1407", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1413", "CVE-2019-1415", "CVE-2019-1417", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1420", "CVE-2019-1422", "CVE-2019-1424", "CVE-2019-1426", "CVE-2019-1427", "CVE-2019-1428", "CVE-2019-1429", "CVE-2019-1433", "CVE-2019-1435", "CVE-2019-1436", "CVE-2019-1438", "CVE-2019-1439", "CVE-2019-1454", "CVE-2019-1456"], "modified": "2023-04-08T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS19_NOV_4525236.NASL", "href": "https://www.tenable.com/plugins/nessus/130906", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130906);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/08\");\n\n script_cve_id(\n \"CVE-2018-12207\",\n \"CVE-2019-0712\",\n \"CVE-2019-0719\",\n \"CVE-2019-1374\",\n \"CVE-2019-1380\",\n \"CVE-2019-1381\",\n \"CVE-2019-1382\",\n \"CVE-2019-1383\",\n \"CVE-2019-1384\",\n \"CVE-2019-1388\",\n \"CVE-2019-1389\",\n \"CVE-2019-1390\",\n \"CVE-2019-1391\",\n \"CVE-2019-1393\",\n \"CVE-2019-1394\",\n \"CVE-2019-1395\",\n \"CVE-2019-1396\",\n \"CVE-2019-1397\",\n \"CVE-2019-1399\",\n \"CVE-2019-1405\",\n \"CVE-2019-1406\",\n \"CVE-2019-1407\",\n \"CVE-2019-1408\",\n \"CVE-2019-1409\",\n \"CVE-2019-1411\",\n \"CVE-2019-1413\",\n \"CVE-2019-1415\",\n \"CVE-2019-1417\",\n \"CVE-2019-1418\",\n \"CVE-2019-1419\",\n \"CVE-2019-1420\",\n \"CVE-2019-1422\",\n \"CVE-2019-1424\",\n \"CVE-2019-1426\",\n \"CVE-2019-1427\",\n \"CVE-2019-1428\",\n \"CVE-2019-1429\",\n \"CVE-2019-1433\",\n \"CVE-2019-1435\",\n \"CVE-2019-1436\",\n \"CVE-2019-1438\",\n \"CVE-2019-1439\",\n \"CVE-2019-1454\",\n \"CVE-2019-1456\",\n \"CVE-2019-11135\"\n );\n script_xref(name:\"MSKB\", value:\"4525236\");\n script_xref(name:\"MSFT\", value:\"MS19-4525236\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/05\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/04/28\");\n\n script_name(english:\"KB4525236: Windows 10 Version 1607 and Windows Server 2016 November 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4525236. \nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when \n Windows Hyper-V Network Switch on a host server fails\n to properly validate input from an authenticated user\n on a guest operating system. (CVE-2019-0719)\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-1389, CVE-2019-1397)\n\n - A security feature bypass vulnerability exists when\n Windows Netlogon improperly handles a secure\n communications channel. An attacker who successfully\n exploited the vulnerability could downgrade aspects of\n the connection allowing for further modification of the\n transmission. (CVE-2019-1424)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-11135)\n\n - An information disclosure vulnerability exists in the\n way Windows Error Reporting (WER) handles objects in\n memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1374)\n\n - An elevation of privilege vulnerability exists in the\n Windows Certificate Dialog when it does not properly\n enforce user privileges. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1388)\n\n - A local elevation of privilege vulnerability exists in\n how splwow64.exe handles certain calls. An attacker who\n successfully exploited the vulnerability could elevate\n privileges on an affected system from low-integrity to\n medium-integrity. This vulnerability by itself does not\n allow arbitrary code execution; however, it could allow\n arbitrary code to be run if the attacker uses it in\n combination with another vulnerability (such as a remote\n code execution vulnerability or another elevation of\n privilege vulnerability) that is capable of leveraging\n the elevated privileges when code execution is\n attempted. The security update addresses the\n vulnerability by ensuring splwow64.exe properly handles\n these calls.. (CVE-2019-1380)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1429)\n\n - A security feature bypass vulnerability exists where a\n NETLOGON message is able to obtain the session key and\n sign messages. (CVE-2019-1384)\n\n - An elevation of privilege vulnerability exists when the\n Windows Graphics Component improperly handles objects in\n memory. An attacker who successfully exploited this\n vulnerability could run processes in an elevated\n context. (CVE-2019-1407, CVE-2019-1433, CVE-2019-1435,\n CVE-2019-1438)\n\n - An information vulnerability exists when Windows Modules\n Installer Service improperly discloses file information.\n Successful exploitation of the vulnerability could allow\n the attacker to read the contents of a log file on disk.\n (CVE-2019-1418)\n\n - An elevation of privilege vulnerability exists when the\n Windows User Profile Service (ProfSvc) improperly\n handles symlinks. An attacker who successfully exploited\n this vulnerability could delete files and folders in an\n elevated context. (CVE-2019-1454)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V Network Switch on a host server fails to\n properly validate input from a privileged user on a\n guest operating system. An attacker who successfully\n exploited the vulnerability could cause the host server\n to crash. (CVE-2019-0712)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-12207,\n CVE-2019-1391)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1393, CVE-2019-1394,\n CVE-2019-1395, CVE-2019-1396, CVE-2019-1408)\n\n - An elevation of privilege vulnerability exists in\n Windows Installer because of the way Windows Installer\n handles certain filesystem operations. (CVE-2019-1415)\n\n - An information disclosure vulnerability exists when\n DirectWrite improperly discloses the contents of its\n memory. An attacker who successfully exploited the\n vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how DirectWrite handles objects in memory.\n (CVE-2019-1411)\n\n - An information disclosure vulnerability exists when the\n Windows Servicing Stack allows access to unprivileged\n file locations. An attacker who successfully exploited\n the vulnerability could potentially access unauthorized\n files. (CVE-2019-1381)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1390)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1436)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1439)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-1406)\n\n - An elevation of privilege vulnerability exists when the\n Windows Universal Plug and Play (UPnP) service\n improperly allows COM object creation. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. (CVE-2019-1405)\n\n - A remote code execution vulnerability exists in\n Microsoft Windows when the Windows Adobe Type Manager\n Library improperly handles specially crafted OpenType\n fonts. For all systems except Windows 10, an attacker\n who successfully exploited the vulnerability could\n execute code remotely. For systems running Windows 10,\n an attacker who successfully exploited the vulnerability\n could execute code in an AppContainer sandbox context\n with limited privileges and capabilities. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n There are multiple ways an attacker could exploit the\n vulnerability, such as by either convincing a user to\n open a specially crafted document, or by convincing a\n user to visit a webpage that contains specially crafted\n embedded OpenType fonts. The update addresses the\n vulnerability by correcting how the Windows Adobe Type\n Manager Library handles OpenType fonts. (CVE-2019-1419,\n CVE-2019-1456)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-1399)\n\n - An elevation of privilege vulnerability exists when the\n Windows Data Sharing Service improperly handles file\n operations. An attacker who successfully exploited this\n vulnerability could run processes in an elevated\n context. An attacker could exploit this vulnerability by\n running a specially crafted application on the victim\n system. The update addresses the vulnerability by\n correcting the way the Windows Data Sharing Service\n handles file operations. (CVE-2019-1383, CVE-2019-1417)\n\n - An elevation of privilege vulnerability exists when\n ActiveX Installer service may allow access to files\n without proper authentication. An attacker who\n successfully exploited the vulnerability could\n potentially access unauthorized files. (CVE-2019-1382)\n\n - An information disclosure vulnerability exists when the\n Windows Remote Procedure Call (RPC) runtime improperly\n initializes objects in memory. An attacker who\n successfully exploited this vulnerability could obtain\n information to further compromise the users system.\n (CVE-2019-1409)\n\n - An elevation of privilege vulnerability exists in the\n way that the dssvc.dll handles file creation allowing\n for a file overwrite or creation in a secured location.\n An attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2019-1420)\n\n - An elevation of privilege vulnerability exists in the\n way that the iphlpsvc.dll handles file creation allowing\n for a file overwrite. An attacker who successfully\n exploited the vulnerability could execute code with\n elevated permissions. (CVE-2019-1422)\");\n # https://support.microsoft.com/en-us/help/4525236/windows-10-update-kb4525236\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c647fbe4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4525236.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1406\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1384\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft UPnP Local Privilege Elevation Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-11\";\nkbs = make_list('4525236');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"14393\",\n rollup_date:\"11_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4525236])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:32:04", "description": "The remote Windows host is missing security update 4525232. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0719, CVE-2019-1389, CVE-2019-1397)\n\n - A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel. An attacker who successfully exploited the vulnerability could downgrade aspects of the connection allowing for further modification of the transmission. (CVE-2019-1424)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-11135)\n\n - An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1388)\n\n - A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. The security update addresses the vulnerability by ensuring splwow64.exe properly handles these calls.. (CVE-2019-1380)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1429)\n\n - A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. (CVE-2019-1384)\n\n - An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. (CVE-2019-1454)\n\n - An information vulnerability exists when Windows Modules Installer Service improperly discloses file information.\n Successful exploitation of the vulnerability could allow the attacker to read the contents of a log file on disk.\n (CVE-2019-1418)\n\n - An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n (CVE-2019-1434)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. (CVE-2019-0712)\n\n - A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. (CVE-2018-12207, CVE-2019-1391)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1393, CVE-2019-1394, CVE-2019-1395, CVE-2019-1396, CVE-2019-1408)\n\n - An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations. (CVE-2019-1415)\n\n - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory.\n (CVE-2019-1411)\n\n - An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2019-1407, CVE-2019-1433, CVE-2019-1435, CVE-2019-1438)\n\n - An information disclosure vulnerability exists when the Windows Servicing Stack allows access to unprivileged file locations. An attacker who successfully exploited the vulnerability could potentially access unauthorized files. (CVE-2019-1381)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1390)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1436)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1439)\n\n - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-1406)\n\n - An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1405)\n\n - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1392)\n\n - A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n There are multiple ways an attacker could exploit the vulnerability, such as by either convincing a user to open a specially crafted document, or by convincing a user to visit a webpage that contains specially crafted embedded OpenType fonts. The update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts. (CVE-2019-1419, CVE-2019-1456)\n\n - An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The update addresses the vulnerability by correcting the way the Windows Data Sharing Service handles file operations. (CVE-2019-1383, CVE-2019-1417)\n\n - An elevation of privilege vulnerability exists when ActiveX Installer service may allow access to files without proper authentication. An attacker who successfully exploited the vulnerability could potentially access unauthorized files. (CVE-2019-1382)\n\n - An information disclosure vulnerability exists when the Windows Remote Procedure Call (RPC) runtime improperly initializes objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.\n (CVE-2019-1409)\n\n - An elevation of privilege vulnerability exists in the way that the dssvc.dll handles file creation allowing for a file overwrite or creation in a secured location.\n An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1420)\n\n - An elevation of privilege vulnerability exists in the way that the iphlpsvc.dll handles file creation allowing for a file overwrite. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1422)", "cvss3": {}, "published": "2019-11-12T00:00:00", "type": "nessus", "title": "KB4525232: Windows 10 November 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12207", "CVE-2019-0712", "CVE-2019-0719", "CVE-2019-11135", "CVE-2019-1380", "CVE-2019-1381", "CVE-2019-1382", "CVE-2019-1383", "CVE-2019-1384", "CVE-2019-1388", "CVE-2019-1389", "CVE-2019-1390", "CVE-2019-1391", "CVE-2019-1392", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1407", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1413", "CVE-2019-1415", "CVE-2019-1417", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1420", "CVE-2019-1422", "CVE-2019-1424", "CVE-2019-1426", "CVE-2019-1427", "CVE-2019-1428", "CVE-2019-1429", "CVE-2019-1433", "CVE-2019-1434", "CVE-2019-1435", "CVE-2019-1436", "CVE-2019-1438", "CVE-2019-1439", "CVE-2019-1454", "CVE-2019-1456"], "modified": "2023-04-08T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS19_NOV_4525232.NASL", "href": "https://www.tenable.com/plugins/nessus/130903", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130903);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/08\");\n\n script_cve_id(\n \"CVE-2018-12207\",\n \"CVE-2019-0712\",\n \"CVE-2019-0719\",\n \"CVE-2019-1380\",\n \"CVE-2019-1381\",\n \"CVE-2019-1382\",\n \"CVE-2019-1383\",\n \"CVE-2019-1384\",\n \"CVE-2019-1388\",\n \"CVE-2019-1389\",\n \"CVE-2019-1390\",\n \"CVE-2019-1391\",\n \"CVE-2019-1392\",\n \"CVE-2019-1393\",\n \"CVE-2019-1394\",\n \"CVE-2019-1395\",\n \"CVE-2019-1396\",\n \"CVE-2019-1397\",\n \"CVE-2019-1405\",\n \"CVE-2019-1406\",\n \"CVE-2019-1407\",\n \"CVE-2019-1408\",\n \"CVE-2019-1409\",\n \"CVE-2019-1411\",\n \"CVE-2019-1413\",\n \"CVE-2019-1415\",\n \"CVE-2019-1417\",\n \"CVE-2019-1418\",\n \"CVE-2019-1419\",\n \"CVE-2019-1420\",\n \"CVE-2019-1422\",\n \"CVE-2019-1424\",\n \"CVE-2019-1426\",\n \"CVE-2019-1427\",\n \"CVE-2019-1428\",\n \"CVE-2019-1429\",\n \"CVE-2019-1433\",\n \"CVE-2019-1434\",\n \"CVE-2019-1435\",\n \"CVE-2019-1436\",\n \"CVE-2019-1438\",\n \"CVE-2019-1439\",\n \"CVE-2019-1454\",\n \"CVE-2019-1456\",\n \"CVE-2019-11135\"\n );\n script_xref(name:\"MSKB\", value:\"4525232\");\n script_xref(name:\"MSFT\", value:\"MS19-4525232\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/05\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/04/28\");\n\n script_name(english:\"KB4525232: Windows 10 November 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4525232. \nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-0719, CVE-2019-1389,\n CVE-2019-1397)\n\n - A security feature bypass vulnerability exists when\n Windows Netlogon improperly handles a secure\n communications channel. An attacker who successfully\n exploited the vulnerability could downgrade aspects of\n the connection allowing for further modification of the\n transmission. (CVE-2019-1424)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-11135)\n\n - An elevation of privilege vulnerability exists in the\n Windows Certificate Dialog when it does not properly\n enforce user privileges. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1388)\n\n - A local elevation of privilege vulnerability exists in\n how splwow64.exe handles certain calls. An attacker who\n successfully exploited the vulnerability could elevate\n privileges on an affected system from low-integrity to\n medium-integrity. This vulnerability by itself does not\n allow arbitrary code execution; however, it could allow\n arbitrary code to be run if the attacker uses it in\n combination with another vulnerability (such as a remote\n code execution vulnerability or another elevation of\n privilege vulnerability) that is capable of leveraging\n the elevated privileges when code execution is\n attempted. The security update addresses the\n vulnerability by ensuring splwow64.exe properly handles\n these calls.. (CVE-2019-1380)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1429)\n\n - A security feature bypass vulnerability exists where a\n NETLOGON message is able to obtain the session key and\n sign messages. (CVE-2019-1384)\n\n - An elevation of privilege vulnerability exists when the\n Windows User Profile Service (ProfSvc) improperly\n handles symlinks. An attacker who successfully exploited\n this vulnerability could delete files and folders in an\n elevated context. (CVE-2019-1454)\n\n - An information vulnerability exists when Windows Modules\n Installer Service improperly discloses file information.\n Successful exploitation of the vulnerability could allow\n the attacker to read the contents of a log file on disk.\n (CVE-2019-1418)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Windows kernel-mode driver fails to\n properly handle objects in memory. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code in kernel mode. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2019-1434)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V Network Switch on a host server fails to\n properly validate input from a privileged user on a\n guest operating system. An attacker who successfully\n exploited the vulnerability could cause the host server\n to crash. (CVE-2019-0712)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-12207,\n CVE-2019-1391)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1393, CVE-2019-1394,\n CVE-2019-1395, CVE-2019-1396, CVE-2019-1408)\n\n - An elevation of privilege vulnerability exists in\n Windows Installer because of the way Windows Installer\n handles certain filesystem operations. (CVE-2019-1415)\n\n - An information disclosure vulnerability exists when\n DirectWrite improperly discloses the contents of its\n memory. An attacker who successfully exploited the\n vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how DirectWrite handles objects in memory.\n (CVE-2019-1411)\n\n - An elevation of privilege vulnerability exists when the\n Windows Graphics Component improperly handles objects in\n memory. An attacker who successfully exploited this\n vulnerability could run processes in an elevated\n context. (CVE-2019-1407, CVE-2019-1433, CVE-2019-1435,\n CVE-2019-1438)\n\n - An information disclosure vulnerability exists when the\n Windows Servicing Stack allows access to unprivileged\n file locations. An attacker who successfully exploited\n the vulnerability could potentially access unauthorized\n files. (CVE-2019-1381)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1390)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1436)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1439)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-1406)\n\n - An elevation of privilege vulnerability exists when the\n Windows Universal Plug and Play (UPnP) service\n improperly allows COM object creation. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. (CVE-2019-1405)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2019-1392)\n\n - A remote code execution vulnerability exists in\n Microsoft Windows when the Windows Adobe Type Manager\n Library improperly handles specially crafted OpenType\n fonts. For all systems except Windows 10, an attacker\n who successfully exploited the vulnerability could\n execute code remotely. For systems running Windows 10,\n an attacker who successfully exploited the vulnerability\n could execute code in an AppContainer sandbox context\n with limited privileges and capabilities. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n There are multiple ways an attacker could exploit the\n vulnerability, such as by either convincing a user to\n open a specially crafted document, or by convincing a\n user to visit a webpage that contains specially crafted\n embedded OpenType fonts. The update addresses the\n vulnerability by correcting how the Windows Adobe Type\n Manager Library handles OpenType fonts. (CVE-2019-1419,\n CVE-2019-1456)\n\n - An elevation of privilege vulnerability exists when the\n Windows Data Sharing Service improperly handles file\n operations. An attacker who successfully exploited this\n vulnerability could run processes in an elevated\n context. An attacker could exploit this vulnerability by\n running a specially crafted application on the victim\n system. The update addresses the vulnerability by\n correcting the way the Windows Data Sharing Service\n handles file operations. (CVE-2019-1383, CVE-2019-1417)\n\n - An elevation of privilege vulnerability exists when\n ActiveX Installer service may allow access to files\n without proper authentication. An attacker who\n successfully exploited the vulnerability could\n potentially access unauthorized files. (CVE-2019-1382)\n\n - An information disclosure vulnerability exists when the\n Windows Remote Procedure Call (RPC) runtime improperly\n initializes objects in memory. An attacker who\n successfully exploited this vulnerability could obtain\n information to further compromise the users system.\n (CVE-2019-1409)\n\n - An elevation of privilege vulnerability exists in the\n way that the dssvc.dll handles file creation allowing\n for a file overwrite or creation in a secured location.\n An attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2019-1420)\n\n - An elevation of privilege vulnerability exists in the\n way that the iphlpsvc.dll handles file creation allowing\n for a file overwrite. An attacker who successfully\n exploited the vulnerability could execute code with\n elevated permissions. (CVE-2019-1422)\");\n # https://support.microsoft.com/en-us/help/4525232/windows-10-update-kb4525232\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?aa907170\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4525232.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1406\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1384\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft UPnP Local Privilege Elevation Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-11\";\nkbs = make_list('4525232');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"10240\",\n rollup_date:\"11_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4525232])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:31:18", "description": "The remote Windows host is missing security update 4525237.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel. An attacker who successfully exploited the vulnerability could downgrade aspects of the connection allowing for further modification of the transmission. (CVE-2019-1424)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-11135)\n\n - An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1374)\n\n - A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. The security update addresses the vulnerability by ensuring splwow64.exe properly handles these calls.. (CVE-2019-1380)\n\n - An elevation of privilege vulnerability exists due to a race condition in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1416)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1429)\n\n - A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. (CVE-2019-1384)\n\n - An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2019-1407, CVE-2019-1433, CVE-2019-1435, CVE-2019-1438)\n\n - An information vulnerability exists when Windows Modules Installer Service improperly discloses file information.\n Successful exploitation of the vulnerability could allow the attacker to read the contents of a log file on disk.\n (CVE-2019-1418)\n\n - An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. (CVE-2019-1454)\n\n - An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1388)\n\n - An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles IPv6 flowlabel filled in packets. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1324)\n\n - A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. (CVE-2018-12207, CVE-2019-1391)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1393, CVE-2019-1394, CVE-2019-1395, CVE-2019-1396, CVE-2019-1408)\n\n - An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations. (CVE-2019-1415)\n\n - A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0719, CVE-2019-0721)\n\n - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory.\n (CVE-2019-1411)\n\n - An information disclosure vulnerability exists when the Windows Servicing Stack allows access to unprivileged file locations. An attacker who successfully exploited the vulnerability could potentially access unauthorized files. (CVE-2019-1381)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1390)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1439)\n\n - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-1406)\n\n - An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1405)\n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-1389, CVE-2019-1397, CVE-2019-1398)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. (CVE-2019-0712, CVE-2019-1309, CVE-2019-1310)\n\n - A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n There are multiple ways an attacker could exploit the vulnerability, such as by either convincing a user to open a specially crafted document, or by convincing a user to visit a webpage that contains specially crafted embedded OpenType fonts. The update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts. (CVE-2019-1419, CVE-2019-1456)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-1399)\n\n - An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The update addresses the vulnerability by correcting the way the Windows Data Sharing Service handles file operations. (CVE-2019-1383, CVE-2019-1417)\n\n - An elevation of privilege vulnerability exists when ActiveX Installer service may allow access to files without proper authentication. An attacker who successfully exploited the vulnerability could potentially access unauthorized files. (CVE-2019-1382)\n\n - An information disclosure vulnerability exists when the Windows Remote Procedure Call (RPC) runtime improperly initializes objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.\n (CVE-2019-1409)\n\n - An elevation of privilege vulnerability exists in the way that the dssvc.dll handles file creation allowing for a file overwrite or creation in a secured location.\n An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1420)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1436, CVE-2019-1440)\n\n - An elevation of privilege vulnerability exists in the way that the iphlpsvc.dll handles file creation allowing for a file overwrite. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1422)\n\n - An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files. (CVE-2019-1385)", "cvss3": {}, "published": "2019-11-12T00:00:00", "type": "nessus", "title": "KB4525237: Windows 10 Version 1803 November 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12207", "CVE-2019-0712", "CVE-2019-0719", "CVE-2019-0721", "CVE-2019-11135", "CVE-2019-1309", "CVE-2019-1310", "CVE-2019-1324", "CVE-2019-1374", "CVE-2019-1380", "CVE-2019-1381", "CVE-2019-1382", "CVE-2019-1383", "CVE-2019-1384", "CVE-2019-1385", "CVE-2019-1388", "CVE-2019-1389", "CVE-2019-1390", "CVE-2019-1391", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1398", "CVE-2019-1399", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1407", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1413", "CVE-2019-1415", "CVE-2019-1416", "CVE-2019-1417", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1420", "CVE-2019-1422", "CVE-2019-1424", "CVE-2019-1426", "CVE-2019-1427", "CVE-2019-1428", "CVE-2019-1429", "CVE-2019-1433", "CVE-2019-1435", "CVE-2019-1436", "CVE-2019-1438", "CVE-2019-1439", "CVE-2019-1440", "CVE-2019-1454", "CVE-2019-1456"], "modified": "2023-04-08T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS19_NOV_4525237.NASL", "href": "https://www.tenable.com/plugins/nessus/130907", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130907);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/08\");\n\n script_cve_id(\n \"CVE-2018-12207\",\n \"CVE-2019-0712\",\n \"CVE-2019-0719\",\n \"CVE-2019-0721\",\n \"CVE-2019-1309\",\n \"CVE-2019-1310\",\n \"CVE-2019-1324\",\n \"CVE-2019-1374\",\n \"CVE-2019-1380\",\n \"CVE-2019-1381\",\n \"CVE-2019-1382\",\n \"CVE-2019-1383\",\n \"CVE-2019-1384\",\n \"CVE-2019-1385\",\n \"CVE-2019-1388\",\n \"CVE-2019-1389\",\n \"CVE-2019-1390\",\n \"CVE-2019-1391\",\n \"CVE-2019-1393\",\n \"CVE-2019-1394\",\n \"CVE-2019-1395\",\n \"CVE-2019-1396\",\n \"CVE-2019-1397\",\n \"CVE-2019-1398\",\n \"CVE-2019-1399\",\n \"CVE-2019-1405\",\n \"CVE-2019-1406\",\n \"CVE-2019-1407\",\n \"CVE-2019-1408\",\n \"CVE-2019-1409\",\n \"CVE-2019-1411\",\n \"CVE-2019-1413\",\n \"CVE-2019-1415\",\n \"CVE-2019-1416\",\n \"CVE-2019-1417\",\n \"CVE-2019-1418\",\n \"CVE-2019-1419\",\n \"CVE-2019-1420\",\n \"CVE-2019-1422\",\n \"CVE-2019-1424\",\n \"CVE-2019-1426\",\n \"CVE-2019-1427\",\n \"CVE-2019-1428\",\n \"CVE-2019-1429\",\n \"CVE-2019-1433\",\n \"CVE-2019-1435\",\n \"CVE-2019-1436\",\n \"CVE-2019-1438\",\n \"CVE-2019-1439\",\n \"CVE-2019-1440\",\n \"CVE-2019-1454\",\n \"CVE-2019-1456\",\n \"CVE-2019-11135\"\n );\n script_xref(name:\"MSKB\", value:\"4525237\");\n script_xref(name:\"MSFT\", value:\"MS19-4525237\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/05\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/04/28\");\n\n script_name(english:\"KB4525237: Windows 10 Version 1803 November 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4525237.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A security feature bypass vulnerability exists when\n Windows Netlogon improperly handles a secure\n communications channel. An attacker who successfully\n exploited the vulnerability could downgrade aspects of\n the connection allowing for further modification of the\n transmission. (CVE-2019-1424)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-11135)\n\n - An information disclosure vulnerability exists in the\n way Windows Error Reporting (WER) handles objects in\n memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1374)\n\n - A local elevation of privilege vulnerability exists in\n how splwow64.exe handles certain calls. An attacker who\n successfully exploited the vulnerability could elevate\n privileges on an affected system from low-integrity to\n medium-integrity. This vulnerability by itself does not\n allow arbitrary code execution; however, it could allow\n arbitrary code to be run if the attacker uses it in\n combination with another vulnerability (such as a remote\n code execution vulnerability or another elevation of\n privilege vulnerability) that is capable of leveraging\n the elevated privileges when code execution is\n attempted. The security update addresses the\n vulnerability by ensuring splwow64.exe properly handles\n these calls.. (CVE-2019-1380)\n\n - An elevation of privilege vulnerability exists due to a\n race condition in Windows Subsystem for Linux. An\n attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2019-1416)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1429)\n\n - A security feature bypass vulnerability exists where a\n NETLOGON message is able to obtain the session key and\n sign messages. (CVE-2019-1384)\n\n - An elevation of privilege vulnerability exists when the\n Windows Graphics Component improperly handles objects in\n memory. An attacker who successfully exploited this\n vulnerability could run processes in an elevated\n context. (CVE-2019-1407, CVE-2019-1433, CVE-2019-1435,\n CVE-2019-1438)\n\n - An information vulnerability exists when Windows Modules\n Installer Service improperly discloses file information.\n Successful exploitation of the vulnerability could allow\n the attacker to read the contents of a log file on disk.\n (CVE-2019-1418)\n\n - An elevation of privilege vulnerability exists when the\n Windows User Profile Service (ProfSvc) improperly\n handles symlinks. An attacker who successfully exploited\n this vulnerability could delete files and folders in an\n elevated context. (CVE-2019-1454)\n\n - An elevation of privilege vulnerability exists in the\n Windows Certificate Dialog when it does not properly\n enforce user privileges. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1388)\n\n - An information disclosure vulnerability exists when the\n Windows TCP/IP stack improperly handles IPv6 flowlabel\n filled in packets. An attacker who successfully\n exploited this vulnerability could obtain information to\n further compromise the users system. (CVE-2019-1324)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-12207,\n CVE-2019-1391)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1393, CVE-2019-1394,\n CVE-2019-1395, CVE-2019-1396, CVE-2019-1408)\n\n - An elevation of privilege vulnerability exists in\n Windows Installer because of the way Windows Installer\n handles certain filesystem operations. (CVE-2019-1415)\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V Network Switch on a host server fails to\n properly validate input from an authenticated user on a\n guest operating system. (CVE-2019-0719, CVE-2019-0721)\n\n - An information disclosure vulnerability exists when\n DirectWrite improperly discloses the contents of its\n memory. An attacker who successfully exploited the\n vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how DirectWrite handles objects in memory.\n (CVE-2019-1411)\n\n - An information disclosure vulnerability exists when the\n Windows Servicing Stack allows access to unprivileged\n file locations. An attacker who successfully exploited\n the vulnerability could potentially access unauthorized\n files. (CVE-2019-1381)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1390)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1439)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-1406)\n\n - An elevation of privilege vulnerability exists when the\n Windows Universal Plug and Play (UPnP) service\n improperly allows COM object creation. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. (CVE-2019-1405)\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-1389, CVE-2019-1397,\n CVE-2019-1398)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V Network Switch on a host server fails to\n properly validate input from a privileged user on a\n guest operating system. An attacker who successfully\n exploited the vulnerability could cause the host server\n to crash. (CVE-2019-0712, CVE-2019-1309, CVE-2019-1310)\n\n - A remote code execution vulnerability exists in\n Microsoft Windows when the Windows Adobe Type Manager\n Library improperly handles specially crafted OpenType\n fonts. For all systems except Windows 10, an attacker\n who successfully exploited the vulnerability could\n execute code remotely. For systems running Windows 10,\n an attacker who successfully exploited the vulnerability\n could execute code in an AppContainer sandbox context\n with limited privileges and capabilities. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n There are multiple ways an attacker could exploit the\n vulnerability, such as by either convincing a user to\n open a specially crafted document, or by convincing a\n user to visit a webpage that contains specially crafted\n embedded OpenType fonts. The update addresses the\n vulnerability by correcting how the Windows Adobe Type\n Manager Library handles OpenType fonts. (CVE-2019-1419,\n CVE-2019-1456)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-1399)\n\n - An elevation of privilege vulnerability exists when the\n Windows Data Sharing Service improperly handles file\n operations. An attacker who successfully exploited this\n vulnerability could run processes in an elevated\n context. An attacker could exploit this vulnerability by\n running a specially crafted application on the victim\n system. The update addresses the vulnerability by\n correcting the way the Windows Data Sharing Service\n handles file operations. (CVE-2019-1383, CVE-2019-1417)\n\n - An elevation of privilege vulnerability exists when\n ActiveX Installer service may allow access to files\n without proper authentication. An attacker who\n successfully exploited the vulnerability could\n potentially access unauthorized files. (CVE-2019-1382)\n\n - An information disclosure vulnerability exists when the\n Windows Remote Procedure Call (RPC) runtime improperly\n initializes objects in memory. An attacker who\n successfully exploited this vulnerability could obtain\n information to further compromise the users system.\n (CVE-2019-1409)\n\n - An elevation of privilege vulnerability exists in the\n way that the dssvc.dll handles file creation allowing\n for a file overwrite or creation in a secured location.\n An attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2019-1420)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1436, CVE-2019-1440)\n\n - An elevation of privilege vulnerability exists in the\n way that the iphlpsvc.dll handles file creation allowing\n for a file overwrite. An attacker who successfully\n exploited the vulnerability could execute code with\n elevated permissions. (CVE-2019-1422)\n\n - An elevation of privilege vulnerability exists when the\n Windows AppX Deployment Extensions improperly performs\n privilege management, resulting in access to system\n files. (CVE-2019-1385)\");\n # https://support.microsoft.com/en-us/help/4525237/windows-10-update-kb4525237\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2194d569\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4525237.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1406\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1384\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft UPnP Local Privilege Elevation Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-11\";\nkbs = make_list('4525237');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"17134\",\n rollup_date:\"11_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4525237])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:32:23", "description": "The remote Windows host is missing security update 4525241.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel. An attacker who successfully exploited the vulnerability could downgrade aspects of the connection allowing for further modification of the transmission. (CVE-2019-1424)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-11135)\n\n - An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1374)\n\n - A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. The security update addresses the vulnerability by ensuring splwow64.exe properly handles these calls.. (CVE-2019-1380)\n\n - An elevation of privilege vulnerability exists due to a race condition in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1416)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1429)\n\n - A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. (CVE-2019-1384)\n\n - An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2019-1407, CVE-2019-1433, CVE-2019-1435, CVE-2019-1438)\n\n - An information vulnerability exists when Windows Modules Installer Service improperly discloses file information.\n Successful exploitation of the vulnerability could allow the attacker to read the contents of a log file on disk.\n (CVE-2019-1418)\n\n - An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. (CVE-2019-1454)\n\n - An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1388)\n\n - An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles IPv6 flowlabel filled in packets. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1324)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. (CVE-2019-0712, CVE-2019-1309)\n\n - A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. (CVE-2018-12207, CVE-2019-1391)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1393, CVE-2019-1394, CVE-2019-1395, CVE-2019-1396, CVE-2019-1408)\n\n - An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations. (CVE-2019-1415)\n\n - A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0719, CVE-2019-0721)\n\n - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory.\n (CVE-2019-1411)\n\n - An information disclosure vulnerability exists when the Windows Servicing Stack allows access to unprivileged file locations. An attacker who successfully exploited the vulnerability could potentially access unauthorized files. (CVE-2019-1381)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1390)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1439)\n\n - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-1406)\n\n - An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1405)\n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-1389, CVE-2019-1397, CVE-2019-1398)\n\n - A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n There are multiple ways an attacker could exploit the vulnerability, such as by either convincing a user to open a specially crafted document, or by convincing a user to visit a webpage that contains specially crafted embedded OpenType fonts. The update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts. (CVE-2019-1419, CVE-2019-1456)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-1399)\n\n - An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The update addresses the vulnerability by correcting the way the Windows Data Sharing Service handles file operations. (CVE-2019-1383, CVE-2019-1417)\n\n - An elevation of privilege vulnerability exists when ActiveX Installer service may allow access to files without proper authentication. An attacker who successfully exploited the vulnerability could potentially access unauthorized files. (CVE-2019-1382)\n\n - An information disclosure vulnerability exists when the Windows Remote Procedure Call (RPC) runtime improperly initializes objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.\n (CVE-2019-1409)\n\n - An elevation of privilege vulnerability exists in the way that the dssvc.dll handles file creation allowing for a file overwrite or creation in a secured location.\n An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1420)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1436, CVE-2019-1440)\n\n - An elevation of privilege vulnerability exists in the way that the iphlpsvc.dll handles file creation allowing for a file overwrite. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1422)\n\n - An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files. (CVE-2019-1385)", "cvss3": {}, "published": "2019-11-12T00:00:00", "type": "nessus", "title": "KB4525241: Windows 10 Version 1709 November 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12207", "CVE-2019-0712", "CVE-2019-0719", "CVE-2019-0721", "CVE-2019-11135", "CVE-2019-1309", "CVE-2019-1324", "CVE-2019-1374", "CVE-2019-1380", "CVE-2019-1381", "CVE-2019-1382", "CVE-2019-1383", "CVE-2019-1384", "CVE-2019-1385", "CVE-2019-1388", "CVE-2019-1389", "CVE-2019-1390", "CVE-2019-1391", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1398", "CVE-2019-1399", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1407", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1413", "CVE-2019-1415", "CVE-2019-1416", "CVE-2019-1417", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1420", "CVE-2019-1422", "CVE-2019-1424", "CVE-2019-1426", "CVE-2019-1427", "CVE-2019-1428", "CVE-2019-1429", "CVE-2019-1433", "CVE-2019-1435", "CVE-2019-1436", "CVE-2019-1438", "CVE-2019-1439", "CVE-2019-1440", "CVE-2019-1454", "CVE-2019-1456"], "modified": "2023-04-08T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS19_NOV_4525241.NASL", "href": "https://www.tenable.com/plugins/nessus/130908", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130908);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/08\");\n\n script_cve_id(\n \"CVE-2018-12207\",\n \"CVE-2019-0712\",\n \"CVE-2019-0719\",\n \"CVE-2019-0721\",\n \"CVE-2019-1309\",\n \"CVE-2019-1324\",\n \"CVE-2019-1374\",\n \"CVE-2019-1380\",\n \"CVE-2019-1381\",\n \"CVE-2019-1382\",\n \"CVE-2019-1383\",\n \"CVE-2019-1384\",\n \"CVE-2019-1385\",\n \"CVE-2019-1388\",\n \"CVE-2019-1389\",\n \"CVE-2019-1390\",\n \"CVE-2019-1391\",\n \"CVE-2019-1393\",\n \"CVE-2019-1394\",\n \"CVE-2019-1395\",\n \"CVE-2019-1396\",\n \"CVE-2019-1397\",\n \"CVE-2019-1398\",\n \"CVE-2019-1399\",\n \"CVE-2019-1405\",\n \"CVE-2019-1406\",\n \"CVE-2019-1407\",\n \"CVE-2019-1408\",\n \"CVE-2019-1409\",\n \"CVE-2019-1411\",\n \"CVE-2019-1413\",\n \"CVE-2019-1415\",\n \"CVE-2019-1416\",\n \"CVE-2019-1417\",\n \"CVE-2019-1418\",\n \"CVE-2019-1419\",\n \"CVE-2019-1420\",\n \"CVE-2019-1422\",\n \"CVE-2019-1424\",\n \"CVE-2019-1426\",\n \"CVE-2019-1427\",\n \"CVE-2019-1428\",\n \"CVE-2019-1429\",\n \"CVE-2019-1433\",\n \"CVE-2019-1435\",\n \"CVE-2019-1436\",\n \"CVE-2019-1438\",\n \"CVE-2019-1439\",\n \"CVE-2019-1440\",\n \"CVE-2019-1454\",\n \"CVE-2019-1456\",\n \"CVE-2019-11135\"\n );\n script_xref(name:\"MSKB\", value:\"4525241\");\n script_xref(name:\"MSFT\", value:\"MS19-4525241\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/05\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/04/28\");\n\n script_name(english:\"KB4525241: Windows 10 Version 1709 November 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4525241.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A security feature bypass vulnerability exists when\n Windows Netlogon improperly handles a secure\n communications channel. An attacker who successfully\n exploited the vulnerability could downgrade aspects of\n the connection allowing for further modification of the\n transmission. (CVE-2019-1424)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-11135)\n\n - An information disclosure vulnerability exists in the\n way Windows Error Reporting (WER) handles objects in\n memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1374)\n\n - A local elevation of privilege vulnerability exists in\n how splwow64.exe handles certain calls. An attacker who\n successfully exploited the vulnerability could elevate\n privileges on an affected system from low-integrity to\n medium-integrity. This vulnerability by itself does not\n allow arbitrary code execution; however, it could allow\n arbitrary code to be run if the attacker uses it in\n combination with another vulnerability (such as a remote\n code execution vulnerability or another elevation of\n privilege vulnerability) that is capable of leveraging\n the elevated privileges when code execution is\n attempted. The security update addresses the\n vulnerability by ensuring splwow64.exe properly handles\n these calls.. (CVE-2019-1380)\n\n - An elevation of privilege vulnerability exists due to a\n race condition in Windows Subsystem for Linux. An\n attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2019-1416)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1429)\n\n - A security feature bypass vulnerability exists where a\n NETLOGON message is able to obtain the session key and\n sign messages. (CVE-2019-1384)\n\n - An elevation of privilege vulnerability exists when the\n Windows Graphics Component improperly handles objects in\n memory. An attacker who successfully exploited this\n vulnerability could run processes in an elevated\n context. (CVE-2019-1407, CVE-2019-1433, CVE-2019-1435,\n CVE-2019-1438)\n\n - An information vulnerability exists when Windows Modules\n Installer Service improperly discloses file information.\n Successful exploitation of the vulnerability could allow\n the attacker to read the contents of a log file on disk.\n (CVE-2019-1418)\n\n - An elevation of privilege vulnerability exists when the\n Windows User Profile Service (ProfSvc) improperly\n handles symlinks. An attacker who successfully exploited\n this vulnerability could delete files and folders in an\n elevated context. (CVE-2019-1454)\n\n - An elevation of privilege vulnerability exists in the\n Windows Certificate Dialog when it does not properly\n enforce user privileges. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1388)\n\n - An information disclosure vulnerability exists when the\n Windows TCP/IP stack improperly handles IPv6 flowlabel\n filled in packets. An attacker who successfully\n exploited this vulnerability could obtain information to\n further compromise the users system. (CVE-2019-1324)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V Network Switch on a host server fails to\n properly validate input from a privileged user on a\n guest operating system. An attacker who successfully\n exploited the vulnerability could cause the host server\n to crash. (CVE-2019-0712, CVE-2019-1309)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-12207,\n CVE-2019-1391)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1393, CVE-2019-1394,\n CVE-2019-1395, CVE-2019-1396, CVE-2019-1408)\n\n - An elevation of privilege vulnerability exists in\n Windows Installer because of the way Windows Installer\n handles certain filesystem operations. (CVE-2019-1415)\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V Network Switch on a host server fails to\n properly validate input from an authenticated user on a\n guest operating system. (CVE-2019-0719, CVE-2019-0721)\n\n - An information disclosure vulnerability exists when\n DirectWrite improperly discloses the contents of its\n memory. An attacker who successfully exploited the\n vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how DirectWrite handles objects in memory.