Jump to content

Windows 2000 (all)


the_guy

Recommended Posts

Changelog:

August 15-Added 950974, 951066, 952954, 953838, and 953839. Removed 941202, 950759, and 950760.

July 10-Added 951746 and 951748. Removed 941644 and 941672.

June 27-Added 953235, 951698, 950760, 950759, 950749, and 948745. Removed 948881, 947864, 946538, and 941568.

April 18-Added 941693, 945553, 947864, 948590, and 948881. Removed 938829 and 944533.

March 5-Added 942831, 944533, 946538, and 947890. Removed 921503, 926122, and 942615.

January 10-Added 941644 and 943485. Removed 917953. Fixed typos.

December 16-Added 937894, 941568, 941569, and 942615. Removed 904706, 923689, and 939653.

November 16-Added 941672. Removed 935966.

October 10-Added 923810, 933729, 939653, and 941202. Removed 917736, 923694, and 937143. Updated Roots Certificate Update.

September 16-Added 938827. Removed 932168

August 25-Fixed 937413 with correct 937143.

August 14-Added 921503, 936227, 936782, 937413, 938127, 938829, and Windows Script 5.7. Removed 917734, 924191, 929969, 933566, and Windows Script 5.6.

July 11-Added 926122. Updated Roots Certificate Update.

June 20-Added 933566, 935839, and 935840. Removed 917422 and 931768.

May 11-Added 931768 and 935966. Removed 928090.

April 14-Added 925902, 932168, 930178, and 931784. Removed 920958, 896424, and 912919.

February 17-Added 928843, 927779, 926436, 924667, 918118, and 928090. Removed 925454, 911562, and 922616.

January 10-Added 929969. Removed 925486.

December 19-Added 925454, 926247, 923694, 923689 and 925398. Removed 911567 and 922760.

November 17-Added 923980, 922760, 920213, and 924270. Removed 918899, 890046 and 921883.

October 10-Added 923191, 924191, and 923414. Removed 917159.

September 26-Added 925486. Updated 920958 to version 2. Noted that a new version of the Roots Certificate Update was released.

September 13-Added 920685 and 922582. Updated 918899 to version 3 (both versions of IE).

August 9-Added 917008, 917422, 918899, 920670, 920683, 920958, 921398, 921883, and 922616. Removed 916281 and 908523.

Legend:

Windows

Internet Explorer 5.01 SP4/FDV's Fileset

Internet Explorer 6.0 SP1

DirectX 7.0

DirectX 9.0c

Windows Media Player 9

*Server Only*

**New Update**

February 2005:

842773: An update package that includes BITS 2.0 and WinHTTP 5.1 is available for Windows Server 2003, for Windows XP, and for Windows 2000

May 2005:

893803: Windows Installer 3.1 (v2) is available

June 2005:

896358 - MS05-026: A vulnerability in HTML Help could allow remote code execution

July 2005:

901214 - MS05-036: Vulnerability in Microsoft Color Management Module could allow remote code execution

August 2005:

893756 - MS05-040: Vulnerability in Telephony service could allow remote code execution

*899591 - MS05-041: Vulnerability in Remote Desktop Protocol could allow denial of service*

899587 - MS05-042: Vulnerabilities in Kerberos could allow denial of service, information disclosure, and spoofing

896423 - MS05-043: Vulnerability in Print Spooler service could allow remote code execution

Then install: 908506: You may be unable to print to a network printer after you install security update 896423 on a computer that is running Windows 2000 with Service Pack 4

September 2005:

891861: Update Rollup 1 for Windows 2000 SP4 and known issues

October 2005:

905414 - MS05-045: Vulnerability in Network Connection Manager Could Allow Denial of Service

899589 - MS05-046: Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution

905749 - MS05-047: Vulnerability in Plug and Play could allow remote code execution and local elevation of privilege

901017/907245 - MS05-048: Vulnerability in the Microsoft Collaboration Data Objects could allow code execution (Windows)

900725 - MS05-049: Vulnerabilities in Windows Shell Could Allow Remote Code Execution

January 2006:

908519 - MS06-002: Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution

April 2006:

908531 - MS06-015: Vulnerability in Windows Explorer Could Allow Remote Code Execution

May 2006:

913580 - MS06-018: Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service

June 2006:

911280 - MS06-025: Vulnerability in Routing and Remote Access Could Allow Remote Code Execution

914389 - MS06-030: Vulnerability in Server Message Block Could Allow Elevation of Privilege

July 2006:

917537 - MS06-034: Vulnerability in Internet Information Services that use Active Server Pages could allow remote code execution

914388 - MS06-036: A vulnerability in the DHCP Client Service could allow remote code execution

August 2006:

920683 - MS06-041: Vulnerability in DNS resolution could allow remote code execution

917008 - MS06-044: Vulnerability in Microsoft Management Console could allow remote code execution

921398 - MS06-045: Vulnerability in Windows Explorer could allow remote code execution

920670 - MS06-050: Vulnerabilities in Microsoft Windows Hyperlink Object Library could allow remote code execution

September 2006:

920685 - MS06-053: Vulnerability in Indexing Service Could Allow Cross-Site Scripting

922582: Error message when you try to update a Microsoft Windows-based computer: "0x80070002" REQUIRES UPDATE ROLLUP 1 (891861)!

