pointertovoid

As a consequence of the version numbers above, and IF I understand it properly, one only needs the following updates to get all latest files: 836111 838417 838989 843503 883528 890202 which supersede 817765 823086 838771 838921 841880 836111 solves a very specific problem and nearly everyone should be able to neglect it. Similarly, having 841880 instead of the uncommon 890202 should be as good for nearly everybody. These files aren't easily available at Microsoft, but people running an ENU W2k may get most of them by searching for the file name, like "Windows2000-KB838989-x86-ENU.EXE" and so on.

The table is plain text to help you copy it. In order to display your copy properly, you'll need a fixed width font (like Courier new) where you paste it, for instance an Html document or a text editor (Metapad does it). ------------------Sp4,R1,-----------------PAY-----WGA----------BSOD ----------------Security---883528-838771-838921-838989-843503-838417-836111-823086-817765-841880-890202-- ========================================================================================================= hidclass.sys----2195.6655------------------------6882---6882 (hidusb.sys)----2142.1 openhci.sys-----2195.6675------------------------6882---6940---- uhcd.sys--------2195.6655------------------------6882---6882---- usbarw.sys------2195.1620 usbcamd.sys-----2135.1------------------------------------------------6883-- usbd.sys--------2195.6658-----------------6882---6935---6935---7008-- usbehci.sys-----2195.6709------------------------6882---6882-- usbhub.sys------2195.6689----------6883---6884-----------------7006-- usbhub20.sys----2195.6655------------------------6891---6891-- usbintel.sys----2134.1 usbport.sys-----2195.6681------------------------6926---6941-- usbprint.sys----2195.6655---6968-- usbscan.sys-----2195.6655 usbser.sys------2195.6655--------------------------------------7006-- usbstor.sys-----2195.6655----------------------------------------------------6773---6871---6934---7009-- ========================================================================================================= ---------------------------883528-838771-838921-838989-843503-838417-836111-823086-817765-841880-890202-- Hidusb.sys and Usbser.sys exist only in Driver.cab on the observed Win2000.

Hello dear Windows 2000 users! This thread is an (ambitious...) attempt to list all patches released after SP4 and Rollup 1 to improve function, not security, of the files implementing USB on Win 2000. These patches aren't highly publicized by Microsoft (most were intended for an SP5 that was never published) and don't appear in automatic updates, so such a list isn't very common despite the patches may improve USB function for some users. Microsoft's warning in these patches' descriptions is that they haven't been tested enough, so one should use them only if experiencing the specific undesired behaviour that a patch cures. Anyway, at least we'll know they exist. To find the patches, I googled the filenames through support.microsoft.com in English only, which did take some time - hopefully saved to other users. This method certainly has limitations, so additions, improvements etc are welcome. The wise users of Gurgelmeyer's unofficial SP5 have all these files already in their latest possible versions - at least, this is what I saw in its i386 folder without having installed the uSP5. The only exception is Usbport.sys at v6926 instead of v6941, which is hard to explain, as only KB843503 brings Openhci.sys v6940 present in uSp5 and this KB843503 brings Usbport.sys v6941 as well. As a consequence, the uSp5 may benefit from KB843503. In the coming table, I shortened some repetitive numbers... So 1234 means version 5.0.2195.1234 123456 means KB123456 corresponding to these descriptions and patch file name: http://support.microsoft.com/kb/123456/en-us Windows2000-KB123456-x86-ENU.EXE (you must replace ENU by your language, like DEU ESN FRA PTB ITA, but should better stick to en-us!) The first version number is observed in an (old) Win2000 with SP4 and R1 that has all security patches up to January 2009 but no function patch more recent than R1 - that is, a rather common situation. Interestingly, all these files are ENU or ANY on the non-English Win2000 I observed (but ENU patches don't install). Well, here it comes...

Has somebody run Google Chrome on W2k using KernelEx or a similar adapter? I've tried the dirty tricks with the older Google Chrome, but it didn't work very well and may have damaged small parts on W2k. And is Google Chrome better (faster) that Firefox3 or Opera? Thanks!

