This article describes Update Rollup 1 for Microsoft Windows 2000 Service Pack 4 (SP4).

Update
Rollup 1 for Windows 2000 SP4 was originally released on June 28, 2005 and updated on
September 13, 2005 to a v2 release. This update rollup contains security-related updates that
were produced for Windows 2000 between the release of Windows 2000 SP4 and April 30, 2005.
On April 30, 2005, the contents of Update Rollup 1 were locked for final testing by Microsoft and
customer beta testing. This update rollup also contains several important non-security updates.
This article contains detailed information about this update rollup, answers frequently asked
questions, and lists the updates that are included in this update rollup.
Back to the top
INTRODUCTION
Update Rollup 1 for Windows 2000 SP4 makes it easier for customers to enhance a...
Update Rollup 1 for Windows 2000 SP4 makes it easier for customers to enhance and maintain
the security and stability of their Windows 2000-based computers. For more information about the
fixes that are included in Update Rollup 1 for Windows 2000 SP4, click the following article
number to view the article in the Microsoft Knowledge Base:
900345 (http://support.microsoft.com/kb/900345/ ) Fixes that are included in Update Rollup 1 for
Microsoft Windows 2000 Service Pack 4 that is dated June 28, 2005
Back to the top
MORE INFORMATION
Notes about Update Rollup 1 for Windows 2000 SP4 – v2 After the initial release...
Notes about Update Rollup 1 for Windows 2000 SP4 – v2
After the initial release of Update Rollup 1 for Windows 2000 SP4, Microsoft identified several
issues that may occur when you install this update rollup. These issues are isolated and affect
few customers. These issues are described in this section. This section also explains how to
resolve these issues. If you are affected by any one of the following issues, we suggest that you
install Update Rollup 1 for Windows 2000 SP4 – v2 or apply the individual hotfixes. Update Rollup
1 for Windows 2000 SP4 – v2 was released on September 13, 2005.
Back to the top
Issue 1
Description of the issue: Error messages
You may receive one of the following error messages when you visit the Windows Update Web
site after you install Update Rollup 1 for Windows 2000 SP4 – v2:

*
MSXML3.DLL File Not Found
*
Error 0x80244001
*
Error 0x800700C1

These errors might occur if you performed an express install of Update Rollup 1 for Windows
2000 SP4 before July 18, 2005 and the updated version of the Msxml3.dll file was already
installed.

An express install was only available if you manually converted to the Microsoft Update service
that was released in June, manually updated to the "v6" Windows Update service, or used the
WSUS service that was released in June, 2005. This issue was remedied on July 18 before the
automatic conversion of all customers to Windows Update v6. The issue does not affect any
installations from the Windows Update v4 site or any installations that occurred after July 18.
Under these circumstances, the Msxml3.dll file might have been reduced to a size of 0 bytes. If
you receive one of these error messages after you install Update Rollup 1 for Windows 2000
SP4, you may be experiencing this problem.
Resolution
Use one of the following three methods to repair the Msxml3.dll file:

* Download and install security update 824151. For more information, click the following article
number to view the article in the Microsoft Knowledge Base:
824151 (http://support.microsoft.com/kb/824151/ ) MS04-030: Vulnerability in WebDAV XML
message handler could lead to a denial of service
* Start the recovery console from any Microsoft Windows setup CD. Then, copy the Msxml3.dll
file from the $NtUpdateRollupPackUninstall$ Update Rollup backup folder to the %systemroot
%\System32 folder.
* Reinstall Update Rollup 1 for Microsoft Windows 2000 Service Pack 4 (SP4). You can either
reinstall the original version or the v2 version.

Note You could only perform an express install of Update Rollup 1 for Windows 2000 SP4 before
July 18 if you manually installed the new Microsoft Update Web service or if you used Windows
Server Update Services (WSUS). This problem does not occur unless you manually upgrade to
Microsoft Update from Windows Update version 4 or use Software Update Services (SUS) 1.0.

