Anyone installed Update Rollup 1 for Windows 2000 SP4 yet?

[packman 0]

Has any Win2KSP4 user on these forums installed Microsoft's new Update Rollup package?

 

Given that it's automatically available when you go to the Windows Update webpages and the Rollup package comprises a whole bundle of updates (including a lot of bug fixes, I gather) rather than giving you the choice of downloading and installing specific fixes, I was wondering whether anyone's had any problems with it and what their general opinion of it was.

[ross_aveling 0]

I installed it on my work PC a day or two ago. Haven't had any problems with it whatsoever.

 

I'd recommend installing it on any Windows 2000 SP4 PC as Microsoft have stated that there are certain bug/security updates in the Rollup that will not be made available individually through Windows Update.

[packman 0]

That's reassuring, Ross.

 

Hitherto, when I've added Windows updates, I've avoided the following ones, because they've been accused by some Win2K users of being implicated in new Win2K bugs:

 

KB893066

KB839643

Q329170

KB835732

 

However, if you now install the Rollup, those four are automatically included.

 

Are any or all of those four updates now listed in your Windows directory, Ross? Only the uninstallable ones will show, of course. Look in either Add/Remove Programs or in the first part of the WINNT folder.

 

 

[packman 0]

I've checked again.

 

893066 is still a separate update that I can download and install; it's not contained in the Rollup. 893066 is a fix which returns the default size of the TCP Receive Window in Win2K to 17,520 bytes. According to some experiments I did with the utility DrTCP a month or two ago, the optimum TRW on my Win2K machine is 32,767 bytes. Okay then, so that's not a problem. MS have at least given the option of downloading that separately.

 

Somehow, 839643 has already got installed on my machine. Ah well, never mind.

 

As for 329170 and 835732, I can find no reference to them now, either on my machine or in the Rollup. They might have got installed on my machine in some indirect way some time ago and perhaps are uninstallable fixes.

 

 

[ross_aveling 0]

Packman,

 

Just to let you know, I have got the 893066, 839643 & 835732 updates installed. I've checked the Rollup 1 KB Article and all three of these updates are indeed included (and still available seperately).

 

As for patch 329170 (Windows 2000 Security Patch: Flaw in SMB Signing Could Enable Group Policy to be Modified), there's info about it here. Also, Microsoft have included this update in recent 2000/XP Service Packs.

 

Hope this helps.

[packman 0]

Ross,

 

I scrolled right through the long list of bug fixes in the Rollup but couldn't spot those particular ones. Perhaps I couldn't see the wood for the trees? Or perhaps they simply don't appear in my particular list because they're already installed on my machine?

 

You infer that having those particular fixes has not impaired the functioning of your system in any way (presumably, a Win2KSP4 system). True?

[ross_aveling 0]

Packman,

 

These are the patches included with Update Rollup 1.

 

MS02-050 - Certificate validation flaw could permit identity spoofing - 329115

MS03-030 - Unchecked Buffer in DirectX Could Enable System Compromise - 819696

MS03-022 - Vulnerability in ISAPI Extension for Windows Media Services may cause code execution - 822343

MS03-025 - Flaw in Windows message handling through Utility Manager could enable privilege elevation - 822679

MS03-041 - Vulnerability in Authenticode Verification Could Allow Remote Code Execution - 823182

MS03-023 - Buffer overrun in the HTML converter could allow code execution - 823559

MS03-026 - Buffer Overrun in RPC May Allow Code Execution - 823980

MS03-034 - Flaw in NetBIOS could lead to information disclosure - 824105

MS03-045 - Buffer overrun in the ListBox and in the ComboBox Control could allow code execution - 824141

MS03-039 - A buffer overrun in RPCSS could allow an attacker to run malicious programs - 824146

MS03-044 - Buffer overrun in Windows Help and Support Center could lead to system compromise - 825119

MS03-042 - Buffer Overflow in Windows Troubleshooter ActiveX Control Could Allow Code Execution - 826232

MS03-043 - Buffer overrun in Messenger service could allow code execution - 828035