Hello everybody! Having tried Xp, I'll stick to W2k, but I wish W2k had the Prefetch that really speeds up starting Windows and applications on Xp. I should have opened a thread before, sorry to have polluted the other: http://www.msfn.org/board/index.php?showto...13355&st=20 I feared adding the Prefetch would require in-depth modifications to W2k's kernel, but then I saw at Microsoft a description of the filesystem filters. From what I have (properly?) understood, any request to access a file goes through a stack of Windows programs, ending with the driver, but going through filters. These filters typically call antivirus software provided by independent companies, and this looks to me like a relatively easy way to add the prefetch feature. Imagine: the prefetch program (but call it an antivirus if Windows wants it) would ask Windows to be informed of every file or cluster any application requests and could keep notice of it as Xp does. After a few starts, the prefetch knows which files belong together: as the application's main file is started, the prefetch can request "for its own needs" to read the related files that the application will supposedly need and release these files as soon as they are in Ram where the application will find them. Apparently, we get the desired result, and it doesn't need any change in Windows - we just add a special application. Does this make sense? Marc Schaefer, aka Pointertovoid

Hi there, a few hints more: On an old mobo, adding a Pata adapter card on the Pci can also improve speed. It generally exceeds 137GB - independently of the Bios, avoid a risky flashing - and may add Raid functions. The best chip is by far Silicon Image's Sil-0680, any cheap eBay Chinese card using it is good. Win98 accesses as much as the Bios does (the adapter's Bios if any). No 137GB limit if the Bios has Lba48. But W98 doesn't access Ntfs normally. And a huge Fat32 gets inefficient, that's why W2k won't format a volume over 32GB in Fat32 (but uses it). W2k defrags volumes of any size but the cluster size of Ntfs must be 4kB. W2k's Defrag is way better (not as fast but better result) than its competitors. It runs slowly on Fat32. FDisk displays false information but works properly even over 137GB, provided you take the one from Win Me which is given officially by Microsoft as a patch to W98. Fat32 is limited to about 8TB per volume and Ntfs goes beyond BUT W98 and W2k are limited to 2TB disks. The solution is Gpt, available in W2k3-Vista-2k8 (and some Linux). GParted is definitely excellent but prefer older versions (v0.2.2) to the newer v0.3.7.7 which has only a qwerty keyboard, is badly translated, asks more questions during its slower boot. v0.2.2 already offers Gpt!

About the firewall for W2k using an Xp Api adapter: meanwhile I've heard of PC Tools Firewall Plus. Its v5 from end of January 2009 is multilingual, free, pretends to run on W2k and gets very good results at http://www.matousec.com/projects/firewall-...nge/results.php . Available there http://www.pctools.com , I still haven't tried. But if it's easy to tune and rather silent and lightweight, it will be a better follow-up to my Comodo 2.4 than risking a security software on an Xp adapter.