\n (CVE-2019-1411)\n\n - An information disclosure vulnerability exists when the\n Windows Servicing Stack allows access to unprivileged\n file locations. An attacker who successfully exploited\n the vulnerability could potentially access unauthorized\n files. (CVE-2019-1381)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1390)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1439)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-1406)\n\n - An elevation of privilege vulnerability exists when the\n Windows Universal Plug and Play (UPnP) service\n improperly allows COM object creation. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. (CVE-2019-1405)\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-1389, CVE-2019-1397,\n CVE-2019-1398)\n\n - A remote code execution vulnerability exists in\n Microsoft Windows when the Windows Adobe Type Manager\n Library improperly handles specially crafted OpenType\n fonts. For all systems except Windows 10, an attacker\n who successfully exploited the vulnerability could\n execute code remotely. For systems running Windows 10,\n an attacker who successfully exploited the vulnerability\n could execute code in an AppContainer sandbox context\n with limited privileges and capabilities. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n There are multiple ways an attacker could exploit the\n vulnerability, such as by either convincing a user to\n open a specially crafted document, or by convincing a\n user to visit a webpage that contains specially crafted\n embedded OpenType fonts. The update addresses the\n vulnerability by correcting how the Windows Adobe Type\n Manager Library handles OpenType fonts. (CVE-2019-1419,\n CVE-2019-1456)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-1399)\n\n - An elevation of privilege vulnerability exists when the\n Windows Data Sharing Service improperly handles file\n operations. An attacker who successfully exploited this\n vulnerability could run processes in an elevated\n context. An attacker could exploit this vulnerability by\n running a specially crafted application on the victim\n system. The update addresses the vulnerability by\n correcting the way the Windows Data Sharing Service\n handles file operations. (CVE-2019-1383, CVE-2019-1417)\n\n - An elevation of privilege vulnerability exists when\n ActiveX Installer service may allow access to files\n without proper authentication. An attacker who\n successfully exploited the vulnerability could\n potentially access unauthorized files. (CVE-2019-1382)\n\n - An information disclosure vulnerability exists when the\n Windows Remote Procedure Call (RPC) runtime improperly\n initializes objects in memory. An attacker who\n successfully exploited this vulnerability could obtain\n information to further compromise the users system.\n (CVE-2019-1409)\n\n - An elevation of privilege vulnerability exists in the\n way that the dssvc.dll handles file creation allowing\n for a file overwrite or creation in a secured location.\n An attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2019-1420)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1436, CVE-2019-1440)\n\n - An elevation of privilege vulnerability exists in the\n way that the iphlpsvc.dll handles file creation allowing\n for a file overwrite. An attacker who successfully\n exploited the vulnerability could execute code with\n elevated permissions. (CVE-2019-1422)\n\n - An elevation of privilege vulnerability exists when the\n Windows AppX Deployment Extensions improperly performs\n privilege management, resulting in access to system\n files. (CVE-2019-1385)\");\n # https://support.microsoft.com/en-us/help/4525241/windows-10-update-kb4525241\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?df32672c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4525241.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1406\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1384\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft UPnP Local Privilege Elevation Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-11\";\nkbs = make_list('4525241');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\nmy_os_build = get_kb_item(\"SMB/WindowsVersionBuild\");\nproductname = get_kb_item_or_exit(\"SMB/ProductName\");\n\nif (my_os_build = \"16299\" && \"enterprise\" >!< tolower(productname) && \"education\" >!< tolower(productname) && \"server\" >!< tolower(productname))\n audit(AUDIT_OS_NOT, \"a supported version of Windows\");\n\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"16299\",\n rollup_date:\"11_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4525241])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:34", "description": "The remote Windows host is missing security update 4523205.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel. An attacker who successfully exploited the vulnerability could downgrade aspects of the connection allowing for further modification of the transmission. (CVE-2019-1424)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-11135)\n\n - An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1374)\n\n - A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. The security update addresses the vulnerability by ensuring splwow64.exe properly handles these calls.. (CVE-2019-1380)\n\n - An elevation of privilege vulnerability exists due to a race condition in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1416)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1429)\n\n - A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. (CVE-2019-1384)\n\n - An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. (CVE-2019-1454)\n\n - An information vulnerability exists when Windows Modules Installer Service improperly discloses file information.\n Successful exploitation of the vulnerability could allow the attacker to read the contents of a log file on disk.\n (CVE-2019-1418)\n\n - An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1388)\n\n - An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles IPv6 flowlabel filled in packets. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1324)\n\n - A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. (CVE-2018-12207, CVE-2019-1391)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1393, CVE-2019-1394, CVE-2019-1395, CVE-2019-1396, CVE-2019-1408)\n\n - An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations. (CVE-2019-1415)\n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-1397, CVE-2019-1398)\n\n - A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0719, CCVE-2019-0721)\n\n - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory.\n (CVE-2019-1411)\n\n - An information disclosure vulnerability exists when the Windows Servicing Stack allows access to unprivileged file locations. An attacker who successfully exploited the vulnerability could potentially access unauthorized files. (CVE-2019-1381)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1390)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1439)\n\n - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-1406)\n\n - An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1405)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. (CVE-2019-0712, CVE-2019-1309, CVE-2019-1310)\n\n - An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The update addresses the vulnerability by correcting the way the Windows Data Sharing Service handles file operations. (CVE-2019-1379, CVE-2019-1383, CVE-2019-1417)\n\n - A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n There are multiple ways an attacker could exploit the vulnerability, such as by either convincing a user to open a specially crafted document, or by convincing a user to visit a webpage that contains specially crafted embedded OpenType fonts. The update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts. (CVE-2019-1419, CVE-2019-1456)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-1399)\n\n - An elevation of privilege vulnerability exists when ActiveX Installer service may allow access to files without proper authentication. An attacker who successfully exploited the vulnerability could potentially access unauthorized files. (CVE-2019-1382)\n\n - An information disclosure vulnerability exists when the Windows Remote Procedure Call (RPC) runtime improperly initializes objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.\n (CVE-2019-1409)\n\n - An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2019-1433, CVE-2019-1435, CVE-2019-1437, CVE-2019-1438)\n\n - An elevation of privilege vulnerability exists in the way that the dssvc.dll handles file creation allowing for a file overwrite or creation in a secured location.\n An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1420)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1436, CVE-2019-1440)\n\n - An elevation of privilege vulnerability exists in the way that the iphlpsvc.dll handles file creation allowing for a file overwrite. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1422)\n\n - An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files. (CVE-2019-1385)", "cvss3": {}, "published": "2019-11-12T00:00:00", "type": "nessus", "title": "KB4523205: Windows 10 Version 1809 and Windows Server 2019 November 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12207", "CVE-2019-0712", "CVE-2019-0719", "CVE-2019-0721", "CVE-2019-11135", "CVE-2019-1309", "CVE-2019-1310", "CVE-2019-1324", "CVE-2019-1374", "CVE-2019-1379", "CVE-2019-1380", "CVE-2019-1381", "CVE-2019-1382", "CVE-2019-1383", "CVE-2019-1384", "CVE-2019-1385", "CVE-2019-1388", "CVE-2019-1390", "CVE-2019-1391", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1398", "CVE-2019-1399", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1413", "CVE-2019-1415", "CVE-2019-1416", "CVE-2019-1417", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1420", "CVE-2019-1422", "CVE-2019-1424", "CVE-2019-1426", "CVE-2019-1427", "CVE-2019-1428", "CVE-2019-1429", "CVE-2019-1433", "CVE-2019-1435", "CVE-2019-1436", "CVE-2019-1437", "CVE-2019-1438", "CVE-2019-1439", "CVE-2019-1440", "CVE-2019-1454", "CVE-2019-1456"], "modified": "2023-04-08T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS19_NOV_4523205.NASL", "href": "https://www.tenable.com/plugins/nessus/130901", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130901);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/08\");\n\n script_cve_id(\n \"CVE-2018-12207\",\n \"CVE-2019-0712\",\n \"CVE-2019-0719\",\n \"CVE-2019-0721\",\n \"CVE-2019-1309\",\n \"CVE-2019-1310\",\n \"CVE-2019-1324\",\n \"CVE-2019-1374\",\n \"CVE-2019-1379\",\n \"CVE-2019-1380\",\n \"CVE-2019-1381\",\n \"CVE-2019-1382\",\n \"CVE-2019-1383\",\n \"CVE-2019-1384\",\n \"CVE-2019-1385\",\n \"CVE-2019-1388\",\n \"CVE-2019-1390\",\n \"CVE-2019-1391\",\n \"CVE-2019-1393\",\n \"CVE-2019-1394\",\n \"CVE-2019-1395\",\n \"CVE-2019-1396\",\n \"CVE-2019-1397\",\n \"CVE-2019-1398\",\n \"CVE-2019-1399\",\n \"CVE-2019-1405\",\n \"CVE-2019-1406\",\n \"CVE-2019-1408\",\n \"CVE-2019-1409\",\n \"CVE-2019-1411\",\n \"CVE-2019-1413\",\n \"CVE-2019-1415\",\n \"CVE-2019-1416\",\n \"CVE-2019-1417\",\n \"CVE-2019-1418\",\n \"CVE-2019-1419\",\n \"CVE-2019-1420\",\n \"CVE-2019-1422\",\n \"CVE-2019-1424\",\n \"CVE-2019-1426\",\n \"CVE-2019-1427\",\n \"CVE-2019-1428\",\n \"CVE-2019-1429\",\n \"CVE-2019-1433\",\n \"CVE-2019-1435\",\n \"CVE-2019-1436\",\n \"CVE-2019-1437\",\n \"CVE-2019-1438\",\n \"CVE-2019-1439\",\n \"CVE-2019-1440\",\n \"CVE-2019-1454\",\n \"CVE-2019-1456\",\n \"CVE-2019-11135\"\n );\n script_xref(name:\"MSKB\", value:\"4523205\");\n script_xref(name:\"MSFT\", value:\"MS19-4523205\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/05\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/04/28\");\n\n script_name(english:\"KB4523205: Windows 10 Version 1809 and Windows Server 2019 November 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4523205.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A security feature bypass vulnerability exists when\n Windows Netlogon improperly handles a secure\n communications channel. An attacker who successfully\n exploited the vulnerability could downgrade aspects of\n the connection allowing for further modification of the\n transmission. (CVE-2019-1424)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-11135)\n\n - An information disclosure vulnerability exists in the\n way Windows Error Reporting (WER) handles objects in\n memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1374)\n\n - A local elevation of privilege vulnerability exists in\n how splwow64.exe handles certain calls. An attacker who\n successfully exploited the vulnerability could elevate\n privileges on an affected system from low-integrity to\n medium-integrity. This vulnerability by itself does not\n allow arbitrary code execution; however, it could allow\n arbitrary code to be run if the attacker uses it in\n combination with another vulnerability (such as a remote\n code execution vulnerability or another elevation of\n privilege vulnerability) that is capable of leveraging\n the elevated privileges when code execution is\n attempted. The security update addresses the\n vulnerability by ensuring splwow64.exe properly handles\n these calls.. (CVE-2019-1380)\n\n - An elevation of privilege vulnerability exists due to a\n race condition in Windows Subsystem for Linux. An\n attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2019-1416)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1429)\n\n - A security feature bypass vulnerability exists where a\n NETLOGON message is able to obtain the session key and\n sign messages. (CVE-2019-1384)\n\n - An elevation of privilege vulnerability exists when the\n Windows User Profile Service (ProfSvc) improperly\n handles symlinks. An attacker who successfully exploited\n this vulnerability could delete files and folders in an\n elevated context. (CVE-2019-1454)\n\n - An information vulnerability exists when Windows Modules\n Installer Service improperly discloses file information.\n Successful exploitation of the vulnerability could allow\n the attacker to read the contents of a log file on disk.\n (CVE-2019-1418)\n\n - An elevation of privilege vulnerability exists in the\n Windows Certificate Dialog when it does not properly\n enforce user privileges. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1388)\n\n - An information disclosure vulnerability exists when the\n Windows TCP/IP stack improperly handles IPv6 flowlabel\n filled in packets. An attacker who successfully\n exploited this vulnerability could obtain information to\n further compromise the users system. (CVE-2019-1324)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-12207,\n CVE-2019-1391)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1393, CVE-2019-1394,\n CVE-2019-1395, CVE-2019-1396, CVE-2019-1408)\n\n - An elevation of privilege vulnerability exists in\n Windows Installer because of the way Windows Installer\n handles certain filesystem operations. (CVE-2019-1415)\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-1397, CVE-2019-1398)\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V Network Switch on a host server fails to\n properly validate input from an authenticated user on a\n guest operating system. (CVE-2019-0719, CCVE-2019-0721)\n\n - An information disclosure vulnerability exists when\n DirectWrite improperly discloses the contents of its\n memory. An attacker who successfully exploited the\n vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how DirectWrite handles objects in memory.\n (CVE-2019-1411)\n\n - An information disclosure vulnerability exists when the\n Windows Servicing Stack allows access to unprivileged\n file locations. An attacker who successfully exploited\n the vulnerability could potentially access unauthorized\n files. (CVE-2019-1381)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1390)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1439)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-1406)\n\n - An elevation of privilege vulnerability exists when the\n Windows Universal Plug and Play (UPnP) service\n improperly allows COM object creation. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. (CVE-2019-1405)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V Network Switch on a host server fails to\n properly validate input from a privileged user on a\n guest operating system. An attacker who successfully\n exploited the vulnerability could cause the host server\n to crash. (CVE-2019-0712, CVE-2019-1309, CVE-2019-1310)\n\n - An elevation of privilege vulnerability exists when the\n Windows Data Sharing Service improperly handles file\n operations. An attacker who successfully exploited this\n vulnerability could run processes in an elevated\n context. An attacker could exploit this vulnerability by\n running a specially crafted application on the victim\n system. The update addresses the vulnerability by\n correcting the way the Windows Data Sharing Service\n handles file operations. (CVE-2019-1379, CVE-2019-1383,\n CVE-2019-1417)\n\n - A remote code execution vulnerability exists in\n Microsoft Windows when the Windows Adobe Type Manager\n Library improperly handles specially crafted OpenType\n fonts. For all systems except Windows 10, an attacker\n who successfully exploited the vulnerability could\n execute code remotely. For systems running Windows 10,\n an attacker who successfully exploited the vulnerability\n could execute code in an AppContainer sandbox context\n with limited privileges and capabilities. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n There are multiple ways an attacker could exploit the\n vulnerability, such as by either convincing a user to\n open a specially crafted document, or by convincing a\n user to visit a webpage that contains specially crafted\n embedded OpenType fonts. The update addresses the\n vulnerability by correcting how the Windows Adobe Type\n Manager Library handles OpenType fonts. (CVE-2019-1419,\n CVE-2019-1456)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-1399)\n\n - An elevation of privilege vulnerability exists when\n ActiveX Installer service may allow access to files\n without proper authentication. An attacker who\n successfully exploited the vulnerability could\n potentially access unauthorized files. (CVE-2019-1382)\n\n - An information disclosure vulnerability exists when the\n Windows Remote Procedure Call (RPC) runtime improperly\n initializes objects in memory. An attacker who\n successfully exploited this vulnerability could obtain\n information to further compromise the users system.\n (CVE-2019-1409)\n\n - An elevation of privilege vulnerability exists when the\n Windows Graphics Component improperly handles objects in\n memory. An attacker who successfully exploited this\n vulnerability could run processes in an elevated\n context. (CVE-2019-1433, CVE-2019-1435, CVE-2019-1437,\n CVE-2019-1438)\n\n - An elevation of privilege vulnerability exists in the\n way that the dssvc.dll handles file creation allowing\n for a file overwrite or creation in a secured location.\n An attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2019-1420)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1436, CVE-2019-1440)\n\n - An elevation of privilege vulnerability exists in the\n way that the iphlpsvc.dll handles file creation allowing\n for a file overwrite. An attacker who successfully\n exploited the vulnerability could execute code with\n elevated permissions. (CVE-2019-1422)\n\n - An elevation of privilege vulnerability exists when the\n Windows AppX Deployment Extensions improperly performs\n privilege management, resulting in access to system\n files. (CVE-2019-1385)\");\n # https://support.microsoft.com/en-us/help/4523205/windows-10-update-kb4523205\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fabe75f5\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4523205.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1406\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1384\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft UPnP Local Privilege Elevation Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-11\";\nkbs = make_list('4523205');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"17763\",\n rollup_date:\"11_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4523205])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:31:18", "description": "The remote Windows host is missing security update 4524570. It is, therefore, affected by multiple vulnerabilities :\n\n - A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel. An attacker who successfully exploited the vulnerability could downgrade aspects of the connection allowing for further modification of the transmission. (CVE-2019-1424)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-11135)\n\n - An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1374)\n\n - A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. The security update addresses the vulnerability by ensuring splwow64.exe properly handles these calls.. (CVE-2019-1380)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1436, CVE-2019-1440)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1429)\n\n - A remote code execution vulnerability exists when Windows Media Foundation improperly parses specially crafted QuickTime media files. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. (CVE-2019-1430)\n\n - A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. (CVE-2019-1384)\n\n - An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. (CVE-2019-1454)\n\n - An information vulnerability exists when Windows Modules Installer Service improperly discloses file information.\n Successful exploitation of the vulnerability could allow the attacker to read the contents of a log file on disk.\n (CVE-2019-1418)\n\n - An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1388)\n\n - An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles IPv6 flowlabel filled in packets. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1324)\n\n - A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. (CVE-2018-12207, CVE-2019-1391)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1393, CVE-2019-1394, CVE-2019-1395, CVE-2019-1396, CVE-2019-1408)\n\n - An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations. (CVE-2019-1415)\n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-1397, CVE-2019-1398)\n\n - A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-0719, CVE-2019-0721)\n\n - An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory.\n (CVE-2019-1411)\n\n - An information disclosure vulnerability exists when the Windows Servicing Stack allows access to unprivileged file locations. An attacker who successfully exploited the vulnerability could potentially access unauthorized files. (CVE-2019-1381)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1390)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1439)\n\n - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. (CVE-2019-1406)\n\n - An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1405)\n\n - An elevation of privilege vulnerability exists in the way that the StartTileData.dll handles file creation in protected locations. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1423)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. (CVE-2019-0712, CVE-2019-1309, CVE-2019-1310)\n\n - A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n There are multiple ways an attacker could exploit the vulnerability, such as by either convincing a user to open a specially crafted document, or by convincing a user to visit a webpage that contains specially crafted embedded OpenType fonts. The update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts. (CVE-2019-1419, CVE-2019-1456)\n\n - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. (CVE-2019-1399)\n\n - An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The update addresses the vulnerability by correcting the way the Windows Data Sharing Service handles file operations. (CVE-2019-1417)\n\n - An elevation of privilege vulnerability exists when ActiveX Installer service may allow access to files without proper authentication. An attacker who successfully exploited the vulnerability could potentially access unauthorized files. (CVE-2019-1382)\n\n - An information disclosure vulnerability exists when the Windows Remote Procedure Call (RPC) runtime improperly initializes objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system.\n (CVE-2019-1409)\n\n - An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. (CVE-2019-1433, CVE-2019-1435, CVE-2019-1437, CVE-2019-1438)\n\n - An elevation of privilege vulnerability exists in the way that the dssvc.dll handles file creation allowing for a file overwrite or creation in a secured location.\n An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1420)\n\n - An elevation of privilege vulnerability exists due to a race condition in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\n (CVE-2019-1416)\n\n - An elevation of privilege vulnerability exists in the way that the iphlpsvc.dll handles file creation allowing for a file overwrite. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. (CVE-2019-1422)\n\n - An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files. (CVE-2019-1385)", "cvss3": {}, "published": "2019-11-12T00:00:00", "type": "nessus", "title": "KB4524570: Windows 10 Version 1903 and Windows 10 Version 1909 November 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12207", "CVE-2019-0712", "CVE-2019-0719", "CVE-2019-0721", "CVE-2019-11135", "CVE-2019-1309", "CVE-2019-1310", "CVE-2019-1324", "CVE-2019-1374", "CVE-2019-1380", "CVE-2019-1381", "CVE-2019-1382", "CVE-2019-1384", "CVE-2019-1385", "CVE-2019-1388", "CVE-2019-1390", "CVE-2019-1391", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1398", "CVE-2019-1399", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1413", "CVE-2019-1415", "CVE-2019-1416", "CVE-2019-1417", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1420", "CVE-2019-1422", "CVE-2019-1423", "CVE-2019-1424", "CVE-2019-1426", "CVE-2019-1427", "CVE-2019-1428", "CVE-2019-1429", "CVE-2019-1430", "CVE-2019-1433", "CVE-2019-1435", "CVE-2019-1436", "CVE-2019-1437", "CVE-2019-1438", "CVE-2019-1439", "CVE-2019-1440", "CVE-2019-1454", "CVE-2019-1456"], "modified": "2023-04-08T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS19_NOV_4524570.NASL", "href": "https://www.tenable.com/plugins/nessus/130902", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130902);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/08\");\n\n script_cve_id(\n \"CVE-2018-12207\",\n \"CVE-2019-0712\",\n \"CVE-2019-0719\",\n \"CVE-2019-0721\",\n \"CVE-2019-1309\",\n \"CVE-2019-1310\",\n \"CVE-2019-1324\",\n \"CVE-2019-1374\",\n \"CVE-2019-1380\",\n \"CVE-2019-1381\",\n \"CVE-2019-1382\",\n \"CVE-2019-1384\",\n \"CVE-2019-1385\",\n \"CVE-2019-1388\",\n \"CVE-2019-1390\",\n \"CVE-2019-1391\",\n \"CVE-2019-1393\",\n \"CVE-2019-1394\",\n \"CVE-2019-1395\",\n \"CVE-2019-1396\",\n \"CVE-2019-1397\",\n \"CVE-2019-1398\",\n \"CVE-2019-1399\",\n \"CVE-2019-1405\",\n \"CVE-2019-1406\",\n \"CVE-2019-1408\",\n \"CVE-2019-1409\",\n \"CVE-2019-1411\",\n \"CVE-2019-1413\",\n \"CVE-2019-1415\",\n \"CVE-2019-1416\",\n \"CVE-2019-1417\",\n \"CVE-2019-1418\",\n \"CVE-2019-1419\",\n \"CVE-2019-1420\",\n \"CVE-2019-1422\",\n \"CVE-2019-1423\",\n \"CVE-2019-1424\",\n \"CVE-2019-1426\",\n \"CVE-2019-1427\",\n \"CVE-2019-1428\",\n \"CVE-2019-1429\",\n \"CVE-2019-1430\",\n \"CVE-2019-1433\",\n \"CVE-2019-1435\",\n \"CVE-2019-1436\",\n \"CVE-2019-1437\",\n \"CVE-2019-1438\",\n \"CVE-2019-1439\",\n \"CVE-2019-1440\",\n \"CVE-2019-1454\",\n \"CVE-2019-1456\",\n \"CVE-2019-11135\"\n );\n script_xref(name:\"MSKB\", value:\"4524570\");\n script_xref(name:\"MSFT\", value:\"MS19-4524570\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/05\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/04/28\");\n\n script_name(english:\"KB4524570: Windows 10 Version 1903 and Windows 10 Version 1909 November 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4524570. \nIt is, therefore, affected by multiple vulnerabilities :\n\n - A security feature bypass vulnerability exists when\n Windows Netlogon improperly handles a secure\n communications channel. An attacker who successfully\n exploited the vulnerability could downgrade aspects of\n the connection allowing for further modification of the\n transmission. (CVE-2019-1424)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-11135)\n\n - An information disclosure vulnerability exists in the\n way Windows Error Reporting (WER) handles objects in\n memory. An attacker who successfully exploited this\n vulnerability could obtain information to further\n compromise the users system. (CVE-2019-1374)\n\n - A local elevation of privilege vulnerability exists in\n how splwow64.exe handles certain calls. An attacker who\n successfully exploited the vulnerability could elevate\n privileges on an affected system from low-integrity to\n medium-integrity. This vulnerability by itself does not\n allow arbitrary code execution; however, it could allow\n arbitrary code to be run if the attacker uses it in\n combination with another vulnerability (such as a remote\n code execution vulnerability or another elevation of\n privilege vulnerability) that is capable of leveraging\n the elevated privileges when code execution is\n attempted. The security update addresses the\n vulnerability by ensuring splwow64.exe properly handles\n these calls.. (CVE-2019-1380)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1436, CVE-2019-1440)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1429)\n\n - A remote code execution vulnerability exists when\n Windows Media Foundation improperly parses specially\n crafted QuickTime media files. An attacker who\n successfully exploited this vulnerability could gain the\n same user rights as the local user. Users whose accounts\n are configured to have fewer user rights on the system\n could be less impacted than users who operate with\n administrative user rights. (CVE-2019-1430)\n\n - A security feature bypass vulnerability exists where a\n NETLOGON message is able to obtain the session key and\n sign messages. (CVE-2019-1384)\n\n - An elevation of privilege vulnerability exists when the\n Windows User Profile Service (ProfSvc) improperly\n handles symlinks. An attacker who successfully exploited\n this vulnerability could delete files and folders in an\n elevated context. (CVE-2019-1454)\n\n - An information vulnerability exists when Windows Modules\n Installer Service improperly discloses file information.\n Successful exploitation of the vulnerability could allow\n the attacker to read the contents of a log file on disk.\n (CVE-2019-1418)\n\n - An elevation of privilege vulnerability exists in the\n Windows Certificate Dialog when it does not properly\n enforce user privileges. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1388)\n\n - An information disclosure vulnerability exists when the\n Windows TCP/IP stack improperly handles IPv6 flowlabel\n filled in packets. An attacker who successfully\n exploited this vulnerability could obtain information to\n further compromise the users system. (CVE-2019-1324)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-12207,\n CVE-2019-1391)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1393, CVE-2019-1394,\n CVE-2019-1395, CVE-2019-1396, CVE-2019-1408)\n\n - An elevation of privilege vulnerability exists in\n Windows Installer because of the way Windows Installer\n handles certain filesystem operations. (CVE-2019-1415)\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-1397, CVE-2019-1398)\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V Network Switch on a host server fails to\n properly validate input from an authenticated user on a\n guest operating system. (CVE-2019-0719, CVE-2019-0721)\n\n - An information disclosure vulnerability exists when\n DirectWrite improperly discloses the contents of its\n memory. An attacker who successfully exploited the\n vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how DirectWrite handles objects in memory.\n (CVE-2019-1411)\n\n - An information disclosure vulnerability exists when the\n Windows Servicing Stack allows access to unprivileged\n file locations. An attacker who successfully exploited\n the vulnerability could potentially access unauthorized\n files. (CVE-2019-1381)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1390)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1439)\n\n - A remote code execution vulnerability exists when the\n Windows Jet Database Engine improperly handles objects\n in memory. An attacker who successfully exploited this\n vulnerability could execute arbitrary code on a victim\n system. An attacker could exploit this vulnerability by\n enticing a victim to open a specially crafted file. The\n update addresses the vulnerability by correcting the way\n the Windows Jet Database Engine handles objects in\n memory. (CVE-2019-1406)\n\n - An elevation of privilege vulnerability exists when the\n Windows Universal Plug and Play (UPnP) service\n improperly allows COM object creation. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code with elevated system privileges. An\n attacker could then install programs; view, change, or\n delete data; or create new accounts with full user\n rights. (CVE-2019-1405)\n\n - An elevation of privilege vulnerability exists in the\n way that the StartTileData.dll handles file creation in\n protected locations. An attacker who successfully\n exploited the vulnerability could execute code with\n elevated permissions. (CVE-2019-1423)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V Network Switch on a host server fails to\n properly validate input from a privileged user on a\n guest operating system. An attacker who successfully\n exploited the vulnerability could cause the host server\n to crash. (CVE-2019-0712, CVE-2019-1309, CVE-2019-1310)\n\n - A remote code execution vulnerability exists in\n Microsoft Windows when the Windows Adobe Type Manager\n Library improperly handles specially crafted OpenType\n fonts. For all systems except Windows 10, an attacker\n who successfully exploited the vulnerability could\n execute code remotely. For systems running Windows 10,\n an attacker who successfully exploited the vulnerability\n could execute code in an AppContainer sandbox context\n with limited privileges and capabilities. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n There are multiple ways an attacker could exploit the\n vulnerability, such as by either convincing a user to\n open a specially crafted document, or by convincing a\n user to visit a webpage that contains specially crafted\n embedded OpenType fonts. The update addresses the\n vulnerability by correcting how the Windows Adobe Type\n Manager Library handles OpenType fonts. (CVE-2019-1419,\n CVE-2019-1456)\n\n - A denial of service vulnerability exists when Microsoft\n Hyper-V on a host server fails to properly validate\n input from a privileged user on a guest operating\n system. (CVE-2019-1399)\n\n - An elevation of privilege vulnerability exists when the\n Windows Data Sharing Service improperly handles file\n operations. An attacker who successfully exploited this\n vulnerability could run processes in an elevated\n context. An attacker could exploit this vulnerability by\n running a specially crafted application on the victim\n system. The update addresses the vulnerability by\n correcting the way the Windows Data Sharing Service\n handles file operations. (CVE-2019-1417)\n\n - An elevation of privilege vulnerability exists when\n ActiveX Installer service may allow access to files\n without proper authentication. An attacker who\n successfully exploited the vulnerability could\n potentially access unauthorized files. (CVE-2019-1382)\n\n - An information disclosure vulnerability exists when the\n Windows Remote Procedure Call (RPC) runtime improperly\n initializes objects in memory. An attacker who\n successfully exploited this vulnerability could obtain\n information to further compromise the users system.\n (CVE-2019-1409)\n\n - An elevation of privilege vulnerability exists when the\n Windows Graphics Component improperly handles objects in\n memory. An attacker who successfully exploited this\n vulnerability could run processes in an elevated\n context. (CVE-2019-1433, CVE-2019-1435, CVE-2019-1437,\n CVE-2019-1438)\n\n - An elevation of privilege vulnerability exists in the\n way that the dssvc.dll handles file creation allowing\n for a file overwrite or creation in a secured location.\n An attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2019-1420)\n\n - An elevation of privilege vulnerability exists due to a\n race condition in Windows Subsystem for Linux. An\n attacker who successfully exploited the vulnerability\n could execute code with elevated permissions.\n (CVE-2019-1416)\n\n - An elevation of privilege vulnerability exists in the\n way that the iphlpsvc.dll handles file creation allowing\n for a file overwrite. An attacker who successfully\n exploited the vulnerability could execute code with\n elevated permissions. (CVE-2019-1422)\n\n - An elevation of privilege vulnerability exists when the\n Windows AppX Deployment Extensions improperly performs\n privilege management, resulting in access to system\n files. (CVE-2019-1385)\");\n # https://support.microsoft.com/en-us/help/4524570/windows-10-update-kb4524570\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?864f0755\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4524570.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1430\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1384\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft UPnP Local Privilege Elevation Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-11\";\nkbs = make_list('4524570');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"18362\",\n rollup_date:\"11_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4524570])\n ||\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"18363\",\n rollup_date:\"11_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4524570])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-13T15:01:58", "description": "The Internet Explorer installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1390)\n\n - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\n (CVE-2019-1429)", "cvss3": {}, "published": "2019-11-12T00:00:00", "type": "nessus", "title": "Security Updates for Internet Explorer (November 2019)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1390", "CVE-2019-1429"], "modified": "2021-11-30T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_NOV_INTERNET_EXPLORER.NASL", "href": "https://www.tenable.com/plugins/nessus/130912", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130912);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/30\");\n\n script_cve_id(\"CVE-2019-1390\", \"CVE-2019-1429\");\n script_xref(name:\"MSKB\", value:\"4525243\");\n script_xref(name:\"MSKB\", value:\"4525234\");\n script_xref(name:\"MSKB\", value:\"4525106\");\n script_xref(name:\"MSKB\", value:\"4525235\");\n script_xref(name:\"MSKB\", value:\"4525246\");\n script_xref(name:\"MSFT\", value:\"MS19-4525243\");\n script_xref(name:\"MSFT\", value:\"MS19-4525234\");\n script_xref(name:\"MSFT\", value:\"MS19-4525106\");\n script_xref(name:\"MSFT\", value:\"MS19-4525235\");\n script_xref(name:\"MSFT\", value:\"MS19-4525246\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n\n script_name(english:\"Security Updates for Internet Explorer (November 2019)\");\n script_summary(english:\"Checks for Microsoft security updates.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Internet Explorer installation on the remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Internet Explorer installation on the remote host is\nmissing security updates. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1390)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2019-1429)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/4525243/windows-8-1-kb4525243\");\n # https://support.microsoft.com/en-us/help/4525234/windows-server-2008-update-kb4525234\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f741cc55\");\n # https://support.microsoft.com/en-us/help/4525106/cumulative-security-update-for-internet-explorer\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d314c950\");\n # https://support.microsoft.com/en-us/help/4525235/windows-7-update-kb4525235\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f8b9842b\");\n # https://support.microsoft.com/en-us/help/4525246/windows-server-2012-update-kb4525246\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ad214b5b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released the following security updates to address this issue: \n -KB4525243\n -KB4525234\n -KB4525106\n -KB4525235\n -KB4525246\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1429\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS19-11';\nkbs = make_list(\n '4525106',\n '4525234',\n '4525235',\n '4525243',\n '4525246'\n);\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nos = get_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2', win7:'1', win8:'0', win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname && \"8.1\" >!< productname)\n audit(AUDIT_OS_SP_NOT_VULN);\nif (\"Vista\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nif (hotfix_check_server_core() == 1) audit(AUDIT_WIN_SERVER_CORE);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n # Windows 8.1 / Windows Server 2012 R2\n # Internet Explorer 11\n hotfix_is_vulnerable(os:\"6.3\", sp:0, file:\"mshtml.dll\", version:\"11.0.9600.19540\", min_version:\"11.0.9600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"4525106\") ||\n\n # Windows Server 2012\n # Internet Explorer 10\n hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"mshtml.dll\", version:\"10.0.9200.22906\", min_version:\"10.0.9200.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"4525106\") ||\n # Internet Explorer 11\n hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"mshtml.dll\", version:\"11.0.9600.19540\", min_version:\"11.0.9600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"4525106\") ||\n \n # Windows 7 / Server 2008 R2\n # Internet Explorer 11\n hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"mshtml.dll\", version:\"11.0.9600.19540\", min_version:\"11.0.9600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"4525106\") ||\n\n # Windows Server 2008\n # Internet Explorer 9\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"mshtml.dll\", version:\"9.0.8112.21385\", min_version:\"9.0.8112.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"4525106\")\n)\n{\n report = '\\nNote: The fix for this issue is available in either of the following updates:\\n';\n report += ' - KB4525106 : Cumulative Security Update for Internet Explorer\\n';\n if(os == \"6.3\")\n {\n report += ' - KB4525243 : Windows 8.1 / Server 2012 R2 Monthly Rollup\\n';\n hotfix_add_report(bulletin:'MS19-11', kb:'4525243', report);\n }\n else if(os == \"6.2\")\n {\n report += ' - KB4525246 : Windows Server 2012 Monthly Rollup\\n';\n hotfix_add_report(bulletin:'MS19-11', kb:'4525246', report);\n }\n else if(os == \"6.1\")\n {\n report += ' - KB4525235 : Windows 7 / Server 2008 R2 Monthly Rollup\\n';\n hotfix_add_report(bulletin:'MS19-11', kb:'4525235', report);\n }\n else if(os == \"6.0\")\n {\n report += ' - KB4525234 : Windows Server 2008 Monthly Rollup\\n';\n hotfix_add_report(bulletin:'MS19-11', kb:'4525234', report);\n }\n set_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-12T19:55:29", "description": "The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2020:0279 advisory.\n\n - TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. (CVE-2019-11135)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-11-07T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : virt:rhel (RLSA-2020:0279)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11135"], "modified": "2023-11-07T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:libiscsi", "p-cpe:/a:rocky:linux:libiscsi-debuginfo", "p-cpe:/a:rocky:linux:libiscsi-debugsource", "p-cpe:/a:rocky:linux:libiscsi-devel", "p-cpe:/a:rocky:linux:libiscsi-utils", "p-cpe:/a:rocky:linux:libiscsi-utils-debuginfo", "p-cpe:/a:rocky:linux:netcf", "p-cpe:/a:rocky:linux:netcf-debuginfo", "p-cpe:/a:rocky:linux:netcf-debugsource", "p-cpe:/a:rocky:linux:netcf-devel", "p-cpe:/a:rocky:linux:netcf-libs", "p-cpe:/a:rocky:linux:netcf-libs-debuginfo", "p-cpe:/a:rocky:linux:sgabios", "p-cpe:/a:rocky:linux:sgabios-bin", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2020-0279.NASL", "href": "https://www.tenable.com/plugins/nessus/184904", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2020:0279.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(184904);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/07\");\n\n script_cve_id(\"CVE-2019-11135\");\n script_xref(name:\"RLSA\", value:\"2020:0279\");\n\n script_name(english:\"Rocky Linux 8 : virt:rhel (RLSA-2020:0279)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nRLSA-2020:0279 advisory.\n\n - TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated\n user to potentially enable information disclosure via a side channel with local access. (CVE-2019-11135)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2020:0279\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1753062\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11135\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/11/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libiscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libiscsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libiscsi-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libiscsi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libiscsi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libiscsi-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:netcf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:netcf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:netcf-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:netcf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:netcf-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:netcf-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:sgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RockyLinux/release');\nif (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar pkgs = [\n {'reference':'libiscsi-1.18.0-8.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.6.0+847+b490afdd', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.6.0+847+b490afdd', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.6.0+847+b490afdd', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.7.0+1084+97b81f61', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.7.0+1084+97b81f61', 'cpu':'i686', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.7.0+1084+97b81f61', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-debuginfo-1.18.0-8.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-debuginfo-1.18.0-8.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-debuginfo-1.18.0-8.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-debuginfo-1.18.0-8.module+el8.6.0+847+b490afdd', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-debuginfo-1.18.0-8.module+el8.6.0+847+b490afdd', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-debuginfo-1.18.0-8.module+el8.6.0+847+b490afdd', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-debuginfo-1.18.0-8.module+el8.7.0+1084+97b81f61', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-debuginfo-1.18.0-8.module+el8.7.0+1084+97b81f61', 'cpu':'i686', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-debuginfo-1.18.0-8.module+el8.7.0+1084+97b81f61', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-debugsource-1.18.0-8.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-debugsource-1.18.0-8.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-debugsource-1.18.0-8.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-debugsource-1.18.0-8.module+el8.6.0+847+b490afdd', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-debugsource-1.18.0-8.module+el8.6.0+847+b490afdd', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-debugsource-1.18.0-8.module+el8.6.0+847+b490afdd', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-debugsource-1.18.0-8.module+el8.7.0+1084+97b81f61', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-debugsource-1.18.0-8.module+el8.7.0+1084+97b81f61', 'cpu':'i686', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-debugsource-1.18.0-8.module+el8.7.0+1084+97b81f61', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.6.0+847+b490afdd', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.6.0+847+b490afdd', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.6.0+847+b490afdd', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.7.0+1084+97b81f61', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.7.0+1084+97b81f61', 'cpu':'i686', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.7.0+1084+97b81f61', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.6.0+847+b490afdd', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.6.0+847+b490afdd', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.6.0+847+b490afdd', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.7.0+1084+97b81f61', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.7.0+1084+97b81f61', 'cpu':'i686', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.7.0+1084+97b81f61', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-debuginfo-1.18.0-8.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-debuginfo-1.18.0-8.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-debuginfo-1.18.0-8.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-debuginfo-1.18.0-8.module+el8.6.0+847+b490afdd', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-debuginfo-1.18.0-8.module+el8.6.0+847+b490afdd', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-debuginfo-1.18.0-8.module+el8.6.0+847+b490afdd', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-debuginfo-1.18.0-8.module+el8.7.0+1084+97b81f61', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-debuginfo-1.18.0-8.module+el8.7.0+1084+97b81f61', 'cpu':'i686', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-debuginfo-1.18.0-8.module+el8.7.0+1084+97b81f61', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.6.0+847+b490afdd', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.6.0+847+b490afdd', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.6.0+847+b490afdd', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.7.0+1084+97b81f61', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.7.0+1084+97b81f61', 'cpu':'i686', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.7.0+1084+97b81f61', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-debuginfo-0.2.8-12.