[{"data":1,"prerenderedAt":1332},["ShallowReactive",2],{"I-maWsoucveWH7VpbVdiZ9YJQaZbJd1SsPfUgTAv7BA":3,"i-custom:keyboard-arrow-down":704,"i-custom:check":708,"i-custom:north-east":710,"aHcDUly6SaGeP6ioPON5fVHVMxphcqdngpoCFvA7jBA":712},{"_site":4,"allMenuCtas":33,"allMenuItems":43,"allFooterMenuItems":207,"allFooterLinks":259,"allProductCategories":263,"allPlans":277,"allPatchCategories":288,"allCountries":622,"allPartnerCategories":664,"topBar":674,"allSocialLinks":695},{"globalSeo":5,"favicon":8,"faviconMetaTags":10,"locales":31},{"siteName":6,"titleSuffix":7},"0patch"," | 0patch",{"url":9},"https://www.datocms-assets.com/166020/1758709113-0patch_logo.svg",[11,19,23,27],{"tag":12,"attributes":13,"content":18},"link",{"sizes":14,"type":15,"rel":16,"href":17},"16x16","image/svg","icon","https://www.datocms-assets.com/166020/1758709113-0patch_logo.svg?auto=format&h=16&w=16",null,{"tag":12,"attributes":20,"content":18},{"sizes":21,"type":15,"rel":16,"href":22},"32x32","https://www.datocms-assets.com/166020/1758709113-0patch_logo.svg?auto=format&h=32&w=32",{"tag":12,"attributes":24,"content":18},{"sizes":25,"type":15,"rel":16,"href":26},"96x96","https://www.datocms-assets.com/166020/1758709113-0patch_logo.svg?auto=format&h=96&w=96",{"tag":12,"attributes":28,"content":18},{"sizes":29,"type":15,"rel":16,"href":30},"192x192","https://www.datocms-assets.com/166020/1758709113-0patch_logo.svg?auto=format&h=192&w=192",[32],"en",[34],{"id":35,"title":36,"reference":37,"externalLink":40,"variant":41,"publishTranslation":42},"7540649","Buy now",{"_modelApiKey":38,"slug":39},"page","pricing","","primary-green",true,[44,52,59,66,86,92,99,103,109,117,123,130,135,149,155,169,175],{"id":45,"children":46,"externalLink":40,"parent":47,"reference":49,"title":51,"description":40,"publishTranslation":42},"HC0Jv04qRuKuZzHWgfUcNw",[],{"id":48},"IL3SSc5ySpu4strWvTvZ_A",{"_modelApiKey":38,"slug":50},"in-the-media","In the media",{"id":53,"children":54,"externalLink":55,"parent":56,"reference":18,"title":58,"description":40,"publishTranslation":42},"Lf_fG7sJTeyY-YwXgCZM6A",[],"https://dist.0patch.com/download/latestagent",{"id":57},"InIESymQQManhdOiSJWRAA","Download 0patch Agent",{"id":60,"children":61,"externalLink":62,"parent":63,"reference":18,"title":65,"description":40,"publishTranslation":42},"H1wOcewmTj2BFNcm_3S4Pg",[],"https://support.0patch.com/hc/en-us/sections/22259984868242",{"id":64},"SWaM0xVVRG-TtXEDSCe6CA","User Manual",{"id":48,"children":67,"externalLink":40,"parent":83,"reference":18,"title":85,"description":40,"publishTranslation":42},[68,72],{"id":45,"title":51,"description":40,"parent":69,"reference":70,"externalLink":40,"publishTranslation":42,"children":71},{"id":48},{"_modelApiKey":38,"slug":50},[],{"id":73,"title":74,"description":74,"parent":75,"reference":76,"externalLink":40,"publishTranslation":42,"children":82},"GYvRoN-xQrK53JU9hoMC9g","From our blog",{"id":48},{"_modelApiKey":77,"slug":78,"title":79,"createdAt":80,"published":81},"article","micropatches-released-for-windows-storage-elevation-of-privilege-vulnerability-cv","Micropatches released for Windows Storage Elevation of Privilege Vulnerability (CVE-2026-21508)","2026-04-04T11:50:51+02:00","2026-03-31T00:00:00+02:00",[],{"id":84},"136494748","Featured",{"id":87,"children":88,"externalLink":40,"parent":18,"reference":89,"title":91,"description":40,"publishTranslation":42},"7537370",[],{"_modelApiKey":38,"slug":90},"windows10","Windows 10",{"id":93,"children":94,"externalLink":95,"parent":96,"reference":18,"title":97,"description":98,"publishTranslation":42},"KNhSd6vgR2mx15df8jrG1g",[],"https://support.0patch.com/hc/en-us",{"id":57},"Help Center","All sections",{"id":73,"children":100,"externalLink":40,"parent":101,"reference":102,"title":74,"description":74,"publishTranslation":42},[],{"id":48},{"_modelApiKey":77,"slug":78,"createdAt":80,"title":79,"published":81},{"id":104,"children":105,"externalLink":106,"parent":107,"reference":18,"title":108,"description":40,"publishTranslation":42},"YlQq8EI3S3Cjo6bX8KwScg",[],"https://www.0patch.com/files/0patch_End_User_License_Agreement.pdf",{"id":64},"License agreement",{"id":110,"children":111,"externalLink":40,"parent":112,"reference":113,"title":115,"description":116,"publishTranslation":42},"7537375",[],{"id":57},{"_modelApiKey":38,"slug":114},"contact","Contact us","Form demo",{"id":118,"children":119,"externalLink":40,"parent":18,"reference":120,"title":122,"description":40,"publishTranslation":42},"LT3XEcT4ToWK-CGDxHIvxA",[],{"_modelApiKey":38,"slug":121},"patches","Patches",{"id":124,"children":125,"externalLink":40,"parent":126,"reference":127,"title":129,"description":40,"publishTranslation":42},"C_hUUxSzRlWzUZJZiQKLWg",[],{"id":64},{"_modelApiKey":38,"slug":128},"privacy","Privacy policy",{"id":131,"children":132,"externalLink":40,"parent":18,"reference":133,"title":134,"description":40,"publishTranslation":42},"M7H9KVRYQbWzdi5przLT7w",[],{"_modelApiKey":38,"slug":39},"Pricing",{"id":57,"children":136,"externalLink":40,"parent":147,"reference":18,"title":148,"description":40,"publishTranslation":42},[137,140,143],{"id":53,"title":58,"description":40,"parent":138,"reference":18,"externalLink":55,"publishTranslation":42,"children":139},{"id":57},[],{"id":93,"title":97,"description":98,"parent":141,"reference":18,"externalLink":95,"publishTranslation":42,"children":142},{"id":57},[],{"id":110,"title":115,"description":116,"parent":144,"reference":145,"externalLink":40,"publishTranslation":42,"children":146},{"id":57},{"_modelApiKey":38,"slug":114},[],{"id":84},"Support",{"id":150,"children":151,"externalLink":40,"parent":18,"reference":152,"title":154,"description":40,"publishTranslation":42},"7540650",[],{"_modelApiKey":38,"slug":153},"blog","Blog",{"id":64,"children":156,"externalLink":40,"parent":167,"reference":18,"title":168,"description":40,"publishTranslation":42},[157,160,163],{"id":60,"title":65,"description":40,"parent":158,"reference":18,"externalLink":62,"publishTranslation":42,"children":159},{"id":64},[],{"id":104,"title":108,"description":40,"parent":161,"reference":18,"externalLink":106,"publishTranslation":42,"children":162},{"id":64},[],{"id":124,"title":129,"description":40,"parent":164,"reference":165,"externalLink":40,"publishTranslation":42,"children":166},{"id":64},{"_modelApiKey":38,"slug":128},[],{"id":84},"Documents",{"id":170,"children":171,"externalLink":40,"parent":18,"reference":172,"title":174,"description":40,"publishTranslation":42},"SH5u-VrlQeKwYFXpbtstHw",[],{"_modelApiKey":38,"slug":173},"partners","Partners",{"id":84,"children":176,"externalLink":40,"parent":18,"reference":18,"title":206,"description":40,"publishTranslation":42},[177,186,196],{"id":48,"title":85,"description":40,"parent":178,"reference":18,"externalLink":40,"publishTranslation":42,"children":179},{"id":84},[180,183],{"id":45,"title":51,"description":40,"parent":181,"reference":182,"externalLink":40,"publishTranslation":42},{"id":48},{"_modelApiKey":38,"slug":50},{"id":73,"title":74,"description":74,"parent":184,"reference":185,"externalLink":40,"publishTranslation":42},{"id":48},{"_modelApiKey":77,"slug":78,"createdAt":80,"title":79,"published":81},{"id":57,"title":148,"description":40,"parent":187,"reference":18,"externalLink":40,"publishTranslation":42,"children":188},{"id":84},[189,191,193],{"id":53,"title":58,"description":40,"parent":190,"reference":18,"externalLink":55,"publishTranslation":42},{"id":57},{"id":93,"title":97,"description":98,"parent":192,"reference":18,"externalLink":95,"publishTranslation":42},{"id":57},{"id":110,"title":115,"description":116,"parent":194,"reference":195,"externalLink":40,"publishTranslation":42},{"id":57},{"_modelApiKey":38,"slug":114},{"id":64,"title":168,"description":40,"parent":197,"reference":18,"externalLink":40,"publishTranslation":42,"children":198},{"id":84},[199,201,203],{"id":60,"title":65,"description":40,"parent":200,"reference":18,"externalLink":62,"publishTranslation":42},{"id":64},{"id":104,"title":108,"description":40,"parent":202,"reference":18,"externalLink":106,"publishTranslation":42},{"id":64},{"id":124,"title":129,"description":40,"parent":204,"reference":205,"externalLink":40,"publishTranslation":42},{"id":64},{"_modelApiKey":38,"slug":128},"Resources",[208,214,218,222,226,231,235,239,244,249,254],{"id":209,"column":210,"children":211,"externalLink":40,"parent":18,"reference":212,"title":122,"description":40,"publishTranslation":42},"Z7v-uM0cTOOBdk-s10IiJA",1,[],{"__typename":213,"_modelApiKey":38,"slug":121},"PageRecord",{"id":215,"column":210,"children":216,"externalLink":40,"parent":18,"reference":217,"title":134,"description":40,"publishTranslation":42},"Yr6Go03oTdSCq8pxdWdUsg",[],{"__typename":213,"_modelApiKey":38,"slug":39},{"id":219,"column":210,"children":220,"externalLink":40,"parent":18,"reference":221,"title":174,"description":40,"publishTranslation":42},"Ds1JBCIHQQKM3pJdA6ywFA",[],{"__typename":213,"_modelApiKey":38,"slug":173},{"id":223,"column":210,"children":224,"externalLink":40,"parent":18,"reference":225,"title":115,"description":40,"publishTranslation":42},"d9N0wsZhQsm7WLVqkmUWVQ",[],{"__typename":213,"_modelApiKey":38,"slug":114},{"id":227,"column":228,"children":229,"externalLink":40,"parent":18,"reference":230,"title":154,"description":40,"publishTranslation":42},"O9Oqpya5TZafs7o4l_8Nvg",2,[],{"__typename":213,"_modelApiKey":38,"slug":153},{"id":232,"column":228,"children":233,"externalLink":40,"parent":18,"reference":234,"title":51,"description":40,"publishTranslation":42},"QbA-8ChQT-eVxrfVlZzKaA",[],{"__typename":213,"_modelApiKey":38,"slug":50},{"id":236,"column":228,"children":237,"externalLink":95,"parent":18,"reference":18,"title":238,"description":40,"publishTranslation":42},"GcPu0RJNQu2cmfpL_Us1Lg",[],"Help