Windows 2000 Security Rollup Package 1 (SRP1), January 2002
This article was previously published under Q311401 On This PageSUMMARY Microsoft has released a Security Rollup Package (SRP) for
Windows 2000 that includes the security updates that are described in the "More
Information" section in this article. This small, comprehensive rollup of
updates is an easy mechanism for managing the rollout of security fixes.
Applying SRP1 does not change the encryption level of your computer. For more information about this first release of the SRP, visit the following Microsoft Web site: http://technet.microsoft.com/en-us/windowsserver/2000/bb735341.aspx (http://technet.microsoft.com/en-us/windowsserver/2000/bb735341.aspx) This Security Rollup Package is included in Windows 2000 Service
Pack 3.
For additional information about the latest
service pack for Windows 2000, click the article number below to view the
article in the Microsoft Knowledge Base: 260910 (http://support.microsoft.com/kb/260910/EN-US/) How to Obtain the Latest Windows 2000 Service Pack
MORE INFORMATIONFor additional information about SRP1 and any actions you
should take before you apply it, click the article number below to view the
article in the Microsoft Knowledge Base: 315683 (http://support.microsoft.com/kb/315683/EN-US/) Windows 2000 Security Rollup Package 1 (SRP1), January 2002, Release Notes
Patches are available from the following Microsoft
Web site (if your language is not listed, please check back later):  English Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/en-us/w2ksp2srp1express.exe) Arabic Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/ar/w2ksp2srp1express.exe) Chinese (Simplified) Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/cn/w2ksp2srp1express.exe) Chinese (Traditional) Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/tw/w2ksp2srp1express.exe) Czech Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/cs/w2ksp2srp1express.exe) Danish Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/da/w2ksp2srp1express.exe) Dutch Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/nl/w2ksp2srp1express.exe) Finnish Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/fi/w2ksp2srp1express.exe) French Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/fr/w2ksp2srp1express.exe) German Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/de/w2ksp2srp1express.exe) Greek Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/el/w2ksp2srp1express.exe) Hebrew Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/he/w2ksp2srp1express.exe) Hungarian Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/hu/w2ksp2srp1express.exe) Italian Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/it/w2ksp2srp1express.exe) Japanese Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/ja/w2ksp2srp1express.exe) Japanese NEC Language Version (http://download.microsoft.com/download/win2000platform/expnec/q311401/nt5/ja/w2ksp2srp1express.exe) Korean Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/ko/w2ksp2srp1express.exe) Norwegian Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/no/w2ksp2srp1express.exe) Polish Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/pl/w2ksp2srp1express.exe) Portuguese (Brazilian) Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/pt-br/w2ksp2srp1express.exe) Portuguese Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/pt/w2ksp2srp1express.exe) Russian Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/ru/w2ksp2srp1express.exe) Spanish Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/es/w2ksp2srp1express.exe) Swedish Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/sv/w2ksp2srp1express.exe) Turkish Language Version (http://download.microsoft.com/download/win2000platform/express/q311401/nt5/tr/w2ksp2srp1express.exe)Release Date: January 30, 2002 For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base: 119591 (http://support.microsoft.com/kb/119591/EN-US/) How to Obtain Microsoft Support Files from Online Services
Microsoft scanned this file for viruses. Microsoft used the most
current virus-detection software that was available on the date that the file
was posted. The file is stored on security-enhanced servers that help to
prevent any unauthorized changes to the file.
Fixes Included in SRP1SRP1 includes all post-SP2 security updates that have been delivered via Microsoft Security Bulletins (http://www.microsoft.com/technet/archive/security/news/nt4tsesr.mspx?mfr=true). In addition, it also includes a small number of security updates that have not been previously discussed. Because security bulletins are disruptive to customers' normal maintenance procedures, Microsoft typically issues them only when a security issue poses an immediate danger to your systems. Issues that do not meet this standard are typically addressed through other delivery vehicles such as service packs or, in this case, the SRP.252795 (http://support.microsoft.com/kb/252795/EN-US/) MS01-046: Windows 2000 Does Not Support Mapping Virtual COM Ports to Infrared Ports
273854 (http://support.microsoft.com/kb/273854/EN-US/) MS00-077: Denial of Service Can Occur with Microsoft NetMeeting
276471 (http://support.microsoft.com/kb/276471/EN-US/) MS00-079: Patch for "HyperTerminal Buffer Overflow" Vulnerability In Windows 2000
282806 (http://support.microsoft.com/kb/282806/EN-US/) MS01-031: Telnet Service Prevents an Idle Telnet Session from Timing Out