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-debuginfo-0.2.8-12.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-debuginfo-0.2.8-12.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-debuginfo-0.2.8-12.module+el8.6.0+847+b490afdd', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-debuginfo-0.2.8-12.module+el8.6.0+847+b490afdd', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-debuginfo-0.2.8-12.module+el8.6.0+847+b490afdd', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-debuginfo-0.2.8-12.module+el8.7.0+1084+97b81f61', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-debuginfo-0.2.8-12.module+el8.7.0+1084+97b81f61', 'cpu':'i686', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-debuginfo-0.2.8-12.module+el8.7.0+1084+97b81f61', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-debugsource-0.2.8-12.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-debugsource-0.2.8-12.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-debugsource-0.2.8-12.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-debugsource-0.2.8-12.module+el8.6.0+847+b490afdd', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-debugsource-0.2.8-12.module+el8.6.0+847+b490afdd', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-debugsource-0.2.8-12.module+el8.6.0+847+b490afdd', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-debugsource-0.2.8-12.module+el8.7.0+1084+97b81f61', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-debugsource-0.2.8-12.module+el8.7.0+1084+97b81f61', 'cpu':'i686', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-debugsource-0.2.8-12.module+el8.7.0+1084+97b81f61', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.6.0+847+b490afdd', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.6.0+847+b490afdd', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.6.0+847+b490afdd', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.7.0+1084+97b81f61', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.7.0+1084+97b81f61', 'cpu':'i686', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.7.0+1084+97b81f61', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.6.0+847+b490afdd', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.6.0+847+b490afdd', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.6.0+847+b490afdd', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.7.0+1084+97b81f61', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.7.0+1084+97b81f61', 'cpu':'i686', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.7.0+1084+97b81f61', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-debuginfo-0.2.8-12.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-debuginfo-0.2.8-12.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-debuginfo-0.2.8-12.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-debuginfo-0.2.8-12.module+el8.6.0+847+b490afdd', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-debuginfo-0.2.8-12.module+el8.6.0+847+b490afdd', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-debuginfo-0.2.8-12.module+el8.6.0+847+b490afdd', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-debuginfo-0.2.8-12.module+el8.7.0+1084+97b81f61', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-debuginfo-0.2.8-12.module+el8.7.0+1084+97b81f61', 'cpu':'i686', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-debuginfo-0.2.8-12.module+el8.7.0+1084+97b81f61', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-0.20170427git-3.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-0.20170427git-3.module+el8.6.0+847+b490afdd', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-0.20170427git-3.module+el8.6.0+847+b490afdd', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-0.20170427git-3.module+el8.7.0+1084+97b81f61', 'cpu':'i686', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-0.20170427git-3.module+el8.7.0+1084+97b81f61', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-bin-0.20170427git-3.module+el8.4.0+534+4680a14e', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-bin-0.20170427git-3.module+el8.6.0+847+b490afdd', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-bin-0.20170427git-3.module+el8.7.0+1084+97b81f61', 'release':'8', 'el_string':'el8.7.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libiscsi / libiscsi-debuginfo / libiscsi-debugsource / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:07", "description": "An update of the linux package has been released.", "cvss3": {}, "published": "2019-12-31T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Linux PHSA-2019-1.0-0259", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11135"], "modified": "2020-01-02T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:linux", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2019-1_0-0259_LINUX.NASL", "href": "https://www.tenable.com/plugins/nessus/132520", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0259. The text\n# itself is copyright (C) VMware, Inc.\n\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132520);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2019-11135\");\n\n script_name(english:\"Photon OS 1.0: Linux PHSA-2019-1.0-0259\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the linux package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-259.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11135\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-4.4.202-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-api-headers-4.4.202-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-debuginfo-4.4.202-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-dev-4.4.202-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-docs-4.4.202-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-drivers-gpu-4.4.202-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-esx-4.4.202-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-esx-debuginfo-4.4.202-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-esx-devel-4.4.202-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-esx-docs-4.4.202-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-oprofile-4.4.202-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-sound-4.4.202-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-tools-4.4.202-1.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "mskb": [{"lastseen": "2023-11-28T09:44:24", "description": "None\n**IMPORTANT** Customers who have [purchased](<https://www.microsoft.com/en-us/cloud-platform/extended-security-updates>) the Extended Security Update (ESU) for on-premises versions of some operating systems must follow specific procedures to continue receiving security updates after extended support ends on January 14, 2020. For more information, see KB4522133\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Provides protections against the Intel\u00ae Transactional Synchronization Extensions (Intel\u00ae TSX) Transaction Asynchronous Abort vulnerability ([CVE-2019-11135](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-11135>)). Use the registry settings as described in the Windows Server article_. _(These registry settings are disabled by default for Windows Server OS editions.)\n * Security updates to Microsoft Graphics Component, Windows Input and Composition, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.\nFor more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\nMicrosoft is not currently aware of any issues with this update.\n\n## How to get this update\n\n**Before installing this update****Prerequisite:**You must install the updates listed below and **_restart your device_** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The April 9, 2019 servicing stack update (SSU) (KB4493730). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\n 2. The latest SHA-2 update (KB4474419) released October 8, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. For more information on SHA-2 updates, see 2019 SHA-2 Code Signing Support requirement for Windows and WSUS.\nAfter installing the items above, Microsoft strongly recommends that you install the _latest _SSU (KB4526478). If you are using Windows Update, the latest SSU will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4525239>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2008 Service Pack 2**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for update 4525239](<https://download.microsoft.com/download/d/7/3/d7390e9b-859d-4efe-b29e-25016a826fec/4525239.csv>). \n", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2020-01-14T00:00:00", "type": "mskb", "title": "November 12, 2019\u2014KB4525239 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0712", "CVE-2019-0719", "CVE-2019-11135", "CVE-2019-1384", "CVE-2019-1388", "CVE-2019-1389", "CVE-2019-1391", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1399", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1407", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1412", "CVE-2019-1415", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1424", "CVE-2019-1432", "CVE-2019-1433", "CVE-2019-1434", "CVE-2019-1435", "CVE-2019-1439", "CVE-2019-1441", "CVE-2019-1456"], "modified": "2020-01-14T00:00:00", "id": "KB4525239", "href": "https://support.microsoft.com/en-us/help/4525239", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-28T09:44:13", "description": "None\n**IMPORTANT **Verify that you have installed the required updates listed in the **How to get this update** section _before_ installing this update. \n\n**IMPORTANT** Customers who have [purchased](<https://www.microsoft.com/en-us/cloud-platform/extended-security-updates>) the Extended Security Update (ESU) for on-premises versions of some operating systems must follow specific procedures to continue receiving security updates after extended support ends on January 14, 2020. For more information, see KB4522133.\n\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of update KB4519972(released October 15, 2019) and addresses the following issues:\n\n * Addresses an issue that prevents a 16-bit Visual Basic 3 (VB3) application or other VB3 applications from running.\n * Provides protections against the Intel\u00ae Processor Machine Check Error vulnerability (_[CVE-2018-12207](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-12207>)_). Use the registry setting as described in the Guidance KB article_. _(This registry setting is disabled by default.)\n * Provides protections against the Intel\u00ae Transactional Synchronization Extensions (Intel\u00ae TSX) Transaction Asynchronous Abort vulnerability ([CVE-2019-11135](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-11135>)). Use the registry settings as described in the Windows Client and Windows Server articles_. _(These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.)\n * Addresses an issue with temporary user profiles in an environment in which user profile disks (UPD) are deployed and cached roaming profiles are not deleted when the \"Delete cached copies of roaming profiles\" policy is enabled.\n * Security updates to Microsoft Scripting Engine, Windows Input and Composition, Microsoft Graphics Component, Windows Cryptography, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.\nFor more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\nMicrosoft is not currently aware of any issues with this update.\n\n## How to get this update\n\n**Before installing this update****Prerequisite:**You must install the updates listed below and **_restart your device_** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The March 12, 2019 servicing stack update (SSU) (KB4490628). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\n 2. The latest SHA-2 update (KB4474419) released September 10, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. For more information on SHA-2 updates, see 2019 SHA-2 Code Signing Support requirement for Windows and WSUS.\nAfter installing the items above, Microsoft strongly recommends that you install the _latest _SSU (KB4523206). If you are using Windows Update, the latest SSU will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4525235>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Embedded Standard 7 Service Pack 1, Windows Embedded POSReady 7, Windows Thin PC**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for update 4525235](<https://download.microsoft.com/download/4/1/1/41105ea7-e39c-4954-a715-17990cb6b679/4525235.csv>). \n", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2020-01-14T00:00:00", "type": "mskb", "title": "November 12, 2019\u2014KB4525235 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12207", "CVE-2019-0712", "CVE-2019-0719", "CVE-2019-11135", "CVE-2019-1382", "CVE-2019-1384", "CVE-2019-1388", "CVE-2019-1389", "CVE-2019-1390", "CVE-2019-1391", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1399", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1407", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1412", "CVE-2019-1415", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1422", "CVE-2019-1424", "CVE-2019-1429", "CVE-2019-1432", "CVE-2019-1433", "CVE-2019-1434", "CVE-2019-1435", "CVE-2019-1438", "CVE-2019-1439", "CVE-2019-1441", "CVE-2019-1456"], "modified": "2020-01-14T00:00:00", "id": "KB4525235", "href": "https://support.microsoft.com/en-us/help/4525235", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-28T09:44:25", "description": "None\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Provides protections against the Intel\u00ae Processor Machine Check Error vulnerability (_[CVE-2018-12207](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-12207>)_). Use the registry setting as described in the Guidance KB article_. _(This registry setting is disabled by default.)\n * Provides protections against the Intel\u00ae Transactional Synchronization Extensions (Intel\u00ae TSX) Transaction Asynchronous Abort vulnerability ([CVE-2019-11135](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-11135>)). Use the registry settings as described in the Windows Server article_. _(These registry settings are disabled by default for Windows Server OS editions.)\n * Security updates to the Microsoft Graphics Component, Windows Input and Composition, Windows Cryptography, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.\nFor more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. If you are using Windows Update, the latest SSU (KB4523208) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4525253>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2012, Windows Embedded 8 Standard**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for update 4525253](<https://download.microsoft.com/download/0/7/5/07517aec-5363-4786-9531-1d043a69ebd9/4525253.csv>). \n", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-11-12T00:00:00", "type": "mskb", "title": "November 12, 2019\u2014KB4525253 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12207", "CVE-2019-0712", "CVE-2019-0719", "CVE-2019-11135", "CVE-2019-1380", "CVE-2019-1381", "CVE-2019-1382", "CVE-2019-1384", "CVE-2019-1388", "CVE-2019-1389", "CVE-2019-1391", "CVE-2019-1392", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1399", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1407", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1412", "CVE-2019-1415", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1422", "CVE-2019-1424", "CVE-2019-1432", "CVE-2019-1433", "CVE-2019-1434", "CVE-2019-1435", "CVE-2019-1438", "CVE-2019-1439", "CVE-2019-1456"], "modified": "2019-11-12T00:00:00", "id": "KB4525253", "href": "https://support.microsoft.com/en-us/help/4525253", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-28T09:44:13", "description": "None\n**IMPORTANT **Verify that you have installed the required updates listed in the **How to get this update** section _before_ installing this update. \n\n**IMPORTANT** Customers who have [purchased](<https://www.microsoft.com/en-us/cloud-platform/extended-security-updates>) the Extended Security Update (ESU) for on-premises versions of some operating systems must follow specific procedures to continue receiving security updates after extended support ends on January 14, 2020. For more information, see KB4522133.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Provides protections against the Intel\u00ae Processor Machine Check Error vulnerability (_[CVE-2018-12207](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-12207>)_). Use the registry setting as described in the Guidance KB article_. _(This registry setting is disabled by default.)\n * Provides protections against the Intel\u00ae Transactional Synchronization Extensions (Intel\u00ae TSX) Transaction Asynchronous Abort vulnerability ([CVE-2019-11135](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-11135>)). Use the registry settings as described in the Windows Client and Windows Server articles_. _(These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.)\n * Security updates to Windows Input and Composition, Microsoft Graphics Component, Windows Cryptography, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.\nFor more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\nMicrosoft is not currently aware of any issues with this update.\n\n## How to get this update\n\n**Before installing this update****Prerequisite:**You must install the updates listed below and **_restart your device_** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The March 12, 2019 servicing stack update (SSU) (KB4490628). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\n 2. The latest SHA-2 update (KB4474419) released September 10, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. For more information on SHA-2 updates, see 2019 SHA-2 Code Signing Support requirement for Windows and WSUS.\nAfter installing the items above, Microsoft strongly recommends that you install the _latest _SSU (KB4523206). If you are using Windows Update, the latest SSU will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4525233>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Embedded Standard 7 Service Pack 1, Windows Embedded POSReady 7, Windows Thin PC**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for update 4525233](<https://download.microsoft.com/download/e/4/5/e4533a04-a42c-4e9e-beb4-5848a7c49b8c/4525233.csv>). \n", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2020-01-14T00:00:00", "type": "mskb", "title": "November 12, 2019\u2014KB4525233 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12207", "CVE-2019-0712", "CVE-2019-0719", "CVE-2019-11135", "CVE-2019-1382", "CVE-2019-1384", "CVE-2019-1388", "CVE-2019-1389", "CVE-2019-1391", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1399", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1407", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1412", "CVE-2019-1415", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1422", "CVE-2019-1424", "CVE-2019-1432", "CVE-2019-1433", "CVE-2019-1434", "CVE-2019-1435", "CVE-2019-1438", "CVE-2019-1439", "CVE-2019-1441", "CVE-2019-1456"], "modified": "2020-01-14T00:00:00", "id": "KB4525233", "href": "https://support.microsoft.com/en-us/help/4525233", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-28T09:44:25", "description": "None\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of update KB4520013(released October 15, 2019) and addresses the following issues:\n\n * Addresses an issue that prevents a 16-bit Visual Basic 3(VB3) application or other VB3 applications from running.\n * Addresses an issue with temporary user profiles in an environment in which user profile disks (UPD) are deployed and cached roaming profiles are not deleted when the \"Delete cached copies of roaming profiles\" policy is enabled.\n * Addresses an issue that causes only one Bluetooth Basic Rate device to function properly on some Bluetooth controllers after installing the August 13, 2019 update.\n * Addresses an issue that causes error 0x7E when you connect Bluetooth devices after installing the June 11, 2019 update.\n * Provides protections against the Intel\u00ae Processor Machine Check Error vulnerability (_[CVE-2018-12207](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-12207>)_). Use the registry setting as described in the Guidance KB article_. _(This registry setting is disabled by default.)\n * Provides protections against the Intel\u00ae Transactional Synchronization Extensions (Intel\u00ae TSX) Transaction Asynchronous Abort vulnerability ([CVE-2019-11135](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-11135>)). Use the registry settings as described in the Windows Server article_. _(These registry settings are disabled by default for Windows Server OS editions.)\n * Security updates to the Microsoft Scripting Engine, Internet Explorer, Microsoft Graphics Component, Windows Input and Composition, Windows Cryptography, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.\nFor more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. If you are using Windows Update, the latest SSU (KB4523208) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4525246>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2012, Windows Embedded 8 Standard**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for update 4525246](<https://download.microsoft.com/download/3/6/c/36c6ef09-8de3-45fa-a47d-40d1e5df138b/4525246.csv>). \n", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-11-12T00:00:00", "type": "mskb", "title": "November 12, 2019\u2014KB4525246 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12207", "CVE-2019-0712", "CVE-2019-0719", "CVE-2019-11135", "CVE-2019-1380", "CVE-2019-1381", "CVE-2019-1382", "CVE-2019-1384", "CVE-2019-1388", "CVE-2019-1389", "CVE-2019-1390", "CVE-2019-1391", "CVE-2019-1392", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1399", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1407", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1412", "CVE-2019-1415", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1422", "CVE-2019-1424", "CVE-2019-1429", "CVE-2019-1432", "CVE-2019-1433", "CVE-2019-1434", "CVE-2019-1435", "CVE-2019-1438", "CVE-2019-1439", "CVE-2019-1456"], "modified": "2019-11-12T00:00:00", "id": "KB4525246", "href": "https://support.microsoft.com/en-us/help/4525246", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-28T09:44:25", "description": "None\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Provides protections against the Intel\u00ae Processor Machine Check Error vulnerability (_[CVE-2018-12207](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-12207>)_). Use the registry setting as described in the Guidance KB article_. _(This registry setting is disabled by default.)\n * Provides protections against the Intel\u00ae Transactional Synchronization Extensions (Intel\u00ae TSX) Transaction Asynchronous Abort vulnerability ([CVE-2019-11135](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-11135>)). Use the registry settings as described in the Windows Client and Windows Server articles_. _(These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.)\n * Security updates to Microsoft Graphics Component, Windows Input and Composition, Windows Cryptography, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.\nFor more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. If you are using Windows Update, the latest SSU (KB4524445) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4525250>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 8.1, Windows Server 2012 R2, Windows Embedded 8.1 Industry Enterprise, Windows Embedded 8.1 Industry Pro**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for update 4525250](<https://download.microsoft.com/download/9/5/4/954b9122-e727-4bbc-be10-1ac1e3df4339/4525250.csv>). \n", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-11-12T00:00:00", "type": "mskb", "title": "November 12, 2019\u2014KB4525250 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12207", "CVE-2019-0712", "CVE-2019-0719", "CVE-2019-11135", "CVE-2019-1380", "CVE-2019-1381", "CVE-2019-1382", "CVE-2019-1384", "CVE-2019-1388", "CVE-2019-1389", "CVE-2019-1391", "CVE-2019-1392", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1399", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1407", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1412", "CVE-2019-1415", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1422", "CVE-2019-1424", "CVE-2019-1432", "CVE-2019-1433", "CVE-2019-1434", "CVE-2019-1435", "CVE-2019-1438", "CVE-2019-1439", "CVE-2019-1456"], "modified": "2019-11-12T00:00:00", "id": "KB4525250", "href": "https://support.microsoft.com/en-us/help/4525250", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-28T09:44:25", "description": "None\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of update KB4520012 (released October 15, 2019) and addresses the following issues:\n\n * Addresses an issue that prevents a 16-bit Visual Basic 3 (VB3) application or other VB3 applications from running.\n * Addresses an issue that causes only one Bluetooth Basic Rate device to function properly on some Bluetooth controllers after installing the August 13, 2019 update.\n * Addresses an issue that causes error 0x7E when you connect Bluetooth devices after installing the June 11, 2019 update.\n * Provides protections against the Intel\u00ae Processor Machine Check Error vulnerability (_[CVE-2018-12207](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-12207>)_). Use the registry setting as described in the Guidance KB article_. _(This registry setting is disabled by default.)\n * Provides protections against the Intel\u00ae Transactional Synchronization Extensions (Intel\u00ae TSX) Transaction Asynchronous Abort vulnerability ([CVE-2019-11135](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-11135>)). Use the registry settings as described in the Windows Client and Windows Server articles_. _(These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.)\n * Addresses an issue with temporary user profiles in an environment in which user profile disks (UPD) are deployed and cached roaming profiles are not deleted when the \"Delete cached copies of roaming profiles\" policy is enabled.\n * Security updates to Microsoft Scripting Engine, Internet Explorer, Microsoft Graphics Component, Windows Input and Composition, Windows Cryptography, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.\nFor more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. If you are using Windows Update, the latest SSU (KB4524445) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4525243>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 8.1, Windows Server 2012 R2, Windows Embedded 8.1 Industry Enterprise, Windows Embedded 8.1 Industry Pro**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for update 4525243](<https://download.microsoft.com/download/c/a/1/ca172e8a-19ab-4d81-bf6e-e4415438a772/4525243.csv>). \n", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-11-12T00:00:00", "type": "mskb", "title": "November 12, 2019\u2014KB4525243 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12207", "CVE-2019-0712", "CVE-2019-0719", "CVE-2019-11135", "CVE-2019-1380", "CVE-2019-1381", "CVE-2019-1382", "CVE-2019-1384", "CVE-2019-1388", "CVE-2019-1389", "CVE-2019-1390", "CVE-2019-1391", "CVE-2019-1392", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1399", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1407", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1412", "CVE-2019-1415", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1422", "CVE-2019-1424", "CVE-2019-1429", "CVE-2019-1432", "CVE-2019-1433", "CVE-2019-1434", "CVE-2019-1435", "CVE-2019-1438", "CVE-2019-1439", "CVE-2019-1456"], "modified": "2019-11-12T00:00:00", "id": "KB4525243", "href": "https://support.microsoft.com/en-us/help/4525243", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-28T09:44:13", "description": "None\nFor more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following article.\n\n## Highlights\n\n * Updates to improve security when using Internet Explorer.\n * Updates to improve security when using external devices (such as game controllers, printers, and web cameras) and input devices such as a mouse, keyboard, or stylus.\n * Updates to improve security when using Microsoft Office products.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Updates time zone information for Norfolk Island, Australia.\n * Updates time zone information for the Fiji Islands.\n * Provides protections against the Intel\u00ae Processor Machine Check Error vulnerability (_[CVE-2018-12207](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-12207>)_). Use the registry setting as described in the Guidance KB article_. _(This registry setting is disabled by default.)\n * Provides protections against the Intel\u00ae Transactional Synchronization Extensions (Intel\u00ae TSX) Transaction Asynchronous Abort vulnerability ([CVE-2019-11135](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-11135>)). Use the registry settings as described in the Windows Client article_. _(These registry settings are enabled by default for Windows Client OS editions.)\n * Security updates to the Microsoft Scripting Engine, Internet Explorer, Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Input and Composition, Windows Cryptography, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, Windows Peripherals, and the Microsoft JET Database Engine.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends that you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For more information, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date>).If you are using Windows Update, the latest SSU (KB4523200) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4525232>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4525232](<https://download.microsoft.com/download/c/3/e/c3e2495e-8576-43f3-b2fb-1f8a477d4d57/4525232.csv>).\n", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-11-12T00:00:00", "type": "mskb", "title": "November 12, 2019\u2014KB4525232 (OS Build 10240.18395)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12207", "CVE-2019-0712", "CVE-2019-0719", "CVE-2019-11135", "CVE-2019-1380", "CVE-2019-1381", "CVE-2019-1382", "CVE-2019-1383", "CVE-2019-1384", "CVE-2019-1388", "CVE-2019-1389", "CVE-2019-1390", "CVE-2019-1391", "CVE-2019-1392", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1407", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1415", "CVE-2019-1417", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1420", "CVE-2019-1422", "CVE-2019-1424", "CVE-2019-1426", "CVE-2019-1429", "CVE-2019-1433", "CVE-2019-1434", "CVE-2019-1435", "CVE-2019-1436", "CVE-2019-1438", "CVE-2019-1439", "CVE-2019-1456"], "modified": "2019-11-12T00:00:00", "id": "KB4525232", "href": "https://support.microsoft.com/en-us/help/4525232", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-28T09:44:14", "description": "None\n**Reminder** The additional servicing for Windows 10 Enterprise, Education, and IoT Enterprise editions ended on April 9, 2019 and doesn't extend beyond this date. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.\n\n**Reminder **March 12 and April 9 were the last two Delta updates for Windows 10, version 1607. For Long-Term Servicing Branch (LTSB) customers, security and quality updates will continue to be available via the express and full cumulative update packages. For more information on this change please visit our [blog](<https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-quality-updates-explained-amp-the-end-of-delta/ba-p/214426>).\n\n_Windows 10, version 1607, reached end of service on April 10, 2018. Devices running Windows 10 Home or Pro editions will no longer receive monthly security and quality updates that contain protection from the latest security threats. __To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10._**IMPORTANT**Windows 10 Enterprise and Windows 10 Education editions will receive additional servicing at no cost until April 9, 2019. Devices on the Long-Term Servicing Channels (LTSC) will continue to receive updates until October 2026 per the [Lifecycle Policy page](<https://support.microsoft.com/lifecycle/search?alpha=Windows%2010>). Windows 10 Anniversary Update (v. 1607) devices running the Intel \u201cClovertrail\u201d chipset will continue to receive updates until January 2023 per the [Microsoft Community blog](<https://answers.microsoft.com/windows/forum/windows_10-windows_install/intel-clover-trail-processors-are-not-supported-on/ed1823d3-c82c-4d7f-ba9d-43ecbcf526e9?auth=1>).\n\n_Windows Server 2016 Standard edition, Nano Server installation option and Windows Server 2016 Datacenter edition, Nano Server installation option __reached end of service on October 9, 2018_._ These editions will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10._\n\n_Windows 10 Mobile, version 1607, reached end of service on October 8, 2018. Devices running Windows 10 Mobile and Windows 10 Mobile Enterprise will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10._\n\nFor more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following article.\n\n## Highlights\n\n * Updates to improve security when using Internet Explorer and Microsoft Edge.\n * Updates to improve security when using external devices (such as game controllers, printers, and web cameras) and input devices such as a mouse, keyboard, or stylus.\n * Updates to improve security when using Microsoft Office products.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses an issue that causes events that are based on Windows Defender Application Control Code Integrity to be unreadable.\n * Provides protections against the Intel\u00ae Processor Machine Check Error vulnerability (_[CVE-2018-12207](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-12207>)_). Use the registry setting as described in the Guidance KB article_. _(This registry setting is disabled by default.)\n * Provides protections against the Intel\u00ae Transactional Synchronization Extensions (Intel\u00ae TSX) Transaction Asynchronous Abort vulnerability ([CVE-2019-11135](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-11135>)). Use the registry settings as described in the Windows Client and Windows Server articles_. _(These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.)\n * Security updates to Microsoft Scripting Engine, Internet Explorer, Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Input and Composition, Microsoft Edge, Windows Fundamentals, Windows Cryptography, Windows Virtualization, Windows Kernel, Windows Datacenter Networking, Windows Peripherals, and the Microsoft JET Database Engine .\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing KB4467684, the cluster service may fail to start with the error \u201c2245 (NERR_PasswordTooShort)\u201d if the group policy \u201cMinimum Password Length\u201d is configured with greater than 14 characters.| Set the domain default \"Minimum Password Length\" policy to less than or equal to 14 characters.Microsoft is working on a resolution and will provide an update in an upcoming release. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For more information, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date>).If you are using Windows Update, the latest SSU (KB4520724) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4525236>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4525236](<https://download.microsoft.com/download/c/8/1/c81c226f-8185-4741-affc-5e56616f23db/4525236.csv>). \n", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-11-12T00:00:00", "type": "mskb", "title": "November 12, 2019\u2014KB4525236 (OS Build 14393.3326)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12207", "CVE-2019-0712", "CVE-2019-0719", "CVE-2019-11135", "CVE-2019-1374", "CVE-2019-1380", "CVE-2019-1381", "CVE-2019-1382", "CVE-2019-1383", "CVE-2019-1384", "CVE-2019-1388", "CVE-2019-1389", "CVE-2019-1390", "CVE-2019-1391", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1399", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1407", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1413", "CVE-2019-1415", "CVE-2019-1417", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1420", "CVE-2019-1422", "CVE-2019-1424", "CVE-2019-1426", "CVE-2019-1428", "CVE-2019-1429", "CVE-2019-1433", "CVE-2019-1435", "CVE-2019-1436", "CVE-2019-1438", "CVE-2019-1439", "CVE-2019-1456"], "modified": "2019-11-12T00:00:00", "id": "KB4525236", "href": "https://support.microsoft.com/en-us/help/4525236", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-28T09:44:19", "description": "None\nWindows 10, version 1803 (the April 2018 Update) Home and Pro editions have reached end of service. For Windows 10 devices that are at, or within several months of reaching end of service, Windows Update will automatically initiate a feature update (with users having the ability to choose a convenient time). This keeps those devices supported and receiving the monthly updates that are critical to device security and ecosystem health.\n\n## Highlights\n\n * Updates to improve security when using Internet Explorer and Microsoft Edge.\n * Updates to improve security when using external devices (such as game controllers, printers, and web cameras) and input devices such as a mouse, keyboard, or stylus.\n * Updates to improve security when using Microsoft Office products.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses an issue that causes events that are based on Windows Defender Application Control Code Integrity to be unreadable.\n * Provides protections against the Intel\u00ae Processor Machine Check Error vulnerability (_[CVE-2018-12207](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-12207>)_). Use the registry setting as described in the Guidance KB article_. _(This registry setting is disabled by default.)\n * Provides protections against the Intel\u00ae Transactional Synchronization Extensions (Intel\u00ae TSX) Transaction Asynchronous Abort vulnerability ([CVE-2019-11135](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-11135>)). Use the registry settings as described in the Windows Client and Windows Server articles_. _(These registry settings are enabled by default for Windows Client OS editions, but disabled by default for Windows Server OS editions.)\n * Security updates to Microsoft Scripting Engine, Internet Explorer, Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Input and Composition, Microsoft Edge, Windows Cryptography, Windows Virtualization, Windows Linux, Windows Kernel, Windows Datacenter Networking, Windows Peripherals, and the Microsoft JET Database Engine.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nWhen setting up a new Windows device during the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.**Note** This issue does not affect using a Microsoft Account during OOBE.| This issue is resolved in KB4534308. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For more information, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date>).If you are using Windows Update, the latest SSU (KB4523203) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4525237>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4525237](<https://download.microsoft.com/download/3/f/c/3fcbdce6-5d2a-4815-9b83-a0ceedb3a4e4/4525237.csv>). \n", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-11-12T00:00:00", "type": "mskb", "title": "November 12, 2019\u2014KB4525237 (OS Build 17134.1130)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12207", "CVE-2019-0712", "CVE-2019-0719", "CVE-2019-0721", "CVE-2019-11135", "CVE-2019-1309", "CVE-2019-1310", "CVE-2019-1324", "CVE-2019-1374", "CVE-2019-1380", "CVE-2019-1381", "CVE-2019-1382", "CVE-2019-1383", "CVE-2019-1384", "CVE-2019-1385", "CVE-2019-1388", "CVE-2019-1389", "CVE-2019-1390", "CVE-2019-1391", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1398", "CVE-2019-1399", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1407", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1413", "CVE-2019-1415", "CVE-2019-1416", "CVE-2019-1417", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1420", "CVE-2019-1422", "CVE-2019-1424", "CVE-2019-1426", "CVE-2019-1428", "CVE-2019-1429", "CVE-2019-1433", "CVE-2019-1435", "CVE-2019-1436", "CVE-2019-1438", "CVE-2019-1439", "CVE-2019-1440", "CVE-2019-1456"], "modified": "2019-11-12T00:00:00", "id": "KB4525237", "href": "https://support.microsoft.com/en-us/help/4525237", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-28T09:44:24", "description": "None\n**Reminder **March 12 and April 9 were the last two Delta updates for Windows 10, version 1709. Security and quality updates will continue to be available via the express and full cumulative update packages. For more information on this change please visit our [blog](<https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-quality-updates-explained-amp-the-end-of-delta/ba-p/214426>).\n\n**Reminder** Windows 10, version 1709, reached end of service on April 9, 2019 for devices running Windows 10 Home, Pro, Pro for Workstation, and IoT Core editions. These devices will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.\n\n**IMPORTANT **Windows 10 Enterprise, Education, and IoT Enterprise editions will continue to receive servicing at no cost per the lifecycle announcement on October 2018.\n\n**ePub support ended in Microsoft Edge**Microsoft Edge has ended support for e-books that use the .epub file extension. For more information, see [Download an ePub app to keep reading e-books](<https://support.microsoft.com/help/4517840>).\n\nFor more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following article.\n\n## Highlights\n\n * Updates to improve security when using Internet Explorer and Microsoft Edge.\n * Updates to improve security when using external devices (such as game controllers, printers, and web cameras) and input devices such as a mouse, keyboard, or stylus.\n * Updates to improve security when using Microsoft Office products.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses an issue that causes events that are based on Windows Defender Application Control Code Integrity to be unreadable.\n * Provides protections against the Intel\u00ae Processor Machine Check Error vulnerability (_[CVE-2018-12207](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-12207>)_). Use the registry setting as described in the Guidance KB article_. _(This registry setting is disabled by default.)\n * Provides protections against the Intel\u00ae Transactional Synchronization Extensions (Intel\u00ae TSX) Transaction Asynchronous Abort vulnerability ([CVE-2019-11135](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-11135>)). Use the registry settings as described in the Windows Client article_. _(These registry settings are enabled by default for Windows Client OS editions.)\n * Security updates to Microsoft Scripting Engine, Internet Explorer, Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Input and Composition, Microsoft Edge, Windows Fundamentals, Windows Cryptography, Windows Virtualization, Windows Linux, Windows Kernel, Windows Datacenter Networking, Windows Peripherals, and the Microsoft JET Database Engine.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nWhen setting up a new Windows device during the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.**Note** This issue does not affect using a Microsoft Account during OOBE.| This issue is resolved in KB4534318. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For more information, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date>).If you are using Windows Update, the latest SSU (KB4523202) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4525241>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4525241](<https://download.microsoft.com/download/8/7/4/87476133-d252-4554-867a-ee9b8414d12b/4525241.csv>).\n", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-11-12T00:00:00", "type": "mskb", "title": "November 12, 2019\u2014KB4525241 (OS Build 16299.1508)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12207", "CVE-2019-0712", "CVE-2019-0719", "CVE-2019-0721", "CVE-2019-11135", "CVE-2019-1309", "CVE-2019-1324", "CVE-2019-1374", "CVE-2019-1380", "CVE-2019-1381", "CVE-2019-1382", "CVE-2019-1383", "CVE-2019-1384", "CVE-2019-1385", "CVE-2019-1388", "CVE-2019-1389", "CVE-2019-1390", "CVE-2019-1391", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1398", "CVE-2019-1399", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1407", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1413", "CVE-2019-1415", "CVE-2019-1416", "CVE-2019-1417", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1420", "CVE-2019-1422", "CVE-2019-1424", "CVE-2019-1426", "CVE-2019-1428", "CVE-2019-1429", "CVE-2019-1433", "CVE-2019-1435", "CVE-2019-1436", "CVE-2019-1438", "CVE-2019-1439", "CVE-2019-1440", "CVE-2019-1456"], "modified": "2019-11-12T00:00:00", "id": "KB4525241", "href": "https://support.microsoft.com/en-us/help/4525241", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-28T09:44:11", "description": "None\n**Note **This release also contains updates for Microsoft HoloLens (OS Build 17763.865) released November 12, 2019. Microsoft will release an update directly to the Windows Update Client to improve Windows Update reliability on Microsoft HoloLens that have not updated to this most recent OS Build.\n\nFor more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/en-us/help/824684/description-of-the-standard-terminology-that-is-used-to-describe-micro>).\n\n## Highlights\n\n * Updates to improve security when using Internet Explorer and Microsoft Edge.\n * Updates to improve security when using external devices (such as game controllers, printers, and web cameras) and input devices such as a mouse, keyboard, or stylus.\n * Updates to improve security when using Microsoft Office products.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses an issue that might cause the Microsoft Defender Advanced Threat Protection (ATP) service to stop running and stop sending reporting data.\n * Provides protections against the Intel\u00ae Processor Machine Check Error vulnerability (_[CVE-2018-12207](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-12207>)_). Use the registry setting as described in the Guidance KB article_. _(This registry setting is disabled by default.)\n * Provides protections against the Intel\u00ae Transactional Synchronization Extensions (Intel\u00ae TSX) Transaction Asynchronous Abort vulnerability ([CVE-2019-11135](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-11135>)). Use the registry settings as described in the Windows Client and Windows Server articles_. _(These registry settings are enabled by default for Windows Client OS editions and Windows Server OS editions.)\n * Addresses an issue that prevents the near real-time data integrity checking from being fully effective after an unexpected device failure.\n * Security updates to Microsoft Scripting Engine, Internet Explorer, Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Input and Composition, Microsoft Edge, Windows Fundamentals, Windows Cryptography, Windows Virtualization, Windows Linux, Windows Kernel, Windows Datacenter Networking, Windows Peripherals, and the Microsoft JET Database Engine.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing KB4493509, devices with some Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.\"| This issue is addressed by updates released June 11, 2019 and later. We recommend you install the latest security updates for your device. Customers installing Windows Server 2019 using media should install the latest [Servicing Stack Update (SSU)](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates>) before installing the language pack or other optional components. If using the [Volume Licensing Service Center (VLSC)](<https://www.microsoft.com/licensing/servicecenter/default.aspx>), acquire the latest Windows Server 2019 media available. The proper order of installation is as follows:\n\n 1. Install the latest prerequisite SSU, currently [KB5005112](<https://support.microsoft.com/help/5005112>)\n 2. Install optional components or language packs\n 3. Install latest cumulative update\n**Note** Updating your device will prevent this issue, but will have no effect on devices already affected by this issue. If this issue is present in your device, you will need to use the workaround steps to repair it.**Workaround:**\n\n 1. Uninstall and reinstall any recently added language packs. For instructions, see [Manage the input and display language settings in Windows 10](<https://support.microsoft.com/windows/manage-the-input-and-display-language-settings-in-windows-12a10cb4-8626-9b77-0ccb-5013e0c7c7a2>).\n 2. Click **Check for Updates **and install the April 2019 Cumulative Update or later. For instructions, see [Update Windows 10](<https://support.microsoft.com/windows/update-windows-3c5ae7fc-9fb6-9af1-1984-b5e0412c556a>).\n**Note **If reinstalling the language pack does not mitigate the issue, use the In-Place-Upgrade feature. For guidance, see [How to do an in-place upgrade on Windows](<https://docs.microsoft.com/troubleshoot/windows-server/deployment/repair-or-in-place-upgrade>), and [Perform an in-place upgrade of Windows Server](<https://docs.microsoft.com/windows-server/get-started/perform-in-place-upgrade>). \nWhen setting up a new Windows device during the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.**Note** This issue does not affect using a Microsoft Account during OOBE.| This issue is resolved in KB4534321. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For more information, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date>).If you are using Windows Update, the latest SSU (KB4523204) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4523205>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4523205](<https://download.microsoft.com/download/f/c/1/fc10e8dc-7c74-443a-acee-49d9b9c78c68/4523205.csv>). \n", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-11-12T00:00:00", "type": "mskb", "title": "November 12, 2019\u2014KB4523205 (OS Build 17763.864)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12207", "CVE-2019-0712", "CVE-2019-0719", "CVE-2019-0721", "CVE-2019-11135", "CVE-2019-1309", "CVE-2019-1310", "CVE-2019-1324", "CVE-2019-1374", "CVE-2019-1379", "CVE-2019-1380", "CVE-2019-1381", "CVE-2019-1382", "CVE-2019-1383", "CVE-2019-1384", "CVE-2019-1385", "CVE-2019-1388", "CVE-2019-1390", "CVE-2019-1391", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1398", "CVE-2019-1399", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1413", "CVE-2019-1415", "CVE-2019-1416", "CVE-2019-1417", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1420", "CVE-2019-1422", "CVE-2019-1424", "CVE-2019-1426", "CVE-2019-1427", "CVE-2019-1428", "CVE-2019-1429", "CVE-2019-1433", "CVE-2019-1435", "CVE-2019-1436", "CVE-2019-1437", "CVE-2019-1438", "CVE-2019-1439", "CVE-2019-1440", "CVE-2019-1456"], "modified": "2019-11-12T00:00:00", "id": "KB4523205", "href": "https://support.microsoft.com/en-us/help/4523205", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-28T09:44:12", "description": "None\n**NEW 8/5/21 \nEXPIRATION NOTICE****IMPORTANT **As of 8/5/2021, this KB is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality update. \n\n**What's new for Windows 10, version 1909 and Windows 10, version 1903 release notes**Windows 10, versions 1903 and 1909 share a common core operating system and an identical set of system files. As a result, the new features in Windows 10, version 1909 were included in the recent monthly quality update for Windows 10, version 1903 (released October 8, 2019), but are currently in a dormant state. These new features will remain dormant until they are turned on using an _enablement package_, which is a small, quick-to-install \u201cmaster switch\u201d that simply activates the Windows 10, version 1909 features.To reflect this change, the release notes for Windows 10, version 1903 and Windows 10, version 1909 will share an update history page. Each release page will contain a list of addressed issues for both 1903 and 1909 versions. Note that the 1909 version will always contain the fixes for 1903; however, 1903 will not contain the fixes for 1909. This page will provide you with the build numbers for both 1909 and 1903 versions so that it will be easier for support to assist you if you encounter issues.For more details about the enablement package and how to get the feature update, see the [Windows 10, version 1909 delivery options](<https://aka.ms/1909mechanics>) blog.\n\nFor more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following article.**Note **Follow [@WindowsUpdate](<https://twitter.com/windowsupdate>) to find out when new content is published to the release information dashboard.\n\n## Highlights\n\n * Updates to improve security when using Internet Explorer and Microsoft Edge.\n\n## Improvements and fixes\n\n## \n\n__\n\nWindows 10, version 1909\n\nThis security update includes quality improvements. Key changes include:\n\n * This build includes all the improvements from Windows 10, version 1903.\n * No additional issues were documented for this release.\n\n## \n\n__\n\nWindows 10, version 1903\n\n**Note **This release also contains updates for Microsoft HoloLens (OS Build 18362.1039) released November 12, 2019. Microsoft will release an update directly to the Windows Update Client to improve Windows Update reliability on Microsoft HoloLens that have not updated to this most recent OS Build.\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses an issue in the Keyboard Lockdown Subsystem that might not filter key input correctly.\n * Provides protections against the Intel\u00ae Processor Machine Check Error vulnerability (_[CVE-2018-12207](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-12207>)_). Use the registry setting as described in the Guidance KB article_. _(This registry setting is disabled by default.)\n * Provides protections against the Intel\u00ae Transactional Synchronization Extensions (Intel\u00ae TSX) Transaction Asynchronous Abort vulnerability ([CVE-2019-11135](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-11135>)). Use the registry settings as described in the Windows Client and Windows Server articles_. _(These registry settings are enabled by default for Windows Client OS editions and Windows Server OS editions.)\n * Security updates to Microsoft Scripting Engine, Internet Explorer, Windows App Platform and Frameworks, Microsoft Edge, Windows Fundamentals, Windows Cryptography, Windows Virtualization, Windows Linux, Windows Kernel, Windows Datacenter Networking, and the Microsoft JET Database Engine.\n\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\nKnown issues in this update**Symptom**| **Workaround**| **Applies To** \n---|---|--- \nWhen setting up a new Windows device during the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.**Note** This issue does not affect using a Microsoft Account during OOBE.| This issue is resolved in KB4530684.| Windows 10, version 1903, Windows 10, version 1909 \nHow to get this update**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For more information, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date>).If you are using Windows Update, the latest SSU (KB4524569) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4524570>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10, version 1903 and later**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4524570](<https://download.microsoft.com/download/b/2/2/b22fcb82-8de0-4cbc-a355-f2d29b78db96/4524570.csv>). \n", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-11-12T00:00:00", "type": "mskb", "title": "November 12, 2019\u2014KB4524570 (OS Builds 18362.476 and 18363.476) - EXPIRED", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12207", "CVE-2019-0712", "CVE-2019-0719", "CVE-2019-0721", "CVE-2019-11135", "CVE-2019-1309", "CVE-2019-1310", "CVE-2019-1324", "CVE-2019-1374", "CVE-2019-1380", "CVE-2019-1381", "CVE-2019-1382", "CVE-2019-1384", "CVE-2019-1385", "CVE-2019-1388", "CVE-2019-1390", "CVE-2019-1391", "CVE-2019-1393", "CVE-2019-1394", "CVE-2019-1395", "CVE-2019-1396", "CVE-2019-1397", "CVE-2019-1398", "CVE-2019-1399", "CVE-2019-1405", "CVE-2019-1406", "CVE-2019-1408", "CVE-2019-1409", "CVE-2019-1411", "CVE-2019-1413", "CVE-2019-1415", "CVE-2019-1416", "CVE-2019-1417", "CVE-2019-1418", "CVE-2019-1419", "CVE-2019-1420", "CVE-2019-1422", "CVE-2019-1423", "CVE-2019-1424", "CVE-2019-1426", "CVE-2019-1427", "CVE-2019-1428", "CVE-2019-1429", "CVE-2019-1430", "CVE-2019-1433", "CVE-2019-1435", "CVE-2019-1436", "CVE-2019-1437", "CVE-2019-1438", "CVE-2019-1439", "CVE-2019-1440", "CVE-2019-1456"], "modified": "2019-11-12T00:00:00", "id": "KB4524570", "href": "https://support.microsoft.com/en-us/help/4524570", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-28T09:44:13", "description": "None\n## Summary\n\nThis security update resolves several reported vulnerabilities in Internet Explorer. To learn more about these vulnerabilities, see [Microsoft Common Vulnerabilities and Exposures](<https://portal.msrc.microsoft.com/en-US/security-guidance>).Additionally, see the following articles for more information about cumulative updates:\n\n * Windows Server 2008 SP2 update history\n * Windows 7 SP1 and Windows Server 2008 R2 SP1 update history\n * Windows Server 2012 update history\n * [Windows 8.1 and Windows Server 2012 R2 update history](<https://support.microsoft.com/help/4009470>)\n**Important **\n\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/library/hh825699>).\n\n## How to get and install this update\n\n**Before installing this update**You must have the following updates installed before installing this update (KB 4525106). Installing these updates improves the reliability of the update process and mitigates potential issues while installing this update.\n\n * Servicing stack update (SSU) ([KB 4516655](<https://support.microsoft.com/help/4516655>)) or a later SSU update. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\n * SHA-2 update ([KB 4474419](<https://support.microsoft.com/help/4474419>)) released September 23, 2019 or a later SHA-2 update. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n**Install this update**To install this update, use one of the following release channels.**Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update for the following versions:\n\n * Internet Explorer 11 for Windows Server 2012 and Windows Embedded 8 Standard\n * Internet Explorer 8 for Windows Server 2008 SP2\nFor all other versions, see the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4525106>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2008 Service Pack 2, Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Server 2012, Windows Embedded 8 Standard, Windows 8.1, Windows Server 2012 R2**Classification**: Security Updates \n \n## File information\n\n### File attributes\n\nThe English (United States) version of this software update installs files that have the attributes that are listed in the following tables.**Note** The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.\n\n## File verification\n\n## File hash information\n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows8.1-KB4525106-arm.msu| 82A1D870587C80823A49198365F3A00EF9BEEBEE| 7C3B55B1AA52CA013671CB967DD97DBDA2045F3EA91BC8BD8E733DE49589C586 \nWindows8.1-KB4525106-x86.msu| 8E321597343462F30EEA2EF12E3866243105636F| 1AA0BEE91AF6BE43BD216D8C6B3F474B473D537A55680B8C683840740D330EA6 \nWindows8.1-KB4525106-x64.msu| 0EEF03D369D6F881E9C4A902693250640D9DBCA3| 0FB9B6E9B8F02442A67D584E3AAA31830EA2D93FD6C2D92B5A41044F485586DE \nIE11-Windows6.2-KB4525106-X86.msu| 139D2B461405460900B80725C3B6BE009FCD3DB8| 714B15705EC48E7F8C6FC836B65B9BD8E52DB996028EC0C04FED54BB897EFF66 \nIE11-Windows6.2-KB4525106-X64.msu| FD535189CA9A9DD484D804C9AF98B381E1775443| 9F4917D4A1E3B214121FD9F6C3AED102780AC50999081DEBFA30A039B0713079 \nWindows8-RT-KB4525106-x64.msu| A033FBE0890309B747D1C1318A0E82BBB546A4CC| 4828532B158D4363F445EFBEE0EAC240A0023B6856ADB4641346E16BA51AF800 \nIE11-Windows6.1-KB4525106-X86.msu| 3B7310579BD995E503FBA03A10E572C911005667| 4B0911F4C7AEE773E9DCFBFE1B202A6C8E357AC3D35A989B1E4FF41CE09BA810 \nIE11-Windows6.1-KB4525106-X64.msu| FFE791E531E6994A7927DAEDC0DAB2194D441900| 218DCA874272A578F9E2921D39BF454E7869037F525C9095D8A2DA9C38115EE1 \nIE9-Windows6.0-KB4525106-X86.msu| 7EAC234B8E17FDAB3730E1A01F0CC232BECF2700| 8A2FF54FD828ABB983C7BEE2FBEBCC13A937A9C3DBBAE92A460D4F86EBF43239 \nIE9-Windows6.0-KB4525106-X64.msu| 611E69CD7A9B5A6000590076CDB2A126BD2EB73D| D707CBF69C196A8A50AA88A81D4F4BCCDB8038CD60DCB5B86E81BB4F7D56B98F \n \n## Windows 8.1, Windows RT 8.1 and Windows Server 2012 R2\n\n## Internet Explorer 11 on all supported ARM-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform**| **SP requirement**| **Service branch** \n---|---|---|---|---|---|---|--- \nActxprxy.dll| 6.3.9600.19301| 1,064,960| 26-Feb-2019| 05:59| Not applicable| None| Not applicable \nHlink.dll| 6.3.9600.19101| 68,608| 19-Jul-2018| 03:30| Not applicable| None| Not applicable \nPngfilt.dll| 11.0.9600.16384| 47,616| 22-Aug-2013| 03:06| Not applicable| None| Not applicable \nUrlmon.dll| 11.0.9600.19538| 1,037,824| 15-Oct-2019| 01:47| Not applicable| None| Not applicable \nIexplore.exe| 11.0.9600.19507| 807,816| 06-Oct-2019| 03:26| Not applicable| None| Not applicable \nWininetplugin.dll| 6.3.9600.16384| 33,792| 22-Aug-2013| 02:52| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 46,592| 12-Nov-2016| 21:08| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:08| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:08| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:08| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 56,320| 12-Nov-2016| 21:08| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 57,856| 12-Nov-2016| 21:09| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,664| 12-Nov-2016| 21:09| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,664| 12-Nov-2016| 18:19| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 12-Nov-2016| 21:09| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 47,616| 12-Nov-2016| 21:09| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,152| 12-Nov-2016| 21:09| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 55,296| 12-Nov-2016| 21:08| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 45,056| 12-Nov-2016| 21:09| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,712| 12-Nov-2016| 21:09| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,712| 12-Nov-2016| 21:09| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,248| 12-Nov-2016| 21:09| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 39,424| 12-Nov-2016| 21:09| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 35,840| 12-Nov-2016| 21:09| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 21:09| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:09| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 21:09| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:10| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,760| 12-Nov-2016| 21:09| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 12-Nov-2016| 21:08| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 12-Nov-2016| 21:07| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:08| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:08| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,248| 12-Nov-2016| 21:08| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:08| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,712| 17-Oct-2019| 01:45| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 21:07| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 21:06| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 21:06| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 21:06| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 21:06| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 21:08| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 21:08| Not applicable| None| Not applicable \nHtml.iec| 2019.0.0.19301| 320,000| 26-Feb-2019| 06:35| Not applicable| None| Not applicable \nInetcpl.cpl| 11.0.9600.19538| 2,007,040| 15-Oct-2019| 02:06| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 307,200| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 293,888| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 290,304| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 289,280| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 299,008| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 303,104| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 282,112| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 282,112| 06-Oct-2019| 03:16| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 296,960| 06-Oct-2019| 03:52| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 283,648| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 291,840| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 299,520| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 275,968| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 290,816| 06-Oct-2019| 03:52| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 293,376| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 296,960| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 258,048| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 256,512| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 289,280| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 288,256| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 285,184| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 295,424| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 297,472| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 292,864| 06-Oct-2019| 03:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 295,424| 06-Oct-2019| 03:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 294,400| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 294,400| 06-Oct-2019| 03:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 292,864| 06-Oct-2019| 03:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 290,816| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 290,816| 17-Oct-2019| 01:45| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 286,208| 06-Oct-2019| 03:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 281,600| 06-Oct-2019| 03:48| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 286,720| 06-Oct-2019| 03:48| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 292,352| 06-Oct-2019| 03:48| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 242,176| 06-Oct-2019| 03:48| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 243,200| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 243,200| 06-Oct-2019| 03:51| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 73,728| 16-Aug-2014| 11:19| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 67,584| 16-Aug-2014| 11:19| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 67,584| 16-Aug-2014| 11:19| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 74,240| 16-Aug-2014| 11:19| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 78,848| 16-Aug-2014| 11:19| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 61,440| 16-Aug-2014| 11:19| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 61,440| 16-Aug-2014| 01:39| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 74,752| 16-Aug-2014| 11:19| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 62,464| 16-Aug-2014| 11:19| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,096| 16-Aug-2014| 11:27| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 75,264| 16-Aug-2014| 11:27| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,608| 16-Aug-2014| 11:28| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,680| 16-Aug-2014| 11:27| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 73,216| 16-Aug-2014| 11:27| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 41,472| 16-Aug-2014| 11:18| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 37,888| 16-Aug-2014| 11:18| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,608| 16-Aug-2014| 11:18| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 67,584| 16-Aug-2014| 11:18| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 65,536| 16-Aug-2014| 11:18| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 74,240| 16-Aug-2014| 11:18| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 70,656| 16-Aug-2014| 11:18| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,168| 16-Aug-2014| 11:18| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,680| 16-Aug-2014| 11:18| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,168| 16-Aug-2014| 11:18| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 69,632| 16-Aug-2014| 11:27| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,096| 16-Aug-2014| 11:27| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,608| 16-Aug-2014| 11:26| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 68,096| 17-Oct-2019| 01:45| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 65,536| 16-Aug-2014| 11:27| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 59,904| 16-Aug-2014| 11:27| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 65,536| 16-Aug-2014| 11:27| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 69,120| 16-Aug-2014| 11:26| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 29,696| 16-Aug-2014| 11:27| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 30,720| 16-Aug-2014| 11:19| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 30,720| 16-Aug-2014| 11:18| Not applicable| None| Not applicable \nJavascriptcollectionagent.dll| 11.0.9600.17416| 63,488| 31-Oct-2014| 02:29| Not applicable| None| Not applicable \nDiagnosticshub.scriptedsandboxplugin.dll| 11.0.9600.17905| 215,552| 15-Jun-2015| 19:49| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 46,080| 11-Jun-2016| 20:02| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 20:02| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 20:02| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 20:02| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 51,712| 11-Jun-2016| 20:02| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 54,272| 11-Jun-2016| 20:03| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 20:03| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 17:09| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 20:03| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 20:03| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 20:04| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,688| 11-Jun-2016| 20:02| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 45,056| 11-Jun-2016| 20:03| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 20:03| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 20:03| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 19:54| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 39,936| 11-Jun-2016| 19:53| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 39,424| 11-Jun-2016| 19:53| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 19:53| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 19:53| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 19:53| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 51,200| 11-Jun-2016| 19:53| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,688| 11-Jun-2016| 19:53| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 20:03| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 20:02| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 20:02| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 20:02| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 20:02| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 20:02| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,664| 17-Oct-2019| 01:45| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 20:02| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 19:59| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:58| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 19:58| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 19:58| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 20:02| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 20:02| Not applicable| None| Not applicable \nJsproxy.dll| 11.0.9600.17416| 39,936| 31-Oct-2014| 02:43| Not applicable| None| Not applicable \nWininet.dll| 11.0.9600.19538| 4,147,712| 15-Oct-2019| 01:47| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 114,176| 07-Sep-2017| 22:24| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,560| 07-Sep-2017| 22:24| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 124,928| 07-Sep-2017| 22:24| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 122,880| 07-Sep-2017| 22:24| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,048| 07-Sep-2017| 22:24| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 138,240| 07-Sep-2017| 22:23| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 114,688| 07-Sep-2017| 22:23| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18698| 114,688| 14-May-2017| 19:41| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 131,584| 07-Sep-2017| 22:23| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 117,760| 07-Sep-2017| 22:23| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 122,368| 07-Sep-2017| 22:23| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 134,144| 07-Sep-2017| 22:24| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 107,008| 07-Sep-2017| 22:23| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18838| 123,392| 14-Oct-2017| 07:14| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 127,488| 07-Sep-2017| 22:24| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 128,512| 07-Sep-2017| 22:23| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 88,064| 07-Sep-2017| 22:23| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18838| 82,944| 14-Oct-2017| 07:14| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,440| 07-Sep-2017| 22:23| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,392| 07-Sep-2017| 22:23| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 120,320| 07-Sep-2017| 22:23| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,560| 07-Sep-2017| 22:24| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 07-Sep-2017| 22:23| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,952| 07-Sep-2017| 22:24| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 07-Sep-2017| 22:24| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 128,000| 07-Sep-2017| 22:24| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 22:24| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 07-Sep-2017| 22:24| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 22:24| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 124,416| 17-Oct-2019| 01:45| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 121,856| 07-Sep-2017| 22:24| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 115,712| 07-Sep-2017| 22:21| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 22:21| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,440| 07-Sep-2017| 22:22| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 74,752| 07-Sep-2017| 22:21| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 75,776| 07-Sep-2017| 22:23| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 75,776| 07-Sep-2017| 22:24| Not applicable| None| Not applicable \nIeui.dll| 11.0.9600.19101| 427,520| 19-Jul-2018| 03:30| Not applicable| None| Not applicable \nIedkcs32.dll| 18.0.9600.19538| 292,864| 15-Oct-2019| 02:07| Not applicable| None| Not applicable \nInstall.ins| Not applicable| 464| 15-Oct-2019| 00:33| Not applicable| None| Not applicable \nIeapfltr.dat| 10.0.9301.0| 616,104| 24-Sep-2013| 02:22| Not applicable| None| Not applicable \nIeapfltr.dll| 11.0.9600.19538| 548,352| 15-Oct-2019| 01:50| Not applicable| None| Not applicable \nIepeers.dll| 11.0.9600.19507| 107,008| 06-Oct-2019| 02:22| Not applicable| None| Not applicable \nLicmgr10.dll| 11.0.9600.17416| 23,552| 31-Oct-2014| 02:34| Not applicable| None| Not applicable \nTdc.ocx| 11.0.9600.18698| 61,952| 14-May-2017| 18:43| Not applicable| None| Not applicable \nDiagnosticshub.datawarehouse.dll| 11.0.9600.17416| 495,616| 31-Oct-2014| 02:52| Not applicable| None| Not applicable \nIedvtool.dll| 11.0.9600.19538| 726,016| 15-Oct-2019| 02:17| Not applicable| None| Not applicable \nDiagnosticshub_is.dll| 11.0.9600.17416| 38,912| 31-Oct-2014| 02:53| Not applicable| None| Not applicable \nDxtmsft.dll| 11.0.9600.18052| 368,640| 10-Sep-2015| 15:57| Not applicable| None| Not applicable \nDxtrans.dll| 11.0.9600.19507| 221,696| 06-Oct-2019| 02:21| Not applicable| None| Not applicable \nMicrosoft-windows-ie-f12-provider.ptxml| Not applicable| 11,892| 15-Aug-2014| 22:50| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:18| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:18| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:19| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:19| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:19| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:20| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 01:39| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:19| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:18| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:27| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:28| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:27| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:27| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:27| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 11:18| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 11:19| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:18| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:17| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:18| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:18| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:19| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:18| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:18| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:18| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:27| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:27| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:26| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 17-Oct-2019| 01:44| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:26| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:27| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:26| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:26| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 11:27| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 11:19| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 11:18| Not applicable| None| Not applicable \nDiagnosticstap.dll| 11.0.9600.19180| 174,592| 18-Oct-2018| 03:55| Not applicable| None| Not applicable \nF12resources.dll| 11.0.9600.17496| 10,948,608| 22-Nov-2014| 01:44| Not applicable| None| Not applicable \nF12tools.dll| 11.0.9600.19507| 263,168| 06-Oct-2019| 02:28| Not applicable| None| Not applicable \nF12.dll| 11.0.9600.19507| 1,184,256| 06-Oct-2019| 02:20| Not applicable| None| Not applicable \nMsfeeds.dll| 11.0.9600.19538| 587,776| 15-Oct-2019| 02:06| Not applicable| None| Not applicable \nMsfeeds.mof| Not applicable| 1,518| 06-Feb-2014| 05:51| Not applicable| None| Not applicable \nMsfeedsbs.dll| 11.0.9600.17416| 43,008| 31-Oct-2014| 02:26| Not applicable| None| Not applicable \nMsfeedsbs.mof| Not applicable| 1,574| 21-Aug-2013| 23:43| Not applicable| None| Not applicable \nMsfeedssync.exe| 11.0.9600.16384| 11,776| 22-Aug-2013| 03:05| Not applicable| None| Not applicable \nMshtmled.dll| 11.0.9600.19507| 73,216| 06-Oct-2019| 02:23| Not applicable| None| Not applicable \nMicrosoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 06-Feb-2014| 05:39| Not applicable| None| Not applicable \nMshtml.dll| 11.0.9600.19538| 16,227,840| 15-Oct-2019| 02:00| Not applicable| None| Not applicable \nMshtml.tlb| 11.0.9600.16518| 2,724,864| 06-Feb-2014| 09:36| Not applicable| None| Not applicable \nIeadvpack.dll| 11.0.9600.16384| 98,816| 22-Aug-2013| 02:54| Not applicable| None| Not applicable \nIeetwcollector.exe| 11.0.9600.18658| 98,816| 05-Apr-2017| 17:29| Not applicable| None| Not applicable \nIeetwcollectorres.dll| 11.0.9600.16518| 4,096| 06-Feb-2014| 09:36| Not applicable| None| Not applicable \nIeetwproxystub.dll| 11.0.9600.16518| 43,008| 06-Feb-2014| 09:23| Not applicable| None| Not applicable \nIelowutil.exe| 11.0.9600.17031| 222,208| 22-Feb-2014| 09:32| Not applicable| None| Not applicable \nIeproxy.dll| 11.0.9600.19538| 297,472| 15-Oct-2019| 01:48| Not applicable| None| Not applicable \nIeshims.dll| 11.0.9600.19507| 268,800| 06-Oct-2019| 02:01| Not applicable| None| Not applicable \nImgutil.dll| 11.0.9600.18123| 35,328| 08-Nov-2015| 20:20| Not applicable| None| Not applicable \nBing.ico| Not applicable| 5,430| 24-Sep-2013| 02:51| Not applicable| None| Not applicable \nIeunatt.exe| 11.0.9600.16518| 112,128| 06-Feb-2014| 09:12| Not applicable| None| Not applicable \nMicrosoft-windows-ie-internetexplorer-ppdlic.xrm-ms| Not applicable| 2,956| 17-Oct-2019| 01:18| Not applicable| None| Not applicable \nWindows feed discovered.wav| Not applicable| 19,884| 24-Sep-2013| 03:25| Not applicable| None| Not applicable \nWindows information bar.wav| Not applicable| 23,308| 24-Sep-2013| 03:25| Not applicable| None| Not applicable \nWindows navigation start.wav| Not applicable| 11,340| 24-Sep-2013| 03:25| Not applicable| None| Not applicable \nWindows pop-up blocked.wav| Not applicable| 85,548| 24-Sep-2013| 03:25| Not applicable| None| Not applicable \nJsdbgui.dll| 11.0.9600.17905| 457,216| 15-Jun-2015| 19:46| Not applicable| None| Not applicable \nJsprofilerui.dll| 11.0.9600.19507| 574,976| 06-Oct-2019| 02:24| Not applicable| SPR| ARM_MICROSOFT-WINDOWS-IE-JSP \nMemoryanalyzer.dll| 11.0.9600.17905| 1,934,848| 15-Jun-2015| 20:00| Not applicable| None| Not applicable \nMshtmldac.dll| 11.0.9600.19507| 60,928| 06-Oct-2019| 02:40| Not applicable| None| Not applicable \nNetworkinspection.dll| 11.0.9600.19538| 1,105,408| 15-Oct-2019| 02:12| Not applicable| SPE| ARM_MICROSOFT-WINDOWS-IE-NETWORKINSP \nDesktop.ini| Not applicable| 65| 18-Jun-2013| 14:46| Not applicable| None| Not applicable \nOccache.dll| 11.0.9600.19507| 121,856| 06-Oct-2019| 02:20| Not applicable| None| Not applicable \nDesktop.ini| Not applicable| 65| 18-Jun-2013| 14:46| Not applicable| None| Not applicable \nWebcheck.dll| 11.0.9600.19538| 201,216| 15-Oct-2019| 02:08| Not applicable| None| Not applicable \nMsdbg2.dll| 12.0.20712.1| 295,320| 26-Jul-2013| 17:03| Not applicable| None| Not applicable \nPdm.dll| 12.0.20712.1| 420,752| 26-Jul-2013| 17:03| Not applicable| None| Not applicable \nPdmproxy100.dll| 12.0.20712.1| 76,712| 26-Jul-2013| 17:03| Not applicable| None| Not applicable \nIcrav03.rat| Not applicable| 8,798| 24-Sep-2013| 02:32| Not applicable| None| Not applicable \nMsrating.dll| 11.0.9600.17905| 157,184| 15-Jun-2015| 19:46| Not applicable| None| Not applicable \nTicrf.rat| Not applicable| 1,988| 24-Sep-2013| 02:32| Not applicable| None| Not applicable \nIertutil.dll| 11.0.9600.19538| 2,182,144| 15-Oct-2019| 02:27| Not applicable| None| Not applicable \nIe4uinit.exe| 11.0.9600.19538| 677,888| 15-Oct-2019| 02:06| Not applicable| None| Not applicable \nIernonce.dll| 11.0.9600.16518| 28,160| 06-Feb-2014| 09:15| Not applicable| None| Not applicable \nIesetup.dll| 11.0.9600.16518| 59,904| 06-Feb-2014| 09:23| Not applicable| None| Not applicable \nInseng.dll| 11.0.9600.16384| 77,312| 22-Aug-2013| 02:35| Not applicable| None| Not applicable \nIesysprep.dll| 11.0.9600.17416| 87,552| 31-Oct-2014| 02:28| Not applicable| SPR| ARM_MICROSOFT-WINDOWS-IE-SYSP \nTimeline.dll| 11.0.9600.19507| 155,136| 06-Oct-2019| 02:25| Not applicable| None| Not applicable \nTimeline.cpu.xml| Not applicable| 3,197| 24-Jul-2014| 19:09| Not applicable| None| Not applicable \nTimeline_is.dll| 11.0.9600.17416| 129,536| 31-Oct-2014| 02:43| Not applicable| None| Not applicable \nVgx.dll| 11.0.9600.19507| 734,208| 06-Oct-2019| 02:23| Not applicable| None| Not applicable \nUrl.dll| 11.0.9600.17416| 236,032| 31-Oct-2014| 02:49| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,066,432| 17-Oct-2019| 01:47| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,120,704| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,075,136| 17-Oct-2019| 01:47| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,063,360| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,313,728| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,390,016| 17-Oct-2019| 01:47| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,033,664| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,032,640| 17-Oct-2019| 01:12| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,307,584| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,255,360| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,061,312| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,325,504| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,019,840| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,070,528| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,082,304| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,307,072| 17-Oct-2019| 01:47| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,170,368| 17-Oct-2019| 01:47| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,153,984| 17-Oct-2019| 01:47| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,291,712| 17-Oct-2019| 01:47| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,283,520| 17-Oct-2019| 01:47| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,051,584| 17-Oct-2019| 01:47| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,301,440| 17-Oct-2019| 01:47| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,093,056| 17-Oct-2019| 01:47| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,075,136| 17-Oct-2019| 01:45| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,298,880| 17-Oct-2019| 01:45| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,094,080| 17-Oct-2019| 01:45| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,316,800| 17-Oct-2019| 01:45| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,305,024| 17-Oct-2019| 01:45| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,278,912| 17-Oct-2019| 01:45| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,286,080| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,059,776| 17-Oct-2019| 01:45| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,315,264| 17-Oct-2019| 01:45| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,278,912| 17-Oct-2019| 01:45| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,324,480| 17-Oct-2019| 01:45| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,098,176| 17-Oct-2019| 01:45| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 1,890,304| 17-Oct-2019| 01:47| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 1,890,304| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nIeframe.dll| 11.0.9600.19538| 12,277,248| 15-Oct-2019| 01:49| Not applicable| None| Not applicable \nIeframe.ptxml| Not applicable| 24,486| 06-Feb-2014| 05:38| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 525,209| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 498,579| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 551,012| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 940,224| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 17-Oct-2019| 01:11| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 542,775| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 525,239| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 574,462| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 569,208| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 547,056| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 637,129| 17-Oct-2019| 01:48| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 524,358| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 487,582| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 547,481| 17-Oct-2019| 01:47| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 557,669| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 533,959| 17-Oct-2019| 01:45| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 540,456| 17-Oct-2019| 01:45| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 801,214| 17-Oct-2019| 01:45| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 503,010| 17-Oct-2019| 01:45| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 520,341| 17-Oct-2019| 01:44| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 419,549| 17-Oct-2019| 01:44| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 436,158| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 436,158| 17-Oct-2019| 01:46| Not applicable| None| Not applicable \nInetres.admx| Not applicable| 1,676,557| 10-Oct-2019| 23:40| Not applicable| None| Not applicable \nInetcomm.dll| 6.3.9600.19538| 675,328| 15-Oct-2019| 02:09| Not applicable| None| Not applicable \nInetres.dll| 6.3.9600.16384| 84,480| 22-Aug-2013| 03:15| Not applicable| None| Not applicable \nJscript9.dll| 11.0.9600.19538| 3,572,224| 15-Oct-2019| 01:57| Not applicable| None| Not applicable \nJscript9diag.dll| 11.0.9600.19507| 557,568| 06-Oct-2019| 02:35| Not applicable| None| Not applicable \nJscript.dll| 5.8.9600.19539| 519,680| 17-Oct-2019| 00:49| Not applicable| None| Not applicable \nVbscript.dll| 5.8.9600.19539| 403,456| 17-Oct-2019| 00:49| Not applicable| None| Not applicable \n \n## Internet Explorer 11 on all supported x86-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform**| **SP requirement**| **Service branch** \n---|---|---|---|---|---|---|--- \nActxprxy.dll| 6.3.9600.19301| 1,049,600| 26-Feb-2019| 06:20| x86| None| Not applicable \nHlink.dll| 6.3.9600.19101| 99,328| 19-Jul-2018| 03:55| x86| None| Not applicable \nPngfilt.dll| 11.0.9600.17416| 57,344| 31-Oct-2014| 03:26| x86| None| Not applicable \nUrlmon.dll| 11.0.9600.19538| 1,331,712| 15-Oct-2019| 02:04| x86| None| Not applicable \nIexplore.exe| 11.0.9600.19036| 817,296| 25-May-2018| 05:24| x86| None| Not applicable \nWininetplugin.dll| 6.3.9600.17416| 35,328| 31-Oct-2014| 03:12| x86| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 46,592| 12-Nov-2016| 21:31| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:30| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:30| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:30| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 56,320| 12-Nov-2016| 21:30| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 57,856| 12-Nov-2016| 21:32| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,664| 12-Nov-2016| 21:32| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,664| 12-Nov-2016| 19:17| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 12-Nov-2016| 21:32| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 47,616| 12-Nov-2016| 21:32| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,152| 12-Nov-2016| 21:32| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 55,296| 12-Nov-2016| 21:30| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 45,056| 12-Nov-2016| 21:32| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,712| 12-Nov-2016| 21:32| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,712| 12-Nov-2016| 21:32| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,248| 12-Nov-2016| 21:32| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 39,424| 12-Nov-2016| 21:32| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 35,840| 12-Nov-2016| 21:32| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 21:31| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:31| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 21:31| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:31| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,760| 12-Nov-2016| 21:31| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 12-Nov-2016| 20:30| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 12-Nov-2016| 20:29| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 20:30| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 20:29| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,248| 12-Nov-2016| 20:30| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 20:30| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,712| 17-Oct-2019| 02:31| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 20:30| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 20:27| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 20:28| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 20:28| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 20:28| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 21:30| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 21:30| Not applicable| None| Not applicable \nHtml.iec| 2019.0.0.18895| 341,504| 02-Jan-2018| 04:51| Not applicable| None| Not applicable \nInetcpl.cpl| 11.0.9600.19538| 2,058,752| 15-Oct-2019| 02:27| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 307,200| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 293,888| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 290,304| 10-Jul-2019| 04:52| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 289,280| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 299,008| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 303,104| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 282,112| 10-Jul-2019| 04:49| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 282,112| 10-Jul-2019| 03:58| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 296,960| 10-Jul-2019| 04:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 283,648| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 291,840| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 299,520| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 275,968| 10-Jul-2019| 04:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 290,816| 10-Jul-2019| 04:49| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 293,376| 10-Jul-2019| 04:49| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 296,960| 10-Jul-2019| 04:53| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 258,048| 10-Jul-2019| 04:53| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 256,512| 10-Jul-2019| 04:52| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 289,280| 10-Jul-2019| 04:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 288,256| 10-Jul-2019| 04:53| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 285,184| 10-Jul-2019| 04:53| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 295,424| 10-Jul-2019| 04:53| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 297,472| 10-Jul-2019| 04:52| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 292,864| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 295,424| 10-Jul-2019| 04:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 294,400| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 294,400| 10-Jul-2019| 04:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 292,864| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 290,816| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 290,816| 17-Oct-2019| 02:34| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 286,208| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 281,600| 10-Jul-2019| 04:43| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 286,720| 10-Jul-2019| 04:43| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 292,352| 10-Jul-2019| 04:42| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 242,176| 10-Jul-2019| 04:43| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 243,200| 10-Jul-2019| 04:53| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 243,200| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 73,728| 16-Aug-2014| 08:34| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 67,584| 16-Aug-2014| 08:33| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 67,584| 16-Aug-2014| 08:34| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 74,240| 16-Aug-2014| 08:35| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 78,848| 16-Aug-2014| 08:33| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 61,440| 16-Aug-2014| 08:34| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 61,440| 16-Aug-2014| 02:47| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 74,752| 16-Aug-2014| 08:33| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 62,464| 16-Aug-2014| 08:32| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,096| 16-Aug-2014| 08:27| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 75,264| 16-Aug-2014| 08:27| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,608| 16-Aug-2014| 08:27| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,680| 16-Aug-2014| 08:29| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 73,216| 16-Aug-2014| 08:27| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 41,472| 16-Aug-2014| 08:30| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 37,888| 16-Aug-2014| 08:30| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,608| 16-Aug-2014| 08:30| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 67,584| 16-Aug-2014| 08:30| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 65,536| 16-Aug-2014| 08:30| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 74,240| 16-Aug-2014| 08:30| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 70,656| 16-Aug-2014| 08:30| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,168| 16-Aug-2014| 08:30| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,680| 16-Aug-2014| 08:30| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,168| 16-Aug-2014| 08:30| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 69,632| 16-Aug-2014| 08:38| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,096| 16-Aug-2014| 08:38| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,608| 16-Aug-2014| 08:39| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 68,096| 17-Oct-2019| 02:34| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 65,536| 16-Aug-2014| 08:38| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 59,904| 16-Aug-2014| 08:38| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 65,536| 16-Aug-2014| 08:38| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 69,120| 16-Aug-2014| 08:38| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 29,696| 16-Aug-2014| 08:39| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 30,720| 16-Aug-2014| 08:34| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 30,720| 16-Aug-2014| 08:33| Not applicable| None| Not applicable \nJavascriptcollectionagent.dll| 11.0.9600.17416| 60,416| 31-Oct-2014| 02:57| x86| None| Not applicable \nDiagnosticshub.scriptedsandboxplugin.dll| 11.0.9600.17905| 230,400| 15-Jun-2015| 20:50| x86| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 46,080| 11-Jun-2016| 20:26| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 20:24| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 20:23| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 20:24| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 51,712| 11-Jun-2016| 20:23| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 54,272| 11-Jun-2016| 19:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 19:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 18:10| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 19:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 19:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,688| 11-Jun-2016| 20:24| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 45,056| 11-Jun-2016| 19:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:13| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 19:07| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 39,936| 11-Jun-2016| 19:07| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 39,424| 11-Jun-2016| 19:07| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 19:07| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 19:07| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 19:07| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 51,200| 11-Jun-2016| 19:07| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,688| 11-Jun-2016| 19:07| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:03| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 19:04| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:02| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 19:03| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 19:03| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 19:03| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,664| 17-Oct-2019| 02:31| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 19:03| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 19:04| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:04| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 19:05| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 19:04| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 20:23| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 20:23| Not applicable| None| Not