MORE INFORMATION

Notes about Update Rollup 1 for Windows 2000 SP4 – v2

After the initial release of Update Rollup 1 for Windows 2000 SP4, Microsoft identified several issues that may occur when you install this update rollup. These issues are isolated and affect few customers. These issues are described in this section. This section also explains how to resolve these issues. If you are affected by any one of the following issues, we suggest that you install Update Rollup 1 for Windows 2000 SP4 – v2 or apply the individual hotfixes. Update Rollup 1 for Windows 2000 SP4 – v2 was released on September 13, 2005.

Issue 1

Description of the issue: Error messages

You may receive one of the following error messages when you visit the Windows Update Web site after you install Update Rollup 1 for Windows 2000 SP4 – v2:

• MSXML3.DLL File Not Found

• Error 0x80244001

• Error 0x800700C1

These errors might occur if you performed an express install of Update Rollup 1 for Windows 2000 SP4 before July 18, 2005 and the updated version of the Msxml3.dll file was already installed.

An express install was only available if you manually converted to the Microsoft Update service that was released in June, manually updated to the "v6" Windows Update service, or used the WSUS service that was released in June, 2005. This issue was remedied on July 18 before the automatic conversion of all customers to Windows Update v6. The issue does not affect any installations from the Windows Update v4 site or any installations that occurred after July 18. Under these circumstances, the Msxml3.dll file might have been reduced to a size of 0 bytes. If you receive one of these error messages after you install Update Rollup 1 for Windows 2000 SP4, you may be experiencing this problem.

Resolution

Use one of the following three methods to repair the Msxml3.dll file:

• Download and install security update 824151. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

  824151 MS04-030: Vulnerability in WebDAV XML message handler could lead to a denial of service

• Start the recovery console from any Microsoft Windows setup CD. Then, copy the Msxml3.dll file from the $NtUpdateRollupPackUninstall$ Update Rollup backup folder to the %systemroot%\System32 folder.
• Reinstall Update Rollup 1 for Microsoft Windows 2000 Service Pack 4 (SP4). You can either reinstall the original version or the v2 version.

Note You could only perform an express install of Update Rollup 1 for Windows 2000 SP4 before July 18 if you manually installed the new Microsoft Update Web service or if you used Windows Server Update Services (WSUS). This problem does not occur unless you manually upgrade to Microsoft Update from Windows Update version 4 or use Software Update Services (SUS) 1.0.

This issue was addressed by making a minor change to the way that this update rollup was published on Windows Update. No files were changed to fix this problem. This issue is fixed in Update Rollup 1 for Windows 2000 SP4 – v2.

Issue 2

Description of the issue: You receive a "Stop 0x000001E" error message when you restart the computer after you install Update Rollup 1 for Windows 2000 SP4

You may receive the following error message when you restart the computer after you install Update Rollup 1 for Windows 2000 SP4:

This problem may occur if you use a computer that has an older non-Plug-and-Play ISA, EISA, or Micro Channel Architecture (MCA) SCSI controller. If you have already installed the original version of Update Rollup 1 for Windows 2000 SP4 and have restarted the computer successfully, you do not have this problem. You do not need hotfix 904374.

Resolution

If you received this error message, start the recovery console from any Windows setup CD. Then, copy the Scsiport.sys file from the $NtUpdateRollupPackUninstall$ Update Rollup backup folder to the %systemroot%\System32\Drivers folder. Restart the computer after you copy the file.

The following code is an example copy command:

Copy %windir%\$NtUpdateRollupPackUninstall$\scsiport.sys %windir%\system32\drivers

To resolve the problem, use one of the following methods:

• Install Update Rollup 1 for Windows 2000 SP4 – v2.
• Install the hotfix that is described in the following article in the Microsoft Knowledge Base:

  904374 You receive a "Stop 0x0000001e" error message after you install Update Rollup 1 for Windows 2000 Service Pack 4

  If you restored the older version of the Scsiport.sys file, you should apply this hotfix or the update rollup. This issue is fixed in Update Rollup 1 for Windows 2000 SP4 – v2.

Issue 3

Description of issue: On a computer that uses dynamic disks, two system drives may appear after you install Update Rollup 1 for Windows 2000 SP4

Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.

On a computer that uses dynamic disks, two system drives may appear after you install Update Rollup 1 for Windows 2000 SP4. This problem occurs in the Mountmgr.sys file. This problem only affects computers that use the dynamic disks feature. This problem does not appear to affect functionality.

Resolution

If you experience this problem, the system alternates between the original system drive and the new virtual system drive letter every time that you restart. You should restart the system if it is not running on the correct system drive letter. Make sure the system is using the correct system drive letter (the original system drive) at all times until you apply a resolution to this problem. This guarantees that any software that is installed recognizes the correct system drive.

Use one of the following two methods to resolve this issue:

• Install the hotfix that is described in the following article in the Microsoft Knowledge Base:

  904564 An additional system drive letter appears in Windows Explorer after you apply Windows 2000 Update Rollup 1 for Service Pack 4

• If you experience this problem, you can install Update Rollup 1 for Windows 2000 Sp4 – v2.

