HOTFIXES: Windows XP SP2 & Windows 2000 SP4

[HPeron]

Hi all,

I just just found this forum (which showed itself extremely useful to me!) and I would like to contribute as much as I can.

That being said, I would like to point out that I have two hotfixes for Win XP SP2 that are not mentioned here, 885523 and 885894:

kb885523 article

kb885894 article

Another thing: there's this very useful program, AutoPatcher (http://www.autopatcher.com) which is a collection of hotfixes and registry tweaks. Well, it is not perfect - it tries to install some KB??????-ENU hotfixes on my brazilian portuguese (KB??????-PTB) Win XP, which naturally refuses them, such as kb888240 - but is a good program anyway.

A doubt: on your Unattented Windows installation guide, you instruct to use /Q /O /N /Z. However, on this forum, you do not use the /O parameter. Should I or should I not use that?

A question: there is a hotfix (if I'm not wrong, 873374, GDI+ Tool) which seems also to require a registry patch **instead** of using /Q:A /R:N parameters. So, I'm lost here. Should I copy and paste the registry information into a .REG file, install 873374 manually after Windows unattended installation ends, apply the .REG file and leave 873374 out of the enlisted hotfixed on SVCPACK.INF ?

Thanks,

Henrique

Sorry, I forgot to insert AutoPatcher web address as a link:

AutoPatcher website

[Sonic]

GDI tool is needed for a non-fresh system with old apps ... instead you can use a regtweak to tell to windows you're are already okay and gdi tool isn't necessary ...

Switch /O specify to overwrite OEM file if they are present (can speed up installation and more unattended)

For your two patch it seems to be for a non-fresh sp2 system ...

Goodbye.

[Thauzar]

Thank you so much for keeping this section up to date. Especially since autoupdate don't work anymore (tried to set it off, then back on, got no updates for months) even though I get them very well on my laptop. Guess that worm, even though gone, managed to get something wrong afterall (can this be possible? nothing surprises me with those).

[matthewj1012]

Still no one has verified if my list is complete. I updated it to include KB885626 now. It's back on page 111...anyone?

All hotfixes after SP1 include a mechanism which allow to install what order you want, only the latest version of files are kept ... no need to install in chronological order ...

I was not aware of this feature. That makes me wonder, why was I getting errors when trying to integrate certain hotfixes out of order? Oh well, I guess it doesn't really matter since I don't integrate with this method. I like the chronological order anyway (probably an OCD thing), but it's good to know it doesn't have to be that way.

Thanks, sonic

NOTE: I did not include KB885626 because it is not necessary for XP Pro with SP2 already included/integrated.

Not true,

This one is showing up on Windows Update if you have a Prescott core Pentium 4 processor.

This is why I am keeping it in the list

"I see," said the blind man. It's not showing up for me because I don't have a Prescott...duh! I guess it won't hurt to include it anyway for any non-Prescott systems I build. Still, I'm curious how the issue described by the KB could be fixed if the system cannot load XP after SP2 is installed on a Prescott machine. Would you boot in safe mode to install the hotfix? Or would you have to install the hotfix before attempting to install SP2?

Thanks, HULK

[HPeron]

Hulk, as I read once, hotfix 885626 must be applied before trying to install SP2.

I have included that on SVCPACK.INF and tried it on a virtual machine, just to see if it would imply on collateral effects on non-Prescott systems. I'm glad to know that it didn't.

All I wander now is: what if I included every possible hotfix on SVCPACK.INF, even those meant to solve particular hardware issues? Would WinXP be protected against the hardware problems meant to be addressed by those hotfixes in advance? All I know is, I have already tried some of those hotfixes and, if it didn't provide such protection, at least it didn't cause WinXP any harm.

Peron

[dhoffman_98]

what if I included every possible hotfix on SVCPACK.INF, even those meant to solve particular hardware issues? Would WinXP be protected against the hardware problems meant to be addressed by those hotfixes in advance?

Interesting point. You probably would be protected in advance, but why waste the space on your installation to install files on every machine JUST IN CASE you need it on one machine?

In my opinion, and the way I do my installs...

If I have a "special case" machine that needs something unique, then I'll do the core install and then patch with an extra step for that machine. But I don't see the value for increasing the size of your install base to install patches and fixes that are unneccesary.

It's like how the first post of this thread stays updated with hotfixes that can be removed each month because they are superceded. If you want to install EVERY hotfix that has been released, you sure can go ahead and do that... but why waste your install time and CD space installing one that doesn't matter?

[BlueMe]

Hi`a, can someone tell me if i should install these updates :

KB890046 -› Vulnerability in Microsoft agent could allow spoofing

KB896428 -› Vulnerability in Telnet client could allow information disclosure

KB899591 -› Vulnerability in Remote Desktop Protocol could allow denial of service

... because i removed Microsoft agent, Telnet, and Terminal Services

with nLite . I appreciate your help !

Edited December 25, 2005 by BlueMe

[samab]

898900 -> An update is available to support the DFS Namespaces Client failback

feature on Windows Server 2003 SP1-based computers and on

Windows XP SP2-based computers

Download -> 672 KB (30 November 2005)

Switches: KB898900 /quiet /norestart /nobackup

The direct download points to the wrong file.

[Gouki]

Can't wait to see the first page edited with the Hotfix from Microsoft to the new exploit found on .WMF!

[dhoffman_98]

Can't wait to see the first page edited with the Hotfix from Microsoft to the new exploit found on .WMF!

I'm sure as soon as Microsoft actually releases a hotfix that addresses this problem, this forum will be updated. Of course anyone should know that this forum only repeats information after Microsoft releases it, so if you are really hyped about getting bleeding edge updates as soon as they are released, you should be at Microsoft's site, not MSFN's (only because it sometimes takes a day or two to get the fully tested updates listed on the first page, and that's only because Hulk wants to be sure everything is tested properly).

In the meantime...

Microsoft has NOT released a hotfix for this yet.

For those of you who don't know what Gouki is talking about, and wishing he would provide more information... here is a link to an article about this...

http://entmag.com/news/article.asp?EditorialsID=7111

And here is the security advisory released by Microsoft:

http://www.microsoft.com/technet/security/...ory/912840.mspx

Stay tuned for more information as it becomes available...

David

[Gouki]

Yes. I am at Microsof site constantly refreshing and I have subscribed to the "alert" by eMail of new Hotfixes.

I was just saying that to relieve! (Is relieve a good word!? )

[Meehowski]

They'll be working overtime..........

[Gouki]

They'll be working overtime..........

I wish you were right, unfornatly, I dont think we will have a hotfix in the next days.

[hj_fr]

Maybe a fix on next tuesday patch...

[the_guy]

New Updates for Win2000 SP4.

KB905915 superseeds other IE Cumulative KB896688

Cumulative Internet Explorer 6.0 SP1 (also 1 for IE 5.01 SP4)

KB890830

Removal Tool 1.11

http://www.microsoft.com/security/malwareremove/default.mspx

KB908523

Vulnerability in Windows Kernel

Direct Download links for these updates from Windows Update are on P.110 post 1093.

the_guy