Updated Sp2.cat available to resolve versioning issues with post Service Pack 1 hotfixes

Article translations Article translations
Article ID: 281767 - View products that this article applies to.
This article was previously published under Q281767
This article has been archived. It is offered "as is" and will no longer be updated.
Expand all | Collapse all

SYMPTOMS

We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 7.0 running on Microsoft Windows Server 2008. IIS 7.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:
http://www.microsoft.com/technet/security/prodtech/IIS.mspx
For more information about IIS 7.0, visit the following Microsoft Web site:
http://www.iis.net/default.aspx?tabid=1
Under certain circumstances, the Windows 2000 post-Service Pack 1 (SP1) catalog file (Sp2.cat) that is included with Windows 2000 post-SP1 hotfixes may be incorrectly versioned. All Windows 2000 post-SP1 hotfixes that had this problem have been repackaged to include an updated Sp2.cat file.

If multiple Windows 2000 post-SP1 hotfixes are installed on your computer and one hotfix has this Sp2.cat versioning issue, your computer may be affected. Depending on the order in which the hotfixes were installed, a newer hotfixed Sp2.cat file may be replaced by an older version.

This problem occurs only with English-language hotfixes.

RESOLUTION

To resolve this problem, obtain the latest service pack for Windows 2000. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
260910 How to obtain the latest Windows 2000 service pack
The resolution to this problem is a two-step process. In step 1, you install a tool that can help you verify if your computer is affected by this problem. In step 2, you install an updated Windows 2000 post-SP1 catalog file that protects your computer from this problem.

  1. Microsoft has released a tool that can help you verify if your computer is affected by this problem. This tool checks all Windows 2000 hotfixes that are installed on your computer to determine if any of your current hotfixes are affected. For more information about this tool and how to install it, click the following article number to view the article in the Microsoft Knowledge Base:
    282784 Qfecheck.exe verifies the installation of Windows 2000 and Windows XP hotfixes
  2. Install the updated Windows 2000 post-SP1 catalog file.
    • Windows 2000 SP1 includes an update that allows .cat files to be dynamically read when they are installed; therefore, you do not need to restart your computer after applying this package.

      If you are running Windows 2000 SP1, download the following file:
      Collapse this imageExpand this image
      Download
      Download Q281767_w2k_sp2_x86_en.exe now
    • Windows 2000-based computers without SP1 read catalog information when the system is started. After you apply this package you are prompted to restart your computer.

      If you are not running Windows 2000 SP1, download the following file:
      Collapse this imageExpand this image
      Download
      Download Q285083_w2k_sp2_x86_en.exe now
    For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
    119591 How to obtain Microsoft support files from online services
    Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.
The English-language version of this fix should have the following file attributes or later:
   Date        Time    Size     File name
   --------------------------------------
   12/14/2000  05:11a  626,702  Sp2.cat
				

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section. This problem was first corrected in Windows 2000 Service Pack 2.

MORE INFORMATION

Every Microsoft hotfix for Windows 2000 contains a catalog file. This catalog file contains the information that is used by the Windows File Protection feature to verify the files in the hotfix package. For Windows 2000 post-SP1 hotfixes, the file is named Sp2.cat. For more information about the Windows File Protection feature, click the following article number to view the article in the Microsoft Knowledge Base:
222193 Description of the Windows 2000 Windows File Protection feature
Hotfix catalog files are cumulative. The latest hotfix file contains information for all hotfixes that were created before it. This allows one version of the file to be installed while earlier hotfixed files continue to be valid.

This problem affects the following Microsoft Security Bulletin fixes that are referenced on the following Microsoft Web site:
http://www.microsoft.com/technet/security
  • Security bulletin:
    MS00-036
    Microsoft Knowledge Base article:
    262694 Malicious user can shut down computer browser service
  • Security bulletin:
    MS00-044
    Microsoft Knowledge Base article:
    267559 GET on HTR file can cause a "denial of service" or enable directory browsing
  • Security bulletin:
    MS00-047
    Microsoft Knowledge Base article:
    269239 NetBIOS vulnerability may cause duplicate name on the network conflicts
  • Security bulletin:
    MS00-050
    Microsoft Knowledge Base article:
    267843 Windows 2000 Telnet Server stops responding after binary input
  • Security bulletin:
    MS00-052
    Microsoft Knowledge Base article:
    269049 Registry-invoked programs use standard search path
  • Security bulletin:
    MS00-053
    Microsoft Knowledge Base article:
    269523 Service Control Manager named pipe impersonization vulnerability
  • Security bulletin:
    MS00-057
    Microsoft Knowledge Base article:
    269862 Patch released for canonicalization error issue
  • Security bulletin:
    MS00-058
    Microsoft Knowledge Base article:
    256888 Internet Information Service may return source of active server pages file
  • Security bulletin:
    MS00-065
    Microsoft Knowledge Base article:
    272736 Windows 2000 Still Image service exposes user elevation vulnerability
  • Security bulletin:
    MS00-066
    Microsoft Knowledge Base article:
    272303 RPC Server service stops responding
  • Security bulletin:
    MS00-067
    Microsoft Knowledge Base article:
    272743 HTML e-mail link transmits user name and password to unauthorized server
  • Security bulletin:
    MS00-069
    Microsoft Knowledge Base article:
    270676 Users might gain full control of a system via the "simplified Chinese IME state recognition" vulnerability
  • Security bulletin:
    MS00-070
    Microsoft Knowledge Base article:
    266433 Patch for numerous vulnerabilities in the LPC port system calls
  • Security bulletin:
    MS00-077
    Microsoft Knowledge Base article:
    273854 Denial of service can occur with Microsoft NetMeeting
  • Security bulletin:
    MS00-080
    Microsoft Knowledge Base article:
    274149 Cookies are not marked as SSL-secured in IIS
  • Security bulletin:
    MS00-083
    Microsoft Knowledge Base article:
    274835 Buffer overflow in Network Monitor may cause vulnerability
  • Security bulletin:
    MS00-084
    Microsoft Knowledge Base article:
    278499 Update available for indexing service availability
  • Security bulletin:
    MS00-085
    Microsoft Knowledge Base article:
    278511 Patch available for ActiveX parameter validation vulnerability
  • Security bulletin:
    MS00-086
    Microsoft Knowledge Base article:
    277873 Patch for "Web server file request parsing" vulnerability
  • Security bulletin:
    MS00-089
    Microsoft Knowledge Base article:
    274372 Patch released for "domain account lockout" vulnerability

Properties

Article ID: 281767 - Last Review: February 28, 2014 - Revision: 8.2
APPLIES TO
  • Microsoft Windows 2000 Server SP1
  • Microsoft Windows 2000 Advanced Server SP1
  • Microsoft Windows 2000 Professional SP1
Keywords: 
kbnosurvey kbarchive kbhotfixserver kbqfe kbbug kbfix kbgraphxlinkcritical kbsetup kbwin2000presp2fix KB281767

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com