The hotfix and Update Rollup 1 for Windows 2000 SP4 – v2 are only installed if the system is restarted to the correct system drive before installation. If the system drive is a non-system drive (a virtual drive), you may be prompted to restart the system before you install the hotfix or the v2 release. This issue is fixed in the Update Rollup 1 for Windows 2000 SP4 – v2 release.

Issue 4

Description of issue: You cannot save files from Microsoft Office programs directly to a floppy disk

Microsoft has identified a problem in the Fastfat.sys file. This problem does not affect all systems. On systems that are affected, you cannot save files from Microsoft Office programs directly to a floppy disk. (Microsoft Office programs include programs such as Microsoft Word and Microsoft Excel.) Microsoft plans to provide an update to fix this problem on the Microsoft.com/downloads Web site.

Resolution

To resolve this problem, install Update Rollup 1 for Windows 2000 SP4 – v2. For more information about this update rollup, click the following article number to view the article in the Microsoft Knowledge Base:

Issue 5

You cannot connect to a Citrix server that has ICA sessions after you install Microsoft Update Rollup 1 for Windows 2000 SP4

After you install Update Rollup 1 for Windows 2000 SP4 on a Citrix MetaFrame XP server or on a Citrix MetaFrame Presentation Server 3.0-based server, you experience the following problems when you connect to a Citrix server that has ICA sessions:

• You receive a Stop error message.
• The Windows Graphical Identification and Authentication (GINA) logon user interface does not appear.
• The system console may be unresponsive.
• The Winlogon.exe process uses excessive CPU.

For more information about this problem and to obtain a hotfix from Citrix, visit the following Citrix Web site:

Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.

Resolution

To resolve this issue, obtain and install hotfix 904711. For more information about hotfix 904711, click the following article number to view the article in the Microsoft Knowledge Base:

Issue 6

After you install Update Rollup 1 for Windows 2000 SP4, servers that are running Vormetric CoreGuard may be unable to restart in Normal mode

When this problem occurs, the server may stop responding and you may see a blue screen, but you can still start the server in Safe Mode.

This problem occurs because Update Rollup 1 for Windows 2000 SP4 deletes the ‘List’ REG_MULTI_SZ value in the following registry subkey:

This value is required by the CoreGuard filter driver that loads when the computer is restarted. Vormetric CoreGuard is a database encryption product. If the filter driver is not functioning correctly, unencrypted data may be entered into the SQL database. Therefore, the database may become corrupted and the data may be unrecoverable.

Resolution

To resolve this problem, download the VmSP4RegFix.exe tool from Vormetric and run this tool immediately after you install Update Rollup 1 for Windows 2000 SP4 but before you restart the computer. For more information, visit the following Vormetric Web site:

For support information, visit the following Vormetric Web site:

Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.

The information and the solution in this document represents the current view of Microsoft Corporation on these issues as of the date of publication. This solution is available through Microsoft or through a third-party provider. Microsoft does not specifically recommend any third-party provider or third-party solution that this article might describe. There might also be other third-party providers or third-party solutions that this article does not describe. Because Microsoft must respond to changing market conditions, this information should not be interpreted to be a commitment by Microsoft. Microsoft cannot guarantee or endorse the accuracy of any information or of any solution that is presented by Microsoft or by any mentioned third-party provider.

Microsoft makes no warranties and excludes all representations, warranties, and conditions whether express, implied, or statutory. These include but are not limited to representations, warranties, or conditions of title, non-infringement, satisfactory condition, merchantability, and fitness for a particular purpose, with regard to any service, solution, product, or any other materials or information. In no event will Microsoft be liable for any third-party solution that this article mentions.

Other known issues

The previous issues have been fully addressed in Update Rollup 1 for Windows 2000 SP4 – v2. This section describes other known issues. These issues will be resolved by individual hotfixes. These issues affect very few customers and may have third-party solutions. Where it is possible, an individual hotfix is available from Microsoft Product Support. These individual hotfixes were not included in Update Rollup 1 for Windows 2000 SP4 – v2 to minimize the exposure to most customers who are not otherwise affected by these issues. This section describes other known issues. These issues will be resolved by individual hotfixes. These issues are identified as code issues.

Cluster Service does not start after you install Update Rollup Package 1 if security privileges are properly set

Customers with server clusters who do not have the required security privileges assigned to the domain user account that is used by the Cluster service, will see the cluster service fail to start with a new event message in the system event log explaining the reason and the recommended next step to recover after applying Update Rollup Package 1. View the following Knowledge Base article for more information:

To keep your Server Cluster from experiencing this issue, you must validate that you have the necessary security privilege settings before applying URP1. View the follwing Knowlege Base article for more information:

The Server Cluster service will fail to start if the OS volume is not formatted NTFS

Customers with server clusters who have their operating system volume formatted Fat32, will see the Server Cluster service fail to start after applying URP1. To resolve this issue either before or after application of URP1, use convert.exe to convert your OS partition from Fat32 to NTFS.

