x
This website is using cookies. We use cookies to ensure that we give you the best experience on our website. More info. That's Fine
 
 

Windows NT 4.0 Logo

Windows NT 4.0 Server was released in 1996 providing an unprecedented level of security and corporate networking services. To this day the Windows NT 4.0 family remains a productive and viable operating system, a credit to those who wrote it. Unfortunately in January 2005 the life cycle of Windows NT 4.0 Server came to an end. Although NT 4.0 is now retired, meaning updates and supported software will hence forth fade out. The patching process is still fairly easy. At this time still allowing you to secure your system against the vast majority of modern issues.

It is important to remember if using Windows NT 4.0 Server that it is no longer a supported Operating System. Currently most software required to provide additional security will function. If your system can support it we recommend looking to upgrade to a newer operating system. Especially if you are hosting a IIS based web server from you installation.
We recommend that you ensure that you have adequate Firewall and Anti-Virus applications installed on your system and that they are current. Minimising any network shares that you setup on the computer should also be considered. If you are using your install to serve information to the Internet, such as using Internet Information Server to host a web site. Ensure that you are using IIS 4.0 and have all the latest security updates as well as running IIS Lockdown.

As of 18th August 2006 through installation testing HPC:Factor has concluded that Microsoft no longer plan to issue security updates for NT 4.0, and have taken active steps to prevent consumer users from installing Internet Explorer 6.0 SP1 updates onto NT 4.0 SP6a.

Aside from the exception of an unlikely core vulnerability update, we do not expect to see any further QFE's for NT4 Server and as from Midnight 18th August 2006 this guide will be deemed Final Revision.
HPC:Factor will continue to monitor for the release of emergency consumer updates, and alert users as applicable.

~ HPC:Factor CESD Team

 

Windows NT 4.0 Server Patches & Updates Guide

The following list of updates will provide you with the highest level of security available to Windows NT 4.0. The Approximate total download size of all the listed updates is 145.3 MB

NB: This guide does not cover Internet Information Server (IIS), Windows Media Services or Microsoft Back Office (other than NT 4.0 Server) updates, it also does not cover Windows NT 4.0 Workstation and should not be applied to or considered reliable against NT 4.0 Terminal Server Edition

Want to download all of these updates from us? If you would like to make a donation to help towards our running costs, we will provide you with a download link to the files. Find out more.

Prerequisites

This guide assumes a certain level of system components have already been updated. These prerequisites for the installation should be installed in the sequence given unless otherwise stated, they are:

Critical Updates:

MS00-079

304158

HyperTerminal Buffer Patch

MS02-006

314147

SNMP Vulnerability

MS02-008

318203

XMLHTTP Control in MSXML 3.0 Patch

MS02-017

311967

Unchecked buffer in the Multiple UNC Provider

MS02-024

320206

Authentication Flaw in Windows Debugger Patch

 

320805

Jet 4.0 replication files

MS02-029

318138

Unchecked Buffer in RAS Phonebook Allows Code to Run

MS02-045

326830

Unchecked Buffer in Network Share Provider DoS Issue

MS02-048

323172

Flaw in Certificate Enrollment Control

MS02-055

323255

Unchecked Buffer in Windows Help Facility Code Execution

MS03-001

810833

Unchecked Buffer in Locator Service

MS03-007

815021

Unchecked Buffer in Windows Component May Cause Web Server Compromise

MS03-008

814078

Flaw in Windows Script Engine May Allow Code to Run

MS03-023

823559

Buffer Overrun in HTML Converter Code Execution

MS03-024

817606

Buffer Overrun in Windows Could Lead to Data Corruption

MS03-029

823803

Flaw in Windows Function Might Allow a Denial of Service

MS03-030

819696

Unchecked Buffer in DirectX System Compromise

MS03-034

824105

Flaw in NetBIOS Could Lead to Information Disclosure

MS03-043

828035

Buffer Overrun in Messenger Service Code Execution

MS03-044

825119

Buffer Overrun in Windows Help and Support Center

MS04-011

835732

Security Update for Windows

MS04-012

828741

Cumulative Update for RPC-DCOM

MS04-014

837001

Vulnerability in Jet Database Engine code execution

MS04-020

841872

Vulnerability in POSIX code execution

MS04-022

841873

Vulnerability in Task Scheduler Code Execution

MS04-023

840315

Vulnerability in HTML Help code execution

MS04-024

839645

Vulnerability in Windows Shell remote code execution

MS04-028

873374

GDI+ Detection Tool

MS04-029

873350

RPC runtime could allow information disclosure and DOS

MS04-031

841533

NetDDE remote code execution

MS04-032

840987

Security Update for Microsoft Windows

MS04-037

841356

Windows shell remote code execution

MS04-041

885836

Vulnerability in WordPad Code Execution

MS04-043

873339

Vulnerability in HyperTerminal code execution

MS04-044

885835

Kernel and LSASS Elevation of Privilege

MS05-001

890175

HTML Help Code Execution

MS05-002

891711

Cursor and Icon Handling Remote Code Execution

MS05-010

885834

License Logging service code execution

MS06-023

917344

JScript Remote Code Execution

 

Unofficially Supported: (Use with caution)

Q892211 Update for Web Folders
Q911562 MDAC function could allow code execution (Use Windows Millennium installer)
Q917344 JScript Remote Code Execution (Use Windows 2000 installer)

Recommended Updates:

Q162500 Microsoft Paint Update NT 4.0
Q816093 Microsoft Java Virtual Machine 5.00.3810 (Not Recommended, MSJVM should be removed)
Q823492 Error Message When You Use Named Pipes
Root Certificates Update
2 to 4 digit Date Converter
Agent 2.0
Microsoft Management Console 1.2
Windows Installer 2.0
MSXML 2.6 SP3
MSXML 4.0 SP3


Internet Explorer QFE's:

Q833989 Buffer Overrun in JPEG Processing
Q870669 Disable ADODB.Stream object from Internet Explorer
Q889293 Cumulative Patch December 1 2004
Q887797 Cumulative Update for OLE

Windows Media Player QFE's:

Q272386 Disable Windows Media Player Upgrade Prompt
Q320920 Windows Media Player Rollup Available
Q828026 Windows Media Player URL Script Command Update
Q832353 URL script commands do not work after you apply the Windows Media update


Additional Installation Items: