[{"data":1,"prerenderedAt":1409},["ShallowReactive",2],{"I-maWsoucveWH7VpbVdiZ9YJQaZbJd1SsPfUgTAv7BA":3,"i-custom:keyboard-arrow-down":704,"i-custom:check":708,"i-custom:north-east":710,"oHRkDq7_2Pkors6htvovc5RIh7jsVvW21jb6Yz_oZSM":712},{"_site":4,"allMenuCtas":33,"allMenuItems":43,"allFooterMenuItems":207,"allFooterLinks":259,"allProductCategories":263,"allPlans":277,"allPatchCategories":288,"allCountries":622,"allPartnerCategories":664,"topBar":674,"allSocialLinks":695},{"globalSeo":5,"favicon":8,"faviconMetaTags":10,"locales":31},{"siteName":6,"titleSuffix":7},"0patch"," | 0patch",{"url":9},"https://www.datocms-assets.com/166020/1758709113-0patch_logo.svg",[11,19,23,27],{"tag":12,"attributes":13,"content":18},"link",{"sizes":14,"type":15,"rel":16,"href":17},"16x16","image/svg","icon","https://www.datocms-assets.com/166020/1758709113-0patch_logo.svg?auto=format&h=16&w=16",null,{"tag":12,"attributes":20,"content":18},{"sizes":21,"type":15,"rel":16,"href":22},"32x32","https://www.datocms-assets.com/166020/1758709113-0patch_logo.svg?auto=format&h=32&w=32",{"tag":12,"attributes":24,"content":18},{"sizes":25,"type":15,"rel":16,"href":26},"96x96","https://www.datocms-assets.com/166020/1758709113-0patch_logo.svg?auto=format&h=96&w=96",{"tag":12,"attributes":28,"content":18},{"sizes":29,"type":15,"rel":16,"href":30},"192x192","https://www.datocms-assets.com/166020/1758709113-0patch_logo.svg?auto=format&h=192&w=192",[32],"en",[34],{"id":35,"title":36,"reference":37,"externalLink":40,"variant":41,"publishTranslation":42},"7540649","Buy now",{"_modelApiKey":38,"slug":39},"page","pricing","","primary-green",true,[44,52,59,66,86,92,99,103,109,117,123,130,135,149,155,169,175],{"id":45,"children":46,"externalLink":40,"parent":47,"reference":49,"title":51,"description":40,"publishTranslation":42},"HC0Jv04qRuKuZzHWgfUcNw",[],{"id":48},"IL3SSc5ySpu4strWvTvZ_A",{"_modelApiKey":38,"slug":50},"in-the-media","In the media",{"id":53,"children":54,"externalLink":55,"parent":56,"reference":18,"title":58,"description":40,"publishTranslation":42},"Lf_fG7sJTeyY-YwXgCZM6A",[],"https://dist.0patch.com/download/latestagent",{"id":57},"InIESymQQManhdOiSJWRAA","Download 0patch Agent",{"id":60,"children":61,"externalLink":62,"parent":63,"reference":18,"title":65,"description":40,"publishTranslation":42},"H1wOcewmTj2BFNcm_3S4Pg",[],"https://support.0patch.com/hc/en-us/sections/22259984868242",{"id":64},"SWaM0xVVRG-TtXEDSCe6CA","User Manual",{"id":48,"children":67,"externalLink":40,"parent":83,"reference":18,"title":85,"description":40,"publishTranslation":42},[68,72],{"id":45,"title":51,"description":40,"parent":69,"reference":70,"externalLink":40,"publishTranslation":42,"children":71},{"id":48},{"_modelApiKey":38,"slug":50},[],{"id":73,"title":74,"description":74,"parent":75,"reference":76,"externalLink":40,"publishTranslation":42,"children":82},"GYvRoN-xQrK53JU9hoMC9g","From our blog",{"id":48},{"_modelApiKey":77,"slug":78,"title":79,"createdAt":80,"published":81},"article","micropatches-released-for-windows-storage-elevation-of-privilege-vulnerability-cv","Micropatches released for Windows Storage Elevation of Privilege Vulnerability (CVE-2026-21508)","2026-04-04T11:50:51+02:00","2026-03-31T00:00:00+02:00",[],{"id":84},"136494748","Featured",{"id":87,"children":88,"externalLink":40,"parent":18,"reference":89,"title":91,"description":40,"publishTranslation":42},"7537370",[],{"_modelApiKey":38,"slug":90},"windows10","Windows 10",{"id":93,"children":94,"externalLink":95,"parent":96,"reference":18,"title":97,"description":98,"publishTranslation":42},"KNhSd6vgR2mx15df8jrG1g",[],"https://support.0patch.com/hc/en-us",{"id":57},"Help Center","All sections",{"id":73,"children":100,"externalLink":40,"parent":101,"reference":102,"title":74,"description":74,"publishTranslation":42},[],{"id":48},{"_modelApiKey":77,"slug":78,"createdAt":80,"title":79,"published":81},{"id":104,"children":105,"externalLink":106,"parent":107,"reference":18,"title":108,"description":40,"publishTranslation":42},"YlQq8EI3S3Cjo6bX8KwScg",[],"https://www.0patch.com/files/0patch_End_User_License_Agreement.pdf",{"id":64},"License agreement",{"id":110,"children":111,"externalLink":40,"parent":112,"reference":113,"title":115,"description":116,"publishTranslation":42},"7537375",[],{"id":57},{"_modelApiKey":38,"slug":114},"contact","Contact us","Form demo",{"id":118,"children":119,"externalLink":40,"parent":18,"reference":120,"title":122,"description":40,"publishTranslation":42},"LT3XEcT4ToWK-CGDxHIvxA",[],{"_modelApiKey":38,"slug":121},"patches","Patches",{"id":124,"children":125,"externalLink":40,"parent":126,"reference":127,"title":129,"description":40,"publishTranslation":42},"C_hUUxSzRlWzUZJZiQKLWg",[],{"id":64},{"_modelApiKey":38,"slug":128},"privacy","Privacy policy",{"id":131,"children":132,"externalLink":40,"parent":18,"reference":133,"title":134,"description":40,"publishTranslation":42},"M7H9KVRYQbWzdi5przLT7w",[],{"_modelApiKey":38,"slug":39},"Pricing",{"id":57,"children":136,"externalLink":40,"parent":147,"reference":18,"title":148,"description":40,"publishTranslation":42},[137,140,143],{"id":53,"title":58,"description":40,"parent":138,"reference":18,"externalLink":55,"publishTranslation":42,"children":139},{"id":57},[],{"id":93,"title":97,"description":98,"parent":141,"reference":18,"externalLink":95,"publishTranslation":42,"children":142},{"id":57},[],{"id":110,"title":115,"description":116,"parent":144,"reference":145,"externalLink":40,"publishTranslation":42,"children":146},{"id":57},{"_modelApiKey":38,"slug":114},[],{"id":84},"Support",{"id":150,"children":151,"externalLink":40,"parent":18,"reference":152,"title":154,"description":40,"publishTranslation":42},"7540650",[],{"_modelApiKey":38,"slug":153},"blog","Blog",{"id":64,"children":156,"externalLink":40,"parent":167,"reference":18,"title":168,"description":40,"publishTranslation":42},[157,160,163],{"id":60,"title":65,"description":40,"parent":158,"reference":18,"externalLink":62,"publishTranslation":42,"children":159},{"id":64},[],{"id":104,"title":108,"description":40,"parent":161,"reference":18,"externalLink":106,"publishTranslation":42,"children":162},{"id":64},[],{"id":124,"title":129,"description":40,"parent":164,"reference":165,"externalLink":40,"publishTranslation":42,"children":166},{"id":64},{"_modelApiKey":38,"slug":128},[],{"id":84},"Documents",{"id":170,"children":171,"externalLink":40,"parent":18,"reference":172,"title":174,"description":40,"publishTranslation":42},"SH5u-VrlQeKwYFXpbtstHw",[],{"_modelApiKey":38,"slug":173},"partners","Partners",{"id":84,"children":176,"externalLink":40,"parent":18,"reference":18,"title":206,"description":40,"publishTranslation":42},[177,186,196],{"id":48,"title":85,"description":40,"parent":178,"reference":18,"externalLink":40,"publishTranslation":42,"children":179},{"id":84},[180,183],{"id":45,"title":51,"description":40,"parent":181,"reference":182,"externalLink":40,"publishTranslation":42},{"id":48},{"_modelApiKey":38,"slug":50},{"id":73,"title":74,"description":74,"parent":184,"reference":185,"externalLink":40,"publishTranslation":42},{"id":48},{"_modelApiKey":77,"slug":78,"createdAt":80,"title":79,"published":81},{"id":57,"title":148,"description":40,"parent":187,"reference":18,"externalLink":40,"publishTranslation":42,"children":188},{"id":84},[189,191,193],{"id":53,"title":58,"description":40,"parent":190,"reference":18,"externalLink":55,"publishTranslation":42},{"id":57},{"id":93,"title":97,"description":98,"parent":192,"reference":18,"externalLink":95,"publishTranslation":42},{"id":57},{"id":110,"title":115,"description":116,"parent":194,"reference":195,"externalLink":40,"publishTranslation":42},{"id":57},{"_modelApiKey":38,"slug":114},{"id":64,"title":168,"description":40,"parent":197,"reference":18,"externalLink":40,"publishTranslation":42,"children":198},{"id":84},[199,201,203],{"id":60,"title":65,"description":40,"parent":200,"reference":18,"externalLink":62,"publishTranslation":42},{"id":64},{"id":104,"title":108,"description":40,"parent":202,"reference":18,"externalLink":106,"publishTranslation":42},{"id":64},{"id":124,"title":129,"description":40,"parent":204,"reference":205,"externalLink":40,"publishTranslation":42},{"id":64},{"_modelApiKey":38,"slug":128},"Resources",[208,214,218,222,226,231,235,239,244,249,254],{"id":209,"column":210,"children":211,"externalLink":40,"parent":18,"reference":212,"title":122,"description":40,"publishTranslation":42},"Z7v-uM0cTOOBdk-s10IiJA",1,[],{"__typename":213,"_modelApiKey":38,"slug":121},"PageRecord",{"id":215,"column":210,"children":216,"externalLink":40,"parent":18,"reference":217,"title":134,"description":40,"publishTranslation":42},"Yr6Go03oTdSCq8pxdWdUsg",[],{"__typename":213,"_modelApiKey":38,"slug":39},{"id":219,"column":210,"children":220,"externalLink":40,"parent":18,"reference":221,"title":174,"description":40,"publishTranslation":42},"Ds1JBCIHQQKM3pJdA6ywFA",[],{"__typename":213,"_modelApiKey":38,"slug":173},{"id":223,"column":210,"children":224,"externalLink":40,"parent":18,"reference":225,"title":115,"description":40,"publishTranslation":42},"d9N0wsZhQsm7WLVqkmUWVQ",[],{"__typename":213,"_modelApiKey":38,"slug":114},{"id":227,"column":228,"children":229,"externalLink":40,"parent":18,"reference":230,"title":154,"description":40,"publishTranslation":42},"O9Oqpya5TZafs7o4l_8Nvg",2,[],{"__typename":213,"_modelApiKey":38,"slug":153},{"id":232,"column":228,"children":233,"externalLink":40,"parent":18,"reference":234,"title":51,"description":40,"publishTranslation":42},"QbA-8ChQT-eVxrfVlZzKaA",[],{"__typename":213,"_modelApiKey":38,"slug":50},{"id":236,"column":228,"children":237,"externalLink":95,"parent":18,"reference":18,"title":238,"description":40,"publishTranslation":42},"GcPu0RJNQu2cmfpL_Us1Lg",[],"Help