center ",{"id":240,"column":228,"children":241,"externalLink":242,"parent":18,"reference":18,"title":243,"description":40,"publishTranslation":42},"NwREnz0XTvOJ93OHko_7xw",[],"https://status.0patch.com/","Status page",{"id":245,"column":228,"children":246,"externalLink":40,"parent":18,"reference":247,"title":248,"description":40,"publishTranslation":42},"UPh4X1tXRt24AhzNHaztFg",[],{"__typename":213,"_modelApiKey":38,"slug":114},"Write to support",{"id":250,"column":228,"children":251,"externalLink":252,"parent":18,"reference":18,"title":253,"description":40,"publishTranslation":42},"bUWsPw9eRvG4Ycl7j0yONg",[],"mailto:security@0patch.com","Report a security issue",{"id":255,"column":228,"children":256,"externalLink":257,"parent":18,"reference":18,"title":258,"description":40,"publishTranslation":42},"eB66OgJwSXSF0UWkhz1snQ",[],"https://www.0patch.com/files/0patch.asc","PGP KEY",[260],{"externalLink":40,"reference":261,"title":262,"publishTranslation":42},{"_modelApiKey":38,"slug":128},"Privacy",[264,269,273],{"__typename":265,"id":266,"name":267,"slug":268},"ProductCategoryRecord","Am0QLeVvQCuP42oCnhKABQ","Office","office",{"__typename":265,"id":270,"name":271,"slug":272},"VFAYSlgkRneu1oHcTKcpwQ","Server","server",{"__typename":265,"id":274,"name":275,"slug":276},"UNiVGxy_QViVXTpaSLXZlQ","Windows","windows",[278,282,285],{"__typename":279,"id":280,"title":281},"PlanRecord","T-QQY6XRSjeGbmXIK5kNCw","Free",{"__typename":279,"id":283,"title":284},"TOtXWfDyTjyO3H3OW_HRtQ","Professional",{"__typename":279,"id":286,"title":287},"KJjNQcHiRVa_mZqx_GtIrg","Enterprise",[289,423,520,561,605],{"__typename":290,"_allReferencingPatchesMeta":291,"_allReferencingPatches":293,"_modelApiKey":418,"name":419,"id":420,"slug":421,"icon":18,"supportDate":422},"PatchCategoryRecord",{"count":292},19,[294,302,310,317,325,333,340,346,352,358,364,370,376,382,388,394,400,406,412],{"id":295,"title":296,"description":297,"plans":298},"CHBzDqmWSkiUggiwCycMKQ","0day patches","\u003Cp>Patches for vulnerabilities the original vendor has not yet patched - both for legacy products and products that are still under official vendor support\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?type=0day\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our 0day patches\u003C/a>\u003C/strong>\u003C/p>",[299,300,301],{"id":280,"title":281},{"id":283,"title":284},{"id":286,"title":287},{"id":303,"title":304,"description":305,"plans":306},"W1zipVenRuaCpMLlbChNkg","Free patches","\u003Cp>Patches for \"0day\" vulnerabilities are generally free until the vendor has provided an official fix\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?plan=free\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our free patches\u003C/a>\u003C/strong>\u003C/p>",[307,308,309],{"id":280,"title":281},{"id":283,"title":284},{"id":286,"title":287},{"id":311,"title":312,"description":313,"plans":314},"JMf6o8nLRh2YNbSjeoWSbg","All patches","\u003Cp>All our patches we have ever issued, or will ever issue, including 0day and legacy patches\u003C/p>",[315,316],{"id":283,"title":284},{"id":286,"title":287},{"id":318,"title":319,"description":320,"plans":321},"N2SosqbOST-U5Q3FTqKT-g","Multi factor authentication (MFA)","\u003Cp>Require one-time code from an authenticator app when accessing 0patch Central\u003C/p>",[322,323,324],{"id":280,"title":281},{"id":283,"title":284},{"id":286,"title":287},{"id":326,"title":327,"description":328,"plans":329},"Aurt0TQWT3qrx--H6Bvtnw","0patch console - local management","\u003Cp>0patch Agent is managed locally using 0patch Console application\u003C/p>",[330,331,332],{"id":280,"title":281},{"id":283,"title":284},{"id":286,"title":287},{"id":334,"title":335,"description":336,"plans":337},"dvNfP_7ZQ6uyUtJO3ADbJQ","Standard email support","\u003Cp>Email support with 24-hour response time\u003C/p>",[338,339],{"id":283,"title":284},{"id":286,"title":287},{"id":341,"title":342,"description":343,"plans":344},"DRZtt1FJQ2OW742_5ZdcOQ","Central management","\u003Cp>Centrally manage and monitor all your 0patch Agents from web-based 0patch Central\u003C/p>",[345],{"id":286,"title":287},{"id":347,"title":348,"description":349,"plans":350},"C7j04lkDSSmPT2ikq9grug","IP address allow-listing","\u003Cp>Restricting access to 0patch Central so only users connecting from approved IP addresses can use it\u003C/p>",[351],{"id":286,"title":287},{"id":353,"title":354,"description":355,"plans":356},"aLo8Rj7YQsufFNozN8C6lw","Unattended agent installation","\u003Cp>Deploy 0patch Agent remotely without user interaction\u003C/p>",[357],{"id":286,"title":287},{"id":359,"title":360,"description":361,"plans":362},"dJECbsVMSGm7_ObPWiWSDQ","Agent auto-registration","\u003Cp>0patch Agent can automatically register itself to your 0patch account\u003C/p>",[363],{"id":286,"title":287},{"id":365,"title":366,"description":367,"plans":368},"WHM0-Mj0Sr2WZ1LwhTI9Dw","Silent run","\u003Cp>0patch Agent operates entirely in the background without showing notifications or prompts to the user\u003C/p>",[369],{"id":286,"title":287},{"id":371,"title":372,"description":373,"plans":374},"Zjk5YWqcS2al2C2OTEH82w","Patching policies","\u003Cp>Select which patches are enabled for which groups of computers, and whether newly issued patches are initially enabled or disabled\u003C/p>",[375],{"id":286,"title":287},{"id":377,"title":378,"description":379,"plans":380},"DXTTXN2ITtmy-Bclo1_iKQ","Computer groups","\u003Cp>Organize your computers in groups to simplify management and apply different policies to different sets of computers\u003C/p>",[381],{"id":286,"title":287},{"id":383,"title":384,"description":385,"plans":386},"Vna1HyM9Q4-kwJshD0-4Ag","Multi user support","\u003Cp>Add any number of users to 0patch Central\u003C/p>",[387],{"id":286,"title":287},{"id":389,"title":390,"description":391,"plans":392},"MZheRUWKRHuS_M3sPAvxWw","User roles","\u003Cp>Assign different roles to 0patch Central users to limit their access\u003C/p>",[393],{"id":286,"title":287},{"id":395,"title":396,"description":397,"plans":398},"em07-dXcQ2Of2IhpZzUeDQ","Mandatory MFA","\u003Cp>Administrator can make multi factor authentication mandatory for all 0patch Central users\u003C/p>",[399],{"id":286,"title":287},{"id":401,"title":402,"description":403,"plans":404},"DJ9WqVROQWiRnUxDr8ckeQ","SAML single sign-on","\u003Cp>Login to 0patch Central through your identity provider using the SAML protocol\u003C/p>",[405],{"id":286,"title":287},{"id":407,"title":408,"description":409,"plans":410},"c73GoxWmTXS5muxHXFl3HA","SCIM provisioning","\u003Cp>Manage 0patch Central users with your identity provider using SCIM protocol\u003C/p>",[411],{"id":286,"title":287},{"id":413,"title":414,"description":415,"plans":416},"QM6mK9qtTBe5OtMWfVnvvg","Professional services","\u003Cp>Custom patches and additional professional services are available to large customers\u003C/p>",[417],{"id":286,"title":287},"patch_category","Features","T2nlr7wWS3eNfLE8hfA1ew","features","2025-12-05",{"__typename":290,"_allReferencingPatchesMeta":424,"_allReferencingPatches":426,"_modelApiKey":418,"name":504,"id":505,"slug":506,"icon":507,"supportDate":519},{"count":425},11,[427,434,441,448,455,462,469,476,483,490,497],{"id":428,"title":429,"description":430,"plans":431},"Wn-S2pccQbKHM4Qi_CFf0Q","Windows 11 22H2 patches","\u003Cp>Windows 11 22H2 