[{"data":1,"prerenderedAt":1111},["ShallowReactive",2],{"I-maWsoucveWH7VpbVdiZ9YJQaZbJd1SsPfUgTAv7BA":3,"i-custom:keyboard-arrow-down":704,"i-custom:check":708,"i-custom:north-east":710,"EphFXgGAciwhrxBbXFrtMnGlTuHr1a9w_OXiNt8HmCo":712},{"_site":4,"allMenuCtas":33,"allMenuItems":43,"allFooterMenuItems":207,"allFooterLinks":259,"allProductCategories":263,"allPlans":277,"allPatchCategories":288,"allCountries":622,"allPartnerCategories":664,"topBar":674,"allSocialLinks":695},{"globalSeo":5,"favicon":8,"faviconMetaTags":10,"locales":31},{"siteName":6,"titleSuffix":7},"0patch"," | 0patch",{"url":9},"https://www.datocms-assets.com/166020/1758709113-0patch_logo.svg",[11,19,23,27],{"tag":12,"attributes":13,"content":18},"link",{"sizes":14,"type":15,"rel":16,"href":17},"16x16","image/svg","icon","https://www.datocms-assets.com/166020/1758709113-0patch_logo.svg?auto=format&h=16&w=16",null,{"tag":12,"attributes":20,"content":18},{"sizes":21,"type":15,"rel":16,"href":22},"32x32","https://www.datocms-assets.com/166020/1758709113-0patch_logo.svg?auto=format&h=32&w=32",{"tag":12,"attributes":24,"content":18},{"sizes":25,"type":15,"rel":16,"href":26},"96x96","https://www.datocms-assets.com/166020/1758709113-0patch_logo.svg?auto=format&h=96&w=96",{"tag":12,"attributes":28,"content":18},{"sizes":29,"type":15,"rel":16,"href":30},"192x192","https://www.datocms-assets.com/166020/1758709113-0patch_logo.svg?auto=format&h=192&w=192",[32],"en",[34],{"id":35,"title":36,"reference":37,"externalLink":40,"variant":41,"publishTranslation":42},"7540649","Buy now",{"_modelApiKey":38,"slug":39},"page","pricing","","primary-green",true,[44,52,59,66,86,92,99,103,109,117,123,130,135,149,155,169,175],{"id":45,"children":46,"externalLink":40,"parent":47,"reference":49,"title":51,"description":40,"publishTranslation":42},"HC0Jv04qRuKuZzHWgfUcNw",[],{"id":48},"IL3SSc5ySpu4strWvTvZ_A",{"_modelApiKey":38,"slug":50},"in-the-media","In the media",{"id":53,"children":54,"externalLink":55,"parent":56,"reference":18,"title":58,"description":40,"publishTranslation":42},"Lf_fG7sJTeyY-YwXgCZM6A",[],"https://dist.0patch.com/download/latestagent",{"id":57},"InIESymQQManhdOiSJWRAA","Download 0patch Agent",{"id":60,"children":61,"externalLink":62,"parent":63,"reference":18,"title":65,"description":40,"publishTranslation":42},"H1wOcewmTj2BFNcm_3S4Pg",[],"https://support.0patch.com/hc/en-us/sections/22259984868242",{"id":64},"SWaM0xVVRG-TtXEDSCe6CA","User Manual",{"id":48,"children":67,"externalLink":40,"parent":83,"reference":18,"title":85,"description":40,"publishTranslation":42},[68,72],{"id":45,"title":51,"description":40,"parent":69,"reference":70,"externalLink":40,"publishTranslation":42,"children":71},{"id":48},{"_modelApiKey":38,"slug":50},[],{"id":73,"title":74,"description":74,"parent":75,"reference":76,"externalLink":40,"publishTranslation":42,"children":82},"GYvRoN-xQrK53JU9hoMC9g","From our blog",{"id":48},{"_modelApiKey":77,"slug":78,"title":79,"createdAt":80,"published":81},"article","micropatches-released-for-windows-storage-elevation-of-privilege-vulnerability-cv","Micropatches released for Windows Storage Elevation of Privilege Vulnerability (CVE-2026-21508)","2026-04-04T11:50:51+02:00","2026-03-31T00:00:00+02:00",[],{"id":84},"136494748","Featured",{"id":87,"children":88,"externalLink":40,"parent":18,"reference":89,"title":91,"description":40,"publishTranslation":42},"7537370",[],{"_modelApiKey":38,"slug":90},"windows10","Windows 10",{"id":93,"children":94,"externalLink":95,"parent":96,"reference":18,"title":97,"description":98,"publishTranslation":42},"KNhSd6vgR2mx15df8jrG1g",[],"https://support.0patch.com/hc/en-us",{"id":57},"Help Center","All sections",{"id":73,"children":100,"externalLink":40,"parent":101,"reference":102,"title":74,"description":74,"publishTranslation":42},[],{"id":48},{"_modelApiKey":77,"slug":78,"createdAt":80,"title":79,"published":81},{"id":104,"children":105,"externalLink":106,"parent":107,"reference":18,"title":108,"description":40,"publishTranslation":42},"YlQq8EI3S3Cjo6bX8KwScg",[],"https://www.0patch.com/files/0patch_End_User_License_Agreement.pdf",{"id":64},"License agreement",{"id":110,"children":111,"externalLink":40,"parent":112,"reference":113,"title":115,"description":116,"publishTranslation":42},"7537375",[],{"id":57},{"_modelApiKey":38,"slug":114},"contact","Contact us","Form demo",{"id":118,"children":119,"externalLink":40,"parent":18,"reference":120,"title":122,"description":40,"publishTranslation":42},"LT3XEcT4ToWK-CGDxHIvxA",[],{"_modelApiKey":38,"slug":121},"patches","Patches",{"id":124,"children":125,"externalLink":40,"parent":126,"reference":127,"title":129,"description":40,"publishTranslation":42},"C_hUUxSzRlWzUZJZiQKLWg",[],{"id":64},{"_modelApiKey":38,"slug":128},"privacy","Privacy policy",{"id":131,"children":132,"externalLink":40,"parent":18,"reference":133,"title":134,"description":40,"publishTranslation":42},"M7H9KVRYQbWzdi5przLT7w",[],{"_modelApiKey":38,"slug":39},"Pricing",{"id":57,"children":136,"externalLink":40,"parent":147,"reference":18,"title":148,"description":40,"publishTranslation":42},[137,140,143],{"id":53,"title":58,"description":40,"parent":138,"reference":18,"externalLink":55,"publishTranslation":42,"children":139},{"id":57},[],{"id":93,"title":97,"description":98,"parent":141,"reference":18,"externalLink":95,"publishTranslation":42,"children":142},{"id":57},[],{"id":110,"title":115,"description":116,"parent":144,"reference":145,"externalLink":40,"publishTranslation":42,"children":146},{"id":57},{"_modelApiKey":38,"slug":114},[],{"id":84},"Support",{"id":150,"children":151,"externalLink":40,"parent":18,"reference":152,"title":154,"description":40,"publishTranslation":42},"7540650",[],{"_modelApiKey":38,"slug":153},"blog","Blog",{"id":64,"children":156,"externalLink":40,"parent":167,"reference":18,"title":168,"description":40,"publishTranslation":42},[157,160,163],{"id":60,"title":65,"description":40,"parent":158,"reference":18,"externalLink":62,"publishTranslation":42,"children":159},{"id":64},[],{"id":104,"title":108,"description":40,"parent":161,"reference":18,"externalLink":106,"publishTranslation":42,"children":162},{"id":64},[],{"id":124,"title":129,"description":40,"parent":164,"reference":165,"externalLink":40,"publishTranslation":42,"children":166},{"id":64},{"_modelApiKey":38,"slug":128},[],{"id":84},"Documents",{"id":170,"children":171,"externalLink":40,"parent":18,"reference":172,"title":174,"description":40,"publishTranslation":42},"SH5u-VrlQeKwYFXpbtstHw",[],{"_modelApiKey":38,"slug":173},"partners","Partners",{"id":84,"children":176,"externalLink":40,"parent":18,"reference":18,"title":206,"description":40,"publishTranslation":42},[177,186,196],{"id":48