center ",{"id":240,"column":228,"children":241,"externalLink":242,"parent":18,"reference":18,"title":243,"description":40,"publishTranslation":42},"NwREnz0XTvOJ93OHko_7xw",[],"https://status.0patch.com/","Status page",{"id":245,"column":228,"children":246,"externalLink":40,"parent":18,"reference":247,"title":248,"description":40,"publishTranslation":42},"UPh4X1tXRt24AhzNHaztFg",[],{"__typename":213,"_modelApiKey":38,"slug":114},"Write to support",{"id":250,"column":228,"children":251,"externalLink":252,"parent":18,"reference":18,"title":253,"description":40,"publishTranslation":42},"bUWsPw9eRvG4Ycl7j0yONg",[],"mailto:security@0patch.com","Report a security issue",{"id":255,"column":228,"children":256,"externalLink":257,"parent":18,"reference":18,"title":258,"description":40,"publishTranslation":42},"eB66OgJwSXSF0UWkhz1snQ",[],"https://www.0patch.com/files/0patch.asc","PGP KEY",[260],{"externalLink":40,"reference":261,"title":262,"publishTranslation":42},{"_modelApiKey":38,"slug":128},"Privacy",[264,269,273],{"__typename":265,"id":266,"name":267,"slug":268},"ProductCategoryRecord","Am0QLeVvQCuP42oCnhKABQ","Office","office",{"__typename":265,"id":270,"name":271,"slug":272},"VFAYSlgkRneu1oHcTKcpwQ","Server","server",{"__typename":265,"id":274,"name":275,"slug":276},"UNiVGxy_QViVXTpaSLXZlQ","Windows","windows",[278,282,285],{"__typename":279,"id":280,"title":281},"PlanRecord","T-QQY6XRSjeGbmXIK5kNCw","Free",{"__typename":279,"id":283,"title":284},"TOtXWfDyTjyO3H3OW_HRtQ","Professional",{"__typename":279,"id":286,"title":287},"KJjNQcHiRVa_mZqx_GtIrg","Enterprise",[289,423,520,561,605],{"__typename":290,"_allReferencingPatchesMeta":291,"_allReferencingPatches":293,"_modelApiKey":418,"name":419,"id":420,"slug":421,"icon":18,"supportDate":422},"PatchCategoryRecord",{"count":292},19,[294,302,310,317,325,333,340,346,352,358,364,370,376,382,388,394,400,406,412],{"id":295,"title":296,"description":297,"plans":298},"CHBzDqmWSkiUggiwCycMKQ","0day patches","\u003Cp>Patches for vulnerabilities the original vendor has not yet patched - both for legacy products and products that are still under official vendor support\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?type=0day\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our 0day patches\u003C/a>\u003C/strong>\u003C/p>",[299,300,301],{"id":280,"title":281},{"id":283,"title":284},{"id":286,"title":287},{"id":303,"title":304,"description":305,"plans":306},"W1zipVenRuaCpMLlbChNkg","Free patches","\u003Cp>Patches for \"0day\" vulnerabilities are generally free until the vendor has provided an official fix\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?plan=free\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our free patches\u003C/a>\u003C/strong>\u003C/p>",[307,308,309],{"id":280,"title":281},{"id":283,"title":284},{"id":286,"title":287},{"id":311,"title":312,"description":313,"plans":314},"JMf6o8nLRh2YNbSjeoWSbg","All patches","\u003Cp>All our patches we have ever issued, or will ever issue, including 0day and legacy patches\u003C/p>",[315,316],{"id":283,"title":284},{"id":286,"title":287},{"id":318,"title":319,"description":320,"plans":321},"N2SosqbOST-U5Q3FTqKT-g","Multi factor authentication (MFA)","\u003Cp>Require one-time code from an authenticator app when accessing 0patch Central\u003C/p>",[322,323,324],{"id":280,"title":281},{"id":283,"title":284},{"id":286,"title":287},{"id":326,"title":327,"description":328,"plans":329},"Aurt0TQWT3qrx--H6Bvtnw","0patch console - local management","\u003Cp>0patch Agent is managed locally using 0patch Console application\u003C/p>",[330,331,332],{"id":280,"title":281},{"id":283,"title":284},{"id":286,"title":287},{"id":334,"title":335,"description":336,"plans":337},"dvNfP_7ZQ6uyUtJO3ADbJQ","Standard email support","\u003Cp>Email support with 24-hour response time\u003C/p>",[338,339],{"id":283,"title":284},{"id":286,"title":287},{"id":341,"title":342,"description":343,"plans":344},"DRZtt1FJQ2OW742_5ZdcOQ","Central management","\u003Cp>Centrally manage and monitor all your 0patch Agents from web-based 0patch Central\u003C/p>",[345],{"id":286,"title":287},{"id":347,"title":348,"description":349,"plans":350},"C7j04lkDSSmPT2ikq9grug","IP address allow-listing","\u003Cp>Restricting access to 0patch Central so only users connecting from approved IP addresses can use it\u003C/p>",[351],{"id":286,"title":287},{"id":353,"title":354,"description":355,"plans":356},"aLo8Rj7YQsufFNozN8C6lw","Unattended agent installation","\u003Cp>Deploy 0patch Agent remotely without user interaction\u003C/p>",[357],{"id":286,"title":287},{"id":359,"title":360,"description":361,"plans":362},"dJECbsVMSGm7_ObPWiWSDQ","Agent auto-registration","\u003Cp>0patch Agent can automatically register itself to your 0patch account\u003C/p>",[363],{"id":286,"title":287},{"id":365,"title":366,"description":367,"plans":368},"WHM0-Mj0Sr2WZ1LwhTI9Dw","Silent run","\u003Cp>0patch Agent operates entirely in the background without showing notifications or prompts to the user\u003C/p>",[369],{"id":286,"title":287},{"id":371,"title":372,"description":373,"plans":374},"Zjk5YWqcS2al2C2OTEH82w","Patching policies","\u003Cp>Select which patches are enabled for which groups of computers, and whether newly issued patches are initially enabled or disabled\u003C/p>",[375],{"id":286,"title":287},{"id":377,"title":378,"description":379,"plans":380},"DXTTXN2ITtmy-Bclo1_iKQ","Computer groups","\u003Cp>Organize your computers in groups to simplify management and apply different policies to different sets of computers\u003C/p>",[381],{"id":286,"title":287},{"id":383,"title":384,"description":385,"plans":386},"Vna1HyM9Q4-kwJshD0-4Ag","Multi user support","\u003Cp>Add any number of users to 0patch Central\u003C/p>",[387],{"id":286,"title":287},{"id":389,"title":390,"description":391,"plans":392},"MZheRUWKRHuS_M3sPAvxWw","User roles","\u003Cp>Assign different roles to 0patch Central users to limit their access\u003C/p>",[393],{"id":286,"title":287},{"id":395,"title":396,"description":397,"plans":398},"em07-dXcQ2Of2IhpZzUeDQ","Mandatory MFA","\u003Cp>Administrator can make multi factor authentication mandatory for all 0patch Central users\u003C/p>",[399],{"id":286,"title":287},{"id":401,"title":402,"description":403,"plans":404},"DJ9WqVROQWiRnUxDr8ckeQ","SAML single sign-on","\u003Cp>Login to 0patch Central through your identity provider using the SAML protocol\u003C/p>",[405],{"id":286,"title":287},{"id":407,"title":408,"description":409,"plans":410},"c73GoxWmTXS5muxHXFl3HA","SCIM provisioning","\u003Cp>Manage 0patch Central users with your identity provider using SCIM protocol\u003C/p>",[411],{"id":286,"title":287},{"id":413,"title":414,"description":415,"plans":416},"QM6mK9qtTBe5OtMWfVnvvg","Professional services","\u003Cp>Custom patches and additional professional services are available to large customers\u003C/p>",[417],{"id":286,"title":287},"patch_category","Features","T2nlr7wWS3eNfLE8hfA1ew","features","2025-12-05",{"__typename":290,"_allReferencingPatchesMeta":424,"_allReferencingPatches":426,"_modelApiKey":418,"name":504,"id":505,"slug":506,"icon":507,"supportDate":519},{"count":425},11,[427,434,441,448,455,462,469,476,483,490,497],{"id":428,"title":429,"description":430,"plans":431},"Wn-S2pccQbKHM4Qi_CFf0Q","Windows 11 22H2 patches","\u003Cp>Windows 11 22H2 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+11\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 11 patches\u003C/a>\u003C/strong>\u003C/p>",[432,433],{"id":283,"title":284},{"id":286,"title":287},{"id":435,"title":436,"description":437,"plans":438},"KLIOm9vRTpWNef0hEYPZRw","Windows 11 21H2 patches","\u003Cp>Windows 11 21H2 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+11\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 11 patches\u003C/a>\u003C/strong>\u003C/p>",[439,440],{"id":283,"title":284},{"id":286,"title":287},{"id":442,"title":443,"description":444,"plans":445},"Z-_sUVTSRcyneegSkg6tEg","Windows 10 22H2 post-EOS patches","\u003Cp>Windows 10 22H2 post-end-of-support patches, for computers without Extended