Jump to content

YourMomIsCalling

Member
  • Posts

    8
  • Joined

  • Last visited

  • Donations

    0.00 USD 
  • Country

    United States

About YourMomIsCalling

Profile Information

  • OS
    Server 2008 x64

YourMomIsCalling's Achievements

0

Reputation

  1. Just so you know, my objective is to come up with the "right" list and procedure for clean installs of Win2K, without using HFSLIP. For Outlook Express, with Windows Update, if you install 823353, then run Windows Update again, it will then tell you you need 897715, and it will also offer 887797 as a recommended but not critical update. 823353 is Security Bulletin 04-018. It replaces the previous OE cumulative security update described in 04-013. It fixes a Malformed E-mail Header vulnerability, rolls up the previous cumulative security updates, and undoes a change that was made in 03-014 that annoyingly creates a copy of your Address Book under the filename of ~ in the root directory. 897715 is Security Bulletin 05-030. It fixes a Newsreader vulnerability. It also claims to roll up all previous security updates *except* for the undoing of the tilde file change. So that's why I thought it would be OK just to use 897715 for a clean install. As far as binaries go, 897715 has newer versions of msoe.dll and inetcomm.dll than 823353 does. I don't know why you say 823353 has newer binaries. I guess if you were being completely kosher you should FIRST install 823353, THEN 897715, to get a completely updated OE6SP1. ?what? I can't find that anywhere. Are you sure "892313" is the right number?
  2. What about 828026 for Media Player 9? It is listed as a critical fix by Windows Update. It does seem to have some security-related changes in it from reading the article, like not allowing a stream to take IE web pages to a lower security zone. Shouldn't you have this on your hotfix list?
  3. Regarding Outlook Express 6 SP1 in general, there are three candidate hotfixes, of which I think only one really needs to be included in a clean-slate install CD. 823353 and 897715 are both OE cumulative security updates. If you read the bulletins, 897715 really has all the security fixes accumulated on OE6SP1. 823353 has one additional fix that fixes a problem introduced by an even older cumulative security fix, namely the creation of a copy of the windows address book with the name TILDE "~". The only reason to install 823353 is if you are updating an existing system that's already been patched. And, as mentioned earlier, 887797 is just some low-need fixes that are enabled only by a registry change, even after you install it. Really not needed. So, conclusion: all you really need is 897715.
  4. 887797 is definitely very optional. If you read the KB article, all these updates are not even enabled, unless you make registry changes to enable them. I think they are low-priority updates which some customers wanted. I would NOT include it in any standard list of SP4 fixes for everyone.
  5. As far as I can tell from reading the article, the problem only surfaces when you have file attachments with DBCS filenames. So I would say it's far from critical.
  6. You should install IE6 at first BEFORE any hotfixes and apply the Update Rollout as the LAST hotfixe in your sequence... <{POST_SNAPBACK}> Well, OK... but then how do I attain my goal of integrating these hotfixes onto my bootable install CD? In other words, can I integrate IE6 SP1 as "just another hotfix"? I read through the http://unattended.msfn.org site and I didn't see anything there about this. Basically, my goal is to have a single, bootable CD with all the Windows 2000 updates I need on there. Right now, I have it to where I can integrate SP4, the Update Rollup, and all the newer hotfixes using the /Integrate /Nobackup switches. But I still have to manually install IE6.0 SP1. How can I automate that piece?
  7. Why does Win2K ask for the Update Rollup after it's already installed? I created an integrated bootable CD with Win2K Pro, SP4, and the Update Rollup V2 (891861). Installed, ran Windows Update, installed a bunch of new Security updates, all is well. Now... to upgrade to IE6 SP1. Install via Windows Update and reboot. Run Windows Update again. WTF??? It's asking for the Update Rollup (KB891861) AGAIN. Why is this? Is it really needed, to re-update some files from IE6 SP1? Or is this bogus?
  8. Hotfix 893066 superceded by Windows 2000 Update Rollup ??? You list this hotfix in your Win2K list. However according to the Win2000 Update Rollup security bulletin, it's been replaced by the Update Rollup. Delete from your list? Here's the quote from http://support.microsoft.com/kb/900345/ Security bulletin information Update Rollup 1 for Windows 2000 SP4 replaces the software update that is described in security bulletin MS05-019. For more information about security bulletin MS05-19, click the following article number to view the article in the Microsoft Knowledge Base: 893066 (http://support.microsoft.com/kb/893066/) MS05-019: Vulnerabilities in TCP/IP could allow remote code execution and denial of service
×
×
  • Create New...