This issue was addressed by making a minor change to the way that this update rollup was
published on Windows Update. No files were changed to fix this problem. This issue is fixed in
Update Rollup 1 for Windows 2000 SP4 – v2.
Back to the top
Issue 2
Description of the issue: You receive a "Stop 0x000001E" error message when you restart the
computer after you install Update Rollup 1 for Windows 2000 SP4
You may receive the following error message when you restart the computer after you install
Update Rollup 1 for Windows 2000 SP4:
Stop 0x000001E
This problem may occur if you use a computer that has an older non-Plug-and-Play ISA, EISA, or
Micro Channel Architecture (MCA) SCSI controller. If you have already installed the original
version of Update Rollup 1 for Windows 2000 SP4 and have restarted the computer successfully,
you do not have this problem. You do not need hotfix 904374.
Resolution
If you received this error message, start the recovery console from any Windows setup CD. Then,
copy the Scsiport.sys file from the $NtUpdateRollupPackUninstall$ Update Rollup backup folder
to the %systemroot%\System32\Drivers folder. Restart the computer after you copy the file.

The following code is an example copy command:

Copy %windir%\$NtUpdateRollupPackUninstall$\scsiport.sys %windir%\system32\drivers

To resolve the problem, use one of the following methods:

* Install Update Rollup 1 for Windows 2000 SP4 – v2.

* Install the hotfix that is described in the following article in the Microsoft Knowledge Base:
904374 (http://support.microsoft.com/kb/904374/ ) You receive a "Stop 0x0000001e" error
message after you install Update Rollup 1 for Windows 2000 Service Pack 4
If you restored the older version of the Scsiport.sys file, you should apply this hotfix or the
update rollup. This issue is fixed in Update Rollup 1 for Windows 2000 SP4 – v2.

Back to the top

Issue 3
Description of issue: On a computer that uses dynamic disks, two system drives may appear after
you install Update Rollup 1 for Windows 2000 SP4
Important This section, method, or task contains steps that tell you how to modify the registry.
However, serious problems might occur if you modify the registry incorrectly. Therefore, make
sure that you follow these steps carefully. For added protection, back up the registry before you
modify it. Then, you can restore the registry if a problem occurs. For more information about how
to back up and restore the registry, click the following article number to view the article in the
Microsoft Knowledge Base:
322756 (http://support.microsoft.com/kb/322756/ ) How to back up and restore the registry in
Windows

On a computer that uses dynamic disks, two system drives may appear after you install Update
Rollup 1 for Windows 2000 SP4. This problem occurs in the Mountmgr.sys file. This problem only
affects computers that use the dynamic disks feature. This problem does not appear to affect
functionality.
Resolution
If you experience this problem, the system alternates between the original system drive and the
new virtual system drive letter every time that you restart. You should restart the system if it is not
running on the correct system drive letter. Make sure the system is using the correct system drive
letter (the original system drive) at all times until you apply a resolution to this problem. This
guarantees that any software that is installed recognizes the correct system drive.

Use one of the following two methods to resolve this issue:

* Install the hotfix that is described in the following article in the Microsoft Knowledge Base:
904564 (http://support.microsoft.com/kb/904564/ ) An additional system drive letter appears
in Windows Explorer after you apply Windows 2000 Update Rollup 1 for Service Pack 4
* If you experience this problem, you can install Update Rollup 1 for Windows 2000 Sp4 – v2.

The hotfix and Update Rollup 1 for Windows 2000 SP4 – v2 are only installed if the system is
restarted to the correct system drive before installation. If the system drive is a non-system drive
(a virtual drive), you may be prompted to restart the system before you install the hotfix or the v2
release. This issue is fixed in the Update Rollup 1 for Windows 2000 SP4 – v2 release.
Back to the top
Issue 4
Description of issue: You cannot save files from Microsoft Office programs directly to a floppy disk
Microsoft has identified a problem in the Fastfat.sys file. This problem does not affect all systems.
On systems that are affected, you cannot save files from Microsoft Office programs directly to a
floppy disk. (Microsoft Office programs include programs such as Microsoft Word and Microsoft
Excel.) Microsoft plans to provide an update to fix this problem on the Microsoft.com/downloads
Web site.
Resolution
To resolve this problem, install Update Rollup 1 for Windows 2000 SP4 – v2. For more
information about this update rollup, click the following article number to view the article in the
Microsoft Knowledge Base:
904368 (http://support.microsoft.com/kb/904368/ ) Office programs may stop responding when
you save a new file to a floppy disk drive on a Windows 2000-based computer that has Update
Rollup 1 for Windows 2000 SP4 installed
Back to the top
Issue 5
You cannot connect to a Citrix server that has ICA sessions after you install Microsoft Update
Rollup 1 for Windows 2000 SP4
After you install Update Rollup 1 for Windows 2000 SP4 on a Citrix MetaFrame XP server or on a
Citrix MetaFrame Presentation Server 3.0-based server, you experience the following problems
when you connect to a Citrix server that has ICA sessions:

* You receive a Stop error message.