Security Updates (ESU), or computers with any full year of ESU updates installed\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[446,447],{"id":283,"title":284},{"id":286,"title":287},{"id":449,"title":450,"description":451,"plans":452},"OG3314TtS_mGEWsQ7I7rVg","Windows 10 21H2 patches","\u003Cp>Windows 10 21H2 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[453,454],{"id":283,"title":284},{"id":286,"title":287},{"id":456,"title":457,"description":458,"plans":459},"d-2ES_YuR7C4QuSmcXgi0Q","Windows 10 21H1 patches","\u003Cp>Windows 10 21H1 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[460,461],{"id":283,"title":284},{"id":286,"title":287},{"id":463,"title":464,"description":465,"plans":466},"R-A6Aep1TCCVLYwFbfK3Sw","Windows 10 20H2 patches","\u003Cp>Windows 10 20H2 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[467,468],{"id":283,"title":284},{"id":286,"title":287},{"id":470,"title":471,"description":472,"plans":473},"Dg4FaK9fS8KTa1o3Qhor6w","Windows 10 2004 patches","\u003Cp>Windows 10 2004 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[474,475],{"id":286,"title":287},{"id":283,"title":284},{"id":477,"title":478,"description":479,"plans":480},"MJlLPyxqTcy9ys2UaZYNKQ","Windows 10 v1909 patches","\u003Cp>Windows 10 1909 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[481,482],{"id":283,"title":284},{"id":286,"title":287},{"id":484,"title":485,"description":486,"plans":487},"GscjCa1TQOe5p5Or7g2qyw","Windows 10 v1809 patches","\u003Cp>Windows 10 1809 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[488,489],{"id":283,"title":284},{"id":286,"title":287},{"id":491,"title":492,"description":493,"plans":494},"OeQ8xMmJTmadIiPcKYkhvw","Windows 10 v1803 patches","\u003Cp>Windows 10 1803 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[495,496],{"id":283,"title":284},{"id":286,"title":287},{"id":498,"title":499,"description":500,"plans":501},"Obe8z8snRYGoLT6BZyzhZw","Windows 7 post-EOS and post-ESU patches","\u003Cp>Windows 7 post-end-of-support patches, for computers without Extended Security Updates (ESU), or computers with any full year of ESU updates installed\u003C/p>",[502,503],{"id":283,"title":284},{"id":286,"title":287},"Windows Patches","DXze3dvpTu-HF132vKjSug","microsoft-windows-xp",{"alt":508,"url":509,"width":510,"height":510,"responsiveImage":511},"Windows 11 logo","https://www.datocms-assets.com/166020/1764600963-win11.png",300,{"srcSet":512,"webpSrcSet":513,"sizes":514,"src":515,"width":516,"height":516,"aspectRatio":210,"alt":508,"title":18,"bgColor":517,"base64":518},"https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&fit=crop&h=40 40w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&h=40 60w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&h=40 80w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&h=40 120w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&h=40 160w","https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&fit=crop&fm=webp&h=40 40w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&fm=webp&h=40 60w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&fm=webp&h=40 80w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&fm=webp&h=40 120w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&fm=webp&h=40 160w","(max-width: 40px) 100vw, 40px","https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&fit=crop&h=40",40,"#0278cf","data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAYCAMAAADXqc3KAAAA51BMVEUAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtG9HcQcAAAATXRSTlMAAQIDBAUGBwkKCwwNDg8QERITFBUWFxgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY4OTo7PD0+P0BBQkNERUZHSEpLTE1OTwjw0A0AAAEqSURBVHjapZHbbsMgDIZNcMwhm7ZW097/+XrTToNwSGKPkraqtN3NCAn/H8LmN4L2LxbyOcMer0cHJcYF9UhEwHQH10yWBdAa7y0MJW5dN9NkQQsgTuS9UUMNoQM/eQcaGiBjRlJMpgNljWlPrSugiABc9yOkpSKYeBhYlZR2MSUjUtJc8EKlWpXP8379QpAhxVCRc56tSvdu4VSt5NhqtHPOTxXgonpBhF+xN/IHgP8AlO1ZYu5AO08ynx/ym+UUm7sf1MF4uumfhwZCKHgg70YZuXx1cDi+W3ZEBR0Zi7wZs4/JOmdEbaxRuC3hXrA7ezW/BaZNwco57SYuuWQlpdaK37SuxPH75m4IxJBjLBjrxpVjuHWbYptHnts8Kg+at1Lv/6hVt12XH8K5sGlN/hfaAAAAAElFTkSuQmCC","2025-06-25",{"__typename":290,"_allReferencingPatchesMeta":521,"_allReferencingPatches":523,"_modelApiKey":418,"name":545,"id":546,"slug":547,"icon":548,"supportDate":519},{"count":522},3,[524,531,538],{"id":525,"title":526,"description":527,"plans":528},"DMZZcGMvQfaRElACxvHXyA","Windows Server 2012 R2 post-EOS patches","\u003Cp>Windows Server 2012 R2 post-end-of-support patches, for computers without Extended Security Updates (ESU), or computers with any full year of ESU updates installed\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+Server+2012+R2\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows Server 2012 R2 patches\u003C/a>\u003C/strong>\u003C/p>",[529,530],{"id":283,"title":284},{"id":286,"title":287},{"id":532,"title":533,"description":534,"plans":535},"ZaeezXKkT3KGln5CQ4NH9w","Windows Server 2012 post-EOS patches","\u003Cp>Windows Server 2012 post-end-of-support patches, for computers without Extended Security Updates (ESU), or computers with any full year of ESU updates installed\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+Server+2012\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows Server 2012 patches\u003C/a>\u003C/strong>\u003C/p>",[536,537],{"id":283,"title":284},{"id":286,"title":287},{"id":539,"title":540,"description":541,"plans":542},"RYxw9xwXR3-OWnsdr8dFEg","Windows Server 2008 R2 post-EOS and post-ESU patches","\u003Cp>Windows Server 2008 R2 post-end-of-support patches, for computers without Extended Security Updates (ESU), or computers with any full year of ESU updates installed\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+Server+2008+R2\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows Server 2008 R2 patches\u003C/a>\u003C/strong>\u003C/p>",[543,544],{"id":283,"title":284},{"id":286,"title":287},"Windows Server Patches","J7WLPCrKS7i7B8sAyJpKWg","microsoft-windows-vista",{"alt":549,"url":550,"width":551,"height":510,"responsiveImage":552},"Windows Server 2012-2022 logo","https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png",296,{"srcSet":553,"webpSrcSet":554,"sizes":555,"src":556,"width":557,"height":516,"aspectRatio":558,"alt":549,"title":18,"bgColor":559,"base64":560},"https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&fit=crop&h=40 39w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&h=40 58w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&h=40 78w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&h=40 117w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&h=40 156w","https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&fit=crop&fm=webp&h=40 39w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&fm=webp&h=40 58w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&fm=webp&h=40 78w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&fm=webp&h=40 117w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&fm=webp&h=40 156w","(max-width: 39px) 100vw, 39px","https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&fit=crop&h=40",39,0.975,"#0b1f8e","data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABcAAAAYCAMAAAAmopZHAAABRFBMVEUAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIis0k1eAAAAbHRSTlMAAQIDBAUGBwgJCgsMDQ4PEBESExQVFhgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj9AQUJDREVGR0hJSkxNTk9QUVRVVldYWVpbXF1fYWJjZGVmZ2lqa2xtbnBzdHY8yRY6AAABF0lEQVR42o2STU/EIBCGmWEodGm77sWj//+PeVAvRrNAYYY63cREs42R45PJ+xXIHD/6L0eU7Y7DZR4tl5QqGQQ0XXbql4fLHCyv11zpCRCMMIux43w5R4+yTqXSGQA24cadwuidG5C7iCG58dZaZ0ODs13vi+q8AxjltQr6VPKsOjkpf73Z9t23fn5+xICcs3L+mTOlkwcu9b5XKiCHfdXugNs4qE5WvoBFs+dRGmKMA7aSSqNHRAudWxXjwjTt92vSvguSxW0fAtw4ncYB+pprow6b0YkACIfRhxNBt+gqvVnnSKv1ze5DVIOdpQo9q7ezuoUhPy3LNFjhovoag787v8TzHEhqLvw7//VqAvXKB33L3//hC+5Cl3o2W4MJAAAAAElFTkSuQmCC",{"__typename":290,"_allReferencingPatchesMeta":562,"_allReferencingPatches":564,"_modelApiKey":418,"name":593,"id":594,"slug":595,"icon":596,"supportDate":519},{"count":563},4,[565,572,579,586],{"id":566,"title":567,"description":568,"plans":569},"axmNaLDGSs2BLTpJNU-fuQ","Microsoft Office 2019 post-EOS patches","\u003Cp>Microsoft Office 2019 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Office+2019\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Microsoft Office 2019 patches\u003C/a>\u003C/strong>\u003C/p>",[570,571],{"id":283,"title":284},{"id":286,"title":287},{"id":573,"title":574,"description":575,"plans":576},"MkFk40IJQhCcXnIO2ZDd4Q","Microsoft Office 2016 post-EOS patches","\u003Cp>Microsoft Office 2016 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Office+2016\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Microsoft Office 2016 patches\u003C/a>\u003C/strong>\u003C/p>",[577,578],{"id":283,"title":284},{"id":286,"title":287},{"id":580,"title":581,"description":582,"plans":583},"FFqWfGxfQF2q0uyjyRjVWg","Microsoft Office 2013 post-EOS patches","\u003Cp>Microsoft Office 