Windows 2K Security Updates

**GreenMachine** · February 11, 2005

Actually, I think it inadvertantly slipped momentarily ... (goodness, those big words hurt my mouth ... )

**Bilou_Gateux** · March 5, 2005

I have checked WU and we can grab from here special express updates that do not contains outdated binary files but a special file with .psm extension. Look likes infos about Binary files are downloaded from Web and then binary files patched.

log file

4.093: HttpSendRequest failed 12007
4.093: HttpSendRequest unsuccessful (12029)
4.093: Failed DownloadAndPatchFiles, GLE=0x00002EFD
4.109: HttpSendRequest failed 12007
4.109: HttpSendRequest unsuccessful (12029)
4.109: Failed DownloadAndPatchFiles, GLE=0x00002EFD
4.109: HttpSendRequest failed 12007
4.109: HttpSendRequest unsuccessful (12029)
4.109: Failed DownloadAndPatchFiles, GLE=0x00002EFD
4.109: HttpSendRequest failed 12007
4.109: HttpSendRequest unsuccessful (12029)
4.109: Failed DownloadAndPatchFiles, GLE=0x00002EFD
4.109: HttpSendRequest failed 12007
4.109: HttpSendRequest unsuccessful (12029)
4.109: Failed DownloadAndPatchFiles, GLE=0x00002EFD
4.109: Max download retries exceeded, GLE=0x00002EFD
4.109: DoInstallation:DownloadPatchFiles failed

The name of this update is Windows2000-KB<number>-x86-<language>-express.exe

Most of the HF type 1 are available as Express version

Windows Update.log file

Using these express HF can help to reduce footprint of the HF in SVCPACK.

Full HFs type 1 = 46.2 Mb in SVCPACK

Express HFs type 1 = 10.1 Mb in SVCPACK

Examining KB<number>.log files creation and last modified date properties in %windir% Installation with full HFs replaced with Express HFs in SVCPACK take less than 5mn at SVCPACK stage (T-13).

For my tests (Windows 2000 Server w/o any SP ENU), i have only added SP4 in SPACKS folder, set SLIPHF1=YES in XPCREATE.INI for checking the Type 1 HF integration and only added 30x Windows2000-KB<number>-x86-<language>.exe in SVC-HF1 folder.

Following are the result of my first build with the new XPCreate February 2005 version :

We found duplicate files in the resulting i386 folder, both compressed .??_ and not compressed versions:

DTCSETUP.EX_

LLSSRV.EX_

NTDLL.DL_

SCHANNEL.DL_

We can save some space by replacing the non compressed version by the extracted version of the compressed files and deleting the .??_ (compressed) files. In the original source CD, these files aren't compressed.

DTCSETUP.CAT file should be moved from SVCPACK subfolder to i386 and compressed to replace the original DTCSETUP.CA_

Microsoft have removed the WU checking on Q329115 HF. On a fresh install without any HF applied, WU don't claims about this HF not installed.

On Post #51, i suggested to remove KB839645 HF. You shouldn't because WU checks the registry and claims about this HF not installed although a more recent HF owerwrites the binary files with newer versions.

Already mentionned are the not needed files added in 2 subfolders by KB841356 and DOSNET not needed added lines.

**GreenMachine** · March 8, 2005

Hmmmm ...

Yes, those express files are, indeed, the patches without the binaries, which are then downloaded. These hotfixes cannot be integrated. If just run from SVCPACK.INF, you would also need ab active Internet connection.

As I understood it at the time (long ago ... ), those uncompressed files are used during the setup process, that is why they are uncompressed. It is the compressed versions that are not needed. Like I said, that was a while ago I looked.

I'll have to look into Q329115.

I agree: I will stop adding the sub-directories to DOSNET.INF. Also, I think long file names there can cause problems in DOS based installs.

Thanks again, Bilou_Gateux. I just happened to pass by here again. You really should consider adding new posts, instead of updating your last one, so it catches my attention better!