,"title":85,"description":40,"parent":178,"reference":18,"externalLink":40,"publishTranslation":42,"children":179},{"id":84},[180,183],{"id":45,"title":51,"description":40,"parent":181,"reference":182,"externalLink":40,"publishTranslation":42},{"id":48},{"_modelApiKey":38,"slug":50},{"id":73,"title":74,"description":74,"parent":184,"reference":185,"externalLink":40,"publishTranslation":42},{"id":48},{"_modelApiKey":77,"slug":78,"createdAt":80,"title":79,"published":81},{"id":57,"title":148,"description":40,"parent":187,"reference":18,"externalLink":40,"publishTranslation":42,"children":188},{"id":84},[189,191,193],{"id":53,"title":58,"description":40,"parent":190,"reference":18,"externalLink":55,"publishTranslation":42},{"id":57},{"id":93,"title":97,"description":98,"parent":192,"reference":18,"externalLink":95,"publishTranslation":42},{"id":57},{"id":110,"title":115,"description":116,"parent":194,"reference":195,"externalLink":40,"publishTranslation":42},{"id":57},{"_modelApiKey":38,"slug":114},{"id":64,"title":168,"description":40,"parent":197,"reference":18,"externalLink":40,"publishTranslation":42,"children":198},{"id":84},[199,201,203],{"id":60,"title":65,"description":40,"parent":200,"reference":18,"externalLink":62,"publishTranslation":42},{"id":64},{"id":104,"title":108,"description":40,"parent":202,"reference":18,"externalLink":106,"publishTranslation":42},{"id":64},{"id":124,"title":129,"description":40,"parent":204,"reference":205,"externalLink":40,"publishTranslation":42},{"id":64},{"_modelApiKey":38,"slug":128},"Resources",[208,214,218,222,226,231,235,239,244,249,254],{"id":209,"column":210,"children":211,"externalLink":40,"parent":18,"reference":212,"title":122,"description":40,"publishTranslation":42},"Z7v-uM0cTOOBdk-s10IiJA",1,[],{"__typename":213,"_modelApiKey":38,"slug":121},"PageRecord",{"id":215,"column":210,"children":216,"externalLink":40,"parent":18,"reference":217,"title":134,"description":40,"publishTranslation":42},"Yr6Go03oTdSCq8pxdWdUsg",[],{"__typename":213,"_modelApiKey":38,"slug":39},{"id":219,"column":210,"children":220,"externalLink":40,"parent":18,"reference":221,"title":174,"description":40,"publishTranslation":42},"Ds1JBCIHQQKM3pJdA6ywFA",[],{"__typename":213,"_modelApiKey":38,"slug":173},{"id":223,"column":210,"children":224,"externalLink":40,"parent":18,"reference":225,"title":115,"description":40,"publishTranslation":42},"d9N0wsZhQsm7WLVqkmUWVQ",[],{"__typename":213,"_modelApiKey":38,"slug":114},{"id":227,"column":228,"children":229,"externalLink":40,"parent":18,"reference":230,"title":154,"description":40,"publishTranslation":42},"O9Oqpya5TZafs7o4l_8Nvg",2,[],{"__typename":213,"_modelApiKey":38,"slug":153},{"id":232,"column":228,"children":233,"externalLink":40,"parent":18,"reference":234,"title":51,"description":40,"publishTranslation":42},"QbA-8ChQT-eVxrfVlZzKaA",[],{"__typename":213,"_modelApiKey":38,"slug":50},{"id":236,"column":228,"children":237,"externalLink":95,"parent":18,"reference":18,"title":238,"description":40,"publishTranslation":42},"GcPu0RJNQu2cmfpL_Us1Lg",[],"Help center ",{"id":240,"column":228,"children":241,"externalLink":242,"parent":18,"reference":18,"title":243,"description":40,"publishTranslation":42},"NwREnz0XTvOJ93OHko_7xw",[],"https://status.0patch.com/","Status page",{"id":245,"column":228,"children":246,"externalLink":40,"parent":18,"reference":247,"title":248,"description":40,"publishTranslation":42},"UPh4X1tXRt24AhzNHaztFg",[],{"__typename":213,"_modelApiKey":38,"slug":114},"Write to support",{"id":250,"column":228,"children":251,"externalLink":252,"parent":18,"reference":18,"title":253,"description":40,"publishTranslation":42},"bUWsPw9eRvG4Ycl7j0yONg",[],"mailto:security@0patch.com","Report a security issue",{"id":255,"column":228,"children":256,"externalLink":257,"parent":18,"reference":18,"title":258,"description":40,"publishTranslation":42},"eB66OgJwSXSF0UWkhz1snQ",[],"https://www.0patch.com/files/0patch.asc","PGP KEY",[260],{"externalLink":40,"reference":261,"title":262,"publishTranslation":42},{"_modelApiKey":38,"slug":128},"Privacy",[264,269,273],{"__typename":265,"id":266,"name":267,"slug":268},"ProductCategoryRecord","Am0QLeVvQCuP42oCnhKABQ","Office","office",{"__typename":265,"id":270,"name":271,"slug":272},"VFAYSlgkRneu1oHcTKcpwQ","Server","server",{"__typename":265,"id":274,"name":275,"slug":276},"UNiVGxy_QViVXTpaSLXZlQ","Windows","windows",[278,282,285],{"__typename":279,"id":280,"title":281},"PlanRecord","T-QQY6XRSjeGbmXIK5kNCw","Free",{"__typename":279,"id":283,"title":284},"TOtXWfDyTjyO3H3OW_HRtQ","Professional",{"__typename":279,"id":286,"title":287},"KJjNQcHiRVa_mZqx_GtIrg","Enterprise",[289,423,520,561,605],{"__typename":290,"_allReferencingPatchesMeta":291,"_allReferencingPatches":293,"_modelApiKey":418,"name":419,"id":420,"slug":421,"icon":18,"supportDate":422},"PatchCategoryRecord",{"count":292},19,[294,302,310,317,325,333,340,346,352,358,364,370,376,382,388,394,400,406,412],{"id":295,"title":296,"description":297,"plans":298},"CHBzDqmWSkiUggiwCycMKQ","0day patches","\u003Cp>Patches for vulnerabilities the original vendor has not yet patched - both for legacy products and products that are still under official vendor support\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?type=0day\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our 0day patches\u003C/a>\u003C/strong>\u003C/p>",[299,300,301],{"id":280,"title":281},{"id":283,"title":284},{"id":286,"title":287},{"id":303,"title":304,"description":305,"plans":306},"W1zipVenRuaCpMLlbChNkg","Free patches","\u003Cp>Patches for \"0day\" vulnerabilities are generally free until the vendor has provided an official fix\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?plan=free\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our free patches\u003C/a>\u003C/strong>\u003C/p>",[307,308,309],{"id":280,"title":281},{"id":283,"title":284},{"id":286,"title":287},{"id":311,"title":312,"description":313,"plans":314},"JMf6o8nLRh2YNbSjeoWSbg","All patches","\u003Cp>All our patches we have ever issued, or will ever issue, including 0day and legacy patches\u003C/p>",[315,316],{"id":283,"title":284},{"id":286,"title":287},{"id":318,"title":319,"description":320,"plans":321},"N2SosqbOST-U5Q3FTqKT-g","Multi factor authentication (MFA)","\u003Cp>Require one-time code from an authenticator app when accessing 0patch Central\u003C/p>",[322,323,324],{"id":280,"title":281},{"id":283,"title":284},{"id":286,"title":287},{"id":326,"title":327,"description":328,"plans":329},"Aurt0TQWT3qrx--H6Bvtnw","0patch console - local management","\u003Cp>0patch Agent is managed locally using 0patch Console