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+11\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 11 patches\u003C/a>\u003C/strong>\u003C/p>",[432,433],{"id":283,"title":284},{"id":286,"title":287},{"id":435,"title":436,"description":437,"plans":438},"KLIOm9vRTpWNef0hEYPZRw","Windows 11 21H2 patches","\u003Cp>Windows 11 21H2 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+11\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 11 patches\u003C/a>\u003C/strong>\u003C/p>",[439,440],{"id":283,"title":284},{"id":286,"title":287},{"id":442,"title":443,"description":444,"plans":445},"Z-_sUVTSRcyneegSkg6tEg","Windows 10 22H2 post-EOS patches","\u003Cp>Windows 10 22H2 post-end-of-support patches, for computers without Extended Security Updates (ESU), or computers with any full year of ESU updates installed\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[446,447],{"id":283,"title":284},{"id":286,"title":287},{"id":449,"title":450,"description":451,"plans":452},"OG3314TtS_mGEWsQ7I7rVg","Windows 10 21H2 patches","\u003Cp>Windows 10 21H2 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[453,454],{"id":283,"title":284},{"id":286,"title":287},{"id":456,"title":457,"description":458,"plans":459},"d-2ES_YuR7C4QuSmcXgi0Q","Windows 10 21H1 patches","\u003Cp>Windows 10 21H1 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[460,461],{"id":283,"title":284},{"id":286,"title":287},{"id":463,"title":464,"description":465,"plans":466},"R-A6Aep1TCCVLYwFbfK3Sw","Windows 10 20H2 patches","\u003Cp>Windows 10 20H2 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[467,468],{"id":283,"title":284},{"id":286,"title":287},{"id":470,"title":471,"description":472,"plans":473},"Dg4FaK9fS8KTa1o3Qhor6w","Windows 10 2004 patches","\u003Cp>Windows 10 2004 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[474,475],{"id":286,"title":287},{"id":283,"title":284},{"id":477,"title":478,"description":479,"plans":480},"MJlLPyxqTcy9ys2UaZYNKQ","Windows 10 v1909 patches","\u003Cp>Windows 10 1909 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[481,482],{"id":283,"title":284},{"id":286,"title":287},{"id":484,"title":485,"description":486,"plans":487},"GscjCa1TQOe5p5Or7g2qyw","Windows 10 v1809 patches","\u003Cp>Windows 10 1809 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[488,489],{"id":283,"title":284},{"id":286,"title":287},{"id":491,"title":492,"description":493,"plans":494},"OeQ8xMmJTmadIiPcKYkhvw","Windows 10 v1803 patches","\u003Cp>Windows 10 1803 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[495,496],{"id":283,"title":284},{"id":286,"title":287},{"id":498,"title":499,"description":500,"plans":501},"Obe8z8snRYGoLT6BZyzhZw","Windows 7 post-EOS and post-ESU patches","\u003Cp>Windows 7 post-end-of-support patches, for computers without Extended Security Updates (ESU), or computers with any full year of ESU updates installed\u003C/p>",[502,503],{"id":283,"title":284},{"id":286,"title":287},"Windows Patches","DXze3dvpTu-HF132vKjSug","microsoft-windows-xp",{"alt":508,"url":509,"width":510,"height":510,"responsiveImage":511},"Windows 11 logo","https://www.datocms-assets.com/166020/1764600963-win11.png",300,{"srcSet":512,"webpSrcSet":513,"sizes":514,"src":515,"width":516,"height":516,"aspectRatio":210,"alt":508,"title":18,"bgColor":517,"base64":518},"https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&fit=crop&h=40 40w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&h=40 60w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&h=40 80w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&h=40 120w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&h=40 160w","https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&fit=crop&fm=webp&h=40 40w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&fm=webp&h=40 60w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&fm=webp&h=40 80w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&fm=webp&h=40 120w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&fm=webp&h=40 160w","(max-width: 40px) 100vw, 40px","https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&fit=crop&h=40",40,"#0278cf","data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAYCAMAAADXqc3KAAAA51BMVEUAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtG9HcQcAAAATXRSTlMAAQIDBAUGBwkKCwwNDg8QERITFBUWFxgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY4OTo7PD0+P0BBQkNERUZHSEpLTE1OTwjw0A0AAAEqSURBVHjapZHbbsMgDIZNcMwhm7ZW097/+XrTToNwSGKPkraqtN3NCAn/H8LmN4L2LxbyOcMer0cHJcYF9UhEwHQH10yWBdAa7y0MJW5dN9NkQQsgTuS9UUMNoQM/eQcaGiBjRlJMpgNljWlPrSugiABc9yOkpSKYeBhYlZR2MSUjUtJc8EKlWpXP8379QpAhxVCRc56tSvdu4VSt5NhqtHPOTxXgonpBhF+xN/IHgP8AlO1ZYu5AO08ynx/ym+UUm7sf1MF4uumfhwZCKHgg70YZuXx1cDi+W3ZEBR0Zi7wZs4/JOmdEbaxRuC3hXrA7ezW/BaZNwco57SYuuWQlpdaK37SuxPH75m4IxJBjLBjrxpVjuHWbYptHnts8Kg+at1Lv/6hVt12XH8K5sGlN/hfaAAAAAElFTkSuQmCC","2025-06-25",{"__typename":290,"_allReferencingPatchesMeta":521,"_allReferencingPatches":523,"_modelApiKey":418,"name":545,"id":546,"slug":547,"icon":548,"supportDate":519},{"count":522},3,[524,531,538],{"id":525,"title":526,"description":527,"plans":528},"DMZZcGMvQfaRElACxvHXyA","Windows Server 2012 R2 post-EOS patches","\u003Cp>Windows Server 2012 R2 post-end-of-support patches, for computers without Extended Security Updates (ESU), or computers with any full year of ESU updates installed\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+Server+2012+R2\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows Server 2012 R2 patches\u003C/a>\u003C/strong>\u003C/p>",[529,530],{"id":283,"title":284},{"id":286,"title":287},{"id":532,"title":533,"description":534,"plans":535},"ZaeezXKkT3KGln5CQ4NH9w","Windows Server 2012 post-EOS patches","\u003Cp>Windows Server 2012 post-end-of-support patches, for computers without Extended Security Updates (ESU), or computers with any full year of ESU updates installed\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+Server+2012\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows Server 2012 patches\u003C/a>\u003C/strong>\u003C/p>",[536,537],{"id":283,"title":284},{"id":286,"title":287},{"id":539,"title":540,"description":541,"plans":542},"RYxw9xwXR3-OWnsdr8dFEg","Windows Server 2008 R2 post-EOS and post-ESU patches","\u003Cp>Windows Server 2008 R2 post-end-of-support patches, for computers without Extended Security Updates (ESU), or computers with any full year of ESU updates installed\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+Server+2008+R2\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows Server 2008 R2 patches\u003C/a>\u003C/strong>\u003C/p>",[543,544],{"id":283,"title":284},{"id":286,"title":287},"Windows Server Patches","J7WLPCrKS7i7B8sAyJpKWg","microsoft-windows-vista",{"alt":549,"url":550,"width":551,"height":510,"responsiveImage":552},"Windows Server 2012-2022 logo","https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png",296,{"srcSet":553,"webpSrcSet":554,"sizes":555,"src":556,"width":557,"height":516,"aspectRatio":558,"alt":549,"title":18,"bgColor":559,"base64":560},"https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&fit=crop&h=40 39w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&h=40 58w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&h=40 78w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&h=40 117w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&h=40 156w","https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&fit=crop&fm=webp&h=40 39w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&fm=webp&h=40 58w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&fm=webp&h=40 78w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&fm=webp&h=40 117w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&fm=webp&h=40 156w","(max-width: 39px) 100vw, 39px","https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&fit=crop&h=40",39,0.975,"#0b1f8e","data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABcAAAAYCAMAAAAmopZHAAABRFBMVEUAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIis0k1eAAAAbHRSTlMAAQIDBAUGBwgJCgsMDQ4PEBESExQVFhgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj9AQUJDREVGR0hJSkxNTk9QUVRVVldYWVpbXF1fYWJjZGVmZ2lqa2xtbnBzdHY8yRY6AAABF0lEQVR42o2STU/EIBCGmWEodGm77sWj//+PeVAvRrNAYYY63cREs42R45PJ+xXIHD/6L0eU7Y7DZR4tl5QqGQQ0XXbql4fLHCyv11zpCRCMMIux43w5R4+yTqXSGQA24cadwuidG5C7iCG58dZaZ0ODs13vi+q8AxjltQr6VPKsOjkpf73Z9t23fn5+xICcs3L+mTOlkwcu9b5XKiCHfdXugNs4qE5WvoBFs+dRGmKMA7aSSqNHRAudWxXjwjTt92vSvguSxW0fAtw4ncYB+pprow6b0YkACIfRhxNBt+gqvVnnSKv1ze5DVIOdpQo9q7ezuoUhPy3LNFjhovoag787v8TzHEhqLvw7//VqAvXKB33L3//hC+5Cl3o2W4MJAAAAAElFTkSuQmCC",{"__typename":290,"_allReferencingPatchesMeta":562,"_allReferencingPatches":564,"_modelApiKey":418,"name":593,"id":594,"slug":595,"icon":596,"supportDate":519},{"count":563},4,[565,572,579,586],{"id":566,"title":567,"description":568,"plans":569},"axmNaLDGSs2BLTpJNU-fuQ","Microsoft