October 2006:

923191 - MS06-057: Vulnerability in Windows Explorer Could Allow Remote Execution

923414 - MS06-063: Vulnerability in Server Service Could Allow Denial of Service

November 2006:

923980 - MS06-066: Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution

920213 - MS06-068: Vulnerability in Microsoft Agent Could Allow Remote Code Execution

924270 - MS06-070: Vulnerability in Workstation Service Could Allow Remote Code Execution

December 2006:

926247 - MS06-074: Vulnerability in Simple Network Management Protocol (SNMP) could allow remote code execution

925398 - MS06-078: Vulnerability in Windows Media Player 6.4 could allow remote code execution

February 2007:

928843 - MS07-008: A vulnerability in the HTML Help ActiveX control could allow remote code execution

927779 - MS07-009: Vulnerability in Microsoft Data Access Components could allow remote code execution

926436 - MS07-011: Vulnerability in Microsoft OLE Dialog could allow remote code execution

924667 - MS07-012: Vulnerability in Microsoft Foundation Classes could allow for remote code execution

918118 - MS07-013: Vulnerability in Microsoft RichEdit could allow remote code execution

April 2007:

925902 - MS07-017: Vulnerabilities in GDI Could Allow Remote Code Execution

930178 - MS07-021: Vulnerabilities in CSRSS Could Allow Remote Code Execution

931784 - MS07-022: Vulnerability in Windows Kernel Could Allow Elevation of Privilege

June 2007:

935840 - MS07-030: Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution

935839 - MS07-035: Vulnerability in Win 32 API Could Allow Remote Code Execution

August 2007:

936227 - MS07-042: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

September 2007:

938827 - MS07-051: Vulnerability in Microsoft Agent Could Allow Remote Code Execution

October 2007:

923810 - MS07-055: Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution

933729 - MS07-058: Vulnerability in RPC Could Allow Denial of Service

December 2007:

937894 - MS07-065: Vulnerability in Message Queuing Service could allow remote code execution in Windows XP and in Windows 2000

January 2008:

943485 – Vulnerability in LSASS Could Allow Local Elevation of Privilege

February 2008:

942831 - MS08-005: Vulnerability in Internet Information Services could allow elevation of privileges

947890 - MS08-008: A vulnerability in OLE Automation could allow remote code execution

April 2008:

945553 - MS08-020: Vulnerability in DNS Client Could Allow Spoofing

948590 - MS08-021: Vulnerabilities in GDI Could Allow Remote Code Execution

941693 - MS08-025: Vulnerability in Windows Kernel Could Allow Elevation of Privilege

May 2008:

950749 - MS08-028: Vulnerability in the Microsoft Jet Database Engine could allow remote code execution

June 2008:

*948745 - MS08-034: Vulnerability in WINS Could Allow Elevation of Privilege*

*953235 - MS08-035: Vulnerability in Active Directory Could Allow Denial of Service*

July 2008:

*951746 - MS08-037: Description of the security update for DNS in Windows Server 2008, in Windows Server 2003, and in Windows 2000 Server (server-side): July 8, 2008*

951748 - MS08-037: Description of the security update for DNS in Windows Server 2003, in Windows XP, and in Windows 2000 Server (client side): July 8, 2008

August 2008:

**952954 - MS08-046: Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution**

**950974 - MS08-049: Vulnerabilities in Event System Could Allow Remote Code Execution**

Internet Explorer 5.01 SP4

918439 - MS06-022: Vulnerability in ART image rendering could allow remote code execution

This update requires the AOL Image Support Update installed first.

917344 - MS06-023: Vulnerability in Microsoft JScript Could Allow Remote Code Execution

938127 - MS07-050: Vulnerability in Vector Markup Language Could Allow Remote Code Execution

**953838 - MS08-045: Cumulative Security Update for Internet Explorer**

**951066 - MS08-048: Security Update for Outlook Express and Windows Mail**

This update replaces previous Cumulative security update for IE 950759

**953839: Cumulative Security Update for ActiveX**

Roots Update direct download link UPDATED September 25 2007!

Windows Script 5.7.0.16535 direct download link

IE with FDV's Fileset

**953838 - MS08-045: Cumulative Security Update for Internet Explorer**

This update replaces previous Cumulative security update for IE 950759

**953839: Cumulative Security Update for ActiveX**

Internet Explorer 6.0 SP1

905495 - MS05-044: Vulnerability in the Windows FTP client could allow file transfer location tampering

918439 - MS06-022: Vulnerability in ART image rendering could allow remote code execution

This update requires the AOL Image Support Update installed first.

938127 - MS07-050: Vulnerability in Vector Markup Language Could Allow Remote Code Execution

**953838 - MS08-045: Cumulative Security Update for Internet Explorer**

This update replaces previous Cumulative security update for IE 950759

**951066 - MS08-048: Security Update for Outlook Express and Windows Mail**

**953839: Cumulative Security Update for ActiveX**

Roots Update direct download link UPDATED September 25 2007!