2013 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Office+2013\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Microsoft Office 2013 patches\u003C/a>\u003C/strong>\u003C/p>",[584,585],{"id":283,"title":284},{"id":286,"title":287},{"id":587,"title":588,"description":589,"plans":590},"XFYgrsOyRpeuEXk29M4z9g","Microsoft Office 2010 post-EOS patches","\u003Cp>Microsoft Office 2010 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Office+2010\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Microsoft Office 2010 patches\u003C/a>\u003C/strong>\u003C/p>",[591,592],{"id":283,"title":284},{"id":286,"title":287},"Microsoft Office Patches","VH2unwR4RjycDA1o_6eSFw","microsoft-windows-7",{"alt":597,"url":598,"width":510,"height":510,"responsiveImage":599},"Microsoft Office logo","https://www.datocms-assets.com/166020/1764600963-office2013_2019.png",{"srcSet":600,"webpSrcSet":601,"sizes":514,"src":602,"width":516,"height":516,"aspectRatio":210,"alt":597,"title":18,"bgColor":603,"base64":604},"https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&fit=crop&h=40 40w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&h=40 60w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&h=40 80w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&h=40 120w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&h=40 160w","https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&fit=crop&fm=webp&h=40 40w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&fm=webp&h=40 60w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&fm=webp&h=40 80w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&fm=webp&h=40 120w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&fm=webp&h=40 160w","https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&fit=crop&h=40","#eb3c00","data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAYCAMAAADXqc3KAAABSlBMVEXqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPAAMDLSTAAAAbnRSTlMAAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eHyAiIyQlJicoKSorLS4vMTIzNDU2Nzk6Ozw9P0BBQkNERkpMTU5PUFFSVVZXWVpbXF1eX2BhYmNkZmdoaWpsbW5vcHFzdXZ4fH5/gIKDhBdTJiUAAAERSURBVHjabdE5doQwDAZgSV6AwMsU06TN/e+TM6SfyeBNUsALTeKGhz7wL8sWzoU21yd8fN6Xn++vAGDruzcdyFhjrBuAK0mo4Kz3PL89OrxvyA0s+Un9Cg38bZPUtrLOmXleUSvctrk4W1obZHVZtscJ0zo5Ral1FsAjfG7gDCo3iLmIknU1w4BybtnwyqmAaAsXzhhfDZ4hMjJrhVwy7B1iiIWycIPktO90flWIz8ATctY8QERQtQEUVh6ARIjQT86Mow7OGDqsg+IQcs4CjT8KXzB7Rwraujo6Qe3g7TEF4dTHHmGEGwKVFF4ddkhXu8yxjqFd7T7qzDmG9LzgWqWkuO//QS4xhf0viDJzvctfA1KXpEpvxgMAAAAASUVORK5CYII=",{"__typename":290,"_allReferencingPatchesMeta":606,"_allReferencingPatches":607,"_modelApiKey":418,"name":614,"id":615,"slug":616,"icon":617,"supportDate":519},{"count":210},[608],{"id":609,"title":610,"description":611,"plans":612},"OuJP-mYgRRi-wc8RTcRbUg","Other products patches","\u003Cp>We occasionally patch other Windows products, for instance when a critical vulnerability becomes known and the vendor does not provide an official patch in a timely manner\u003C/p>",[613],{"id":283,"title":284},"Other","BrWA-hAsQYSROgTvF-1ecA","microsoft-windows-11",{"alt":618,"url":619,"width":620,"height":621,"responsiveImage":18},"Windows 7","https://www.datocms-assets.com/166020/1754390080-layer1.svg",44,38,[623,628,632,636,640,644,648,652,656,660],{"__typename":624,"id":625,"name":626,"slug":627},"CountryRecord","WYcngTKjTLSCPKXF1CGc3Q","Germany","germany",{"__typename":624,"id":629,"name":630,"slug":631},"W7K_V8xIQ4esd1pdctvLRg","Switzerland","switzerland",{"__typename":624,"id":633,"name":634,"slug":635},"YCAHqeAMSp2PAVyP3KGV4w","International","international",{"__typename":624,"id":637,"name":638,"slug":639},"IKNwlfjMQXOfKhtUID30BQ","Singapore","singapore",{"__typename":624,"id":641,"name":642,"slug":643},"UzXo_gH5Te-UnOfNwdsfWQ","Netherlands","netherlands",{"__typename":624,"id":645,"name":646,"slug":647},"JKw7Q4wpQ8eGJjvHXwfSAA","Spain","spain",{"__typename":624,"id":649,"name":650,"slug":651},"RZbGpAInTEivnMxZzdTzwg","Poland","poland",{"__typename":624,"id":653,"name":654,"slug":655},"NwnHmUQ6RIK_OV9865XH3Q","Australia","australia",{"__typename":624,"id":657,"name":658,"slug":659},"HfVwBnHDSfCassEtkYx9lQ","United Kingdom","united-kingdom",{"__typename":624,"id":661,"name":662,"slug":663},"UUYGwDAYR4qLZM5UmDcmVA","USA","usa",[665,670],{"__typename":666,"id":667,"name":668,"slug":669},"PartnerCategoryRecord","dQoYak16SOaHi1odGdVqmQ","MSPs & SOCs","msps-socs",{"__typename":666,"id":671,"name":672,"slug":673},"REE7lMU8RzC9jabDARcxYQ","Resellers & Distributors","resellers-distributors",{"id":675,"_modelApiKey":676,"__typename":677,"text":678,"link":679,"menuLinks":687},"WnQYb8xeS2irpBJ41pdDRA","top_bar","TopBarRecord","Micropatches released for Windows Netlogon Remote Code Execution Vulnerability (CVE-2026-41089)",[680],{"externalLink":40,"id":681,"recordLink":682,"variant":12,"icon":685,"title":686},"K2tgUizORgyofhnuTJ36dA",{"__typename":683,"_modelApiKey":77,"slug":684},"ArticleRecord","micropatches-released-for-windows-netlogon-remote-code-execution-vulnerability-cv",false,"Learn more",[688,691],{"id":689,"primary":685,"externalLink":95,"parent":18,"reference":18,"title":690,"description":40,"publishTranslation":42},"B1pEweRaRD2YBkP6aH1CfA","Help center",{"id":692,"primary":42,"externalLink":693,"parent":18,"reference":18,"title":694,"description":40,"publishTranslation":42},"Mk0Yz-yqTk2akShgf7ARNg","https://central.0patch.com/","Sign in",[696,700],{"id":697,"title":698,"url":699},"NDrk5d4kQ96J2aCuTr-gvg","0patch on X","https://twitter.com/0patch",{"id":701,"title":702,"url":703},"GqN4lYxyTMyzcmRllVY4mg","Linked In","https://linkedin.com/company/0patch",{"left":705,"top":705,"width":706,"height":706,"rotate":705,"vFlip":685,"hFlip":685,"body":707},0,24,"\u003Cg fill=\"none\">\u003Cpath d=\"M11.9999 15.0539L6.34619 9.40013L7.39994 8.34637L11.9999 12.9464L16.5999 8.34637L17.6537 9.40013L11.9999 15.0539Z\" fill=\"currentColor\"/>\u003C/g>",{"left":705,"top":705,"width":706,"height":706,"rotate":705,"vFlip":685,"hFlip":685,"body":709},"\u003Cg fill=\"none\">\u003Cpath d=\"M9.5501 18.0001L3.8501 12.3001L5.2751 10.8751L9.5501 15.1501L18.7251 5.9751L20.1501 7.4001L9.5501 18.0001Z\" fill=\"currentColor\"/>\u003C/g>",{"left":705,"top":705,"width":706,"height":706,"rotate":705,"vFlip":685,"hFlip":685,"body":711},"\u003Cg fill=\"none\">\u003Cpath d=\"M5.55375 19.5001L4.5 18.4464L15.9462 7.00012H9V5.50012H18.5V15.0001H17V8.05387L5.55375 19.5001Z\" fill=\"currentColor\"/>\u003C/g>",{"article":713},{"_firstPublishedAt":714,"_publishedAt":715,"_updatedAt":716,"_seoMetaTags":717,"_allSlugLocales":784,"_allPublishTranslationLocales":787,"published":789,"__typename":683,"_modelApiKey":77,"author":790,"createdAt":791,"id":792,"excerpt":40,"body":793,"image":1396,"readTime":40,"title":725,"slug":786,"publishTranslation":42,"seoMetadata":18},"2025-08-21T14:14:41+02:00","2025-09-05T15:29:40+02:00","2025-09-05T15:29:38+02:00",[718,721,726,729,733,736,739,743,747,751,754,757,760,763,766,769,773,776,780],{"tag":719,"attributes":18,"content":720},"title","Free Micropatches for \"PetitPotam\" (CVE-2021-36942) | 0patch",{"tag":722,"attributes":723,"content":18},"meta",{"property":724,"content":725},"og:title","Free Micropatches for \"PetitPotam\" (CVE-2021-36942)",{"tag":722,"attributes":727,"content":18},{"name":728,"content":725},"twitter:title",{"tag":722,"attributes":730,"content":18},{"name":731,"content":732},"description","This is a 0patch website.",{"tag":722,"attributes":734,"content":18},{"property":735,"content":732},"og:description",{"tag":722,"attributes":737,"content":18},{"name":738,"content":732},"twitter:description",{"tag":722,"attributes":740,"content":18},{"property":741,"content":742},"og:image","https://www.datocms-assets.com/166020/1755778473-vuln_7174_no-cve-petitpotam_patchcard_twitter_506x253.png?auto=format&fit=max&w=1200",{"tag":722,"attributes":744,"content":18},{"property":745,"content":746},"og:image:width","640",{"tag":722,"attributes":748,"content":18},{"property":749,"content":750},"og:image:height","320",{"tag":722,"attributes":752,"content":18},{"property":753,"content":725},"og:image:alt",{"tag":722,"attributes":755,"content":18},{"name":756,"content":742},"twitter:image",{"tag":722,"attributes":758,"content":18},{"name":759,"content":725},"twitter:image:alt",{"tag":722,"attributes":761,"content":18},{"property":762,"content":32},"og:locale",{"tag":722,"attributes":764,"content":18},{"property":765,"content":77},"og:type",{"tag":722,"attributes":767,"content":18},{"property":768,"content":6},"og:site_name",{"tag":722,"attributes":770,"content":18},{"property":771,"content":772},"article:modified_time","2025-09-05T13:29:38Z",{"tag":722,"attributes":774,"content":18},{"property":775,"content":40},"article:publisher",{"tag":722,"attributes":777,"content":18},{"name":778,"content":779},"twitter:card","summary",{"tag":722,"attributes":781,"content":18},{"name":782,"content":783},"robots","noindex",[785],{"value":786,"locale":32},"free-micropatches-for-petitpotam",[788],{"value":42,"locale":32},"2021-08-06T15:27:00+02:00","Mitja