Anthony Wee

**Name of the Vulnerable Software and Affected Versions** Python (CPython) versions 3.6 through 3.6.10 Python (CPython) versions 3.7 through 3.7.6 Python (CPython) versions 3.8 through 3.8.1 **Description** An insecure dependency load upon launch on Windows 7 may result in an attacker's copy of `api-ms-win-core-path-l1-1-0.dll` being loaded and used instead of the system's copy. This issue does not affect Windows 8 and later. **Recommendations** For versions 3.6 through 3.6.10, consider updating to a version outside of this range to mitigate the risk. For versions 3.7 through 3.7.6, consider updating to a version outside of this range to mitigate the risk. For versions 3.8 through 3.8.1, consider updating to a version outside of this range to mitigate the risk. As a temporary workaround, consider restricting the use of the `api-ms-win-core-path-l1-1-0.dll` library on Windows 7 systems until a patch is available.