applicable \nJsproxy.dll| 11.0.9600.17416| 47,104| 31-Oct-2014| 03:16| x86| None| Not applicable \nWininet.dll| 11.0.9600.19538| 4,387,840| 15-Oct-2019| 02:08| x86| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 114,176| 07-Sep-2017| 21:12| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,560| 07-Sep-2017| 21:09| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 124,928| 07-Sep-2017| 21:10| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 122,880| 07-Sep-2017| 21:12| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,048| 07-Sep-2017| 21:10| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 138,240| 07-Sep-2017| 21:12| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 114,688| 07-Sep-2017| 21:12| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18666| 114,688| 16-Apr-2017| 08:51| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 131,584| 07-Sep-2017| 21:12| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 117,760| 07-Sep-2017| 21:10| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 122,368| 07-Sep-2017| 21:12| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 134,144| 07-Sep-2017| 21:12| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 107,008| 07-Sep-2017| 21:13| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18838| 123,392| 14-Oct-2017| 08:46| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 127,488| 07-Sep-2017| 21:11| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 128,512| 07-Sep-2017| 21:11| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 88,064| 07-Sep-2017| 21:07| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18838| 82,944| 14-Oct-2017| 08:47| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,440| 07-Sep-2017| 21:07| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,392| 07-Sep-2017| 21:07| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 120,320| 07-Sep-2017| 21:10| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,560| 07-Sep-2017| 21:07| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 07-Sep-2017| 21:07| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,952| 07-Sep-2017| 22:26| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 07-Sep-2017| 22:26| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 128,000| 07-Sep-2017| 22:25| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 22:26| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 07-Sep-2017| 22:26| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 22:25| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 124,416| 17-Oct-2019| 02:31| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 121,856| 07-Sep-2017| 20:56| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 115,712| 07-Sep-2017| 21:03| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 21:04| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,440| 07-Sep-2017| 21:04| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 74,752| 07-Sep-2017| 21:04| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 75,776| 07-Sep-2017| 21:09| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 75,776| 07-Sep-2017| 21:10| Not applicable| None| Not applicable \nIeui.dll| 11.0.9600.18895| 476,160| 02-Jan-2018| 04:44| x86| None| Not applicable \nIedkcs32.dll| 18.0.9600.19538| 333,312| 15-Oct-2019| 02:27| x86| None| Not applicable \nInstall.ins| Not applicable| 464| 15-Oct-2019| 00:39| Not applicable| None| Not applicable \nIeapfltr.dat| 10.0.9301.0| 616,104| 24-Sep-2013| 02:20| Not applicable| None| Not applicable \nIeapfltr.dll| 11.0.9600.19538| 710,144| 15-Oct-2019| 02:03| x86| None| Not applicable \nIepeers.dll| 11.0.9600.19507| 128,000| 06-Oct-2019| 02:56| x86| None| Not applicable \nLicmgr10.dll| 11.0.9600.17416| 27,136| 31-Oct-2014| 03:03| x86| None| Not applicable \nTdc.ocx| 11.0.9600.18666| 73,216| 16-Apr-2017| 07:29| x86| None| Not applicable \nDiagnosticshub.datawarehouse.dll| 11.0.9600.18895| 489,472| 02-Jan-2018| 04:55| x86| None| Not applicable \nIedvtool.dll| 11.0.9600.19538| 772,608| 15-Oct-2019| 03:21| x86| None| Not applicable \nDiagnosticshub_is.dll| 11.0.9600.17416| 37,888| 31-Oct-2014| 03:29| x86| None| Not applicable \nDxtmsft.dll| 11.0.9600.18895| 416,256| 02-Jan-2018| 04:34| x86| None| Not applicable \nDxtrans.dll| 11.0.9600.19507| 279,040| 06-Oct-2019| 02:56| x86| None| Not applicable \nMicrosoft-windows-ie-f12-provider.ptxml| Not applicable| 11,892| 15-Aug-2014| 22:51| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:34| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:35| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:36| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:33| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:34| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:33| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 02:47| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:32| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:32| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:26| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:27| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:27| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:27| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:26| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 08:30| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 08:30| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:29| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:29| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:30| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:30| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:30| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:30| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:31| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:30| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:37| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:37| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:38| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 17-Oct-2019| 02:32| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:37| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:39| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:37| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:37| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 08:38| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 08:32| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 08:34| Not applicable| None| Not applicable \nDiagnosticstap.dll| 11.0.9600.17905| 174,592| 15-Jun-2015| 20:52| x86| None| Not applicable \nF12resources.dll| 11.0.9600.18939| 10,948,096| 10-Feb-2018| 17:17| x86| None| Not applicable \nF12tools.dll| 11.0.9600.17905| 255,488| 15-Jun-2015| 20:51| x86| None| Not applicable \nF12.dll| 11.0.9600.19507| 1,206,272| 06-Oct-2019| 02:54| x86| None| Not applicable \nMsfeeds.dll| 11.0.9600.19538| 696,320| 15-Oct-2019| 02:27| x86| None| Not applicable \nMsfeeds.mof| Not applicable| 1,518| 06-Feb-2014| 05:53| Not applicable| None| Not applicable \nMsfeedsbs.dll| 11.0.9600.17416| 52,736| 31-Oct-2014| 02:53| x86| None| Not applicable \nMsfeedsbs.mof| Not applicable| 1,574| 21-Aug-2013| 23:49| Not applicable| None| Not applicable \nMsfeedssync.exe| 11.0.9600.17416| 11,264| 31-Oct-2014| 03:25| x86| None| Not applicable \nMshta.exe| 11.0.9600.17416| 12,800| 31-Oct-2014| 03:28| x86| None| Not applicable \nMshtmled.dll| 11.0.9600.19404| 76,288| 10-Jul-2019| 02:48| x86| None| Not applicable \nMicrosoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 06-Feb-2014| 05:40| Not applicable| None| Not applicable \nMshtml.dll| 11.0.9600.19538| 20,290,048| 15-Oct-2019| 03:20| x86| None| Not applicable \nMshtml.tlb| 11.0.9600.16518| 2,724,864| 06-Feb-2014| 10:20| Not applicable| None| Not applicable \nIeadvpack.dll| 11.0.9600.17416| 112,128| 31-Oct-2014| 03:14| x86| None| Not applicable \nIeetwcollector.exe| 11.0.9600.18666| 104,960| 16-Apr-2017| 07:47| x86| None| Not applicable \nIeetwcollectorres.dll| 11.0.9600.16518| 4,096| 06-Feb-2014| 10:19| x86| None| Not applicable \nIeetwproxystub.dll| 11.0.9600.17416| 47,616| 31-Oct-2014| 03:23| x86| None| Not applicable \nIelowutil.exe| 11.0.9600.19404| 221,184| 10-Jul-2019| 03:06| x86| None| Not applicable \nIeproxy.dll| 11.0.9600.19538| 301,056| 15-Oct-2019| 02:00| x86| None| Not applicable \nIeshims.dll| 11.0.9600.19507| 290,304| 06-Oct-2019| 02:32| x86| None| Not applicable \nIexpress.exe| 11.0.9600.17416| 152,064| 31-Oct-2014| 03:27| x86| None| Not applicable \nWextract.exe| 11.0.9600.17416| 137,728| 31-Oct-2014| 03:28| x86| None| Not applicable \nImgutil.dll| 11.0.9600.17416| 40,448| 31-Oct-2014| 02:24| x86| None| Not applicable \nExtexport.exe| 11.0.9600.17416| 25,600| 31-Oct-2014| 03:20| x86| None| Not applicable \nBing.ico| Not applicable| 5,430| 24-Sep-2013| 02:36| Not applicable| None| Not applicable \nIeunatt.exe| 11.0.9600.17416| 115,712| 31-Oct-2014| 03:12| x86| None| Not applicable \nMicrosoft-windows-ie-internetexplorer-ppdlic.xrm-ms| Not applicable| 2,956| 17-Oct-2019| 01:58| Not applicable| None| Not applicable \nWindows feed discovered.wav| Not applicable| 19,884| 24-Sep-2013| 02:58| Not applicable| None| Not applicable \nWindows information bar.wav| Not applicable| 23,308| 24-Sep-2013| 02:58| Not applicable| None| Not applicable \nWindows navigation start.wav| Not applicable| 11,340| 24-Sep-2013| 02:58| Not applicable| None| Not applicable \nWindows pop-up blocked.wav| Not applicable| 85,548| 24-Sep-2013| 02:58| Not applicable| None| Not applicable \nJsdbgui.dll| 11.0.9600.18895| 459,776| 02-Jan-2018| 04:27| x86| None| Not applicable \nJsprofilerui.dll| 11.0.9600.18895| 579,584| 02-Jan-2018| 04:27| x86| SPR| X86_MICROSOFT-WINDOWS-IE-JSP \nMemoryanalyzer.dll| 11.0.9600.19178| 1,399,296| 12-Oct-2018| 20:16| x86| None| Not applicable \nMshtmldac.dll| 11.0.9600.19507| 64,000| 06-Oct-2019| 03:16| x86| None| Not applicable \nNetworkinspection.dll| 11.0.9600.19404| 1,075,200| 10-Jul-2019| 02:45| x86| SPE| X86_MICROSOFT-WINDOWS-IE-NETWORKINSP \nDesktop.ini| Not applicable| 65| 18-Jun-2013| 12:18| Not applicable| None| Not applicable \nOccache.dll| 11.0.9600.17416| 130,048| 31-Oct-2014| 02:48| x86| None| Not applicable \nDesktop.ini| Not applicable| 65| 18-Jun-2013| 12:19| Not applicable| None| Not applicable \nWebcheck.dll| 11.0.9600.19538| 230,400| 15-Oct-2019| 02:28| x86| None| Not applicable \nMsdbg2.dll| 12.0.41202.0| 315,008| 30-Sep-2014| 23:00| x86| None| Not applicable \nPdm.dll| 12.0.41202.0| 442,992| 30-Sep-2014| 23:00| x86| None| Not applicable \nPdmproxy100.dll| 12.0.41202.0| 99,984| 30-Sep-2014| 23:00| x86| None| Not applicable \nIcrav03.rat| Not applicable| 8,798| 24-Sep-2013| 02:25| Not applicable| None| Not applicable \nMsrating.dll| 11.0.9600.19507| 168,960| 06-Oct-2019| 02:57| x86| None| Not applicable \nTicrf.rat| Not applicable| 1,988| 24-Sep-2013| 02:26| Not applicable| None| Not applicable \nIertutil.dll| 11.0.9600.19538| 2,304,000| 15-Oct-2019| 02:59| x86| None| Not applicable \nIe4uinit.exe| 11.0.9600.19538| 692,224| 15-Oct-2019| 02:27| x86| None| Not applicable \nIernonce.dll| 11.0.9600.17416| 30,720| 31-Oct-2014| 03:15| x86| None| Not applicable \nIesetup.dll| 11.0.9600.17416| 62,464| 31-Oct-2014| 03:24| x86| None| Not applicable \nInseng.dll| 11.0.9600.17416| 91,136| 31-Oct-2014| 02:56| x86| None| Not applicable \nIesysprep.dll| 11.0.9600.17416| 90,624| 31-Oct-2014| 02:56| x86| SPR| X86_MICROSOFT-WINDOWS-IE-SYSP \nTimeline.dll| 11.0.9600.17416| 153,600| 31-Oct-2014| 02:55| x86| None| Not applicable \nTimeline.cpu.xml| Not applicable| 3,197| 24-Jul-2014| 19:11| Not applicable| None| Not applicable \nTimeline_is.dll| 11.0.9600.17416| 124,416| 31-Oct-2014| 03:15| x86| None| Not applicable \nVgx.dll| 11.0.9600.19507| 817,664| 06-Oct-2019| 02:57| x86| None| Not applicable \nUrl.dll| 11.0.9600.17416| 235,520| 31-Oct-2014| 03:24| x86| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,066,432| 17-Oct-2019| 02:40| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,120,704| 17-Oct-2019| 02:40| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,075,136| 17-Oct-2019| 02:40| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,063,360| 17-Oct-2019| 02:40| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,313,728| 17-Oct-2019| 02:40| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,390,016| 17-Oct-2019| 02:32| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,033,664| 17-Oct-2019| 02:32| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,032,640| 17-Oct-2019| 01:48| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,307,584| 17-Oct-2019| 02:32| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,255,360| 17-Oct-2019| 02:32| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,061,312| 17-Oct-2019| 02:32| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,325,504| 17-Oct-2019| 02:40| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,019,840| 17-Oct-2019| 02:33| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,070,528| 17-Oct-2019| 02:31| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,082,304| 17-Oct-2019| 02:31| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,307,072| 17-Oct-2019| 02:18| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,170,368| 17-Oct-2019| 02:18| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,153,984| 17-Oct-2019| 02:18| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,291,712| 17-Oct-2019| 02:18| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,283,520| 17-Oct-2019| 02:18| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,051,584| 17-Oct-2019| 02:18| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,301,440| 17-Oct-2019| 02:18| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,093,056| 17-Oct-2019| 02:18| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,075,136| 17-Oct-2019| 02:36| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,298,880| 17-Oct-2019| 02:36| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,094,080| 17-Oct-2019| 02:36| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,316,800| 17-Oct-2019| 02:36| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,305,024| 17-Oct-2019| 02:36| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,278,912| 17-Oct-2019| 02:35| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,286,080| 17-Oct-2019| 02:36| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,059,776| 17-Oct-2019| 02:36| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,315,264| 17-Oct-2019| 02:26| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,278,912| 17-Oct-2019| 02:26| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,324,480| 17-Oct-2019| 02:26| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,098,176| 17-Oct-2019| 02:26| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 1,890,304| 17-Oct-2019| 02:40| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 1,890,304| 17-Oct-2019| 02:40| Not applicable| None| Not applicable \nIeframe.dll| 11.0.9600.19538| 13,838,336| 15-Oct-2019| 02:22| x86| None| Not applicable \nIeframe.ptxml| Not applicable| 24,486| 06-Feb-2014| 05:40| Not applicable| None| Not applicable \nIeinstal.exe| 11.0.9600.18921| 475,648| 10-Feb-2018| 05:35| x86| None| Not applicable \nInetres.adml| Not applicable| 525,209| 17-Oct-2019| 02:40| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 498,579| 17-Oct-2019| 02:39| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 551,012| 17-Oct-2019| 02:39| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 940,224| 17-Oct-2019| 02:32| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 17-Oct-2019| 01:47| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 542,775| 17-Oct-2019| 02:31| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 525,239| 17-Oct-2019| 02:31| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 574,462| 17-Oct-2019| 02:40| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 569,208| 17-Oct-2019| 02:31| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 547,056| 17-Oct-2019| 02:18| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 637,129| 17-Oct-2019| 02:17| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 524,358| 17-Oct-2019| 02:17| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 487,582| 17-Oct-2019| 02:17| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 547,481| 17-Oct-2019| 02:17| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 557,669| 17-Oct-2019| 02:17| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 533,959| 17-Oct-2019| 02:34| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 540,456| 17-Oct-2019| 02:34| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 801,214| 17-Oct-2019| 02:34| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 503,010| 17-Oct-2019| 02:34| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 520,341| 17-Oct-2019| 02:25| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 419,549| 17-Oct-2019| 02:28| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 436,158| 17-Oct-2019| 02:39| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 436,158| 17-Oct-2019| 02:38| Not applicable| None| Not applicable \nInetres.admx| Not applicable| 1,676,557| 10-Oct-2019| 23:41| Not applicable| None| Not applicable \nInetcomm.dll| 6.3.9600.19538| 880,640| 15-Oct-2019| 02:32| x86| None| Not applicable \nInetres.dll| 6.3.9600.16384| 84,480| 22-Aug-2013| 04:14| x86| None| Not applicable \nJscript9.dll| 11.0.9600.19538| 4,112,384| 15-Oct-2019| 02:30| x86| None| Not applicable \nJscript9diag.dll| 11.0.9600.19101| 620,032| 19-Jul-2018| 03:54| x86| None| Not applicable \nJscript.dll| 5.8.9600.19539| 663,552| 17-Oct-2019| 00:50| x86| None| Not applicable \nVbscript.dll| 5.8.9600.19539| 496,640| 17-Oct-2019| 00:51| x86| None| Not applicable \n \n## Internet Explorer 11 on all supported x64-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform**| **SP requirement**| **Service branch** \n---|---|---|---|---|---|---|--- \nActxprxy.dll| 6.3.9600.19301| 2,882,048| 26-Feb-2019| 06:25| x64| None| Not applicable \nHlink.dll| 6.3.9600.19101| 108,544| 19-Jul-2018| 04:22| x64| None| Not applicable \nPngfilt.dll| 11.0.9600.17416| 64,512| 31-Oct-2014| 05:09| x64| None| Not applicable \nUrlmon.dll| 11.0.9600.19538| 1,566,720| 15-Oct-2019| 02:22| x64| None| Not applicable \nIexplore.exe| 11.0.9600.19036| 817,296| 25-May-2018| 06:30| x64| None| Not applicable \nWininetplugin.dll| 6.3.9600.17416| 43,008| 31-Oct-2014| 04:51| x64| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 46,592| 12-Nov-2016| 21:35| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:34| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:34| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:34| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 56,320| 12-Nov-2016| 21:34| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 57,856| 13-Nov-2016| 00:01| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,664| 12-Nov-2016| 23:59| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,664| 12-Nov-2016| 20:20| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 13-Nov-2016| 00:00| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 47,616| 12-Nov-2016| 23:59| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,152| 12-Nov-2016| 23:58| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 55,296| 12-Nov-2016| 21:34| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 45,056| 13-Nov-2016| 00:02| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,712| 12-Nov-2016| 23:57| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,712| 12-Nov-2016| 23:57| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,248| 12-Nov-2016| 21:38| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 39,424| 12-Nov-2016| 21:39| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 35,840| 12-Nov-2016| 21:38| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 21:38| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:38| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 21:39| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:38| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,760| 12-Nov-2016| 21:39| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 12-Nov-2016| 21:38| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 12-Nov-2016| 21:39| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:38| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:38| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,248| 12-Nov-2016| 21:37| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:37| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,712| 17-Oct-2019| 02:45| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 21:37| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 21:27| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 21:27| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 21:27| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 21:27| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 21:34| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 21:34| Not applicable| None| Not applicable \nHtml.iec| 2019.0.0.19301| 417,280| 26-Feb-2019| 07:31| Not applicable| None| Not applicable \nInetcpl.cpl| 11.0.9600.19538| 2,132,992| 15-Oct-2019| 02:45| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 307,200| 10-Jul-2019| 05:16| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 293,888| 10-Jul-2019| 05:16| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 290,304| 10-Jul-2019| 05:16| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 289,280| 10-Jul-2019| 05:17| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 299,008| 10-Jul-2019| 05:18| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 303,104| 10-Jul-2019| 05:15| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 282,112| 10-Jul-2019| 05:15| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 282,112| 10-Jul-2019| 04:33| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 296,960| 10-Jul-2019| 05:15| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 283,648| 10-Jul-2019| 05:15| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 291,840| 10-Jul-2019| 05:16| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 299,520| 10-Jul-2019| 05:18| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 275,968| 10-Jul-2019| 05:15| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 290,816| 10-Jul-2019| 05:12| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 293,376| 10-Jul-2019| 05:12| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 296,960| 10-Jul-2019| 07:26| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 258,048| 10-Jul-2019| 07:26| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 256,512| 10-Jul-2019| 07:25| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 289,280| 10-Jul-2019| 07:25| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 288,256| 10-Jul-2019| 07:25| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 285,184| 10-Jul-2019| 07:25| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 295,424| 10-Jul-2019| 07:26| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 297,472| 10-Jul-2019| 07:25| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 292,864| 10-Jul-2019| 05:12| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 295,424| 10-Jul-2019| 05:13| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 294,400| 10-Jul-2019| 05:12| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 294,400| 10-Jul-2019| 05:12| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 292,864| 10-Jul-2019| 05:12| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 290,816| 10-Jul-2019| 05:12| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 290,816| 17-Oct-2019| 02:44| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 286,208| 10-Jul-2019| 05:13| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 281,600| 10-Jul-2019| 05:06| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 286,720| 10-Jul-2019| 05:04| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 292,352| 10-Jul-2019| 05:04| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 242,176| 10-Jul-2019| 05:04| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 243,200| 10-Jul-2019| 05:16| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 243,200| 10-Jul-2019| 05:17| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 73,728| 16-Aug-2014| 11:58| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 67,584| 16-Aug-2014| 11:59| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 67,584| 16-Aug-2014| 11:58| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 74,240| 16-Aug-2014| 12:00| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 78,848| 16-Aug-2014| 11:58| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 61,440| 16-Aug-2014| 11:59| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 61,440| 16-Aug-2014| 03:19| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 74,752| 16-Aug-2014| 12:00| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 62,464| 16-Aug-2014| 11:58| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,096| 16-Aug-2014| 12:04| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 75,264| 16-Aug-2014| 12:02| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,608| 16-Aug-2014| 12:01| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,680| 16-Aug-2014| 12:03| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 73,216| 16-Aug-2014| 12:03| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 41,472| 16-Aug-2014| 12:03| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 37,888| 16-Aug-2014| 12:03| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,608| 16-Aug-2014| 12:02| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 67,584| 16-Aug-2014| 12:01| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 65,536| 16-Aug-2014| 12:02| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 74,240| 16-Aug-2014| 12:03| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 70,656| 16-Aug-2014| 12:02| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,168| 16-Aug-2014| 12:02| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,680| 16-Aug-2014| 12:03| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,168| 16-Aug-2014| 12:02| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 69,632| 16-Aug-2014| 12:03| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,096| 16-Aug-2014| 12:03| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,608| 16-Aug-2014| 12:03| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 68,096| 17-Oct-2019| 02:46| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 65,536| 16-Aug-2014| 12:03| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 59,904| 16-Aug-2014| 12:03| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 65,536| 16-Aug-2014| 12:04| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 69,120| 16-Aug-2014| 12:03| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 29,696| 16-Aug-2014| 12:03| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 30,720| 16-Aug-2014| 11:58| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 30,720| 16-Aug-2014| 11:59| Not applicable| None| Not applicable \nJavascriptcollectionagent.dll| 11.0.9600.17416| 77,824| 31-Oct-2014| 04:30| x64| None| Not applicable \nDiagnosticshub.scriptedsandboxplugin.dll| 11.0.9600.18895| 276,480| 02-Jan-2018| 05:02| x64| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 46,080| 11-Jun-2016| 20:20| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 20:20| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 20:20| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 20:20| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 51,712| 11-Jun-2016| 20:20| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 54,272| 11-Jun-2016| 20:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 20:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 19:08| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 20:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 20:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 20:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,688| 11-Jun-2016| 20:20| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 45,056| 11-Jun-2016| 20:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 20:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 20:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 20:19| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 39,936| 11-Jun-2016| 20:19| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 39,424| 11-Jun-2016| 20:19| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 20:19| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 20:19| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 20:20| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 51,200| 11-Jun-2016| 20:19| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,688| 11-Jun-2016| 20:19| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 20:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 20:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 20:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 20:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 20:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 20:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,664| 17-Oct-2019| 02:44| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 20:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 20:14| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 20:15| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 20:15| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 20:15| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 20:20| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 20:20| Not applicable| None| Not applicable \nJsproxy.dll| 11.0.9600.17416| 54,784| 31-Oct-2014| 04:57| x64| None| Not applicable \nWininet.dll| 11.0.9600.19538| 4,859,392| 15-Oct-2019| 02:33| x64| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 114,176| 08-Sep-2017| 00:18| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,560| 08-Sep-2017| 00:16| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 124,928| 08-Sep-2017| 00:17| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 122,880| 08-Sep-2017| 00:17| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,048| 08-Sep-2017| 00:17| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 138,240| 08-Sep-2017| 00:39| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 114,688| 08-Sep-2017| 00:38| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18666| 114,688| 16-Apr-2017| 09:49| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 131,584| 08-Sep-2017| 00:38| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 117,760| 08-Sep-2017| 00:39| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 122,368| 08-Sep-2017| 00:40| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 134,144| 08-Sep-2017| 00:17| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 107,008| 08-Sep-2017| 00:40| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18838| 123,392| 14-Oct-2017| 09:53| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 127,488| 08-Sep-2017| 00:36| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 128,512| 08-Sep-2017| 00:21| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 88,064| 08-Sep-2017| 00:19| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18838| 82,944| 14-Oct-2017| 09:53| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,440| 08-Sep-2017| 00:18| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,392| 08-Sep-2017| 00:18| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 120,320| 08-Sep-2017| 00:21| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,560| 08-Sep-2017| 00:18| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 08-Sep-2017| 00:19| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,952| 07-Sep-2017| 23:17| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 07-Sep-2017| 23:17| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 128,000| 07-Sep-2017| 23:16| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 23:17| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 07-Sep-2017| 23:18| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 23:16| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 124,416| 17-Oct-2019| 02:44| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 121,856| 07-Sep-2017| 23:18| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 115,712| 07-Sep-2017| 23:13| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 23:14| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,440| 07-Sep-2017| 23:13| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 74,752| 07-Sep-2017| 23:13| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 75,776| 08-Sep-2017| 00:16| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 75,776| 08-Sep-2017| 00:17| Not applicable| None| Not applicable \nIeui.dll| 11.0.9600.19463| 615,936| 27-Aug-2019| 03:17| x64| None| Not applicable \nIedkcs32.dll| 18.0.9600.19538| 381,952| 15-Oct-2019| 02:48| x64| None| Not applicable \nInstall.ins| Not applicable| 464| 15-Oct-2019| 00:39| Not applicable| None| Not applicable \nIeapfltr.dat| 10.0.9301.0| 616,104| 24-Sep-2013| 02:22| Not applicable| None| Not applicable \nIeapfltr.dll| 11.0.9600.19538| 800,768| 15-Oct-2019| 02:12| x64| None| Not applicable \nIepeers.dll| 11.0.9600.19507| 145,408| 06-Oct-2019| 03:17| x64| None| Not applicable \nLicmgr10.dll| 11.0.9600.17416| 33,280| 31-Oct-2014| 04:40| x64| None| Not applicable \nTdc.ocx| 11.0.9600.18666| 87,552| 16-Apr-2017| 08:10| x64| None| Not applicable \nDiagnosticshub.datawarehouse.dll| 11.0.9600.18895| 666,624| 02-Jan-2018| 05:32| x64| None| Not applicable \nIedvtool.dll| 11.0.9600.19538| 950,784| 15-Oct-2019| 05:13| x64| None| Not applicable \nDiagnosticshub_is.dll| 11.0.9600.17416| 49,664| 31-Oct-2014| 05:13| x64| None| Not applicable \nDxtmsft.dll| 11.0.9600.18895| 489,984| 02-Jan-2018| 05:06| x64| None| Not applicable \nDxtrans.dll| 11.0.9600.19507| 315,392| 06-Oct-2019| 03:17| x64| None| Not applicable \nEscmigplugin.dll| 11.0.9600.19326| 123,904| 26-Mar-2019| 05:38| x64| None| Not applicable \nEscunattend.exe| 11.0.9600.19326| 87,040| 26-Mar-2019| 05:54| x64| None| Not applicable \nMicrosoft-windows-ie-f12-provider.ptxml| Not applicable| 11,892| 15-Aug-2014| 22:51| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:59| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:59| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:59| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:59| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:00| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:59| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 03:19| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:59| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:58| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:04| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:02| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:01| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:02| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:02| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 12:02| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 12:03| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:01| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:01| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:03| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:02| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:02| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:02| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:04| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:01| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:04| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:03| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:03| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 17-Oct-2019| 02:44| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:03| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:03| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:03| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:03| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 12:03| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 11:58| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 11:58| Not applicable| None| Not applicable \nDiagnosticstap.dll| 11.0.9600.18895| 244,224| 02-Jan-2018| 05:04| x64| None| Not applicable \nF12resources.dll| 11.0.9600.17496| 10,949,120| 22-Nov-2014| 03:00| x64| None| Not applicable \nF12tools.dll| 11.0.9600.19507| 372,224| 06-Oct-2019| 03:26| x64| None| Not applicable \nF12.dll| 11.0.9600.19507| 1,421,312| 06-Oct-2019| 03:14| x64| None| Not applicable \nMsfeeds.dll| 11.0.9600.19538| 809,472| 15-Oct-2019| 02:47| x64| None| Not applicable \nMsfeeds.mof| Not applicable| 1,518| 06-Feb-2014| 05:54| Not applicable| None| Not applicable \nMsfeedsbs.dll| 11.0.9600.17416| 60,416| 31-Oct-2014| 04:24| x64| None| Not applicable \nMsfeedsbs.mof| Not applicable| 1,574| 22-Aug-2013| 06:54| Not applicable| None| Not applicable \nMsfeedssync.exe| 11.0.9600.17416| 12,800| 31-Oct-2014| 05:08| x64| None| Not applicable \nMshta.exe| 11.0.9600.17416| 13,824| 31-Oct-2014| 05:12| x64| None| Not applicable \nMshtmled.dll| 11.0.9600.19507| 92,160| 06-Oct-2019| 03:19| x64| None| Not applicable \nMicrosoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 06-Feb-2014| 05:41| Not applicable| None| Not applicable \nMshtml.dll| 11.0.9600.19538| 25,753,088| 15-Oct-2019| 05:13| x64| None| Not applicable \nMshtml.tlb| 11.0.9600.16518| 2,724,864| 06-Feb-2014| 11:30| Not applicable| None| Not applicable \nIeadvpack.dll| 11.0.9600.17416| 132,096| 31-Oct-2014| 04:54| x64| None| Not applicable \nIeetwcollector.exe| 11.0.9600.18895| 116,224| 02-Jan-2018| 05:17| x64| None| Not applicable \nIeetwcollectorres.dll| 11.0.9600.16518| 4,096| 06-Feb-2014| 11:30| x64| None| Not applicable \nIeetwproxystub.dll| 11.0.9600.18895| 48,640| 02-Jan-2018| 05:28| x64| None| Not applicable \nIelowutil.exe| 11.0.9600.17416| 222,720| 31-Oct-2014| 04:55| x64| None| Not applicable \nIeproxy.dll| 11.0.9600.19538| 805,376| 15-Oct-2019| 02:08| x64| None| Not applicable \nIeshims.dll| 11.0.9600.19404| 386,560| 10-Jul-2019| 02:24| x64| None| Not applicable \nIexpress.exe| 11.0.9600.17416| 167,424| 31-Oct-2014| 05:10| x64| None| Not applicable \nWextract.exe| 11.0.9600.17416| 143,872| 31-Oct-2014| 05:12| x64| None| Not applicable \nImgutil.dll| 11.0.9600.17416| 51,200| 31-Oct-2014| 03:42| x64| None| Not applicable \nBing.ico| Not applicable| 5,430| 24-Sep-2013| 02:51| Not applicable| None| Not applicable \nIeunatt.exe| 11.0.9600.17416| 144,384| 31-Oct-2014| 04:51| x64| None| Not applicable \nMicrosoft-windows-ie-internetexplorer-ppdlic.xrm-ms| Not applicable| 2,956| 17-Oct-2019| 01:51| Not applicable| None| Not applicable \nWindows feed discovered.wav| Not applicable| 19,884| 24-Sep-2013| 03:25| Not applicable| None| Not applicable \nWindows information bar.wav| Not applicable| 23,308| 24-Sep-2013| 03:25| Not applicable| None| Not applicable \nWindows navigation start.wav| Not applicable| 11,340| 24-Sep-2013| 03:25| Not applicable| None| Not applicable \nWindows pop-up blocked.wav| Not applicable| 85,548| 24-Sep-2013| 03:25| Not applicable| None| Not applicable \nJsdbgui.dll| 11.0.9600.19404| 591,360| 10-Jul-2019| 03:12| x64| None| Not applicable \nJsprofilerui.dll| 11.0.9600.18895| 628,736| 02-Jan-2018| 04:56| x64| SPR| AMD64_MICROSOFT-WINDOWS-IE-JSP \nMemoryanalyzer.dll| 11.0.9600.19178| 1,862,144| 12-Oct-2018| 01:58| x64| None| Not applicable \nMshtmldac.dll| 11.0.9600.19507| 88,064| 06-Oct-2019| 03:46| x64| None| Not applicable \nNetworkinspection.dll| 11.0.9600.19507| 1,217,024| 06-Oct-2019| 03:15| x64| SPE| AMD64_MICROSOFT-WINDOWS-IE-NETWORKINSP \nDesktop.ini| Not applicable| 65| 18-Jun-2013| 14:43| Not applicable| None| Not applicable \nOccache.dll| 11.0.9600.17416| 152,064| 31-Oct-2014| 04:19| x64| None| Not applicable \nDesktop.ini| Not applicable| 65| 18-Jun-2013| 14:44| Not applicable| None| Not applicable \nWebcheck.dll| 11.0.9600.19538| 262,144| 15-Oct-2019| 02:50| x64| None| Not applicable \nMsdbg2.dll| 12.0.41202.0| 403,592| 30-Sep-2014| 23:01| x64| None| Not applicable \nPdm.dll| 12.0.41202.0| 579,192| 30-Sep-2014| 23:01| x64| None| Not applicable \nPdmproxy100.dll| 12.0.41202.0| 107,152| 30-Sep-2014| 23:01| x64| None| Not applicable \nIcrav03.rat| Not applicable| 8,798| 24-Sep-2013| 02:32| Not applicable| None| Not applicable \nMsrating.dll| 11.0.9600.18895| 199,680| 02-Jan-2018| 04:56| x64| None| Not applicable \nTicrf.rat| Not applicable| 1,988| 24-Sep-2013| 02:32| Not applicable| None| Not applicable \nIertutil.dll| 11.0.9600.19538| 2,910,720| 15-Oct-2019| 03:37| x64| None| Not applicable \nIe4uinit.exe| 11.0.9600.19538| 728,064| 15-Oct-2019| 02:47| x64| None| Not applicable \nIernonce.dll| 11.0.9600.17416| 34,304| 31-Oct-2014| 04:56| x64| None| Not applicable \nIesetup.dll| 11.0.9600.17416| 66,560| 31-Oct-2014| 05:06| x64| None| Not applicable \nInseng.dll| 11.0.9600.19101| 107,520| 19-Jul-2018| 04:03| x64| None| Not applicable \nIesysprep.dll| 11.0.9600.17416| 111,616| 31-Oct-2014| 04:29| x64| SPR| AMD64_MICROSOFT-WINDOWS-IE-SYSP \nTimeline.dll| 11.0.9600.17905| 219,136| 15-Jun-2015| 22:01| x64| None| Not applicable \nTimeline.cpu.xml| Not applicable| 3,197| 24-Jul-2014| 18:58| Not applicable| None| Not applicable \nTimeline_is.dll| 11.0.9600.17416| 171,008| 31-Oct-2014| 04:56| x64| None| Not applicable \nVgx.dll| 11.0.9600.19507| 1,018,368| 06-Oct-2019| 03:19| x64| None| Not applicable \nUrl.dll| 11.0.9600.17416| 237,568| 31-Oct-2014| 05:06| x64| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,066,432| 17-Oct-2019| 03:28| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,120,704| 17-Oct-2019| 03:28| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,075,136| 17-Oct-2019| 03:28| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,063,360| 17-Oct-2019| 03:28| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,313,728| 17-Oct-2019| 03:27| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,390,016| 17-Oct-2019| 02:34| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,033,664| 17-Oct-2019| 02:34| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,032,640| 17-Oct-2019| 01:19| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,307,584| 17-Oct-2019| 02:34| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,255,360| 17-Oct-2019| 02:33| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,061,312| 17-Oct-2019| 02:34| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,325,504| 17-Oct-2019| 03:27| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,019,840| 17-Oct-2019| 02:34| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,070,528| 17-Oct-2019| 02:33| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,082,304| 17-Oct-2019| 02:33| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,307,072| 17-Oct-2019| 02:57| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,170,368| 17-Oct-2019| 02:57| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,153,984| 17-Oct-2019| 02:57| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,291,712| 17-Oct-2019| 02:56| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,283,520| 17-Oct-2019| 02:55| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,051,584| 17-Oct-2019| 02:57| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,301,440| 17-Oct-2019| 02:57| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,093,056| 17-Oct-2019| 02:56| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,075,136| 17-Oct-2019| 02:50| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,298,880| 17-Oct-2019| 02:50| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,094,080| 17-Oct-2019| 02:51| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,316,800| 17-Oct-2019| 02:48| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,305,024| 17-Oct-2019| 02:51| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,278,912| 17-Oct-2019| 02:46| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,286,080| 17-Oct-2019| 02:50| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,059,776| 17-Oct-2019| 02:48| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,315,264| 17-Oct-2019| 02:36| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,278,912| 17-Oct-2019| 02:36| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,324,480| 17-Oct-2019| 02:35| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,098,176| 17-Oct-2019| 02:36| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 1,890,304| 17-Oct-2019| 03:27| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 1,890,304| 17-Oct-2019| 03:26| Not applicable| None| Not applicable \nIeframe.dll| 11.0.9600.19538| 15,444,992| 15-Oct-2019| 02:43| x64| None| Not applicable \nIeframe.ptxml| Not applicable| 24,486| 06-Feb-2014| 05:41| Not applicable| None| Not applicable \nIeinstal.exe| 11.0.9600.18639| 492,032| 25-Mar-2017| 17:20| x64| None| Not applicable \nInetres.adml| Not applicable| 525,209| 17-Oct-2019| 03:27| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 498,579| 17-Oct-2019| 03:27| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 551,012| 17-Oct-2019| 03:27| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 940,224| 17-Oct-2019| 02:32| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 17-Oct-2019| 01:18| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 542,775| 17-Oct-2019| 02:33| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 525,239| 17-Oct-2019| 02:33| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 574,462| 17-Oct-2019| 03:27| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 569,208| 17-Oct-2019| 02:33| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 547,056| 17-Oct-2019| 02:55| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 637,129| 17-Oct-2019| 02:56| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 524,358| 17-Oct-2019| 02:57| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 487,582| 17-Oct-2019| 02:56| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 547,481| 17-Oct-2019| 02:54| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 557,669| 17-Oct-2019| 02:56| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 533,959| 17-Oct-2019| 02:47| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 540,456| 17-Oct-2019| 02:46| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 801,214| 17-Oct-2019| 02:45| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 503,010| 17-Oct-2019| 02:46| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 520,341| 17-Oct-2019| 02:35| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 419,549| 17-Oct-2019| 02:35| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 436,158| 17-Oct-2019| 03:26| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 436,158| 17-Oct-2019| 03:26| Not applicable| None| Not applicable \nInetres.admx| Not applicable| 1,676,557| 10-Oct-2019| 23:42| Not applicable| None| Not applicable \nInetcomm.dll| 6.3.9600.19538| 1,033,216| 15-Oct-2019| 02:56| x64| None| Not applicable \nInetres.dll| 6.3.9600.16384| 84,480| 22-Aug-2013| 11:43| x64| None| Not applicable \nJscript9.dll| 11.0.9600.19538| 5,500,928| 15-Oct-2019| 03:25| x64| None| Not applicable \nJscript9diag.dll| 11.0.9600.19101| 814,080| 19-Jul-2018| 04:21| x64| None| Not applicable \nJscript.dll| 5.8.9600.19539| 797,696| 17-Oct-2019| 00:50| x64| None| Not applicable \nVbscript.dll| 5.8.9600.19539| 580,096| 17-Oct-2019| 00:51| x64| None| Not applicable \nIexplore.exe| 11.0.9600.19036| 817,296| 25-May-2018| 05:24| x86| None| Not applicable \nHtml.iec| 2019.0.0.18895| 341,504| 02-Jan-2018| 04:51| Not applicable| None| Not applicable \nIeui.dll| 11.0.9600.18895| 476,160| 02-Jan-2018| 04:44| x86| None| Not applicable \nIepeers.dll| 11.0.9600.19507| 128,000| 06-Oct-2019| 02:56| x86| None| Not applicable \nTdc.ocx| 11.0.9600.18666| 73,216| 16-Apr-2017| 07:29| x86| None| Not applicable \nDxtmsft.dll| 11.0.9600.18895| 416,256| 02-Jan-2018| 04:34| x86| None| Not applicable \nDxtrans.dll| 11.0.9600.19507| 279,040| 06-Oct-2019| 02:56| x86| None| Not applicable \nMsfeeds.dll| 11.0.9600.19538| 696,320| 15-Oct-2019| 02:27| x86| None| Not applicable \nMsfeeds.mof| Not applicable| 1,518| 06-Feb-2014| 05:53| Not applicable| None| Not applicable \nMshta.exe| 11.0.9600.17416| 12,800| 31-Oct-2014| 03:28| x86| None| Not applicable \nMshtmled.dll| 11.0.9600.19404| 76,288| 10-Jul-2019| 02:48| x86| None| Not applicable \nMshtml.dll| 11.0.9600.19538| 20,290,048| 15-Oct-2019| 03:20| x86| None| Not applicable \nMshtml.tlb| 11.0.9600.16518| 2,724,864| 06-Feb-2014| 10:20| Not applicable| None| Not applicable \nWow64_microsoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 06-Feb-2014| 05:43| Not applicable| None| Not applicable \nIeetwproxystub.dll| 11.0.9600.17416| 47,616| 31-Oct-2014| 03:23| x86| None| Not applicable \nIeunatt.exe| 11.0.9600.17416| 115,712| 31-Oct-2014| 03:12| x86| None| Not applicable \nOccache.dll| 11.0.9600.17416| 130,048| 31-Oct-2014| 02:48| x86| None| Not applicable \nWebcheck.dll| 11.0.9600.19538| 230,400| 15-Oct-2019| 02:28| x86| None| Not applicable \nIernonce.dll| 11.0.9600.17416| 30,720| 31-Oct-2014| 03:15| x86| None| Not applicable \nIesetup.dll| 11.0.9600.17416| 62,464| 31-Oct-2014| 03:24| x86| None| Not applicable \nIesysprep.dll| 11.0.9600.17416| 90,624| 31-Oct-2014| 02:56| x86| SPR| WOW64_MICROSOFT-WINDOWS-IE-SYSP \nIe9props.propdesc| Not applicable| 2,843| 24-Sep-2013| 02:34| Not applicable| None| Not applicable \nIeframe.dll| 11.0.9600.19538| 13,838,336| 15-Oct-2019| 02:22| x86| None| Not applicable \nWow64_ieframe.ptxml| Not applicable| 24,486| 06-Feb-2014| 05:43| Not applicable| None| Not applicable \nJscript9.dll| 11.0.9600.19538| 4,112,384| 15-Oct-2019| 02:30| x86| None| Not applicable \nJscript9diag.dll| 11.0.9600.19101| 620,032| 19-Jul-2018| 03:54| x86| None| Not applicable \nJscript.dll| 5.8.9600.19539| 663,552| 17-Oct-2019| 00:50| x86| None| Not applicable \nVbscript.dll| 5.8.9600.19539| 496,640| 17-Oct-2019| 00:51| x86| None| Not applicable \nActxprxy.dll| 6.3.9600.19301| 1,049,600| 26-Feb-2019| 06:20| x86| None| Not applicable \nHlink.dll| 6.3.9600.19101| 99,328| 19-Jul-2018| 03:55| x86| None| Not applicable \nPngfilt.dll| 11.0.9600.17416| 57,344| 31-Oct-2014| 03:26| x86| None| Not applicable \nUrlmon.dll| 11.0.9600.19538| 1,331,712| 15-Oct-2019| 02:04| x86| None| Not applicable \nWininetplugin.dll| 6.3.9600.17416| 35,328| 31-Oct-2014| 03:12| x86| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 46,592| 12-Nov-2016| 21:31| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:30| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:30| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:30| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 56,320| 12-Nov-2016| 21:30| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 57,856| 12-Nov-2016| 21:32| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,664| 12-Nov-2016| 