Kolsek","2025-08-21T14:14:40+02:00","Fsk4HGcxTMyr4m9aY8TREA",{"blocks":794,"links":893,"value":894},[795,811,824,838,852,866,880],{"id":796,"_modelApiKey":797,"__typename":798,"image":799},"EKysqiflSYGc57E-KYj6Lw","image","ImageRecord",{"alt":800,"url":801,"width":802,"height":803,"responsiveImage":804},"Beginning of function EfsRpcOpenFileRaw_Downlevel, with the call to EfsGetLocalFilename being called without impersonation","https://www.datocms-assets.com/166020/1757078744-image-8.png",1217,786,{"srcSet":805,"webpSrcSet":806,"sizes":807,"src":801,"width":802,"height":803,"aspectRatio":808,"alt":800,"title":800,"bgColor":809,"base64":810},"https://www.datocms-assets.com/166020/1757078744-image-8.png?dpr=0.25 304w,https://www.datocms-assets.com/166020/1757078744-image-8.png?dpr=0.5 608w,https://www.datocms-assets.com/166020/1757078744-image-8.png?dpr=0.75 912w,https://www.datocms-assets.com/166020/1757078744-image-8.png 1217w","https://www.datocms-assets.com/166020/1757078744-image-8.png?dpr=0.25&fm=webp 304w,https://www.datocms-assets.com/166020/1757078744-image-8.png?dpr=0.5&fm=webp 608w,https://www.datocms-assets.com/166020/1757078744-image-8.png?dpr=0.75&fm=webp 912w,https://www.datocms-assets.com/166020/1757078744-image-8.png?fm=webp 1217w","(max-width: 1217px) 100vw, 1217px",1.5483460559796438,"#ffff00","data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAoHBwgHCQ0IDQ0ODQ0FDQ4QBQ0NERINFgoYFxYZGBYTFhoaHysjGh0oHRUiJDUlKC0vMjIyGSI4PTcwPCsxMi8BCgsLDg0OHBANEi8cFh0vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL//AABEIABAAGAMBIgACEQEDEQH/xAAWAAEBAQAAAAAAAAAAAAAAAAAAAQf/xAAVEAEBAAAAAAAAAAAAAAAAAAAAEf/EABUBAQEAAAAAAAAAAAAAAAAAAAID/8QAFxEAAwEAAAAAAAAAAAAAAAAAAAECEv/aAAwDAQACEQMRAD8A1tUDcklYogWUF2f/2Q==",{"id":812,"_modelApiKey":797,"__typename":798,"image":813},"LM_hBo8bRUCK6cmN8AEPJA",{"alt":814,"url":815,"width":816,"height":817,"responsiveImage":818},"Continuation of function EfsRpcOpenFileRaw_Downlevel","https://www.datocms-assets.com/166020/1757078744-image-9.png",1165,759,{"srcSet":819,"webpSrcSet":820,"sizes":821,"src":815,"width":816,"height":817,"aspectRatio":822,"alt":814,"title":814,"bgColor":809,"base64":823},"https://www.datocms-assets.com/166020/1757078744-image-9.png?dpr=0.25 291w,https://www.datocms-assets.com/166020/1757078744-image-9.png?dpr=0.5 582w,https://www.datocms-assets.com/166020/1757078744-image-9.png?dpr=0.75 873w,https://www.datocms-assets.com/166020/1757078744-image-9.png 1165w","https://www.datocms-assets.com/166020/1757078744-image-9.png?dpr=0.25&fm=webp 291w,https://www.datocms-assets.com/166020/1757078744-image-9.png?dpr=0.5&fm=webp 582w,https://www.datocms-assets.com/166020/1757078744-image-9.png?dpr=0.75&fm=webp 873w,https://www.datocms-assets.com/166020/1757078744-image-9.png?fm=webp 1165w","(max-width: 1165px) 100vw, 1165px",1.5349143610013176,"data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAoHBwcIDRAQBwYLDQcGCQ4IBwcOCREJEQkNFx8ZGBYfIiEaHysjGh0oHRUiJDUlKC0vMjIyGSI4PTcwPCsxMi8BCgsLDg0OHAwQFTUcFhwvLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL//AABEIABAAGAMBIgACEQEDEQH/xAAWAAEBAQAAAAAAAAAAAAAAAAAAAQf/xAAUEAEAAAAAAAAAAAAAAAAAAAAA/8QAFQEBAQAAAAAAAAAAAAAAAAAAAgP/xAAXEQADAQAAAAAAAAAAAAAAAAAAAhIB/9oADAMBAAIRAxEAPwDXBA5J44ECkGuf/9k=",{"id":825,"_modelApiKey":797,"__typename":798,"image":826},"XZ7GqklhS3WoNXW8LF3LmQ",{"alt":827,"url":828,"width":829,"height":830,"responsiveImage":831},"ThreadImpersonation_unpatched_system","https://www.datocms-assets.com/166020/1757078744-threadimpersonation_unpatched_system.png",602,367,{"srcSet":832,"webpSrcSet":833,"sizes":834,"src":828,"width":829,"height":830,"aspectRatio":835,"alt":827,"title":827,"bgColor":836,"base64":837},"https://www.datocms-assets.com/166020/1757078744-threadimpersonation_unpatched_system.png?dpr=0.25 150w,https://www.datocms-assets.com/166020/1757078744-threadimpersonation_unpatched_system.png?dpr=0.5 301w,https://www.datocms-assets.com/166020/1757078744-threadimpersonation_unpatched_system.png?dpr=0.75 451w,https://www.datocms-assets.com/166020/1757078744-threadimpersonation_unpatched_system.png 602w","https://www.datocms-assets.com/166020/1757078744-threadimpersonation_unpatched_system.png?dpr=0.25&fm=webp 150w,https://www.datocms-assets.com/166020/1757078744-threadimpersonation_unpatched_system.png?dpr=0.5&fm=webp 301w,https://www.datocms-assets.com/166020/1757078744-threadimpersonation_unpatched_system.png?dpr=0.75&fm=webp 451w,https://www.datocms-assets.com/166020/1757078744-threadimpersonation_unpatched_system.png?fm=webp 602w","(max-width: 602px) 100vw, 602px",1.6403269754768393,"#00a9f2","data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAoHBwgHBhYICAgLCg0LDw0OFBkNDBENDg0YFx8ZGBYVFhUaHysjHR0oHRUWJDUlKC0vMjIyGSI4PTcwPCsxMi8BCgsLDg0OEhAQFTsdIigvLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL//AABEIAA8AGAMBIgACEQEDEQH/xAAXAAADAQAAAAAAAAAAAAAAAAAABAUH/8QAGxAAAgIDAQAAAAAAAAAAAAAAAAEEEQIDUhT/xAAVAQEBAAAAAAAAAAAAAAAAAAABAP/EABQRAQAAAAAAAAAAAAAAAAAAAAD/2gAMAwEAAhEDEQA/ANWj4pMewVIhaJeVj2qc7poQogK+1cgSf//Z",{"id":839,"_modelApiKey":797,"__typename":798,"image":840},"JxPR30qdQPu-564u0rwNmQ",{"alt":841,"url":842,"width":843,"height":844,"responsiveImage":845},"PetitPotam_poc_without_0patch","https://www.datocms-assets.com/166020/1757078744-petitpotam_poc_without_0patch.jpg",1569,310,{"srcSet":846,"webpSrcSet":847,"sizes":848,"src":842,"width":843,"height":844,"aspectRatio":849,"alt":841,"title":841,"bgColor":850,"base64":851},"https://www.datocms-assets.com/166020/1757078744-petitpotam_poc_without_0patch.jpg?dpr=0.25 392w,https://www.datocms-assets.com/166020/1757078744-petitpotam_poc_without_0patch.jpg?dpr=0.5 784w,https://www.datocms-assets.com/166020/1757078744-petitpotam_poc_without_0patch.jpg?dpr=0.75 1176w,https://www.datocms-assets.com/166020/1757078744-petitpotam_poc_without_0patch.jpg 1569w","https://www.datocms-assets.com/166020/1757078744-petitpotam_poc_without_0patch.jpg?dpr=0.25&fm=webp 392w,https://www.datocms-assets.com/166020/1757078744-petitpotam_poc_without_0patch.jpg?dpr=0.5&fm=webp 784w,https://www.datocms-assets.com/166020/1757078744-petitpotam_poc_without_0patch.jpg?dpr=0.75&fm=webp 1176w,https://www.datocms-assets.com/166020/1757078744-petitpotam_poc_without_0patch.jpg?fm=webp 1569w","(max-width: 1569px) 100vw, 1569px",5.061290322580645,"#bcbcbc","data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAoHBwgHBg0PCAgLCg0ODhgNCA0NDhENDgoMFxMZGBYVFhUaHysjGh0oHSEWJDUlKC0vMjIyGSI4PTcwPCsxMi8BCgsLBQUFEAUFEC8cFhwvLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL//AABEIAAUAGAMBIgACEQEDEQH/xAAXAAADAQAAAAAAAAAAAAAAAAAAAQMG/8QAGxAAAgIDAQAAAAAAAAAAAAAAAAIEBQEDITL/xAAVAQEBAAAAAAAAAAAAAAAAAAACAP/EABQRAQAAAAAAAAAAAAAAAAAAAAD/2gAMAwEAAhEDEQA/AMzurYzP4ItURGz1BgIUXpoSZ5qwIAJP/9k=",{"id":853,"_modelApiKey":797,"__typename":798,"image":854},"BAt-MOqIR9GLkM4tPWRlDw",{"alt":855,"url":856,"width":857,"height":858,"responsiveImage":859},"ThreadImpersonation_patched_anonymous","https://www.datocms-assets.com/166020/1757078744-threadimpersonation_patched_anonymous.png",571,370,{"srcSet":860,"webpSrcSet":861,"sizes":862,"src":856,"width":857,"height":858,"aspectRatio":863,"alt":855,"title":855,"bgColor":864,"base64":865},"https://www.datocms-assets.com/166020/1757078744-threadimpersonation_patched_anonymous.png?dpr=0.25 142w,https://www.datocms-assets.com/166020/1757078744-threadimpersonation_patched_anonymous.png?dpr=0.5 285w,https://www.datocms-assets.com/166020/1757078744-threadimpersonation_patched_anonymous.png?dpr=0.75 428w,https://www.datocms-assets.com/166020/1757078744-threadimpersonation_patched_anonymous.png 571w","https://www.datocms-assets.com/166020/1757078744-threadimpersonation_patched_anonymous.png?dpr=0.25&fm=webp 142w,https://www.datocms-assets.com/166020/1757078744-threadimpersonation_patched_anonymous.png?dpr=0.5&fm=webp 285w,https://www.datocms-assets.com/166020/1757078744-threadimpersonation_patched_anonymous.png?dpr=0.75&fm=webp 428w,https://www.datocms-assets.com/166020/1757078744-threadimpersonation_patched_anonymous.png?fm=webp 571w","(max-width: 571px) 100vw, 571px",1.5432432432432432,"#00a8f2","data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAoHBwgHBgoICAgFCgoFBQwFBQUFBREJCgUMFxMZGBYTFhUaHysjGh0oHRUWJDUlKC0vMjIyGSI4PTcwPCsxMi8BCgsLBQUFEAUFEC8cFhwvLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL//AABEIABAAGAMBIgACEQEDEQH/xAAVAAEBAAAAAAAAAAAAAAAAAAAAB//EABQQAQAAAAAAAAAAAAAAAAAAAAD/xAAVAQEBAAAAAAAAAAAAAAAAAAACAP/EABQRAQAAAAAAAAAAAAAAAAAAAAD/2gAMAwEAAhEDEQA/AK8AQgCT/9k=",{"id":867,"_modelApiKey":797,"__typename":798,"image":868},"Do4A79JdREGbVGeQYBFuug",{"alt":869,"url":870,"width":871,"height":872,"responsiveImage":873},"PetitPotam_poc_with_0patch","https://www.datocms-assets.com/166020/1757078744-petitpotam_poc_with_0patch.jpg",1110,78,{"srcSet":874,"webpSrcSet":875,"sizes":876,"src":870,"width":871,"height":872,"aspectRatio":877,"alt":869,"title":869,"bgColor":878,"base64":879},"https://www.datocms-assets.com/166020/1757078744-petitpotam_poc_with_0patch.jpg?dpr=0.25 