Microsoft KB Archive/315683

= Windows 2000 Security Rollup Package 1 (SRP1), January 2002, Release Notes =

Article ID: 315683

Article Last Modified on 10/27/2006

-

APPLIES TO


 * Microsoft Windows 2000 Service Pack 2
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Service Pack 2

-



This article was previously published under Q315683



SUMMARY
This article includes information about issues with Windows 2000 Security Rollup Package 1 (SRP1). For additional information about SRP1, click the article number below to view the article in the Microsoft Knowledge Base:

311401 Windows 2000 Security Rollup Package 1 (SRP1), January 2002



How to Determine If SRP1 Has Been Applied
A feature has been added to SRP1 so that you can determine if it has been installed on a computer. Follow these steps to display the installation information for SRP1:
 * 1) Click Start, click Run, type winver, and then click OK.
 * 2) If SRP1 is installed, the identification listing for the SRP1 package is displayed below the copyright information in the Winver window.
 * 3) If the SRP1 identification listing is not displayed, you should install SRP1.

The QFECheck Tool
After you apply SRP1, Microsoft recommends that you run the QFECheck tool to verify that SRP1 is properly installed and trusted. Note that QFECheck is an English-language command-line tool. For additional information about QFECheck, click the article number below to view the article in the Microsoft Knowledge Base:

282784 Qfecheck.exe Verifies the Installation of Windows 2000 Hotfixes

How to Obtain the SRP1 Symbols
For information on how to obtain the symbol files for SRP1, see the following Microsoft Web site:

http://www.microsoft.com/whdc/devtools/ddk/default.mspx

Windows Services for UNIX 2.0
If you use Windows Services for UNIX 2.0, install the hotfix that is described in the following Microsoft Knowledge Base article before you apply SRP1:

306795 Services for UNIX Management Console May Hang

Q279225
Customers who apply this patch on Windows 2000-based computers that are running Windows Management Instrumentation (WMI) may also need to apply an additional hotfix. Although it is unrelated to this particular patch, a known issue can cause the WMI process (Winmgmt.exe) to stop responding (hang) and consume 100 percent of CPU resources and memory if a program queries for the Win32_QuickFixEngineering objects. For example, this can occur when Microsoft Systems Management Server (SMS) queries WMI to determine which hotfixes have been applied. For additional information about how to resolve this problem, click the article number below to view the article in the Microsoft Knowledge Base:

279225 WMI Win32_QuickFixEngineering Queries Cause Winmgmt Process to Hang

Customers who were running Q279225 prior to installing SRP1, need not reapply the fix as SRP1 does not replace or remove Q279225.

How to Install SRP1 Over Terminal Services
If you install SRP1 over a Terminal Services connection, you may receive an access violation error message in Winlogon.exe if you disconnect and then reconnect the session. If you need to install over Terminal Services, Microsoft recommends that you use the unattended installation option, and force a system reboot after Setup completes.

When to Reinstall SRP1
SRP1 should be reinstalled if any components are added, reconfigured, or removed after the SRP installation.

File Version Discrepancies
The hotfix that is described in the following Microsoft Knowledge Base article contains some of the same files as SRP1, but the version numbers are later than the SRP1 files:

307454 MS01-052: Invalid RDP Data Can Cause Terminal Services Failure

The version difference is caused by the file-signing process. You do not have to uninstall the Q307454 hotfix before you install the SRP. Installing the Q307454 hotfix resolves the security vulnerability that is documented in Microsoft Knowledge Base article Q307454; installing the SRP resolves all of the security vulnerabilities that are documented in this article.

SRP1
  File name    Version --  Lserver.exe  5.0.2195.4241 Rdpwsx.dll  5.0.2195.4307 Rdpwd.sys   5.0.2195.4307

Q307454
  File name    Version -  Lserver.exe  5.0.2195.4435 Rdpwsx.dll  5.0.2195.4527 Rdpwd.sys   5.0.2195.4527

MS01-022
Microsoft Security Bulletin MS01-022 is not included in SRP1. For information about how to obtain this patch, see the following article in the Microsoft Knowledge Base:

296441 MS01-022: WebDAV Service Provider Can Allow Scripts to Levy Requests as a User

Additional query words: RelNotes Post-Service Pack 2 sp2 post-sp2

Keywords: kbinfo kbsecurity KB315683

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.