Here my proposal to accelerate hard disks: http://www.physforum.com/index.php?act=ST&...t=0#entry378273 and also download addresses for disk speed testing software. I was strongly disappointed by how slow flash memory is as compared to hard disks, though the access time looks so promising. The reason behind it is that the OS doesn't organize data randomly on a disk. Since Win98, Defrag (at least the original one by Microsoft - competitors are worse) groups files used simultaneously by one application or by Win; and since Xp, the prefetch mechanism loads these files in Ram before the application requests them, and even issues simultaneous multiple access requests to the disk, allowing Ncq to reoptimize the access sequence. In that way, the mean access time is a horribly pessimistic measure, as accesses aren't random on the disk. Since Win98, the application will find nearly all its files contiguous on the disk, and since Xp the application finds its files in the Ram before requesting them - Xp improves it further by reading them when they are easily accessible instead of waiting the application's request. So the mean time spent waiting for a file access is much less than needed to move the arm - the arm moves very little in fact. It is even lower than half a platter rotation with Xp - this explains why Xp accepts slower disks than W2k does. This brutal optimization brings little to flash memory. That's the reason why most flash Cf (even Slc) and Ssd are slower than a good 3.5" 7200/min disk and compete only against 2.5" 5400/min disks. Figures shown by HdTach or HdTune certainly look good for flash but don't reflect experienced computer speed. Atto is much better at predicting the experienced speed if you observe the throughput near 16kB files and keep an eye on write speed. For instance, Atto explains the experienced difference between Slc and Mlc Flash. For its measurements, Atto takes a file on the disk (the user should choose it near the size of his application) and issues requests (multiple requests, chosen by the user) to the disk. Q=1 is nearly what Win98-Me-2k do, Q>1 resembles Xp-2k3. By the way, defragmenting a Cf helps an awful lot as an experimental fact, whatever the reason is. I still haven't tried NtfsDisableLastAccessUpdate, it might improve Flash performance on Ntfs as writing delays are so long. Slowness issues with Flash are rather well-known and I hope some manufacturers (Intel?) have answered them, but be careful there are huge differences (look first at Slc / Mlc) and Flash does by no mean guarantee speed. Pointertovoid, aka Enthalpy

I've just tried eBoostr on W2k and the result is less than perfect. In short: W2k doesn't boot to the end any more, it restarts the machine at the point where services are launched. End of the experiment on my side. The W2k I used was minimal as I made a new installation on a separate disk and disconnected my useful disk and installation. Software is a bit like explosives: the more you use it, the less confidence you have. So this W2k was just Hfslip-streamed with patches and improvements available in December 2007 - I used the same Cd that successfully installed and repaired W2k on three machines including this one, and other options were as easy as possible: only the administrator session, one single volume, Windows in C:\Winnt, programs in C:\Program Files and documents in C:\Documents and Settings. The Flash memory is a quick Adata 266x 8GB, the fastest I've had up to now (measured with Atto), in a high quality CF-Pata adapter. This configuration can launch W2k a little bit faster than my J8160 does. I wish it were fixed. One more observation: apparently, eBoostr doesn't change much Windows (and probably not at all), it seems to add just a service and a program. This is excellent for stability, but... As W2k has already spent 2/3 of its boot time before launching the services, eBoostr can't cut much boot time - unless you have heavy squatters in your start operations, like Acrobat's and Open Office's so-called "accelerators", but against that MsConfig is more useful than any add-on.

About these Xp-to-2k converters: Would it be any wise to run a security software on them? I know this is a curious idea... But I like my Comodo firewall, whose v2.4 had good test results when it was new. Meanwhile, v2.4 is older and several malwares get through. Comodo's newer v3 is again tested as excellent but requires Xp... Just for information: I had BitDefender before, but it was destroyed (= made completely transparent) by C-Dilla as I told BitDef to stop C-Dilla. C-Dilla came with the Encyclopaedia Universalis. Don't buy Universalis nor BitDef. Then I had Jetico, nice piece of software, but a bit complicated, and which requires tuning for each user. Comodo is better in these two aspects and gets better test results. And is as well multilingual and free. So: completely foolish? Technically impossible? Or just a bit risky, but not more than sticking to v2.4?

Thank you friends! Found also the "Converter pack for Office 2003" here http://www.microsoft.com/office/orkarchive/2003ddl.htm which also works for o97-2k-Xp (whose converter packs have been retired) as stated there http://office.microsoft.com/fr-fr/download...0226201036.aspx it includes text import filters for Word 97 and above, so any Office 97-2000-Xp-2003 should read text from all these versions. This OCONVPCK.EXE v11.0.0.0 seems to be independent from the language. Now for the 2007 (= xml) formats... Import filters are here http://www.microsoft.com/downloads/details...;displaylang=en and are recommended for Office 2000sp3, 2002sp3, 2003sp1+ which doesn't tell about Office 97 Note that these 2007 filters weigh 27MB each and DO depend on the language, and they have a Service Pack 1 here http://www.microsoft.com/downloads/details...ec-0d68693ca564 which also weighs 26MB and DOES depend on the language, so take 53MB for each language. Mamma mia! DOCX2RTF can indeed be a better solution for 2003 formats. As for Open Office: open and free software certainly is sympathetic. But I regret Open Office is sooooo slow to start - that's why I have o97. Even worse, recent versions of Open Office do the same dirty trick as Adobe Pdf Reader: they preload some modules in RAM when Windows starts, so the user believes Windows is slow and Open Office is fast.

