We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 7.0 running on Microsoft Windows Server 2008. IIS 7.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:For more information about IIS 7.0, visit the following Microsoft Web site: Under certain circumstances, the Windows 2000 post-Service Pack 1 (SP1) catalog file (Sp2.cat) that is included with Windows 2000 post-SP1 hotfixes may be incorrectly versioned. All Windows 2000 post-SP1 hotfixes that had this problem have been repackaged to include an updated Sp2.cat file.

If multiple Windows 2000 post-SP1 hotfixes are installed on your computer and one hotfix has this Sp2.cat versioning issue, your computer may be affected. Depending on the order in which the hotfixes were installed, a newer hotfixed Sp2.cat file may be replaced by an older version.

This problem occurs only with English-language hotfixes.

Back to the top

To resolve this problem, obtain the latest service pack for Windows 2000. For more information, click the following article number to view the article in the Microsoft Knowledge Base: The resolution to this problem is a two-step process. In step 1, you install a tool that can help you verify if your computer is affected by this problem. In step 2, you install an updated Windows 2000 post-SP1 catalog file that protects your computer from this problem.

1.

Microsoft has released a tool that can help you verify if your computer is affected by this problem. This tool checks all Windows 2000 hotfixes that are installed on your computer to determine if any of your current hotfixes are affected. For more information about this tool and how to install it, click the following article number to view the article in the Microsoft Knowledge Base: 282784 (http://support.microsoft.com/kb/282784/) Qfecheck.exe verifies the installation of Windows 2000 and Windows XP hotfixes

2.

Install the updated Windows 2000 post-SP1 catalog file. • Windows 2000 SP1 includes an update that allows .cat files to be dynamically read when they are installed; therefore, you do not need to restart your computer after applying this package. If you are running Windows 2000 SP1, download the following file: Download Q281767_w2k_sp2_x86_en.exe now (http://www.microsoft.com/technet/security/bulletin/ms01-005.mspx) • Windows 2000-based computers without SP1 read catalog information when the system is started. After you apply this package you are prompted to restart your computer. If you are not running Windows 2000 SP1, download the following file: Download Q285083_w2k_sp2_x86_en.exe now (http://www.microsoft.com/downloads/details.aspx?FamilyId=CC8C90A1-628D-499D-A65C-8411BD359847&displaylang=en) For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base: 119591 (http://support.microsoft.com/kb/119591/) How to obtain Microsoft support files from online services Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

The English-language version of this fix should have the following file attributes or later:

   Date        Time    Size     File name
   --------------------------------------
   12/14/2000  05:11a  626,702  Sp2.cat
				

Back to the top

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section. This problem was first corrected in Windows 2000 Service Pack 2.

Back to the top

Every Microsoft hotfix for Windows 2000 contains a catalog file. This catalog file contains the information that is used by the Windows File Protection feature to verify the files in the hotfix package. For Windows 2000 post-SP1 hotfixes, the file is named Sp2.cat. For more information about the Windows File Protection feature, click the following article number to view the article in the Microsoft Knowledge Base: Hotfix catalog files are cumulative. The latest hotfix file contains information for all hotfixes that were created before it. This allows one version of the file to be installed while earlier hotfixed files continue to be valid.

This problem affects the following Microsoft Security Bulletin fixes that are referenced on the following Microsoft Web site:

