Article ID: 315683 - View products that this article applies to.
This article was previously published under Q315683
This article includes information about issues with Windows 2000 Security Rollup Package 1 (SRP1). For additional information about SRP1, click the article number below to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/311401/EN-US/ )Windows 2000 Security Rollup Package 1 (SRP1), January 2002
How to Determine If SRP1 Has Been AppliedA feature has been added to SRP1 so that you can determine if it has been installed on a computer. Follow these steps to display the installation information for SRP1:
The QFECheck ToolAfter you apply SRP1, Microsoft recommends that you run the QFECheck tool to verify that SRP1 is properly installed and trusted. Note that QFECheck is an English-language command-line tool. For additional information about QFECheck, click the article number below to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/282784/EN-US/ )Qfecheck.exe Verifies the Installation of Windows 2000 Hotfixes
How to Obtain the SRP1 SymbolsFor information on how to obtain the symbol files for SRP1, see the following Microsoft Web site:
Windows Services for UNIX 2.0If you use Windows Services for UNIX 2.0, install the hotfix that is described in the following Microsoft Knowledge Base article before you apply SRP1:
(http://support.microsoft.com/kb/306795/EN-US/ )Services for UNIX Management Console May Hang
Q279225Customers who apply this patch on Windows 2000-based computers that are running Windows Management Instrumentation (WMI) may also need to apply an additional hotfix. Although it is unrelated to this particular patch, a known issue can cause the WMI process (Winmgmt.exe) to stop responding (hang) and consume 100 percent of CPU resources and memory if a program queries for the Win32_QuickFixEngineering objects. For example, this can occur when Microsoft Systems Management Server (SMS) queries WMI to determine which hotfixes have been applied. For additional information about how to resolve this problem, click the article number below to view the article in the Microsoft Knowledge Base:
279225Customers who were running Q279225 prior to installing SRP1, need not reapply the fix as SRP1 does not replace or remove Q279225.
(http://support.microsoft.com/kb/279225/EN-US/ )WMI Win32_QuickFixEngineering Queries Cause Winmgmt Process to Hang
How to Install SRP1 Over Terminal ServicesIf you install SRP1 over a Terminal Services connection, you may receive an access violation error message in Winlogon.exe if you disconnect and then reconnect the session. If you need to install over Terminal Services, Microsoft recommends that you use the unattended installation option, and force a system reboot after Setup completes.
When to Reinstall SRP1SRP1 should be reinstalled if any components are added, reconfigured, or removed after the SRP installation.
File Version DiscrepanciesThe hotfix that is described in the following Microsoft Knowledge Base article contains some of the same files as SRP1, but the version numbers are later than the SRP1 files:
307454The version difference is caused by the file-signing process. You do not have to uninstall the Q307454 hotfix before you install the SRP. Installing the Q307454 hotfix resolves the security vulnerability that is documented in Microsoft Knowledge Base article Q307454; installing the SRP resolves all of the security vulnerabilities that are documented in this article.
(http://support.microsoft.com/kb/307454/EN-US/ )MS01-052: Invalid RDP Data Can Cause Terminal Services Failure
File name Version -------------------------- Lserver.exe 5.0.2195.4241 Rdpwsx.dll 5.0.2195.4307 Rdpwd.sys 5.0.2195.4307
File name Version ------------------------- Lserver.exe 5.0.2195.4435 Rdpwsx.dll 5.0.2195.4527 Rdpwd.sys 5.0.2195.4527
MS01-022Microsoft Security Bulletin MS01-022
(http://www.microsoft.com/technet/security/bulletin/MS01-022.mspx)is not included in SRP1. For information about how to obtain this patch, see the following article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/296441/EN-US/ )MS01-022: WebDAV Service Provider Can Allow Scripts to Levy Requests as a User