Office 2019 post-EOS patches","\u003Cp>Microsoft Office 2019 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Office+2019\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Microsoft Office 2019 patches\u003C/a>\u003C/strong>\u003C/p>",[570,571],{"id":283,"title":284},{"id":286,"title":287},{"id":573,"title":574,"description":575,"plans":576},"MkFk40IJQhCcXnIO2ZDd4Q","Microsoft Office 2016 post-EOS patches","\u003Cp>Microsoft Office 2016 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Office+2016\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Microsoft Office 2016 patches\u003C/a>\u003C/strong>\u003C/p>",[577,578],{"id":283,"title":284},{"id":286,"title":287},{"id":580,"title":581,"description":582,"plans":583},"FFqWfGxfQF2q0uyjyRjVWg","Microsoft Office 2013 post-EOS patches","\u003Cp>Microsoft Office 2013 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Office+2013\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Microsoft Office 2013 patches\u003C/a>\u003C/strong>\u003C/p>",[584,585],{"id":283,"title":284},{"id":286,"title":287},{"id":587,"title":588,"description":589,"plans":590},"XFYgrsOyRpeuEXk29M4z9g","Microsoft Office 2010 post-EOS patches","\u003Cp>Microsoft Office 2010 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Office+2010\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Microsoft Office 2010 patches\u003C/a>\u003C/strong>\u003C/p>",[591,592],{"id":283,"title":284},{"id":286,"title":287},"Microsoft Office Patches","VH2unwR4RjycDA1o_6eSFw","microsoft-windows-7",{"alt":597,"url":598,"width":510,"height":510,"responsiveImage":599},"Microsoft Office logo","https://www.datocms-assets.com/166020/1764600963-office2013_2019.png",{"srcSet":600,"webpSrcSet":601,"sizes":514,"src":602,"width":516,"height":516,"aspectRatio":210,"alt":597,"title":18,"bgColor":603,"base64":604},"https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&fit=crop&h=40 40w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&h=40 60w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&h=40 80w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&h=40 120w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&h=40 160w","https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&fit=crop&fm=webp&h=40 40w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&fm=webp&h=40 60w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&fm=webp&h=40 80w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&fm=webp&h=40 120w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&fm=webp&h=40 160w","https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&fit=crop&h=40","#eb3c00","data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAYCAMAAADXqc3KAAABSlBMVEXqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPAAMDLSTAAAAbnRSTlMAAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eHyAiIyQlJicoKSorLS4vMTIzNDU2Nzk6Ozw9P0BBQkNERkpMTU5PUFFSVVZXWVpbXF1eX2BhYmNkZmdoaWpsbW5vcHFzdXZ4fH5/gIKDhBdTJiUAAAERSURBVHjabdE5doQwDAZgSV6AwMsU06TN/e+TM6SfyeBNUsALTeKGhz7wL8sWzoU21yd8fN6Xn++vAGDruzcdyFhjrBuAK0mo4Kz3PL89OrxvyA0s+Un9Cg38bZPUtrLOmXleUSvctrk4W1obZHVZtscJ0zo5Ral1FsAjfG7gDCo3iLmIknU1w4BybtnwyqmAaAsXzhhfDZ4hMjJrhVwy7B1iiIWycIPktO90flWIz8ATctY8QERQtQEUVh6ARIjQT86Mow7OGDqsg+IQcs4CjT8KXzB7Rwraujo6Qe3g7TEF4dTHHmGEGwKVFF4ddkhXu8yxjqFd7T7qzDmG9LzgWqWkuO//QS4xhf0viDJzvctfA1KXpEpvxgMAAAAASUVORK5CYII=",{"__typename":290,"_allReferencingPatchesMeta":606,"_allReferencingPatches":607,"_modelApiKey":418,"name":614,"id":615,"slug":616,"icon":617,"supportDate":519},{"count":210},[608],{"id":609,"title":610,"description":611,"plans":612},"OuJP-mYgRRi-wc8RTcRbUg","Other products patches","\u003Cp>We occasionally patch other Windows products, for instance when a critical vulnerability becomes known and the vendor does not provide an official patch in a timely manner\u003C/p>",[613],{"id":283,"title":284},"Other","BrWA-hAsQYSROgTvF-1ecA","microsoft-windows-11",{"alt":618,"url":619,"width":620,"height":621,"responsiveImage":18},"Windows 7","https://www.datocms-assets.com/166020/1754390080-layer1.svg",44,38,[623,628,632,636,640,644,648,652,656,660],{"__typename":624,"id":625,"name":626,"slug":627},"CountryRecord","WYcngTKjTLSCPKXF1CGc3Q","Germany","germany",{"__typename":624,"id":629,"name":630,"slug":631},"W7K_V8xIQ4esd1pdctvLRg","Switzerland","switzerland",{"__typename":624,"id":633,"name":634,"slug":635},"YCAHqeAMSp2PAVyP3KGV4w","International","international",{"__typename":624,"id":637,"name":638,"slug":639},"IKNwlfjMQXOfKhtUID30BQ","Singapore","singapore",{"__typename":624,"id":641,"name":642,"slug":643},"UzXo_gH5Te-UnOfNwdsfWQ","Netherlands","netherlands",{"__typename":624,"id":645,"name":646,"slug":647},"JKw7Q4wpQ8eGJjvHXwfSAA","Spain","spain",{"__typename":624,"id":649,"name":650,"slug":651},"RZbGpAInTEivnMxZzdTzwg","Poland","poland",{"__typename":624,"id":653,"name":654,"slug":655},"NwnHmUQ6RIK_OV9865XH3Q","Australia","australia",{"__typename":624,"id":657,"name":658,"slug":659},"HfVwBnHDSfCassEtkYx9lQ","United Kingdom","united-kingdom",{"__typename":624,"id":661,"name":662,"slug":663},"UUYGwDAYR4qLZM5UmDcmVA","USA","usa",[665,670],{"__typename":666,"id":667,"name":668,"slug":669},"PartnerCategoryRecord","dQoYak16SOaHi1odGdVqmQ","MSPs & SOCs","msps-socs",{"__typename":666,"id":671,"name":672,"slug":673},"REE7lMU8RzC9jabDARcxYQ","Resellers & Distributors","resellers-distributors",{"id":675,"_modelApiKey":676,"__typename":677,"text":678,"link":679,"menuLinks":687},"WnQYb8xeS2irpBJ41pdDRA","top_bar","TopBarRecord","Micropatches released for Windows Netlogon Remote Code Execution Vulnerability (CVE-2026-41089)",[680],{"externalLink":40,"id":681,"recordLink":682,"variant":12,"icon":685,"title":686},"K2tgUizORgyofhnuTJ36dA",{"__typename":683,"_modelApiKey":77,"slug":684},"ArticleRecord","micropatches-released-for-windows-netlogon-remote-code-execution-vulnerability-cv",false,"Learn more",[688,691],{"id":689,"primary":685,"externalLink":95,"parent":18,"reference":18,"title":690,"description":40,"publishTranslation":42},"B1pEweRaRD2YBkP6aH1CfA","Help center",{"id":692,"primary":42,"externalLink":693,"parent":18,"reference":18,"title":694,"description":40,"publishTranslation":42},"Mk0Yz-yqTk2akShgf7ARNg","https://central.0patch.com/","Sign in",[696,700],{"id":697,"title":698,"url":699},"NDrk5d4kQ96J2aCuTr-gvg","0patch on X","https://twitter.com/0patch",{"id":701,"title":702,"url":703},"GqN4lYxyTMyzcmRllVY4mg","Linked In","https://linkedin.com/company/0patch",{"left":705,"top":705,"width":706,"height":706,"rotate":705,"vFlip":685,"hFlip":685,"body":707},0,24,"\u003Cg fill=\"none\">\u003Cpath d=\"M11.9999 15.0539L6.34619 9.40013L7.39994 8.34637L11.9999 12.9464L16.5999 8.34637L17.6537 9.40013L11.9999 15.0539Z\" fill=\"currentColor\"/>\u003C/g>",{"left":705,"top":705,"width":706,"height":706,"rotate":705,"vFlip":685,"hFlip":685,"body":709},"\u003Cg fill=\"none\">\u003Cpath d=\"M9.5501 18.0001L3.8501 12.3001L5.2751 10.8751L9.5501 15.1501L18.7251 5.9751L20.1501 7.4001L9.5501 18.0001Z\" fill=\"currentColor\"/>\u003C/g>",{"left":705,"top":705,"width":706,"height":706,"rotate":705,"vFlip":685,"hFlip":685,"body":711},"\u003Cg fill=\"none\">\u003Cpath d=\"M5.55375 19.5001L4.5 18.4464L15.9462 7.00012H9V5.50012H18.5V15.0001H17V8.05387L5.55375 19.5001Z\" fill=\"currentColor\"/>\u003C/g>",{"article":713},{"_firstPublishedAt":714,"_publishedAt":715,"_updatedAt":716,"_seoMetaTags":717,"_allSlugLocales":783,"_allPublishTranslationLocales":786,"published":788,"__typename":683,"_modelApiKey":77,"author":789,"createdAt":714,"id":790,"excerpt":40,"body":791,"image":1320,"readTime":40,"title":720,"slug":785,"publishTranslation":42,"seoMetadata":18},"2025-08-21T14:34:33+02:00","2025-09-09T15:23:24+02:00","2025-09-09T15:23:22+02:00",[718,721,725,728,732,735,738,742,746,750,753,756,759,762,765,768,772,775,779],{"tag":719,"attributes":18,"content":720},"title","How We Micropatched a Publicly Dropped 0day in Task Scheduler (CVE-2018-8440)",{"tag":722,"attributes":723,"content":18},"meta",{"property":724,"content":720},"og:title",{"tag":722,"attributes":726,"content":18},{"name":727,"content":720},"twitter:title",{"tag":722,"attributes":729,"content":18},{"name":730,"content":731},"description","This is a 0patch