•	Security bulletin: MS00-036 (http://www.microsoft.com/technet/security/bulletin/MS00-036.asp) Microsoft Knowledge Base article: 262694 (http://support.microsoft.com/kb/262694/) Malicious user can shut down computer browser service
•	Security bulletin: MS00-044 (http://www.microsoft.com/technet/security/bulletin/MS00-044.mspx) Microsoft Knowledge Base article: 267559 (http://support.microsoft.com/kb/267559/) GET on HTR file can cause a "denial of service" or enable directory browsing
•	Security bulletin: MS00-047 (http://www.microsoft.com/technet/security/bulletin/MS00-047.mspx) Microsoft Knowledge Base article: 269239 (http://support.microsoft.com/kb/269239/) NetBIOS vulnerability may cause duplicate name on the network conflicts
•	Security bulletin: MS00-050 (http://www.microsoft.com/technet/security/bulletin/MS00-050.mspx) Microsoft Knowledge Base article: 267843 (http://support.microsoft.com/kb/267843/) Windows 2000 Telnet Server stops responding after binary input
•	Security bulletin: MS00-052 (http://www.microsoft.com/technet/security/bulletin/MS00-052.mspx) Microsoft Knowledge Base article: 269049 (http://support.microsoft.com/kb/269049/) Registry-invoked programs use standard search path
•	Security bulletin: MS00-053 (http://www.microsoft.com/technet/security/bulletin/MS00-053.mspx) Microsoft Knowledge Base article: 269523 (http://support.microsoft.com/kb/269523/) Service Control Manager named pipe impersonization vulnerability
•	Security bulletin: MS00-057 (http://www.microsoft.com/technet/security/bulletin/MS00-057.mspx) Microsoft Knowledge Base article: 269862 (http://support.microsoft.com/kb/269862/) Patch released for canonicalization error issue
•	Security bulletin: MS00-058 (http://www.microsoft.com/technet/security/bulletin/MS00-058.mspx) Microsoft Knowledge Base article: 256888 (http://support.microsoft.com/kb/256888/) Internet Information Service may return source of active server pages file
•	Security bulletin: MS00-065 (http://www.microsoft.com/technet/security/bulletin/MS00-065.mspx) Microsoft Knowledge Base article: 272736 (http://support.microsoft.com/kb/272736/) Windows 2000 Still Image service exposes user elevation vulnerability
•	Security bulletin: MS00-066 (http://www.microsoft.com/technet/security/bulletin/MS00-066.mspx) Microsoft Knowledge Base article: 272303 (http://support.microsoft.com/kb/272303/) RPC Server service stops responding
•	Security bulletin: MS00-067 (http://www.microsoft.com/technet/security/bulletin/MS00-067.mspx) Microsoft Knowledge Base article: 272743 (http://support.microsoft.com/kb/272743/) HTML e-mail link transmits user name and password to unauthorized server
•	Security bulletin: MS00-069 (http://www.microsoft.com/technet/security/bulletin/MS00-069.mspx) Microsoft Knowledge Base article: 270676 (http://support.microsoft.com/kb/270676/) Users might gain full control of a system via the "simplified Chinese IME state recognition" vulnerability
•	Security bulletin: MS00-070 (http://www.microsoft.com/technet/security/bulletin/MS00-070.mspx) Microsoft Knowledge Base article: 266433 (http://support.microsoft.com/kb/266433/) Patch for numerous vulnerabilities in the LPC port system calls
•	Security bulletin: MS00-077 (http://www.microsoft.com/technet/security/bulletin/MS00-077.mspx) Microsoft Knowledge Base article: 273854 (http://support.microsoft.com/kb/273854/) Denial of service can occur with Microsoft NetMeeting
•	Security bulletin: MS00-080 (http://www.microsoft.com/technet/security/bulletin/MS00-080.mspx) Microsoft Knowledge Base article: 274149 (http://support.microsoft.com/kb/274149/) Cookies are not marked as SSL-secured in IIS
•	Security bulletin: MS00-083 (http://www.microsoft.com/technet/security/bulletin/MS00-083.mspx) Microsoft Knowledge Base article: 274835 (http://support.microsoft.com/kb/274835/) Buffer overflow in Network Monitor may cause vulnerability
•	Security bulletin: MS00-084 (http://www.microsoft.com/technet/security/bulletin/MS00-084.mspx) Microsoft Knowledge Base article: 278499 (http://support.microsoft.com/kb/278499/) Update available for indexing service availability
•	Security bulletin: MS00-085 (http://www.microsoft.com/technet/security/bulletin/MS00-085.mspx) Microsoft Knowledge Base article: 278511 (http://support.microsoft.com/kb/278511/) Patch available for ActiveX parameter validation vulnerability
•	Security bulletin: MS00-086 (http://www.microsoft.com/technet/security/bulletin/MS00-086.mspx) Microsoft Knowledge Base article: 277873 (http://support.microsoft.com/kb/277873/) Patch for "Web server file request parsing" vulnerability
•	Security bulletin: MS00-089 (http://www.microsoft.com/technet/security/bulletin/MS00-089.mspx) Microsoft Knowledge Base article: 274372 (http://support.microsoft.com/kb/274372/) Patch released for "domain account lockout" vulnerability

Back to the top