**BaTLeZone** · April 12, 2005

Some new updates came out for win2000:

IE6.0sp1-KB890923-Windows-2000-XP-x86-ENU.exe

Windows2000-KB842773-x86-ENU.EXE

Windows2000-KB890859-x86-ENU.EXE

Windows2000-KB893066-x86-ENU.EXE

Windows2000-KB893086-x86-ENU.EXE

WindowsInstaller-KB893803-x86.exe

I am assuming they go in HF1.

Would WindowsInstaller-KB893803-x86.exe replace WINDOWSINSTALLER-KB884016-V2-X86.EXE or do I need both?

**BaTLeZone** · April 14, 2005

Ok....

I put all of the updates in HF1 and win2000 went tilt so I am doing one at a time to find out which one(s) are doing it.

I put WindowsInstaller-KB893803-x86.exe in by it self seems to install ok msiexec /? reports v3.01.4000.1823 . With out this update I get msiexec /? reports v3.00.3790.2538 so it is safe to say that this update replaces the WINDOWSINSTALLER-KB884016-V2-X86.EXE update.

UPDATE

I put IE6.0sp1-KB890923-Windows-2000-XP-x86-ENU.exe in HF1 and all is well.

**Bilou_Gateux** · April 15, 2005

Thanks BaTLeZone for your reports.

Not enough time to check by myself.

I have temporary added a link to your post on my first post.

Have you tried to remove these HF reported by Incroyable HULK as unecessary

HOTFIXES: Win2000 SP4 – WinXP SP1 – WinXP SP2 #post 484

**Bilou_Gateux** · April 23, 2005

Update Rollup 1 for Windows 2000 SP4 was released June 28, 2005.

This update rollup contains a list of security-related updates produced for Windows 2000 between the release of Windows 2000 SP4 and April 30, 2005.

+-------------------------------------------------------------------------------------------+

Windows Security Updates Summary for April 2005

Published April 12, 2005

-----------------------------------------------------------------------------------------------

Microsoft Security Bulletin MS05-016

Vulnerability in Windows Shell that Could Allow Remote Code Execution (893086)

Security Update for Windows 2000 (KB893086)

Mise à jour de sécurité pour Windows 2000 (KB893086)

Microsoft Security Bulletin MS05-017

Vulnerability in Message Queuing Could Allow Code Execution (892944)

Security Update for Windows 2000 (KB892944)

Mise à jour de sécurité pour Windows 2000 (KB892944)

Microsoft Security Bulletin MS05-018

Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege and Denial of Service (890859)

Security Update for Windows 2000 (KB890859)

Mise à jour de sécurité pour Windows 2000 (KB890859)

Microsoft Security Bulletin MS05-019

Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066)

Security Update for Windows 2000 (KB893066)

Mise à jour de sécurité pour Windows 2000 (KB893066)

----------------------------------------------------------------------------------------------

Microsoft Security Bulletin MS05-020

Cumulative Security Update for Internet Explorer (890923)

Post #17 on Internet Explorer 6 Service Pack 1 (SP1) thread

Updated component:

Post #7 on Background Intelligent Transfer Service (BITS) thread

Edited July 2, 2005 by Bilou_Gateux

**BaTLeZone** · April 26, 2005

That was it! I took them updates out and put all of the new ones in and everything worked great

thanks

EDIT

Nope I was wrong it still does it so I have it narrowed down to one of 2 update I'll get back to you.

**Bilou_Gateux** · May 12, 2005

Update Rollup 1 for Windows 2000 SP4 was released June 28, 2005.

This update rollup contains a list of security-related updates produced for Windows 2000 between the release of Windows 2000 SP4 and April 30, 2005.

