Jump to content
MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. ×

Windows 2K Security Updates


Bilou_Gateux
 Share

Recommended Posts

  • 4 weeks later...

I have checked WU and we can grab from here special express updates that do not contains outdated binary files but a special file with .psm extension. Look likes infos about Binary files are downloaded from Web and then binary files patched.

log file

4.093: HttpSendRequest failed 12007

4.093: HttpSendRequest unsuccessful (12029)

4.093: Failed DownloadAndPatchFiles, GLE=0x00002EFD

4.109: HttpSendRequest failed 12007

4.109: HttpSendRequest unsuccessful (12029)

4.109: Failed DownloadAndPatchFiles, GLE=0x00002EFD

4.109: HttpSendRequest failed 12007

4.109: HttpSendRequest unsuccessful (12029)

4.109: Failed DownloadAndPatchFiles, GLE=0x00002EFD

4.109: HttpSendRequest failed 12007

4.109: HttpSendRequest unsuccessful (12029)

4.109: Failed DownloadAndPatchFiles, GLE=0x00002EFD

4.109: HttpSendRequest failed 12007

4.109: HttpSendRequest unsuccessful (12029)

4.109: Failed DownloadAndPatchFiles, GLE=0x00002EFD

4.109: Max download retries exceeded, GLE=0x00002EFD

4.109: DoInstallation:DownloadPatchFiles failed

The name of this update is Windows2000-KB<number>-x86-<language>-express.exe

Most of the HF type 1 are available as Express version

Windows Update.log file

Using these express HF can help to reduce footprint of the HF in SVCPACK.

Full HFs type 1 = 46.2 Mb in SVCPACK

Express HFs type 1 = 10.1 Mb in SVCPACK

Examining KB<number>.log files creation and last modified date properties in %windir% Installation with full HFs replaced with Express HFs in SVCPACK take less than 5mn at SVCPACK stage (T-13).

For my tests (Windows 2000 Server w/o any SP ENU), i have only added SP4 in SPACKS folder, set SLIPHF1=YES in XPCREATE.INI for checking the Type 1 HF integration and only added 30x Windows2000-KB<number>-x86-<language>.exe in SVC-HF1 folder.

Following are the result of my first build with the new XPCreate February 2005 version :

We found duplicate files in the resulting i386 folder, both compressed .??_ and not compressed versions:

DTCSETUP.EX_

LLSSRV.EX_

NTDLL.DL_

SCHANNEL.DL_

We can save some space by replacing the non compressed version by the extracted version of the compressed files and deleting the .??_ (compressed) files. In the original source CD, these files aren't compressed.

DTCSETUP.CAT file should be moved from SVCPACK subfolder to i386 and compressed to replace the original DTCSETUP.CA_

Microsoft have removed the WU checking on Q329115 HF. On a fresh install without any HF applied, WU don't claims about this HF not installed.

On Post #51, i suggested to remove KB839645 HF. You shouldn't because WU checks the registry and claims about this HF not installed although a more recent HF owerwrites the binary files with newer versions.

Already mentionned are the not needed files added in 2 subfolders by KB841356 and DOSNET not needed added lines.

Link to comment
Share on other sites

Hmmmm ...

Yes, those express files are, indeed, the patches without the binaries, which are then downloaded. These hotfixes cannot be integrated. If just run from SVCPACK.INF, you would also need ab active Internet connection.

As I understood it at the time (long ago ... ), those uncompressed files are used during the setup process, that is why they are uncompressed. It is the compressed versions that are not needed. Like I said, that was a while ago I looked.

I'll have to look into Q329115.

I agree: I will stop adding the sub-directories to DOSNET.INF. Also, I think long file names there can cause problems in DOS based installs.

Thanks again, Bilou_Gateux. I just happened to pass by here again. You really should consider adding new posts, instead of updating your last one, so it catches my attention better!

Link to comment
Share on other sites

  • 1 month later...

Some new updates came out for win2000:

IE6.0sp1-KB890923-Windows-2000-XP-x86-ENU.exe

Windows2000-KB842773-x86-ENU.EXE

Windows2000-KB890859-x86-ENU.EXE

Windows2000-KB893066-x86-ENU.EXE

Windows2000-KB893086-x86-ENU.EXE

WindowsInstaller-KB893803-x86.exe

I am assuming they go in HF1.

Would WindowsInstaller-KB893803-x86.exe replace WINDOWSINSTALLER-KB884016-V2-X86.EXE or do I need both?

Link to comment
Share on other sites

Ok....

I put all of the updates in HF1 and win2000 went tilt so I am doing one at a time to find out which one(s) are doing it.

I put WindowsInstaller-KB893803-x86.exe in by it self seems to install ok msiexec /? reports v3.01.4000.1823 . With out this update I get msiexec /? reports v3.00.3790.2538 so it is safe to say that this update replaces the WINDOWSINSTALLER-KB884016-V2-X86.EXE update.

UPDATE

I put IE6.0sp1-KB890923-Windows-2000-XP-x86-ENU.exe in HF1 and all is well.

Link to comment
Share on other sites

  • 2 weeks later...

Update Rollup 1 for Windows 2000 SP4 was released June 28, 2005.

This update rollup contains a list of security-related updates produced for Windows 2000 between the release of Windows 2000 SP4 and April 30, 2005.

