This article was previously published under Q281767
This article has been archived. It is offered "as is" and will no longer be updated.
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 7.0 running on Microsoft Windows Server 2008. IIS 7.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:
Under certain circumstances, the Windows 2000 post-Service Pack 1 (SP1) catalog file (Sp2.cat) that is included with Windows 2000 post-SP1 hotfixes may be incorrectly versioned. All Windows 2000 post-SP1 hotfixes that had this problem have been repackaged to include an updated Sp2.cat file.
If multiple Windows 2000 post-SP1 hotfixes are installed on your computer and one hotfix has this Sp2.cat versioning issue, your computer may be affected. Depending on the order in which the hotfixes were installed, a newer hotfixed Sp2.cat file may be replaced by an older version.
This problem occurs only with English-language hotfixes.
To resolve this problem, obtain the latest service pack for Windows 2000. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
260910 How to obtain the latest Windows 2000 service pack
The resolution to this problem is a two-step process. In step 1, you install a tool that can help you verify if your computer is affected by this problem. In step 2, you install an updated Windows 2000 post-SP1 catalog file that protects your computer from this problem.
Microsoft has released a tool that can help you verify if your computer is affected by this problem. This tool checks all Windows 2000 hotfixes that are installed on your computer to determine if any of your current hotfixes are affected. For more information about this tool and how to install it, click the following article number to view the article in the Microsoft Knowledge Base:
282784 Qfecheck.exe verifies the installation of Windows 2000 and Windows XP hotfixes
Install the updated Windows 2000 post-SP1 catalog file.
Windows 2000 SP1 includes an update that allows .cat files to be dynamically read when they are installed; therefore, you do not need to restart your computer after applying this package.
If you are running Windows 2000 SP1, download the following file:
For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.
The English-language version of this fix should have the following file attributes or later:
Date Time Size File name -------------------------------------- 12/14/2000 05:11a 626,702 Sp2.cat
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section. This problem was first corrected in Windows 2000 Service Pack 2.
Every Microsoft hotfix for Windows 2000 contains a catalog file. This catalog file contains the information that is used by the Windows File Protection feature to verify the files in the hotfix package. For Windows 2000 post-SP1 hotfixes, the file is named Sp2.cat. For more information about the Windows File Protection feature, click the following article number to view the article in the Microsoft Knowledge Base:
222193 Description of the Windows 2000 Windows File Protection feature
Hotfix catalog files are cumulative. The latest hotfix file contains information for all hotfixes that were created before it. This allows one version of the file to be installed while earlier hotfixed files continue to be valid.
This problem affects the following Microsoft Security Bulletin fixes that are referenced on the following Microsoft Web site: