Windows 2000 Patches & Updates Guide

Released in 1999, Windows 2000 was the beginnning of the end for the Windows 9x product line, extending upon Windows NT 4.0 it provided an unprecedented level of manageability and reliability which had not been seen before on a Windows platform. Now in 2006, Windows 2000 has reached the beginning of its extended support phase.

In line with our security mandate, HPC:Factor has decided to generate and maintain a patching list for Windows 2000 Professional from now until Windows 2000 patch issuing is discontinued completely. It is not deemed necessary to add an installation guide to this document, and there are no plans to add one in the future.

Windows 2000 Professional Patches & Updates Guide

The following list of updates will provide you with the highest level of security available to Windows 2000. The Approximate total download size of all the listed updates is ##MB

Prerequisites

This guide assumes a certain level of system components have already been updated. Failure to install these prerequisite items before continuing with the patch process will impact significantly upon the effectiveness of this guide. These are the prerequisites for the installation:

NB: This guide does not cover updates for Internet Information Server (IIS), or fully cover updates for Windows 2000 Server or Advanced Server

Windows 2000 Professional
Windows 2000 Service Pack 4 (Express | Network)
Windows 2000 URP1 v2 (861861)
DirectX 9.0c
Internet Explorer 6.0 SP1
Windows Media Player 9
MDAC 2.8 SP1

Critical Updates:

MS02-050	329115	Certificate Validation Flaw Could Enable Identity Spoofing
MS03-041	823182	Vulnerability in Authenticode Verification Remote Code Execution
MS03-042	826232	Buffer Overflow in Troubleshooter ActiveX Control
MS03-043	828035	Buffer Overrun in Messenger Service Code Execution
MS03-049	828749	Buffer Overrun in the Workstation Service Code Execution
MS04-011	835732	Security Update for Windows
MS04-014	837001	Vulnerability in Jet Database Engine code execution
MS04-019	842526	Vulnerability in Utility Manager code execution
MS04-020	841872	Vulnerability in POSIX code execution
MS04-022	841873	Vulnerability in Task Scheduler Code Execution
MS04-024	839645	Vulnerability in Windows Shell remote code execution
MS04-031	841533	NetDDE remote code execution
MS04-032	840987	Security Update for Microsoft Windows
MS04-037	841356	Windows shell remote code execution
MS04-041	885836	Vulnerability in WordPad Code Execution
MS04-043	873339	Vulnerability in HyperTerminal code execution
MS04-044	885835	Kernel and LSASS Elevation of Privilege
MS05-003	871250	Indexing Service Remote Code Execution
MS05-013	891781	DHTML editing ActiveX control code execution
MS05-018	890859	Vulnerabilities in Windows kernel could allow DOS
MS05-026	896358	HTML Help code execution
MS05-027	896422	SMB Remote Code Execution
MS05-032	890046	Microsoft Agent Spoofing
MS05-036	901214	Vulnerability in Color Management Module remote code execution
MS05-040	893756	Telephony Service Remote Code Execution
MS05-042	899587	Kerberos Denial of Service
MS05-043	896423	Print Spooler Service Remote Code Execution
MS05-045	905414	Vulnerability in Network Connection Manager DOS
MS05-046	899589	Client Service for NetWare Remote Code Execution
MS05-047	905749	Plug and Play Remote Code Execution
MS05-048	901017	Microsoft CDO Remote Code Execution
MS05-049	900725	Windows in shell could remote code execution
MS05-053	896424	Graphics Rendering Engine Code Execution
MS06-001	912919	Graphics rendering engine remote code execution
MS06-002	908519	Web fonts remote code execution
MS06-006	911564	Windows Media Player Plug-in Remote Code Execution
MS06-015	908531	Windows Explorer Remote Code Execution
MS06-018	913580	MSDTC denial of service
MS06-025	911280	RRAS Remote Code Execution
MS06-030	914389	SMB elevation of privilege
MS06-031	917736	RPC Mutual Authentication Spoofing
MS06-032	917953	TCPIP Remote Code Execution
MS06-034	917537	IIS ASP Remote Code Execution
MS06-036	914388	DHCP Client remote code execution
MS06-040	921883	Vulnerability in Server service remote code execution
MS06-041	920683	DNS resolution remote code execution
MS06-044	917008	Microsoft Management Console remote code execution
MS06-045	921398	Windows Explorer remote code execution
MS06-046	922616	HTML Help remote code execution
MS06-049	920958	Windows Kernel Could Privilege Elevation
MS06-050	920670	Windows Hyperlink Object Library CouldRemote Code Execution
MS06-051	917422	Windows kernel remote code execution
MS06-057	923191	Windows Explorer Remote Execution
MS06-061	924191	XML Core Services remote code execution
MS06-063	923414	Server Service denial of service
	842773	BITS 2.0 and WinHTTP 5.1 Update
	890830	Windows Malicious Software Removal Tool
	893803	Windows Installer 3.1

Recommended Updates:

Internet Explorer:

MS06-042	918899	Cumulative Patch August 8 2006
MS06-055	925486	VML remote code execution

Windows Media Player 9 :

MS06-024

917734

Windows Media Player Remote Code Execution