21:32| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,664| 12-Nov-2016| 19:17| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 12-Nov-2016| 21:32| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 47,616| 12-Nov-2016| 21:32| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,152| 12-Nov-2016| 21:32| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 55,296| 12-Nov-2016| 21:30| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 45,056| 12-Nov-2016| 21:32| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,712| 12-Nov-2016| 21:32| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,712| 12-Nov-2016| 21:32| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,248| 12-Nov-2016| 21:32| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 39,424| 12-Nov-2016| 21:32| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 35,840| 12-Nov-2016| 21:32| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 21:31| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:31| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 21:31| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:31| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,760| 12-Nov-2016| 21:31| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 12-Nov-2016| 20:30| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 12-Nov-2016| 20:29| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 20:30| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 20:29| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,248| 12-Nov-2016| 20:30| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 20:30| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,712| 17-Oct-2019| 02:31| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 20:30| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 20:27| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 20:28| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 20:28| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 20:28| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 21:30| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 21:30| Not applicable| None| Not applicable \nInetcpl.cpl| 11.0.9600.19538| 2,058,752| 15-Oct-2019| 02:27| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 307,200| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 293,888| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 290,304| 10-Jul-2019| 04:52| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 289,280| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 299,008| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 303,104| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 282,112| 10-Jul-2019| 04:49| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 282,112| 10-Jul-2019| 03:58| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 296,960| 10-Jul-2019| 04:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 283,648| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 291,840| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 299,520| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 275,968| 10-Jul-2019| 04:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 290,816| 10-Jul-2019| 04:49| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 293,376| 10-Jul-2019| 04:49| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 296,960| 10-Jul-2019| 04:53| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 258,048| 10-Jul-2019| 04:53| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 256,512| 10-Jul-2019| 04:52| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 289,280| 10-Jul-2019| 04:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 288,256| 10-Jul-2019| 04:53| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 285,184| 10-Jul-2019| 04:53| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 295,424| 10-Jul-2019| 04:53| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 297,472| 10-Jul-2019| 04:52| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 292,864| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 295,424| 10-Jul-2019| 04:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 294,400| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 294,400| 10-Jul-2019| 04:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 292,864| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 290,816| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 290,816| 17-Oct-2019| 02:34| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 286,208| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 281,600| 10-Jul-2019| 04:43| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 286,720| 10-Jul-2019| 04:43| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 292,352| 10-Jul-2019| 04:42| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 242,176| 10-Jul-2019| 04:43| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 243,200| 10-Jul-2019| 04:53| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 243,200| 10-Jul-2019| 04:50| Not applicable| None| Not applicable \nJavascriptcollectionagent.dll| 11.0.9600.17416| 60,416| 31-Oct-2014| 02:57| x86| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 46,080| 11-Jun-2016| 20:26| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 20:24| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 20:23| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 20:24| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 51,712| 11-Jun-2016| 20:23| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 54,272| 11-Jun-2016| 19:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 19:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 18:10| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 19:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 19:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,688| 11-Jun-2016| 20:24| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 45,056| 11-Jun-2016| 19:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:12| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:13| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 19:07| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 39,936| 11-Jun-2016| 19:07| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 39,424| 11-Jun-2016| 19:07| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 19:07| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 19:07| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 19:07| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 51,200| 11-Jun-2016| 19:07| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,688| 11-Jun-2016| 19:07| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:03| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 19:04| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:02| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 19:03| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 19:03| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 19:03| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,664| 17-Oct-2019| 02:31| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 19:03| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 19:04| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:04| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 19:05| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 19:04| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 20:23| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 20:23| Not applicable| None| Not applicable \nJsproxy.dll| 11.0.9600.17416| 47,104| 31-Oct-2014| 03:16| x86| None| Not applicable \nWininet.dll| 11.0.9600.19538| 4,387,840| 15-Oct-2019| 02:08| x86| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 114,176| 07-Sep-2017| 21:12| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,560| 07-Sep-2017| 21:09| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 124,928| 07-Sep-2017| 21:10| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 122,880| 07-Sep-2017| 21:12| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,048| 07-Sep-2017| 21:10| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 138,240| 07-Sep-2017| 21:12| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 114,688| 07-Sep-2017| 21:12| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18666| 114,688| 16-Apr-2017| 08:51| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 131,584| 07-Sep-2017| 21:12| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 117,760| 07-Sep-2017| 21:10| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 122,368| 07-Sep-2017| 21:12| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 134,144| 07-Sep-2017| 21:12| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 107,008| 07-Sep-2017| 21:13| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18838| 123,392| 14-Oct-2017| 08:46| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 127,488| 07-Sep-2017| 21:11| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 128,512| 07-Sep-2017| 21:11| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 88,064| 07-Sep-2017| 21:07| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18838| 82,944| 14-Oct-2017| 08:47| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,440| 07-Sep-2017| 21:07| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,392| 07-Sep-2017| 21:07| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 120,320| 07-Sep-2017| 21:10| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,560| 07-Sep-2017| 21:07| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 07-Sep-2017| 21:07| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,952| 07-Sep-2017| 22:26| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 07-Sep-2017| 22:26| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 128,000| 07-Sep-2017| 22:25| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 22:26| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 07-Sep-2017| 22:26| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 22:25| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 124,416| 17-Oct-2019| 02:31| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 121,856| 07-Sep-2017| 20:56| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 115,712| 07-Sep-2017| 21:03| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 21:04| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,440| 07-Sep-2017| 21:04| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 74,752| 07-Sep-2017| 21:04| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 75,776| 07-Sep-2017| 21:09| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 75,776| 07-Sep-2017| 21:10| Not applicable| None| Not applicable \nIedkcs32.dll| 18.0.9600.19538| 333,312| 15-Oct-2019| 02:27| x86| None| Not applicable \nInstall.ins| Not applicable| 464| 15-Oct-2019| 00:39| Not applicable| None| Not applicable \nIeapfltr.dat| 10.0.9301.0| 616,104| 24-Sep-2013| 02:20| Not applicable| None| Not applicable \nIeapfltr.dll| 11.0.9600.19538| 710,144| 15-Oct-2019| 02:03| x86| None| Not applicable \nLicmgr10.dll| 11.0.9600.17416| 27,136| 31-Oct-2014| 03:03| x86| None| Not applicable \nIedvtool.dll| 11.0.9600.19538| 772,608| 15-Oct-2019| 03:21| x86| None| Not applicable \nDiagnosticstap.dll| 11.0.9600.17905| 174,592| 15-Jun-2015| 20:52| x86| None| Not applicable \nF12tools.dll| 11.0.9600.17905| 255,488| 15-Jun-2015| 20:51| x86| None| Not applicable \nMsfeedsbs.dll| 11.0.9600.17416| 52,736| 31-Oct-2014| 02:53| x86| None| Not applicable \nMsfeedsbs.mof| Not applicable| 1,574| 21-Aug-2013| 23:49| Not applicable| None| Not applicable \nMsfeedssync.exe| 11.0.9600.17416| 11,264| 31-Oct-2014| 03:25| x86| None| Not applicable \nIeadvpack.dll| 11.0.9600.17416| 112,128| 31-Oct-2014| 03:14| x86| None| Not applicable \nIelowutil.exe| 11.0.9600.19404| 221,184| 10-Jul-2019| 03:06| x86| None| Not applicable \nIeproxy.dll| 11.0.9600.19538| 301,056| 15-Oct-2019| 02:00| x86| None| Not applicable \nIeshims.dll| 11.0.9600.19507| 290,304| 06-Oct-2019| 02:32| x86| None| Not applicable \nIexpress.exe| 11.0.9600.17416| 152,064| 31-Oct-2014| 03:27| x86| None| Not applicable \nWextract.exe| 11.0.9600.17416| 137,728| 31-Oct-2014| 03:28| x86| None| Not applicable \nImgutil.dll| 11.0.9600.17416| 40,448| 31-Oct-2014| 02:24| x86| None| Not applicable \nExtexport.exe| 11.0.9600.17416| 25,600| 31-Oct-2014| 03:20| x86| None| Not applicable \nJsdbgui.dll| 11.0.9600.18895| 459,776| 02-Jan-2018| 04:27| x86| None| Not applicable \nJsprofilerui.dll| 11.0.9600.18895| 579,584| 02-Jan-2018| 04:27| x86| SPR| X86_MICROSOFT-WINDOWS-IE-JSP \nMshtmldac.dll| 11.0.9600.19507| 64,000| 06-Oct-2019| 03:16| x86| None| Not applicable \nNetworkinspection.dll| 11.0.9600.19404| 1,075,200| 10-Jul-2019| 02:45| x86| SPE| X86_MICROSOFT-WINDOWS-IE-NETWORKINSP \nMsdbg2.dll| 12.0.41202.0| 315,008| 30-Sep-2014| 23:00| x86| None| Not applicable \nPdm.dll| 12.0.41202.0| 442,992| 30-Sep-2014| 23:00| x86| None| Not applicable \nPdmproxy100.dll| 12.0.41202.0| 99,984| 30-Sep-2014| 23:00| x86| None| Not applicable \nIcrav03.rat| Not applicable| 8,798| 24-Sep-2013| 02:25| Not applicable| None| Not applicable \nMsrating.dll| 11.0.9600.19507| 168,960| 06-Oct-2019| 02:57| x86| None| Not applicable \nTicrf.rat| Not applicable| 1,988| 24-Sep-2013| 02:26| Not applicable| None| Not applicable \nIertutil.dll| 11.0.9600.19538| 2,304,000| 15-Oct-2019| 02:59| x86| None| Not applicable \nInseng.dll| 11.0.9600.17416| 91,136| 31-Oct-2014| 02:56| x86| None| Not applicable \nVgx.dll| 11.0.9600.19507| 817,664| 06-Oct-2019| 02:57| x86| None| Not applicable \nUrl.dll| 11.0.9600.17416| 235,520| 31-Oct-2014| 03:24| x86| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,066,432| 17-Oct-2019| 02:40| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,120,704| 17-Oct-2019| 02:40| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,075,136| 17-Oct-2019| 02:40| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,063,360| 17-Oct-2019| 02:40| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,313,728| 17-Oct-2019| 02:40| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,390,016| 17-Oct-2019| 02:32| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,033,664| 17-Oct-2019| 02:32| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,032,640| 17-Oct-2019| 01:48| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,307,584| 17-Oct-2019| 02:32| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,255,360| 17-Oct-2019| 02:32| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,061,312| 17-Oct-2019| 02:32| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,325,504| 17-Oct-2019| 02:40| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,019,840| 17-Oct-2019| 02:33| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,070,528| 17-Oct-2019| 02:31| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,082,304| 17-Oct-2019| 02:31| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,307,072| 17-Oct-2019| 02:18| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,170,368| 17-Oct-2019| 02:18| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,153,984| 17-Oct-2019| 02:18| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,291,712| 17-Oct-2019| 02:18| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,283,520| 17-Oct-2019| 02:18| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,051,584| 17-Oct-2019| 02:18| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,301,440| 17-Oct-2019| 02:18| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,093,056| 17-Oct-2019| 02:18| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,075,136| 17-Oct-2019| 02:36| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,298,880| 17-Oct-2019| 02:36| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,094,080| 17-Oct-2019| 02:36| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,316,800| 17-Oct-2019| 02:36| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,305,024| 17-Oct-2019| 02:36| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,278,912| 17-Oct-2019| 02:35| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,286,080| 17-Oct-2019| 02:36| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,059,776| 17-Oct-2019| 02:36| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,315,264| 17-Oct-2019| 02:26| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,278,912| 17-Oct-2019| 02:26| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,324,480| 17-Oct-2019| 02:26| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,098,176| 17-Oct-2019| 02:26| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 1,890,304| 17-Oct-2019| 02:40| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 1,890,304| 17-Oct-2019| 02:40| Not applicable| None| Not applicable \nIeinstal.exe| 11.0.9600.18921| 475,648| 10-Feb-2018| 05:35| x86| None| Not applicable \nInetcomm.dll| 6.3.9600.19538| 880,640| 15-Oct-2019| 02:32| x86| None| Not applicable \nInetres.dll| 6.3.9600.16384| 84,480| 22-Aug-2013| 04:14| x86| None| Not applicable \n \n## Windows Server 2012\n\n## Internet Explorer 11 on all supported x86-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nUrlmon.dll| 11.0.9600.19538| 1,331,712| 15-Oct-2019| 02:04| x86 \nIexplore.exe| 11.0.9600.19538| 810,592| 20-Oct-2019| 06:46| x86 \nWininet.dll.mui| 11.0.9600.19538| 46,592| 20-Oct-2019| 06:48| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 52,736| 20-Oct-2019| 06:48| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,200| 20-Oct-2019| 06:49| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,200| 20-Oct-2019| 06:50| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 56,320| 20-Oct-2019| 06:50| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 57,856| 20-Oct-2019| 06:51| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 54,272| 20-Oct-2019| 06:52| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 47,616| 20-Oct-2019| 06:53| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 49,152| 20-Oct-2019| 06:54| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 55,296| 20-Oct-2019| 06:54| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 45,056| 20-Oct-2019| 06:55| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,712| 20-Oct-2019| 06:56| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,712| 20-Oct-2019| 06:57| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 53,248| 20-Oct-2019| 06:58| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 39,424| 20-Oct-2019| 06:58| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 35,840| 20-Oct-2019| 06:59| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 50,176| 20-Oct-2019| 07:00| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,200| 20-Oct-2019| 07:01| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 50,688| 20-Oct-2019| 07:02| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 52,736| 20-Oct-2019| 07:03| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 53,760| 20-Oct-2019| 07:04| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 54,272| 20-Oct-2019| 07:04| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 54,272| 20-Oct-2019| 07:05| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 52,736| 20-Oct-2019| 07:06| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,200| 20-Oct-2019| 07:07| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 53,248| 20-Oct-2019| 07:08| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 52,736| 20-Oct-2019| 07:08| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,712| 20-Oct-2019| 07:09| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 50,688| 20-Oct-2019| 07:10| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 50,688| 20-Oct-2019| 07:11| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 50,176| 20-Oct-2019| 07:12| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 50,176| 20-Oct-2019| 07:13| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 30,720| 20-Oct-2019| 07:13| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 30,720| 20-Oct-2019| 07:15| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 30,720| 20-Oct-2019| 07:15| Not applicable \nInetcpl.cpl| 11.0.9600.19538| 2,058,752| 15-Oct-2019| 02:27| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 307,200| 20-Oct-2019| 06:47| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 293,888| 20-Oct-2019| 06:48| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 290,304| 20-Oct-2019| 06:49| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 289,280| 20-Oct-2019| 06:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 299,008| 20-Oct-2019| 06:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 303,104| 20-Oct-2019| 06:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 282,112| 20-Oct-2019| 08:10| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 296,960| 20-Oct-2019| 06:52| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 283,648| 20-Oct-2019| 06:53| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 291,840| 20-Oct-2019| 06:54| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 299,520| 20-Oct-2019| 06:54| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 275,968| 20-Oct-2019| 06:55| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 290,816| 20-Oct-2019| 06:56| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 293,376| 20-Oct-2019| 06:57| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 296,960| 20-Oct-2019| 06:58| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 258,048| 20-Oct-2019| 06:59| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 256,512| 20-Oct-2019| 06:59| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 289,280| 20-Oct-2019| 07:00| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 288,256| 20-Oct-2019| 07:01| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 285,184| 20-Oct-2019| 07:02| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 295,424| 20-Oct-2019| 07:03| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 297,472| 20-Oct-2019| 07:04| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 292,864| 20-Oct-2019| 07:04| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 295,424| 20-Oct-2019| 07:05| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 294,400| 20-Oct-2019| 07:07| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 294,400| 20-Oct-2019| 07:07| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 292,864| 20-Oct-2019| 07:08| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 290,816| 20-Oct-2019| 07:09| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 288,768| 20-Oct-2019| 07:09| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 286,208| 20-Oct-2019| 07:10| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 281,600| 20-Oct-2019| 07:11| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 286,720| 20-Oct-2019| 07:12| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 292,352| 20-Oct-2019| 07:12| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 242,176| 20-Oct-2019| 07:14| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 243,200| 20-Oct-2019| 07:15| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 243,200| 20-Oct-2019| 07:15| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 46,080| 20-Oct-2019| 06:47| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 50,176| 20-Oct-2019| 06:48| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 48,640| 20-Oct-2019| 06:49| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,664| 20-Oct-2019| 06:50| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 51,712| 20-Oct-2019| 06:50| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 54,272| 20-Oct-2019| 06:51| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 50,176| 20-Oct-2019| 06:52| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 47,616| 20-Oct-2019| 06:53| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,152| 20-Oct-2019| 06:54| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 50,688| 20-Oct-2019| 06:54| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 45,056| 20-Oct-2019| 06:55| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,152| 20-Oct-2019| 06:56| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,152| 20-Oct-2019| 06:57| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,664| 20-Oct-2019| 06:58| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 39,936| 20-Oct-2019| 06:58| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 39,424| 20-Oct-2019| 06:59| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 47,616| 20-Oct-2019| 07:00| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 47,616| 20-Oct-2019| 07:01| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 48,640| 20-Oct-2019| 07:02| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 51,200| 20-Oct-2019| 07:03| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 50,688| 20-Oct-2019| 07:04| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,664| 20-Oct-2019| 07:04| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 50,176| 20-Oct-2019| 07:05| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,152| 20-Oct-2019| 07:06| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 48,640| 20-Oct-2019| 07:07| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 50,176| 20-Oct-2019| 07:08| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 48,640| 20-Oct-2019| 07:08| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,664| 20-Oct-2019| 07:09| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 48,640| 20-Oct-2019| 07:11| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 48,128| 20-Oct-2019| 07:11| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,152| 20-Oct-2019| 07:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 48,128| 20-Oct-2019| 07:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 35,328| 20-Oct-2019| 07:13| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 35,328| 20-Oct-2019| 07:14| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 35,328| 20-Oct-2019| 07:15| Not applicable \nJsproxy.dll| 11.0.9600.19538| 47,104| 15-Oct-2019| 02:56| x86 \nWininet.dll| 11.0.9600.19538| 4,387,840| 15-Oct-2019| 02:08| x86 \nInetcpl.cpl.mui| 11.0.9600.19538| 114,176| 20-Oct-2019| 06:47| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 130,560| 20-Oct-2019| 06:48| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 124,928| 20-Oct-2019| 06:49| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 122,880| 20-Oct-2019| 06:50| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 130,048| 20-Oct-2019| 06:50| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 138,240| 20-Oct-2019| 06:51| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 114,688| 20-Oct-2019| 08:10| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 131,584| 20-Oct-2019| 06:52| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 117,760| 20-Oct-2019| 06:53| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 122,368| 20-Oct-2019| 06:54| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 134,144| 20-Oct-2019| 06:54| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 107,008| 20-Oct-2019| 06:55| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 123,392| 20-Oct-2019| 06:56| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 127,488| 20-Oct-2019| 06:57| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 128,512| 20-Oct-2019| 06:58| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 88,576| 20-Oct-2019| 06:59| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 82,944| 20-Oct-2019| 06:59| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 125,440| 20-Oct-2019| 07:00| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 123,392| 20-Oct-2019| 07:01| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 120,320| 20-Oct-2019| 07:02| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 130,560| 20-Oct-2019| 07:03| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 129,024| 20-Oct-2019| 07:04| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 125,952| 20-Oct-2019| 07:04| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 129,024| 20-Oct-2019| 07:05| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 128,000| 20-Oct-2019| 07:06| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 123,904| 20-Oct-2019| 07:07| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 129,024| 20-Oct-2019| 07:08| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 123,904| 20-Oct-2019| 07:08| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 124,416| 20-Oct-2019| 07:09| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 121,856| 20-Oct-2019| 07:10| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 115,712| 20-Oct-2019| 07:11| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 123,904| 20-Oct-2019| 07:12| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 125,440| 20-Oct-2019| 07:12| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 72,704| 20-Oct-2019| 07:13| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 73,728| 20-Oct-2019| 07:14| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 73,728| 20-Oct-2019| 07:15| Not applicable \nMicrosoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 17-Oct-2019| 00:44| Not applicable \nMshtml.dll| 11.0.9600.19538| 20,290,048| 15-Oct-2019| 03:20| x86 \nMshtml.tlb| 11.0.9600.19538| 2,724,864| 15-Oct-2019| 03:15| Not applicable \nIeproxy.dll| 11.0.9600.19538| 301,056| 15-Oct-2019| 02:00| x86 \nIeshims.dll| 11.0.9600.19538| 290,304| 15-Oct-2019| 02:06| x86 \nIertutil.dll| 11.0.9600.19538| 2,304,000| 15-Oct-2019| 02:59| x86 \nSqmapi.dll| 6.2.9200.16384| 228,448| 20-Oct-2019| 06:46| x86 \nIeframe.dll.mui| 11.0.9600.19538| 2,065,920| 20-Oct-2019| 06:48| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,120,704| 20-Oct-2019| 06:48| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,075,136| 20-Oct-2019| 06:49| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,063,360| 20-Oct-2019| 06:50| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,313,728| 20-Oct-2019| 06:51| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,389,504| 20-Oct-2019| 06:52| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,032,640| 20-Oct-2019| 08:10| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,307,584| 20-Oct-2019| 06:52| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,255,360| 20-Oct-2019| 06:53| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,061,312| 20-Oct-2019| 06:54| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,325,504| 20-Oct-2019| 06:55| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,019,328| 20-Oct-2019| 06:56| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,070,528| 20-Oct-2019| 06:57| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,082,304| 20-Oct-2019| 06:57| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,307,072| 20-Oct-2019| 06:58| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,170,368| 20-Oct-2019| 06:59| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,152,960| 20-Oct-2019| 07:00| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,291,712| 20-Oct-2019| 07:01| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,283,520| 20-Oct-2019| 07:01| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,051,584| 20-Oct-2019| 07:02| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,301,440| 20-Oct-2019| 07:03| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,092,544| 20-Oct-2019| 07:04| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,075,136| 20-Oct-2019| 07:05| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,298,880| 20-Oct-2019| 07:06| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,094,080| 20-Oct-2019| 07:06| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,316,288| 20-Oct-2019| 07:07| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,305,024| 20-Oct-2019| 07:08| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,278,912| 20-Oct-2019| 07:09| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,286,080| 20-Oct-2019| 07:10| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,059,776| 20-Oct-2019| 07:10| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,314,240| 20-Oct-2019| 07:11| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,278,912| 20-Oct-2019| 07:12| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,323,968| 20-Oct-2019| 07:13| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,094,592| 20-Oct-2019| 07:14| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 1,886,208| 20-Oct-2019| 07:15| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 1,886,208| 20-Oct-2019| 07:16| Not applicable \nIeframe.dll| 11.0.9600.19538| 13,838,336| 15-Oct-2019| 02:22| x86 \nIeframe.ptxml| Not applicable| 24,486| 17-Oct-2019| 00:44| Not applicable \nInetres.adml| Not applicable| 456,949| 20-Oct-2019| 06:48| Not applicable \nInetres.adml| Not applicable| 456,949| 20-Oct-2019| 06:48| Not applicable \nInetres.adml| Not applicable| 524,695| 20-Oct-2019| 06:49| Not applicable \nInetres.adml| Not applicable| 498,117| 20-Oct-2019| 06:50| Not applicable \nInetres.adml| Not applicable| 550,368| 20-Oct-2019| 06:50| Not applicable \nInetres.adml| Not applicable| 936,817| 20-Oct-2019| 06:51| Not applicable \nInetres.adml| Not applicable| 456,949| 20-Oct-2019| 08:10| Not applicable \nInetres.adml| Not applicable| 542,176| 20-Oct-2019| 06:52| Not applicable \nInetres.adml| Not applicable| 456,949| 20-Oct-2019| 06:53| Not applicable \nInetres.adml| Not applicable| 524,839| 20-Oct-2019| 06:54| Not applicable \nInetres.adml| Not applicable| 573,836| 20-Oct-2019| 06:54| Not applicable \nInetres.adml| Not applicable| 456,949| 20-Oct-2019| 06:56| Not applicable \nInetres.adml| Not applicable| 456,949| 20-Oct-2019| 06:56| Not applicable \nInetres.adml| Not applicable| 568,654| 20-Oct-2019| 06:57| Not applicable \nInetres.adml| Not applicable| 546,666| 20-Oct-2019| 06:58| Not applicable \nInetres.adml| Not applicable| 635,936| 20-Oct-2019| 06:58| Not applicable \nInetres.adml| Not applicable| 523,726| 20-Oct-2019| 06:59| Not applicable \nInetres.adml| Not applicable| 456,949| 20-Oct-2019| 07:00| Not applicable \nInetres.adml| Not applicable| 456,949| 20-Oct-2019| 07:01| Not applicable \nInetres.adml| Not applicable| 487,187| 20-Oct-2019| 07:02| Not applicable \nInetres.adml| Not applicable| 546,916| 20-Oct-2019| 07:03| Not applicable \nInetres.adml| Not applicable| 556,904| 20-Oct-2019| 07:04| Not applicable \nInetres.adml| Not applicable| 533,528| 20-Oct-2019| 07:04| Not applicable \nInetres.adml| Not applicable| 540,053| 20-Oct-2019| 07:05| Not applicable \nInetres.adml| Not applicable| 456,949| 20-Oct-2019| 07:06| Not applicable \nInetres.adml| Not applicable| 798,691| 20-Oct-2019| 07:07| Not applicable \nInetres.adml| Not applicable| 456,949| 20-Oct-2019| 07:08| Not applicable \nInetres.adml| Not applicable| 456,949| 20-Oct-2019| 07:09| Not applicable \nInetres.adml| Not applicable| 456,949| 20-Oct-2019| 07:09| Not applicable \nInetres.adml| Not applicable| 502,768| 20-Oct-2019| 07:11| Not applicable \nInetres.adml| Not applicable| 456,949| 20-Oct-2019| 07:11| Not applicable \nInetres.adml| Not applicable| 520,067| 20-Oct-2019| 07:12| Not applicable \nInetres.adml| Not applicable| 456,949| 20-Oct-2019| 07:13| Not applicable \nInetres.adml| Not applicable| 419,706| 20-Oct-2019| 07:13| Not applicable \nInetres.adml| Not applicable| 436,285| 20-Oct-2019| 07:14| Not applicable \nInetres.adml| Not applicable| 436,285| 20-Oct-2019| 07:15| Not applicable \nInetres.admx| Not applicable| 1,676,557| 10-Oct-2019| 23:41| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,184| 20-Oct-2019| 06:47| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 20-Oct-2019| 06:48| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 32,768| 20-Oct-2019| 06:49| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 33,280| 20-Oct-2019| 06:50| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 35,328| 20-Oct-2019| 06:50| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 37,888| 20-Oct-2019| 06:51| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 20-Oct-2019| 08:10| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 34,304| 20-Oct-2019| 06:52| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 20-Oct-2019| 06:53| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 33,280| 20-Oct-2019| 06:54| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 34,304| 20-Oct-2019| 06:54| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 27,648| 20-Oct-2019| 06:55| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 20-Oct-2019| 06:56| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 34,304| 20-Oct-2019| 06:57| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 33,792| 20-Oct-2019| 06:58| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 23,040| 20-Oct-2019| 06:59| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 22,016| 20-Oct-2019| 06:59| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 20-Oct-2019| 07:00| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 20-Oct-2019| 07:01| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 31,232| 20-Oct-2019| 07:02| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 34,304| 20-Oct-2019| 07:03| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 35,840| 20-Oct-2019| 07:04| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 32,768| 20-Oct-2019| 07:04| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 33,280| 20-Oct-2019| 07:05| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 20-Oct-2019| 07:06| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 34,816| 20-Oct-2019| 07:07| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 33,280| 20-Oct-2019| 07:08| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 32,256| 20-Oct-2019| 07:09| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 20-Oct-2019| 07:09| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 32,768| 20-Oct-2019| 07:10| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 20-Oct-2019| 07:11| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 30,720| 20-Oct-2019| 07:12| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 20-Oct-2019| 07:12| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 16,384| 20-Oct-2019| 07:13| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 16,896| 20-Oct-2019| 07:14| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 16,896| 20-Oct-2019| 07:16| Not applicable \nJscript9.dll| 11.0.9600.19538| 4,112,384| 15-Oct-2019| 02:30| x86 \nJscript9diag.dll| 11.0.9600.19538| 620,032| 15-Oct-2019| 02:52| x86 \nJscript.dll| 5.8.9600.19539| 663,552| 17-Oct-2019| 00:50| x86 \nVbscript.dll| 5.8.9600.19539| 496,640| 17-Oct-2019| 00:51| x86 \n \n## Internet Explorer 11 on all supported x64-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform**| **SP requirement**| **Service branch** \n---|---|---|---|---|---|---|--- \nWindows.ui.xaml.dll| 6.2.9200.22722| 13,658,112| 26-Mar-2019| 04:09| x64| None| Not applicable \nHlink.dll| 6.2.9200.22522| 96,256| 19-Jul-2018| 05:09| x64| None| Not applicable \nUrlmon.dll| 10.0.9200.22904| 1,395,712| 17-Oct-2019| 04:10| x64| None| Not applicable \nIexplore.exe| 10.0.9200.22387| 775,816| 20-Feb-2018| 20:17| x64| None| Not applicable \nHtml.iec| 2019.0.0.22387| 441,856| 20-Feb-2018| 17:49| Not applicable| None| Not applicable \nInetcpl.cpl| 10.0.9200.22858| 1,509,376| 27-Aug-2019| 04:55| Not applicable| None| Not applicable \nJsproxy.dll| 10.0.9200.22387| 53,248| 20-Feb-2018| 19:46| x64| None| Not applicable \nWininet.dll| 10.0.9200.22904| 2,247,168| 17-Oct-2019| 04:10| x64| None| Not applicable \nIdctrls.dll| 6.2.9200.22671| 75,776| 24-Jan-2019| 05:13| x64| None| Not applicable \nIedkcs32.dll| 18.0.9200.22695| 255,488| 12-Feb-2019| 17:29| x64| None| Not applicable \nInstall.ins| Not applicable| 464| 17-Oct-2019| 00:24| Not applicable| None| Not applicable \nIe9props.propdesc| Not applicable| 2,843| 15-Nov-2017| 00:49| Not applicable| None| Not applicable \nIeapfltr.dat| 10.0.8411.0| 1,400,416| 21-Nov-2017| 07:23| Not applicable| None| Not applicable \nIeapfltr.dll| 10.0.9200.22904| 762,368| 17-Oct-2019| 04:10| x64| None| Not applicable \nTdc.ocx| 10.0.9200.22387| 77,312| 20-Feb-2018| 19:47| x64| None| Not applicable \nDxtmsft.dll| 10.0.9200.22387| 452,608| 20-Feb-2018| 19:46| x64| None| Not applicable \nDxtrans.dll| 10.0.9200.22722| 281,088| 26-Mar-2019| 04:09| x64| None| Not applicable \nMsfeeds.dll| 10.0.9200.22904| 603,648| 17-Oct-2019| 04:10| x64| None| Not applicable \nMsfeeds.mof| Not applicable| 1,518| 20-Feb-2018| 16:02| Not applicable| None| Not applicable \nMshtmled.dll| 10.0.9200.22695| 96,768| 12-Feb-2019| 17:29| x64| None| Not applicable \nMicrosoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 20-Feb-2018| 15:58| Not applicable| None| Not applicable \nMshtml.dll| 10.0.9200.22904| 20,150,272| 17-Oct-2019| 04:10| x64| None| Not applicable \nMshtml.tlb| 10.0.9200.22387| 2,706,432| 20-Feb-2018| 18:00| Not applicable| None| Not applicable \nIelowutil.exe| 10.0.9200.22387| 223,744| 20-Feb-2018| 19:47| x64| None| Not applicable \nIeproxy.dll| 10.0.9200.22671| 704,000| 24-Jan-2019| 05:13| x64| None| Not applicable \nIeshims.dll| 10.0.9200.22387| 365,568| 20-Feb-2018| 19:46| x64| None| Not applicable \nIcrav03.rat| Not applicable| 8,798| 15-Nov-2017| 00:49| Not applicable| None| Not applicable \nMsrating.dll| 10.0.9200.22387| 197,120| 20-Feb-2018| 19:46| x64| None| Not applicable \nTicrf.rat| Not applicable| 1,988| 15-Nov-2017| 00:49| Not applicable| None| Not applicable \nIertutil.dll| 10.0.9200.22904| 2,690,048| 17-Oct-2019| 04:10| x64| None| Not applicable \nIe4uinit.exe| 10.0.9200.22387| 51,712| 20-Feb-2018| 19:47| x64| None| Not applicable \nIernonce.dll| 10.0.9200.22387| 39,936| 20-Feb-2018| 19:46| x64| None| Not applicable \nIesetup.dll| 10.0.9200.22387| 67,072| 20-Feb-2018| 19:46| x64| None| Not applicable \nIesysprep.dll| 10.0.9200.22387| 136,704| 20-Feb-2018| 19:46| x64| SPR| AMD64_MICROSOFT-WINDOWS-IE-SYSP \nVgx.dll| 10.0.9200.22695| 1,085,440| 12-Feb-2019| 17:29| x64| None| Not applicable \nIeframe.dll| 10.0.9200.22904| 15,445,504| 17-Oct-2019| 04:10| x64| None| Not applicable \nIeframe.ptxml| Not applicable| 25,923| 20-Feb-2018| 15:58| Not applicable| None| Not applicable \nIeinstal.exe| 10.0.9200.22858| 493,568| 27-Aug-2019| 04:55| x64| None| Not applicable \nInetres.adml| Not applicable| 496,073| 12-Jun-2018| 20:12| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 471,216| 12-Jun-2018| 20:02| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 521,514| 12-Jun-2018| 18:01| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 891,899| 12-Jun-2018| 17:55| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 431,913| 20-Feb-2018| 19:52| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 513,874| 12-Jun-2018| 20:21| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 499,586| 12-Jun-2018| 19:32| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 544,437| 12-Jun-2018| 19:56| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 539,484| 12-Jun-2018| 19:53| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 518,202| 12-Jun-2018| 19:57| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 603,821| 12-Jun-2018| 17:56| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 499,713| 12-Jun-2018| 20:19| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 460,208| 12-Jun-2018| 18:00| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 519,382| 12-Jun-2018| 17:56| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 527,261| 12-Jun-2018| 17:57| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 505,383| 12-Jun-2018| 17:58| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 511,915| 12-Jun-2018| 18:10| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 761,065| 12-Jun-2018| 18:08| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 481,848| 12-Jun-2018| 17:54| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 492,315| 12-Jun-2018| 17:55| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 395,563| 12-Jun-2018| 18:08| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 411,744| 12-Jun-2018| 18:00| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 411,744| 12-Jun-2018| 17:58| Not applicable| None| Not applicable \nInetres.admx| Not applicable| 1,649,803| 15-Nov-2017| 00:52| Not applicable| None| Not applicable \nJsdebuggeride.dll| 10.0.9200.22387| 148,992| 20-Feb-2018| 19:46| x64| None| Not applicable \nPurchasewindowslicense.dll| 6.2.9200.22904| 562,688| 17-Oct-2019| 04:10| x64| None| Not applicable \nPurchasewindowslicense.exe| 6.2.9200.22671| 22,136| 24-Jan-2019| 05:45| x64| None| Not applicable \nInetcomm.dll| 6.2.9200.22904| 949,760| 17-Oct-2019| 04:10| x64| None| Not applicable \nInetres.dll| 6.2.9200.22387| 84,480| 20-Feb-2018| 17:59| x64| None| Not applicable \nFirstlogonanim.html| Not applicable| 88,435| 06-Jul-2012| 19:56| Not applicable| None| Not applicable \nMsoobefirstlogonanim.dll| 6.2.9200.22671| 47,104| 24-Jan-2019| 05:13| x64| None| Not applicable \nPhotoviewer.dll| 6.2.9200.22858| 1,820,672| 27-Aug-2019| 04:55| x64| None| Not applicable \nJscript9.dll| 10.0.9200.22904| 3,868,672| 17-Oct-2019| 04:10| x64| None| Not applicable \nJscript.dll| 5.8.9200.22904| 858,112| 17-Oct-2019| 04:10| x64| None| Not applicable \nVbscript.dll| 5.8.9200.22904| 597,504| 17-Oct-2019| 04:10| x64| None| Not applicable \nAuthbroker.dll| 6.2.9200.22671| 96,256| 24-Jan-2019| 05:13| x64| None| Not applicable \nAuthhost.exe| 6.2.9200.22752| 122,512| 30-Apr-2019| 04:16| x64| None| Not applicable \nAuthhostproxy.dll| 6.2.9200.16384| 12,288| 26-Jul-2012| 03:05| x64| None| Not applicable \nResources.pri| Not applicable| 8,544| 25-Jul-2012| 23:04| Not applicable| None| Not applicable \nWindows store.lnk| Not applicable| 2,028| 25-Jul-2012| 20:13| Not applicable| None| Not applicable \nWinstore.ui.winmd| Not applicable| 14,336| 03-Jul-2013| 05:05| Not applicable| None| Not applicable \nWinstoreui-ppdlic.xrm-ms| Not applicable| 2,885| 17-Oct-2019| 05:09| Not applicable| None| Not applicable \nWinstoreui.dll| 6.2.9200.22904| 825,344| 17-Oct-2019| 04:10| x64| None| Not applicable \nWindows.applicationmodel.store.dll| 6.2.9200.22671| 198,656| 24-Jan-2019| 05:13| x64| None| Not applicable \nWindows.applicationmodel.store.testingframework.dll| 6.2.9200.22904| 163,840| 17-Oct-2019| 04:10| x64| None| Not applicable \nWsshared.dll| 6.2.9200.22904| 695,808| 17-Oct-2019| 04:10| x64| None| Not applicable \nUxinit.dll| 6.2.9200.22387| 53,760| 20-Feb-2018| 19:46| x64| None| Not applicable \nUxtheme.dll| 6.2.9200.22858| 909,312| 27-Aug-2019| 04:55| x64| None| Not applicable \nWwaapi.dll| 6.2.9200.22695| 116,224| 12-Feb-2019| 17:30| x64| None| Not applicable \nWindowswebapphost.ptxml| Not applicable| 2,055| 20-Sep-2012| 01:44| Not applicable| None| Not applicable \nWwahost.exe| 6.2.9200.22904| 423,424| 17-Oct-2019| 04:10| x64| None| Not applicable \nWindowslivelogin.dll| 6.2.9200.22671| 305,152| 24-Jan-2019| 05:13| x64| None| Not applicable \nIexplore.exe| 10.0.9200.22387| 770,696| 20-Feb-2018| 19:06| x86| None| Not applicable \nHtml.iec| 2019.0.0.22387| 361,984| 20-Feb-2018| 17:24| Not applicable| None| Not applicable \nTdc.ocx| 10.0.9200.22387| 61,952| 20-Feb-2018| 18:51| x86| None| Not applicable \nDxtmsft.dll| 10.0.9200.22387| 359,936| 20-Feb-2018| 18:51| x86| None| Not applicable \nDxtrans.dll| 10.0.9200.22695| 228,352| 12-Feb-2019| 04:16| x86| None| Not applicable \nMsfeeds.dll| 10.0.9200.22904| 493,568| 17-Oct-2019| 03:16| x86| None| Not applicable \nMsfeeds.mof| Not applicable| 1,518| 20-Feb-2018| 16:01| Not applicable| None| Not applicable \nMshtmled.dll| 10.0.9200.22695| 80,384| 12-Feb-2019| 04:16| x86| None| Not applicable \nMshtml.dll| 10.0.9200.22904| 14,723,072| 17-Oct-2019| 03:16| x86| None| Not applicable \nMshtml.tlb| 10.0.9200.22387| 2,706,432| 20-Feb-2018| 17:33| Not applicable| None| Not applicable \nWow64_microsoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 20-Feb-2018| 16:00| Not applicable| None| Not applicable \nIernonce.dll| 10.0.9200.22387| 33,280| 20-Feb-2018| 18:51| x86| None| Not applicable \nIesetup.dll| 10.0.9200.22387| 61,440| 20-Feb-2018| 18:51| x86| None| Not applicable \nIe9props.propdesc| Not applicable| 2,843| 15-Nov-2017| 00:49| Not applicable| None| Not applicable \nIeframe.dll| 10.0.9200.22904| 13,783,552| 17-Oct-2019| 03:16| x86| None| Not applicable \nWow64_ieframe.ptxml| Not applicable| 25,923| 20-Feb-2018| 16:00| Not applicable| None| Not applicable \nJscript9.dll| 10.0.9200.22904| 2,757,120| 17-Oct-2019| 03:16| x86| None| Not applicable \nJscript.dll| 5.8.9200.22904| 711,168| 17-Oct-2019| 03:16| x86| None| Not applicable \nVbscript.dll| 5.8.9200.22904| 515,584| 17-Oct-2019| 03:16| x86| None| Not applicable \nAuthbroker.dll| 6.2.9200.22671| 74,752| 24-Jan-2019| 04:33| x86| None| Not applicable \nUxtheme.dll| 6.2.9200.22387| 534,528| 20-Feb-2018| 16:52| x86| None| Not applicable \nWwaapi.dll| 6.2.9200.22695| 75,264| 12-Feb-2019| 04:16| x86| None| Not applicable \nWow64_windowswebapphost.ptxml| Not applicable| 2,055| 20-Sep-2012| 01:45| Not applicable| None| Not applicable \nWwahost.exe| 6.2.9200.22858| 334,848| 27-Aug-2019| 09:19| x86| None| Not applicable \nWindowslivelogin.dll| 6.2.9200.22671| 233,472| 24-Jan-2019| 04:34| x86| None| Not applicable \nWindows.ui.xaml.dll| 6.2.9200.22671| 10,803,200| 24-Jan-2019| 04:34| x86| None| Not applicable \nHlink.dll| 6.2.9200.22522| 75,264| 19-Jul-2018| 17:49| x86| None| Not applicable \nUrlmon.dll| 10.0.9200.22904| 1,170,944| 17-Oct-2019| 03:16| x86| None| Not applicable \nInetcpl.cpl| 10.0.9200.22722| 1,441,280| 26-Mar-2019| 03:14| Not applicable| None| Not applicable \nJsproxy.dll| 10.0.9200.22387| 38,400| 20-Feb-2018| 18:51| x86| None| Not applicable \nWininet.dll| 10.0.9200.22904| 1,768,448| 17-Oct-2019| 03:16| x86| None| Not applicable \nIdctrls.dll| 6.2.9200.22671| 63,488| 24-Jan-2019| 04:33| x86| None| Not applicable \nIedkcs32.dll| 18.0.9200.22695| 226,816| 12-Feb-2019| 04:16| x86| None| Not applicable \nInstall.ins| Not applicable| 464| 17-Oct-2019| 00:22| Not applicable| None| Not applicable \nIeapfltr.dat| 10.0.8411.0| 1,400,416| 21-Nov-2017| 07:23| Not applicable| None| Not applicable \nIeapfltr.dll| 10.0.9200.22904| 629,248| 17-Oct-2019| 03:16| x86| None| Not applicable \nIelowutil.exe| 10.0.9200.22671| 222,208| 24-Jan-2019| 04:34| x86| None| Not applicable \nIeproxy.dll| 10.0.9200.22671| 258,048| 24-Jan-2019| 04:33| x86| None| Not applicable \nIeshims.dll| 10.0.9200.22387| 245,248| 20-Feb-2018| 18:51| x86| None| Not applicable \nIcrav03.rat| Not applicable| 8,798| 15-Nov-2017| 00:49| Not applicable| None| Not applicable \nMsrating.dll| 10.0.9200.22387| 163,840| 20-Feb-2018| 18:51| x86| None| Not applicable \nTicrf.rat| Not applicable| 1,988| 15-Nov-2017| 00:49| Not applicable| None| Not applicable \nIertutil.dll| 10.0.9200.22904| 2,091,008| 17-Oct-2019| 03:16| x86| None| Not applicable \nIesysprep.dll| 10.0.9200.22387| 109,056| 20-Feb-2018| 18:51| x86| SPR| X86_MICROSOFT-WINDOWS-IE-SYSP \nVgx.dll| 10.0.9200.22695| 818,688| 12-Feb-2019| 04:16| x86| None| Not applicable \nIeinstal.exe| 10.0.9200.22752| 478,720| 30-Apr-2019| 03:14| x86| None| Not applicable \nJsdebuggeride.dll| 10.0.9200.22387| 108,032| 20-Feb-2018| 18:51| x86| None| Not applicable \nInetcomm.dll| 6.2.9200.22904| 737,280| 17-Oct-2019| 