Windows 2000 SP4 Rollup Released

Hey Hey,

I thought this might be of interest to those of you still running Windows 2000 in case you ever have to do a reinstall (What?? That happens with MS Products?)...

Anyways, they've released a rollup to SP4 which is available at http://www.microsoft.com/downloads/d...DisplayLang=en

KB Information on the subject is available here.

Included patches and fixes are:

Quote:

---

MS02-050 Certificate validation flaw might permit identity spoofing 317636
MS03-030 Unchecked Buffer in DirectX Could Enable System Compromise 819696
MS03-022 Vulnerability in ISAPI Extension for Windows Media Services may cause code execution 822343
MS03-025 Flaw in Windows message handling through Utility Manager could enable privilege elevation 822679
MS03-041 Vulnerability in Authenticode Verification Could Allow Remote Code Execution 823182
MS03-023 Buffer overrun in the HTML converter could allow code execution 823559
MS03-026 Buffer Overrun in RPC May Allow Code Execution 823980
MS03-034 Flaw in NetBIOS could lead to information disclosure 824105
MS03-045 Buffer overrun in the ListBox and in the ComboBox Control could allow code execution 824141
MS03-039 A buffer overrun in RPCSS could allow an attacker to run malicious programs 824146
MS03-044 Buffer overrun in Windows Help and Support Center could lead to system compromise 825119
MS03-042 Buffer Overflow in Windows Troubleshooter ActiveX Control Could Allow Code Execution 826232
MS03-043 Buffer overrun in Messenger service could allow code execution 828035
MS03-049 Buffer Overrun in the Workstation Service Could Allow Code Execution 828749
MS03-008 Flaw in Windows Script Engine may allow code to run 814078
MS04-007 An ASN.1 vulnerability could allow code execution 828028
MS04-008 Vulnerability in Windows Media Services could allow a Denial of Service attack 832359
MS04-012 Cumulative Update for Microsoft RPC/DCOM 828741
MS04-006 A vulnerability in the Windows Internet Name Service (WINS) could allow code execution 830352
MS04-011 Security Update for Microsoft Windows 835732
MS04-014 Vulnerability in the Microsoft Jet Database Engine could permit code execution 837001
MS04-016 Vulnerability in DirectPlay could allow denial of service 839643
MS04-024 A vulnerability in the Windows shell could allow remote code execution 839645
MS04-023 Vulnerability in HTML Help could allow code execution 840315
MS04-020 A vulnerability in POSIX could allow code execution 841872
MS04-022 A vulnerability in Task Scheduler could allow code execution 841873
MS04-019 A vulnerability in Utility Manager could allow code execution 842526
MS04-030 Vulnerability in WebDAV XML message handler could lead to a denial of service 824151
MS04-032 Security update for Microsoft Windows 840987
MS04-037 Vulnerability in Windows shell could allow remote code execution 841356
MS04-031 Vulnerability in NetDDE could allow remote code execution 841533
MS04-045 Vulnerability in WINS could allow remote code execution 870763
MS04-043 Vulnerability in HyperTerminal could allow code execution 873339
MS04-044 Vulnerabilities in Windows Kernel and LSASS could allow elevation of privilege 885835
MS04-041 A vulnerability in WordPad could allow code execution 885836
MS05-003 Vulnerability in the Indexing Service could allow remote code execution 871250
MS05-008 Vulnerability in Windows shell could allow remote code execution 890047
MS05-011 Vulnerability in server message block could allow remote code execution 885250
MS05-010 Vulnerability in the License Logging service could allow code execution 885834
MS05-015 Vulnerability in hyperlink object library could allow remote code execution in Windows Server 2003 888113
MS05-001 Vulnerability in HTML Help could allow code execution 890175
MS05-013 Vulnerability in the DHTML editing component ActiveX control could allow code execution 891781
MS05-002 Vulnerability in cursor and icon format handling could allow remote code execution 891711
MS05-012 Vulnerability in OLE and COM could allow remote code execution 873333
MS05-016 Vulnerability in Windows Shell that could allow remote code execution 893086
MS05-019 Vulnerabilities in TCP/IP could allow remote code execution and denial of service 893066
MS05-017 Vulnerability in MSMQ could allow code execution 892944
MS05-018 Vulnerabilities in Windows kernel could allow elevation of privilege and denial of service 890859
MS05-020 Cumulative security update for Internet Explorer 890923
MS03-022 Vulnerability in ISAPI Extension for Windows Media Services may cause code execution 822343
MS05-014 Cumulative security update for Internet Explorer 867282

---

Peace,
HT

Thanks HT~

Quote:

---

(What?? That happens with MS Products?)...