website.",{"tag":722,"attributes":733,"content":18},{"property":734,"content":731},"og:description",{"tag":722,"attributes":736,"content":18},{"name":737,"content":731},"twitter:description",{"tag":722,"attributes":739,"content":18},{"property":740,"content":741},"og:image","https://www.datocms-assets.com/166020/1755779666-setsecurityfile.png?auto=format&fit=max&w=1200",{"tag":722,"attributes":743,"content":18},{"property":744,"content":745},"og:image:width","583",{"tag":722,"attributes":747,"content":18},{"property":748,"content":749},"og:image:height","640",{"tag":722,"attributes":751,"content":18},{"property":752,"content":720},"og:image:alt",{"tag":722,"attributes":754,"content":18},{"name":755,"content":741},"twitter:image",{"tag":722,"attributes":757,"content":18},{"name":758,"content":720},"twitter:image:alt",{"tag":722,"attributes":760,"content":18},{"property":761,"content":32},"og:locale",{"tag":722,"attributes":763,"content":18},{"property":764,"content":77},"og:type",{"tag":722,"attributes":766,"content":18},{"property":767,"content":6},"og:site_name",{"tag":722,"attributes":769,"content":18},{"property":770,"content":771},"article:modified_time","2025-09-09T13:23:22Z",{"tag":722,"attributes":773,"content":18},{"property":774,"content":40},"article:publisher",{"tag":722,"attributes":776,"content":18},{"name":777,"content":778},"twitter:card","summary",{"tag":722,"attributes":780,"content":18},{"name":781,"content":782},"robots","noindex",[784],{"value":785,"locale":32},"how-we-micropatched-publicly-dropped",[787],{"value":42,"locale":32},"2018-08-31T15:24:00+02:00","Mitja Kolsek","f-zkIDpHR76VsO0ZRFBWPA",{"blocks":792,"links":867,"value":868},[793,809,819,833,846,855],{"id":794,"_modelApiKey":795,"__typename":796,"image":797},"fwXjhd8MS3SkHFK9NYGbGQ","image","ImageRecord",{"alt":798,"url":799,"width":800,"height":801,"responsiveImage":802},"setsecurityfile","https://www.datocms-assets.com/166020/1757424007-setsecurityfile.png",640,702,{"srcSet":803,"webpSrcSet":804,"sizes":805,"src":799,"width":800,"height":801,"aspectRatio":806,"alt":798,"title":798,"bgColor":807,"base64":808},"https://www.datocms-assets.com/166020/1757424007-setsecurityfile.png?dpr=0.25 160w,https://www.datocms-assets.com/166020/1757424007-setsecurityfile.png?dpr=0.5 320w,https://www.datocms-assets.com/166020/1757424007-setsecurityfile.png?dpr=0.75 480w,https://www.datocms-assets.com/166020/1757424007-setsecurityfile.png 640w","https://www.datocms-assets.com/166020/1757424007-setsecurityfile.png?dpr=0.25&fm=webp 160w,https://www.datocms-assets.com/166020/1757424007-setsecurityfile.png?dpr=0.5&fm=webp 320w,https://www.datocms-assets.com/166020/1757424007-setsecurityfile.png?dpr=0.75&fm=webp 480w,https://www.datocms-assets.com/166020/1757424007-setsecurityfile.png?fm=webp 640w","(max-width: 640px) 100vw, 640px",0.9116809116809117,"#0078d7","data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAoHBwgHBgoICAgFCgoFBQwFBQUFBREJCgUMFxMZGBYTFhUaHysjGh0oHRUWJDUlKC0vMjIyGSI4PTcwPCsxMi8BCgsLBQUFEAUFEC8cFhwvLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL//AABEIABkAFgMBIgACEQEDEQH/xAAVAAEBAAAAAAAAAAAAAAAAAAAAB//EABQQAQAAAAAAAAAAAAAAAAAAAAD/xAAVAQEBAAAAAAAAAAAAAAAAAAAAAv/EABQRAQAAAAAAAAAAAAAAAAAAAAD/2gAMAwEAAhEDEQA/ALEApIAAAAAD/9k=",{"id":810,"_modelApiKey":795,"__typename":796,"image":811},"WDQ3bk7eTxOF_CSKK8ASvw",{"alt":812,"url":813,"width":800,"height":801,"responsiveImage":814},"setsecurityfile_callstack","https://www.datocms-assets.com/166020/1757424007-setsecurityfile_callstack.png",{"srcSet":815,"webpSrcSet":816,"sizes":805,"src":813,"width":800,"height":801,"aspectRatio":806,"alt":812,"title":812,"bgColor":817,"base64":818},"https://www.datocms-assets.com/166020/1757424007-setsecurityfile_callstack.png?dpr=0.25 160w,https://www.datocms-assets.com/166020/1757424007-setsecurityfile_callstack.png?dpr=0.5 320w,https://www.datocms-assets.com/166020/1757424007-setsecurityfile_callstack.png?dpr=0.75 480w,https://www.datocms-assets.com/166020/1757424007-setsecurityfile_callstack.png 640w","https://www.datocms-assets.com/166020/1757424007-setsecurityfile_callstack.png?dpr=0.25&fm=webp 160w,https://www.datocms-assets.com/166020/1757424007-setsecurityfile_callstack.png?dpr=0.5&fm=webp 320w,https://www.datocms-assets.com/166020/1757424007-setsecurityfile_callstack.png?dpr=0.75&fm=webp 480w,https://www.datocms-assets.com/166020/1757424007-setsecurityfile_callstack.png?fm=webp 640w","#0000f5","data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAoHBwgHBgoICAgFCgoFBQwFBQUFBREJCgUMFxMZGBYTFhUaHysjGh0oHRUWJDUlKC0vMjIyGSI4PTcwPCsxMi8BCgsLBQUFEAUFEC8cFhwvLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL//AABEIABkAFgMBIgACEQEDEQH/xAAVAAEBAAAAAAAAAAAAAAAAAAAAB//EABQQAQAAAAAAAAAAAAAAAAAAAAD/xAAVAQEBAAAAAAAAAAAAAAAAAAAAAv/EABQRAQAAAAAAAAAAAAAAAAAAAAD/2gAMAwEAAhEDEQA/AKwApIAAAAAD/9k=",{"id":820,"_modelApiKey":795,"__typename":796,"image":821},"R6FhqMxSQLOagPT1kyS0uw",{"alt":822,"url":823,"width":824,"height":825,"responsiveImage":826},"call1","https://www.datocms-assets.com/166020/1757424007-call1.png",1600,665,{"srcSet":827,"webpSrcSet":828,"sizes":829,"src":823,"width":824,"height":825,"aspectRatio":830,"alt":822,"title":822,"bgColor":831,"base64":832},"https://www.datocms-assets.com/166020/1757424007-call1.png?dpr=0.25 400w,https://www.datocms-assets.com/166020/1757424007-call1.png?dpr=0.5 800w,https://www.datocms-assets.com/166020/1757424007-call1.png?dpr=0.75 1200w,https://www.datocms-assets.com/166020/1757424007-call1.png 1600w","https://www.datocms-assets.com/166020/1757424007-call1.png?dpr=0.25&fm=webp 400w,https://www.datocms-assets.com/166020/1757424007-call1.png?dpr=0.5&fm=webp 800w,https://www.datocms-assets.com/166020/1757424007-call1.png?dpr=0.75&fm=webp 1200w,https://www.datocms-assets.com/166020/1757424007-call1.png?fm=webp 1600w","(max-width: 1600px) 100vw, 1600px",2.406015037593985,"#ffaa00","data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAoHBwgHBhMICAgLFQoLFRUVFQ0NDhEaFhERFxwaGBYfFh4aHysvGh0oHRUWJDUlKC0vMjIyGSI4PTcwPCsxMi8BCgsLDg0OHBAQHDsoHR07Ly8vOy87Oy81LzUvLy8vLzsvLzs7Ly8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL//AABEIAAoAGAMBIgACEQEDEQH/xAAYAAACAwAAAAAAAAAAAAAAAAABAgAEB//EAB4QAAIBAwUAAAAAAAAAAAAAAAECAAMEMRESEyIy/8QAFgEBAQEAAAAAAAAAAAAAAAAAAgMB/8QAGxEAAQQDAAAAAAAAAAAAAAAAAQACETESIVH/2gAMAwEAAhEDEQA/ANTN5XD+YUvK7VNCssEDfiBQOXE3A9RDxFJ1qMT2EkZsyRQol26X/9k=",{"id":834,"_modelApiKey":795,"__typename":796,"image":835},"bCLq1OW6R1aVe4zo_5-9pQ",{"alt":836,"url":837,"width":838,"height":839,"responsiveImage":840},"call2","https://www.datocms-assets.com/166020/1757424007-call2.png",1502,984,{"srcSet":841,"webpSrcSet":842,"sizes":843,"src":837,"width":838,"height":839,"aspectRatio":844,"alt":836,"title":836,"bgColor":831,"base64":845},"https://www.datocms-assets.com/166020/1757424007-call2.png?dpr=0.25 375w,https://www.datocms-assets.com/166020/1757424007-call2.png?dpr=0.5 751w,https://www.datocms-assets.com/166020/1757424007-call2.png?dpr=0.75 1126w,https://www.datocms-assets.com/166020/1757424007-call2.png 1502w","https://www.datocms-assets.com/166020/1757424007-call2.png?dpr=0.25&fm=webp 375w,https://www.datocms-assets.com/166020/1757424007-call2.png?dpr=0.5&fm=webp 751w,https://www.datocms-assets.com/166020/1757424007-call2.png?dpr=0.75&fm=webp 1126w,https://www.datocms-assets.com/166020/1757424007-call2.png?fm=webp 1502w","(max-width: 1502px) 100vw, 1502px",1.5264227642276422,"data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAoHBwgHBgoICAgLEQoLDg4VEA0NDhYVFBUYFxUZHRYVIhUmHysvGh0oHRUWJDUlKC0vMjIyHSI4PTcwPCsxMi8BCgsLDg0OHBAQHDsoGBw7Oy8vLzs7Ozs7Ly8vLy8vLy8vLzU7Oy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL//AABEIABAAGAMBIgACEQEDEQH/xAAZAAABBQAAAAAAAAAAAAAAAAAEAAIDBQf/xAAfEAABAwQDAQAAAAAAAAAAAAAAAQIRAwQSMSEjQRP/xAAWAQEBAQAAAAAAAAAAAAAAAAADAgH/xAAYEQADAQEAAAAAAAAAAAAAAAAAARESAv/aAAwDAQACEQMRAD8A2LsnwZm/6QqoBOqXs7IabL19XZGzVxEW2SztBALaF3ny4QiYLtP/2Q==",{"id":847,"_modelApiKey":795,"__typename":796,"image":848},"X9KlwQ0ISJKPcy_gA7dXtg",{"alt":849,"url":850,"width":800,"height":801,"responsiveImage":851},"createfile_access_denied","https://www.datocms-assets.com/166020/1757424007-createfile_access_denied.png",{"srcSet":852,"webpSrcSet":853,"sizes":805,"src":850,"width":800,"height":801,"aspectRatio":806,"alt":849,"title":849,"bgColor":807,"base64":854},"https://www.datocms-assets.com/166020/1757424007-createfile_access_denied.png?dpr=0.25 160w,https://www.datocms-assets.com/166020/1757424007-createfile_access_denied.png?dpr=0.5 320w,https://www.datocms-assets.com/166020/1757424007-createfile_access_denied.png?dpr=0.75 480w,https://www.datocms-assets.com/166020/1757424007-createfile_access_denied.png 640w","https://www.datocms-assets.com/166020/1757424007-createfile_access_denied.png?dpr=0.25&fm=webp 