application\u003C/p>",[330,331,332],{"id":280,"title":281},{"id":283,"title":284},{"id":286,"title":287},{"id":334,"title":335,"description":336,"plans":337},"dvNfP_7ZQ6uyUtJO3ADbJQ","Standard email support","\u003Cp>Email support with 24-hour response time\u003C/p>",[338,339],{"id":283,"title":284},{"id":286,"title":287},{"id":341,"title":342,"description":343,"plans":344},"DRZtt1FJQ2OW742_5ZdcOQ","Central management","\u003Cp>Centrally manage and monitor all your 0patch Agents from web-based 0patch Central\u003C/p>",[345],{"id":286,"title":287},{"id":347,"title":348,"description":349,"plans":350},"C7j04lkDSSmPT2ikq9grug","IP address allow-listing","\u003Cp>Restricting access to 0patch Central so only users connecting from approved IP addresses can use it\u003C/p>",[351],{"id":286,"title":287},{"id":353,"title":354,"description":355,"plans":356},"aLo8Rj7YQsufFNozN8C6lw","Unattended agent installation","\u003Cp>Deploy 0patch Agent remotely without user interaction\u003C/p>",[357],{"id":286,"title":287},{"id":359,"title":360,"description":361,"plans":362},"dJECbsVMSGm7_ObPWiWSDQ","Agent auto-registration","\u003Cp>0patch Agent can automatically register itself to your 0patch account\u003C/p>",[363],{"id":286,"title":287},{"id":365,"title":366,"description":367,"plans":368},"WHM0-Mj0Sr2WZ1LwhTI9Dw","Silent run","\u003Cp>0patch Agent operates entirely in the background without showing notifications or prompts to the user\u003C/p>",[369],{"id":286,"title":287},{"id":371,"title":372,"description":373,"plans":374},"Zjk5YWqcS2al2C2OTEH82w","Patching policies","\u003Cp>Select which patches are enabled for which groups of computers, and whether newly issued patches are initially enabled or disabled\u003C/p>",[375],{"id":286,"title":287},{"id":377,"title":378,"description":379,"plans":380},"DXTTXN2ITtmy-Bclo1_iKQ","Computer groups","\u003Cp>Organize your computers in groups to simplify management and apply different policies to different sets of computers\u003C/p>",[381],{"id":286,"title":287},{"id":383,"title":384,"description":385,"plans":386},"Vna1HyM9Q4-kwJshD0-4Ag","Multi user support","\u003Cp>Add any number of users to 0patch Central\u003C/p>",[387],{"id":286,"title":287},{"id":389,"title":390,"description":391,"plans":392},"MZheRUWKRHuS_M3sPAvxWw","User roles","\u003Cp>Assign different roles to 0patch Central users to limit their access\u003C/p>",[393],{"id":286,"title":287},{"id":395,"title":396,"description":397,"plans":398},"em07-dXcQ2Of2IhpZzUeDQ","Mandatory MFA","\u003Cp>Administrator can make multi factor authentication mandatory for all 0patch Central users\u003C/p>",[399],{"id":286,"title":287},{"id":401,"title":402,"description":403,"plans":404},"DJ9WqVROQWiRnUxDr8ckeQ","SAML single sign-on","\u003Cp>Login to 0patch Central through your identity provider using the SAML protocol\u003C/p>",[405],{"id":286,"title":287},{"id":407,"title":408,"description":409,"plans":410},"c73GoxWmTXS5muxHXFl3HA","SCIM provisioning","\u003Cp>Manage 0patch Central users with your identity provider using SCIM protocol\u003C/p>",[411],{"id":286,"title":287},{"id":413,"title":414,"description":415,"plans":416},"QM6mK9qtTBe5OtMWfVnvvg","Professional services","\u003Cp>Custom patches and additional professional services are available to large customers\u003C/p>",[417],{"id":286,"title":287},"patch_category","Features","T2nlr7wWS3eNfLE8hfA1ew","features","2025-12-05",{"__typename":290,"_allReferencingPatchesMeta":424,"_allReferencingPatches":426,"_modelApiKey":418,"name":504,"id":505,"slug":506,"icon":507,"supportDate":519},{"count":425},11,[427,434,441,448,455,462,469,476,483,490,497],{"id":428,"title":429,"description":430,"plans":431},"Wn-S2pccQbKHM4Qi_CFf0Q","Windows 11 22H2 patches","\u003Cp>Windows 11 22H2 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+11\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 11 patches\u003C/a>\u003C/strong>\u003C/p>",[432,433],{"id":283,"title":284},{"id":286,"title":287},{"id":435,"title":436,"description":437,"plans":438},"KLIOm9vRTpWNef0hEYPZRw","Windows 11 21H2 patches","\u003Cp>Windows 11 21H2 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+11\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 11 patches\u003C/a>\u003C/strong>\u003C/p>",[439,440],{"id":283,"title":284},{"id":286,"title":287},{"id":442,"title":443,"description":444,"plans":445},"Z-_sUVTSRcyneegSkg6tEg","Windows 10 22H2 post-EOS patches","\u003Cp>Windows 10 22H2 post-end-of-support patches, for computers without Extended Security Updates (ESU), or computers with any full year of ESU updates installed\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[446,447],{"id":283,"title":284},{"id":286,"title":287},{"id":449,"title":450,"description":451,"plans":452},"OG3314TtS_mGEWsQ7I7rVg","Windows 10 21H2 patches","\u003Cp>Windows 10 21H2 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[453,454],{"id":283,"title":284},{"id":286,"title":287},{"id":456,"title":457,"description":458,"plans":459},"d-2ES_YuR7C4QuSmcXgi0Q","Windows 10 21H1 patches","\u003Cp>Windows 10 21H1 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[460,461],{"id":283,"title":284},{"id":286,"title":287},{"id":463,"title":464,"description":465,"plans":466},"R-A6Aep1TCCVLYwFbfK3Sw","Windows 10 20H2 patches","\u003Cp>Windows 10 20H2 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[467,468],{"id":283,"title":284},{"id":286,"title":287},{"id":470,"title":471,"description":472,"plans":473},"Dg4FaK9fS8KTa1o3Qhor6w","Windows 10 2004 patches","\u003Cp>Windows 10 2004 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[474,475],{"id":286,"title":287},{"id":283,"title":284},{"id":477,"title":478,"description":479,"plans":480},"MJlLPyxqTcy9ys2UaZYNKQ","Windows 10 v1909 patches","\u003Cp>Windows 10 1909 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[481,482],{"id":283,"title":284},{"id":286,"title":287},{"id":484,"title":485,"description":486,"plans":487},"GscjCa1TQOe5p5Or7g2qyw","Windows 10 v1809 patches","\u003Cp>Windows 10 1809 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[488,489],{"id":283,"title":284},{"id":286,"title":287},{"id":491,"title":492,"description":493,"plans":494},"OeQ8xMmJTmadIiPcKYkhvw","Windows 10 v1803 patches","\u003Cp>Windows 10 1803 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[495,496],{"id":283,"title":284},{"id":286,"title":287},{"id":498,"title":499,"description":500,"plans":501},"Obe8z8snRYGoLT6BZyzhZw","Windows 7 post-EOS and post-ESU patches","\u003Cp>Windows 7 post-end-of-support patches, for computers without Extended Security Updates (ESU), or computers with any full year of ESU updates installed\u003C/p>",[502,503],{"id":283,"title":284},{"id":286,"title":287},"Windows Patches","DXze3dvpTu-HF132vKjSug","microsoft-windows-xp",{"alt":508,"url":509,"width":510,"height":510,"responsiveImage":511},"Windows 