03:16| x86| None| Not applicable \nInetres.dll| 6.2.9200.22387| 84,480| 20-Feb-2018| 17:32| x86| None| Not applicable \nPhotoviewer.dll| 6.2.9200.22858| 1,637,376| 27-Aug-2019| 09:19| x86| None| Not applicable \nWindows.applicationmodel.store.dll| 6.2.9200.22671| 143,872| 24-Jan-2019| 04:34| x86| None| Not applicable \nWindows.applicationmodel.store.testingframework.dll| 6.2.9200.22904| 124,928| 17-Oct-2019| 03:16| x86| None| Not applicable \nWsshared.dll| 6.2.9200.22904| 568,832| 17-Oct-2019| 03:16| x86| None| Not applicable \nUxinit.dll| 6.2.9200.22387| 44,032| 20-Feb-2018| 18:51| x86| None| Not applicable \n \n## Internet Explorer 10 on all supported x64-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform**| **SP requirement**| **Service branch** \n---|---|---|---|---|---|---|--- \nWindows.ui.xaml.dll| 6.2.9200.22722| 13,658,112| 26-Mar-2019| 04:09| x64| None| Not applicable \nHlink.dll| 6.2.9200.22522| 96,256| 19-Jul-2018| 05:09| x64| None| Not applicable \nUrlmon.dll| 10.0.9200.22904| 1,395,712| 17-Oct-2019| 04:10| x64| None| Not applicable \nIexplore.exe| 10.0.9200.22387| 775,816| 20-Feb-2018| 20:17| x64| None| Not applicable \nHtml.iec| 2019.0.0.22387| 441,856| 20-Feb-2018| 17:49| Not applicable| None| Not applicable \nInetcpl.cpl| 10.0.9200.22858| 1,509,376| 27-Aug-2019| 04:55| Not applicable| None| Not applicable \nJsproxy.dll| 10.0.9200.22387| 53,248| 20-Feb-2018| 19:46| x64| None| Not applicable \nWininet.dll| 10.0.9200.22904| 2,247,168| 17-Oct-2019| 04:10| x64| None| Not applicable \nIdctrls.dll| 6.2.9200.22671| 75,776| 24-Jan-2019| 05:13| x64| None| Not applicable \nIedkcs32.dll| 18.0.9200.22695| 255,488| 12-Feb-2019| 17:29| x64| None| Not applicable \nInstall.ins| Not applicable| 464| 17-Oct-2019| 00:24| Not applicable| None| Not applicable \nIe9props.propdesc| Not applicable| 2,843| 15-Nov-2017| 00:49| Not applicable| None| Not applicable \nIeapfltr.dat| 10.0.8411.0| 1,400,416| 21-Nov-2017| 07:23| Not applicable| None| Not applicable \nIeapfltr.dll| 10.0.9200.22904| 762,368| 17-Oct-2019| 04:10| x64| None| Not applicable \nTdc.ocx| 10.0.9200.22387| 77,312| 20-Feb-2018| 19:47| x64| None| Not applicable \nDxtmsft.dll| 10.0.9200.22387| 452,608| 20-Feb-2018| 19:46| x64| None| Not applicable \nDxtrans.dll| 10.0.9200.22722| 281,088| 26-Mar-2019| 04:09| x64| None| Not applicable \nMsfeeds.dll| 10.0.9200.22904| 603,648| 17-Oct-2019| 04:10| x64| None| Not applicable \nMsfeeds.mof| Not applicable| 1,518| 20-Feb-2018| 16:02| Not applicable| None| Not applicable \nMshtmled.dll| 10.0.9200.22695| 96,768| 12-Feb-2019| 17:29| x64| None| Not applicable \nMicrosoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 20-Feb-2018| 15:58| Not applicable| None| Not applicable \nMshtml.dll| 10.0.9200.22904| 20,150,272| 17-Oct-2019| 04:10| x64| None| Not applicable \nMshtml.tlb| 10.0.9200.22387| 2,706,432| 20-Feb-2018| 18:00| Not applicable| None| Not applicable \nIelowutil.exe| 10.0.9200.22387| 223,744| 20-Feb-2018| 19:47| x64| None| Not applicable \nIeproxy.dll| 10.0.9200.22671| 704,000| 24-Jan-2019| 05:13| x64| None| Not applicable \nIeshims.dll| 10.0.9200.22387| 365,568| 20-Feb-2018| 19:46| x64| None| Not applicable \nIcrav03.rat| Not applicable| 8,798| 15-Nov-2017| 00:49| Not applicable| None| Not applicable \nMsrating.dll| 10.0.9200.22387| 197,120| 20-Feb-2018| 19:46| x64| None| Not applicable \nTicrf.rat| Not applicable| 1,988| 15-Nov-2017| 00:49| Not applicable| None| Not applicable \nIertutil.dll| 10.0.9200.22904| 2,690,048| 17-Oct-2019| 04:10| x64| None| Not applicable \nIe4uinit.exe| 10.0.9200.22387| 51,712| 20-Feb-2018| 19:47| x64| None| Not applicable \nIernonce.dll| 10.0.9200.22387| 39,936| 20-Feb-2018| 19:46| x64| None| Not applicable \nIesetup.dll| 10.0.9200.22387| 67,072| 20-Feb-2018| 19:46| x64| None| Not applicable \nIesysprep.dll| 10.0.9200.22387| 136,704| 20-Feb-2018| 19:46| x64| SPR| AMD64_MICROSOFT-WINDOWS-IE-SYSP \nVgx.dll| 10.0.9200.22695| 1,085,440| 12-Feb-2019| 17:29| x64| None| Not applicable \nIeframe.dll| 10.0.9200.22904| 15,445,504| 17-Oct-2019| 04:10| x64| None| Not applicable \nIeframe.ptxml| Not applicable| 25,923| 20-Feb-2018| 15:58| Not applicable| None| Not applicable \nIeinstal.exe| 10.0.9200.22858| 493,568| 27-Aug-2019| 04:55| x64| None| Not applicable \nInetres.adml| Not applicable| 496,073| 12-Jun-2018| 20:12| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 471,216| 12-Jun-2018| 20:02| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 521,514| 12-Jun-2018| 18:01| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 891,899| 12-Jun-2018| 17:55| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 431,913| 20-Feb-2018| 19:52| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 513,874| 12-Jun-2018| 20:21| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 499,586| 12-Jun-2018| 19:32| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 544,437| 12-Jun-2018| 19:56| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 539,484| 12-Jun-2018| 19:53| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 518,202| 12-Jun-2018| 19:57| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 603,821| 12-Jun-2018| 17:56| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 499,713| 12-Jun-2018| 20:19| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 460,208| 12-Jun-2018| 18:00| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 519,382| 12-Jun-2018| 17:56| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 527,261| 12-Jun-2018| 17:57| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 505,383| 12-Jun-2018| 17:58| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 511,915| 12-Jun-2018| 18:10| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 761,065| 12-Jun-2018| 18:08| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 481,848| 12-Jun-2018| 17:54| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 492,315| 12-Jun-2018| 17:55| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 395,563| 12-Jun-2018| 18:08| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 411,744| 12-Jun-2018| 18:00| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 411,744| 12-Jun-2018| 17:58| Not applicable| None| Not applicable \nInetres.admx| Not applicable| 1,649,803| 15-Nov-2017| 00:52| Not applicable| None| Not applicable \nJsdebuggeride.dll| 10.0.9200.22387| 148,992| 20-Feb-2018| 19:46| x64| None| Not applicable \nPurchasewindowslicense.dll| 6.2.9200.22904| 562,688| 17-Oct-2019| 04:10| x64| None| Not applicable \nPurchasewindowslicense.exe| 6.2.9200.22671| 22,136| 24-Jan-2019| 05:45| x64| None| Not applicable \nInetcomm.dll| 6.2.9200.22904| 949,760| 17-Oct-2019| 04:10| x64| None| Not applicable \nInetres.dll| 6.2.9200.22387| 84,480| 20-Feb-2018| 17:59| x64| None| Not applicable \nFirstlogonanim.html| Not applicable| 88,435| 06-Jul-2012| 19:56| Not applicable| None| Not applicable \nMsoobefirstlogonanim.dll| 6.2.9200.22671| 47,104| 24-Jan-2019| 05:13| x64| None| Not applicable \nPhotoviewer.dll| 6.2.9200.22858| 1,820,672| 27-Aug-2019| 04:55| x64| None| Not applicable \nJscript9.dll| 10.0.9200.22904| 3,868,672| 17-Oct-2019| 04:10| x64| None| Not applicable \nJscript.dll| 5.8.9200.22904| 858,112| 17-Oct-2019| 04:10| x64| None| Not applicable \nVbscript.dll| 5.8.9200.22904| 597,504| 17-Oct-2019| 04:10| x64| None| Not applicable \nAuthbroker.dll| 6.2.9200.22671| 96,256| 24-Jan-2019| 05:13| x64| None| Not applicable \nAuthhost.exe| 6.2.9200.22752| 122,512| 30-Apr-2019| 04:16| x64| None| Not applicable \nAuthhostproxy.dll| 6.2.9200.16384| 12,288| 26-Jul-2012| 03:05| x64| None| Not applicable \nResources.pri| Not applicable| 8,544| 25-Jul-2012| 23:04| Not applicable| None| Not applicable \nWindows store.lnk| Not applicable| 2,028| 25-Jul-2012| 20:13| Not applicable| None| Not applicable \nWinstore.ui.winmd| Not applicable| 14,336| 03-Jul-2013| 05:05| Not applicable| None| Not applicable \nWinstoreui-ppdlic.xrm-ms| Not applicable| 2,885| 17-Oct-2019| 05:09| Not applicable| None| Not applicable \nWinstoreui.dll| 6.2.9200.22904| 825,344| 17-Oct-2019| 04:10| x64| None| Not applicable \nWindows.applicationmodel.store.dll| 6.2.9200.22671| 198,656| 24-Jan-2019| 05:13| x64| None| Not applicable \nWindows.applicationmodel.store.testingframework.dll| 6.2.9200.22904| 163,840| 17-Oct-2019| 04:10| x64| None| Not applicable \nWsshared.dll| 6.2.9200.22904| 695,808| 17-Oct-2019| 04:10| x64| None| Not applicable \nUxinit.dll| 6.2.9200.22387| 53,760| 20-Feb-2018| 19:46| x64| None| Not applicable \nUxtheme.dll| 6.2.9200.22858| 909,312| 27-Aug-2019| 04:55| x64| None| Not applicable \nWwaapi.dll| 6.2.9200.22695| 116,224| 12-Feb-2019| 17:30| x64| None| Not applicable \nWindowswebapphost.ptxml| Not applicable| 2,055| 20-Sep-2012| 01:44| Not applicable| None| Not applicable \nWwahost.exe| 6.2.9200.22904| 423,424| 17-Oct-2019| 04:10| x64| None| Not applicable \nWindowslivelogin.dll| 6.2.9200.22671| 305,152| 24-Jan-2019| 05:13| x64| None| Not applicable \nIexplore.exe| 10.0.9200.22387| 770,696| 20-Feb-2018| 19:06| x86| None| Not applicable \nHtml.iec| 2019.0.0.22387| 361,984| 20-Feb-2018| 17:24| Not applicable| None| Not applicable \nTdc.ocx| 10.0.9200.22387| 61,952| 20-Feb-2018| 18:51| x86| None| Not applicable \nDxtmsft.dll| 10.0.9200.22387| 359,936| 20-Feb-2018| 18:51| x86| None| Not applicable \nDxtrans.dll| 10.0.9200.22695| 228,352| 12-Feb-2019| 04:16| x86| None| Not applicable \nMsfeeds.dll| 10.0.9200.22904| 493,568| 17-Oct-2019| 03:16| x86| None| Not applicable \nMsfeeds.mof| Not applicable| 1,518| 20-Feb-2018| 16:01| Not applicable| None| Not applicable \nMshtmled.dll| 10.0.9200.22695| 80,384| 12-Feb-2019| 04:16| x86| None| Not applicable \nMshtml.dll| 10.0.9200.22904| 14,723,072| 17-Oct-2019| 03:16| x86| None| Not applicable \nMshtml.tlb| 10.0.9200.22387| 2,706,432| 20-Feb-2018| 17:33| Not applicable| None| Not applicable \nWow64_microsoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 20-Feb-2018| 16:00| Not applicable| None| Not applicable \nIernonce.dll| 10.0.9200.22387| 33,280| 20-Feb-2018| 18:51| x86| None| Not applicable \nIesetup.dll| 10.0.9200.22387| 61,440| 20-Feb-2018| 18:51| x86| None| Not applicable \nIe9props.propdesc| Not applicable| 2,843| 15-Nov-2017| 00:49| Not applicable| None| Not applicable \nIeframe.dll| 10.0.9200.22904| 13,783,552| 17-Oct-2019| 03:16| x86| None| Not applicable \nWow64_ieframe.ptxml| Not applicable| 25,923| 20-Feb-2018| 16:00| Not applicable| None| Not applicable \nJscript9.dll| 10.0.9200.22904| 2,757,120| 17-Oct-2019| 03:16| x86| None| Not applicable \nJscript.dll| 5.8.9200.22904| 711,168| 17-Oct-2019| 03:16| x86| None| Not applicable \nVbscript.dll| 5.8.9200.22904| 515,584| 17-Oct-2019| 03:16| x86| None| Not applicable \nAuthbroker.dll| 6.2.9200.22671| 74,752| 24-Jan-2019| 04:33| x86| None| Not applicable \nUxtheme.dll| 6.2.9200.22387| 534,528| 20-Feb-2018| 16:52| x86| None| Not applicable \nWwaapi.dll| 6.2.9200.22695| 75,264| 12-Feb-2019| 04:16| x86| None| Not applicable \nWow64_windowswebapphost.ptxml| Not applicable| 2,055| 20-Sep-2012| 01:45| Not applicable| None| Not applicable \nWwahost.exe| 6.2.9200.22858| 334,848| 27-Aug-2019| 09:19| x86| None| Not applicable \nWindowslivelogin.dll| 6.2.9200.22671| 233,472| 24-Jan-2019| 04:34| x86| None| Not applicable \nWindows.ui.xaml.dll| 6.2.9200.22671| 10,803,200| 24-Jan-2019| 04:34| x86| None| Not applicable \nHlink.dll| 6.2.9200.22522| 75,264| 19-Jul-2018| 17:49| x86| None| Not applicable \nUrlmon.dll| 10.0.9200.22904| 1,170,944| 17-Oct-2019| 03:16| x86| None| Not applicable \nInetcpl.cpl| 10.0.9200.22722| 1,441,280| 26-Mar-2019| 03:14| Not applicable| None| Not applicable \nJsproxy.dll| 10.0.9200.22387| 38,400| 20-Feb-2018| 18:51| x86| None| Not applicable \nWininet.dll| 10.0.9200.22904| 1,768,448| 17-Oct-2019| 03:16| x86| None| Not applicable \nIdctrls.dll| 6.2.9200.22671| 63,488| 24-Jan-2019| 04:33| x86| None| Not applicable \nIedkcs32.dll| 18.0.9200.22695| 226,816| 12-Feb-2019| 04:16| x86| None| Not applicable \nInstall.ins| Not applicable| 464| 17-Oct-2019| 00:22| Not applicable| None| Not applicable \nIeapfltr.dat| 10.0.8411.0| 1,400,416| 21-Nov-2017| 07:23| Not applicable| None| Not applicable \nIeapfltr.dll| 10.0.9200.22904| 629,248| 17-Oct-2019| 03:16| x86| None| Not applicable \nIelowutil.exe| 10.0.9200.22671| 222,208| 24-Jan-2019| 04:34| x86| None| Not applicable \nIeproxy.dll| 10.0.9200.22671| 258,048| 24-Jan-2019| 04:33| x86| None| Not applicable \nIeshims.dll| 10.0.9200.22387| 245,248| 20-Feb-2018| 18:51| x86| None| Not applicable \nIcrav03.rat| Not applicable| 8,798| 15-Nov-2017| 00:49| Not applicable| None| Not applicable \nMsrating.dll| 10.0.9200.22387| 163,840| 20-Feb-2018| 18:51| x86| None| Not applicable \nTicrf.rat| Not applicable| 1,988| 15-Nov-2017| 00:49| Not applicable| None| Not applicable \nIertutil.dll| 10.0.9200.22904| 2,091,008| 17-Oct-2019| 03:16| x86| None| Not applicable \nIesysprep.dll| 10.0.9200.22387| 109,056| 20-Feb-2018| 18:51| x86| SPR| X86_MICROSOFT-WINDOWS-IE-SYSP \nVgx.dll| 10.0.9200.22695| 818,688| 12-Feb-2019| 04:16| x86| None| Not applicable \nIeinstal.exe| 10.0.9200.22752| 478,720| 30-Apr-2019| 03:14| x86| None| Not applicable \nJsdebuggeride.dll| 10.0.9200.22387| 108,032| 20-Feb-2018| 18:51| x86| None| Not applicable \nInetcomm.dll| 6.2.9200.22904| 737,280| 17-Oct-2019| 03:16| x86| None| Not applicable \nInetres.dll| 6.2.9200.22387| 84,480| 20-Feb-2018| 17:32| x86| None| Not applicable \nPhotoviewer.dll| 6.2.9200.22858| 1,637,376| 27-Aug-2019| 09:19| x86| None| Not applicable \nWindows.applicationmodel.store.dll| 6.2.9200.22671| 143,872| 24-Jan-2019| 04:34| x86| None| Not applicable \nWindows.applicationmodel.store.testingframework.dll| 6.2.9200.22904| 124,928| 17-Oct-2019| 03:16| x86| None| Not applicable \nWsshared.dll| 6.2.9200.22904| 568,832| 17-Oct-2019| 03:16| x86| None| Not applicable \nUxinit.dll| 6.2.9200.22387| 44,032| 20-Feb-2018| 18:51| x86| None| Not applicable \n**Windows 7 and Windows Server 2008 R2**\n\n## Internet Explorer 11 on all supported x86-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform**| **SP requirement**| **Service branch** \n---|---|---|---|---|---|---|--- \nUrlmon.dll| 11.0.9600.19538| 1,331,712| 15-Oct-2019| 02:04| x86| None| Not applicable \nIexplore.exe| 11.0.9600.19538| 810,376| 18-Oct-2019| 18:39| x86| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 31,744| 18-Oct-2019| 18:40| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 36,352| 18-Oct-2019| 18:41| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 35,328| 18-Oct-2019| 18:41| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,816| 18-Oct-2019| 18:42| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 36,864| 18-Oct-2019| 18:43| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 39,424| 18-Oct-2019| 18:44| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 32,768| 18-Oct-2019| 20:06| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 37,376| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 33,280| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,816| 18-Oct-2019| 18:46| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 38,400| 18-Oct-2019| 18:47| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 30,720| 18-Oct-2019| 18:48| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,816| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 35,328| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 36,864| 18-Oct-2019| 18:50| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 25,600| 18-Oct-2019| 18:51| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 24,576| 18-Oct-2019| 18:52| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 35,840| 18-Oct-2019| 18:53| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,304| 18-Oct-2019| 18:54| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,304| 18-Oct-2019| 18:55| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 36,352| 18-Oct-2019| 18:56| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 35,840| 18-Oct-2019| 18:56| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,816| 18-Oct-2019| 18:57| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 35,840| 18-Oct-2019| 18:58| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 35,840| 18-Oct-2019| 18:59| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,304| 18-Oct-2019| 19:00| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 35,840| 18-Oct-2019| 19:00| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,816| 18-Oct-2019| 19:01| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,816| 18-Oct-2019| 19:02| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,816| 18-Oct-2019| 19:03| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 33,280| 18-Oct-2019| 19:03| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,304| 18-Oct-2019| 19:05| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,304| 18-Oct-2019| 19:05| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 20,992| 18-Oct-2019| 19:06| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 21,504| 18-Oct-2019| 19:07| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 21,504| 18-Oct-2019| 19:08| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 46,592| 18-Oct-2019| 18:40| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 52,736| 18-Oct-2019| 18:41| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,200| 18-Oct-2019| 18:41| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,200| 18-Oct-2019| 18:42| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 56,320| 18-Oct-2019| 18:43| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 57,856| 18-Oct-2019| 18:44| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 49,664| 18-Oct-2019| 20:06| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 54,272| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 47,616| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 49,152| 18-Oct-2019| 18:47| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 55,296| 18-Oct-2019| 18:48| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 45,056| 18-Oct-2019| 18:48| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,712| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,712| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 53,248| 18-Oct-2019| 18:51| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 39,424| 18-Oct-2019| 18:51| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 35,840| 18-Oct-2019| 18:52| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 50,176| 18-Oct-2019| 18:53| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,200| 18-Oct-2019| 18:54| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 50,688| 18-Oct-2019| 18:55| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 52,736| 18-Oct-2019| 18:55| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 53,760| 18-Oct-2019| 18:56| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 54,272| 18-Oct-2019| 18:57| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 54,272| 18-Oct-2019| 18:58| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 52,736| 18-Oct-2019| 18:59| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,200| 18-Oct-2019| 19:00| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 53,248| 18-Oct-2019| 19:00| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 52,736| 18-Oct-2019| 19:01| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,712| 18-Oct-2019| 19:02| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 50,688| 18-Oct-2019| 19:03| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 50,688| 18-Oct-2019| 19:03| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 50,176| 18-Oct-2019| 19:04| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 50,176| 18-Oct-2019| 19:05| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 30,720| 18-Oct-2019| 19:06| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 30,720| 18-Oct-2019| 19:07| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 30,720| 18-Oct-2019| 19:08| Not applicable| None| Not applicable \nInetcpl.cpl| 11.0.9600.19538| 2,058,752| 15-Oct-2019| 02:27| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:40| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:41| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:41| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:42| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:43| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:44| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 20:06| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:46| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:47| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:48| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:50| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:51| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:52| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:53| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:54| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:55| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:55| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:56| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:57| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:58| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:59| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:00| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:00| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:01| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:02| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:03| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:04| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:04| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:05| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:06| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:07| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:08| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 307,200| 18-Oct-2019| 18:40| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 293,888| 18-Oct-2019| 18:41| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 290,304| 18-Oct-2019| 18:42| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 289,280| 18-Oct-2019| 18:42| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 299,008| 18-Oct-2019| 18:44| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 303,104| 18-Oct-2019| 18:44| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 282,112| 18-Oct-2019| 20:06| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 296,960| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 283,648| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 291,840| 18-Oct-2019| 18:46| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 299,520| 18-Oct-2019| 18:47| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 275,968| 18-Oct-2019| 18:48| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 290,816| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 293,376| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 296,960| 18-Oct-2019| 18:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 258,048| 18-Oct-2019| 18:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 256,512| 18-Oct-2019| 18:52| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 289,280| 18-Oct-2019| 18:53| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 288,256| 18-Oct-2019| 18:54| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 285,184| 18-Oct-2019| 18:55| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 295,424| 18-Oct-2019| 18:56| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 297,472| 18-Oct-2019| 18:56| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 292,864| 18-Oct-2019| 18:57| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 295,424| 18-Oct-2019| 18:58| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 294,400| 18-Oct-2019| 18:59| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 294,400| 18-Oct-2019| 19:00| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 292,864| 18-Oct-2019| 19:00| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 290,816| 18-Oct-2019| 19:01| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 288,768| 18-Oct-2019| 19:02| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 286,208| 18-Oct-2019| 19:03| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 281,600| 18-Oct-2019| 19:04| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 286,720| 18-Oct-2019| 19:04| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 292,352| 18-Oct-2019| 19:05| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 242,176| 18-Oct-2019| 19:06| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 243,200| 18-Oct-2019| 19:07| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 243,200| 18-Oct-2019| 19:08| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 61,440| 18-Oct-2019| 18:40| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 73,728| 18-Oct-2019| 18:41| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 67,584| 18-Oct-2019| 18:41| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 67,584| 18-Oct-2019| 18:42| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 74,240| 18-Oct-2019| 18:43| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 78,848| 18-Oct-2019| 18:44| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 61,440| 18-Oct-2019| 20:06| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 74,752| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 62,464| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 68,096| 18-Oct-2019| 18:46| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 75,264| 18-Oct-2019| 18:47| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 61,440| 18-Oct-2019| 18:48| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 68,608| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 72,192| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 73,216| 18-Oct-2019| 18:50| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 41,472| 18-Oct-2019| 18:51| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 37,888| 18-Oct-2019| 18:52| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 68,608| 18-Oct-2019| 18:53| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 67,584| 18-Oct-2019| 18:54| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 65,536| 18-Oct-2019| 18:55| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 74,240| 18-Oct-2019| 18:56| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 70,656| 18-Oct-2019| 18:56| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 71,168| 18-Oct-2019| 18:57| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 71,680| 18-Oct-2019| 18:58| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 71,168| 18-Oct-2019| 18:59| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 69,632| 18-Oct-2019| 18:59| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 68,096| 18-Oct-2019| 19:00| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 68,608| 18-Oct-2019| 19:01| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 68,096| 18-Oct-2019| 19:02| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 65,536| 18-Oct-2019| 19:03| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 59,904| 18-Oct-2019| 19:04| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 65,536| 18-Oct-2019| 19:04| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 69,120| 18-Oct-2019| 19:05| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 29,696| 18-Oct-2019| 19:06| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 30,720| 18-Oct-2019| 19:07| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 30,720| 18-Oct-2019| 19:08| Not applicable| None| Not applicable \nJavascriptcollectionagent.dll| 11.0.9600.19538| 60,416| 15-Oct-2019| 02:40| x86| None| Not applicable \nDiagnosticshub.scriptedsandboxplugin.dll| 11.0.9600.19538| 230,400| 15-Oct-2019| 02:42| x86| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 46,080| 18-Oct-2019| 18:40| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 50,176| 18-Oct-2019| 18:41| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 48,640| 18-Oct-2019| 18:42| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,664| 18-Oct-2019| 18:42| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 51,712| 18-Oct-2019| 18:43| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 54,272| 18-Oct-2019| 18:44| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 48,128| 18-Oct-2019| 20:07| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 50,176| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 47,616| 18-Oct-2019| 18:46| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,152| 18-Oct-2019| 18:46| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 50,688| 18-Oct-2019| 18:47| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 45,056| 18-Oct-2019| 18:48| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,152| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,152| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,664| 18-Oct-2019| 18:50| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 39,936| 18-Oct-2019| 18:51| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 39,424| 18-Oct-2019| 18:52| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 47,616| 18-Oct-2019| 18:53| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 47,616| 18-Oct-2019| 18:54| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 48,640| 18-Oct-2019| 18:55| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 51,200| 18-Oct-2019| 18:55| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 50,688| 18-Oct-2019| 18:56| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,664| 18-Oct-2019| 18:57| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 50,176| 18-Oct-2019| 18:58| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,152| 18-Oct-2019| 18:59| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 48,640| 18-Oct-2019| 19:00| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 50,176| 18-Oct-2019| 19:00| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 48,640| 18-Oct-2019| 19:01| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,664| 18-Oct-2019| 19:02| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 48,640| 18-Oct-2019| 19:03| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 48,128| 18-Oct-2019| 19:04| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,152| 18-Oct-2019| 19:04| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 48,128| 18-Oct-2019| 19:05| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 35,328| 18-Oct-2019| 19:06| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 35,328| 18-Oct-2019| 19:07| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 35,328| 18-Oct-2019| 19:08| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 9,728| 18-Oct-2019| 18:40| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:41| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 18:42| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 9,728| 18-Oct-2019| 18:42| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:43| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 11,264| 18-Oct-2019| 18:44| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 9,728| 18-Oct-2019| 20:06| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 18:46| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:47| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 9,216| 18-Oct-2019| 18:48| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:50| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 7,680| 18-Oct-2019| 18:51| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 7,680| 18-Oct-2019| 18:52| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 18:53| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 18:54| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 9,728| 18-Oct-2019| 18:55| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 18:56| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 18:56| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:57| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 18:58| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 18:59| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 19:00| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:00| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 19:01| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 19:02| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 9,728| 18-Oct-2019| 19:03| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 9,728| 18-Oct-2019| 19:04| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 19:05| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 19:05| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 6,656| 18-Oct-2019| 19:06| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 6,656| 18-Oct-2019| 19:07| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 6,656| 18-Oct-2019| 19:08| Not applicable| None| Not applicable \nJsproxy.dll| 11.0.9600.19538| 47,104| 15-Oct-2019| 02:56| x86| None| Not applicable \nWininet.dll| 11.0.9600.19538| 4,387,840| 15-Oct-2019| 02:08| x86| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 114,176| 18-Oct-2019| 18:40| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 130,560| 18-Oct-2019| 18:41| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 124,928| 18-Oct-2019| 18:42| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 122,880| 18-Oct-2019| 18:42| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 130,048| 18-Oct-2019| 18:43| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 138,240| 18-Oct-2019| 18:44| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 114,688| 18-Oct-2019| 20:06| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 131,584| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 117,760| 18-Oct-2019| 18:46| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 122,368| 18-Oct-2019| 18:46| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 134,144| 18-Oct-2019| 18:47| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 107,008| 18-Oct-2019| 18:48| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 123,392| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 127,488| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 128,512| 18-Oct-2019| 18:50| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 88,576| 18-Oct-2019| 18:51| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 82,944| 18-Oct-2019| 18:52| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 125,440| 18-Oct-2019| 18:53| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 123,392| 18-Oct-2019| 18:54| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 120,320| 18-Oct-2019| 18:55| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 130,560| 18-Oct-2019| 18:56| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 129,024| 18-Oct-2019| 18:56| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 125,952| 18-Oct-2019| 18:57| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 129,024| 18-Oct-2019| 18:58| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 128,000| 18-Oct-2019| 18:59| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 123,904| 18-Oct-2019| 18:59| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 129,024| 18-Oct-2019| 19:00| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 123,904| 18-Oct-2019| 19:01| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 124,416| 18-Oct-2019| 19:02| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 121,856| 18-Oct-2019| 19:03| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 115,712| 18-Oct-2019| 19:04| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 123,904| 18-Oct-2019| 19:04| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 125,440| 18-Oct-2019| 19:05| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 72,704| 18-Oct-2019| 19:07| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 73,728| 18-Oct-2019| 19:07| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 73,728| 18-Oct-2019| 19:08| Not applicable| None| Not applicable \nIedkcs32.dll| 18.0.9600.19538| 342,112| 18-Oct-2019| 18:39| x86| None| Not applicable \nInstall.ins| Not applicable| 464| 15-Oct-2019| 00:39| Not applicable| None| Not applicable \nIeapfltr.dat| 10.0.9301.0| 616,104| 27-Oct-2017| 23:25| Not applicable| None| Not applicable \nIeapfltr.dll| 11.0.9600.19538| 710,144| 15-Oct-2019| 02:03| x86| None| Not applicable \nTdc.ocx| 11.0.9600.19538| 73,216| 15-Oct-2019| 02:40| x86| None| Not applicable \nDiagnosticshub.datawarehouse.dll| 11.0.9600.19538| 489,472| 15-Oct-2019| 03:05| x86| None| Not applicable \nIedvtool.dll| 11.0.9600.19538| 772,608| 15-Oct-2019| 03:21| x86| None| Not applicable \nDiagnosticshub_is.dll| 11.0.9600.19538| 38,400| 15-Oct-2019| 03:07| x86| None| Not applicable \nDxtmsft.dll| 11.0.9600.19538| 416,256| 15-Oct-2019| 02:44| x86| None| Not applicable \nDxtrans.dll| 11.0.9600.19538| 279,040| 15-Oct-2019| 02:35| x86| None| Not applicable \nMicrosoft-windows-ie-f12-provider.ptxml| Not applicable| 11,892| 17-Oct-2019| 00:44| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 18:40| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 18:41| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 18:42| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 18:42| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 18:43| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 18:44| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 20:06| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 18:46| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 18:47| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 18:48| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 18:50| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 3,584| 18-Oct-2019| 18:51| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 3,584| 18-Oct-2019| 18:52| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 18:53| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 18:54| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 18:55| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 18:56| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 18:56| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 18:57| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 18:58| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 18:59| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 18:59| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:00| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:01| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:02| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:03| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:04| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:04| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:05| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 3,584| 18-Oct-2019| 19:06| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 3,584| 18-Oct-2019| 19:07| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 3,584| 18-Oct-2019| 19:08| Not applicable| None| Not applicable \nDiagnosticstap.dll| 11.0.9600.19538| 174,592| 15-Oct-2019| 02:43| x86| None| Not applicable \nF12resources.dll| 11.0.9600.19538| 10,948,096| 15-Oct-2019| 03:10| x86| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:40| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:41| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:41| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:42| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:43| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:44| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 20:06| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:47| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:47| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:48| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:50| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:51| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:52| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:53| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:54| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:55| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:55| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:56| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:57| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:58| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 18:59| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:00| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:00| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:01| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:02| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:03| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:04| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:04| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:05| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:06| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:07| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:08| Not applicable| None| Not applicable \nF12tools.dll| 11.0.9600.19538| 255,488| 15-Oct-2019| 02:43| x86| None| Not applicable \nF12.dll| 11.0.9600.19538| 1,206,272| 15-Oct-2019| 02:32| x86| None| Not applicable \nMsfeeds.dll| 11.0.9600.19538| 696,320| 15-Oct-2019| 02:27| x86| None| Not applicable \nMsfeeds.mof| Not applicable| 1,518| 15-Oct-2019| 00:47| Not applicable| None| Not applicable \nHtml.iec| 2019.0.0.19538| 341,504| 15-Oct-2019| 03:02| Not applicable| None| Not applicable \nMshtmled.dll| 11.0.9600.19538| 76,288| 15-Oct-2019| 02:36| x86| None| Not applicable \nMshtmlmedia.dll| 11.0.9600.19538| 1,155,072| 15-Oct-2019| 02:26| x86| None| Not applicable \nMicrosoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 17-Oct-2019| 00:44| Not applicable| None| Not applicable \nMshtml.dll| 11.0.9600.19538| 20,290,048| 15-Oct-2019| 03:20| x86| None| Not applicable \nMshtml.tlb| 11.0.9600.19538| 2,724,864| 15-Oct-2019| 03:15| Not applicable| None| Not applicable \nIeetwcollector.exe| 11.0.9600.19538| 104,960| 15-Oct-2019| 02:53| x86| None| Not applicable \nIeetwcollectorres.dll| 11.0.9600.19538| 4,096| 15-Oct-2019| 03:14| x86| None| Not applicable \nIeetwproxystub.dll| 11.0.9600.19538| 47,616| 15-Oct-2019| 03:02| x86| None| Not applicable \nIelowutil.exe| 11.0.9600.19538| 221,184| 15-Oct-2019| 02:55| x86| None| Not applicable \nIeproxy.dll| 11.0.9600.19538| 301,056| 15-Oct-2019| 02:00| x86| None| Not applicable \nIeshims.dll| 11.0.9600.19538| 290,304| 15-Oct-2019| 02:06| x86| None| Not applicable \nBing.ico| Not applicable| 5,430| 27-Oct-2017| 23:29| Not applicable| None| Not applicable \nIeunatt.exe| 11.0.9600.19538| 115,712| 15-Oct-2019| 02:53| x86| None| Not applicable \nMicrosoft-windows-ie-internetexplorer-ppdlic.xrm-ms| Not applicable| 2,956| 18-Oct-2019| 20:06| Not applicable| None| Not applicable \nWindows feed discovered.wav| Not applicable| 19,884| 27-Oct-2017| 23:33| Not applicable| None| Not applicable \nWindows information bar.wav| Not applicable| 23,308| 27-Oct-2017| 23:33| Not applicable| None| Not applicable \nWindows navigation start.wav| Not applicable| 11,340| 27-Oct-2017| 23:33| Not applicable| None| Not applicable \nWindows pop-up blocked.wav| Not applicable| 85,548| 27-Oct-2017| 23:33| Not applicable| None| Not applicable \nJsprofilerui.dll| 11.0.9600.19538| 579,584| 15-Oct-2019| 02:38| x86| SPR| X86_MICROSOFT-WINDOWS-IE-JSP \nMemoryanalyzer.dll| 11.0.9600.19538| 1,399,296| 15-Oct-2019| 02:50| x86| None| Not applicable \nMshtmldac.dll| 11.0.9600.19538| 64,000| 15-Oct-2019| 03:01| x86| None| Not applicable \nNetworkinspection.dll| 11.0.9600.19538| 1,075,200| 15-Oct-2019| 02:33| x86| SPE| X86_MICROSOFT-WINDOWS-IE-NETWORKINSP \nDesktop.ini| Not applicable| 65| 27-Oct-2017| 23:27| Not applicable| None| Not applicable \nOccache.dll| 11.0.9600.19538| 130,048| 15-Oct-2019| 02:34| x86| None| Not applicable \nDesktop.ini| Not applicable| 65| 27-Oct-2017| 23:27| Not applicable| None| Not applicable \nWebcheck.dll| 11.0.9600.19538| 230,400| 15-Oct-2019| 02:28| x86| None| Not applicable \nIcrav03.rat| Not applicable| 8,798| 27-Oct-2017| 23:27| Not applicable| None| Not applicable \nMsrating.dll| 11.0.9600.19538| 168,960| 15-Oct-2019| 02:37| x86| None| Not applicable \nTicrf.rat| Not applicable| 1,988| 27-Oct-2017| 23:27| Not applicable| None| Not applicable \nIertutil.dll| 11.0.9600.19538| 2,304,000| 15-Oct-2019| 02:59| x86| None| Not applicable \nSqmapi.dll| 6.2.9200.16384| 228,448| 18-Oct-2019| 18:39| x86| None| Not applicable \nIe4uinit.exe| 11.0.9600.19538| 692,224| 15-Oct-2019| 02:27| x86| None| Not applicable \nIernonce.dll| 11.0.9600.19538| 30,720| 15-Oct-2019| 02:56| x86| None| Not applicable \nIesetup.dll| 11.0.9600.19538| 62,464| 15-Oct-2019| 03:03| x86| None| Not applicable \nInseng.dll| 11.0.9600.19538| 91,136| 15-Oct-2019| 02:39| x86| None| Not applicable \nTimeline.dll| 11.0.9600.19538| 153,600| 15-Oct-2019| 02:39| x86| None| Not applicable \nTimeline.cpu.xml| Not applicable| 3,197| 27-Oct-2017| 23:26| Not applicable| None| Not applicable \nTimeline_is.dll| 11.0.9600.19538| 124,928| 15-Oct-2019| 02:56| x86| None| Not applicable \nVgx.dll| 11.0.9600.19538| 817,664| 15-Oct-2019| 02:37| x86| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,065,920| 18-Oct-2019| 18:40| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 18:40| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,120,704| 18-Oct-2019| 18:41| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 18:41| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,075,136| 18-Oct-2019| 18:42| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 18:41| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,063,360| 18-Oct-2019| 18:43| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 18:42| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,313,728| 18-Oct-2019| 18:44| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 18:43| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,389,504| 18-Oct-2019| 18:44| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,584| 18-Oct-2019| 18:44| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,032,640| 18-Oct-2019| 20:07| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 20:06| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,307,584| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,255,360| 18-Oct-2019| 18:46| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,061,312| 18-Oct-2019| 18:47| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 18:46| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,325,504| 18-Oct-2019| 18:47| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,584| 18-Oct-2019| 18:47| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,019,328| 18-Oct-2019| 18:48| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 18:48| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,070,528| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,082,304| 18-Oct-2019| 18:50| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,584| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,307,072| 18-Oct-2019| 18:51| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 18:50| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,170,368| 18-Oct-2019| 18:52| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 18:51| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,152,960| 18-Oct-2019| 18:53| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 18:52| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,291,712| 18-Oct-2019| 18:53| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 18:53| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,283,520| 18-Oct-2019| 18:54| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 18:54| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,051,584| 18-Oct-2019| 18:55| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 18:55| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,301,440| 18-Oct-2019| 18:56| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,584| 18-Oct-2019| 18:55| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,092,544| 18-Oct-2019| 18:57| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 18:56| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,075,136| 18-Oct-2019| 18:58| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 18:57| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,298,880| 18-Oct-2019| 18:58| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 18:58| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,094,080| 18-Oct-2019| 18:59| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 18:59| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,316,288| 18-Oct-2019| 19:00| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,584| 18-Oct-2019| 19:00| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,305,024| 18-Oct-2019| 19:01| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:00| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,278,912| 18-Oct-2019| 19:02| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:01| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,286,080| 18-Oct-2019| 19:02| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,584| 18-Oct-2019| 19:02| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,059,776| 18-Oct-2019| 19:03| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:03| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,314,240| 18-Oct-2019| 19:04| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:04| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,278,912| 18-Oct-2019| 19:05| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:04| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,323,968| 18-Oct-2019| 19:06| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:05| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,094,592| 18-Oct-2019| 19:06| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:07| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 1,886,208| 18-Oct-2019| 19:07| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:07| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 1,886,208| 18-Oct-2019| 19:08| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:08| Not applicable| None| Not applicable \nIeframe.dll| 11.0.9600.19538| 13,838,336| 15-Oct-2019| 02:22| x86| None| Not applicable \nIeframe.ptxml| Not applicable| 24,486| 17-Oct-2019| 00:44| Not applicable| None| Not applicable \nIeui.dll| 11.0.9600.19538| 476,160| 15-Oct-2019| 02:54| x86| None| Not applicable \nIeinstal.exe| 11.0.9600.19538| 475,648| 15-Oct-2019| 02:35| x86| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 18:40| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 18:41| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 524,695| 18-Oct-2019| 18:42| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 498,117| 18-Oct-2019| 18:42| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 550,368| 18-Oct-2019| 18:43| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 936,817| 18-Oct-2019| 18:44| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 20:06| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 