160w,https://www.datocms-assets.com/166020/1757424007-createfile_access_denied.png?dpr=0.5&fm=webp 320w,https://www.datocms-assets.com/166020/1757424007-createfile_access_denied.png?dpr=0.75&fm=webp 480w,https://www.datocms-assets.com/166020/1757424007-createfile_access_denied.png?fm=webp 640w","data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAoHBwgHBgoICAgFCgoFBQwFBQUFBREJCgUMFxMZGBYTFhUaHysjGh0oHRUWJDUlKC0vMjIyGSI4PTcwPCsxMi8BCgsLBQUFEAUFEC8cFhwvLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL//AABEIABkAFgMBIgACEQEDEQH/xAAVAAEBAAAAAAAAAAAAAAAAAAAAB//EABQQAQAAAAAAAAAAAAAAAAAAAAD/xAAVAQEBAAAAAAAAAAAAAAAAAAAAAv/EABQRAQAAAAAAAAAAAAAAAAAAAAD/2gAMAwEAAhEDEQA/AK8ApIAAAAAD/9k=",{"id":856,"_modelApiKey":857,"__typename":858,"video":859},"Ck0n76pNQC6XnZ4UggF2-w","video_external","VideoExternalRecord",{"url":860,"title":861,"thumbnailUrl":862,"height":863,"provider":864,"providerUid":865,"width":866},"https://www.youtube.com/watch?v=5wHMy4FIHV8","0patching a Publicly Dropped 0day in Task Scheduler","https://i.ytimg.com/vi/5wHMy4FIHV8/hqdefault.jpg",113,"youtube","5wHMy4FIHV8",200,[],{"schema":869,"document":870},"dast",{"type":871,"children":872},"root",[873,879,937,940,949,988,992,996,1000,1014,1018,1020,1024,1025,1029,1030,1034,1035,1039,1040,1044,1048,1052,1053,1057,1066,1110,1242,1286],{"type":874,"level":522,"children":875},"heading",[876],{"type":877,"value":878},"span","Being Who You Are Can be a Bad Thing if You're a System Service\n",{"type":880,"children":881},"paragraph",[882,886,896,899,901,908,910,917,919,926,928,935],{"type":877,"marks":883,"value":885},[884],"emphasis","[Update 9/11/2018] Official fix for this vulnerability is now available and users are advised to apply Windows Updates, which will automatically result in our micropatch not getting applied any more. You're welcome to read about our ",{"url":887,"meta":888,"type":12,"children":892},"https://blog.0patch.com/2018/09/comparing-our-micropatch-with.html",[889],{"id":890,"value":891},"target","_blank",[893],{"type":877,"marks":894,"value":895},[884],"comparison between our micropatch and Microsoft's official fix",{"type":877,"marks":897,"value":898},[884],".",{"type":877,"value":900}," \n\nEarlier this week security researcher ",{"url":902,"meta":903,"type":12,"children":905},"https://twitter.com/SandboxEscaper",[904],{"id":890,"value":891},[906],{"type":877,"value":907},"SandboxEscaper",{"type":877,"value":909}," published details and proof-of-concept (POC) for a \"0day\" local privilege escalation vulnerability in Windows Task Scheduler service, which allows a local unprivileged user to change permissions of any file on the system - and thus subsequently replace or modify that file.\n\nAs the researcher's POC demonstrates, one can use this vulnerability to replace a system executable file and wait for a privileged process to execute it. In particular, it was shown that a printing-related DLL could be replaced and then executed by triggering the Print Spooler Service to load it. (The latter being a legitimate system operation, only used for demonstrating how replacing a system executable leads to elevated privileges. One could alternatively replace one of a large number of other system executables, or perhaps even a configuration file that gets loaded by a privileged process.)\n\n",{"url":911,"meta":912,"type":12,"children":914},"https://github.com/SandboxEscaper/randomrepo/blob/master/PoC-LPE.rar",[913],{"id":890,"value":891},[915],{"type":877,"value":916},"SandboxEscaper's documentation",{"type":877,"value":918}," properly identifies the problem being in Task Scheduler's ",{"url":920,"meta":921,"type":12,"children":923},"https://msdn.microsoft.com/en-us/library/cc248452.aspx",[922],{"id":890,"value":891},[924],{"type":877,"value":925},"SchRpcSetSecurity",{"type":877,"value":927}," method, which is externally accessible via ",{"url":929,"meta":930,"type":12,"children":932},"https://en.wikipedia.org/wiki/Local_Procedure_Call",[931],{"id":890,"value":891},[933],{"type":877,"value":934},"Advanced Local Procedure Call (ALPC)",{"type":877,"value":936}," facility. This method, which can be called by any local process, sets a desired security descriptor (sddl) on a task or folder, i.e., on a provided file path (path).\n\n",{"code":938,"type":939},"HRESULT SchRpcSetSecurity(\n   [in, string] const wchar_t* path,\n   [in, string] const wchar_t* sddl,\n   [in] DWORD flags\n );","code",{"type":880,"children":941},[942,944,947],{"type":877,"value":943},"\nSandboxEscaper noticed that this method fails to ",{"type":877,"marks":945,"value":946},[884],"impersonate ",{"type":877,"value":948},"the requesting client when setting the security descriptor, which results in Task Scheduler changing the access control list of the chosen file or folder as Local System user even if the user calling this method is a low-privileged user. Impersonation is a feature where, to put it simply, a process running as user A gets a request for some action from user B and performs this action disguised as user B, borrowing user B's permissions for that. Task Scheduler is such a process running as user Local System, and when some other user calls its SchRpcSetSecurity method, it should impersonate the caller to perform the file operation using their identity - but apparently it doesn't, and uses its own powerful permissions to do so.\n\nWhat the POC does to demonstrate this issue is:\n\n",{"type":950,"style":951,"children":952},"list","numbered",[953,970,976,982],{"type":954,"children":955},"listItem",[956],{"type":880,"children":957},[958,960,968],{"type":877,"value":959},"create an UpdateTask.job file in folder %SystemRoot%\\Tasks where any user is allowed to create files (this is needed in the process of creating a new scheduled task, and non-admin users are allowed to do that); however, this file is not an ordinary file but rather a ",{"url":961,"meta":962,"type":12,"children":964},"https://docs.microsoft.com/en-us/windows/desktop/fileio/hard-links-and-junctions",[963],{"id":890,"value":891},[965],{"type":877,"marks":966,"value":967},[884],"hard link",{"type":877,"value":969}," pointing to a system file PrintConfig.dll. (which non-system user can't modify or replace);",{"type":954,"children":971},[972],{"type":880,"children":973},[974],{"type":877,"value":975},"call Task Scheduler's SchRpcSetSecurity method to change permissions on UpdateTask.job such that everyone will be able to modify it; this actually changes permissions of the linked-to PrintConfig.dll file, which thus becomes user-modifiable;",{"type":954,"children":977},[978],{"type":880,"children":979},[980],{"type":877,"value":981},"replace PrintConfig.dll with a \"malicious\" DLL that simply launched Notepad;",{"type":954,"children":983},[984],{"type":880,"children":985},[986],{"type":877,"value":987},"trigger the Print Spooler service to load and execute the modified PrintConfig.dll using its own Local System identity.",{"type":880,"children":989},[990],{"type":877,"value":991},"\n\n",{"type":874,"level":228,"children":993},[994],{"type":877,"value":995},"Vulnerability Analysis ",{"type":880,"children":997},[998],{"type":877,"value":999},"\nThe problem is clearly in step #2, which allows a non-admin user to change permissions on a system executable, and one can quickly assess the root cause of the problem to be a combination of two facts:\n\n",{"type":950,"style":951,"children":1001},[1002,1008],{"type":954,"children":1003},[1004],{"type":880,"children":1005},[1006],{"type":877,"value":1007},"Task Scheduler doesn't impersonate the caller in SchRpcSetSecurity method when performing the SetSecurityFile file system operation, and ",{"type":954,"children":1009},[1010],{"type":880,"children":1011},[1012],{"type":877,"value":1013},"Task Scheduler being willing to perform SchRpcSetSecurity on a hard link.",{"type":880,"children":1015},[1016],{"type":877,"value":1017},"\nAfter running the POC, we took a look at operations performed on UpdateTask.job with Process Monitor, and found the one that changes permissions:\n\n",{"item":794,"type":1019},"block",{"type":880,"children":1021},[1022],{"type":877,"value":1023},"\n\n\nSo we took a look at its call stack to see who invoked this action:\n\n",{"item":810,"type":1019},{"type":880,"children":1026},[1027],{"type":877,"value":1028},"\n\n\nOkay, there's schedsvc.dll (Task Scheduler's executable) making a call to taskcomp.dll (Task Scheduler's helper library), which ends up with a call to kernel's NtSetSecurityObject. So we disassembled schedsvc.dll and taskcomp.dll to see what's going on in there at the identified locations. What we found was interesting.