[{"data":1,"prerenderedAt":1058},["ShallowReactive",2],{"I-maWsoucveWH7VpbVdiZ9YJQaZbJd1SsPfUgTAv7BA":3,"i-custom:keyboard-arrow-down":704,"i-custom:check":708,"i-custom:north-east":710,"2HRDWuufI-8IeG46qXzNrfWiSfZL0g0JzQorU9YF9hE":712},{"_site":4,"allMenuCtas":33,"allMenuItems":43,"allFooterMenuItems":207,"allFooterLinks":259,"allProductCategories":263,"allPlans":277,"allPatchCategories":288,"allCountries":622,"allPartnerCategories":664,"topBar":674,"allSocialLinks":695},{"globalSeo":5,"favicon":8,"faviconMetaTags":10,"locales":31},{"siteName":6,"titleSuffix":7},"0patch"," | 0patch",{"url":9},"https://www.datocms-assets.com/166020/1758709113-0patch_logo.svg",[11,19,23,27],{"tag":12,"attributes":13,"content":18},"link",{"sizes":14,"type":15,"rel":16,"href":17},"16x16","image/svg","icon","https://www.datocms-assets.com/166020/1758709113-0patch_logo.svg?auto=format&h=16&w=16",null,{"tag":12,"attributes":20,"content":18},{"sizes":21,"type":15,"rel":16,"href":22},"32x32","https://www.datocms-assets.com/166020/1758709113-0patch_logo.svg?auto=format&h=32&w=32",{"tag":12,"attributes":24,"content":18},{"sizes":25,"type":15,"rel":16,"href":26},"96x96","https://www.datocms-assets.com/166020/1758709113-0patch_logo.svg?auto=format&h=96&w=96",{"tag":12,"attributes":28,"content":18},{"sizes":29,"type":15,"rel":16,"href":30},"192x192","https://www.datocms-assets.com/166020/1758709113-0patch_logo.svg?auto=format&h=192&w=192",[32],"en",[34],{"id":35,"title":36,"reference":37,"externalLink":40,"variant":41,"publishTranslation":42},"7540649","Buy now",{"_modelApiKey":38,"slug":39},"page","pricing","","primary-green",true,[44,52,59,66,86,92,99,103,109,117,123,130,135,149,155,169,175],{"id":45,"children":46,"externalLink":40,"parent":47,"reference":49,"title":51,"description":40,"publishTranslation":42},"HC0Jv04qRuKuZzHWgfUcNw",[],{"id":48},"IL3SSc5ySpu4strWvTvZ_A",{"_modelApiKey":38,"slug":50},"in-the-media","In the media",{"id":53,"children":54,"externalLink":55,"parent":56,"reference":18,"title":58,"description":40,"publishTranslation":42},"Lf_fG7sJTeyY-YwXgCZM6A",[],"https://dist.0patch.com/download/latestagent",{"id":57},"InIESymQQManhdOiSJWRAA","Download 0patch Agent",{"id":60,"children":61,"externalLink":62,"parent":63,"reference":18,"title":65,"description":40,"publishTranslation":42},"H1wOcewmTj2BFNcm_3S4Pg",[],"https://support.0patch.com/hc/en-us/sections/22259984868242",{"id":64},"SWaM0xVVRG-TtXEDSCe6CA","User Manual",{"id":48,"children":67,"externalLink":40,"parent":83,"reference":18,"title":85,"description":40,"publishTranslation":42},[68,72],{"id":45,"title":51,"description":40,"parent":69,"reference":70,"externalLink":40,"publishTranslation":42,"children":71},{"id":48},{"_modelApiKey":38,"slug":50},[],{"id":73,"title":74,"description":74,"parent":75,"reference":76,"externalLink":40,"publishTranslation":42,"children":82},"GYvRoN-xQrK53JU9hoMC9g","From our blog",{"id":48},{"_modelApiKey":77,"slug":78,"title":79,"createdAt":80,"published":81},"article","micropatches-released-for-windows-storage-elevation-of-privilege-vulnerability-cv","Micropatches released for Windows Storage Elevation of Privilege Vulnerability (CVE-2026-21508)","2026-04-04T11:50:51+02:00","2026-03-31T00:00:00+02:00",[],{"id":84},"136494748","Featured",{"id":87,"children":88,"externalLink":40,"parent":18,"reference":89,"title":91,"description":40,"publishTranslation":42},"7537370",[],{"_modelApiKey":38,"slug":90},"windows10","Windows 10",{"id":93,"children":94,"externalLink":95,"parent":96,"reference":18,"title":97,"description":98,"publishTranslation":42},"KNhSd6vgR2mx15df8jrG1g",[],"https://support.0patch.com/hc/en-us",{"id":57},"Help Center","All sections",{"id":73,"children":100,"externalLink":40,"parent":101,"reference":102,"title":74,"description":74,"publishTranslation":42},[],{"id":48},{"_modelApiKey":77,"slug":78,"createdAt":80,"title":79,"published":81},{"id":104,"children":105,"externalLink":106,"parent":107,"reference":18,"title":108,"description":40,"publishTranslation":42},"YlQq8EI3S3Cjo6bX8KwScg",[],"https://www.0patch.com/files/0patch_End_User_License_Agreement.pdf",{"id":64},"License agreement",{"id":110,"children":111,"externalLink":40,"parent":112,"reference":113,"title":115,"description":116,"publishTranslation":42},"7537375",[],{"id":57},{"_modelApiKey":38,"slug":114},"contact","Contact us","Form demo",{"id":118,"children":119,"externalLink":40,"parent":18,"reference":120,"title":122,"description":40,"publishTranslation":42},"LT3XEcT4ToWK-CGDxHIvxA",[],{"_modelApiKey":38,"slug":121},"patches","Patches",{"id":124,"children":125,"externalLink":40,"parent":126,"reference":127,"title":129,"description":40,"publishTranslation":42},"C_hUUxSzRlWzUZJZiQKLWg",[],{"id":64},{"_modelApiKey":38,"slug":128},"privacy","Privacy policy",{"id":131,"children":132,"externalLink":40,"parent":18,"reference":133,"title":134,"description":40,"publishTranslation":42},"M7H9KVRYQbWzdi5przLT7w",[],{"_modelApiKey":38,"slug":39},"Pricing",{"id":57,"children":136,"externalLink":40,"parent":147,"reference":18,"title":148,"description":40,"publishTranslation":42},[137,140,143],{"id":53,"title":58,"description":40,"parent":138,"reference":18,"externalLink":55,"publishTranslation":42,"children":139},{"id":57},[],{"id":93,"title":97,"description":98,"parent":141,"reference":18,"externalLink":95,"publishTranslation":42,"children":142},{"id":57},[],{"id":110,"title":115,"description":116,"parent":144,"reference":145,"externalLink":40,"publishTranslation":42,"children":146},{"id":57},{"_modelApiKey":38,"slug":114},[],{"id":84},"Support",{"id":150,"children":151,"externalLink":40,"parent":18,"reference":152,"title":154,"description":40,"publishTranslation":42},"7540650",[],{"_modelApiKey":38,"slug":153},"blog","Blog",{"id":64,"children":156,"externalLink":40,"parent":167,"reference":18,"title":168,"description":40,"publishTranslation":42},[157,160,163],{"id":60,"title":65,"description":40,"parent":158,"reference":18,"externalLink":62,"publishTranslation":42,"children":159},{"id":64},[],{"id":104,"title":108,"description":40,"parent":161,"reference":18,"externalLink":106,"publishTranslation":42,"children":162},{"id":64},[],{"id":124,"title":129,"description":40,"parent":164,"reference":165,"externalLink":40,"publishTranslation":42,"children":166},{"id":64},{"_modelApiKey":38,"slug":128},[],{"id":84},"Documents",{"id":170,"children":171,"externalLink":40,"parent":18,"reference":172,"title":174,"description":40,"publishTranslation":42},"SH5u-VrlQeKwYFXpbtstHw",[],{"_modelApiKey":38,"slug":173},"partners","Partners",{"id":84,"children":176,"externalLink":40,"parent":18,"reference":18,"title":206,"description":40,"publishTranslation":42},[177,186,196],{"id":48,"title":85,"description":40,"parent":178,"reference":18,"externalLink":40,"publishTranslation":42,"children":179},{"id":84},[180,183],{"id":45,"title":51,"description":40,"parent":181,"reference":182,"externalLink":40,"publishTranslation":42},{"id":48},{"_modelApiKey":38,"slug":50},{"id":73,"title":74,"description":74,"parent":184,"reference":185,"externalLink":40,"publishTranslation":42},{"id":48},{"_modelApiKey":77,"slug":78,"createdAt":80,"title":79,"published":81},{"id":57,"title":148,"description":40,"parent":187,"reference":18,"externalLink":40,"publishTranslation":42,"children":188},{"id":84},[189,191,193],{"id":53,"title":58,"description":40,"parent":190,"reference":18,"externalLink":55,"publishTranslation":42},{"id":57},{"id":93,"title":97,"description":98,"parent":192,"reference":18,"externalLink":95,"publishTranslation":42},{"id":57},{"id":110,"title":115,"description":116,"parent":194,"reference":195,"externalLink":40,"publishTranslation":42},{"id":57},{"_modelApiKey":38,"slug":114},{"id":64,"title":168,"description":40,"parent":197,"reference":18,"externalLink":40,"publishTranslation":42,"children":198},{"id":84},[199,201,203],{"id":60,"title":65,"description":40,"parent":200,"reference":18,"externalLink":62,"publishTranslation":42},{"id":64},{"id":104,"title":108,"description":40,"parent":202,"reference":18,"externalLink":106,"publishTranslation":42},{"id":64},{"id":124,"title":129,"description":40,"parent":204,"reference":205,"externalLink":40,"publishTranslation":42},{"id":64},{"_modelApiKey":38,"slug":128},"Resources",[208,214,218,222,226,231,235,239,244,249,254],{"id":209,"column":210,"children":211,"externalLink":40,"parent":18,"reference":212,"title":122,"description":40,"publishTranslation":42},"Z7v-uM0cTOOBdk-s10IiJA",1,[],{"__typename":213,"_modelApiKey":38,"slug":121},"PageRecord",{"id":215,"column":210,"children":216,"externalLink":40,"parent":18,"reference":217,"title":134,"description":40,"publishTranslation":42},"Yr6Go03oTdSCq8pxdWdUsg",[],{"__typename":213,"_modelApiKey":38,"slug":39},{"id":219,"column":210,"children":220,"externalLink":40,"parent":18,"reference":221,"title":174,"description":40,"publishTranslation":42},"Ds1JBCIHQQKM3pJdA6ywFA",[],{"__typename":213,"_modelApiKey":38,"slug":173},{"id":223,"column":210,"children":224,"externalLink":40,"parent":18,"reference":225,"title":115,"description":40,"publishTranslation":42},"d9N0wsZhQsm7WLVqkmUWVQ",[],{"__typename":213,"_modelApiKey":38,"slug":114},{"id":227,"column":228,"children":229,"externalLink":40,"parent":18,"reference":230,"title":154,"description":40,"publishTranslation":42},"O9Oqpya5TZafs7o4l_8Nvg",2,[],{"__typename":213,"_modelApiKey":38,"slug":153},{"id":232,"column":228,"children":233,"externalLink":40,"parent":18,"reference":234,"title":51,"description":40,"publishTranslation":42},"QbA-8ChQT-eVxrfVlZzKaA",[],{"__typename":213,"_modelApiKey":38,"slug":50},{"id":236,"column":228,"children":237,"externalLink":95,"parent":18,"reference":18,"title":238,"description":40,"publishTranslation":42},"GcPu0RJNQu2cmfpL_Us1Lg",[],"Help center ",{"id":240,"column":228,"children":241,"externalLink":242,"parent":18,"reference":18,"title":243,"description":40,"publishTranslation":42},"NwREnz0XTvOJ93OHko_7xw",[],"https://status.0patch.com/","Status page",{"id":245,"column":228,"children":246,"externalLink":40,"parent":18,"reference":247,"title":248,"description":40,"publishTranslation":42},"UPh4X1tXRt24AhzNHaztFg",[],{"__typename":213,"_modelApiKey":38,"slug":114},"Write to support",{"id":250,"column":228,"children":251,"externalLink":252,"parent":18,"reference":18,"title":253,"description":40,"publishTranslation":42},"bUWsPw9eRvG4Ycl7j0yONg",[],"mailto:security@0patch.com","Report a security issue",{"id":255,"column":228,"children":256,"externalLink":257,"parent":18,"reference":18,"title":258,"description":40,"publishTranslation":42},"eB66OgJwSXSF0UWkhz1snQ",[],"https://www.0patch.com/files/0patch.asc","PGP KEY",[260],{"externalLink":40,"reference":261,"title":262,"publishTranslation":42},{"_modelApiKey":38,"slug":128},"Privacy",[264,269,273],{"__typename":265,"id":266,"name":267,"slug":268},"ProductCategoryRecord","Am0QLeVvQCuP42oCnhKABQ","Office","office",{"__typename":265,"id":270,"name":271,"slug":272},"VFAYSlgkRneu1oHcTKcpwQ","Server","server",{"__typename":265,"id":274,"name":275,"slug":276},"UNiVGxy_QViVXTpaSLXZlQ","Windows","windows",[278,282,285],{"__typename":279,"id":280,"title":281},"PlanRecord","T-QQY6XRSjeGbmXIK5kNCw","Free",{"__typename":279,"id":283,"title":284},"TOtXWfDyTjyO3H3OW_HRtQ","Professional",{"__typename":279,"id":286,"title":287},"KJjNQcHiRVa_mZqx_GtIrg","Enterprise",[289,423,520,561,605],{"__typename":290,"_allReferencingPatchesMeta":291,"_allReferencingPatches":293,"_modelApiKey":418,"name":419,"id":420,"slug":421,"icon":18,"supportDate":422},"PatchCategoryRecord",{"count":292},19,[294,302,310,317,325,333,340,346,352,358,364,370,376,382,388,394,400,406,412],{"id":295,"title":296,"description":297,"plans":298},"CHBzDqmWSkiUggiwCycMKQ","0day patches","\u003Cp>Patches for vulnerabilities the original vendor has not yet patched - both for legacy products and products that are still under official vendor support\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?type=0day\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our 0day patches\u003C/a>\u003C/strong>\u003C/p>",[299,300,301],{"id":280,"title":281},{"id":283,"title":284},{"id":286,"title":287},{"id":303,"title":304,"description":305,"plans":306},"W1zipVenRuaCpMLlbChNkg","Free patches","\u003Cp>Patches for \"0day\" vulnerabilities are generally free until the vendor has provided an official fix\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?plan=free\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our free patches\u003C/a>\u003C/strong>\u003C/p>",[307,308,309],{"id":280,"title":281},{"id":283,"title":284},{"id":286,"title":287},{"id":311,"title":312,"description":313,"plans":314},"JMf6o8nLRh2YNbSjeoWSbg","All patches","\u003Cp>All our patches we have ever issued, or will ever issue, including 0day and legacy patches\u003C/p>",[315,316],{"id":283,"title":284},{"id":286,"title":287},{"id":318,"title":319,"description":320,"plans":321},"N2SosqbOST-U5Q3FTqKT-g","Multi factor authentication (MFA)","\u003Cp>Require one-time code from an authenticator app when accessing 0patch Central\u003C/p>",[322,323,324],{"id":280,"title":281},{"id":283,"title":284},{"id":286,"title":287},{"id":326,"title":327,"description":328,"plans":329},"Aurt0TQWT3qrx--H6Bvtnw","0patch console - local management","\u003Cp>0patch Agent is managed locally using 0patch Console application\u003C/p>",[330,331,332],{"id":280,"title":281},{"id":283,"title":284},{"id":286,"title":287},{"id":334,"title":335,"description":336,"plans":337},"dvNfP_7ZQ6uyUtJO3ADbJQ","Standard email support","\u003Cp>Email support with 24-hour response time\u003C/p>",[338,339],{"id":283,"title":284},{"id":286,"title":287},{"id":341,"title":342,"description":343,"plans":344},"DRZtt1FJQ2OW742_5ZdcOQ","Central management","\u003Cp>Centrally