11 logo","https://www.datocms-assets.com/166020/1764600963-win11.png",300,{"srcSet":512,"webpSrcSet":513,"sizes":514,"src":515,"width":516,"height":516,"aspectRatio":210,"alt":508,"title":18,"bgColor":517,"base64":518},"https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&fit=crop&h=40 40w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&h=40 60w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&h=40 80w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&h=40 120w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&h=40 160w","https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&fit=crop&fm=webp&h=40 40w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&fm=webp&h=40 60w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&fm=webp&h=40 80w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&fm=webp&h=40 120w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&fm=webp&h=40 160w","(max-width: 40px) 100vw, 40px","https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&fit=crop&h=40",40,"#0278cf","data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAYCAMAAADXqc3KAAAA51BMVEUAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtG9HcQcAAAATXRSTlMAAQIDBAUGBwkKCwwNDg8QERITFBUWFxgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY4OTo7PD0+P0BBQkNERUZHSEpLTE1OTwjw0A0AAAEqSURBVHjapZHbbsMgDIZNcMwhm7ZW097/+XrTToNwSGKPkraqtN3NCAn/H8LmN4L2LxbyOcMer0cHJcYF9UhEwHQH10yWBdAa7y0MJW5dN9NkQQsgTuS9UUMNoQM/eQcaGiBjRlJMpgNljWlPrSugiABc9yOkpSKYeBhYlZR2MSUjUtJc8EKlWpXP8379QpAhxVCRc56tSvdu4VSt5NhqtHPOTxXgonpBhF+xN/IHgP8AlO1ZYu5AO08ynx/ym+UUm7sf1MF4uumfhwZCKHgg70YZuXx1cDi+W3ZEBR0Zi7wZs4/JOmdEbaxRuC3hXrA7ezW/BaZNwco57SYuuWQlpdaK37SuxPH75m4IxJBjLBjrxpVjuHWbYptHnts8Kg+at1Lv/6hVt12XH8K5sGlN/hfaAAAAAElFTkSuQmCC","2025-06-25",{"__typename":290,"_allReferencingPatchesMeta":521,"_allReferencingPatches":523,"_modelApiKey":418,"name":545,"id":546,"slug":547,"icon":548,"supportDate":519},{"count":522},3,[524,531,538],{"id":525,"title":526,"description":527,"plans":528},"DMZZcGMvQfaRElACxvHXyA","Windows Server 2012 R2 post-EOS patches","\u003Cp>Windows Server 2012 R2 post-end-of-support patches, for computers without Extended Security Updates (ESU), or computers with any full year of ESU updates installed\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+Server+2012+R2\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows Server 2012 R2 patches\u003C/a>\u003C/strong>\u003C/p>",[529,530],{"id":283,"title":284},{"id":286,"title":287},{"id":532,"title":533,"description":534,"plans":535},"ZaeezXKkT3KGln5CQ4NH9w","Windows Server 2012 post-EOS patches","\u003Cp>Windows Server 2012 post-end-of-support patches, for computers without Extended Security Updates (ESU), or computers with any full year of ESU updates installed\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+Server+2012\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows Server 2012 patches\u003C/a>\u003C/strong>\u003C/p>",[536,537],{"id":283,"title":284},{"id":286,"title":287},{"id":539,"title":540,"description":541,"plans":542},"RYxw9xwXR3-OWnsdr8dFEg","Windows Server 2008 R2 post-EOS and post-ESU patches","\u003Cp>Windows Server 2008 R2 post-end-of-support patches, for computers without Extended Security Updates (ESU), or computers with any full year of ESU updates installed\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+Server+2008+R2\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows Server 2008 R2 patches\u003C/a>\u003C/strong>\u003C/p>",[543,544],{"id":283,"title":284},{"id":286,"title":287},"Windows Server Patches","J7WLPCrKS7i7B8sAyJpKWg","microsoft-windows-vista",{"alt":549,"url":550,"width":551,"height":510,"responsiveImage":552},"Windows Server 2012-2022 logo","https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png",296,{"srcSet":553,"webpSrcSet":554,"sizes":555,"src":556,"width":557,"height":516,"aspectRatio":558,"alt":549,"title":18,"bgColor":559,"base64":560},"https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&fit=crop&h=40 39w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&h=40 58w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&h=40 78w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&h=40 117w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&h=40 156w","https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&fit=crop&fm=webp&h=40 39w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&fm=webp&h=40 58w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&fm=webp&h=40 78w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&fm=webp&h=40 117w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&fm=webp&h=40 156w","(max-width: 39px) 100vw, 39px","https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&fit=crop&h=40",39,0.975,"#0b1f8e","data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABcAAAAYCAMAAAAmopZHAAABRFBMVEUAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIis0k1eAAAAbHRSTlMAAQIDBAUGBwgJCgsMDQ4PEBESExQVFhgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj9AQUJDREVGR0hJSkxNTk9QUVRVVldYWVpbXF1fYWJjZGVmZ2lqa2xtbnBzdHY8yRY6AAABF0lEQVR42o2STU/EIBCGmWEodGm77sWj//+PeVAvRrNAYYY63cREs42R45PJ+xXIHD/6L0eU7Y7DZR4tl5QqGQQ0XXbql4fLHCyv11zpCRCMMIux43w5R4+yTqXSGQA24cadwuidG5C7iCG58dZaZ0ODs13vi+q8AxjltQr6VPKsOjkpf73Z9t23fn5+xICcs3L+mTOlkwcu9b5XKiCHfdXugNs4qE5WvoBFs+dRGmKMA7aSSqNHRAudWxXjwjTt92vSvguSxW0fAtw4ncYB+pprow6b0YkACIfRhxNBt+gqvVnnSKv1ze5DVIOdpQo9q7ezuoUhPy3LNFjhovoag787v8TzHEhqLvw7//VqAvXKB33L3//hC+5Cl3o2W4MJAAAAAElFTkSuQmCC",{"__typename":290,"_allReferencingPatchesMeta":562,"_allReferencingPatches":564,"_modelApiKey":418,"name":593,"id":594,"slug":595,"icon":596,"supportDate":519},{"count":563},4,[565,572,579,586],{"id":566,"title":567,"description":568,"plans":569},"axmNaLDGSs2BLTpJNU-fuQ","Microsoft Office 2019 post-EOS patches","\u003Cp>Microsoft Office 2019 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Office+2019\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Microsoft Office 2019 patches\u003C/a>\u003C/strong>\u003C/p>",[570,571],{"id":283,"title":284},{"id":286,"title":287},{"id":573,"title":574,"description":575,"plans":576},"MkFk40IJQhCcXnIO2ZDd4Q","Microsoft Office 2016 post-EOS patches","\u003Cp>Microsoft Office 2016 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Office+2016\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Microsoft Office 2016 patches\u003C/a>\u003C/strong>\u003C/p>",[577,578],{"id":283,"title":284},{"id":286,"title":287},{"id":580,"title":581,"description":582,"plans":583},"FFqWfGxfQF2q0uyjyRjVWg","Microsoft Office 2013 post-EOS patches","\u003Cp>Microsoft Office 2013 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Office+2013\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Microsoft