+-------------------------------------------------------------------------------------------+

Windows Security Updates Summary for April 2005

Published April 12, 2005

-----------------------------------------------------------------------------------------------

Microsoft Security Bulletin MS05-016

Vulnerability in Windows Shell that Could Allow Remote Code Execution (893086)

Security Update for Windows 2000 (KB893086)

Mise à jour de sécurité pour Windows 2000 (KB893086)

Microsoft Security Bulletin MS05-017

Vulnerability in Message Queuing Could Allow Code Execution (892944)

Security Update for Windows 2000 (KB892944)

Mise à jour de sécurité pour Windows 2000 (KB892944)

Microsoft Security Bulletin MS05-018

Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege and Denial of Service (890859)

Security Update for Windows 2000 (KB890859)

Mise à jour de sécurité pour Windows 2000 (KB890859)

Microsoft Security Bulletin MS05-019

Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066)

Security Update for Windows 2000 (KB893066)

Mise à jour de sécurité pour Windows 2000 (KB893066)

----------------------------------------------------------------------------------------------

Microsoft Security Bulletin MS05-020

Cumulative Security Update for Internet Explorer (890923)

Post #17 on Internet Explorer 6 Service Pack 1 (SP1) thread

Updated component:

Post #7 on Background Intelligent Transfer Service (BITS) thread

Edited by Bilou_Gateux
Link to comment
Share on other sites

That was it! I took them updates out and put all of the new ones in and everything worked great :thumbup

thanks

EDIT

Nope I was wrong it still does it so I have it narrowed down to one of 2 update I'll get back to you.

Link to comment
Share on other sites

  • 3 weeks later...

Update Rollup 1 for Windows 2000 SP4 was released June 28, 2005.

This update rollup contains a list of security-related updates produced for Windows 2000 between the release of Windows 2000 SP4 and April 30, 2005.

+-------------------------------------------------------------------------------------------+

Windows Security Updates Summary for May 2005

Published May 10, 2005

Microsoft Security Bulletin MS05-024

Vulnerability in Web View Could Allow Remote Code Execution (894320)

Security Update for Windows 2000 (KB894320)

Mise à jour de sécurité pour Windows 2000 (KB894320)

Edited by Bilou_Gateux
Link to comment
Share on other sites

Some new updates came out for win2000:

IE6.0sp1-KB890923-Windows-2000-XP-x86-ENU.exe

Windows2000-KB842773-x86-ENU.EXE

Windows2000-KB890859-x86-ENU.EXE

Windows2000-KB893066-x86-ENU.EXE

Windows2000-KB893086-x86-ENU.EXE

WindowsInstaller-KB893803-x86.exe

I am assuming they go in HF1.

Would WindowsInstaller-KB893803-x86.exe replace WINDOWSINSTALLER-KB884016-V2-X86.EXE or do I need both?

As stated by Nazgul in this post #567, WindowsInstaller-KB893803-x86.exe has been removed by Microsoft.

Shouldn't says that: due to bugs? :lol:

Link to comment
Share on other sites

  • 4 weeks later...
I have it in SVC-HF1 and I haven't experienced any problems (two installations so far).

What kind of problems are you experiencing? Edited by Gagorian
Link to comment
Share on other sites

  • 2 weeks later...
[url="http://support.microsoft.com/kb/891861/en-us"][b]Update Rollup 1 for Windows 2000 SP4[/b][/url] was released [b][color="red"]June 28, 2005[/color][/b].
This update rollup contains a list of security-related updates produced for Windows 2000 between the release of Windows 2000 SP4 and April 30, 2005.

+-------------------------------------------------------------------------------------------+

[b]Windows 2000:[/b]

Microsoft Security Bulletin MS05-019
Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service ([b]893066[/b])

Microsoft Security Bulletin MS05-027
Vulnerability in Server Message Block Could Allow Remote Code Execution ([b]896422[/b])

Microsoft Security Bulletin MS05-032
Vulnerability in Microsoft Agent Could Allow Spoofing ([b]890046[/b])

Microsoft Security Bulletin MS05-026
Vulnerability in HTML Help Could Allow Remote Code Execution ([b]896358[/b])


[b]Windows 2000 Components:[/b]

Microsoft Security Bulletin MS05-025
Cumulative Security Update for [b]Internet Explorer[/b] ([b]883939[/b])

Microsoft Security Bulletin MS05-030
Cumulative Security Update in [b]Outlook Express[/b] ([b]897715[/b]) Edited by Bilou_Gateux
Link to comment
Share on other sites

Two others projects for updating Windows 2000 can be found on this forum:
[url="http://www.msfn.org/board/index.php?showtopic=32125&hl=slipstream#"]W2K IE6SP1 Total Slipstream[/url] by tommyp
[url="http://www.msfn.org/board/index.php?showtopic=38064#"]Windows 2000 "Hotstream" Project[/url] by Gurgelmeyer

I'm not sure if they're is still a lot of interest for using XPCREATE to build a full patched 2K UACD.

[url="http://www.microsoft.com/windows2000/server/evaluation/news/bulletins/rollup.asp"]Update Rollup for Windows 2000 Service Pack 4 (SP4)[/url] with a planned release in mid-2005 (coming soon?).
I don't want to waste time to update HF lists before this release. Edited by Bilou_Gateux
Link to comment
Share on other sites

That rollup update is out it is showing in WU as KB891861.

here is the link to it

[url="http://www.microsoft.com/downloads/details.aspx?FamilyID=c0a2ca36-1179-431c-80e6-60a494d3823d&DisplayLang=en"]http://www.microsoft.com/downloads/details...&DisplayLang=en[/url]

Could it be slipstreamed in?? Edited by BaTLeZone
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.


×
×
  • Create New...