manage and monitor all your 0patch Agents from web-based 0patch Central\u003C/p>",[345],{"id":286,"title":287},{"id":347,"title":348,"description":349,"plans":350},"C7j04lkDSSmPT2ikq9grug","IP address allow-listing","\u003Cp>Restricting access to 0patch Central so only users connecting from approved IP addresses can use it\u003C/p>",[351],{"id":286,"title":287},{"id":353,"title":354,"description":355,"plans":356},"aLo8Rj7YQsufFNozN8C6lw","Unattended agent installation","\u003Cp>Deploy 0patch Agent remotely without user interaction\u003C/p>",[357],{"id":286,"title":287},{"id":359,"title":360,"description":361,"plans":362},"dJECbsVMSGm7_ObPWiWSDQ","Agent auto-registration","\u003Cp>0patch Agent can automatically register itself to your 0patch account\u003C/p>",[363],{"id":286,"title":287},{"id":365,"title":366,"description":367,"plans":368},"WHM0-Mj0Sr2WZ1LwhTI9Dw","Silent run","\u003Cp>0patch Agent operates entirely in the background without showing notifications or prompts to the user\u003C/p>",[369],{"id":286,"title":287},{"id":371,"title":372,"description":373,"plans":374},"Zjk5YWqcS2al2C2OTEH82w","Patching policies","\u003Cp>Select which patches are enabled for which groups of computers, and whether newly issued patches are initially enabled or disabled\u003C/p>",[375],{"id":286,"title":287},{"id":377,"title":378,"description":379,"plans":380},"DXTTXN2ITtmy-Bclo1_iKQ","Computer groups","\u003Cp>Organize your computers in groups to simplify management and apply different policies to different sets of computers\u003C/p>",[381],{"id":286,"title":287},{"id":383,"title":384,"description":385,"plans":386},"Vna1HyM9Q4-kwJshD0-4Ag","Multi user support","\u003Cp>Add any number of users to 0patch Central\u003C/p>",[387],{"id":286,"title":287},{"id":389,"title":390,"description":391,"plans":392},"MZheRUWKRHuS_M3sPAvxWw","User roles","\u003Cp>Assign different roles to 0patch Central users to limit their access\u003C/p>",[393],{"id":286,"title":287},{"id":395,"title":396,"description":397,"plans":398},"em07-dXcQ2Of2IhpZzUeDQ","Mandatory MFA","\u003Cp>Administrator can make multi factor authentication mandatory for all 0patch Central users\u003C/p>",[399],{"id":286,"title":287},{"id":401,"title":402,"description":403,"plans":404},"DJ9WqVROQWiRnUxDr8ckeQ","SAML single sign-on","\u003Cp>Login to 0patch Central through your identity provider using the SAML protocol\u003C/p>",[405],{"id":286,"title":287},{"id":407,"title":408,"description":409,"plans":410},"c73GoxWmTXS5muxHXFl3HA","SCIM provisioning","\u003Cp>Manage 0patch Central users with your identity provider using SCIM protocol\u003C/p>",[411],{"id":286,"title":287},{"id":413,"title":414,"description":415,"plans":416},"QM6mK9qtTBe5OtMWfVnvvg","Professional services","\u003Cp>Custom patches and additional professional services are available to large customers\u003C/p>",[417],{"id":286,"title":287},"patch_category","Features","T2nlr7wWS3eNfLE8hfA1ew","features","2025-12-05",{"__typename":290,"_allReferencingPatchesMeta":424,"_allReferencingPatches":426,"_modelApiKey":418,"name":504,"id":505,"slug":506,"icon":507,"supportDate":519},{"count":425},11,[427,434,441,448,455,462,469,476,483,490,497],{"id":428,"title":429,"description":430,"plans":431},"Wn-S2pccQbKHM4Qi_CFf0Q","Windows 11 22H2 patches","\u003Cp>Windows 11 22H2 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+11\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 11 patches\u003C/a>\u003C/strong>\u003C/p>",[432,433],{"id":283,"title":284},{"id":286,"title":287},{"id":435,"title":436,"description":437,"plans":438},"KLIOm9vRTpWNef0hEYPZRw","Windows 11 21H2 patches","\u003Cp>Windows 11 21H2 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+11\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 11 patches\u003C/a>\u003C/strong>\u003C/p>",[439,440],{"id":283,"title":284},{"id":286,"title":287},{"id":442,"title":443,"description":444,"plans":445},"Z-_sUVTSRcyneegSkg6tEg","Windows 10 22H2 post-EOS patches","\u003Cp>Windows 10 22H2 post-end-of-support patches, for computers without Extended Security Updates (ESU), or computers with any full year of ESU updates installed\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[446,447],{"id":283,"title":284},{"id":286,"title":287},{"id":449,"title":450,"description":451,"plans":452},"OG3314TtS_mGEWsQ7I7rVg","Windows 10 21H2 patches","\u003Cp>Windows 10 21H2 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[453,454],{"id":283,"title":284},{"id":286,"title":287},{"id":456,"title":457,"description":458,"plans":459},"d-2ES_YuR7C4QuSmcXgi0Q","Windows 10 21H1 patches","\u003Cp>Windows 10 21H1 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[460,461],{"id":283,"title":284},{"id":286,"title":287},{"id":463,"title":464,"description":465,"plans":466},"R-A6Aep1TCCVLYwFbfK3Sw","Windows 10 20H2 patches","\u003Cp>Windows 10 20H2 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[467,468],{"id":283,"title":284},{"id":286,"title":287},{"id":470,"title":471,"description":472,"plans":473},"Dg4FaK9fS8KTa1o3Qhor6w","Windows 10 2004 patches","\u003Cp>Windows 10 2004 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[474,475],{"id":286,"title":287},{"id":283,"title":284},{"id":477,"title":478,"description":479,"plans":480},"MJlLPyxqTcy9ys2UaZYNKQ","Windows 10 v1909 patches","\u003Cp>Windows 10 1909 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[481,482],{"id":283,"title":284},{"id":286,"title":287},{"id":484,"title":485,"description":486,"plans":487},"GscjCa1TQOe5p5Or7g2qyw","Windows 10 v1809 patches","\u003Cp>Windows 10 1809 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[488,489],{"id":283,"title":284},{"id":286,"title":287},{"id":491,"title":492,"description":493,"plans":494},"OeQ8xMmJTmadIiPcKYkhvw","Windows 10 v1803 patches","\u003Cp>Windows 10 1803 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+10\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows 10 patches\u003C/a>\u003C/strong>\u003C/p>",[495,496],{"id":283,"title":284},{"id":286,"title":287},{"id":498,"title":499,"description":500,"plans":501},"Obe8z8snRYGoLT6BZyzhZw","Windows 7 post-EOS and post-ESU patches","\u003Cp>Windows 7 post-end-of-support patches, for computers without Extended Security Updates (ESU), or computers with any full year of ESU updates installed\u003C/p>",[502,503],{"id":283,"title":284},{"id":286,"title":287},"Windows Patches","DXze3dvpTu-HF132vKjSug","microsoft-windows-xp",{"alt":508,"url":509,"width":510,"height":510,"responsiveImage":511},"Windows 11 logo","https://www.datocms-assets.com/166020/1764600963-win11.png",300,{"srcSet":512,"webpSrcSet":513,"sizes":514,"src":515,"width":516,"height":516,"aspectRatio":210,"alt":508,"title":18,"bgColor":517,"base64":518},"https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&fit=crop&h=40 40w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&h=40 60w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&h=40 