MS03-049 - Buffer Overrun in the Workstation Service Could Allow Code Execution - 828749

MS03-008 - Flaw in Windows Script Engine may allow code to run - 814078

MS04-007 - An ASN.1 vulnerability could allow code execution - 828028

MS04-008 - Vulnerability in Windows Media Services could allow a Denial of Service attack - 832359

MS04-012 - Cumulative Update for Microsoft RPC/DCOM - 828741

MS04-006 - A vulnerability in the Windows Internet Name Service (WINS) could allow code execution - 830352

MS04-011 - Security Update for Microsoft Windows - 835732

MS04-014 - Vulnerability in the Microsoft Jet Database Engine could permit code execution - 837001

MS04-016 - Vulnerability in DirectPlay could allow denial of service - 839643

MS04-024 - A vulnerability in the Windows shell could allow remote code execution - 839645

MS04-023 - Vulnerability in HTML Help could allow code execution - 840315

MS04-020 - A vulnerability in POSIX could allow code execution - 841872

MS04-022 - A vulnerability in Task Scheduler could allow code execution - 841873

MS04-019 - A vulnerability in Utility Manager could allow code execution - 842526

MS04-030 - Vulnerability in WebDAV XML message handler could lead to a denial of service - 824151

MS04-032 - Security update for Microsoft Windows - 840987

MS04-037 - Vulnerability in Windows shell could allow remote code execution - 841356

MS04-031 - Vulnerability in NetDDE could allow remote code execution - 841533

MS04-045 - Vulnerability in WINS could allow remote code execution - 870763

MS04-043 - Vulnerability in HyperTerminal could allow code execution - 873339

MS04-044 - Vulnerabilities in Windows Kernel and LSASS could allow elevation of privilege - 885835

MS04-041 - A vulnerability in WordPad could allow code execution - 885836

MS05-003 - Vulnerability in the Indexing Service could allow remote code execution - 871250

MS05-008 - Vulnerability in Windows shell could allow remote code execution - 890047

MS05-011 - Vulnerability in server message block could allow remote code execution - 885250

MS05-010 - Vulnerability in the License Logging service could allow code execution - 885834

MS05-015 - Vulnerability in hyperlink object library could allow remote code execution in Windows Server 2003 - 888113

MS05-001 - Vulnerability in HTML Help could allow code execution - 890175

MS05-013 - Vulnerability in the DHTML editing component ActiveX control could allow code execution - 891781

MS05-002 - Vulnerability in cursor and icon format handling could allow remote code execution - 891711

MS05-012 - Vulnerability in OLE and COM could allow remote code execution - 873333

MS05-016 - Vulnerability in Windows Shell that could allow remote code execution - 893086

MS05-019 - Vulnerabilities in TCP/IP could allow remote code execution and denial of service - 893066

MS05-017 - Vulnerability in MSMQ could allow code execution - 892944

MS05-018 - Vulnerabilities in Windows kernel could allow elevation of privilege and denial of service - 890859

MS05-020 - Cumulative security update for Internet Explorer - 890923

MS03-022 - Vulnerability in ISAPI Extension for Windows Media Services may cause code execution - 822343

MS05-014 - Cumulative security update for Internet Explorer - 867282

 

Yup, my work PC is SP4'ed up. In all honesty, I've never had any problems with any updates for Windows 2000... maybe I've been lucky.

[packman 0]

Those are just the security patches, Ross. At the Windows Update site you can view a description of the Rollup, if you're offered the Rollup. In that description, you can find a link to a very long list of bug fixes in the Rollup. That list is a quite separate one to the one you've shown, which is only of the security fixes.

[packman 0]

It certainly used to be the case that if you already had a number of Win2K security updates or bug-fixes installed and you then installed SP3 or SP4 on the top, it really screwed up your system. And there was no going back. So, why is this Rollup any different?

 

It seems to me that you need to be extremely careful that, by choosing the Rollup, you don't end up installing a number of updates that you've already got. Fine if each person gets a customised Rollup but MS haven't said that that's the case.