Windows Script 5.7.0.16535 direct download link

DirectX 7.0

951698 - MS08-033: Vulnerabilities in DirectX Could Allow Remote Code Execution

DirectX 9.0c

951698 - MS08-033: Vulnerabilities in DirectX Could Allow Remote Code Execution

Windows Media Player 9

911564 - MS06-006: Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution

936782 - MS07-047: Vulnerability in Windows Media Player Could Allow Remote Code Execution

941569 - MS07-068: Vulnerability in Windows Media file format could allow remote code execution

-----------------------------------------------------------------------------------------------------------------------------

This checked as of August 15, 2008. Please tell me any inaccuracies with high priority updates ONLY.

the_guy

Edited by the_guy
Link to comment
Share on other sites

  • 4 weeks later...

It was edited only 3 days ago...

Edit: Look at the bottom of the post!!! And is still updating.

This post has been edited by the_guy: Yesterday, 08:30 PM

Good posting, the_guy

Edited by MHz
Link to comment
Share on other sites

that's allright; i am aiming to completely phase out my lists in favor of the_guy's lists.

i have one modest request but i wonder what others think (maybe i am the only one who thinks this way)

i'd like to see the lists of fixes more friendly...

instead of this

October 2004:

840987 MS04-032: Security update for Microsoft Windows

http://support.microsoft.com/?id=840987

February 2005:

*885834 MS05-010: Vulnerability in the License Logging service could allow code execution

http://support.microsoft.com/kb/885834/*

842773 An update package that includes BITS 2.0 and WinHTTP 5.1 is available for Windows Server 2003, for Windows XP, and for Windows 2000

http://support.microsoft.com/?id=842773

you would have this:

840987 - MS04-032: Security update for Microsoft Windows Oct 2004

885834 - MS05-010: Vulnerability in the License Logging service could allow code execution Feb 2005

842773 - An update package that includes BITS 2.0 and WinHTTP 5.1 is available for Windows Server 2003, for Windows XP, and for Windows 2000 Feb 2005

maybe i am the only one who feels this way because that's how i used to do it? what do others think? i just want it to be friendly for new folks i guess.

Link to comment
Share on other sites

885834 MS05-010: Vulnerability in the License Logging service could allow code execution

823353 MS04-018: Cumulative security update for Outlook Express (Install this one first!!!!)

Well theres my recommendation ;) Very few colours are readable, or even look half decent against this blasted blue heh.

Link Color: 3333FF

Windows2000 Color: 000099

IE6/OE etc, Color: CC0000

Perhaps we should link the SP4 download for completeness sake.

Edited by Crash&Burn
Link to comment
Share on other sites

Just wondering. I haven't included KB887797 ("additional" cumulative update for OE) in the last couple of HFSLIPs and Windows Update never complained. Am I the only one who doesn't need it, or has something changed in the HFSLIP script?

The KB page doesn't contain a link to the download page. Here it is:

http://www.microsoft.com/downloads/details...56-a1a3da675baf

@fdv:

Something like this?

Link to comment
Share on other sites

887797 is one of those oddities, it doesn't even showup in the download list (if using windows update) until you apply the other OE Cumulative update, if you read the article associated with it. Yet they are both called "cumulative update". It's not linked properly on MS site, so has likely slipped through the cracks.

Link to comment
Share on other sites

It's a bit of a mess, yes. But MS do distinguish between both: one is a "cumulative update" (KB887797) while the other is a "cumulative security update" (KB823353).

On the download page for KB887797 they even say "This non-security update helps resolve..."

Link to comment
Share on other sites

KB885834 (Vulnerability in the License Logging service) is supposed to be included in the Update Rollup:

http://support.microsoft.com/kb/891861/#XS...123120121120120 (13th from the bottom)

Would you consider KB894391 "critical"? :)

"Generic Host Process" error message (5/18/2005)

It's included in the list of hotfixes for Windows XP...

Edited by Tomcat76
Link to comment
Share on other sites

  • 4 weeks later...
887797 Description of the cumulative update for Outlook Express

Windows Script 5.6.0.8825 direct download link

Although there's no direct download link included in KB887797 article, you can still find OS specific files by searching up the article number http://www.microsoft.com/downloads/results...eeText=KB887797

Maybe you should provide a direct link to the pages so that localized versions can be easily downloaded as well.

Confusingly, there's a separate package for Windows XP, even though IE6 SP1 updates for both XP and 2000 always ship in one package. And the reason why didn't Microsoft include them in the article is beyond me... does it have to do with multiple registry hacks that's needed to enable the functionality provided by these updates?

The same goes for Windows Script 5.6 - you can search up the files http://www.microsoft.com/downloads/results...Text=script+5.6

There are several pages for various OS, each offering localized versions.

[Edit] Just noticed that TomCat76 has already posted the link to the download page for Windows2000/XP version of KB887797...

BTW, there are two new Security Bulletins

MS05-055 Vulnerability in Windows Kernel Could Allow Elevation of Privilege (908523) (Windows 2000)

MS05-054 Cumulative Security Update for Internet Explorer (905915)

Edited by DmitryKo
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...