---

No, it doesn't.............Gates has a low pain threshold and he knows that I know where he lives :D

Actually, it is quite a nice operating system IMHO (well this is a P4 2.26 with 1024Mb of PC 2700 :) )

OK I have had it with HDD failures but otherwise pretty sound. Same story with XP Pro..............

Ack Phtt!..............Gates is trying to put me out of business?

Thank God for skiddies, adware and spyware merchants :D

Quote:

---

Originally posted here by nihil
Thanks HT~



No, it doesn't.............Gates has a low pain threshold and he knows that I know where he lives :D

Actually, it is quite a nice operating system IMHO (well this is a P4 2.26 with 1024Mb of PC 2700 :) )

OK I have had it with HDD failures but otherwise pretty sound. Same story with XP Pro..............

Ack Phtt!..............Gates is trying to put me out of business?

Thank God for skiddies, adware and spyware merchants :D

---

Hey Hey,

I can't say I've got any real complaints with XP Pro... It's quite stable for me... I never experienced 2000, we ran it one semester at school and had a bunch of courses covering the inner works of 2000 but I never had it on a leisure machine... Maybe I'll throw it on one of my old 350s and see how it holds up.

Peace,
HT

xp is a prettie version of 2000 imho.

Well it has some extra stuff like better drivers.

win2000 has been my os of choice of os for a long time. I take a copy of the install cd with a sp4 slipstream in my toolkit. Looks like that cd is going to need replacing now.

Quote:

---

xp is a prettie version of 2000 imho.

---

I beg to disagree,Win xp is far more stable platform when compared to 2000,Pretty and stable this can be used both for office and home alike.
A lot of stablity Tests have been done on it and it proved it self to be superior to win 2000

According to the Update page...

Quote:

---

This update consists of previously released recommended, critical and security updates for Windows 2000, rolled into one convenient package. Installing this item provides you the same results as installing the individual updates. After you install this item, you may have to restart your computer

---

now...if these are ' previously released ' updates then, I assume, if you've kept your system updated...you don't need this package?
I am, of course, working from the assumption that Microsoft understands the definitions of ' previously released ' and ' same results '.

Or...am I wrong?

I certainly don't want to spend 2 hours and 12 minutes downloading something I already have.

Eg ;)

Quote:

---

Originally posted here by Egaladeist
According to the Update page...

now...if these are ' previously released ' updates then, I assume, if you've kept your system updated...you don't need this package?
I am, of course, working from the assumption that Microsoft understands the definitions of ' previously released ' and ' same results '.

Or...am I wrong?

I certainly don't want to spend 2 hours and 12 minutes downloading something I already have.

Eg ;)

---

Eg, think new install.

True, but for new installs... Its been a pain to install 2k with sp4 only to go out to windows update (or WUS) and find another 50+ updates (many of which require individual install and reboots).

Even after loading xp sp2 you have another 30+ updates to apply.

It will def. help out for me.

Thanks for the heads up!

We are still running many copies of W2K here at work - I actually prefer it over XP Pro. I still do active installs of W2K so this should save me a little bit of time in the future...

Yes, the consolidated update is certainly for reinstallation scenarios. Over here I would expect to find it on the cover CDs of most of the PC magazines next month.

I have always found WIN2000 very stable, and much more tolerant of lower system specifications than XP. I think that is the reason why it is still very popular. A lot of organisations such as non-profit, military, government, education and healthcare cannot afford to indulge in a large scale hardware and software upgrade.

Even if they had the money IT would never get the budget. Let's face it folks, we are at the bottom of the food chain, particularly if what is already there still works to the satisfaction of the users. What they frequently have to do is wait for natural replacement to reduce the one-off cost to an acceptable level before going to WinXP.