Office 2013 patches\u003C/a>\u003C/strong>\u003C/p>",[584,585],{"id":283,"title":284},{"id":286,"title":287},{"id":587,"title":588,"description":589,"plans":590},"XFYgrsOyRpeuEXk29M4z9g","Microsoft Office 2010 post-EOS patches","\u003Cp>Microsoft Office 2010 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Office+2010\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Microsoft Office 2010 patches\u003C/a>\u003C/strong>\u003C/p>",[591,592],{"id":283,"title":284},{"id":286,"title":287},"Microsoft Office Patches","VH2unwR4RjycDA1o_6eSFw","microsoft-windows-7",{"alt":597,"url":598,"width":510,"height":510,"responsiveImage":599},"Microsoft Office logo","https://www.datocms-assets.com/166020/1764600963-office2013_2019.png",{"srcSet":600,"webpSrcSet":601,"sizes":514,"src":602,"width":516,"height":516,"aspectRatio":210,"alt":597,"title":18,"bgColor":603,"base64":604},"https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&fit=crop&h=40 40w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&h=40 60w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&h=40 80w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&h=40 120w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&h=40 160w","https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&fit=crop&fm=webp&h=40 40w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&fm=webp&h=40 60w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&fm=webp&h=40 80w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&fm=webp&h=40 120w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&fm=webp&h=40 160w","https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&fit=crop&h=40","#eb3c00","data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAYCAMAAADXqc3KAAABSlBMVEXqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPAAMDLSTAAAAbnRSTlMAAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eHyAiIyQlJicoKSorLS4vMTIzNDU2Nzk6Ozw9P0BBQkNERkpMTU5PUFFSVVZXWVpbXF1eX2BhYmNkZmdoaWpsbW5vcHFzdXZ4fH5/gIKDhBdTJiUAAAERSURBVHjabdE5doQwDAZgSV6AwMsU06TN/e+TM6SfyeBNUsALTeKGhz7wL8sWzoU21yd8fN6Xn++vAGDruzcdyFhjrBuAK0mo4Kz3PL89OrxvyA0s+Un9Cg38bZPUtrLOmXleUSvctrk4W1obZHVZtscJ0zo5Ral1FsAjfG7gDCo3iLmIknU1w4BybtnwyqmAaAsXzhhfDZ4hMjJrhVwy7B1iiIWycIPktO90flWIz8ATctY8QERQtQEUVh6ARIjQT86Mow7OGDqsg+IQcs4CjT8KXzB7Rwraujo6Qe3g7TEF4dTHHmGEGwKVFF4ddkhXu8yxjqFd7T7qzDmG9LzgWqWkuO//QS4xhf0viDJzvctfA1KXpEpvxgMAAAAASUVORK5CYII=",{"__typename":290,"_allReferencingPatchesMeta":606,"_allReferencingPatches":607,"_modelApiKey":418,"name":614,"id":615,"slug":616,"icon":617,"supportDate":519},{"count":210},[608],{"id":609,"title":610,"description":611,"plans":612},"OuJP-mYgRRi-wc8RTcRbUg","Other products patches","\u003Cp>We occasionally patch other Windows products, for instance when a critical vulnerability becomes known and the vendor does not provide an official patch in a timely manner\u003C/p>",[613],{"id":283,"title":284},"Other","BrWA-hAsQYSROgTvF-1ecA","microsoft-windows-11",{"alt":618,"url":619,"width":620,"height":621,"responsiveImage":18},"Windows 7","https://www.datocms-assets.com/166020/1754390080-layer1.svg",44,38,[623,628,632,636,640,644,648,652,656,660],{"__typename":624,"id":625,"name":626,"slug":627},"CountryRecord","WYcngTKjTLSCPKXF1CGc3Q","Germany","germany",{"__typename":624,"id":629,"name":630,"slug":631},"W7K_V8xIQ4esd1pdctvLRg","Switzerland","switzerland",{"__typename":624,"id":633,"name":634,"slug":635},"YCAHqeAMSp2PAVyP3KGV4w","International","international",{"__typename":624,"id":637,"name":638,"slug":639},"IKNwlfjMQXOfKhtUID30BQ","Singapore","singapore",{"__typename":624,"id":641,"name":642,"slug":643},"UzXo_gH5Te-UnOfNwdsfWQ","Netherlands","netherlands",{"__typename":624,"id":645,"name":646,"slug":647},"JKw7Q4wpQ8eGJjvHXwfSAA","Spain","spain",{"__typename":624,"id":649,"name":650,"slug":651},"RZbGpAInTEivnMxZzdTzwg","Poland","poland",{"__typename":624,"id":653,"name":654,"slug":655},"NwnHmUQ6RIK_OV9865XH3Q","Australia","australia",{"__typename":624,"id":657,"name":658,"slug":659},"HfVwBnHDSfCassEtkYx9lQ","United Kingdom","united-kingdom",{"__typename":624,"id":661,"name":662,"slug":663},"UUYGwDAYR4qLZM5UmDcmVA","USA","usa",[665,670],{"__typename":666,"id":667,"name":668,"slug":669},"PartnerCategoryRecord","dQoYak16SOaHi1odGdVqmQ","MSPs & SOCs","msps-socs",{"__typename":666,"id":671,"name":672,"slug":673},"REE7lMU8RzC9jabDARcxYQ","Resellers & Distributors","resellers-distributors",{"id":675,"_modelApiKey":676,"__typename":677,"text":678,"link":679,"menuLinks":687},"WnQYb8xeS2irpBJ41pdDRA","top_bar","TopBarRecord","Micropatches released for Windows Netlogon Remote Code Execution Vulnerability (CVE-2026-41089)",[680],{"externalLink":40,"id":681,"recordLink":682,"variant":12,"icon":685,"title":686},"K2tgUizORgyofhnuTJ36dA",{"__typename":683,"_modelApiKey":77,"slug":684},"ArticleRecord","micropatches-released-for-windows-netlogon-remote-code-execution-vulnerability-cv",false,"Learn more",[688,691],{"id":689,"primary":685,"externalLink":95,"parent":18,"reference":18,"title":690,"description":40,"publishTranslation":42},"B1pEweRaRD2YBkP6aH1CfA","Help center",{"id":692,"primary":42,"externalLink":693,"parent":18,"reference":18,"title":694,"description":40,"publishTranslation":42},"Mk0Yz-yqTk2akShgf7ARNg","https://central.0patch.com/","Sign in",[696,700],{"id":697,"title":698,"url":699},"NDrk5d4kQ96J2aCuTr-gvg","0patch on X","https://twitter.com/0patch",{"id":701,"title":702,"url":703},"GqN4lYxyTMyzcmRllVY4mg","Linked In","https://linkedin.com/company/0patch",{"left":705,"top":705,"width":706,"height":706,"rotate":705,"vFlip":685,"hFlip":685,"body":707},0,24,"\u003Cg fill=\"none\">\u003Cpath d=\"M11.9999 15.0539L6.34619 9.40013L7.39994 8.34637L11.9999 12.9464L16.5999 8.34637L17.6537 9.40013L11.9999 15.0539Z\" fill=\"currentColor\"/>\u003C/g>",{"left":705,"top":705,"width":706,"height":706,"rotate":705,"vFlip":685,"hFlip":685,"body":709},"\u003Cg fill=\"none\">\u003Cpath d=\"M9.5501 18.0001L3.8501 12.3001L5.2751 10.8751L9.5501 15.1501L18.7251 5.9751L20.1501 7.4001L9.5501 18.0001Z\" fill=\"currentColor\"/>\u003C/g>",{"left":705,"top":705,"width":706,"height":706,"rotate":705,"vFlip":685,"hFlip":685,"body":711},"\u003Cg fill=\"none\">\u003Cpath d=\"M5.55375 19.5001L4.5 18.4464L15.9462 7.00012H9V5.50012H18.5V15.0001H17V8.05387L5.55375 19.5001Z\" fill=\"currentColor\"/>\u003C/g>",{"article":713},{"_firstPublishedAt":714,"_publishedAt":715,"_updatedAt":715,"_seoMetaTags":716,"_allSlugLocales":782,"_allPublishTranslationLocales":785,"published":787,"__typename":683,"_modelApiKey":77,"author":788,"createdAt":714,"id":789,"excerpt":40,"body":790,"image":1098,"readTime":40,"title":719,"slug":784,"publishTranslation":42,"seoMetadata":18},"2025-08-21T14:33:01+02:00","2025-09-09T15:05:29+02:00",[717,720,724,727,731,734,737,741,745,749,752,755,758,761,764,767,771,774,778],{"tag":718,"attributes":18,"content":719},"title","Micropatching \"ms-officecmd\" Remote Code Execution (CVE-2021-43905)",{"tag":721,"attributes":722,"content":18},"meta",{"property":723,"content":719},"og:title",{"tag":721,"attributes":725,"content":18},{"name":726,"content":719},"twitter:title",{"tag":721,"attributes":728,"content":18},{"name":729,"content":730},"description","This is a 0patch website.",{"tag":721,"attributes":732,"content":18},{"property":733,"content":730},"og:description",{"tag":721,"attributes":735,"content":18},{"name":736,"content":730},"twitter:description",{"tag":721,"attributes":738,"content":18},{"property":739,"content":740},"og:image","https://www.datocms-assets.com/166020/1755779574-avvxsegpjduzwk5qss-ktdvpua1ikn0jzencrzkf4qms9a7toayc_aaz6a3wacxg0httzu-cx9we6k-i7qj6alr5ezgkwagealdzkauzuq6izw0afoipm7uocevvebwqrmgn0or0lhfss7fihk6z-m18z9br6t1zsqpjyqxadeuspzndcleuwm_vqookvi6_vw-w640-h320.png?auto=format&fit=max&w=1200",{"tag":721,"attributes":742,"content":18},{"property":743,"content":744},"og:image:width","640",{"tag":721,"attributes":746,"content":18},{"property":747,"content":748},"og:image:height","320",{"tag":721,"attributes":750,"content":18},{"property":751,"content":719},"og:image:alt",{"tag":721,"attributes":753,"content":18},{"name":754,"content":740},"twitter:image",{"tag":721,"attributes":756,"content":18},{"name":757,"content":719},"twitter:image:alt",{"tag":721,"attributes":759,"content":18},{"property":760,"content":32},"og:locale",{"tag":721,"attributes":762,"content":18},{"property":763,"content":77},"og:type",{"tag":721,"attributes":765,"content":18},{"property":766,"content":6},"og:site_name",{"tag":721,"attributes":768,"content":18},{"property":769,"content":770},"article:modified_time","2025-09-09T13:05:29Z",{"tag":721,"attributes":772,"content":18},{"property":773,"content":40},"article:publisher",{"tag":721,"attributes":775,"content":18},{"name":776,"content":777},"twitter:card","summary",{"tag":721,"attributes":779,"content":18},{"name":780,"content":781},"robots","noindex",[783],{"value":784,"locale":32},"micropatching-ms-officecmd-remote-code",[786],{"value":42,"locale":32},"2021-12-23T17:25:00+01:00","Mitja Kolsek","NO6u1_ajQA2Y-4dTrURs_g",{"blocks":791,"links":820,"value":821},[792,808],{"id":793,"_modelApiKey":794,"__typename":795,"image":796},"K0VYJ7yxQPqgo4T6B2nDUQ","image","ImageRecord",{"alt":797,"url":798,"width":799,"height":800,"responsiveImage":801},"No version information for AppBridge.dll","https://www.datocms-assets.com/166020/1757423110-appbridge-dll_no_version.png",405,509,{"srcSet":802,"webpSrcSet":803,"sizes":804,"src":798,"width":799,"height":800,"aspectRatio":805,"alt":797,"title":797,"bgColor":806,"base64":807},"https://www.datocms-assets.com/166020/1757423110-appbridge-dll_no_version.png?dpr=0.25 101w,https://www.datocms-assets.com/166020/1757423110-appbridge-dll_no_version.png?dpr=0.5 202w,https://www.datocms-assets.com/166020/1757423110-appbridge-dll_no_version.png?dpr=0.75 303w,https://www.datocms-assets.com/166020/1757423110-appbridge-dll_no_version.png 405w","https://www.datocms-assets.com/166020/1757423110-appbridge-dll_no_version.png?dpr=0.25&fm=webp 101w,https://www.datocms-assets.com/166020/1757423110-appbridge-dll_no_version.png?dpr=0.5&fm=webp 202w,https://www.datocms-assets.com/166020/1757423110-appbridge-dll_no_version.png?dpr=0.75&fm=webp 303w,https://www.datocms-assets.com/166020/1757423110-appbridge-dll_no_version.png?fm=webp 405w","(max-width: 405px) 100vw, 405px",0.7956777996070727,"#f21c24","data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAoHBwgHBgoICAgFCgoFBQwFBQUFBREJCgUMFxMZGBYTFhUaHysjGh0oHRUWJDUlKC0vMjIyGSI4PTcwPCsxMi8BCgsLBQUFEAUFEC8cFhwvLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL//AABEIABgAEwMBIgACEQEDEQH/xAAVAAEBAAAAAAAAAAAAAAAAAAAAB//EABQQAQAAAAAAAAAAAAAAAAAAAAD/xAAVAQEBAAAAAAAAAAAAAAAAAAAAAv/EABQRAQAAAAAAAAAAAAAAAAAAAAD/2gAMAwEAAhEDEQA/AK+AlQAAAAAD/9k=",{"id":809,"_modelApiKey":810,"__typename":811,"video":812},"YjmQnfIUTxSW8c8nNMwHOw","video_external","VideoExternalRecord",{"url":813,"title":814,"thumbnailUrl":815,"height":816,"provider":817,"providerUid":818,"width":819},"https://www.youtube.com/watch?v=d4tgIjkhitU","Micropatching ms-officecmd Remote Code Execution","https://i.ytimg.com/vi/d4tgIjkhitU/hqdefault.jpg",113,"youtube","d4tgIjkhitU",200,[],{"schema":822,"document":823},"dast",{"type":824,"children":825},"root",[826,858,880,889,919,923,925,930,934,938,942,946,950,954,979,983,987,991,995,999,1002,1006,1019,1023,1026,1030,1033,1037,1040,1043,1044,1048,1052,1061,1072,1075,1095],{"type":827,"children":828},"paragraph",[829,834,844,847,855],{"type":830,"marks":831,"value":833},"span",[832],"emphasis","Update 1/5/2022: Microsoft changed their mind and issued a CVE ID for this vulnerability: ",{"url":835,"meta":836,"type":12,"children":840},"https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-43905",[837],{"id":838,"value":839},"target","_blank",[841],{"type":830,"marks":842,"value":843},[832],"CVE-2021-43905",{"type":830,"marks":845,"value":846},[832],". The latest version of LocalBridge also ",{"url":848,"meta":849,"type":12,"children":851},"https://twitter.com/wdormann/status/1478821637780877316?t=Lqk9At03SEmzvuSREcWjMw&s=19",[850],{"id":838,"value":839},[852],{"type":830,"marks":853,"value":854},[832],"no longer recognizes the ms-officecmd: URI scheme",{"type":830,"marks":856,"value":857},[832],".",{"type":827,"children":859},[860,862,869,871,878],{"type":830,"value":861},"Earlier this month, security company ",{"url":863,"meta":864,"type":12,"children":866},"https://positive.security/",[865],{"id":838,"value":839},[867],{"type":830,"value":868},"Positive Security",{"type":830,"value":870}," published a ",{"url":872,"meta":873,"type":12,"children":875},"https://positive.security/blog/ms-officecmd-rce",[874],{"id":838,"value":839},[876],{"type":830,"value":877},"detailed analysis",{"type":830,"value":879}," of a critical vulnerability they had discovered in the handling of the \"ms-officecmd\" URL handler. In short, this vulnerability allowed a remote attacker to execute arbitrary code on user's computer when user visited a malicious web page with a browser or opened a link provided to them in documents or messaging applications.",{"type":827,"children":881},[882,884,887],{"type":830,"value":883},"Positive Security have responsibly reported this bug to Microsoft, who fixed it without assigning it a CVE ID, reportedly because \"",{"type":830,"marks":885,"value":886},[832],"Changes to websites, downloads