Windows 2000 Security Rollup Package 1 (SRP1), January 2002, Release Notes

Article ID: 315683 - View products that this article applies to.
This article was previously published under Q315683
Expand all | Collapse all

On This Page

SUMMARY

This article includes information about issues with Windows 2000 Security Rollup Package 1 (SRP1). For additional information about SRP1, click the article number below to view the article in the Microsoft Knowledge Base:
311401
(http://support.microsoft.com/kb/311401/EN-US/ )
Windows 2000 Security Rollup Package 1 (SRP1), January 2002
Back to the top | Give Feedback

MORE INFORMATION

How to Determine If SRP1 Has Been Applied

A feature has been added to SRP1 so that you can determine if it has been installed on a computer. Follow these steps to display the installation information for SRP1:
  1. Click Start, click Run, type winver, and then click OK.
  2. If SRP1 is installed, the identification listing for the SRP1 package is displayed below the copyright information in the Winver window.
  3. If the SRP1 identification listing is not displayed, you should install SRP1.

The QFECheck Tool

After you apply SRP1, Microsoft recommends that you run the QFECheck tool to verify that SRP1 is properly installed and trusted. Note that QFECheck is an English-language command-line tool. For additional information about QFECheck, click the article number below to view the article in the Microsoft Knowledge Base:
282784
(http://support.microsoft.com/kb/282784/EN-US/ )
Qfecheck.exe Verifies the Installation of Windows 2000 Hotfixes

How to Obtain the SRP1 Symbols

For information on how to obtain the symbol files for SRP1, see the following Microsoft Web site:
http://www.microsoft.com/whdc/devtools/ddk/default.mspx
(http://www.microsoft.com/whdc/devtools/ddk/default.mspx)

Windows Services for UNIX 2.0

If you use Windows Services for UNIX 2.0, install the hotfix that is described in the following Microsoft Knowledge Base article before you apply SRP1:
306795
(http://support.microsoft.com/kb/306795/EN-US/ )
Services for UNIX Management Console May Hang

Q279225

Customers who apply this patch on Windows 2000-based computers that are running Windows Management Instrumentation (WMI) may also need to apply an additional hotfix. Although it is unrelated to this particular patch, a known issue can cause the WMI process (Winmgmt.exe) to stop responding (hang) and consume 100 percent of CPU resources and memory if a program queries for the Win32_QuickFixEngineering objects. For example, this can occur when Microsoft Systems Management Server (SMS) queries WMI to determine which hotfixes have been applied. For additional information about how to resolve this problem, click the article number below to view the article in the Microsoft Knowledge Base:
279225
(http://support.microsoft.com/kb/279225/EN-US/ )
WMI Win32_QuickFixEngineering Queries Cause Winmgmt Process to Hang
Customers who were running Q279225 prior to installing SRP1, need not reapply the fix as SRP1 does not replace or remove Q279225.

How to Install SRP1 Over Terminal Services

If you install SRP1 over a Terminal Services connection, you may receive an access violation error message in Winlogon.exe if you disconnect and then reconnect the session. If you need to install over Terminal Services, Microsoft recommends that you use the unattended installation option, and force a system reboot after Setup completes.

When to Reinstall SRP1

SRP1 should be reinstalled if any components are added, reconfigured, or removed after the SRP installation.

File Version Discrepancies

The hotfix that is described in the following Microsoft Knowledge Base article contains some of the same files as SRP1, but the version numbers are later than the SRP1 files:
307454
(http://support.microsoft.com/kb/307454/EN-US/ )
MS01-052: Invalid RDP Data Can Cause Terminal Services Failure
The version difference is caused by the file-signing process. You do not have to uninstall the Q307454 hotfix before you install the SRP. Installing the Q307454 hotfix resolves the security vulnerability that is documented in Microsoft Knowledge Base article Q307454; installing the SRP resolves all of the security vulnerabilities that are documented in this article.

SRP1

   File name    Version
   --------------------------
   Lserver.exe  5.0.2195.4241
   Rdpwsx.dll   5.0.2195.4307
   Rdpwd.sys    5.0.2195.4307

Q307454

   File name    Version
   -------------------------
   Lserver.exe  5.0.2195.4435
   Rdpwsx.dll   5.0.2195.4527
   Rdpwd.sys    5.0.2195.4527

MS01-022

Microsoft Security Bulletin MS01-022
(http://www.microsoft.com/technet/security/bulletin/MS01-022.mspx)
is not included in SRP1. For information about how to obtain this patch, see the following article in the Microsoft Knowledge Base:
296441
(http://support.microsoft.com/kb/296441/EN-US/ )
MS01-022: WebDAV Service Provider Can Allow Scripts to Levy Requests as a User
Back to the top | Give Feedback

Properties

Article ID: 315683 - Last Review: October 27, 2006 - Revision: 3.4
APPLIES TO
  • Microsoft Windows 2000 Server SP2
  • Microsoft Windows 2000 Advanced Server SP2
  • Microsoft Windows 2000 Professional SP2
Keywords: 
kbinfo kbsecurity KB315683
Back to the top | Give Feedback

Give Feedback

 
Back to the topBack to the top