Jump to content

2000 vs. XP vs. server2003 hot fixes

oao

By oao
in HFSLIP

 Share

Recommended Posts

Tomcat76

Tomcat76

Posted
Posted (edited)

[1]

KB896422 is partially replaced by Update Rollup 1 v2 and partially by KB923414.

KB828026 is partially replaced by Update Rollup 1 v2 and partially by KB917734 for WMP9.

KB870669 is replaced by the subsequent Cumulative IE updates.

KB885492 is replaced by KB917734 for WMP9.

KB904368 is replaced by Update Rollup 1 v2.

KB903235 is replaced by the subsequent Cumulative IE updates.

KB911565 is replaced by KB917734 for WMP9.

KB912812 is replaced by KB928090 (current Cumulative IE update).

KB891122 - HFSLIP sort of supports this WMP9 codec update. You need to extract wmfdist.exe into the HF folder (that's the only file of importance). The "Windows Media 9/10 codecs" checkbox in the "Update your Windows 2000 configuration" section links to this update. Also, as explained in the Notes section at the top of my dynamic 2K list: "You will need a decompression program (such as 7-zip or WinRAR) to extract the necessary files out of some of the downloaded installers. From the updates listed below, this applies to DirectX9, the new DirectX9 gaming binaries and the Windows Media 9/10 codecs."

KB911564 - "WindowsMedia-KB911564-x86-ENU.exe" is in my list.

[2]

If Windows Update insists you need KB828026 and KB896422, you have probably slipstreamed version 1 of Update Rollup 1. Please include HFSLIP.LOG next time.

[3]

MSXML2 is MSXML2. The download page I'm linking to contains the most recent public version.

[4]

TommyP answered this.

Edited by Tomcat76

oao

oao

Posted
  • Author
Posted

>How are you checking for these discrepancies? Are you using an old outdated mssecure.xml file? Are you googling old windows updates on the web? The MSBLA will guide you the right direction for applying the latest and greatest updates.

I have already described my procedure: I checked everything on your configuration file and then compared the generated list to The Guy's latest list. I also considered the updates that Windows Update has applied to my system. When I found missing items in either or both lists I checked the MS download pages.

What is MSBLA?

>As far as some hotfixes you list..... Here is an interesting finding while searching the boards for hotfix 896422 - link. For KB912812, an cumulative update to IE6 released April 2006. Each month last year, IE6 had a cumulative rollup. 912812 is 12 updates behind at this point and it would be unwise to slipstream it.

The problem is that Windows Update does not always delete fixes that are superseded by new ones; nor do the MS download pages document very clearly what is being superseded.

>I can probably answer for the_guy with his hotfix lists. He concentrates on critical updates and not recommended updates. Tomcat76 includes some recommended ones and some fixes that are nice to have, xml stuff falls into this category.

OK, that's what I needed to know. Regarding vulnerabilities: are they a problem due to the existence of non-updated files per se, or do those files need to be actually used to cause vulnerability? E.g. Windows installs OE, but I don't use it. Should I then bother to apply OE security fixes?

And is it possible to remove OE and other components during slipstreaming?

Thanks.

FP

oao

oao

Posted
  • Author
Posted

>KB891122 - HFSLIP sort of supports this WMP9 codec update. You need to extract wmfdist.exe into the HF folder (that's the only file of importance). The "Windows Media 9/10 codecs" checkbox in the "Update your Windows 2000 configuration" section links to this update. Also, as explained in the Notes section at the top of my dynamic 2K list: "You will need a decompression program (such as 7-zip or WinRAR) to extract the necessary files out of some of the downloaded installers. From the updates listed below, this applies to DirectX9, the new DirectX9 gaming binaries and the Windows Media 9/10 codecs."

I had actually done all this as per the instructions, I just did not connect it to KB891122.

>If Windows Update insists you need KB828026 and KB896422, you have probably slipstreamed version 1 of Update Rollup 1. Please include HFSLIP.LOG next time.

Actually, the rollup 2 and 923414 WERE installed, but WU would still push 896422. I reinstalled the rollup and 923414 and it now looks as WU is happy.

As per my initial message, I am now only PREPARING for slipstream in case I will need to reinstall the system. My comment referred to the already installed system, which was not slipstreamed. I just want to make sure that no update/fix will be missing, or unnecessary for the slipstream CD I am preparing.

Thanks for all your help.

Regards,

FP

oao

oao

Posted
  • Author
Posted

For any Win2K SP4 update/fix that does not appear in your configuration list, if it is added to the HF folder, will it be slipstreamed, or will HFSLIP slipstream only those in your list?

Regards,

FP

Tomcat76

Tomcat76

Posted
Posted (edited)
What is MSBLA?
He meant MBSA.
The problem is that Windows Update does not always delete fixes that are superseded by new ones;
Windows Update is not really that smart. If a file was updated twice since you last ran Windows Update, it will show you both updates even though you only need the latest (installing both, the newest will overwrite the older).
nor do the MS download pages document very clearly what is being superseded.
This is true, but we unpack the hotfix executables to see which files are inside of them. It's much more reliable than the tables MS provide. Also, sometimes a hotfix is replaced by two or more newer hotfixes together; this is never explained in a Hotfix Replacement table.
Regarding vulnerabilities: are they a problem due to the existence of non-updated files per se, or do those files need to be actually used to cause vulnerability? E.g. Windows installs OE, but I don't use it. Should I then bother to apply OE security fixes?
Yes. If it's on your system, it's vulnerable.
And is it possible to remove OE and other components during slipstreaming?
I don't think it's possible to remove just OE but I'm not sure; this isn't my domain. See here for more info:

vorck.com: Remove IE from Windows 2000 at install

hfslip.org: HFCLEANUP - Reduce your source

I wouldn't jump into this just yet, though. It's pretty advanced stuff.

For any Win2K SP4 update/fix that does not appear in your configuration list, if it is added to the HF folder, will it be slipstreamed, or will HFSLIP slipstream only those in your list?
The script doesn't use my list as a base, but it does assume certain standards (how Type 1 and Type 2 hotfixes are named, how they are composed internally, etc.). There will surely be some updates that don't work but it would take too much time to find out which those are and to add support for all of them. That's why only updates that are shown on Windows Update are said to be supported.
As far as I can tell KB925902 is for Vista, not 2000
Windows2000-KB925902-x86-ENU.EXE Edited by Tomcat76
Super-Magician

Super-Magician

Posted
Posted

@Tomcat76, I'm not quite sure where to post this as your update topics are no longer pinned. Anyway, why is KB935448 on your list and KB928843 removed? As far as I can tell, KB935448 isn't on Windows Update, although do I understand it fixes problems people may have after installing KB925902 (MS07-017).

Tomcat76

Tomcat76

Posted
Posted

My hotfix lists have always been more open to more recent updates for hotfixes that are shown on Windows Update if the newer versions are public and not WGA-protected. The COM+ Hotfix Rollup Package is another example of this.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...