through Defender, or through the Store normally do not get a CVE attached in the same way. In this case the fix did not go out through Windows Update.",{"type":830,"value":888},"\" ",{"type":827,"children":890},[891,893,900,902,909,911,918],{"type":830,"value":892},"Having a fix delivered though an alternative mechanism instead of Windows Update is not unprecedented in Windows, but can depend on assumptions that may not always be true. In this case, the fix was delivered through Windows Store - ",{"url":894,"meta":895,"type":12,"children":897},"https://twitter.com/wdormann/status/1468689116623683593?s=20",[896],{"id":838,"value":839},[898],{"type":830,"value":899},"but only if the AppX Deployment Service was running",{"type":830,"value":901},". This service (AppXSVC) is enabled on Windows 10 by default and gets started when needed, but a quick ",{"url":903,"meta":904,"type":12,"children":906},"https://www.google.com/search?q=AppXSVC+disable",[905],{"id":838,"value":839},[907],{"type":830,"value":908},"Google search",{"type":830,"value":910}," finds many people asking how to disable it, some presumably doing so. In addition, there is no need to have Windows Store working on users' computers in a typical enterprise environment, and in fact Microsoft provides ",{"url":912,"meta":913,"type":12,"children":915},"https://docs.microsoft.com/en-us/windows/configuration/stop-employees-from-using-microsoft-store",[914],{"id":838,"value":839},[916],{"type":830,"value":917},"instructions for blocking such access",{"type":830,"value":857},{"type":827,"children":920},[921],{"type":830,"value":922},"The situation is therefore such that a remote code execution vulnerability with no CVE ID assigned and official fix issued may have remained unfixed on an unknown number of computers worldwide. To make things worse, the DLL that was fixed (AppBridge.dll) has no version information, making it hard for anyone to determine whether their computer is vulnerable or not.",{"item":793,"type":924},"block",{"type":926,"level":522,"children":927},"heading",[928],{"type":830,"value":929},"The Vulnerability",{"type":827,"children":931},[932],{"type":830,"value":933},"The vulnerability is nicely described in Positive Security's blog post, so let's just focus on the crux here: various Windows applications such as Office, Teams or Skype register the \"ms-officecmd\" URL handler, which makes it possible to launch these applications by simply opening a URL provided in a hyperlink or visiting a web page. This handler parses the entire URL to determine which application is to be launched, and which file it should open.",{"type":827,"children":935},[936],{"type":830,"value":937},"This filename value in an \"ms-officecmd\" URL is problematic because it gets passed on to the launched application in form of a command-line argument. An application may, however, happily accept various additional arguments, and the vulnerability in question allows these to be sneaked in through the filename value. Teams, for example, is an Electron-based application and accepts the --gpu-launcher argument that launches any other app - as specified by the attacker.",{"type":827,"children":939},[940],{"type":830,"value":941},"Consequently, visiting a malicious web page while having Teams installed could launch malware on your computer. Whether you would have to okay a not-too-security-alert-looking dialog or not depended on the browser.\n",{"type":827,"children":943},[944],{"type":830,"value":945},"\n",{"type":926,"level":522,"children":947},[948],{"type":830,"value":949},"Microsoft's Fix",{"type":827,"children":951},[952],{"type":830,"value":953},"Microsoft addressed this issue in two places:",{"type":955,"style":956,"children":957},"list","numbered",[958,965],{"type":959,"children":960},"listItem",[961],{"type":827,"children":962},[963],{"type":830,"value":964},"When the filename value points to a file (instead of a URL on the web), the new code tries to open such file locally and only continues with launching the application if that succeeds. This blocks maliciously injected arguments because a file that would match the malicious filename would not be present on user's computer and therefore couldn't be opened. (Side note: a malicious file could also be stored on a remote share and actually contain various unusual characters, so we're not entirely sure about the completeness of this approach.)",{"type":959,"children":966},[967],{"type":827,"children":968},[969,971,978],{"type":830,"value":970},"When the application is launched, the supplied filename value is enclosed in double quotes to force it to be ",{"url":972,"meta":973,"type":12,"children":975},"https://docs.microsoft.com/en-us/previous-versions//17w5ykft(v=vs.85)?redirectedfrom=MSDN",[974],{"id":838,"value":839},[976],{"type":830,"value":977},"parsed as a single argument",{"type":830,"value":857},{"type":827,"children":980},[981],{"type":830,"value":982}," ",{"type":827,"children":984},[985],{"type":830,"value":986},"After this fix was issued, Positive Security researchers found it to be incomplete, still allowing for argument injection with web-based filenames, such as launching Word with the /q argument like this:",{"type":827,"children":988},[989],{"type":830,"value":990},"\"filename\": \"https://example.com/\\\" /q\"",{"type":827,"children":992},[993],{"type":830,"value":994},"Those familiar with injection attacks will notice that even if the string is enclosed in double quotes, the double quote that is already in the string will terminate the starting quote and allow for the introduction of another argument. Classic injection attack.",{"type":827,"children":996},[997],{"type":830,"value":998},"Fortunately, at least Teams won't launch with a web-based URL argument like this but since many Office applications can be launched via \"ms-officecmd\" URL, the remaining exploitability of this issue can only be assessed with extensive analysis.",{"type":827,"children":1000},[1001],{"type":830,"value":982},{"type":926,"level":522,"children":1003},[1004],{"type":830,"value":1005},"Our Micropatch",{"type":827,"children":1007},[1008,1010,1017],{"type":830,"value":1009},"Our approach at this issue was more classic in terms of preventing injections. We replicated Microsoft's 2nd code change, enclosing the entire filename value in double quotes before it gets sent to ShellExecute, but we also added a check for existence of double quotes in the filename value and flat out refuse to launch the application if any are found. A double quote cannot be part of a Windows file name (it's one of the forbidden characters), and if someone wants to use double quotes in a web-based URL, ",{"url":1011,"meta":1012,"type":12,"children":1014},"https://www.ietf.org/rfc/rfc1738.txt",[1013],{"id":838,"value":839},[1015],{"type":830,"value":1016},"they should encode them as %22",{"type":830,"value":1018},".