277w,https://www.datocms-assets.com/166020/1757078744-petitpotam_poc_with_0patch.jpg?dpr=0.5 555w,https://www.datocms-assets.com/166020/1757078744-petitpotam_poc_with_0patch.jpg?dpr=0.75 832w,https://www.datocms-assets.com/166020/1757078744-petitpotam_poc_with_0patch.jpg 1110w","https://www.datocms-assets.com/166020/1757078744-petitpotam_poc_with_0patch.jpg?dpr=0.25&fm=webp 277w,https://www.datocms-assets.com/166020/1757078744-petitpotam_poc_with_0patch.jpg?dpr=0.5&fm=webp 555w,https://www.datocms-assets.com/166020/1757078744-petitpotam_poc_with_0patch.jpg?dpr=0.75&fm=webp 832w,https://www.datocms-assets.com/166020/1757078744-petitpotam_poc_with_0patch.jpg?fm=webp 1110w","(max-width: 1110px) 100vw, 1110px",14.23076923076923,"#bebfc1","data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAoHBwgHBgoICAgLCgoODhoKFQ0NDh0VExUYFxMZGBYVFhUsKzcvGh0oHRUWJDUlKC0vMjIyGSI4PTcwPCsxMi8BCgsLBQUFEAUFEC8cFhwvLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL//AABEIAAIAGAMBIgACEQEDEQH/xAAXAAEBAQEAAAAAAAAAAAAAAAAAAwcB/8QAHhAAAgIABwAAAAAAAAAAAAAAAAMBAgQRIVKBkZL/xAAVAQEBAAAAAAAAAAAAAAAAAAACAP/EABQRAQAAAAAAAAAAAAAAAAAAAAD/2gAMAwEAAhEDEQA/AM7xTmw7Rt/UkGMvN4zvaeQAkm5l99uzoBJ//9k=",{"id":881,"_modelApiKey":797,"__typename":798,"image":882},"BzBOBkGZRK-QjlY3bX3dMQ",{"alt":883,"url":884,"width":885,"height":886,"responsiveImage":887},"PetitPotam_official_patch_1","https://www.datocms-assets.com/166020/1757078744-petitpotam_official_patch_1.png",668,621,{"srcSet":888,"webpSrcSet":889,"sizes":890,"src":884,"width":885,"height":886,"aspectRatio":891,"alt":883,"title":883,"bgColor":864,"base64":892},"https://www.datocms-assets.com/166020/1757078744-petitpotam_official_patch_1.png?dpr=0.25 167w,https://www.datocms-assets.com/166020/1757078744-petitpotam_official_patch_1.png?dpr=0.5 334w,https://www.datocms-assets.com/166020/1757078744-petitpotam_official_patch_1.png?dpr=0.75 501w,https://www.datocms-assets.com/166020/1757078744-petitpotam_official_patch_1.png 668w","https://www.datocms-assets.com/166020/1757078744-petitpotam_official_patch_1.png?dpr=0.25&fm=webp 167w,https://www.datocms-assets.com/166020/1757078744-petitpotam_official_patch_1.png?dpr=0.5&fm=webp 334w,https://www.datocms-assets.com/166020/1757078744-petitpotam_official_patch_1.png?dpr=0.75&fm=webp 501w,https://www.datocms-assets.com/166020/1757078744-petitpotam_official_patch_1.png?fm=webp 668w","(max-width: 668px) 100vw, 668px",1.075684380032206,"data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAoHBw0NBw0IDQgHDggNBxgHCQgHBxENFgcYFxUZGBYTFiEaHysjGh0oHSEWJDUlKC0vMjIyGSI4PTcwPCsxMi8BCgsLDgoOFwwRHS8cFh0vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL//AABEIABcAGAMBIgACEQEDEQH/xAAXAAEBAQEAAAAAAAAAAAAAAAAAAQIH/8QAFRABAQAAAAAAAAAAAAAAAAAAAAH/xAAXAQEAAwAAAAAAAAAAAAAAAAACAAED/8QAFxEBAQEBAAAAAAAAAAAAAAAAAAIBEf/aAAwDAQACEQMRAD8A62rKnWBNKIJwdpmNAes5AEVr/9k=",[],{"schema":895,"document":896},"dast",{"type":897,"children":898},"root",[899,920,936,941,946,951,956,961,965,978,1012,1025,1029,1034,1043,1053,1057,1060,1062,1063,1067,1071,1074,1078,1082,1086,1090,1093,1097,1100,1104,1108,1111,1112,1115,1119,1122,1125,1126,1130,1134,1137,1140,1141,1145,1148,1149,1152,1156,1160,1163,1206,1209,1213,1239,1260,1266,1269,1275,1279,1300,1306,1309,1310,1314,1318,1328,1333,1339,1343,1347,1385],{"type":900,"children":901},"paragraph",[902,907,917],{"type":903,"marks":904,"value":906},"span",[905],"emphasis","Update 8/11/2021-A: August 2021 Windows Updates brought a ",{"url":908,"meta":909,"type":12,"children":913},"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36942",[910],{"id":911,"value":912},"target","_blank",[914],{"type":903,"marks":915,"value":916},[905],"fix for PetitPotam",{"type":903,"marks":918,"value":919},[905],", which, in contrast to our patch that fixes an impersonation issue and keeps EfsRpcOpenFileRaw request functional, disables the EfsRpcOpenFileRaw request. CVE-2021-36942 was assigned to this vulnerability. More details below in the Microsoft's Patch section.",{"type":900,"children":921},[922,925,933],{"type":903,"marks":923,"value":924},[905],"Update 8/11/2021-B: Neither Microsoft's August fix nor our micropatch seem to have covered all PetitPotam affected code. Both fixed the anonymous attack vector but we're investigating additional authenticated paths now and looking for the best way to patch that too. The most effective PetitPotam mitigation currently remains ",{"url":926,"meta":927,"type":12,"children":929},"https://twitter.com/gentilkiwi/status/1421947898749669379",[928],{"id":911,"value":912},[930],{"type":903,"marks":931,"value":932},[905],"this RPC filter",{"type":903,"marks":934,"value":935},[905]," on all Domain Controllers, although it may be an overly broad measure and could break something, so proceed with caution.  ",{"type":900,"children":937},[938],{"type":903,"marks":939,"value":940},[905],"Update 8/19/2021: After further analysis of additional PetitPotam attack vectors, we created additional micropatches that block all these vectors. Today's PetitPotam patches are written for executables from August 2021 Windows Updates, which means you have to have these updates installed (i.e., fully updated Windows as of this writing) in order to have them applied. ",{"type":900,"children":942},[943],{"type":903,"marks":944,"value":945},[905],"Update 9/15/2021: September 2021 Windows Updates did not bring any changes regarding the new PetitPotam attack vectors, so our micropatches remain free.",{"type":900,"children":947},[948],{"type":903,"marks":949,"value":950},[905],"Update 12/21/2021: Microsoft provided an official fix for this issue on December 14, which addresses the remaining attack vectors. Our associated micropatches thus ceased being free and now require a PRO license.",{"type":900,"children":952},[953],{"type":903,"marks":954,"value":955},[905],"Update 6/27/2022: While Microsoft only fixed the anonymous attack vector, we decided to also address the authenticated attack vector. We therefore ported our patches for this issue to current versions of supported Windows platforms. Given that Microsoft does not plan to patch authenticated credentials relaying issues, these patches are now available only to PRO and Enterprise accounts.",{"type":900,"children":957},[958],{"type":903,"marks":959,"value":960},[905],"Update 6/3/2024: It came to our attention that PetitPotam can also be exploited against Windows Workstations, not just Servers. We therefore issued patches for all security-adopted as well as still-supported Windows versions, which we'll keep porting to relevant DLLs as they get updated.",{"type":900,"children":962},[963],{"type":903,"value":964},"\n",{"type":900,"children":966},[967,969,976],{"type":903,"value":968},"Wow, we're busy these days. Just yesterday we issued micropatches for the ",{"url":970,"meta":971,"type":12,"children":973},"https://blog.0patch.com/2021/08/free-micropatches-for-malicious-printer.html",[972],{"id":911,"value":912},[974],{"type":903,"value":975},"\"Malicious Printer Driver\"",{"type":903,"value":977}," 0day, and today we're fixing a critical remote code execution issue that allows an anonymous attacker to take over a Windows Domain Controller: the infamous \"PetitPotam\" bug.",{"type":900,"children":979},[980,983,985,992,994,1001,1003,1010],{"type":903,"marks":981,"value":982},[905],"PetitPotam",{"type":903,"value":984}," was discovered by security researcher ",{"url":986,"meta":987,"type":12,"children":989},"https://twitter.com/topotam77",[988],{"id":911,"value":912},[990],{"type":903,"value":991},"topotam",{"type":903,"value":993},", who published their ",{"url":995,"meta":996,"type":12,"children":998},"https://github.com/topotam/PetitPotam",[997],{"id":911,"value":912},[999],{"type":903,"value":1000},"proof-of-concept on Github",{"type":903,"value":1002}," on July 20, 2021. There is no official vendor patch for it at the time of this writing; in fact, ",{"url":1004,"meta":1005,"type":12,"children":1007},"https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429",[1006],{"id":911,"value":912},[1008],{"type":903,"value":1009},"Microsoft's support article",{"type":903,"value":1011}," implies they do not consider this a vulnerability but rather a mis-configuration, and provides some generic mitigations that do not address the root issue.",{"type":900,"children":1013},[1014,1016,1023],{"type":903,"value":1015},"As usually, ",{"url":1017,"meta":1018,"type":12,"children":1020},"https://www.kb.cert.org/vuls/id/405600",[1019],{"id":911,"value":912},[1021],{"type":903,"value":1022},"CERT/CC vulnerability note",{"type":903,"value":1024}," by Will Dormann nicely explains the vulnerability and an exploit chain leading to a complete domain takeover. The main problem