* The Windows Graphical Identification and Authentication (GINA) logon user interface does
not appear.
* The system console may be unresponsive.
* The Winlogon.exe process uses excessive CPU.

For more information about this problem and to obtain a hotfix from Citrix, visit the following Citrix
Web site:
http://support.citrix.com/article/ctx107051 (http://support.citrix.com/article/ctx107051)
Microsoft provides third-party contact information to help you find technical support. This contact
information may change without notice. Microsoft does not guarantee the accuracy of this third-
party contact information.
Resolution
To resolve this issue, obtain and install hotfix 904711. For more information about hotfix 904711,
click the following article number to view the article in the Microsoft Knowledge Base:
904711 (http://support.microsoft.com/kb/904711/ ) Citrix MetaFrame XP or Citrix MetaFrame
Presentation Server 3.0 do not work as expected after you install Update Rollup 1 on a Windows
2000 SP4-based server
Back to the top
Issue 6
After you install Update Rollup 1 for Windows 2000 SP4, servers that are running Vormetric
CoreGuard may be unable to restart in Normal mode
When this problem occurs, the server may stop responding and you may see a blue screen, but
you can still start the server in Safe Mode.

This problem occurs because Update Rollup 1 for Windows 2000 SP4 deletes the ‘List’
REG_MULTI_SZ value in the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ServiceGroupOrder
This value is required by the CoreGuard filter driver that loads when the computer is restarted.
Vormetric CoreGuard is a database encryption product. If the filter driver is not functioning
correctly, unencrypted data may be entered into the SQL database. Therefore, the database may
become corrupted and the data may be unrecoverable.
Resolution
To resolve this problem, download the VmSP4RegFix.exe tool from Vormetric and run this tool
immediately after you install Update Rollup 1 for Windows 2000 SP4 but before you restart the
computer. For more information, visit the following Vormetric Web site:
http://www.vormetric.com (http://www.vormetric.com)
For support information, visit the following Vormetric Web site:
http://www.vormetric.com (http://www.vormetric.com)
Microsoft provides third-party contact information to help you find technical support. This contact
information may change without notice. Microsoft does not guarantee the accuracy of this third-
party contact information.

The information and the solution in this document represents the current view of Microsoft
Corporation on these issues as of the date of publication. This solution is available through
Microsoft or through a third-party provider. Microsoft does not specifically recommend any third-
party provider or third-party solution that this article might describe. There might also be other
third-party providers or third-party solutions that this article does not describe. Because Microsoft
must respond to changing market conditions, this information should not be interpreted to be a
commitment by Microsoft. Microsoft cannot guarantee or endorse the accuracy of any information
or of any solution that is presented by Microsoft or by any mentioned third-party provider.

Microsoft makes no warranties and excludes all representations, warranties, and conditions
whether express, implied, or statutory. These include but are not limited to representations,
warranties, or conditions of title, non-infringement, satisfactory condition, merchantability, and
fitness for a particular purpose, with regard to any service, solution, product, or any other
materials or information. In no event will Microsoft be liable for any third-party solution that this
article mentions.
Back to the top
Other known issues
The previous issues have been fully addressed in Update Rollup 1 for Windows 2000 SP4 – v2.
This section describes other known issues. These issues will be resolved by individual hotfixes.
These issues affect very few customers and may have third-party solutions. Where it is possible,
an individual hotfix is available from Microsoft Product Support. These individual hotfixes were not
included in Update Rollup 1 for Windows 2000 SP4 – v2 to minimize the exposure to most
customers who are not otherwise affected by these issues. This section describes other known
issues. These issues will be resolved by individual hotfixes. These issues are identified as code
issues.
Cluster Service does not start after you install Update Rollup Package 1 if security privileges are
properly set
Customers with server clusters who do not have the required security privileges assigned to the
domain user account that is used by the Cluster service, will see the cluster service fail to start
with a new event message in the system event log explaining the reason and the recommended
next step to recover after applying Update Rollup Package 1. View the following Knowledge Base
article for more information:
871236 (http://support.microsoft.com/kb/871236/ ) New event log messages for the Cluster
service account are included in Windows Server 2003 Service Pack 1 and Update Rollup 1 for
Windows 2000 Service Pack 4

To keep your Server Cluster from experiencing this issue, you must validate that you have the
necessary security privilege settings before applying URP1. View the follwing Knowlege Base
article for more information:
269229 (http://support.microsoft.com/kb/269229/ ) How to manually re-create the Cluster service
account
The Server Cluster service will fail to start if the OS volume is not formatted NTFS
Customers with server clusters who have their operating system volume formatted Fat32, will see
the Server Cluster service fail to start after applying URP1. To resolve this issue either before or
after application of URP1, use convert.exe to convert your OS partition from Fat32 to NTFS.
An Exchange 5.5 message transfer agent (MTA) that uses an X.400 connector on Windows 2000
SP4 may stop transferring mail after you install Microsoft Update Rollup 1 for Windows 2000
To resolve this issue, obtain and install hotfix 904712. For more information, click the following
article number to view the article in the Microsoft Knowledge Base:
904712 (http://support.microsoft.com/kb/904712/ ) Mail delivery is slower than expected, or mail
delivery stops, on an X.400 connector to a remote site in Exchange Server 5.5

Customers who experience this problem will be able to install the hotfix before or after they install
the Update Rollup to resolve this problem. This hotfix is not included in the Update Rollup 1 for
Windows 2000 SP4 – v2 package because of the limited number of customers affected.
Customers who use Sophos Anti-Virus for Windows version 5 may experience a delay when they
log on to their networks
After customers install Microsoft Update Rollup 1 for Windows 2000 SP4, customers who use
Sophos Anti-Virus for Windows version 5 may experience a delay when they log on to their
networks. A computer may take 15 minutes to log on to the network when you receive the
following message:
preparing network connections
Sophos provides details about how to resolve this problem to Sophos customers. For more
information, visit the following Sophos Web site:
http://www.sophos.com/support/knowledgebase/article/13287.html
(http://www.sophos.com/support/knowledgebase/article/13287.html)
Microsoft provides third-party contact information to help you find technical support. This contact
information may change without notice. Microsoft does not guarantee the accuracy of this third-
party contact information.
Some versions of Internet Security Systems products may not start after you install Update Rollup
1 for Windows 2000
This problem occurs because you have obsolete signature files and an obsolete Blackdrv.sys file.
To resolve this problem, update to the current signature file. Updating to the current signature file
resolves the problem for all versions of Internet Security Systems BlackICE. For more
information, visit the following Microsoft Knowledge Base article:
901159 (http://support.microsoft.com/kb/901159/ ) Some Internet Security Systems products
stop running after you install the revised MS05-019 security update or after you install Update
Rollup 1 for Windows 2000 SP4
Back to the top
Download information
To download and install Update Rollup 1 for Windows 2000 SP4 – v2, visit the following Microsoft
Windows Update Web site, and then install high-priority update 891861:
http://windowsupdate.microsoft.com/ (http://windowsupdate.microsoft.com/)
You can also download this update rollup to deploy to multiple Windows 2000-based computers.
The package is available from the Microsoft Download Center.

The following file is available for download from the Microsoft Download Center:

Collapse this imageExpand this image

Download
Download the Windows2000-KB891861-v2-x86-ENU.EXE package now.
(http://www.microsoft.com/downloads/details.aspx?FamilyId=B54730CF-8850-4531-B52B-
BF28B324C662&displaylang=en)

Release Date: September 13, 2005

For more information about how to download Microsoft Support files, click the following article
number to view the article in the Microsoft Knowledge Base:
119591 (http://support.microsoft.com/kb/119591/ ) How to obtain Microsoft support files from
online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software
that was available on the date that the file was posted. The file is stored on security-enhanced
servers that help prevent any unauthorized changes to the file.

To download the package from the Windows Update Catalog, use the Advanced Search Options
feature to search for article ID number 891861. For more information about how to download
updates from the Windows Update Catalog, click the following article number to view the article in
the Microsoft Knowledge Base:
323166 (http://support.microsoft.com/kb/323166/ ) How to download updates that include drivers
and hotfixes from the Windows Update Catalog
By including the most important updates for Windows 2000, Update Rollup 1 for Windows 2000
SP4 may help customers make Windows 2000-based computers more secure. Update Rollup 1
for Windows 2000 SP4 also makes it easier for customers to build new deployment images. This
update rollup requires less predeployment testing, because the number of updates that are
included in this update rollup is smaller than the number of updates that are typically included in a
service pack. Most customers installed current versions of many of the files when older updates
were installed. Additionally, Microsoft has already released most of the contents of this update
rollup as individual updates and hotfixes. Individual hotfixes that are not included in this update
rollup will be available as individual downloads.