\n",{"type":827,"children":1020},[1021],{"type":830,"value":1022},"Our patch was written for 32-bit and 64-bit AppBridge.dll that was delivered to Windows machines through Windows Store in October 2020. This is the last vulnerable version, and was subsequently replaced with a fixed version in June 2021. Our patch will therefore only get applied if you had Windows Store enabled in October 2020, and disabled it some time before June 2021. We expect some users may have older, or much older, versions of AppBridge.dll installed due to having disabled Windows Store earlier. In absence of AppBridge.dll version information, we can only recommend locally testing your exploitability by copy-pasting the following URL to your web browser on a machine with Microsoft Teams installed, and seeing if a calculator gets launched:",{"type":827,"children":1024},[1025],{"type":830,"value":945},{"type":827,"children":1027},[1028],{"type":830,"value":1029},"ms-officecmd:{\n   \"LocalProviders.LaunchOfficeAppForResult\": {\n       \"details\": {\n           \"appId\": 5,\n           \"name\": \"irrelevant\",\n           \"discovered\": {\n               \"command\": \"irrelevant\"\n           }\n       },\n       \"filename\": \"a:/b/ --disable-gpu-sandbox --gpu-launcher=\\\"C:\\\\Windows\\\\System32\\\\cmd /c calc && \\\"\"\n   }\n}\n",{"type":827,"children":1031},[1032],{"type":830,"value":945},{"type":827,"children":1034},[1035],{"type":830,"value":1036},"Here is a video showing how 0patch prevents the above URL from launching calculator.",{"type":827,"children":1038},[1039],{"type":830,"value":945},{"type":827,"children":1041},[1042],{"type":830,"value":945},{"item":809,"type":924},{"type":926,"level":522,"children":1045},[1046],{"type":830,"value":1047},"Micropatch Availability\n",{"type":827,"children":1049},[1050],{"type":830,"value":1051},"This micropatch requires a 0patch PRO or Enterprise license as it cannot be considered a 0day anymore. To determine if it applies to your computer at all, you can install 0patch Agent with a free account and see if the patch appears under relevant patches.",{"type":827,"children":1053},[1054,1056,1059],{"type":830,"value":1055},"If you're not sure whether you're vulnerable or not, try to locate AppBridge.dll on your computer: it should be in a folder like C:\\Program Files\\WindowsApps\\Microsoft.MicrosoftOfficeHub_",{"type":830,"marks":1057,"value":1058},[832],"[version]",{"type":830,"value":1060},"_x64__8wekyb3d8bbwe. (Note that the folder is only accessible to admins so running a full disk search as a non-admin user won't work.)",{"type":827,"children":1062},[1063,1065,1070],{"type":830,"value":1064},"Once you've located the file, contact us at ",{"url":1066,"type":12,"children":1067},"mailto:sales@0patch.com",[1068],{"type":830,"value":1069},"sales@0patch.com",{"type":830,"value":1071}," and provide the exact file size and modification date of file AppBridge.dll and the name of the folder you found it in. For the record, the vulnerable AppBridge.dll on our test systems was in a folder version 18.2008.12711.0.\n",{"type":827,"children":1073},[1074],{"type":830,"value":945},{"type":827,"children":1076},[1077,1079,1086,1088,1094],{"type":830,"value":1078},"We'd like to thank researchers from Positive Security for finding this issue and sharing details, which allowed us to create a micropatch and protect our users. We'd also like to thank ",{"url":1080,"meta":1081,"type":12,"children":1083},"https://twitter.com/wdormann",[1082],{"id":838,"value":839},[1084],{"type":830,"value":1085},"Will Dormann",{"type":830,"value":1087}," for additional analysis of this issue.\n\nTo learn more about 0patch, please visit our ",{"url":1089,"meta":1090,"type":12,"children":1092},"https://0patch.zendesk.com/hc/en-us",[1091],{"id":838,"value":839},[1093],{"type":830,"value":97},{"type":830,"value":857},{"type":827,"children":1096},[1097],{"type":830,"value":982},{"alt":719,"url":1099,"width":1100,"height":1101,"responsiveImage":1102},"https://www.datocms-assets.com/166020/1755779574-avvxsegpjduzwk5qss-ktdvpua1ikn0jzencrzkf4qms9a7toayc_aaz6a3wacxg0httzu-cx9we6k-i7qj6alr5ezgkwagealdzkauzuq6izw0afoipm7uocevvebwqrmgn0or0lhfss7fihk6z-m18z9br6t1zsqpjyqxadeuspzndcleuwm_vqookvi6_vw-w640-h320.png",640,320,{"srcSet":1103,"webpSrcSet":1104,"sizes":1105,"src":1106,"width":1107,"height":1108,"aspectRatio":228,"alt":719,"title":719,"bgColor":1109,"base64":1110},"https://www.datocms-assets.com/166020/1755779574-avvxsegpjduzwk5qss-ktdvpua1ikn0jzencrzkf4qms9a7toayc_aaz6a3wacxg0httzu-cx9we6k-i7qj6alr5ezgkwagealdzkauzuq6izw0afoipm7uocevvebwqrmgn0or0lhfss7fihk6z-m18z9br6t1zsqpjyqxadeuspzndcleuwm_vqookvi6_vw-w640-h320.png?auto=compress&crop=focalpoint&dpr=0.25&fit=crop&w=1440 360w,https://www.datocms-assets.com/166020/1755779574-avvxsegpjduzwk5qss-ktdvpua1ikn0jzencrzkf4qms9a7toayc_aaz6a3wacxg0httzu-cx9we6k-i7qj6alr5ezgkwagealdzkauzuq6izw0afoipm7uocevvebwqrmgn0or0lhfss7fihk6z-m18z9br6t1zsqpjyqxadeuspzndcleuwm_vqookvi6_vw-w640-h320.png?auto=compress&crop=focalpoint&fit=crop&w=1440 1440w","https://www.datocms-assets.com/166020/1755779574-avvxsegpjduzwk5qss-ktdvpua1ikn0jzencrzkf4qms9a7toayc_aaz6a3wacxg0httzu-cx9we6k-i7qj6alr5ezgkwagealdzkauzuq6izw0afoipm7uocevvebwqrmgn0or0lhfss7fihk6z-m18z9br6t1zsqpjyqxadeuspzndcleuwm_vqookvi6_vw-w640-h320.png?auto=compress&crop=focalpoint&dpr=0.25&fit=crop&fm=webp&w=1440 360w,https://www.datocms-assets.com/166020/1755779574-avvxsegpjduzwk5qss-ktdvpua1ikn0jzencrzkf4qms9a7toayc_aaz6a3wacxg0httzu-cx9we6k-i7qj6alr5ezgkwagealdzkauzuq6izw0afoipm7uocevvebwqrmgn0or0lhfss7fihk6z-m18z9br6t1zsqpjyqxadeuspzndcleuwm_vqookvi6_vw-w640-h320.png?auto=compress&crop=focalpoint&fit=crop&fm=webp&w=1440 1440w","(max-width: 1440px) 100vw, 1440px","https://www.datocms-assets.com/166020/1755779574-avvxsegpjduzwk5qss-ktdvpua1ikn0jzencrzkf4qms9a7toayc_aaz6a3wacxg0httzu-cx9we6k-i7qj6alr5ezgkwagealdzkauzuq6izw0afoipm7uocevvebwqrmgn0or0lhfss7fihk6z-m18z9br6t1zsqpjyqxadeuspzndcleuwm_vqookvi6_vw-w640-h320.png?auto=compress&crop=focalpoint&fit=crop&w=1440",1440,720,"#59bd6c","data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAoHBwgHBgoNDQgLDQ4LDw0LDg4NDREODQ0NFxUZGBYTFhUaHysjGh0oHRUWJDUlKC0vMjIyGSI4PTcwPCsxMi8BCgsLDg0OHBANHC8cFhw7Ly8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL//AABEIAAwAGAMBIgACEQEDEQH/xAAYAAACAwAAAAAAAAAAAAAAAAABBQAEBv/EAB0QAAIBBAMAAAAAAAAAAAAAAAACAQMFETEEEyH/xAAWAQADAAAAAAAAAAAAAAAAAAADBAX/xAAbEQABBAMAAAAAAAAAAAAAAAAAAQIDMiEiMf/aAAwDAQACEQMRAD8A01vpLA16llRLwGnOxrDTjYeRMlGdNihcaSrAA3H1CBW8GWVP/9k=",1780067954653]