Article ID: 269651 - View products that this article applies to.
This article was previously published under Q269651
NoticeThis article applies to Windows 2000. Support for Windows 2000 ends on July 13, 2010. The Windows 2000 End-of-Support Solution Center
(http://support.microsoft.com/win2000)is a starting point for planning your migration strategy from Windows 2000. For more information see the Microsoft Support Lifecycle Policy
When you install a Windows 2000 service pack, hotfix, or other system update, you may receive the following error message:
If you then click More Information, you may receive the following error message:
Digital Signature Not Found
The Microsoft digital signature affirms that software has been tested with Windows and that the software has not been altered since it was tested.
The software you are about to install does not contain a Microsoft digital signature. Therefore, there is no guarantee that this software works correctly with Windows.
Unknown software package
If you want to search for Microsoft digitally signed software, visit the Windows Update Web site at http://update.microsoft.com to see if one is available.
Do you want to continue the installation?
When you click OK, you may receive a series of error messages that are similar to the first error message that is listed in this article, and you may then receive the following error message:
Windows did not find a Microsoft signature associated with the software package you want to install.
If you then click OK, you may receive the following error message:
Service Pack Setup Error
The form specified for the subject is not one supported or known by the specified trust provider.
Service Pack Setup Error
Service Pack was not installed.
This problem may occur if Windows 2000 is not correctly reading the digital signature of the software package and the following two local computer policies are blocking the installation:
Because third-party drivers (whether signed or unsigned) can only be installed by an administrator, driver signing policy (in its present form as of April 2003) is not a security issue. In Windows versions earlier than Windows Server 2003, driver signing was misleading because Windows versions earlier than Windows Server 2003 sent mixed messages about when a driver package was safe, depending on the corresponding device's class.
In earlier versions of Windows (including Windows 2000), Microsoft grouped SetupAPI activities into two categories:
This is why in Windows Server 2003, Microsoft introduced the ability for device classes outside the purview of WHQL to be signed with an Authenticode signature. That way, at least the conscientious vendor could protect their users from spoofing, tampering, and repudiation threats. The user is notified that a driver is being installed, if it was signed, and if so, by whom. In Windows Server 2003, all device installations are subject to driver signing policy. The remaining SetupAPI-based installations are subject to non-driver signing policy. Turning non-driver signing policy to anything other than Ignore (the default) will have undesirable side-effects, such as displaying the driver signing user interface when the user downloads or installs ActiveX controls, IExpress packages, service packs, and hotfixes.
To resolve this problem, obtain the latest service pack for Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/260910/EN-US/ )How to Obtain the Latest Windows 2000 Service Pack
To work around this problem (and prevent the driver signing dialogs from displaying), temporarily set the following policies to "silently succeed" during the service pack or update installation:
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Windows 2000 Service Pack 3.