Because Microsoft believes that Update Rollup 1 for Windows SP4 meets the needs of customers
better than a new service pack for Windows 2000, Microsoft will not release another service pack
for Windows 2000. Therefore, Windows 2000 SP4 is the final service pack for Windows 2000.
Customers who have not yet installed Windows 2000 SP4 should consider installing Windows
2000 SP4 as soon as possible. Windows 2000 with SP4 is a prerequisite for Update Rollup 1 for
Windows 2000 SP4.
Back to the top
Frequently asked questions
Q1: Why does Microsoft believe that Update Rollup 1 for Windows 2000 SP4 meets the needs of
customers better than a new service pack for Windows 2000?
A1: Microsoft talked to many customers about their plans for maintaining their Windows 2000
deployments. The most frequent requests were for Microsoft to make keeping Windows 2000-
based computers up to date as easy as possible, and for Microsoft to reduce the predeployment
testing that customers have to perform. Update rollups may help customers make their computers
more secure. Update rollups also help customers build new system images without applying and
tracking individual hotfixes. Update Rollup 1 for Windows 2000 SP4 requires less predeployment
testing because the number of updates that are included in the update rollup is smaller than the
number of updates that are typically included in a service pack. Additionally, Microsoft has
already released most of the contents of this update rollup as individual updates and hotfixes.

Because Windows 2000 is a mature product, many of the Windows 2000 hotfixes that were
released after the release of Windows 2000 SP4 address relatively obscure problems. These
problems affect a small number of customers. At this point, an update rollup provides the most
usefulness at the least risk of instability.

Q2: How will Microsoft list Update Rollup 1 for Windows SP4 on the Windows Update Web site?
A2: Update Rollup 1 for Windows SP4 is listed as a high-priority update in the "Critical and
Service Packs" category on the Windows Update Web site. During the next few months, Windows
Update will transition Windows 2000 customers to a new version of Windows Update. After this
transition, Update Rollup 1 for Windows 2000 SP4 will be listed in the "High Priority Updates"
category.

Q3: Should I install Update Rollup 1 for Windows SP4 even if I have kept my Windows 2000 SP4
systems up to date?
A3:Yes. Update Rollup 1 for Windows 2000 SP4 contains important fixes that have not previously
been part of individual security updates. Additionally, this update rollup contains enhancements
that may help increase system security, increase reliability, reduce support costs, and support the
current generation of PC hardware. To address minor compatibility problems that were introduced
by earlier security updates, hotfixes may have updated some files that were installed by the
earlier updates. This update includes the latest versions of these files. Therefore, even if a
system is fully up to date, Windows Update still detects and installs this update rollup. Customers
who use managed security update deployment solutions should decide whether to deploy Update
Rollup 1 within their infrastructure.

Q4: Will Update Rollup 1 for Windows 2000 SP4 be distributed over Automatic Updates?
A4: At first, this update rollup will not be distributed over Automatic Updates. This delay is
because of the transition from the Windows Update version 4 infrastructure to the version 6
infrastructure. This update rollup will be made available as an automatic update in September,
2005.

Q5: Will there be an administrative blocking tool for Update Rollup 1 for Windows 2000 SP4 like
there was for Windows XP SP2?
A5: No, Update Rollup 1 for Windows 2000 SP4 is not a service pack. Therefore, this update
rollup does not require the same level of deployment control. This update rollup is treated like
other security or reliability updates. These updates are typically distributed by Windows Update
and by Automatic Updates.

Q6: Do I have to install the individual security bulletin updates before I install Update Rollup 1 for
Windows 2000 on new installations of Windows 2000?
A6: No. First install Windows 2000 SP4, and then install the update rollup. After you install the
update rollup, run Windows Update to find updates that were released after April 30, 2005, or that
were not included in the update rollup.