80w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&h=40 120w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&h=40 160w","https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&fit=crop&fm=webp&h=40 40w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&fm=webp&h=40 60w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&fm=webp&h=40 80w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&fm=webp&h=40 120w,https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&fm=webp&h=40 160w","(max-width: 40px) 100vw, 40px","https://www.datocms-assets.com/166020/1764600963-win11.png?auto=compress&crop=focalpoint&fit=crop&h=40",40,"#0278cf","data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAYCAMAAADXqc3KAAAA51BMVEUAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtEAdtG9HcQcAAAATXRSTlMAAQIDBAUGBwkKCwwNDg8QERITFBUWFxgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY4OTo7PD0+P0BBQkNERUZHSEpLTE1OTwjw0A0AAAEqSURBVHjapZHbbsMgDIZNcMwhm7ZW097/+XrTToNwSGKPkraqtN3NCAn/H8LmN4L2LxbyOcMer0cHJcYF9UhEwHQH10yWBdAa7y0MJW5dN9NkQQsgTuS9UUMNoQM/eQcaGiBjRlJMpgNljWlPrSugiABc9yOkpSKYeBhYlZR2MSUjUtJc8EKlWpXP8379QpAhxVCRc56tSvdu4VSt5NhqtHPOTxXgonpBhF+xN/IHgP8AlO1ZYu5AO08ynx/ym+UUm7sf1MF4uumfhwZCKHgg70YZuXx1cDi+W3ZEBR0Zi7wZs4/JOmdEbaxRuC3hXrA7ezW/BaZNwco57SYuuWQlpdaK37SuxPH75m4IxJBjLBjrxpVjuHWbYptHnts8Kg+at1Lv/6hVt12XH8K5sGlN/hfaAAAAAElFTkSuQmCC","2025-06-25",{"__typename":290,"_allReferencingPatchesMeta":521,"_allReferencingPatches":523,"_modelApiKey":418,"name":545,"id":546,"slug":547,"icon":548,"supportDate":519},{"count":522},3,[524,531,538],{"id":525,"title":526,"description":527,"plans":528},"DMZZcGMvQfaRElACxvHXyA","Windows Server 2012 R2 post-EOS patches","\u003Cp>Windows Server 2012 R2 post-end-of-support patches, for computers without Extended Security Updates (ESU), or computers with any full year of ESU updates installed\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+Server+2012+R2\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows Server 2012 R2 patches\u003C/a>\u003C/strong>\u003C/p>",[529,530],{"id":283,"title":284},{"id":286,"title":287},{"id":532,"title":533,"description":534,"plans":535},"ZaeezXKkT3KGln5CQ4NH9w","Windows Server 2012 post-EOS patches","\u003Cp>Windows Server 2012 post-end-of-support patches, for computers without Extended Security Updates (ESU), or computers with any full year of ESU updates installed\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+Server+2012\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows Server 2012 patches\u003C/a>\u003C/strong>\u003C/p>",[536,537],{"id":283,"title":284},{"id":286,"title":287},{"id":539,"title":540,"description":541,"plans":542},"RYxw9xwXR3-OWnsdr8dFEg","Windows Server 2008 R2 post-EOS and post-ESU patches","\u003Cp>Windows Server 2008 R2 post-end-of-support patches, for computers without Extended Security Updates (ESU), or computers with any full year of ESU updates installed\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Windows+Server+2008+R2\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Windows Server 2008 R2 patches\u003C/a>\u003C/strong>\u003C/p>",[543,544],{"id":283,"title":284},{"id":286,"title":287},"Windows Server Patches","J7WLPCrKS7i7B8sAyJpKWg","microsoft-windows-vista",{"alt":549,"url":550,"width":551,"height":510,"responsiveImage":552},"Windows Server 2012-2022 logo","https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png",296,{"srcSet":553,"webpSrcSet":554,"sizes":555,"src":556,"width":557,"height":516,"aspectRatio":558,"alt":549,"title":18,"bgColor":559,"base64":560},"https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&fit=crop&h=40 39w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&h=40 58w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&h=40 78w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&h=40 117w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&h=40 156w","https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&fit=crop&fm=webp&h=40 39w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&fm=webp&h=40 58w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&fm=webp&h=40 78w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&fm=webp&h=40 117w,https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&fm=webp&h=40 156w","(max-width: 39px) 100vw, 39px","https://www.datocms-assets.com/166020/1764600963-srv2012_2022.png?auto=compress&crop=focalpoint&fit=crop&h=40",39,0.975,"#0b1f8e","data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABcAAAAYCAMAAAAmopZHAAABRFBMVEUAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIgAFIis0k1eAAAAbHRSTlMAAQIDBAUGBwgJCgsMDQ4PEBESExQVFhgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj9AQUJDREVGR0hJSkxNTk9QUVRVVldYWVpbXF1fYWJjZGVmZ2lqa2xtbnBzdHY8yRY6AAABF0lEQVR42o2STU/EIBCGmWEodGm77sWj//+PeVAvRrNAYYY63cREs42R45PJ+xXIHD/6L0eU7Y7DZR4tl5QqGQQ0XXbql4fLHCyv11zpCRCMMIux43w5R4+yTqXSGQA24cadwuidG5C7iCG58dZaZ0ODs13vi+q8AxjltQr6VPKsOjkpf73Z9t23fn5+xICcs3L+mTOlkwcu9b5XKiCHfdXugNs4qE5WvoBFs+dRGmKMA7aSSqNHRAudWxXjwjTt92vSvguSxW0fAtw4ncYB+pprow6b0YkACIfRhxNBt+gqvVnnSKv1ze5DVIOdpQo9q7ezuoUhPy3LNFjhovoag787v8TzHEhqLvw7//VqAvXKB33L3//hC+5Cl3o2W4MJAAAAAElFTkSuQmCC",{"__typename":290,"_allReferencingPatchesMeta":562,"_allReferencingPatches":564,"_modelApiKey":418,"name":593,"id":594,"slug":595,"icon":596,"supportDate":519},{"count":563},4,[565,572,579,586],{"id":566,"title":567,"description":568,"plans":569},"axmNaLDGSs2BLTpJNU-fuQ","Microsoft Office 2019 post-EOS patches","\u003Cp>Microsoft Office 2019 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Office+2019\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Microsoft Office 2019 patches\u003C/a>\u003C/strong>\u003C/p>",[570,571],{"id":283,"title":284},{"id":286,"title":287},{"id":573,"title":574,"description":575,"plans":576},"MkFk40IJQhCcXnIO2ZDd4Q","Microsoft Office 2016 post-EOS patches","\u003Cp>Microsoft Office 2016 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Office+2016\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Microsoft Office 2016 patches\u003C/a>\u003C/strong>\u003C/p>",[577,578],{"id":283,"title":284},{"id":286,"title":287},{"id":580,"title":581,"description":582,"plans":583},"FFqWfGxfQF2q0uyjyRjVWg","Microsoft Office 2013 post-EOS patches","\u003Cp>Microsoft Office 2013 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Office+2013\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Microsoft Office 2013 patches\u003C/a>\u003C/strong>\u003C/p>",[584,585],{"id":283,"title":284},{"id":286,"title":287},{"id":587,"title":588,"description":589,"plans":590},"XFYgrsOyRpeuEXk29M4z9g","Microsoft Office 2010 post-EOS patches","\u003Cp>Microsoft Office 2010 post-end-of-support patches\u003C/p>\n\u003Cp>\u003Cstrong>\u003Ca href=\"/patches?product=Office+2010\" target=\"_blank\" rel=\"noopener\">Click to see the full list of our Microsoft Office 2010 