+-------------------------------------------------------------------------------------------+

Windows Security Updates Summary for May 2005

Published May 10, 2005

Microsoft Security Bulletin MS05-024

Vulnerability in Web View Could Allow Remote Code Execution (894320)

Security Update for Windows 2000 (KB894320)

Mise à jour de sécurité pour Windows 2000 (KB894320)

Edited July 2, 2005 by Bilou_Gateux

**Bilou_Gateux** · May 12, 2005

Some new updates came out for win2000:
IE6.0sp1-KB890923-Windows-2000-XP-x86-ENU.exe
Windows2000-KB842773-x86-ENU.EXE
Windows2000-KB890859-x86-ENU.EXE
Windows2000-KB893066-x86-ENU.EXE
Windows2000-KB893086-x86-ENU.EXE
WindowsInstaller-KB893803-x86.exe
I am assuming they go in HF1.
Would WindowsInstaller-KB893803-x86.exe replace WINDOWSINSTALLER-KB884016-V2-X86.EXE or do I need both?
<{POST_SNAPBACK}>

As stated by Nazgul in this post #567, WindowsInstaller-KB893803-x86.exe has been removed by Microsoft.

Shouldn't says that: due to bugs?

**BaTLeZone** · June 6, 2005

I found the update that I am having problems with maybe there is another spot I can put it?

Windows2000-KB893086-x86-ENU.EXE

**Gagorian** · June 7, 2005

I have it in SVC-HF1 and I haven't experienced any problems (two installations so far).

What kind of problems are you experiencing? Edited June 7, 2005 by Gagorian

**Bilou_Gateux** · June 17, 2005

[url="http://support.microsoft.com/kb/891861/en-us"][b]Update Rollup 1 for Windows 2000 SP4[/b][/url] was released [b][color="red"]June 28, 2005[/color][/b].
This update rollup contains a list of security-related updates produced for Windows 2000 between the release of Windows 2000 SP4 and April 30, 2005.

+-------------------------------------------------------------------------------------------+

[b]Windows 2000:[/b]

Microsoft Security Bulletin MS05-019
Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service ([b]893066[/b])

Microsoft Security Bulletin MS05-027
Vulnerability in Server Message Block Could Allow Remote Code Execution ([b]896422[/b])

Microsoft Security Bulletin MS05-032
Vulnerability in Microsoft Agent Could Allow Spoofing ([b]890046[/b])

Microsoft Security Bulletin MS05-026
Vulnerability in HTML Help Could Allow Remote Code Execution ([b]896358[/b])

[b]Windows 2000 Components:[/b]

Microsoft Security Bulletin MS05-025
Cumulative Security Update for [b]Internet Explorer[/b] ([b]883939[/b])

Microsoft Security Bulletin MS05-030
Cumulative Security Update in [b]Outlook Express[/b] ([b]897715[/b]) Edited July 2, 2005 by Bilou_Gateux

**Bilou_Gateux** · June 25, 2005

Two others projects for updating Windows 2000 can be found on this forum:
[url="http://www.msfn.org/board/index.php?showtopic=32125&hl=slipstream#"]W2K IE6SP1 Total Slipstream[/url] by tommyp
[url="http://www.msfn.org/board/index.php?showtopic=38064#"]Windows 2000 "Hotstream" Project[/url] by Gurgelmeyer

I'm not sure if they're is still a lot of interest for using XPCREATE to build a full patched 2K UACD.

[url="http://www.microsoft.com/windows2000/server/evaluation/news/bulletins/rollup.asp"]Update Rollup for Windows 2000 Service Pack 4 (SP4)[/url] with a planned release in mid-2005 (coming soon?).
I don't want to waste time to update HF lists before this release. Edited June 28, 2005 by Bilou_Gateux

**BaTLeZone** · July 1, 2005

That rollup update is out it is showing in WU as KB891861.

here is the link to it

[url="http://www.microsoft.com/downloads/details.aspx?FamilyID=c0a2ca36-1179-431c-80e6-60a494d3823d&DisplayLang=en"]http://www.microsoft.com/downloads/details...&DisplayLang=en[/url]

Could it be slipstreamed in?? Edited July 1, 2005 by BaTLeZone

Sign In

Windows 2K Security Updates

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Recently Browsing 0 members