Hi Molecule and everybody! KB822831 brings only Newdev.dll v5.0.2195.6754 and no other file. R1 contains Newdev.dll v5.0.2195.6824, where all numbers are equal but one which is bigger. This makes me reasonably confident that R1's Newdev.dll is newer. Provided that KB822831 makes no other changes than files, then R1 should really supersede it. The explanation I see why KB822831 isn't in the list of KB included in the R1 (good detective job, I did mean 900345): because another KB superseded KB822831 and that newer one was included in the R1. -------------- For you folks, all security patches included in the Rollup 1, ordered by number ---------------- 329115 822343 822679 823182 823559 823980 824105 824141 824146 824151 825119 826232 828028 828035 828741 828749 830352 832359 834707 835732 837001 839643 839645 840315 840987 841356 841533 841872 841873 842526 867282 870763 871250 873333 873339 883935 885250 885834 885835 885836 888113 890047 890175 890859 890923 891711 891781 892944 893066 893086 ------------------------ And now all KB included in the Rollup 1, ordered by number --------------------------- 267316 293778 308337 310526 321936 325551 328237 329433 329647 329816 329900 810807 811525 811802 812024 812933 812944 813056 813130 813909 814135 814789 814822 815295 816255 816542 816560 816769 816813 816868 816869 816989 817261 817298 817354 817429 817433 817465 817532 817534 817892 818024 818134 818173 818396 818528 818635 818651 818810 818826 819499 819535 819636 819960 820550 820765 820767 820841 820888 821102 821107 821144 821240 821264 821425 821449 821464 821471 821653 821739 821873 822226 822360 822368 822377 822402 822428 822554 822568 822598 822601 822727 822751 822763 822779 822808 822834 822835 822849 823146 823272 823273 823642 823644 823684 823700 823747 823767 823954 824037 824110 824136 824152 824226 824281 824288 824302 824309 824337 824339 824375 824390 824424 824679 824801 824867 824873 824905 824910 824927 825004 825060 825311 825654 825760 825783 825784 825820 825952 825995 826026 826133 826216 826219 826289 826322 826353 826452 826482 826518 826820 826927 826929 827042 827181 827188 827209 827345 827493 827531 827535 827536 827592 827648 827652 827655 827684 827953 828146 828153 828297 828323 828325 828326 828346 828514 828531 828684 828692 828693 828739 828804 828865 828876 828942 828946 829120 829155 829246 829359 829485 829589 829729 829788 829808 830031 830176 830264 830379 830392 830464 830475 830515 830593 830639 830847 830852 830869 830878 830901 830924 831128 831185 831215 831264 831375 831409 831565 831571 831711 831712 831742 831754 831877 831895 832097 832099 832216 832338 832427 832484 832572 832615 832723 832762 832791 832821 832849 833123 833266 833281 833305 833314 833328 833414 833443 833512 833546 833613 833649 833659 833816 833868 833873 833880 833888 833993 834145 834251 834294 834424 834519 834541 834692 834728 834745 834792 834806 834819 834878 834935 834938 834940 835144 835281 835312 835481 835517 835554 835561 835596 835730 835763 835901 835961 836044 836084 836182 836506 836662 836720 836801 837067 837142 837161 837196 837384 837385 837443 837585 837754 837771 837841 838065 838141 838150 838151 838156 838283 838491 838637 838647 838804 838887 838898 839037 839045 839083 839229 839258 839406 839427 839540 839635 839654 839905 839918 839919 840049 840155 840214 840371 840723 840837 840916 840955 840997 841037 841054 841194 841382 841395 841461 841524 841617 841632 841692 841721 841819 841844 841933 841963 842092 842168 842251 842350 842382 842394 842437 842584 842591 842638 842644 842742 842743 842804 842839 843062 843254 843259 843261 843281 843284 843357 843404 843418 843528 843548 843557 843564 867429 867774 867778 867818 867856 870985 870997 871003 871004 871236 871245 872764 872790 872802 872804 872812 872949 872957 872965 872970 873343 873405 873444 883114 883498 883509 883516 883635 883639 883641 883669 884028 884056 884540 884559 884562 884587 884591 884843 884846 884865 884889 884897 885272 885275 885294 885458 885875 886664 887550 887598 887820 887961 887965 888243 888808 889081 890067 890212 890346 890749 890852 890856 890953 891076 891431 891577 891632 891714 891722 891874 892045 892476 892521 893354 893611 897574 898114 Nearly 10 times as many (hopefully without mistake): not bad for a rollup said to have only security patches!

Nice list, good job! KB822831 seems to be superseded by the Rollup 1. It brings Newdev.dll v5.0.2195.6754 but R1 contains 5.0.2195.6824. I know KB822831 is not in the short list of security updates included in the R1 and is not even a security update... Well, an other contents list for the R1, more difficult to find but at Microsoft as well, tells that the R1 contains more than just security updates! Another explanation would be that a true security concern needed the Newdev.dll v6824 after KB822831 brought it to v6754 but before R1 was issued. Has anyone tried to install KB822831 after R1 and observed (logfile for instance) if something is done?

Hello everybody! I have several Office97 on varied computers (from P1 mmx 200MHz with 128MB Edo to 2GHz P4) and I'm not planning to upgrade, since newer Office editions are too slow to my taste (they take over 1s to start even on recent machines) and don't bring features I feel useful. But then, the initial installation of Office97 can't read recent Office file formats - I don't need to write them. I know filters exist for that. I believe to have read that filters for Office2000 also work on Office97. Can somebody tell me which one I shall use (file name or web address if possible)? That would save me a good deal of time, as information about Office97 is evaporating quickly from Microsoft's site. Thank you!

O yes, I know this embarrassment very well... It can be worse: on a French Win95, I've had a German Excel and a Spanish FrontPage - and now, my French Word97 (and even non-Office applications) tells me "Enregistrer? Ja - Nein" and "Format de fichier : Formato Word6 para Win95". I don't laugh. What does work with Office97 FrontPage2000 Win95 Win2000 WinNt4 WinXp is use your nice Dutch licence to install an English software using an English Cd you borrowed (I have none, sorry). I guess it works with Office2002 as well. Only Oem vs full licences are not compatible, or Workstation vs Server etc, but licence languages are up to now. I'm not satisfied with it, since free software written by one or few persons often comes with 30 languages that you can switch when running, and Microsoft still doesn't do it properly. No, I won't advocate OpenOffice, which is so slow and now slows down Windows' start. If you find a good keyboard usable for all Western European languages with Latin alphabet (need Fr De Es Pt En It), please do tell me! I've seen some and I'm not very convinced.

I've just tried to install msxml2sp6-kb887606 on a working W2k sp4 r1 ie6.0sp1 Mdac2.8sp1 that already has up-to-date Xml3, Xml4 and Xml6. It is true that msxml2sp6-kb887606 wants to have msxml2.msi added to W2k before msxml2sp6 can be installed. Even more bizarre, both let W2k's Msxml.dll and Msxmlr.dll untouched - these are the old xml2 brought by Mdac and others. msxml2.msi adds xml2 files called Msxml2.dll and Msxmlr2.dll (note the "2" in the name) and msxml2sp6 updates Msxml2.dll. Now, considering that - Xml3 is supposed to replace Xml2 and take over all calls to Xml2 - Xml2 isn't maintained any more by Microsoft (since 2004 !) - But all these dll do have exposed entry points that a virus could - might - perhaps call - And neither msxml2.msi nor msxml2sp6 suppresses the older dll but add more unmaintained dll, I consider that adding msxml2.msi and msxml2sp6 brings no functionality but makes W2k weaker instead of stronger, and won't use them unless someone has other arguments in their favour. Has somebody tried to suppress Msxml.dll and Msxmlr.dll from W2k as well? As they aren't used by honest software any more, Win would be stronger without them. Wouldn't it?

Thanks for eBoostr! It looks interesting, as I have quite a good CF card (Adata 266x 8Go) and my Ram is limited to 512MB by the i815ep. However, my HD is excellent (J8160) and installing W2k on this CF didn't improve booting, so the improvement isn't certain. I fear eBoostr changes W2k in depth, and it also puts some documents on the CF, so I'll be very cautious with it and test it on a new W2k installation on a spare disk.

Xml2 files from W2k don't always bear a "2", and that's confusing. That is, the Msxml.dll v8.00.6730.0, Msxmla.dll and Msxmlr.dll that ship with W2ksp3 are Xml2. I refer to Microsoft's list: http://support.microsoft.com/kb/269238 This is why I believe the Xml2 installer KB823490 is not needed. Though, I didn't find in Microsoft's list KB269238 (linked above) a confirmation from Wiki's assessment, that installing Xml3 prevents applications from accessing Xml2. KB269238 says rather that MS06-61 defines a kill bit that prevents just Internet Explorer from using Xml2.6. So I still ignore if updating Xml2 is still necessary after installing Xml3.

And is there anything I can (legally) add to W2k to get Xp's prefetch mechanism? This speedup is the only advantage I see in Xp.

Xnview is available here, I too use it on W2k: http://pagesperso-orange.fr/pierre.g/xnview/frxnview.html small, fast, many formats, many languages, free. It includes an Explorer. As this Explorer integrates better with Xnview's other functions, I prefer it to Windows' Explorer now. For W95 (and 98-Me?) you need an older version here http://download.Xnview.com/old_versions 1824 works, 1936 doesn't I guess some kind of desktop.ini or folder.htt would change Windows' Explorer display style to Thumbs in the containing folder, but I didn't try since I've XnView.

Hello everybody! Updating the dtm of the folders can be disabled in the register (NtfsDisableLastAccessUpdate). No noticeable difference on a hard disk, but could be nice on a Compact Flash card or an SSD. Ntfs is faster if you search a file in a big tree of folders. Experiment, observe. My W2k defrags Ntfs much faster than Fat32. (No, Win's Defrag isn't bad. Yes, the result is better than with other Defrag suppliers. Listen to the difference and measure the times to start Win or applications) If your computer crashes, Fat32 often loses a file or several (recovered as chk0000, little usable). Ntfs, almost never. Very important to me. Do NOT use Ntfs' encryption (EFS). If you lose a user's profile and reinstall it with the same name and password, the data is lost because the key is different each time. Use another software, like Pgp or Gpg or what you want. I wouldn't use other Ntfs improvements neither, like dynamic volumes and their Raid features etc. Intuitively, they make data recovery much less probable after a crash. For data recovery on Ntfs, Ubuntu now can access Ntfs and comes on a bootable CD. And don't throw you old slow small hard drive away: install a W2k or Xp on it for all such operations. Ntfs does improve security quite a bit, PROVIDED you use Windows from a user's account that has no administrator privilege. Then, user's mistakes, as well as many virus, won't be able to harm the system nor other users' data. Well, almost... First, you must use Ntfs from the beginning and not convert it from Fat. Secondly, some virus use weaknesses to become administrators, or install as services or misuse existing services that are admin or system. But this is still an advantage important enough to me that I choose Ntfs and non-admin accounts. The maximum Fat32 volume size is about 8TB but most Windows are limited to 4TB disks (not volumes) anyway.

Hi TommyP and everybody! What about MsXml2 and MsXml3: I believe to understand from http://en.wikipedia.org/wiki/MSXML that Xml2.5 ships with W2k and comprises the file MsXml.dll (and MsXmlr.dll and MsXmla.dll, all without a number) and is replaced by Xml3 - could you confirm that no application can call Xml2.5 when Xml3 is installed? I'm not easy with Clsid. This would be a different case from Xml3, 4, 6 which can and should coexist side-by-side. In this case, my impression is that slipping Xml3, Xml4 and Xml6 with their latest Sp's makes W2k as up-to-date as possible, and that adding an Sp to Xml2 (as is proposed in TommyP's list) is less secure than adding Xml3. What's your opinion? The downloadable installer for Xml2 seems to be redundant with the one brought by W2k, and less good since it's not translated. For my own list, I don't check any more if an update is critical, as this takes me more time than noting all updates, and as Microsoft marks as uncritical some weakness that are critical to my eyes. As for PStore: I believe KB955417 is an awful lot more critical than announced by Microsoft - but if you plan to set your Win on Dutch or Portuguese you don't have to care.

KB955417 should be useful at least to French users of W2k-Xp-2k3... You may enjoy (or regret) the explanation by Microsoft here: http://support.microsoft.com/?scid=kb%3Ben...p;x=12&y=12 In short, if you install a W2k-Xp-2k3 in any language with the option "French-France" then you get a fixed "secret" key for your PStore, or "protected storage system". Yes, that's it: you have the very same key as the French interior minister has. PStore is where, for instance, Outlook Express stores your secret key to access your mail account. And many other programs do similar "secure" storages, it's there: HKEY_CURRENT_USER\Software\Microsoft\Protected Storage System Provider EFS, the file encryption by Ntfs (which should be avoided anyway for other reasons) as well stores the encryption key in PStore. I find the explanation by Microsoft interesting to read, as - Other countries had restrictive laws on cryptography in 1999. Did these allow a working PStore then? Or don't they allow a patch now? - French law allowed cryptography with short keys (about 40 bits) then, if memory serves. It would have been easy to truncate the key to 40 bits instead of zero bit, to my feeling. - And with 40 bits keys, Microsoft could have disclosed this restriction. With zero bit keys, all the user's interface gives the impression of a properly working PStore. - French law changed in 1999 to allow 128 bits and shortly later to allow any key length without governmental approval. W2k had an Sp1, Sp2, Sp3, Sp4, R1 and about 70 patches before KB955417 was issued in 2008. Xp appeared 2 years after the 1999 law and had an Sp1, Sp2 and Sp3. W2k3 appeared 4 years after 1999 and had an Sp1 and Sp2. (As for Nt4, Microsoft doesn't issue any patch more, so it's everyone's guess whether the unique secret key impacted it or not) - KB955417 is not published as a security bulletin, but rather as a kind of "function improvement" covered by Wga... Though, my feeling is that the unique key does impact security. So may I express the shadow of my doubt whether Microsoft had all the necessary freedom to improve this weakness quickly? Microsoft's proposal with KB955417 is that it recreates the account's PStores with a new, this time random, secret key, and transfers the contents of PStore. This sounds good, and gives us all reason to use KB955417 with confidence. Another parry (can probably be combined with KB955417) to be considered would be, at least for new installations of W2k-Xp-2k3, to choose the "French-Switzerland" or "French-Canada" option (or any free country) when creating the administrator account and later any user account, and switch to "French-France" for normal use if this is of any advantage. May I point out that, since any foreign governmental agency knows as much as the French do, such a weakness on nearly all computers in France may be fine for some French governmental agencies, but is not the country's best interest?

Hello everybody! Happy new year to all. I've been following this thread for some time and used HfSlip with pleasure. In TommyP's list from January (updated 1/13/09 4:56 PM), I can still see KB951071 which I believe is obsolete. (Another forum member already noticed it in December). From my notes, MS08-065 KB951071 replaces MS07-065 KB937894 Thanks to TommyP for his list, it really helps. Bye! Edited: I've just read "Another spammer" instead of "Another forum member" in my post. I certainly didn't mean spammer, and I'm quite sure I didn't write it. I fear my account is pirated.