Aaron Posted September 15, 2003 Posted September 15, 2003 (edited) This is a list of all the critical hotfixes you need for Windows XP Professional SP1 32-bit. Recommended Updates are excluded from this list as they are not always needed for every system, whereas the Critical Updates should be installed for every system. This list will be updated regularly and old ones removed when a newer hotfix supersedes it.Looking for the Office 2003 Updates list? Click here--------------------------------------------------Type 1 Hotfixes (Switches to use: Click here)Q819696 (23rd July 2003)Unchecked Buffer in DirectX Could Enable System CompromiseDownload - 800KBNote: This is for DirectX 8.1 on Windows XP, you do not have to download/install this if you plan to install DirectX 9.0c.Q823182 (14th October 2003)Vulnerability in Authenticode Verification Could Allow Remote Code ExecutionDownload - 424 KBQ824105 (3rd September 2003)Flaw in NetBIOS Could Lead to Information DisclosureDownload - 339 KBQ824141 (29th September 2003)Buffer Overrun in the ListBox and in the ComboBox Control Could Allow Code ExecutionDownload - 2.12 MBQ825119 (14th September 2003)Buffer Overrun in Windows Help and Support Center Could Lead to System CompromiseDownload - 299 KBQ826939 (14th September 2003)Update Rollup 1 for Windows XPDownload - 9 MBQ828026 (10th February 2004)Update for Windows Media Player URL Script Command BehaviorDownload - 2.77 MBQ828035 (29th October 2003)Buffer Overrun in Messenger Service Could Allow Code ExecutionDownload - 358 KBQ828741 (12th April 2004)Cumulative Update for Microsoft RPC/DCOMDownload - 3.2 MBQ833987 (14th September 2004)Buffer overrun in JPEG processing (GDI+) could allow code executionDownload - 1389KBQ835732 (12th April 2004)Security Update for Microsoft WindowsDownload - 2.6 MBQ837001 (12th April 2004)Vulnerability in the Microsoft Jet Database Engine Could Allow Code ExecutionDownload - 2.9 MBQ839645 (13th July 2004)Vulnerability in Windows Shell Could Allow Remote Code ExecutionDownload - 3.81 MBQ840315 (13th July 2004)Vulnerability in HTML Help Could Allow Code ExecutionDownload - 375 KBQ840374 (11th May 2004)Vulnerability in Help and Support Center Could Allow Remote Code ExecutionDownload - 854 KBQ841873 (13th July 2004)Vulnerability in Task Scheduler Could Allow Code ExecutionDownload - 882 KBQ842773 (13th July 2004)Update for Background Intelligent Transfer Service (BITS) 2.0 and WinHTTP 5.1Download - 635 KBQ883357 (13th August 2004)Your backup program may fail or incorrectly exclude some files from your backup in Windows XPDownload - 320KB--------------------------------------------------Type 2 Hotfixes (Switches to use: /Q:A /R:N)Q814078 Also known as JS56NEN.exe (19th March 2003)Flaw in Windows Script Engine May Allow Code to RunDownload - 361 KBQ816093Flaw in the Microsoft VM Could Enable System CompromiseWindowsUpdate Corporate (Search for 816093)Note: This is the MSJava 3810 Update, only download if you use SP1 and not SP1a. - 5.07 MBQ823353 (13th July 2004)Cumulative Security Update for Outlook Express (July 2004)Download 1.90 MBQ867801 (30th July 2004) *NEW*Cumulative Security Update for Internet Explorer 6 SP1Download - 2.77 MBQ870669 (2nd July 2004)Critical Update for Microsoft Data Access Components - Disable ADODB.Stream object from Internet ExplorerDownload 104 KB--------------------------------------------------MDAC - Requires different switch. Do not use this syntax directly in svcpack.inf. You can create a batch file to call out that syntax from svcpack.inf, or do it from GuiRunOnce:As outlined in the Technet article, install using: xxx_Q832483_MDAC_X86.EXE /C:"dahotfix.exe /q /n" /qwhere xxx is your language version.Q832483 (13th January 2004)Buffer overrun in an MDAC function could allow code executionDownload - 1.99 MB--------------------------------------------------NOT SVCPACK.INF SUPPORTED - Anything shown below must not be processed by svcpack. Instead, these should be installed on first logon to process silent unattended installations of these updates.Q817787 (Switch: /Q:A /R:N) (6th May 2003)Flaw in Windows Media Player Skins Downloading Could Allow Code ExecutionDownload - 360 KBNote: This is for Windows Media Player 8 on Windows XP, you do not have to install this if you plan to install Windows Media Player 9.Q817778 (Switch: Same as "type 1" switches) (23rd July 2003)Advanced Networking Pack for Windows XP - 1.21 MB--------------------------------------------------Extras (Switches to use: varies)These files can also be installed using svcpack.inf:DirectX 9.0c redist (Extract, and use /silent on dxsetup.exe) *NEW*WMP9 and MM2 Bundle (no switch needed)Tip: Make sure Q828026 is queued up after WMP9 in svcpack.inf.--------------------------------------------------Updates21st September 2004 - 2 new Type 1 updates added (833987 and 883357), both can be installed via svcpack.inf.30th July 2004 - New Cumulative update for Internet Explorer released (867801), this replaces the last cumulative update (832894) and all the ones before that. We stress that you remove all old IE cumulative updates from svcpack.inf to avoid issues.27th July 2004 - DirectX 9.0c is released, and is listed under Extras. The switch /silent can be used on dxsetup.exe. The DirectX 9.0b Security Update (Q839643) has been removed from the list, this is superceded by DirectX 9.0c which contains all past fixes, so you can remove this from your svcpack.inf file.13th July 2004 - Good news, all 5 updates marked *NEW* (4 in Type1, and 1 in Type2) can be installed via svcpack.inf without any difficulty. Remove Q837009.exe from both svcpack.inf and your svcpack folder as this is superseded by the newer OE Update.2nd July 2004 - New Critical Update workaround for Internet Explorer to protect against the Download.Ject exploit. KB870669 under Type 2 Hotfixes. I haven't had time to test this thoroughly, but install this after any MDAC patches you plan to install.13th June 2004 - DirectX update added Q839643, make sure you download the correct hotfix by reading the notes in brackets in this list.11th May 2004 - 1 new Windows XP Update today: Q840374 - Vulnerability in Help and Support Center Could Allow Remote Code Execution. You may also want to re-download Q837001, as it's been re-released. Edited September 26, 2004 by Alanoll
b0r3d Posted September 16, 2003 Posted September 16, 2003 Thanks AaronXP.This is a fantastic timesaver.Just make sure to keep it updated
Drewdatrip Posted September 16, 2003 Posted September 16, 2003 What adding a known and working batch cmd to install these files properly?My last install dident go so well! |Drew|
creopard Posted September 16, 2003 Posted September 16, 2003 you don't need Q329170 when you install Q817606 (both update the srv.sys, but Q817606 is newer)you don't need Q810577 when you install Q816073 (not listed here)you may also want to add Q818857 (IE 6 Patch) - Slow Performance When You Use Internet Explorer 6 SP1 to View MIME Type File Attachmentssee http://support.microsoft.com/default.aspx?kbid=818857download http://download.microsoft.com/download/c/4...705/q818857.exe (english only)
DaveXP Posted September 16, 2003 Posted September 16, 2003 I get some message about "Illgel DLL Relocation in user32.dll cause by shell32.dll" when use some of these hotfixes
Aaron Posted September 16, 2003 Author Posted September 16, 2003 you don't need Q329170 when you install Q817606 (both update the srv.sys, but Q817606 is newer)According to the Knowledge Base article Q817606, it says the following:Patch Replacement InformationThis patch does not replace any other patches.you don't need Q810577 when you install Q816073 (not listed here)816073 isn't downloadable :/ you may also want to add Q818857 (IE 6 Patch) - Slow Performance When You Use Internet Explorer 6 SP1 to View MIME Type File Attachmentssee http://support.microsoft.com/default.aspx?kbid=818857The urlmon.dll file (6.0.2800.1226) in the August 2003 Cumulative IE6SP1 patch supercedes the version of urlmon.dll (6.0.2800.1216) in the IE6SP1 update released yesterday. I don't know what prompted Microsoft to release this, but this cannot be installed if the August Cumulative patch is installed.This hotfix list was created from a normal install of XP SP1 I ran yesterday, viewed on WindowsUpdate
creopard Posted September 16, 2003 Posted September 16, 2003 816073 isn't downloadable :/get it at w2s
Aaron Posted September 16, 2003 Author Posted September 16, 2003 816073 isn't downloadable :/get it at w2s I could, but I won't. Other people can if they want, but this patch does need to go though additional internal testing before Microsoft choose to make it available to download officially. Non-official patches won't be added to the main list.
Aaron Posted September 16, 2003 Author Posted September 16, 2003 But thanks for your help though swgreed!
Sunil Posted September 16, 2003 Posted September 16, 2003 Hey Guys, are there any sites available out there that i can download all the patches for windows Xp in one giant file.
Aaron Posted September 17, 2003 Author Posted September 17, 2003 Yes, One of Keyser Soze's package has all the hotfixes which he released about a month ago. And another one at techconnect.http://www.MSFN.org/comments.php?id=4314
kenneth11zz Posted September 17, 2003 Posted September 17, 2003 Quick question. This is my first time installing hotfixes using the unattended installation for a clean installation. In the past, I have installed hoftixes on an existed Windows XP using Windows Updates that creates so many Uninstalls in the Remove and Install Program list. Will this also do the same that adds Uninstalls into the Remove and Install Program list which I hated it?-Kenneth
Recommended Posts