patches\u003C/a>\u003C/strong>\u003C/p>",[591,592],{"id":283,"title":284},{"id":286,"title":287},"Microsoft Office Patches","VH2unwR4RjycDA1o_6eSFw","microsoft-windows-7",{"alt":597,"url":598,"width":510,"height":510,"responsiveImage":599},"Microsoft Office logo","https://www.datocms-assets.com/166020/1764600963-office2013_2019.png",{"srcSet":600,"webpSrcSet":601,"sizes":514,"src":602,"width":516,"height":516,"aspectRatio":210,"alt":597,"title":18,"bgColor":603,"base64":604},"https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&fit=crop&h=40 40w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&h=40 60w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&h=40 80w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&h=40 120w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&h=40 160w","https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&fit=crop&fm=webp&h=40 40w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=1.5&fit=crop&fm=webp&h=40 60w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=2&fit=crop&fm=webp&h=40 80w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=3&fit=crop&fm=webp&h=40 120w,https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&dpr=4&fit=crop&fm=webp&h=40 160w","https://www.datocms-assets.com/166020/1764600963-office2013_2019.png?auto=compress&crop=focalpoint&fit=crop&h=40","#eb3c00","data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAYCAMAAADXqc3KAAABSlBMVEXqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPADqPAAMDLSTAAAAbnRSTlMAAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eHyAiIyQlJicoKSorLS4vMTIzNDU2Nzk6Ozw9P0BBQkNERkpMTU5PUFFSVVZXWVpbXF1eX2BhYmNkZmdoaWpsbW5vcHFzdXZ4fH5/gIKDhBdTJiUAAAERSURBVHjabdE5doQwDAZgSV6AwMsU06TN/e+TM6SfyeBNUsALTeKGhz7wL8sWzoU21yd8fN6Xn++vAGDruzcdyFhjrBuAK0mo4Kz3PL89OrxvyA0s+Un9Cg38bZPUtrLOmXleUSvctrk4W1obZHVZtscJ0zo5Ral1FsAjfG7gDCo3iLmIknU1w4BybtnwyqmAaAsXzhhfDZ4hMjJrhVwy7B1iiIWycIPktO90flWIz8ATctY8QERQtQEUVh6ARIjQT86Mow7OGDqsg+IQcs4CjT8KXzB7Rwraujo6Qe3g7TEF4dTHHmGEGwKVFF4ddkhXu8yxjqFd7T7qzDmG9LzgWqWkuO//QS4xhf0viDJzvctfA1KXpEpvxgMAAAAASUVORK5CYII=",{"__typename":290,"_allReferencingPatchesMeta":606,"_allReferencingPatches":607,"_modelApiKey":418,"name":614,"id":615,"slug":616,"icon":617,"supportDate":519},{"count":210},[608],{"id":609,"title":610,"description":611,"plans":612},"OuJP-mYgRRi-wc8RTcRbUg","Other products patches","\u003Cp>We occasionally patch other Windows products, for instance when a critical vulnerability becomes known and the vendor does not provide an official patch in a timely manner\u003C/p>",[613],{"id":283,"title":284},"Other","BrWA-hAsQYSROgTvF-1ecA","microsoft-windows-11",{"alt":618,"url":619,"width":620,"height":621,"responsiveImage":18},"Windows 7","https://www.datocms-assets.com/166020/1754390080-layer1.svg",44,38,[623,628,632,636,640,644,648,652,656,660],{"__typename":624,"id":625,"name":626,"slug":627},"CountryRecord","WYcngTKjTLSCPKXF1CGc3Q","Germany","germany",{"__typename":624,"id":629,"name":630,"slug":631},"W7K_V8xIQ4esd1pdctvLRg","Switzerland","switzerland",{"__typename":624,"id":633,"name":634,"slug":635},"YCAHqeAMSp2PAVyP3KGV4w","International","international",{"__typename":624,"id":637,"name":638,"slug":639},"IKNwlfjMQXOfKhtUID30BQ","Singapore","singapore",{"__typename":624,"id":641,"name":642,"slug":643},"UzXo_gH5Te-UnOfNwdsfWQ","Netherlands","netherlands",{"__typename":624,"id":645,"name":646,"slug":647},"JKw7Q4wpQ8eGJjvHXwfSAA","Spain","spain",{"__typename":624,"id":649,"name":650,"slug":651},"RZbGpAInTEivnMxZzdTzwg","Poland","poland",{"__typename":624,"id":653,"name":654,"slug":655},"NwnHmUQ6RIK_OV9865XH3Q","Australia","australia",{"__typename":624,"id":657,"name":658,"slug":659},"HfVwBnHDSfCassEtkYx9lQ","United Kingdom","united-kingdom",{"__typename":624,"id":661,"name":662,"slug":663},"UUYGwDAYR4qLZM5UmDcmVA","USA","usa",[665,670],{"__typename":666,"id":667,"name":668,"slug":669},"PartnerCategoryRecord","dQoYak16SOaHi1odGdVqmQ","MSPs & SOCs","msps-socs",{"__typename":666,"id":671,"name":672,"slug":673},"REE7lMU8RzC9jabDARcxYQ","Resellers & Distributors","resellers-distributors",{"id":675,"_modelApiKey":676,"__typename":677,"text":678,"link":679,"menuLinks":687},"WnQYb8xeS2irpBJ41pdDRA","top_bar","TopBarRecord","Micropatches released for Windows Netlogon Remote Code Execution Vulnerability (CVE-2026-41089)",[680],{"externalLink":40,"id":681,"recordLink":682,"variant":12,"icon":685,"title":686},"K2tgUizORgyofhnuTJ36dA",{"__typename":683,"_modelApiKey":77,"slug":684},"ArticleRecord","micropatches-released-for-windows-netlogon-remote-code-execution-vulnerability-cv",false,"Learn more",[688,691],{"id":689,"primary":685,"externalLink":95,"parent":18,"reference":18,"title":690,"description":40,"publishTranslation":42},"B1pEweRaRD2YBkP6aH1CfA","Help center",{"id":692,"primary":42,"externalLink":693,"parent":18,"reference":18,"title":694,"description":40,"publishTranslation":42},"Mk0Yz-yqTk2akShgf7ARNg","https://central.0patch.com/","Sign in",[696,700],{"id":697,"title":698,"url":699},"NDrk5d4kQ96J2aCuTr-gvg","0patch on X","https://twitter.com/0patch",{"id":701,"title":702,"url":703},"GqN4lYxyTMyzcmRllVY4mg","Linked In","https://linkedin.com/company/0patch",{"left":705,"top":705,"width":706,"height":706,"rotate":705,"vFlip":685,"hFlip":685,"body":707},0,24,"\u003Cg fill=\"none\">\u003Cpath d=\"M11.9999 15.0539L6.34619 9.40013L7.39994 8.34637L11.9999 12.9464L16.5999 8.34637L17.6537 9.40013L11.9999 15.0539Z\" fill=\"currentColor\"/>\u003C/g>",{"left":705,"top":705,"width":706,"height":706,"rotate":705,"vFlip":685,"hFlip":685,"body":709},"\u003Cg fill=\"none\">\u003Cpath d=\"M9.5501 18.0001L3.8501 12.3001L5.2751 10.8751L9.5501 15.1501L18.7251 5.9751L20.1501 7.4001L9.5501 18.0001Z\" fill=\"currentColor\"/>\u003C/g>",{"left":705,"top":705,"width":706,"height":706,"rotate":705,"vFlip":685,"hFlip":685,"body":711},"\u003Cg fill=\"none\">\u003Cpath d=\"M5.55375 19.5001L4.5 18.4464L15.9462 7.00012H9V5.50012H18.5V15.0001H17V8.05387L5.55375 19.5001Z\" fill=\"currentColor\"/>\u003C/g>",{"article":713},{"_firstPublishedAt":714,"_publishedAt":715,"_updatedAt":716,"_seoMetaTags":717,"_allSlugLocales":777,"_allPublishTranslationLocales":780,"published":782,"__typename":683,"_modelApiKey":77,"author":783,"createdAt":784,"id":785,"excerpt":40,"body":786,"image":18,"readTime":40,"title":720,"slug":779,"publishTranslation":42,"seoMetadata":18},"2025-08-21T14:07:22+02:00","2026-05-29T15:23:52+02:00","2026-05-29T15:23:50+02:00",[718,721,725,728,732,735,738,742,746,750,753,756,759,762,766,769,773],{"tag":719,"attributes":18,"content":720},"title","Sorry, Adobe Reader, We're Not Letting You Phone Home Without User's Consent (CVE-2019-7089)",{"tag":722,"attributes":723,"content":18},"meta",{"property":724,"content":720},"og:title",{"tag":722,"attributes":726,"content":18},{"name":727,"content":720},"twitter:title",{"tag":722,"attributes":729,"content":18},{"name":730,"content":731},"description","This