Microsoft KB Archive/311401

From BetaArchive Wiki
Knowledge Base


Article ID: 311401

Article Last Modified on 10/29/2007


APPLIES TO

  • Microsoft Windows 2000 Service Pack 2
  • Microsoft Windows 2000 Advanced Server


This article was previously published under Q311401

SUMMARY

Microsoft has released a Security Rollup Package (SRP) for Windows 2000 that includes the security updates that are described in the "More Information" section in this article. This small, comprehensive rollup of updates is an easy mechanism for managing the rollout of security fixes. Applying SRP1 does not change the encryption level of your computer.

For more information about this first release of the SRP, visit the following Microsoft Web site:

http://www.microsoft.com/windows2000/downloads/security/default.mspx


This Security Rollup Package is included in Windows 2000 Service Pack 3. For additional information about the latest service pack for Windows 2000, click the article number below to view the article in the Microsoft Knowledge Base:

260910 How to Obtain the Latest Windows 2000 Service Pack


MORE INFORMATION

For additional information about SRP1 and any actions you should take before you apply it, click the article number below to view the article in the Microsoft Knowledge Base:

315683 Windows 2000 Security Rollup Package 1 (SRP1), January 2002, Release Notes


Patches are available from the following Microsoft Web site (if your language is not listed, please check back later):

[GRAPHIC: Download] English Language Version

[GRAPHIC: Download] Arabic Language Version

[GRAPHIC: Download] Chinese (Simplified) Language Version

[GRAPHIC: Download] Chinese (Traditional) Language Version

[GRAPHIC: Download] Czech Language Version

[GRAPHIC: Download] Danish Language Version

[GRAPHIC: Download] Dutch Language Version

[GRAPHIC: Download] Finnish Language Version

[GRAPHIC: Download] French Language Version

[GRAPHIC: Download] German Language Version

[GRAPHIC: Download] Greek Language Version

[GRAPHIC: Download] Hebrew Language Version

[GRAPHIC: Download] Hungarian Language Version

[GRAPHIC: Download] Italian Language Version

[GRAPHIC: Download] Japanese Language Version

[GRAPHIC: Download] Japanese NEC Language Version

[GRAPHIC: Download] Korean Language Version

[GRAPHIC: Download] Norwegian Language Version

[GRAPHIC: Download] Polish Language Version

[GRAPHIC: Download] Portuguese (Brazilian) Language Version

[GRAPHIC: Download] Portuguese Language Version

[GRAPHIC: Download] Russian Language Version

[GRAPHIC: Download] Spanish Language Version

[GRAPHIC: Download] Swedish Language Version

[GRAPHIC: Download] Turkish Language Version


NOTE: This patch requires Windows 2000 SP2.

Release Date: January 30, 2002

For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How to Obtain Microsoft Support Files from Online Services


Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.

Fixes Included in SRP1

SRP1 includes all post-SP2 security updates that have been delivered via Microsoft Security Bulletins. In addition, it also includes a small number of security updates that have not been previously discussed. Because security bulletins are disruptive to customers' normal maintenance procedures, Microsoft typically issues them only when a security issue poses an immediate danger to your systems. Issues that do not meet this standard are typically addressed through other delivery vehicles such as service packs or, in this case, the SRP.

252795 MS01-046: Windows 2000 Does Not Support Mapping Virtual COM Ports to Infrared Ports


273854 MS00-077: Denial of Service Can Occur with Microsoft NetMeeting


276471 MS00-079: Patch for "HyperTerminal Buffer Overflow" Vulnerability In Windows 2000


282806 MS01-031: Telnet Service Prevents an Idle Telnet Session from Timing Out


285156 MS01-013: Windows 2000 Event Viewer Contains an Unchecked Buffer


285851 MS01-007: Patch Available for Network DDE Agent Request Vulnerability


285985 MS01-004: Patch Available for New Variant of File Fragment Reading via .HTR Vulnerability


286043 MS01-051: Patch Available for Telnet Logging Vulnerability


287912 MS01-031: Predictable Named Pipes Could Enable Privilege Elevation with Telnet


288855 MS01-026: FTP Service Allows Login to Domain Guest Account


289243 MS02-001: Forged SID Could Result in Elevated Privileges in Windows 2000


292435 MS01-040: Invalid RDP Data Can Cause Memory Leak in Terminal Services


293826 MS01-026: Pattern-Matching Function Can Cause Access Violation on FTP Server


294370 MS01-026: Updated Patch for Microsoft Security Bulletin MS00-060


294379 Addressees Appear in Body of SMTP Message Instead of the Header If You Specify Many Addressees


294391 MS01-024: Malformed Request to Domain Controller Can Cause Memory Exhaustion


294774 MS01-044: IIS Loads ISAPI Extension In-Process Even When Application Is Marked for High Isolation


295534 MS01-026: Superfluous Decoding Operation Can Allow Command Execution Through IIS


296185 MS01-025: Patch Available for New Variant of the "Malformed Hit-Highlighting" Vulnerability


297860 MS01-044: IIS 5.0 Security and Post-Windows NT 4.0 SP5 IIS 4.0 Patch Rollup


298009 Cipher.exe Security Tool for the Encrypting File System


298012 MS01-041: Malformed RPC Request Can Cause Service Problems


298340 MS01-044: Patch Available for WebDAV Denial of Service


299553 MS01-031: Logon Command That Contains a Particular Malformation Causes an Access Violation in the Telnet Service


299687 MS01-036: Function Exposed By Using LDAP over SSL Could Enable Passwords to Be Changed


299796 MS00-077: Denial-of-Service Attack on Port 1720 May Cause a Memory Leak in Conf.exe


300477 MS01-035: FPSE: Potential Buffer Overrun Vulnerability in Visual Studio RAD (Remote Application Deployment)


300855 MS01-031: Windows 2000 Telnet Security Rollup


300901 MS01-031: Telnet Service Allows Logging On to Domain Guest Account


300905 MS01-031: Handle Leak in Telnet Service Causes a Denial-of-Service Vulnerability


300908 MS01-031: Program Running with Normal Privileges Can Terminate a Telnet Session


300972 MS01-033: Unchecked Buffer in Index Server ISAPI Extension Can Enable Web Server Compromise


301625 MS01-044: Patch Available for SSI Privilege Elevation Vulnerability


302755 MS01-037: Authentication Error in SMTP Service Could Allow Mail Relaying


303984 MS01-043: NNTP Service in Windows 2000 Contains a Memory Leak


304867 MS01-044: Patch Available for MIME Header Denial of Service Vulnerability


305601 MS01-060: FIX: CRT String Format Functions May Underwrite Buffer


306118 FPSE2000: List of Issues Fixed in FrontPage Server Extensions Service Release 1.3


306121 MS01-051: Malformed "Dotless" IP Address Can Cause a Web Page to Be Handled in the Intranet Zone


307298 MS02-004: Telnet Server Is Vulnerable to a Denial-of-Service Attack


307454 MS01-052: Invalid RDP Data Can Cause Terminal Services Failure


308268 .IDA and .IDQ Mappings Restored After You Install Service Pack or Add/Remove a Windows Component


308414 MS01-051: Patch Available for HTTP Request Encoding Vulnerability


311355 MS01-041: The Danish Version of Security Hotfix MS01-041 Is Not Installed


315404 MS01-052: Clients with an Expired Temporary License May Be Unable to Connect to Terminal Services



Additional query words: security_patch srp Post-Service Pack 2 sp2 post-sp2

Keywords: kbproductlink kbinfo kbsecurity kbwin2000presp3fix kbwin2000sp3fix KB311401



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/311401&oldid=258488
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki