the_guy

Changelog: August 15-Added 950974, 951066, 952954, 953838, and 953839. Removed 941202, 950759, and 950760. July 10-Added 951746 and 951748. Removed 941644 and 941672. June 27-Added 953235, 951698, 950760, 950759, 950749, and 948745. Removed 948881, 947864, 946538, and 941568. April 18-Added 941693, 945553, 947864, 948590, and 948881. Removed 938829 and 944533. March 5-Added 942831, 944533, 946538, and 947890. Removed 921503, 926122, and 942615. January 10-Added 941644 and 943485. Removed 917953. Fixed typos. December 16-Added 937894, 941568, 941569, and 942615. Removed 904706, 923689, and 939653. November 16-Added 941672. Removed 935966. October 10-Added 923810, 933729, 939653, and 941202. Removed 917736, 923694, and 937143. Updated Roots Certificate Update. September 16-Added 938827. Removed 932168 August 25-Fixed 937413 with correct 937143. August 14-Added 921503, 936227, 936782, 937413, 938127, 938829, and Windows Script 5.7. Removed 917734, 924191, 929969, 933566, and Windows Script 5.6. July 11-Added 926122. Updated Roots Certificate Update. June 20-Added 933566, 935839, and 935840. Removed 917422 and 931768. May 11-Added 931768 and 935966. Removed 928090. April 14-Added 925902, 932168, 930178, and 931784. Removed 920958, 896424, and 912919. February 17-Added 928843, 927779, 926436, 924667, 918118, and 928090. Removed 925454, 911562, and 922616. January 10-Added 929969. Removed 925486. December 19-Added 925454, 926247, 923694, 923689 and 925398. Removed 911567 and 922760. November 17-Added 923980, 922760, 920213, and 924270. Removed 918899, 890046 and 921883. October 10-Added 923191, 924191, and 923414. Removed 917159. September 26-Added 925486. Updated 920958 to version 2. Noted that a new version of the Roots Certificate Update was released. September 13-Added 920685 and 922582. Updated 918899 to version 3 (both versions of IE). August 9-Added 917008, 917422, 918899, 920670, 920683, 920958, 921398, 921883, and 922616. Removed 916281 and 908523. Legend: Windows Internet Explorer 5.01 SP4/FDV's Fileset Internet Explorer 6.0 SP1 DirectX 7.0 DirectX 9.0c Windows Media Player 9 *Server Only* **New Update** February 2005: 842773: An update package that includes BITS 2.0 and WinHTTP 5.1 is available for Windows Server 2003, for Windows XP, and for Windows 2000 May 2005: 893803: Windows Installer 3.1 (v2) is available June 2005: 896358 - MS05-026: A vulnerability in HTML Help could allow remote code execution July 2005: 901214 - MS05-036: Vulnerability in Microsoft Color Management Module could allow remote code execution August 2005: 893756 - MS05-040: Vulnerability in Telephony service could allow remote code execution *899591 - MS05-041: Vulnerability in Remote Desktop Protocol could allow denial of service* 899587 - MS05-042: Vulnerabilities in Kerberos could allow denial of service, information disclosure, and spoofing 896423 - MS05-043: Vulnerability in Print Spooler service could allow remote code execution Then install: 908506: You may be unable to print to a network printer after you install security update 896423 on a computer that is running Windows 2000 with Service Pack 4 September 2005: 891861: Update Rollup 1 for Windows 2000 SP4 and known issues October 2005: 905414 - MS05-045: Vulnerability in Network Connection Manager Could Allow Denial of Service 899589 - MS05-046: Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution 905749 - MS05-047: Vulnerability in Plug and Play could allow remote code execution and local elevation of privilege 901017/907245 - MS05-048: Vulnerability in the Microsoft Collaboration Data Objects could allow code execution (Windows) 900725 - MS05-049: Vulnerabilities in Windows Shell Could Allow Remote Code Execution January 2006: 908519 - MS06-002: Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution April 2006: 908531 - MS06-015: Vulnerability in Windows Explorer Could Allow Remote Code Execution May 2006: 913580 - MS06-018: Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service June 2006: 911280 - MS06-025: Vulnerability in Routing and Remote Access Could Allow Remote Code Execution 914389 - MS06-030: Vulnerability in Server Message Block Could Allow Elevation of Privilege July 2006: 917537 - MS06-034: Vulnerability in Internet Information Services that use Active Server Pages could allow remote code execution 914388 - MS06-036: A vulnerability in the DHCP Client Service could allow remote code execution August 2006: 920683 - MS06-041: Vulnerability in DNS resolution could allow remote code execution 917008 - MS06-044: Vulnerability in Microsoft Management Console could allow remote code execution 921398 - MS06-045: Vulnerability in Windows Explorer could allow remote code execution 920670 - MS06-050: Vulnerabilities in Microsoft Windows Hyperlink Object Library could allow remote code execution September 2006: 920685 - MS06-053: Vulnerability in Indexing Service Could Allow Cross-Site Scripting 922582: Error message when you try to update a Microsoft Windows-based computer: "0x80070002" REQUIRES UPDATE ROLLUP 1 (891861)! October 2006: 923191 - MS06-057: Vulnerability in Windows Explorer Could Allow Remote Execution 923414 - MS06-063: Vulnerability in Server Service Could Allow Denial of Service November 2006: 923980 - MS06-066: Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution 920213 - MS06-068: Vulnerability in Microsoft Agent Could Allow Remote Code Execution 924270 - MS06-070: Vulnerability in Workstation Service Could Allow Remote Code Execution December 2006: 926247 - MS06-074: Vulnerability in Simple Network Management Protocol (SNMP) could allow remote code execution 925398 - MS06-078: Vulnerability in Windows Media Player 6.4 could allow remote code execution February 2007: 928843 - MS07-008: A vulnerability in the HTML Help ActiveX control could allow remote code execution 927779 - MS07-009: Vulnerability in Microsoft Data Access Components could allow remote code execution 926436 - MS07-011: Vulnerability in Microsoft OLE Dialog could allow remote code execution 924667 - MS07-012: Vulnerability in Microsoft Foundation Classes could allow for remote code execution 918118 - MS07-013: Vulnerability in Microsoft RichEdit could allow remote code execution April 2007: 925902 - MS07-017: Vulnerabilities in GDI Could Allow Remote Code Execution 930178 - MS07-021: Vulnerabilities in CSRSS Could Allow Remote Code Execution 931784 - MS07-022: Vulnerability in Windows Kernel Could Allow Elevation of Privilege June 2007: 935840 - MS07-030: Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution 935839 - MS07-035: Vulnerability in Win 32 API Could Allow Remote Code Execution August 2007: 936227 - MS07-042: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution September 2007: 938827 - MS07-051: Vulnerability in Microsoft Agent Could Allow Remote Code Execution October 2007: 923810 - MS07-055: Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution 933729 - MS07-058: Vulnerability in RPC Could Allow Denial of Service December 2007: 937894 - MS07-065: Vulnerability in Message Queuing Service could allow remote code execution in Windows XP and in Windows 2000 January 2008: 943485 – Vulnerability in LSASS Could Allow Local Elevation of Privilege February 2008: 942831 - MS08-005: Vulnerability in Internet Information Services could allow elevation of privileges 947890 - MS08-008: A vulnerability in OLE Automation could allow remote code execution April 2008: 945553 - MS08-020: Vulnerability in DNS Client Could Allow Spoofing 948590 - MS08-021: Vulnerabilities in GDI Could Allow Remote Code Execution 941693 - MS08-025: Vulnerability in Windows Kernel Could Allow Elevation of Privilege May 2008: 950749 - MS08-028: Vulnerability in the Microsoft Jet Database Engine could allow remote code execution June 2008: *948745 - MS08-034: Vulnerability in WINS Could Allow Elevation of Privilege* *953235 - MS08-035: Vulnerability in Active Directory Could Allow Denial of Service* July 2008: *951746 - MS08-037: Description of the security update for DNS in Windows Server 2008, in Windows Server 2003, and in Windows 2000 Server (server-side): July 8, 2008* 951748 - MS08-037: Description of the security update for DNS in Windows Server 2003, in Windows XP, and in Windows 2000 Server (client side): July 8, 2008 August 2008: **952954 - MS08-046: Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution** **950974 - MS08-049: Vulnerabilities in Event System Could Allow Remote Code Execution** Internet Explorer 5.01 SP4 918439 - MS06-022: Vulnerability in ART image rendering could allow remote code execution This update requires the AOL Image Support Update installed first. 917344 - MS06-023: Vulnerability in Microsoft JScript Could Allow Remote Code Execution 938127 - MS07-050: Vulnerability in Vector Markup Language Could Allow Remote Code Execution **953838 - MS08-045: Cumulative Security Update for Internet Explorer** **951066 - MS08-048: Security Update for Outlook Express and Windows Mail** This update replaces previous Cumulative security update for IE 950759 **953839: Cumulative Security Update for ActiveX** Roots Update direct download link UPDATED September 25 2007! Windows Script 5.7.0.16535 direct download link IE with FDV's Fileset **953838 - MS08-045: Cumulative Security Update for Internet Explorer** This update replaces previous Cumulative security update for IE 950759 **953839: Cumulative Security Update for ActiveX** Internet Explorer 6.0 SP1 905495 - MS05-044: Vulnerability in the Windows FTP client could allow file transfer location tampering 918439 - MS06-022: Vulnerability in ART image rendering could allow remote code execution This update requires the AOL Image Support Update installed first. 938127 - MS07-050: Vulnerability in Vector Markup Language Could Allow Remote Code Execution **953838 - MS08-045: Cumulative Security Update for Internet Explorer** This update replaces previous Cumulative security update for IE 950759 **951066 - MS08-048: Security Update for Outlook Express and Windows Mail** **953839: Cumulative Security Update for ActiveX** Roots Update direct download link UPDATED September 25 2007! Windows Script 5.7.0.16535 direct download link DirectX 7.0 951698 - MS08-033: Vulnerabilities in DirectX Could Allow Remote Code Execution DirectX 9.0c 951698 - MS08-033: Vulnerabilities in DirectX Could Allow Remote Code Execution Windows Media Player 9 911564 - MS06-006: Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution 936782 - MS07-047: Vulnerability in Windows Media Player Could Allow Remote Code Execution 941569 - MS07-068: Vulnerability in Windows Media file format could allow remote code execution ----------------------------------------------------------------------------------------------------------------------------- This checked as of August 15, 2008. Please tell me any inaccuracies with high priority updates ONLY. the_guy

Actually, 901017 is the Windows vulnerability. 907245 is the same thing, but it is confusing. 906780 is for Exchange. They all use MS05-048. It is the same vulnerability. Confusing, true. the_guy

I could do Windows 2000. I am going on vacation for a few days so I could maintain it whenever I get back.

HFSLIP directly integrates it all. I must have confused you. It does the runonceEx to other programs, NOT IE6/DX9. Just be sure to have the latest version. the_guy

OK I'm confused. Is it a Windows update or IE update? IE6.0sp1-KB905495-Windows2000-x86-ENU.exe should clearly go into HF if your're slipstreaming IE6. But what if you're not slipstreaming IE6? Can you drop it from HF if you're using FDV's fileset or going with IE5? BTW, just wondering, but what is the logic on sticking with IE5. Support for IE5 has dropped so no more hotfixes coming from M$. Either you would use IE6 or take out IE altogether with FDVFileset or nLite. Just a suggestion FDV, but would it be a good idea to drop IE5 coverage on your website, simplify things a little? It is an Update for IE 6 SP1 for Windows 2000. It is a Windows Update for Windows XP SP1 and Windows 2003 SP0. It is NOT for Windows XP SP2/2003 SP1. Just thought I'd make it clearer.

Yes, that is what I mean. I've just never heard of it. the_guy

I ahve heard in about a gazillion (seriously) places that if you replace 2000's boot loader (ntldr and ntdetect.com) with XP's, 2000 will boot a little faster. Same with 2003 files with XP. On to my question: Something I have never heard is about the 2003 boot loader on 2000. Will it work, or will it give you a blue screen? Has anyone ever tested it? Logic says that 2000 will boot even faster, but microsoft doesn't use that a whole lot. the_guy

Good job on the watchful eye-ness. @fdv+tommyp: the IE6 update for 2000 that saugatek just mentioned (905495) is not an IE update for XP/2003. It is an Update for Windows. the_guy EDIT: It only affects IE6 SP1 for 2000, XP SP1, and 2003 SP0 They might not be needed for the lists.

Check out the HFSLIP subforum. HFSLIP does all of this and it also integrates hotfixes for them and Windows. It also lets you install other programs (like TweakUI) at something like runonceEx. the_guy

Another thing you could do is take those files (if applicable) from the latest IE 5.5 SP2 patch for ME. You don't need ME, just what microsoft wants you to have.

Gape does do this, but I was thinking of the people that don't use that. I will stop, if it doesn't make sense to you guys.

As I was looking throught MDGx's list of 98SE hotfixes, I noticed that a few updates required another update already installed. The shutdown supplement has an update that requires it, there is a PCI.VXD laptop update that requires a PCMCIA update installed, the WDM fix which is required by a hotfix that has a later file version. Here comes the shocker... the 98SE firewire update I see, but also 5 UPDATES that require it. My idea is, integrating these hotfixes together. I have already done most of the work, but I need some help. First off, does anyone know how to use a .reg file silently? Second, once I am done, where can I have these files hosted (I can do rapidshare but that site is rather slow). I have also noticed the same thing for some ME updates, and am doing the same. I will need requirements for system restore and SFP disabled so the updates will install (unless the .cat's can be preserved). What is your opinion of this project? the_guy EDIT: does anyone know what hotfix has user32.dll and user.exe version 4.10.2231. I just want to make sure I get all of the files and registry entries. EDIT2: I found out which hotfix has them. It will be part of the firewire supplement v2.

To getto the recovery console: 1. Put in your Windows XP CD 2. Boot from it (hit a key when prompted) 3. Press R at the first screen. 4. Log on to a windows Installation (c drive!) 5. Type your admin password 6. Now type those three commands. 7. Restart and hope for the best. the_guy

It looks nice. One thing i don't like is that every time you come here, EVERY post is unread. Why is this? the_guy

Something else not updated in his pack is Java. After installing that pack, I still see an udate for it. the_guy

what I meant was both that and 896727. you only needed 1 and you had both. sorry for any confusion. the_guy

@Oleg- Hotfix 903235 is included in the latest Internet Explorer Cumulative Update (896727). I'm not sure why fdv still has both on his site. @tommyp- This is a great program. Thank you! the_guy

Does anyone know how to make a .ddf file for makecab? I'm planning on redoing my option pack with the hotfixes directly integrated into the install of the program. I need to know how to do this so I can repackage internet explorer. the_guy

I didn't see that. Anyway, my project does not work. This project has been suspended by me indefinately. the_guy

I remember this error. You must download the latest driver update for your product from the intel website. I could give you a link, but I down't know what product you have. www.intel.com is the site. The Windows Update driver does that for some reason. the_guy

I will release it as soon as possible. But, it seems as though I can't attach anything. Why is this? As soon as I can, this will be released, as well as the latest 98 Option Pack. the_guy

I have figured out how to use the Internet Games in Windows 98SE! I have modified the .inf file included with Windows XP so it will install in Windows 98. It includes all of the files required from Windows XP SP2. Please let me know if it does not work. EDIT: It won't let me upload the file, it will available in the next few days. Just post suggestions for now.

Good job on finding a mirror. I haven't been here in a while so hope you finish the Option Pack soon. When do you think it will be completed? the_guy

There is an update available for XP N which adds the files removed. You can try installing it on xp MCE. Just copy the media files from 2003 pre-sp1 to the post-sp1 machine to replace the files. the_guy

I had this problem on Windows XP. Do you have Norton Internet Security or another software firewall installed? If so, try disabling it and try the sites you're having problems with. the_guy