is a 0patch website.",{"tag":722,"attributes":733,"content":18},{"property":734,"content":731},"og:description",{"tag":722,"attributes":736,"content":18},{"name":737,"content":731},"twitter:description",{"tag":722,"attributes":739,"content":18},{"property":740,"content":741},"og:image","https://www.datocms-assets.com/166020/1763539535-frame-48098099-1.jpg?auto=format&fit=max&w=1200",{"tag":722,"attributes":743,"content":18},{"property":744,"content":745},"og:image:width","1200",{"tag":722,"attributes":747,"content":18},{"property":748,"content":749},"og:image:height","630",{"tag":722,"attributes":751,"content":18},{"name":752,"content":741},"twitter:image",{"tag":722,"attributes":754,"content":18},{"property":755,"content":32},"og:locale",{"tag":722,"attributes":757,"content":18},{"property":758,"content":77},"og:type",{"tag":722,"attributes":760,"content":18},{"property":761,"content":6},"og:site_name",{"tag":722,"attributes":763,"content":18},{"property":764,"content":765},"article:modified_time","2026-05-29T13:23:50Z",{"tag":722,"attributes":767,"content":18},{"property":768,"content":40},"article:publisher",{"tag":722,"attributes":770,"content":18},{"name":771,"content":772},"twitter:card","summary",{"tag":722,"attributes":774,"content":18},{"name":775,"content":776},"robots","noindex",[778],{"value":779,"locale":32},"sorry-adobe-reader-were-not-letting-you",[781],{"value":42,"locale":32},"2019-02-11T17:16:00+01:00","Mitja Kolsek","2025-08-21T14:07:20+02:00","dnXB_oyNQvuvJoNX3QAoBQ",{"blocks":787,"links":857,"value":858},[788,803,817,831,845],{"id":789,"_modelApiKey":790,"__typename":791,"image":792},"X6fPxMzETJ2wr31X-IfHoQ","image","ImageRecord",{"alt":793,"url":794,"width":795,"height":510,"responsiveImage":796},"Security warning added to fix the Bad-PDF issue.","https://www.datocms-assets.com/166020/1757426137-badpdf_warning.png",558,{"srcSet":797,"webpSrcSet":798,"sizes":799,"src":794,"width":795,"height":510,"aspectRatio":800,"alt":793,"title":793,"bgColor":801,"base64":802},"https://www.datocms-assets.com/166020/1757426137-badpdf_warning.png?dpr=0.25 139w,https://www.datocms-assets.com/166020/1757426137-badpdf_warning.png?dpr=0.5 279w,https://www.datocms-assets.com/166020/1757426137-badpdf_warning.png?dpr=0.75 418w,https://www.datocms-assets.com/166020/1757426137-badpdf_warning.png 558w","https://www.datocms-assets.com/166020/1757426137-badpdf_warning.png?dpr=0.25&fm=webp 139w,https://www.datocms-assets.com/166020/1757426137-badpdf_warning.png?dpr=0.5&fm=webp 279w,https://www.datocms-assets.com/166020/1757426137-badpdf_warning.png?dpr=0.75&fm=webp 418w,https://www.datocms-assets.com/166020/1757426137-badpdf_warning.png?fm=webp 558w","(max-width: 558px) 100vw, 558px",1.86,"#b66600","data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAoHBwgHBhYIFAgLCg4QDQ0NEhkZDhEOGg4NFxUZGBYTFhUaHzcjGh0oHRUWJDUlKC0vMjIyGSI4PTcwPCsxMi8BCgsLDg0OFQ0OHC8cIhwvLy8vLy87Ly8vLy8vLy8vLy8vLy87Ly8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL//AABEIAA0AGAMBIgACEQEDEQH/xAAYAAACAwAAAAAAAAAAAAAAAAAAAgMEB//EAB0QAAICAgMBAAAAAAAAAAAAAAECAAMRMQVBUQT/xAAVAQEBAAAAAAAAAAAAAAAAAAACAP/EABcRAQEBAQAAAAAAAAAAAAAAAAAiEQL/2gAMAwEAAhEDEQA/ANXHHVDuOOPp9kSWsRuObGC7i3oZM/wUlcQld7XxuEqGX//Z",{"id":804,"_modelApiKey":790,"__typename":791,"image":805},"FqhBeh0bRIuiXfRtLzvnNg",{"alt":806,"url":807,"width":808,"height":809,"responsiveImage":810},"Attempting to load a remote style sheet via HTTP triggers a warning.","https://www.datocms-assets.com/166020/1757426137-xslt-http_warning.png",634,260,{"srcSet":811,"webpSrcSet":812,"sizes":813,"src":807,"width":808,"height":809,"aspectRatio":814,"alt":806,"title":806,"bgColor":815,"base64":816},"https://www.datocms-assets.com/166020/1757426137-xslt-http_warning.png?dpr=0.25 158w,https://www.datocms-assets.com/166020/1757426137-xslt-http_warning.png?dpr=0.5 317w,https://www.datocms-assets.com/166020/1757426137-xslt-http_warning.png?dpr=0.75 475w,https://www.datocms-assets.com/166020/1757426137-xslt-http_warning.png 634w","https://www.datocms-assets.com/166020/1757426137-xslt-http_warning.png?dpr=0.25&fm=webp 158w,https://www.datocms-assets.com/166020/1757426137-xslt-http_warning.png?dpr=0.5&fm=webp 317w,https://www.datocms-assets.com/166020/1757426137-xslt-http_warning.png?dpr=0.75&fm=webp 475w,https://www.datocms-assets.com/166020/1757426137-xslt-http_warning.png?fm=webp 634w","(max-width: 634px) 100vw, 634px",2.4384615384615387,"#192ee1","data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAoHBwgHBhEIDQgLDQ0WDiIWDQ0NDikSDRENFxUeGBYTFhUaHysjGh0oHRUWJDUlKC0vMjIyGSI4PTcwPCsxMi8BCgsLDg0OEA4FHDscFhwvLy8vLy8vOy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL//AABEIAAoAGAMBIgACEQEDEQH/xAAYAAACAwAAAAAAAAAAAAAAAAADBAECB//EAB4QAAEEAgMBAAAAAAAAAAAAAAEAAgMxBBIRITIF/8QAFgEBAQEAAAAAAAAAAAAAAAAAAgEA/8QAFhEAAwAAAAAAAAAAAAAAAAAAACFR/9oADAMBAAIRAxEAPwDTo/nQAWrHDgHXKEwnW0KQna0nQKDb8HHLPQUpVxOllQs6VQ//2Q==",{"id":818,"_modelApiKey":790,"__typename":791,"image":819},"cvThHIEoSk2vU4CWGxrCdQ",{"alt":820,"url":821,"width":822,"height":823,"responsiveImage":824},"ida","https://www.datocms-assets.com/166020/1757426137-ida.png",901,492,{"srcSet":825,"webpSrcSet":826,"sizes":827,"src":821,"width":822,"height":823,"aspectRatio":828,"alt":820,"title":820,"bgColor":829,"base64":830},"https://www.datocms-assets.com/166020/1757426137-ida.png?dpr=0.25 225w,https://www.datocms-assets.com/166020/1757426137-ida.png?dpr=0.5 450w,https://www.datocms-assets.com/166020/1757426137-ida.png?dpr=0.75 675w,https://www.datocms-assets.com/166020/1757426137-ida.png 901w","https://www.datocms-assets.com/166020/1757426137-ida.png?dpr=0.25&fm=webp 225w,https://www.datocms-assets.com/166020/1757426137-ida.png?dpr=0.5&fm=webp 450w,https://www.datocms-assets.com/166020/1757426137-ida.png?dpr=0.75&fm=webp 675w,https://www.datocms-assets.com/166020/1757426137-ida.png?fm=webp 901w","(max-width: 901px) 100vw, 901px",1.83130081300813,"#ffaa00","data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAoHBwgHBgoICBIVDRIVDhAQDQ0NFRENDREYFxYZGCIVIiEmHy0jGh0oHRYWJDUlKC0vMjIyGSI4PTcwPCsxMi8BCgsLAg0OHBAQHDseIh07Oy87Ly87Oy8vLzs1OzUvOy8vLy81Ly81Ly87Ly8vLy8vLy8vLy8vLy8vLy8vLy8vL//AABEIAA4AGAMBIgACEQEDEQH/xAAXAAADAQAAAAAAAAAAAAAAAAAAAgMG/8QAHRAAAgIBBQAAAAAAAAAAAAAAAAQBAwIFERIUIv/EABYBAQEBAAAAAAAAAAAAAAAAAAYCAf/EAB0RAAAGAwEAAAAAAAAAAAAAAAABAgYRMQQWUQP/2gAMAwEAAhEDEQA/ANLqbGzkSLU37Kamvj3IGoUw5AzJ8nIZ2EqNeigtDsw0BShXCXJAhOK4osYam9wf/9k=",{"id":832,"_modelApiKey":790,"__typename":791,"image":833},"NXKCIiIFSHC5kIKQogLu0w",{"alt":834,"url":835,"width":836,"height":837,"responsiveImage":838},"The security dialog that was micropatched into Adobe Reader.","https://www.datocms-assets.com/166020/1757426137-xslt-unc_patched_warning.png",544,240,{"srcSet":839,"webpSrcSet":840,"sizes":841,"src":835,"width":836,"height":837,"aspectRatio":842,"alt":834,"title":834,"bgColor":843,"base64":844},"https://www.datocms-assets.com/166020/1757426137-xslt-unc_patched_warning.png?dpr=0.25 