Q7: Are customers required to install Update Rollup 1 for Windows 2000 SP4?
A7: Customers are not required to install Update Rollup 1 for Windows 2000 SP4. Microsoft
designed the update rollup to make it easy to keep Windows 2000-based computers up to date.
Therefore, we strongly recommend that customers install Update Rollup 1 for Windows 2000 SP4
as soon as they can.
Q8: After Update Rollup 1 for Windows SP4 is installed on a computer that is running Windows
2000 SP4, will the service pack level of Windows 2000 change?
A8: No. The service pack level of the computer remains at Windows 2000 SP4. After you install
Update Rollup 1 for Windows SP4, the computer will be up to date from a life-cycle policy
perspective until the end-of-life date for Windows 2000. The end-of-life date for Windows 2000
will be no sooner than January 1, 2010.

Q9: Is this the first time that Microsoft has produced an update rollup instead of a service pack?
A9: No. Microsoft has produced update rollups before. For more information about update rollups
that were previously released by Microsoft, click the following article numbers to view the articles
in the Microsoft Knowledge Base:
826939 (http://support.microsoft.com/kb/826939/ ) Update Rollup 1 for Windows XP is available
311401 (http://support.microsoft.com/kb/311401/ ) Windows 2000 Security Rollup Package 1,
January 2002
Q10: If Update Rollup 1 for Windows 2000 SP4 offers significant benefits over a new service
pack, why does Microsoft not always use update rollups instead of service packs?
A10: Service packs and update rollups play different, yet complimentary roles. Service packs
deliver important updates and new features that customers request before the next release of a
major operating system. Update rollups deliver a group of updates between more major releases.
Microsoft uses update rollups when there is a longer than typical gap between service pack
releases. Later in the life cycle of a product, update rollups make it easier for customers to keep
their computers up to date. When customers install an update rollup, customers do not have to
individually install all the updates that are available for a product.

Q11: How does Microsoft decide which hotfixes to include in an update rollup?
A11: Microsoft examines the number of times that customers request and download each hotfix
from Microsoft Web sites and from Product Support. Microsoft also evaluates the potential cost
savings for customers. This evaluation is based on experience in the Windows 2000 data center
environment at Microsoft.

Q12: What kinds of updates are included in Update Rollup 1 for Windows 2000 SP4?
A12: Update Rollup 1 for Windows 2000 SP4 contains all the security updates that were
produced for Windows 2000 after the release of SP4 until April 30, 2005. On April 30, 2005, the
contents for Update Rollup 1 were locked down for final testing by Microsoft, by external beta
sites, and by customer sites. Update Rollup 1 for Windows 2000 SP4 also contains a small
number of important non-security updates. Update Rollup 1 for Windows 2000 SP4 contains
updates that meet the following criteria:

* Updates that broadly apply to a variety of customers

* Updates that are frequently downloaded by customers
* Updates that have the potential to help customers significantly decrease their IT costs

For example, Update Rollup 1 for Windows 2000 SP4 contains updates to address problems
that are time-consuming for support professionals to troubleshoot and fix.
* Updates that were included on new computers by major Windows original equipment
manufacturers (OEMs) after Windows 2000 SP4 was released

Q13: What specific updates and hotfixes are included in Update Rollup 1 for Windows 2000 SP4?
A13: The following table lists all the updates and hotfixes that are included in Update Rollup 1 for
Windows 2000 SP4.
Back to the top
Fixes that are included in Update Rollup 1 for Windows 2000 SP4
Update Rollup 1 for Windows 2000 SP4 includes the following updates and hotfixes:
Collapse this tableExpand this table
Security BulletinArticle title Article number
MS02-050 Certificate validation flaw could permit identity spoofing 329115
(http://support.microsoft.com/kb/329115/ )
MS03-022 Vulnerability in ISAPI Extension for Windows Media Services may cause code
execution 822343 (http://support.microsoft.com/kb/822343/ )
MS03-025 Flaw in Windows message handling through Utility Manager could enable
privilege elevation 822679 (http://support.microsoft.com/kb/822679/ )
MS03-041 Vulnerability in Authenticode verification could allow remote code execution
823182 (http://support.microsoft.com/kb/823182/ )
MS03-023 Buffer overrun in the HTML converter could allow code execution823559
(http://support.microsoft.com/kb/823559/ )
MS03-026 Buffer overrun in RPC could allow code execution 823980
(http://support.microsoft.com/kb/823980/ )
MS03-034 Flaw in NetBIOS could lead to information disclosure 824105
(http://support.microsoft.com/kb/824105/ )
MS03-045 Buffer overrun in the ListBox and in the ComboBox Control could allow code
execution 824141 (http://support.microsoft.com/kb/824141/ )
MS03-039 A buffer overrun in RPCSS could allow an attacker to run malicious programs
824146 (http://support.microsoft.com/kb/824146/ )
MS03-044 Buffer overrun in Windows Help and Support Center could lead to system
compromise 825119 (http://support.microsoft.com/kb/825119/ )
MS03-042 Buffer Overflow in Windows Troubleshooter ActiveX Control Could Allow Code
Execution 826232 (http://support.microsoft.com/kb/826232/ )
MS03-043 Buffer overrun in Messenger service could allow code execution 828035
(http://support.microsoft.com/kb/828035/ )
MS03-049 Buffer overrun in the Workstation service could allow code execution 828749
(http://support.microsoft.com/kb/828749/ )
MS04-007 An ASN.1 vulnerability could allow code execution 828028
(http://support.microsoft.com/kb/828028/ )
MS04-008 Vulnerability in Windows Media Services could allow a Denial of Service attack
832359 (http://support.microsoft.com/kb/832359/ )
MS04-012 Cumulative Update for Microsoft RPC/DCOM 828741
(http://support.microsoft.com/kb/828741/ )
MS04-006 A vulnerability in the Windows Internet Name Service (WINS) could allow code
execution 830352 (http://support.microsoft.com/kb/830352/ )
MS04-011 Security Update for Microsoft Windows 835732
(http://support.microsoft.com/kb/835732/ )
MS04-014 Vulnerability in the Microsoft Jet Database Engine could permit code execution
837001 (http://support.microsoft.com/kb/837001/ )
MS04-016 Vulnerability in DirectPlay could allow denial of service 839643
(http://support.microsoft.com/kb/839643/ )
MS04-024 A vulnerability in the Windows shell could allow remote code execution 839645
(http://support.microsoft.com/kb/839645/ )
MS04-023 Vulnerability in HTML Help could allow code execution 840315
(http://support.microsoft.com/kb/840315/ )
MS04-020 A vulnerability in POSIX could allow code execution 841872
(http://support.microsoft.com/kb/841872/ )
MS04-022 A vulnerability in Task Scheduler could allow code execution 841873
(http://support.microsoft.com/kb/841873/ )
MS04-019 A vulnerability in Utility Manager could allow code execution 842526
(http://support.microsoft.com/kb/842526/ )
MS04-030 Vulnerability in WebDAV XML message handler could lead to a denial of service
824151 (http://support.microsoft.com/kb/824151/ )
MS04-032 Security update for Microsoft Windows 840987
(http://support.microsoft.com/kb/840987/ )
MS04-038 Cumulative Security Update for Internet Explorer834707
(http://support.microsoft.com/kb/834707/ )
MS04-037 Vulnerability in Windows shell could allow remote code execution841356
(http://support.microsoft.com/kb/841356/ )
MS04-031 Vulnerability in NetDDE could allow remote code execution 841533
(http://support.microsoft.com/kb/841533/ )
MS04-045 Vulnerability in WINS could allow remote code execution 870763
(http://support.microsoft.com/kb/870763/ )
MS04-043 Vulnerability in HyperTerminal could allow code execution 873339
(http://support.microsoft.com/kb/873339/ )
MS04-036 Vulnerability in NNTP could allow code execution 883935
(http://support.microsoft.com/kb/883935/ )
MS04-044 Vulnerabilities in Windows Kernel and LSASS could allow elevation of privilege
885835 (http://support.microsoft.com/kb/885835/ )
MS04-041 A vulnerability in WordPad could allow code execution 885836
(http://support.microsoft.com/kb/885836/ )
MS05-003 Vulnerability in the Indexing Service could allow remote code execution 871250
(http://support.microsoft.com/kb/871250/ )
MS05-008 Vulnerability in Windows shell could allow remote code execution890047
(http://support.microsoft.com/kb/890047/ )
MS05-011 Vulnerability in server message block could allow remote code execution 885250
(http://support.microsoft.com/kb/885250/ )
MS05-010 Vulnerability in the License Logging service could allow code execution 885834
(http://support.microsoft.com/kb/885834/ )
MS05-015 Vulnerability in hyperlink object library could allow remote code execution in
Windows Server 2003 888113 (http://support.microsoft.com/kb/888113/ )
MS05-001 Vulnerability in HTML Help could allow code execution 890175
(http://support.microsoft.com/kb/890175/ )
MS05-013 Vulnerability in the DHTML editing component ActiveX control could allow code
execution 891781 (http://support.microsoft.com/kb/891781/ )
MS05-002 Vulnerability in cursor and icon format handling could allow remote code
execution 891711 (http://support.microsoft.com/kb/891711/ )
MS05-012 Vulnerability in OLE and COM could allow remote code execution 873333
(http://support.microsoft.com/kb/873333/ )
MS05-016 Vulnerability in Windows Shell that could allow remote code execution 893086
(http://support.microsoft.com/kb/893086/ )
MS05-019 Vulnerabilities in TCP/IP could allow remote code execution and denial of service
893066 (http://support.microsoft.com/kb/893066/ )
MS05-017 Vulnerability in MSMQ could allow code execution 892944
(http://support.microsoft.com/kb/892944/ )
MS05-018 Vulnerabilities in Windows kernel could allow elevation of privilege and denial of
service 890859 (http://support.microsoft.com/kb/890859/ )
MS05-020 Cumulative security update for Internet Explorer 890923
(http://support.microsoft.com/kb/890923/ )
MS03-022 Vulnerability in ISAPI Extension for Windows Media Services may cause code
execution 822343 (http://support.microsoft.com/kb/822343/ )
MS05-014 Cumulative security update for Internet Explorer 867282
(http://support.microsoft.com/kb/867282/ )
For more information about fixes that are included in Update Rollup 1 for Microsoft Windows 2000
SP4, click the following article number to view the article in the Microsoft Knowledge Base:
900345 (http://support.microsoft.com/kb/900345/ ) Fixes that are included in Update Rollup 1 for
Microsoft Windows 2000 Service Pack 4 that is dated June 28, 2005
Back to the top
Update Rollup 1 for Windows 2000 SP4 TAPI information
Update Rollup 1 for Windows 2000 SP4 changes how telephony server and client computers
communicate using the Telephony Application Programming Interface (TAPI).