My view of WinXP is that it is a sort of hybrid, or cross between Win2000 and WinME. It has the stability and security of Win2000 with the fancier user interface of WinME. It also has the recovery mechanism of WinME. Obviously MS have tried to improve things as well, but those seem to be its origins.

:)

I'm about to load Win2k onto my aunt's machine ............
and as pointed out, it IS a pain to load W2K + SP4 and STILL need a bucketful of 'extras'.

I also carry a copy on CD. Need to get into the burning seat again :)

Nice find ..........

If you haven't installed this, you may not ant to just yet on production. a few networks are getting hosed by it.

Gore It is funny you should say that. Earlier this week I was trying to update a Win2000 machine and the download was taking so long I kept cancelling the job. There were 14 items for about 13MB.

Last night I tried again. There were 12 items for around 42Mb. It downloaded and installed in around 15 minutes :confused:

I think MS had a problem? because I downloaded other stuff at normal speed.

:)

Well, it seems they suggest everyone should install even if their system is fully updated...

Quote:

---

Q3: Should I install Update Rollup 1 even if I have kept my Windows 2000 SP4 systems up to date?
A3: Yes. Update Rollup 1 contains additional important fixes in files that have not previously been part of individual security updates, as described in the Knowledge Base Article. In addition, the Update Rollup 1 contains additional enhancements that increase system security, reliability, reduce support costs, and support the current generation of PC hardware. In some cases, the individual binary files released in previous individual security updates may have been updated via individual hotfixes to address minor compatibility issues introduced in those prior security updates that affected individual customers. The latest versions of those files are included in the Update Rollup.

Therefore, even if a system is fully up to date with prior security releases, Windows Update will still detect and apply the Update Rollup. Customers who use managed security update deployment solutions should evaluate the need to deploy Update Rollup 1 within their infrastructure

---

and...as far as ' issues ' are concerned...apparently the update actually shuts down some security features...

Quote:

---

after you install the Update Rollup 1 for Windows 2000 Service Pack 4 (SP4) that was released on June 28, 2005 on a Microsoft Windows 2000-based computer, the following Internet Security Systems (ISS) products stop running and the increased protection provided by these products is disabled:
• RealSecure Desktop 3.6 with XPU versions ENO, ENP, and ENQ
• RealSecure Desktop 7.0 with XPU versions ENO, ENP, and ENQ
• BlackICE Agent for Server 3.6 with XPU versions ENO, ENP, and ENQ
• BlackICE PC Protection 3.6 with XPU versions CNO, CNP, and CNQ
• BlackICE Server Protection 3.6 XPU versions CNO, CNP, and CNQ
The affected ISS products generally stop running within one to two minutes after you start the computer.

Note ISS X-Press Updates (XPUs) are signature and driver updates that are required for the most current security protection. The XPUs listed here are significantly older than the current XPU versions. As a precautionary measure, Windows Update will not offer the revised MS05-019 security update to computers that are running these programs until a more recent XPU has been installed. Also, if the following ISS programs are installed, users of the affected computer may not be notified to install the revised version of security update MS05-019. This behavior occurs because the following programs also may contain an affected version of the affected file. However, the following programs are not affected. Therefore, you can manually install the revised version of security update MS05-019 or the Update Rollup 1 for Windows 2000 SP4.

---

both from the same site...

http://support.microsoft.com/kb/901159/
Some Internet Security Systems products stop running after you install the revised MS05-019 security update or after you install the Update Rollup 1 for Windows 2000 SP4 on a Windows 2000-based computer

Eg ;)

Hi guys!

Just did updating with some of our servers here with Win2K just last Tuesday. SP4 and couple of Security updates (POST-SP4) as well. The idea of having a consolidated version of these patches is handy for Sys Ads and the like. Time to burn some.

Thanks for the info, HTRegz.

By the way, just a side-note, Win 2000 had been really out there for quite some time as well as Win XP, but for mid-size corporation doing server apps and other integration, Win 2K and the latter Win 2K3 would be the bet. We used Win XP Pro more on our Workstation Boxes and very reliable especially in Remote Desktop Connections, thereby accessing the Servers from it.

Yo!