136w,https://www.datocms-assets.com/166020/1757426137-xslt-unc_patched_warning.png?dpr=0.5 272w,https://www.datocms-assets.com/166020/1757426137-xslt-unc_patched_warning.png?dpr=0.75 408w,https://www.datocms-assets.com/166020/1757426137-xslt-unc_patched_warning.png 544w","https://www.datocms-assets.com/166020/1757426137-xslt-unc_patched_warning.png?dpr=0.25&fm=webp 136w,https://www.datocms-assets.com/166020/1757426137-xslt-unc_patched_warning.png?dpr=0.5&fm=webp 272w,https://www.datocms-assets.com/166020/1757426137-xslt-unc_patched_warning.png?dpr=0.75&fm=webp 408w,https://www.datocms-assets.com/166020/1757426137-xslt-unc_patched_warning.png?fm=webp 544w","(max-width: 544px) 100vw, 544px",2.2666666666666666,"#dd9e25","data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAoHBwgHBhUQFAgLDg0ODg8NBQ0LFRYOFg0YFxYZGBYfFhUaHysjHR0oHRUWJDUlKC0vMjIyGSI4PTcwPCsxMi8BCgsLDg4OEg0OHDsoFhwvLy8vLy87Ly8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vL//AABEIAAsAGAMBIgACEQEDEQH/xAAXAAADAQAAAAAAAAAAAAAAAAAAAgQH/8QAHRAAAQMFAQAAAAAAAAAAAAAAAgABAwQREjEyQf/EABUBAQEAAAAAAAAAAAAAAAAAAAIA/8QAGREAAgMBAAAAAAAAAAAAAAAAAFERISIC/9oADAMBAAIRAxEAPwDVRoYn9TvRRW2o4TK3TpzMrdOlbDlFL0MOO2QojkPHp0KthnlH/9k=",{"id":846,"_modelApiKey":847,"__typename":848,"video":849},"Aqb5f0SPSnu6qoJXgEiIbQ","video_external","VideoExternalRecord",{"url":850,"title":851,"thumbnailUrl":852,"height":853,"provider":854,"providerUid":855,"width":856},"https://www.youtube.com/watch?v=2aLAg3k-zvI","Sorry, Adobe Reader, We're Not Letting You Phone Home Without User's Consent (0day)","https://i.ytimg.com/vi/2aLAg3k-zvI/hqdefault.jpg",113,"youtube","2aLAg3k-zvI",200,[],{"schema":859,"document":860},"dast",{"type":861,"children":862},"root",[863,930,935,943,945,949,960,961,974,978,982,983,1005,1006,1010,1011,1015],{"type":864,"children":865},"paragraph",[866,871,881,884,886,893,895,902,904,907,909,912,920,921,928],{"type":867,"marks":868,"value":870},"span",[869],"emphasis","[Update 2/12/2019: Just one day after we had issued this micropatch, Adobe released an update of Adobe Reader DC that ",{"url":872,"meta":873,"type":12,"children":877},"https://helpx.adobe.com/security/products/acrobat/apsb19-07.html",[874],{"id":875,"value":876},"target","_blank",[878],{"type":867,"marks":879,"value":880},[869],"fixed the vulnerability",{"type":867,"marks":882,"value":883},[869],". We strongly recommend all users of Adobe Reader to apply Adobe's update, at which point our micropatch will automatically no longer get applied.]",{"type":867,"value":885},"\n\nToday we'll look at a fairly simple vulnerability in Adobe Reader DC that allows a PDF document automatically send an SMB request to attacker's server as soon as the document is opened. The vulnerability was published by ",{"url":887,"meta":888,"type":12,"children":890},"https://twitter.com/insertScript",[889],{"id":875,"value":876},[891],{"type":867,"value":892},"Alex Inführ",{"type":867,"value":894}," along with a proof-of-concept in a ",{"url":896,"meta":897,"type":12,"children":899},"https://insert-script.blogspot.com/2019/01/adobe-reader-pdf-callback-via-xslt.html",[898],{"id":875,"value":876},[900],{"type":867,"value":901},"detailed report",{"type":867,"value":903}," on Alex's blog and hasn't been patched at the time of this writing. ",{"type":867,"marks":905,"value":906},[869],"[Update 2/12/2019: the vulnerability was subsequently assigned CVE ID CVE-2019-7089.]",{"type":867,"value":908},"\n\nThis vulnerability, similar to CVE-2018-4993, the so-called",{"type":867,"marks":910,"value":911},[869]," ",{"url":913,"meta":914,"type":12,"children":916},"https://github.com/deepzec/Bad-Pdf",[915],{"id":875,"value":876},[917],{"type":867,"marks":918,"value":919},[869],"Bad-PDF",{"type":867,"value":911},{"url":922,"meta":923,"type":12,"children":925},"https://research.checkpoint.com/ntlm-credentials-theft-via-pdf-files/",[924],{"id":875,"value":876},[926],{"type":867,"value":927},"reported by CheckPoint",{"type":867,"value":929}," in April last year, allows a remote attacker to steal user's NTLM hash included in the SMB request. It also allows a document to \"phone home\", i.e., to let the sender know that the user has viewed the document. Obviously, neither of these is desirable.\n\nAt the time of this writing, the latest version of Adobe Reader DC, 2019.010.20069, is affected but older versions are likely in the same boat too.\n\n\n",{"type":931,"level":522,"children":932},"heading",[933],{"type":867,"value":934},"Analysis",{"type":864,"children":936},[937,939,941],{"type":867,"value":938},"\nTo understand the problem, let's start with the above-mentioned ",{"type":867,"marks":940,"value":919},[869],{"type":867,"value":942}," (CVE-2018-4993). The malicious PDF included a certain element that triggered automatic loading of another PDF from a remote share. Until Adobe Reader got patched, this happened without the user noticing anything, or being able to prevent it.\n\nAdobe patched this issue by adding a security warning that was shown to the user before making the request to a remote share:\n\n",{"item":789,"type":944},"block",{"type":864,"children":946},[947],{"type":867,"value":948},"\n\nThis warning allowed the user to decide whether to allow the potentially malicious document to \"phone home\" or not.\n\nNow on to the issue at hand: it is functionally identical (for attacker), just in a different place. While ",{"type":864,"children":950},[951,953,955,958],{"type":867,"marks":952,"value":919},[869],{"type":867,"value":954}," used an /F entry to load a remote file, this issue exploits loading a remote XML style sheet via SMB. Interestingly, if the document tries to do so via HTTP, there ",{"type":867,"marks":956,"value":957},[869],"is",{"type":867,"value":959}," a security warning there:\n\n",{"item":804,"type":944},{"type":864,"children":962},[963,965,972],{"type":867,"value":964},"\n\nHowever, when using a ",{"url":966,"meta":967,"type":12,"children":969},"https://msdn.microsoft.com/en-us/library/gg465305.aspx",[968],{"id":875,"value":876},[970],{"type":867,"value":971},"UNC path",{"type":867,"value":973}," (the type of path that denotes a resource in a shared folder), the loading occurs without a warning\n\n\n",{"type":931,"level":522,"children":975},[976],{"type":867,"value":977},"The Micropatch",{"type":864,"children":979},[980],{"type":867,"value":981},"\nThe Reader already implies the correct behavior by showing a security warning on loading a remote style sheet via HTTP, so we decided to add our own security warning for loading style sheets via UNC as well.