After you install Update Rollup 1 for Windows 2000 SP4, a Windows 2000 telephony client
accepts only encrypted RPC packets from a telephony server. The client does not communicate
with a telephony server that sends non-encrypted RPC packets. However, this restriction does
not apply to TAPI deployments where the client computers are using mailslot instead of remote
procedure call (RPC) for communications with the telephony server. This restriction also does not
apply where the telephony server uses mailslot for communications.

By default, a Windows 2000 client uses mailslot to communicate with the telephony server. A
Windows 2000 client uses RPC only when the client is explicitly configured as connection-
oriented. To configure the client this way, use the tcmsetup command together with the -x switch.
For example, use the following command:
tcmsetup/r/x/c ServerName
Back to the top
Notes
Update Rollup 1 for Windows 2000 SP4 does not contain updates for Windows components that
are not included with a clean slipstream install of Windows 2000 SP4. If components were
previously installed or updated, you must download individual security updates by using Windows
Update.

Examples of these updates include the following:

* MS03-011 - Flaw in Microsoft VM Could Enable System Compromise (KB816093)

The Microsoft VM is not included in SP4 natively. However the VM may be resident on
systems which were updated to SP4 from a prior SP or installed by a third party software
package.
* Internet Explorer 6 and Outlook Express 6

Windows 2000 originally included Internet Explorer 5.01. Service packs for Windows 2000
only affect this version. We recommend that you install Internet Explorer 6 SP1 and the current
cumulative Internet Explorer security updates on Windows 2000 computers.

After you apply Microsoft Windows 2000 Update Rollup 1, you may receive an error message
when you try to print. For more information, click the following article number to view the article in
the Microsoft Knowledge Base:
832219 (http://support.microsoft.com/kb/832219/ ) Users cannot print after you install a service
pack, update rollup, or printer hotfix on a server in Windows 2000

Note The log file name for the Update Rollup 1 for Windows 2000 SP4 is named
UpdateRollupPack.log. This file is located in the %Systemroot% folder.
Back to the top
APPLIES TO

* Microsoft Windows 2000 Server

* Microsoft Windows 2000 Professional Edition
* Microsoft Windows 2000 Advanced Server
* Microsoft Windows 2000 Datacenter Server

Back to the top

Keywords:
kbpubtypekc kbfaq kbinfo kbtshoot KB891861
Back to the top