\n\nThe call from schedsvc.dll to taskcomp.dll occurs in function RpcServer::SetSecurity (in the orange block):\n\n",{"item":820,"type":1019},{"type":880,"children":1031},[1032],{"type":877,"value":1033},"\n\n\n\nWe were expecting to see code without any impersonation here, but actually found impersonation being used - just that the call that sets file permissions is done before the impersonation (in the lowest code block) begins.\n\nThe plan was clear: let's begin impersonation before the offending call to make sure that said call will be impersonated. So we created a micropatch with a single patchlet containing a call to RpcImpersonateCient and placed it at the beginning of the block preceding the orange block. How about reverting the impersonation? It turns out that wasn't needed because all code execution paths were leading directly to another impersonation call without making any other kernel calls that might be affected by our impersonation.\n\nWe tried this micropatch, but the exploit still worked !?! What was going on?\n\nIt turned out that there is another permissions-setting call in function RpcServer::SetSecurity, possibly a fallback mechanism in case the first one failed. So we made the first one fail, and the second one came to the rescue - again without impersonation (the middle orange block).\n\n\n",{"item":834,"type":1019},{"type":880,"children":1036},[1037],{"type":877,"value":1038},"\n\n\n\nIn this case, we can see a call to RpcRevertToSelf right before the offending call, which means that previous impersonation was reverted too soon to include the said call.\n\nWhat we did here was remove the premature RpcRevertToSelf call and insert a replacement RpcRevertToSelf call to the code block following the offending call. While this block has many other branches leading to it, we checked that these are not impersonated which means our inserted call won't erroneously prematurely revert some other impersonation.\n\nSo finally, our micropatch worked and Process Monitor showed this instead:\n\n",{"item":847,"type":1019},{"type":880,"children":1041},[1042],{"type":877,"value":1043},"\n\n\nYou can see the \"Impersonating\" line, proving that we have successfully forced Task Scheduler to impersonate the calling user when trying to set permissions on UpdateTask.job. Now, since this file was a hard link to another file which our user had insufficient permissions to modify ACL for, the result was ACCESS DENIED, as it should be.\n\nThis is the source code of our micropatch, with all of its 4 instructions in three patchlets:\n\n\n; Patch for VULN-4051 in schedsvc.dll version 10.0.17134.1 64bit\nMODULE_PATH \"..\\AffectedModules\\schedsvc.dll_10.0.17134.1_64bit\\schedsvc.dll\"\nPATCH_ID 328\nPATCH_FORMAT_VER 2\nVULN_ID 4051\nPLATFORM win64\n\n\npatchlet_start\n PATCHLET_ID 1\n PATCHLET_TYPE 2\n PATCHLET_OFFSET 0x6F5CB\n PIT rpcrt4.dll!RpcImpersonateClient\n code_start\n  xor ecx, ecx ; Impersonating the client that made the request\n  call PIT_RpcImpersonateClient\n code_end\npatchlet_end\n\n\npatchlet_start\n PATCHLET_ID 2\n PATCHLET_TYPE 2\n PATCHLET_OFFSET 0x6F81E\n JUMPOVERBYTES 6 ; We eliminate the 6-byte call to RevertToSelf\n code_start\n  nop\n code_end\npatchlet_end\n\n\npatchlet_start\n PATCHLET_ID 3\n PATCHLET_TYPE 2\n PATCHLET_OFFSET 0x6F844\n PIT rpcrt4.dll!RpcRevertToSelf\n code_start\n  call PIT_RpcRevertToSelf\n code_end\npatchlet_end\n\n",{"type":874,"level":228,"children":1045},[1046],{"type":877,"value":1047},"Micropatch In Action",{"type":880,"children":1049},[1050],{"type":877,"value":1051},"This video shows our micropatch in action.",{"item":856,"type":1019},{"type":874,"level":228,"children":1054},[1055],{"type":877,"value":1056},"Frequently Asked Questions\n",{"type":880,"children":1058},[1059,1061,1064],{"type":877,"value":1060},"\n",{"type":877,"marks":1062,"value":1063},[884],"Q: Which Windows versions does this micropatch apply to?",{"type":877,"value":1065},"\n\nCurrently we have instances of this micropatch applying to:\n",{"type":950,"style":951,"children":1067},[1068,1074,1080,1086,1092,1098,1104],{"type":954,"children":1069},[1070],{"type":880,"children":1071},[1072],{"type":877,"value":1073},"fully updated 64bit Windows 7 [added on 9/6]",{"type":954,"children":1075},[1076],{"type":880,"children":1077},[1078],{"type":877,"value":1079},"fully updated 64bit Windows Server 2008 [added on 9/6]",{"type":954,"children":1081},[1082],{"type":880,"children":1083},[1084],{"type":877,"value":1085},"fully updated 64bit Windows 10 version 1607 [added on 9/4]",{"type":954,"children":1087},[1088],{"type":880,"children":1089},[1090],{"type":877,"value":1091},"fully updated 64bit Windows 10 version 1709 [added on 9/5]",{"type":954,"children":1093},[1094],{"type":880,"children":1095},[1096],{"type":877,"value":1097},"fully updated 64bit Windows 10 version 1803",{"type":954,"children":1099},[1100],{"type":880,"children":1101},[1102],{"type":877,"value":1103},"fully updated 64bit Windows Server 2016 ",{"type":954,"children":1105},[1106],{"type":880,"children":1107},[1108],{"type":877,"value":1109},"fully updated 64bit Windows Server 1803 [added on 9/6]",{"type":880,"children":1111},[1112,1114,1121,1123,1128,1130,1137,1139,1146,1148,1151,1153,1160,1162,1165,1167,1170,1172,1175,1177,1180,1184,1187,1189,1193,1195,1202,1204,1207,1209,1212,1214,1217,1219,1222,1223,1226,1228,1231,1233,1240],{"type":877,"value":1113},"[Update 9/6/2018] Big thanks to ",{"url":1115,"meta":1116,"type":12,"children":1118},"https://twitter.com/wdormann",[1117],{"id":890,"value":891},[1119],{"type":877,"value":1120},"Will Dormann",{"type":877,"value":1122}," for confirming the vulnerability as well as effectiveness of our micropatch on Windows Server 1803 in a real-time Twitter DM session!\n\nWe can quickly port the micropatch to other affected versions but we'll only do that on request (",{"url":1124,"type":12,"children":1125},"mailto:support@0patch.com",[1126],{"type":877,"value":1127},"support@0patch.com",{"type":877,"value":1129},"). As far as we know at this point, the vulnerability was confirmed to also be present and exploitable on ",{"url":1131,"meta":1132,"type":12,"children":1134},"https://twitter.com/wdormann/status/1034554597908664320",[1133],{"id":890,"value":891},[1135],{"type":877,"value":1136},"32bit Windows 10",{"type":877,"value":1138}," and ",{"url":1140,"meta":1141,"type":12,"children":1143},"https://twitter.com/wdormann/status/1034948211579015168",[1142],{"id":890,"value":891},[1144],{"type":877,"value":1145},"32bit Windows 7",{"type":877,"value":1147},", so it's safe to assume that at least all Windows versions from Windows 7 and Windows Server 2008 are likely affected.\n\n\n",{"type":877,"marks":1149,"value":1150},[884],"Q: Will modifying the exploit allow attackers to bypass this micropatch?",{"type":877,"value":1152},"\n\nNo, and that's one of the significant advantages of changing the code compared to signature- or behavior- based exploit prevention systems. For instance, while most antivirus products will detect the original POC by now, Will Dormann ",{"url":1154,"meta":1155,"type":12,"children":1157},"https://twitter.com/wdormann/status/1035174336322330624",[1156],{"id":890,"value":891},[1158],{"type":877,"value":1159},"modified the POC",{"type":877,"value":1161}," and showed that it went undetected. Such modifications ",{"type":877,"marks":1163,"value":1164},[884],"always",{"type":877,"value":1166}," allow for bypassing detection-based systems, while fixing the code actually removes the vulnerability. There is simply nothing there to bypass. There is ",{"type":877,"marks":1168,"value":1169},[884],"no more efficient and reliable way",{"type":877,"value":1171}," to address a vulnerability than to actually remove it. (Although the entire industry built ",{"type":877,"marks":1173,"value":1174},[884],"around",{"type":877,"value":1176}," vulnerabilities will try to convince you otherwise.)   \n\n\n",{"type":877,"marks":1178,"value":1179},[884],"Q: How do we",{"type":877,"marks":1181,"value":1183},[884,1182],"strong"," ",{"type":877,"marks":1185,"value":1186},[884],"apply this micropatch?",{"type":877,"value":1188},"\n\nIf you have 0patch Agent already installed, this micropatch is already downloaded and applied so you don't have to do anything. Otherwise, ",{"url":55,"type":12,"children":1190},[1191],{"type":877,"value":1192},"download",{"type":877,"value":1194}," and launch the 0patch Agent installer, ",{"url":1196,"meta":1197,"type":12,"children":1199},"https://dist.0patch.com/User/Register",[1198],{"id":890,"value":891},[1200],{"type":877,"value":1201},"create a free 0patch account",{"type":877,"value":1203}," and register the agent to that account. You will immediately receive all micropatches including this one, and it will automatically get applied to Task Scheduler.