is that any user - even anonymous - can force a domain controller to send NTLM credentials of its computer account to attacker's server, where these can be received and then relayed to another service in the domain to make a malicious privileged request.",{"type":900,"children":1026},[1027],{"type":903,"value":1028}," ",{"type":1030,"level":522,"children":1031},"heading",[1032],{"type":903,"value":1033},"Analysis\n",{"type":900,"children":1035},[1036,1038,1041],{"type":903,"value":1037},"We took a look at what goes on in the code when an EfsRpcOpenFileRaw request is received by the server. It is function  EfsRpcOpenFileRaw_Downlevel in efslsaext.dll that processes this request. This function has most of its code enclosed in an ",{"type":903,"marks":1039,"value":1040},[905],"impersonation",{"type":903,"value":1042}," block between a call to RpcImpersonateClient and a call to RpcRevertToSelf. Code inside this block is being executed under the identity of the requesting entity (in our case, attacker), while code outside executes as Local System, i.e., the computer account.",{"type":900,"children":1044},[1045,1047,1051],{"type":903,"value":1046},"Unfortunately, function EfsRpcOpenFileRaw_Downlevel, ",{"type":903,"marks":1048,"value":1050},[1049],"strong","outside ",{"type":903,"value":1052},"the impersonation block, makes a call to EfsGetLocalFileName, which tries to open the attacker-supplied UNC path. By doing so, it sends local computer's NTLM credentials inside the SMB request to the remote network share. If the attacker is waiting on the other end, they get these credentials.",{"type":900,"children":1054},[1055],{"type":903,"value":1056},"Let's take a look at relevant parts of function EfsRpcOpenFileRaw_Downlevel:",{"type":900,"children":1058},[1059],{"type":903,"value":964},{"item":796,"type":1061},"block",{"item":812,"type":1061},{"type":900,"children":1064},[1065],{"type":903,"value":1066},"Beginning of function EfsRpcOpenFileRaw_Downlevel, with the call to EfsGetLocalFilename being called without impersonation\nContinuation of function EfsRpcOpenFileRaw_Downlevel\n",{"type":900,"children":1068},[1069],{"type":903,"value":1070},"Note that only this call to EfsGetLocalFileName is non-impersonated, while core EFSRPC functionality executes under requester's identity. This means that anonymous or unprivileged user cannot remotely execute EFSRPC functions such as reading or creating arbitrary network files.",{"type":900,"children":1072},[1073],{"type":903,"value":1028},{"type":1030,"level":522,"children":1075},[1076],{"type":903,"value":1077},"Micropatch",{"type":900,"children":1079},[1080],{"type":903,"value":1081},"Our micropatch extends the impersonation block such that it now encloses the previously un-impersonated call to EfsGetLocalFileName; as a result, the SMB request which this function triggers contains attacker's NTLM credentials instead of computer account's. Therefore, in case of an anonymous request the attacker gets credentials of the ANONYMOUS LOGON user (which are of no use), and if they use credentials of a Windows domain user, the acquired NTLM credentials will be of that same user (which they already have).",{"type":900,"children":1083},[1084],{"type":903,"value":1085},"The patch contains two patchlets, one starting impersonation by calling RpcImpersonateClient,  and another stopping impersonation by calling RpcRevertToSelf.\n",{"type":900,"children":1087},[1088],{"type":903,"value":1089},"\n\nMODULE_PATH \"..\\Affected_Modules\\efslsaext.dll_10.0.17763.1075_64bit_WinSrv2019-u202107\\efslsaext.dll\"\nPATCH_ID 663\nPATCH_FORMAT_VER 2\nVULN_ID 7174\nPLATFORM win64\n\npatchlet_start\n    PATCHLET_ID 1\n    PATCHLET_TYPE 2\n    PATCHLET_OFFSET 0x280c\n    N_ORIGINALBYTES 5\n    JUMPOVERBYTES 0\n    PIT rpcrt4!0x53370,efslsaext!0x288c\n    ;0x53370 -> RpcImpersonateClient\n    ;0x288c -> Error block\n    \n    code_start    ;Injected at the top of the block containing\n                   EfsRpcGetLocalFileName, in the EfsRpcOpenFileRaw_Downlevel\n                   function\n        mov rcx, 0        ;Set rcx for RpcImpersonateClient to 0, so it\n                           impersonates the current client\n        call PIT_0x53370  ;Call RpcImpersonateClient\n        mov rbx, rax      ;Move the result to rbx, so it can be used for error\n                           reporting in case of failure   \n        cmp rax, 0        ;Check if impersonation failed\n        jne PIT_0x288c    ;If failed, jump to error block\n    code_end\n    \npatchlet_end\n\npatchlet_start\n    PATCHLET_ID 2\n    PATCHLET_TYPE 2\n    PATCHLET_OFFSET 0x288c\n    N_ORIGINALBYTES 5\n    JUMPOVERBYTES 0\n    PIT rpcrt4!0x563b0\n    ;0x563b0 -> RpcReverToSelf\n    \n    code_start  ;Injected at the top of the block right after the\n                 RpcRevertToSelf call, in the EfsRpcOpenFileRaw_Downlevel function\n        call PIT_0x563b0    ;Call RpcRevertToSelf to stop impersonating\n    code_end\n    \npatchlet_end\n   \n",{"type":900,"children":1091},[1092],{"type":903,"value":1028},{"type":900,"children":1094},[1095],{"type":903,"value":1096},"Let's look at the difference between running the PetitPotam tool against a fully updated Windows Server without and with 0patch.",{"type":900,"children":1098},[1099],{"type":903,"value":964},{"type":1030,"level":563,"children":1101},[1102],{"type":903,"value":1103},"Without 0patch",{"type":900,"children":1105},[1106],{"type":903,"value":1107},"Let's see which user executes the call to EfsGetLocalFileName:",{"type":900,"children":1109},[1110],{"type":903,"value":964},{"item":825,"type":1061},{"type":900,"children":1113},[1114],{"type":903,"value":1028},{"type":900,"children":1116},[1117],{"type":903,"value":1118},"As expected, it's Local System. And the PetitPotam tool, chained with Active Directory Certificate Server produces domain controller's certificate:",{"type":900,"children":1120},[1121],{"type":903,"value":1028},{"type":900,"children":1123},[1124],{"type":903,"value":964},{"item":839,"type":1061},{"type":1030,"level":563,"children":1127},[1128],{"type":903,"value":1129},"With 0patch",{"type":900,"children":1131},[1132],{"type":903,"value":1133},"Let's see which user executes the call to EfsGetLocalFileName this time:",{"type":900,"children":1135},[1136],{"type":903,"value":1028},{"type":900,"children":1138},[1139],{"type":903,"value":964},{"item":853,"type":1061},{"type":900,"children":1142},[1143],{"type":903,"value":1144},"Good, it's the Anonymous Logon user, which is useless to the attacker. Consequently, the PetitPotam attack doesn't work anymore:",{"type":900,"children":1146},[1147],{"type":903,"value":1028},{"item":867,"type":1061},{"type":900,"children":1150},[1151],{"type":903,"value":964},{"type":1030,"level":522,"children":1153},[1154],{"type":903,"value":1155},"Patch Availability\n",{"type":900,"children":1157},[1158],{"type":903,"value":1159},"This micropatch was written for:",{"type":900,"children":1161},[1162],{"type":903,"value":1028},{"type":1164,"style":1165,"children":1166},"list","numbered",[1167,1177,1185,1194],{"type":1168,"children":1169},"listItem",[1170],{"type":900,"children":1171},[1172,1175],{"type":903,"marks":1173,"value":1174},[1049],"Windows Server 2019",{"type":903,"value":1176}," (updated with July 2021 Updates)",{"type":1168,"children":1178},[1179],{"type":900,"children":1180},[1181,1184],{"type":903,"marks":1182,"value":1183},[1049],"Windows Server 2016",{"type":903,"value":1176},{"type":1168,"children":1186},[1187],{"type":900,"children":1188},[1189,1192],{"type":903,"marks":1190,"value":1191},[1049],"Windows Server 2012 R2 ",{"type":903,"value":1193},"(updated with July 2021 Updates)",{"type":1168,"children":1195},[1196],{"type":900,"children":1197},[1198,1201,1203,1205],{"type":903,"marks":1199,"value":1200},[1049],"Windows Server 2008 R2 ",{"type":903,"value":1202},"(updated with January 2020 Updates, no Extended Security Updates)",{"type":903,"marks":1204,"value":1028},[905],{"type":903,"value":964},{"type":900,"children":1207},[1208],{"type":903,"value":1028},{"type":900,"children":1210},[1211],{"type":903,"value":1212},"Our tests indicate that Windows Server 2012 (non R2), Windows Server 2008 (non R2) and Windows Server 2003 are not affected by this issue.",{"type":900,"children":1214},[1215,1217,1227,1229,1237],{"type":903,"value":1216},"Micropatches for this vulnerability are, as always, automatically downloaded and applied to all affected computers (unless your policy prevents that), and will be free until Microsoft has issued an official fix. If you want to use them, create a free account at ",{"url":1218,"meta":1219,"type":12,"children":1224},"https://central.0patch.com",[1220,1223],{"id":1221,"value":1222},"rel","url noopener noreferrer",{"id":911,"value":912},[1225],{"type":903,"value":1226},"0patch Central",{"type":903,"value":1228},", then install and register 0patch Agent from ",{"url":1230,"meta":1231,"type":12,"children":1234},"https://t.co/UMXoQqpLQh",[1232,1233],{"id":1221,"value":1222},{"id":911,"value":912},[1235],{"type":903,"value":1236},"0patch.com",{"type":903,"value":1238},". Everything else will happen automatically. No computer reboots will be needed.",{"type":900,"children":1240},[1241,1244,1246,1249,1251,1258],{"type":903,"marks":1242,"value":1243},[905],"Compatibility note",{"type":903,"value":1245},": Some Windows 10 and Server systems exhibit occasional timeouts in the Software Protection Platform Service (sppsvc.exe) on a system running 0patch Agent. This looks like a bug in Windows ",{"type":903,"marks":1247,"value":1248},[905],"Code Integrity",{"type":903,"value":1250}," mitigation that prevents a 0patch component to be injected in the service (which is okay) but sometimes also does a lot of seemingly meaningless processing that causes process startup to time out. As a result, various licensing-related errors can occur. The issue, should it occur, can be resolved by excluding sppsvc.exe from 0patch injection as described in ",{"url":1252,"meta":1253,"type":12,"children":1255},"https://0patch.zendesk.com/hc/en-us/articles/4402717434002",[1254],{"id":911,"value":912},[1256],{"type":903,"value":1257},"this article",{"type":903,"value":1259},".",{"type":900,"children":1261},[1262,1265],{"type":903,"marks":1263,"value":1264},[905],"Update 8/19/2021: Microsoft's August 2021 updates brought a functionally similar fix as our micropatch, but since other attack vectors were subsequently discovered, we have issued additional micropatches that apply on top of August 2021 Windows executables. In order to use them, you have to have August 2021 Windows Updates applied. In addition, we have found Windows Server 2012 to be affected to these additional vectors and have also covered this Windows version with our new micropatches.",{"type":903,"value":964},{"type":900,"children":1267},[1268],{"type":903,"value":964},{"type":900,"children":1270},[1271,1274],{"type":903,"marks":1272,"value":1273},[905],"[Update 8/11/2021: added section Microsoft's Patch]",{"type":903,"value":964},{"type":1030,"level":522,"children":1276},[1277],{"type":903,"value":1278},"Microsoft's Patch",{"type":900,"children":1280},[1281,1283,1289,1291,1294,1297],{"type":903,"value":1282},"August 2021 Windows Updates brought ",{"url":908,"meta":1284,"type":12,"children":1286},[1285],{"id":911,"value":912},[1287],{"type":903,"value":1288},"Microsoft's official fix",{"type":903,"value":1290}," for this issue. The associated documentation states: ",{"type":903,"marks":1292,"value":1293},[905],"\"The EFS API OpenEncryptedFileRaw(A/W), often used in backup software, continues to work in all versions of Windows (local and remote), except when backing up to or from a system running Windows Server 2008 SP2. OpenEncryptedFileRaw will no longer work on Windows Server 2008 SP2. ",{"type":903,"marks":1295,"value":1296},[905,1049],"Note",{"type":903,"marks":1298,"value":1299},[905],": If you are unable to use backup software on Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1 and later, after installing the updates that address this CVE, contact the manufacturer of your backup software for updates and support.\"",{"type":900,"children":1301},[1302,1304],{"type":903,"marks":1303,"value":1028},[905],{"type":903,"value":1305},"Let's take a look at this fix.",{"type":900,"children":1307},[1308],{"type":903,"value":1028},{"item":881,"type":1061},{"type":900,"children":1311},[1312],{"type":903,"value":1313},"Microsoft's fix is in the same function as our micropatch ( EfsRpcOpenFileRaw_Downlevel in efslsaext.dll), but it sabotages the function so it doesn't work anymore. We actually also sometimes sabotage an entire function if it seems that could affect such a small amount of users that the benefits would outweigh the risk. In fact, we were initially inclined to do it here too as we were unable to find any backup product or mechanism that would be using this function - but then decided to rather fix the obvious bug we had noticed, and keep the function \"alive\".",{"type":900,"children":1315},[1316],{"type":903,"value":1317},"Note that Microsoft's fix also includes a hidden undocumented feature: instead of outright sabotaging OpenEncryptedFileRaw, the fix checks an undocumented registry value AllowOpenRawDL (DWORD) under HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\EFS; if this value exists and is equal to 1, OpenEncryptedFileRaw works as before. Therefore, if Microsoft's fix broke your backup, you can disable it using this value, but doing so will make you vulnerable to the PetitPotam attack.",{"type":900,"children":1319},[1320,1322,1327],{"type":903,"value":1321},"We find this Microsoft's fix to be appropriate and therefore do not plan to port our PetitPotam micropatch to the August 2021 version of efslsaext.dll unless 0patch users come complaining the fix broke their backup. We also invite any Windows users whose backup got broken by August 2021 Windows Update to contact us at ",{"url":1323,"type":12,"children":1324},"mailto:sales@0patch.com",[1325],{"type":903,"value":1326},"sales@0patch.com",{"type":903,"value":1259},{"type":900,"children":1329},[1330],{"type":903,"marks":1331,"value":1332},[905],"Update 8/11/2021: Neither Microsoft's August fix nor our micropatch seem to have covered all PetitPotam affected code. Both fixed the anonymous attack vector but we're investigating additional authenticated paths now and looking for the best way to patch that too. ",{"type":900,"children":1334},[1335,1338],{"type":903,"marks":1336,"value":1337},[905],"Update 8/19/2021: Our new micropatches released today address these additional attack vectors.",{"type":903,"value":964},{"type":900,"children":1340},[1341],{"type":903,"marks":1342,"value":1028},[905],{"type":1030,"level":522,"children":1344},[1345],{"type":903,"value":1346},"Credits\n",{"type":900,"children":1348},[1349,1351,1356,1358,1365,1367,1374,1376,1383],{"type":903,"value":1350},"We'd like to thank ",{"url":986,"meta":1352,"type":12,"children":1354},[1353],{"id":911,"value":912},[1355],{"type":903,"value":991},{"type":903,"value":1357}," for sharing details about this vulnerability, and ",{"url":1359,"meta":1360,"type":12,"children":1362},"https://twitter.com/wdormann",[1361],{"id":911,"value":912},[1363],{"type":903,"value":1364},"Will Dormann",{"type":903,"value":1366},", ",{"url":1368,"meta":1369,"type":12,"children":1371},"https://twitter.com/gentilkiwi",[1370],{"id":911,"value":912},[1372],{"type":903,"value":1373},"Benjamin Delpy",{"type":903,"value":1375}," and ",{"url":1377,"meta":1378,"type":12,"children":1380},"https://twitter.com/GossiTheDog",[1379],{"id":911,"value":912},[1381],{"type":903,"value":1382},"Kevin Beaumont",{"type":903,"value":1384}," for sharing lots of useful insights and context that helped us understand this vulnerability and create this micropatch to protect users.\n",{"type":900,"children":1386},[1387,1389,1395],{"type":903,"value":1388},"Please revisit this blog post for updates or follow 0patch on ",{"url":699,"meta":1390,"type":12,"children":1392},[1391],{"id":911,"value":912},[1393],{"type":903,"value":1394},"Twitter",{"type":903,"value":1259},{"alt":725,"url":1397,"width":1398,"height":1399,"responsiveImage":1400},"https://www.datocms-assets.com/166020/1755778473-vuln_7174_no-cve-petitpotam_patchcard_twitter_506x253.png",640,320,{"srcSet":1401,"webpSrcSet":1402,"sizes":1403,"src":1404,"width":1405,"height":1406,"aspectRatio":228,"alt":725,"title":725,"bgColor":1407,"base64":1408},"https://www.datocms-assets.com/166020/1755778473-vuln_7174_no-cve-petitpotam_patchcard_twitter_506x253.png?auto=compress&crop=focalpoint&dpr=0.25&fit=crop&w=1440 360w,https://www.datocms-assets.com/166020/1755778473-vuln_7174_no-cve-petitpotam_patchcard_twitter_506x253.png?auto=compress&crop=focalpoint&fit=crop&w=1440 1440w","https://www.datocms-assets.com/166020/1755778473-vuln_7174_no-cve-petitpotam_patchcard_twitter_506x253.png?auto=compress&crop=focalpoint&dpr=0.25&fit=crop&fm=webp&w=1440 360w,https://www.datocms-assets.com/166020/1755778473-vuln_7174_no-cve-petitpotam_patchcard_twitter_506x253.png?auto=compress&crop=focalpoint&fit=crop&fm=webp&w=1440 1440w","(max-width: 1440px) 100vw, 1440px","https://www.datocms-assets.com/166020/1755778473-vuln_7174_no-cve-petitpotam_patchcard_twitter_506x253.png?auto=compress&crop=focalpoint&fit=crop&w=1440",1440,720,"#c15ab0","data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAoHBwgHBgoICAgLDgoNDhgQDQ0NFxENFg0NFxUaGBYTFhUaHysjGh0oHSEWJDUlKC0vMjIyGSI4PTcwPCsxMi8BCgsLBQUFEAUFEC8cFhwvLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL//AABEIAAwAGAMBIgACEQEDEQH/xAAYAAACAwAAAAAAAAAAAAAAAAABBAIFBv/EABsQAAEFAQEAAAAAAAAAAAAAAAABAgMEESFR/8QAFQEBAQAAAAAAAAAAAAAAAAAABQD/xAAUEQEAAAAAAAAAAAAAAAAAAAAA/9oADAMBAAIRAxEAPwDT0YolTB9asGbpW0+Dj1X0LBF70UTU4AlOxHM6Ek//2Q==",1780067959443]