285156 (http://support.microsoft.com/kb/285156/EN-US/) MS01-013: Windows 2000 Event Viewer Contains an Unchecked Buffer
285851 (http://support.microsoft.com/kb/285851/EN-US/) MS01-007: Patch Available for Network DDE Agent Request Vulnerability
285985 (http://support.microsoft.com/kb/285985/EN-US/) MS01-004: Patch Available for New Variant of File Fragment Reading via .HTR Vulnerability
286043 (http://support.microsoft.com/kb/286043/EN-US/) MS01-051: Patch Available for Telnet Logging Vulnerability
287912 (http://support.microsoft.com/kb/287912/EN-US/) MS01-031: Predictable Named Pipes Could Enable Privilege Elevation with Telnet
288855 (http://support.microsoft.com/kb/288855/EN-US/) MS01-026: FTP Service Allows Login to Domain Guest Account
289243 (http://support.microsoft.com/kb/289243/EN-US/) MS02-001: Forged SID Could Result in Elevated Privileges in Windows 2000
292435 (http://support.microsoft.com/kb/292435/EN-US/) MS01-040: Invalid RDP Data Can Cause Memory Leak in Terminal Services
293826 (http://support.microsoft.com/kb/293826/EN-US/) MS01-026: Pattern-Matching Function Can Cause Access Violation on FTP Server
294370 (http://support.microsoft.com/kb/294370/EN-US/) MS01-026: Updated Patch for Microsoft Security Bulletin MS00-060
294379 (http://support.microsoft.com/kb/294379/EN-US/) Addressees Appear in Body of SMTP Message Instead of the Header If You Specify Many Addressees
294391 (http://support.microsoft.com/kb/294391/EN-US/) MS01-024: Malformed Request to Domain Controller Can Cause Memory Exhaustion
294774 (http://support.microsoft.com/kb/294774/EN-US/) MS01-044: IIS Loads ISAPI Extension In-Process Even When Application Is Marked for High Isolation
295534 (http://support.microsoft.com/kb/295534/EN-US/) MS01-026: Superfluous Decoding Operation Can Allow Command Execution Through IIS
296185 (http://support.microsoft.com/kb/296185/EN-US/) MS01-025: Patch Available for New Variant of the "Malformed Hit-Highlighting" Vulnerability
297860 (http://support.microsoft.com/kb/297860/EN-US/) MS01-044: IIS 5.0 Security and Post-Windows NT 4.0 SP5 IIS 4.0 Patch Rollup
298009 (http://support.microsoft.com/kb/298009/EN-US/) Cipher.exe Security Tool for the Encrypting File System
298012 (http://support.microsoft.com/kb/298012/EN-US/) MS01-041: Malformed RPC Request Can Cause Service Problems
298340 (http://support.microsoft.com/kb/298340/EN-US/) MS01-044: Patch Available for WebDAV Denial of Service
299553 (http://support.microsoft.com/kb/299553/EN-US/) MS01-031: Logon Command That Contains a Particular Malformation Causes an Access Violation in the Telnet Service
299687 (http://support.microsoft.com/kb/299687/EN-US/) MS01-036: Function Exposed By Using LDAP over SSL Could Enable Passwords to Be Changed
299796 (http://support.microsoft.com/kb/299796/EN-US/) MS00-077: Denial-of-Service Attack on Port 1720 May Cause a Memory Leak in Conf.exe
300477 (http://support.microsoft.com/kb/300477/EN-US/) MS01-035: FPSE: Potential Buffer Overrun Vulnerability in Visual Studio RAD (Remote Application Deployment)
300855 (http://support.microsoft.com/kb/300855/EN-US/) MS01-031: Windows 2000 Telnet Security Rollup
300901 (http://support.microsoft.com/kb/300901/EN-US/) MS01-031: Telnet Service Allows Logging On to Domain Guest Account
300905 (http://support.microsoft.com/kb/300905/EN-US/) MS01-031: Handle Leak in Telnet Service Causes a Denial-of-Service Vulnerability
300908 (http://support.microsoft.com/kb/300908/EN-US/) MS01-031: Program Running with Normal Privileges Can Terminate a Telnet Session
300972 (http://support.microsoft.com/kb/300972/EN-US/) MS01-033: Unchecked Buffer in Index Server ISAPI Extension Can Enable Web Server Compromise
301625 (http://support.microsoft.com/kb/301625/EN-US/) MS01-044: Patch Available for SSI Privilege Elevation Vulnerability
302755 (http://support.microsoft.com/kb/302755/EN-US/) MS01-037: Authentication Error in SMTP Service Could Allow Mail Relaying
303984 (http://support.microsoft.com/kb/303984/EN-US/) MS01-043: NNTP Service in Windows 2000 Contains a Memory Leak
304867 (http://support.microsoft.com/kb/304867/EN-US/) MS01-044: Patch Available for MIME Header Denial of Service Vulnerability
305601 (http://support.microsoft.com/kb/305601/EN-US/) MS01-060: FIX: CRT String Format Functions May Underwrite Buffer
306118 (http://support.microsoft.com/kb/306118/EN-US/) FPSE2000: List of Issues Fixed in FrontPage Server Extensions Service Release 1.3
306121 (http://support.microsoft.com/kb/306121/EN-US/) MS01-051: Malformed "Dotless" IP Address Can Cause a Web Page to Be Handled in the Intranet Zone
307298 (http://support.microsoft.com/kb/307298/EN-US/) MS02-004: Telnet Server Is Vulnerable to a Denial-of-Service Attack
307454 (http://support.microsoft.com/kb/307454/EN-US/) MS01-052: Invalid RDP Data Can Cause Terminal Services Failure
308268 (http://support.microsoft.com/kb/308268/EN-US/) .IDA and .IDQ Mappings Restored After You Install Service Pack or Add/Remove a Windows Component
308414 (http://support.microsoft.com/kb/308414/EN-US/) MS01-051: Patch Available for HTTP Request Encoding Vulnerability
311355 (http://support.microsoft.com/kb/311355/EN-US/) MS01-041: The Danish Version of Security Hotfix MS01-041 Is Not Installed
315404 (http://support.microsoft.com/kb/315404/EN-US/) MS01-052: Clients with an Expired Temporary License May Be Unable to Connect to Terminal Services
| Article Translations
|
| United States | Change | | | All Microsoft Sites |
Help and Support
Back to the top
|