\n\n\n",{"type":877,"marks":1205,"value":1206},[884],"Q: Is this patch functionally identical to how Microsoft will fix it?",{"type":877,"value":1208},"\n\nObviously we can't know that. As we always claim, the original vendor - with their internal knowledge of the product - is best-positioned to correct their own code. Nobody else knows all the possible side effects of a code change as well as they do (granted, with large products even they often don't see everything) and in an ideal world software vendors would be issuing micropatches like this to quickly and painlessly fix vulnerabilities. That said, Microsoft may do the same as we did, but they may also prevent Task Scheduler from changing permissions on hard links. Or they may find that they need to support hard links ",{"type":877,"marks":1210,"value":1211},[884],"and",{"type":877,"value":1213}," not impersonating the user is essential for some other operation that Task Scheduler performs - and will make a substantial code change. We often create micropatches after the vendor has issued the official update, which allows us to see what they did and ideally replicate their logic in a micropatch. With a 0day, this is obviously not possible.\n\nYou should therefore consider our micropatch a temporary solution while waiting for the official fix.  \n\n\n\n",{"type":877,"marks":1215,"value":1216},[884],"Q: What will happen on Patch Tuesday?",{"type":877,"value":1218},"\n\nWhen Microsoft makes their official fix available, you simply apply it as you would if you had never heard of 0patch. Applying it will automatically obsolete this micropatch on your computer as the update will replace a vulnerable executable with a fixed one, thereby changing its cryptographic hash. Since our micropatches are associated with specific hashes, this will make the micropatch inapplicable without intervention on either your end or ours. \n\n\n",{"type":877,"marks":1220,"value":1221},[884],"Q: Can we keep using this micropatch instead of applying Microsoft's update?",{"type":877,"value":991},{"type":877,"marks":1224,"value":1225},[1182],"We strongly recommend against that.",{"type":877,"value":1227}," Microsoft's update will not only fix this issue in a more informed way, but will also bring fixes for other vulnerabilities that we don't have micropatches for. Yes, we hate losing hours of our lives to updating our systems too, but wouldn't dream of outright replacing official updates with our micropatches ;)\n\n\n",{"type":877,"marks":1229,"value":1230},[884],"Q: How can you provide a micropatch so quickly compared to original vendors?",{"type":877,"value":1232},"\n\nWhile having a micropatch candidate ready ",{"url":1234,"meta":1235,"type":12,"children":1237},"https://twitter.com/0patch/status/1034577454961176577",[1236],{"id":890,"value":891},[1238],{"type":877,"value":1239},"24 hours after a 0day was dropped",{"type":877,"value":1241}," is quick relative to today's standards of software patching, a couple of things must be considered:\n \n",{"type":950,"style":951,"children":1243},[1244,1250,1256,1262],{"type":954,"children":1245},[1246],{"type":880,"children":1247},[1248],{"type":877,"value":1249},"Software vendors know their products much better than we do, and are likely to create a more comprehensive code fix than we can without their knowledge and source code. That takes more time than writing a micropatch.",{"type":954,"children":1251},[1252],{"type":880,"children":1253},[1254],{"type":877,"value":1255},"Software vendors bundle numerous fixes together in a \"fat update\" that replaces entire executables, which requires a lot more testing across the board. We test our micropatches with focused tests targeting only the patched code.",{"type":954,"children":1257},[1258],{"type":880,"children":1259},[1260],{"type":877,"value":1261},"\"Fat updates\" are a huge problem for users and vendors when something goes wrong, which is why software vendors are even more wary of issuing a defective update. Of course a micropatch also can be flawed, but it can be revoked remotely and instantly replaced with a corrected version without users ever noticing anything. That said, we will always have \"fat updates\" for substantial functional changes, we're just arguing that we may not need them this frequently because most vulnerabilities could be patched with micropatches. ",{"type":954,"children":1263},[1264],{"type":880,"children":1265},[1266,1268,1272,1273,1276,1277,1280,1281,1284],{"type":877,"value":1267},"Software vendors must issue patches for all supported versions, and extensively test all of them. We currently only have this micropatch for ",{"type":877,"marks":1269,"value":1271},[1270],"strikethrough","two",{"type":877,"value":1183},{"type":877,"marks":1274,"value":1275},[1270],"three",{"type":877,"value":1183},{"type":877,"marks":1278,"value":1279},[1270],"four",{"type":877,"value":1183},{"type":877,"marks":1282,"value":1283},[1270],"six",{"type":877,"value":1285}," seven affected Windows versions. Nevertheless, porting to other versions, basic testing and deployment would take us about two hours of effort for each additional version, so that could still be done in one day.    ",{"type":880,"children":1287},[1288,1290,1293,1295,1298,1300,1303,1305,1312,1313,1319],{"type":877,"value":1289},"\nAll that said, comparing our speed with software vendors' must also account for the difference in our deliverables. A micropatch can be quickly created, deployed to all computers in a hour's time and applied without even the slightest disturbance to users. But it must be considered a temporary security measure until the official patch can be applied.\n\n\n",{"type":877,"marks":1291,"value":1292},[884],"Q: What should we do if we encounter problems with Task Scheduler after applying this micropatch?",{"type":877,"value":1294},"\n\nObviously we can't guarantee that our micropatch won't cause some unwanted side effects, e.g., with non-admin users editing existing scheduled tasks under certain circumstances. (Then again, software vendors can't guarantee that either.) The rule of thumb for using 0patch (or any other 3rd party behavior-changing product like antivirus or malware blockers) should be to first disable the agent and see if the problem persists, before contacting the original software vendor for the affected product. If the problem persists, the culprit is unlikely to be the micropatch. If the problem goes away, it's probably us and we'd like to hear from you at ",{"url":1124,"type":12,"children":1296},[1297],{"type":877,"value":1127},{"type":877,"value":1299},".\n\nFortunately, in contrast to standard \"fat update\" patching that software products employ today, 0patch allows you to ",{"type":877,"marks":1301,"value":1302},[884],"instantly revert a patch with a click of a button",{"type":877,"value":1304},".\n\n\n\nCheers!\n\n",{"url":1306,"meta":1307,"type":12,"children":1309},"https://twitter.com/mkolsek",[1308],{"id":890,"value":891},[1310],{"type":877,"value":1311},"@mkolsek",{"type":877,"value":1060},{"url":699,"meta":1314,"type":12,"children":1316},[1315],{"id":890,"value":891},[1317],{"type":877,"value":1318},"@0patch",{"type":877,"value":991},{"alt":720,"url":1321,"width":1322,"height":800,"responsiveImage":1323},"https://www.datocms-assets.com/166020/1755779666-setsecurityfile.png",583,{"srcSet":1324,"webpSrcSet":1325,"sizes":1326,"src":1327,"width":1328,"height":1329,"aspectRatio":1330,"alt":720,"title":720,"bgColor":1331,"base64":808},"https://www.datocms-assets.com/166020/1755779666-setsecurityfile.png?auto=compress&crop=focalpoint&dpr=0.25&fit=crop&w=1440 360w,https://www.datocms-assets.com/166020/1755779666-setsecurityfile.png?auto=compress&crop=focalpoint&fit=crop&w=1440 1440w","https://www.datocms-assets.com/166020/1755779666-setsecurityfile.png?auto=compress&crop=focalpoint&dpr=0.25&fit=crop&fm=webp&w=1440 360w,https://www.datocms-assets.com/166020/1755779666-setsecurityfile.png?auto=compress&crop=focalpoint&fit=crop&fm=webp&w=1440 1440w","(max-width: 1440px) 100vw, 1440px","https://www.datocms-assets.com/166020/1755779666-setsecurityfile.png?auto=compress&crop=focalpoint&fit=crop&w=1440",1440,1581,0.9108159392789373,"#0168d4",1780067954075]