\n\nWe started by locating the point where the HTTP-loading and UNC-loading execution paths diverge, and patch-in a warning for UNC paths. Finding said divergence point was relatively easy using Process Monitor: we caught CreateFile events on both HTTP and UNC loads, then compared their call stacks to see where the two execution paths said good-bye to each other. This turned out to be in function sub_208B3C53, the relevant code block of which is shown here:\n\n",{"item":818,"type":944},{"type":864,"children":984},[985,987,994,996,1003],{"type":867,"value":986},"\n\n\nBoth HTTP- and UNC-based style sheet loads reach the above code block, whereby an HTTP-based load never returns from the first call marked in red (it triggers an exception that Reader handles somewhere else), and a UNC load is implemented inside the second call marked in red.\n\nAs you can see from the comments in the code, we found where the file path resides before the second call (this required a little digging on the stack at that point). We verified it by changing said path on-the-fly in debugger to make sure the path-loading code actually uses that, and then we were ready to inject our patch.\n\nThere exists a handy Windows function called ",{"url":988,"meta":989,"type":12,"children":991},"https://docs.microsoft.com/en-us/windows/desktop/api/shlwapi/nf-shlwapi-pathisunca",[990],{"id":875,"value":876},[992],{"type":867,"value":993},"PathIsUNCA",{"type":867,"value":995},", which is already being used by Reader elsewhere to check whether a path is a UNC path (the \"A\" at the end denotes an ASCII path in contrast to a wide-char path). So we decided to first call this function to see if we have a UNC path, and then if we do, issue a prompt to the user. To do the latter, we used another well-known Windows function ",{"url":997,"meta":998,"type":12,"children":1000},"https://docs.microsoft.com/en-us/windows/desktop/api/winuser/nf-winuser-messageboxa",[999],{"id":875,"value":876},[1001],{"type":867,"value":1002},"MessageBoxA",{"type":867,"value":1004},". Based on user's response, we would then allow the UNC path to be loaded or not. The only thing to decide at this point was how to implement the \"not\", i.e., how to prevent the UNC path from loading if the user decided not to trust the document.\n\nIn such cases, we always want to keep things simple and minimize possible surprises. We therefore decided to simply empty the path string by putting a zero at its beginning, resulting in Reader trying to load an empty path. It does complain that it can't load it though but the exploit is blocked and, frankly, we're fairly confident that loading style sheets form UNC paths doesn't work at all because as much as we tried, Reader always encountered an error. So maybe UNC style sheets are not a supported use case at all but they did turn out to be a vulnerability.\n\nHere is the source code of our micropatch:\n\n\n\nMODULE_PATH \"..\\AffectedModules\\AcroForm.api_19.10.20064.48846_32bit\\AcroForm.api\"\nPATCH_ID 349\nPATCH_FORMAT_VER 2\nVULN_ID 4694\nPLATFORM win32\n\npatchlet_start\n\n PATCHLET_ID 1\n PATCHLET_TYPE 2\n PATCHLET_OFFSET 0x000b3f6b ; Injecting before the call towards loading\n                            ; a non-HTTP URL\n PIT Shlwapi.dll!PathIsUNCA,User32.dll!MessageBoxA\n\n code_start\n\n  push ecx ; save ecx so we don't corrupt it\n\n  mov eax, dword [eax+10h] ; at this point, the address of path\n                           ; is at [eax+10h]+4\n  add eax, 4\n  push eax\n  push eax ; we push the address of path twice as we may need it\n           ; in remediation too\n  call PIT_PathIsUNCA ; is it a UNC path?\n  test eax, eax\n  jz skip ; not a UNC path - skip the warning dialog\n\n  push 0x00000134 ; uType = MB_YESNO | MB_ICONEXCLAMATION | MB_DEFBUTTON2\n  call get_lpCaption\n  db \"Security Warning\",0\n get_lpCaption:\n  call get_lpText\n  db \"This document is trying to access a file on the network. If you trust this document, choose Yes. If you do not trust this document, choose No.\",0\n get_lpText:\n  push 0 ; hWnd = NULL\n  call PIT_MessageBoxA\n  cmp eax, 6 ; Did user click \"Yes\"?\n  je skip ; if so, skip remediation\n\n  ; Remediation: we'll simply delete the entire URL string by putting\n  ; a 0 at the beginning\n  pop eax ; pop the previously pushed path address\n  mov byte [eax], 0 ; put a 0 at the start of path\n  push eax ; we need to re-push something because we have a pop in the epilogue\n\n skip:\n  pop eax ; pop the additional address of path \n \n  pop ecx ; restore original ecx and continue to execute the call\n          ; towards loading the provided URL\n\n code_end\n\npatchlet_end \n\nWith this micropatch in place, opening the malicious document results in the following warning before a request is made to the remote server:\n\n",{"item":832,"type":944},{"type":864,"children":1007},[1008],{"type":867,"value":1009},"\n\n\nIf the user selects \"Yes\", the remote style sheet is loaded (whereby the SMB request delivers your NTLM hash to the remote server), and if they select \"No\", Reader complains about not being able to load the style sheet from and empty path. Done.\n\nWe asked Alex, the security researcher who found this issue, to test our micropatch and he was kind enough to confirm its efficiency against this attack. (Thanks, Alex, for your help! We encourage all security researchers to collaborate on creating and testing micropatches.)\n\nFor the visual types among you, here is a video of our micropatch in action:\n\n\n\n\n",{"item":846,"type":944},{"type":931,"level":522,"children":1012},[1013],{"type":867,"value":1014},"Conclusion",{"type":864,"children":1016},[1017,1019,1026,1028,1034,1036,1039,1041,1048,1050,1056],{"type":867,"value":1018},"\nAs always, if you have our Agent installed and registered, this micropatch is already on your computer - and applied to Adobe Reader whenever it loads AcroForm.api (that only happens when certain documents are opened). Otherwise, you can ",{"url":1020,"meta":1021,"type":12,"children":1023},"https://central.0patch.com/auth/register",[1022],{"id":875,"value":876},[1024],{"type":867,"value":1025},"register a free 0patch account",{"type":867,"value":1027}," and install 0patch Agent to get this micropatch applied to your Reader.\n\nNote that Adobe might issue an official fix for this issue tomorrow as they ",{"url":872,"meta":1029,"type":12,"children":1031},[1030],{"id":875,"value":876},[1032],{"type":867,"value":1033},"release",{"type":867,"value":1035}," their monthly Reader update, but if not, we'll quickly port the micropatch to the new Reader version to keep the vulnerability patched on your computers. ",{"type":867,"marks":1037,"value":1038},[869],"[Update 2/12/2019: Adobe did issue an official fix the next day.]",{"type":867,"value":1040},"\n\nCheers!\n\n",{"url":1042,"meta":1043,"type":12,"children":1045},"https://twitter.com/mkolsek",[1044],{"id":875,"value":876},[1046],{"type":867,"value":1047},"@mkolsek",{"type":867,"value":1049},"\n",{"url":699,"meta":1051,"type":12,"children":1053},[1052],{"id":875,"value":876},[1054],{"type":867,"value":1055},"@0patch",{"type":867,"value":1057},"\n \n\n\n",1780067939192]