542,176| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 524,839| 18-Oct-2019| 18:46| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 573,836| 18-Oct-2019| 18:47| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 18:48| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 568,654| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 546,666| 18-Oct-2019| 18:50| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 635,936| 18-Oct-2019| 18:51| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 523,726| 18-Oct-2019| 18:52| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 18:53| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 18:54| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 487,187| 18-Oct-2019| 18:55| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 546,916| 18-Oct-2019| 18:56| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 556,904| 18-Oct-2019| 18:56| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 533,528| 18-Oct-2019| 18:57| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 540,053| 18-Oct-2019| 18:58| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 18:59| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 798,691| 18-Oct-2019| 19:00| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 19:00| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 19:01| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 19:02| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 502,768| 18-Oct-2019| 19:03| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 19:04| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 520,067| 18-Oct-2019| 19:04| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 19:05| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 419,706| 18-Oct-2019| 19:06| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 436,285| 18-Oct-2019| 19:07| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 436,285| 18-Oct-2019| 19:08| Not applicable| None| Not applicable \nInetres.admx| Not applicable| 1,676,557| 10-Oct-2019| 23:41| Not applicable| None| Not applicable \nMsspellcheckingfacility.exe| 6.3.9600.19538| 668,160| 15-Oct-2019| 02:47| x86| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,184| 18-Oct-2019| 18:40| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 18-Oct-2019| 18:41| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 32,768| 18-Oct-2019| 18:41| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 33,280| 18-Oct-2019| 18:42| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 35,328| 18-Oct-2019| 18:43| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 37,888| 18-Oct-2019| 18:44| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 18-Oct-2019| 20:06| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 34,304| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 18-Oct-2019| 18:45| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 33,280| 18-Oct-2019| 18:46| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 34,304| 18-Oct-2019| 18:47| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 27,648| 18-Oct-2019| 18:48| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 34,304| 18-Oct-2019| 18:49| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 33,792| 18-Oct-2019| 18:51| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 23,040| 18-Oct-2019| 18:52| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 22,016| 18-Oct-2019| 18:52| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 18-Oct-2019| 18:53| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 18-Oct-2019| 18:54| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 31,232| 18-Oct-2019| 18:55| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 34,304| 18-Oct-2019| 18:56| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 35,840| 18-Oct-2019| 18:56| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 32,768| 18-Oct-2019| 18:57| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 33,280| 18-Oct-2019| 18:58| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 18-Oct-2019| 18:59| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 34,816| 18-Oct-2019| 18:59| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 33,280| 18-Oct-2019| 19:00| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 32,256| 18-Oct-2019| 19:01| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 18-Oct-2019| 19:02| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 32,768| 18-Oct-2019| 19:03| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 18-Oct-2019| 19:03| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 30,720| 18-Oct-2019| 19:04| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 18-Oct-2019| 19:05| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 16,384| 18-Oct-2019| 19:06| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 16,896| 18-Oct-2019| 19:07| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 16,896| 18-Oct-2019| 19:08| Not applicable| None| Not applicable \nJscript9.dll| 11.0.9600.19538| 4,112,384| 15-Oct-2019| 02:30| x86| None| Not applicable \nJscript9diag.dll| 11.0.9600.19538| 620,032| 15-Oct-2019| 02:52| x86| None| Not applicable \nJscript.dll| 5.8.9600.19539| 663,552| 17-Oct-2019| 00:50| x86| None| Not applicable \nVbscript.dll| 5.8.9600.19539| 496,640| 17-Oct-2019| 00:51| x86| None| Not applicable \n \n## Internet Explorer 11 on all supported x64-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform**| **SP requirement**| **Service branch** \n---|---|---|---|---|---|---|--- \nUrlmon.dll| 11.0.9600.19538| 1,566,720| 15-Oct-2019| 02:22| x64| None| Not applicable \nIexplore.exe| 11.0.9600.19538| 810,616| 18-Oct-2019| 19:31| x64| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 31,744| 18-Oct-2019| 19:33| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 36,352| 18-Oct-2019| 19:34| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 35,328| 18-Oct-2019| 19:34| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,816| 18-Oct-2019| 19:35| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 36,864| 18-Oct-2019| 19:36| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 39,424| 18-Oct-2019| 19:37| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 32,768| 18-Oct-2019| 20:47| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 37,376| 18-Oct-2019| 19:38| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 33,280| 18-Oct-2019| 19:39| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,816| 18-Oct-2019| 19:39| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 38,400| 18-Oct-2019| 19:40| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 30,720| 18-Oct-2019| 19:41| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,816| 18-Oct-2019| 19:42| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 35,328| 18-Oct-2019| 19:43| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 36,864| 18-Oct-2019| 19:43| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 25,600| 18-Oct-2019| 19:44| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 24,576| 18-Oct-2019| 19:45| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 35,840| 18-Oct-2019| 19:46| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,304| 18-Oct-2019| 19:47| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,304| 18-Oct-2019| 19:48| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 36,352| 18-Oct-2019| 19:48| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 35,840| 18-Oct-2019| 19:49| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,816| 18-Oct-2019| 19:50| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 35,840| 18-Oct-2019| 19:51| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 35,840| 18-Oct-2019| 19:52| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,304| 18-Oct-2019| 19:53| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 35,840| 18-Oct-2019| 19:53| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,816| 18-Oct-2019| 19:54| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,816| 18-Oct-2019| 19:55| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,816| 18-Oct-2019| 19:56| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 33,280| 18-Oct-2019| 19:57| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,304| 18-Oct-2019| 19:57| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 34,304| 18-Oct-2019| 19:58| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 20,992| 18-Oct-2019| 19:59| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 21,504| 18-Oct-2019| 19:59| Not applicable| None| Not applicable \nWebcheck.dll.mui| 11.0.9600.19538| 21,504| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 46,592| 18-Oct-2019| 19:33| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 52,736| 18-Oct-2019| 19:34| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,200| 18-Oct-2019| 19:34| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,200| 18-Oct-2019| 19:36| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 56,320| 18-Oct-2019| 19:36| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 57,856| 18-Oct-2019| 19:37| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 49,664| 18-Oct-2019| 20:47| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 54,272| 18-Oct-2019| 19:38| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 47,616| 18-Oct-2019| 19:39| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 49,152| 18-Oct-2019| 19:39| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 55,296| 18-Oct-2019| 19:40| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 45,056| 18-Oct-2019| 19:41| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,712| 18-Oct-2019| 19:42| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,712| 18-Oct-2019| 19:43| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 53,248| 18-Oct-2019| 19:43| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 39,424| 18-Oct-2019| 19:44| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 35,840| 18-Oct-2019| 19:45| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 50,176| 18-Oct-2019| 19:46| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,200| 18-Oct-2019| 19:47| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 50,688| 18-Oct-2019| 19:48| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 52,736| 18-Oct-2019| 19:48| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 53,760| 18-Oct-2019| 19:49| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 54,272| 18-Oct-2019| 19:50| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 54,272| 18-Oct-2019| 19:51| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 52,736| 18-Oct-2019| 19:52| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,200| 18-Oct-2019| 19:53| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 53,248| 18-Oct-2019| 19:53| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 52,736| 18-Oct-2019| 19:54| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 51,712| 18-Oct-2019| 19:55| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 50,688| 18-Oct-2019| 19:56| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 50,688| 18-Oct-2019| 19:56| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 50,176| 18-Oct-2019| 19:57| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 50,176| 18-Oct-2019| 19:58| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 30,720| 18-Oct-2019| 19:59| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 30,720| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nWininet.dll.mui| 11.0.9600.19538| 30,720| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nInetcpl.cpl| 11.0.9600.19538| 2,132,992| 15-Oct-2019| 02:45| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:33| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:34| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:35| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:35| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:36| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:37| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 20:47| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:38| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:38| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:40| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:40| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:41| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:42| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:43| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:43| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:44| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:45| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:46| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:47| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:47| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:48| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:50| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:50| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:51| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:52| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:53| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:53| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:54| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:55| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:56| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:57| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:57| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:58| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:59| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 307,200| 18-Oct-2019| 19:33| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 293,888| 18-Oct-2019| 19:34| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 290,304| 18-Oct-2019| 19:35| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 289,280| 18-Oct-2019| 19:35| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 299,008| 18-Oct-2019| 19:36| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 303,104| 18-Oct-2019| 19:37| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 282,112| 18-Oct-2019| 20:47| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 296,960| 18-Oct-2019| 19:38| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 283,648| 18-Oct-2019| 19:38| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 291,840| 18-Oct-2019| 19:40| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 299,520| 18-Oct-2019| 19:41| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 275,968| 18-Oct-2019| 19:41| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 290,816| 18-Oct-2019| 19:42| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 293,376| 18-Oct-2019| 19:43| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 296,960| 18-Oct-2019| 19:44| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 258,048| 18-Oct-2019| 19:44| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 256,512| 18-Oct-2019| 19:45| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 289,280| 18-Oct-2019| 19:46| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 288,256| 18-Oct-2019| 19:47| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 285,184| 18-Oct-2019| 19:47| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 295,424| 18-Oct-2019| 19:48| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 297,472| 18-Oct-2019| 19:50| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 292,864| 18-Oct-2019| 19:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 295,424| 18-Oct-2019| 19:51| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 294,400| 18-Oct-2019| 19:52| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 294,400| 18-Oct-2019| 19:53| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 292,864| 18-Oct-2019| 19:54| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 290,816| 18-Oct-2019| 19:54| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 288,768| 18-Oct-2019| 19:55| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 286,208| 18-Oct-2019| 19:56| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 281,600| 18-Oct-2019| 19:56| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 286,720| 18-Oct-2019| 19:57| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 292,352| 18-Oct-2019| 19:58| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 242,176| 18-Oct-2019| 19:59| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 243,200| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nMshtml.dll.mui| 11.0.9600.19538| 243,200| 18-Oct-2019| 20:01| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 61,440| 18-Oct-2019| 19:33| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 73,728| 18-Oct-2019| 19:34| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 67,584| 18-Oct-2019| 19:34| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 67,584| 18-Oct-2019| 19:35| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 74,240| 18-Oct-2019| 19:37| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 78,848| 18-Oct-2019| 19:37| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 61,440| 18-Oct-2019| 20:47| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 74,752| 18-Oct-2019| 19:38| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 62,464| 18-Oct-2019| 19:39| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 68,096| 18-Oct-2019| 19:39| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 75,264| 18-Oct-2019| 19:40| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 61,440| 18-Oct-2019| 19:41| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 68,608| 18-Oct-2019| 19:42| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 72,192| 18-Oct-2019| 19:42| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 73,216| 18-Oct-2019| 19:43| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 41,472| 18-Oct-2019| 19:44| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 37,888| 18-Oct-2019| 19:45| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 68,608| 18-Oct-2019| 19:46| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 67,584| 18-Oct-2019| 19:47| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 65,536| 18-Oct-2019| 19:47| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 74,240| 18-Oct-2019| 19:49| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 70,656| 18-Oct-2019| 19:49| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 71,168| 18-Oct-2019| 19:50| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 71,680| 18-Oct-2019| 19:51| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 71,168| 18-Oct-2019| 19:52| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 69,632| 18-Oct-2019| 19:53| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 68,096| 18-Oct-2019| 19:54| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 68,608| 18-Oct-2019| 19:54| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 68,096| 18-Oct-2019| 19:55| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 65,536| 18-Oct-2019| 19:56| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 59,904| 18-Oct-2019| 19:57| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 65,536| 18-Oct-2019| 19:57| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 69,120| 18-Oct-2019| 19:58| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 29,696| 18-Oct-2019| 19:59| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 30,720| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nF12resources.dll.mui| 11.0.9600.19538| 30,720| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nJavascriptcollectionagent.dll| 11.0.9600.19538| 77,824| 15-Oct-2019| 03:07| x64| None| Not applicable \nDiagnosticshub.scriptedsandboxplugin.dll| 11.0.9600.19538| 276,480| 15-Oct-2019| 03:09| x64| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 46,080| 18-Oct-2019| 19:33| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 50,176| 18-Oct-2019| 19:34| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 48,640| 18-Oct-2019| 19:35| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,664| 18-Oct-2019| 19:35| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 51,712| 18-Oct-2019| 19:36| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 54,272| 18-Oct-2019| 19:37| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 48,128| 18-Oct-2019| 20:47| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 50,176| 18-Oct-2019| 19:38| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 47,616| 18-Oct-2019| 19:39| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,152| 18-Oct-2019| 19:39| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 50,688| 18-Oct-2019| 19:41| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 45,056| 18-Oct-2019| 19:41| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,152| 18-Oct-2019| 19:42| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,152| 18-Oct-2019| 19:42| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,664| 18-Oct-2019| 19:44| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 39,936| 18-Oct-2019| 19:44| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 39,424| 18-Oct-2019| 19:45| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 47,616| 18-Oct-2019| 19:46| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 47,616| 18-Oct-2019| 19:47| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 48,640| 18-Oct-2019| 19:48| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 51,200| 18-Oct-2019| 19:48| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 50,688| 18-Oct-2019| 19:49| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,664| 18-Oct-2019| 19:50| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 50,176| 18-Oct-2019| 19:51| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,152| 18-Oct-2019| 19:52| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 48,640| 18-Oct-2019| 19:53| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 50,176| 18-Oct-2019| 19:53| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 48,640| 18-Oct-2019| 19:55| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,664| 18-Oct-2019| 19:55| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 48,640| 18-Oct-2019| 19:56| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 48,128| 18-Oct-2019| 19:56| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 49,152| 18-Oct-2019| 19:57| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 48,128| 18-Oct-2019| 19:58| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 35,328| 18-Oct-2019| 19:59| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 35,328| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nUrlmon.dll.mui| 11.0.9600.19538| 35,328| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 9,728| 18-Oct-2019| 19:33| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:34| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 19:34| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 9,728| 18-Oct-2019| 19:35| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:36| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 11,264| 18-Oct-2019| 19:37| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 9,728| 18-Oct-2019| 20:47| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:38| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 19:38| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 19:40| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:40| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 9,216| 18-Oct-2019| 19:41| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 19:42| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 19:42| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:44| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 7,680| 18-Oct-2019| 19:44| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 7,680| 18-Oct-2019| 19:45| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 19:46| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 19:47| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 9,728| 18-Oct-2019| 19:47| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 19:48| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 19:49| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:50| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:51| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 19:52| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 19:53| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,752| 18-Oct-2019| 19:54| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 19:54| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 19:55| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 9,728| 18-Oct-2019| 19:56| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 9,728| 18-Oct-2019| 19:56| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 19:57| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 10,240| 18-Oct-2019| 19:58| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 6,656| 18-Oct-2019| 19:59| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 6,656| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nOccache.dll.mui| 11.0.9600.19538| 6,656| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nJsproxy.dll| 11.0.9600.19538| 54,784| 15-Oct-2019| 03:28| x64| None| Not applicable \nWininet.dll| 11.0.9600.19538| 4,859,392| 15-Oct-2019| 02:33| x64| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 114,176| 18-Oct-2019| 19:33| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 130,560| 18-Oct-2019| 19:34| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 124,928| 18-Oct-2019| 19:35| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 122,880| 18-Oct-2019| 19:35| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 130,048| 18-Oct-2019| 19:36| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 138,240| 18-Oct-2019| 19:37| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 114,688| 18-Oct-2019| 20:47| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 131,584| 18-Oct-2019| 19:38| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 117,760| 18-Oct-2019| 19:38| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 122,368| 18-Oct-2019| 19:39| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 134,144| 18-Oct-2019| 19:40| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 107,008| 18-Oct-2019| 19:41| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 123,392| 18-Oct-2019| 19:42| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 127,488| 18-Oct-2019| 19:42| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 128,512| 18-Oct-2019| 19:43| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 88,576| 18-Oct-2019| 19:44| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 82,944| 18-Oct-2019| 19:45| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 125,440| 18-Oct-2019| 19:46| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 123,392| 18-Oct-2019| 19:47| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 120,320| 18-Oct-2019| 19:48| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 130,560| 18-Oct-2019| 19:48| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 129,024| 18-Oct-2019| 19:50| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 125,952| 18-Oct-2019| 19:50| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 129,024| 18-Oct-2019| 19:51| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 128,000| 18-Oct-2019| 19:52| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 123,904| 18-Oct-2019| 19:53| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 129,024| 18-Oct-2019| 19:53| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 123,904| 18-Oct-2019| 19:54| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 124,416| 18-Oct-2019| 19:55| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 121,856| 18-Oct-2019| 19:56| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 115,712| 18-Oct-2019| 19:56| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 123,904| 18-Oct-2019| 19:57| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 125,440| 18-Oct-2019| 19:58| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 72,704| 18-Oct-2019| 19:59| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 73,728| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19538| 73,728| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nIedkcs32.dll| 18.0.9600.19538| 390,752| 18-Oct-2019| 19:30| x64| None| Not applicable \nInstall.ins| Not applicable| 464| 15-Oct-2019| 00:39| Not applicable| None| Not applicable \nIeapfltr.dat| 10.0.9301.0| 616,104| 13-Sep-2019| 18:14| Not applicable| None| Not applicable \nIeapfltr.dll| 11.0.9600.19538| 800,768| 15-Oct-2019| 02:12| x64| None| Not applicable \nTdc.ocx| 11.0.9600.19538| 87,552| 15-Oct-2019| 03:06| x64| None| Not applicable \nDiagnosticshub.datawarehouse.dll| 11.0.9600.19538| 666,624| 15-Oct-2019| 03:39| x64| None| Not applicable \nIedvtool.dll| 11.0.9600.19538| 950,784| 15-Oct-2019| 05:13| x64| None| Not applicable \nDiagnosticshub_is.dll| 11.0.9600.19538| 50,176| 15-Oct-2019| 03:42| x64| None| Not applicable \nDxtmsft.dll| 11.0.9600.19538| 489,984| 15-Oct-2019| 03:13| x64| None| Not applicable \nDxtrans.dll| 11.0.9600.19538| 315,392| 15-Oct-2019| 03:00| x64| None| Not applicable \nMicrosoft-windows-ie-f12-provider.ptxml| Not applicable| 11,892| 17-Oct-2019| 00:45| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:33| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:34| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:34| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:35| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:36| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:37| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 20:47| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:38| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:38| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:40| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:40| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:41| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:42| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:43| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:43| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 3,584| 18-Oct-2019| 19:44| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 3,584| 18-Oct-2019| 19:45| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:46| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:47| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:47| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:48| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:49| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:50| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:51| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:52| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:53| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:54| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:54| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:55| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:56| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:56| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:57| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 4,096| 18-Oct-2019| 19:58| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 3,584| 18-Oct-2019| 19:59| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 3,584| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nF12.dll.mui| 11.0.9600.19538| 3,584| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nDiagnosticstap.dll| 11.0.9600.19538| 244,224| 15-Oct-2019| 03:11| x64| None| Not applicable \nF12resources.dll| 11.0.9600.19538| 10,949,120| 15-Oct-2019| 03:45| x64| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:33| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:34| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:34| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:35| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:36| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:37| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 20:47| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:38| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:38| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:40| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:40| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:41| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:42| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:43| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:43| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:44| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:45| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:46| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:47| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:48| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:48| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:49| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:50| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:51| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:52| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:53| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:53| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:54| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:55| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:56| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:56| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:58| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:58| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 19:59| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nF12tools.dll.mui| 11.0.9600.19538| 2,048| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nF12tools.dll| 11.0.9600.19538| 372,224| 15-Oct-2019| 03:10| x64| None| Not applicable \nF12.dll| 11.0.9600.19538| 1,421,312| 15-Oct-2019| 02:57| x64| None| Not applicable \nMsfeeds.dll| 11.0.9600.19538| 809,472| 15-Oct-2019| 02:47| x64| None| Not applicable \nMsfeeds.mof| Not applicable| 1,518| 15-Oct-2019| 00:51| Not applicable| None| Not applicable \nHtml.iec| 2019.0.0.19538| 417,280| 15-Oct-2019| 03:35| Not applicable| None| Not applicable \nMshtmled.dll| 11.0.9600.19538| 92,160| 15-Oct-2019| 03:02| x64| None| Not applicable \nMshtmlmedia.dll| 11.0.9600.19538| 1,359,360| 15-Oct-2019| 02:46| x64| None| Not applicable \nMicrosoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 17-Oct-2019| 00:45| Not applicable| None| Not applicable \nMshtml.dll| 11.0.9600.19538| 25,753,088| 15-Oct-2019| 05:13| x64| None| Not applicable \nMshtml.tlb| 11.0.9600.19538| 2,724,864| 15-Oct-2019| 03:50| Not applicable| None| Not applicable \nIeetwcollector.exe| 11.0.9600.19538| 116,224| 15-Oct-2019| 03:24| x64| None| Not applicable \nIeetwcollectorres.dll| 11.0.9600.19538| 4,096| 15-Oct-2019| 03:49| x64| None| Not applicable \nIeetwproxystub.dll| 11.0.9600.19538| 48,640| 15-Oct-2019| 03:35| x64| None| Not applicable \nIelowutil.exe| 11.0.9600.19538| 222,720| 15-Oct-2019| 03:26| x64| None| Not applicable \nIeproxy.dll| 11.0.9600.19538| 805,376| 15-Oct-2019| 02:08| x64| None| Not applicable \nIeshims.dll| 11.0.9600.19538| 386,560| 15-Oct-2019| 02:16| x64| None| Not applicable \nBing.ico| Not applicable| 5,430| 13-Sep-2019| 18:14| Not applicable| None| Not applicable \nIeunatt.exe| 11.0.9600.19538| 144,384| 15-Oct-2019| 03:24| x64| None| Not applicable \nMicrosoft-windows-ie-internetexplorer-ppdlic.xrm-ms| Not applicable| 2,956| 18-Oct-2019| 20:46| Not applicable| None| Not applicable \nWindows feed discovered.wav| Not applicable| 19,884| 13-Sep-2019| 18:15| Not applicable| None| Not applicable \nWindows information bar.wav| Not applicable| 23,308| 13-Sep-2019| 18:15| Not applicable| None| Not applicable \nWindows navigation start.wav| Not applicable| 11,340| 13-Sep-2019| 18:15| Not applicable| None| Not applicable \nWindows pop-up blocked.wav| Not applicable| 85,548| 13-Sep-2019| 18:15| Not applicable| None| Not applicable \nJsprofilerui.dll| 11.0.9600.19538| 628,736| 15-Oct-2019| 03:03| x64| SPR| AMD64_MICROSOFT-WINDOWS-IE-JSP \nMemoryanalyzer.dll| 11.0.9600.19538| 1,862,144| 15-Oct-2019| 03:22| x64| None| Not applicable \nMshtmldac.dll| 11.0.9600.19538| 88,064| 15-Oct-2019| 03:35| x64| None| Not applicable \nNetworkinspection.dll| 11.0.9600.19538| 1,217,024| 15-Oct-2019| 02:58| x64| SPE| AMD64_MICROSOFT-WINDOWS-IE-NETWORKINSP \nDesktop.ini| Not applicable| 65| 13-Sep-2019| 18:14| Not applicable| None| Not applicable \nOccache.dll| 11.0.9600.19538| 152,064| 15-Oct-2019| 02:59| x64| None| Not applicable \nDesktop.ini| Not applicable| 65| 13-Sep-2019| 18:14| Not applicable| None| Not applicable \nWebcheck.dll| 11.0.9600.19538| 262,144| 15-Oct-2019| 02:50| x64| None| Not applicable \nIcrav03.rat| Not applicable| 8,798| 13-Sep-2019| 18:14| Not applicable| None| Not applicable \nMsrating.dll| 11.0.9600.19538| 199,680| 15-Oct-2019| 03:03| x64| None| Not applicable \nTicrf.rat| Not applicable| 1,988| 13-Sep-2019| 18:14| Not applicable| None| Not applicable \nIertutil.dll| 11.0.9600.19538| 2,910,720| 15-Oct-2019| 03:37| x64| None| Not applicable \nSqmapi.dll| 6.2.9200.16384| 286,304| 18-Oct-2019| 19:32| x64| None| Not applicable \nIe4uinit.exe| 11.0.9600.19538| 728,064| 15-Oct-2019| 02:47| x64| None| Not applicable \nIernonce.dll| 11.0.9600.19538| 34,304| 15-Oct-2019| 03:27| x64| None| Not applicable \nIesetup.dll| 11.0.9600.19538| 66,560| 15-Oct-2019| 03:36| x64| None| Not applicable \nInseng.dll| 11.0.9600.19538| 107,520| 15-Oct-2019| 03:06| x64| None| Not applicable \nTimeline.dll| 11.0.9600.19538| 219,136| 15-Oct-2019| 03:05| x64| None| Not applicable \nTimeline.cpu.xml| Not applicable| 3,197| 13-Sep-2019| 18:14| Not applicable| None| Not applicable \nTimeline_is.dll| 11.0.9600.19538| 171,520| 15-Oct-2019| 03:28| x64| None| Not applicable \nVgx.dll| 11.0.9600.19538| 1,018,368| 15-Oct-2019| 03:02| x64| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,065,920| 18-Oct-2019| 19:33| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:33| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,120,704| 18-Oct-2019| 19:34| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:34| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,075,136| 18-Oct-2019| 19:35| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:34| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,063,360| 18-Oct-2019| 19:36| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:35| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,313,728| 18-Oct-2019| 19:36| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:36| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,389,504| 18-Oct-2019| 19:37| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,584| 18-Oct-2019| 19:37| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,032,640| 18-Oct-2019| 20:47| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 20:47| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,307,584| 18-Oct-2019| 19:38| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:38| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,255,360| 18-Oct-2019| 19:39| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:38| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,061,312| 18-Oct-2019| 19:40| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:40| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,325,504| 18-Oct-2019| 19:41| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,584| 18-Oct-2019| 19:40| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,019,328| 18-Oct-2019| 19:41| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:41| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,070,528| 18-Oct-2019| 19:42| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:42| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,082,304| 18-Oct-2019| 19:43| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,584| 18-Oct-2019| 19:43| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,307,072| 18-Oct-2019| 19:44| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:43| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,170,368| 18-Oct-2019| 19:45| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:44| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,152,960| 18-Oct-2019| 19:45| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:45| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,291,712| 18-Oct-2019| 19:46| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:46| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,283,520| 18-Oct-2019| 19:47| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:47| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,051,584| 18-Oct-2019| 19:48| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:48| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,301,440| 18-Oct-2019| 19:49| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,584| 18-Oct-2019| 19:48| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,092,544| 18-Oct-2019| 19:50| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:49| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,075,136| 18-Oct-2019| 19:50| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:50| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,298,880| 18-Oct-2019| 19:51| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:51| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,094,080| 18-Oct-2019| 19:52| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:52| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,316,288| 18-Oct-2019| 19:53| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,584| 18-Oct-2019| 19:53| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,305,024| 18-Oct-2019| 19:54| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:54| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,278,912| 18-Oct-2019| 19:54| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:54| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,286,080| 18-Oct-2019| 19:55| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,584| 18-Oct-2019| 19:55| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,059,776| 18-Oct-2019| 19:56| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:56| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,314,240| 18-Oct-2019| 19:57| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:57| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,278,912| 18-Oct-2019| 19:58| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:57| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,323,968| 18-Oct-2019| 19:58| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:58| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 2,094,592| 18-Oct-2019| 19:59| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 19:59| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 1,886,208| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nIeframe.dll.mui| 11.0.9600.19538| 1,886,208| 18-Oct-2019| 20:01| Not applicable| None| Not applicable \nIeui.dll.mui| 11.0.9600.19538| 3,072| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nIeframe.dll| 11.0.9600.19538| 15,444,992| 15-Oct-2019| 02:43| x64| None| Not applicable \nIeframe.ptxml| Not applicable| 24,486| 17-Oct-2019| 00:45| Not applicable| None| Not applicable \nIeui.dll| 11.0.9600.19538| 615,936| 15-Oct-2019| 03:25| x64| None| Not applicable \nIeinstal.exe| 11.0.9600.19538| 492,032| 15-Oct-2019| 03:00| x64| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 19:33| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 19:34| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 524,695| 18-Oct-2019| 19:35| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 498,117| 18-Oct-2019| 19:35| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 550,368| 18-Oct-2019| 19:36| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 936,817| 18-Oct-2019| 19:37| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 20:47| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 542,176| 18-Oct-2019| 19:38| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 19:39| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 524,839| 18-Oct-2019| 19:39| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 573,836| 18-Oct-2019| 19:40| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 19:41| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 19:42| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 568,654| 18-Oct-2019| 19:43| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 546,666| 18-Oct-2019| 19:43| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 635,936| 18-Oct-2019| 19:44| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 523,726| 18-Oct-2019| 19:45| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 19:46| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 19:47| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 487,187| 18-Oct-2019| 19:47| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 546,916| 18-Oct-2019| 19:48| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 556,904| 18-Oct-2019| 19:49| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 533,528| 18-Oct-2019| 19:50| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 540,053| 18-Oct-2019| 19:51| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 19:52| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 798,691| 18-Oct-2019| 19:53| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 19:53| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 19:54| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 19:55| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 502,768| 18-Oct-2019| 19:56| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 19:57| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 520,067| 18-Oct-2019| 19:58| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 456,949| 18-Oct-2019| 19:58| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 419,706| 18-Oct-2019| 19:59| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 436,285| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nInetres.adml| Not applicable| 436,285| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nInetres.admx| Not applicable| 1,676,557| 10-Oct-2019| 23:42| Not applicable| None| Not applicable \nMsspellcheckingfacility.exe| 6.3.9600.19538| 969,216| 15-Oct-2019| 03:16| x64| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,184| 18-Oct-2019| 19:33| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 18-Oct-2019| 19:34| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 32,768| 18-Oct-2019| 19:35| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 33,280| 18-Oct-2019| 19:35| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 35,328| 18-Oct-2019| 19:36| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 37,888| 18-Oct-2019| 19:37| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 18-Oct-2019| 20:47| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 34,304| 18-Oct-2019| 19:38| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 18-Oct-2019| 19:39| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 33,280| 18-Oct-2019| 19:39| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 34,304| 18-Oct-2019| 19:40| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 27,648| 18-Oct-2019| 19:41| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 18-Oct-2019| 19:42| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 34,304| 18-Oct-2019| 19:42| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 33,792| 18-Oct-2019| 19:43| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 23,040| 18-Oct-2019| 19:44| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 22,016| 18-Oct-2019| 19:45| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 18-Oct-2019| 19:46| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 18-Oct-2019| 19:47| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 31,232| 18-Oct-2019| 19:48| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 34,304| 18-Oct-2019| 19:48| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 35,840| 18-Oct-2019| 19:49| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 32,768| 18-Oct-2019| 19:50| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 33,280| 18-Oct-2019| 19:51| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 18-Oct-2019| 19:52| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 34,816| 18-Oct-2019| 19:53| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 33,280| 18-Oct-2019| 19:53| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 32,256| 18-Oct-2019| 19:54| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 18-Oct-2019| 19:55| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 32,768| 18-Oct-2019| 19:56| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 18-Oct-2019| 19:57| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 30,720| 18-Oct-2019| 19:58| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 29,696| 18-Oct-2019| 19:58| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 16,384| 18-Oct-2019| 19:59| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 16,896| 18-Oct-2019| 19:59| Not applicable| None| Not applicable \nJscript9.dll.mui| 11.0.9600.19538| 16,896| 18-Oct-2019| 20:00| Not applicable| None| Not applicable \nJscript9.dll| 11.0.9600.19538| 5,500,928| 15-Oct-2019| 03:25| x64| None| Not applicable \nJscript9diag.dll| 11.0.9600.19538| 814,080| 15-Oct-2019| 03:24| x64| None| Not applicable \nJscript.dll| 5.8.9600.19539| 797,696| 17-Oct-2019| 00:50| x64| None| Not applicable \nVbscript.dll| 5.8.9600.19539| 580,096| 17-Oct-2019| 00:51| x64| None| Not applicable \nIexplore.exe| 11.0.9600.19538| 810,376| 18-Oct-2019| 18:39| x86| None| Not applicable \nTdc.ocx| 11.0.9600.19538| 73,216| 15-Oct-2019| 02:40| x86| None| Not applicable \nDxtmsft.dll| 11.0.9600.19538| 416,256| 15-Oct-2019| 02:44| x86| None| Not applicable \nDxtrans.dll| 11.0.9600.19538| 279,040| 15-Oct-2019| 02:35| x86| None| Not applicable \nMsfeeds.dll| 11.0.9600.19538| 696,320| 15-Oct-2019| 02:27| x86| None| Not applicable \nMsfeeds.mof| Not applicable| 1,518| 15-Oct-2019| 00:47| Not applicable| None| Not applicable \nMshtmled.dll| 11.0.9600.19538| 76,288| 15-Oct-2019| 02:36| x86| None| Not applicable \nMshtmlmedia.dll| 11.0.9600.19538| 1,155,072| 15-Oct-2019| 02:26| x86| None| Not applicable \nMshtml.dll| 11.0.9600.19538| 20,290,048| 15-Oct-2019| 03:20| x86| None| Not applicable \nMshtml.tlb| 11.0.9600.19538| 2,724,864| 15-Oct-2019| 03:15| Not applicable| None| Not applicable \nWow64_microsoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 17-Oct-2019| 00:46| Not applicable| None| Not applicable \nIeetwproxystub.dll| 11.0.9600.19538| 47,616| 15-Oct-2019| 03:02| x86| None| Not applicable \nIeunatt.exe| 11.0.9600.19538| 115,712| 15-Oct-2019| 02:53| x86| None| Not applicable \nOccache.dll| 11.0.9600.19538| 130,048| 15-Oct-2019| 02:34| x86| None| Not applicable \nWebcheck.dll| 11.0.9600.19538| 230,400| 15-Oct-2019| 02:28| x86| None| Not applicable \nIernonce.dll| 11.0.9600.19538| 30,720| 15-Oct-2019| 02:56| x86| None| Not applicable \nIesetup.dll| 11.0.9600.19538| 62,464| 15-Oct-2019|

November 12, 2019—KB4525234 (Monthly Rollup)

Description

Related