An Exchange 5.5 message transfer agent (MTA) that uses an X.400 connector on Windows 2000 SP4 may stop transferring mail after you install Microsoft Update Rollup 1 for Windows 2000

To resolve this issue, obtain and install hotfix 904712. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

Customers who experience this problem will be able to install the hotfix before or after they install the Update Rollup to resolve this problem. This hotfix is not included in the Update Rollup 1 for Windows 2000 SP4 – v2 package because of the limited number of customers affected.

Customers who use Sophos Anti-Virus for Windows version 5 may experience a delay when they log on to their networks

After customers install Microsoft Update Rollup 1 for Windows 2000 SP4, customers who use Sophos Anti-Virus for Windows version 5 may experience a delay when they log on to their networks. A computer may take 15 minutes to log on to the network when you receive the following message:

Sophos provides details about how to resolve this problem to Sophos customers. For more information, visit the following Sophos Web site:

Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.

Some versions of Internet Security Systems products may not start after you install Update Rollup 1 for Windows 2000

This problem occurs because you have obsolete signature files and an obsolete Blackdrv.sys file. To resolve this problem, update to the current signature file. Updating to the current signature file resolves the problem for all versions of Internet Security Systems BlackICE. For more information, visit the following Microsoft Knowledge Base article:

Download information

To download and install Update Rollup 1 for Windows 2000 SP4 – v2, visit the following Microsoft Windows Update Web site, and then install high-priority update 891861:

You can also download this update rollup to deploy to multiple Windows 2000-based computers. The package is available from the Microsoft Download Center.

The following file is available for download from the Microsoft Download Center:

Download the Windows2000-KB891861-v2-x86-ENU.EXE package now.

Release Date: September 13, 2005

For more information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

To download the package from the Windows Update Catalog, use the Advanced Search Options feature to search for article ID number 891861. For more information about how to download updates from the Windows Update Catalog, click the following article number to view the article in the Microsoft Knowledge Base:

By including the most important updates for Windows 2000, Update Rollup 1 for Windows 2000 SP4 may help customers make Windows 2000-based computers more secure. Update Rollup 1 for Windows 2000 SP4 also makes it easier for customers to build new deployment images. This update rollup requires less predeployment testing, because the number of updates that are included in this update rollup is smaller than the number of updates that are typically included in a service pack. Most customers installed current versions of many of the files when older updates were installed. Additionally, Microsoft has already released most of the contents of this update rollup as individual updates and hotfixes. Individual hotfixes that are not included in this update rollup will be available as individual downloads.

Because Microsoft believes that Update Rollup 1 for Windows SP4 meets the needs of customers better than a new service pack for Windows 2000, Microsoft will not release another service pack for Windows 2000. Therefore, Windows 2000 SP4 is the final service pack for Windows 2000. Customers who have not yet installed Windows 2000 SP4 should consider installing Windows 2000 SP4 as soon as possible. Windows 2000 with SP4 is a prerequisite for Update Rollup 1 for Windows 2000 SP4.

Frequently asked questions

Q1: Why does Microsoft believe that Update Rollup 1 for Windows 2000 SP4 meets the needs of customers better than a new service pack for Windows 2000?
A1: Microsoft talked to many customers about their plans for maintaining their Windows 2000 deployments. The most frequent requests were for Microsoft to make keeping Windows 2000-based computers up to date as easy as possible, and for Microsoft to reduce the predeployment testing that customers have to perform. Update rollups may help customers make their computers more secure. Update rollups also help customers build new system images without applying and tracking individual hotfixes. Update Rollup 1 for Windows 2000 SP4 requires less predeployment testing because the number of updates that are included in the update rollup is smaller than the number of updates that are typically included in a service pack. Additionally, Microsoft has already released most of the contents of this update rollup as individual updates and hotfixes.

Because Windows 2000 is a mature product, many of the Windows 2000 hotfixes that were released after the release of Windows 2000 SP4 address relatively obscure problems. These problems affect a small number of customers. At this point, an update rollup provides the most usefulness at the least risk of instability.

Q2: How will Microsoft list Update Rollup 1 for Windows SP4 on the Windows Update Web site?
A2: Update Rollup 1 for Windows SP4 is listed as a high-priority update in the "Critical and Service Packs" category on the Windows Update Web site. During the next few months, Windows Update will transition Windows 2000 customers to a new version of Windows Update. After this transition, Update Rollup 1 for Windows 2000 SP4 will be listed in the "High Priority Updates" category.

Q3: Should I install Update Rollup 1 for Windows SP4 even if I have kept my Windows 2000 SP4 systems up to date?
A3:Yes. Update Rollup 1 for Windows 2000 SP4 contains important fixes that have not previously been part of individual security updates. Additionally, this update rollup contains enhancements that may help increase system security, increase reliability, reduce support costs, and support the current generation of PC hardware. To address minor compatibility problems that were introduced by earlier security updates, hotfixes may have updated some files that were installed by the earlier updates. This update includes the latest versions of these files. Therefore, even if a system is fully up to date, Windows Update still detects and installs this update rollup. Customers who use managed security update deployment solutions should decide whether to deploy Update Rollup 1 within their infrastructure.

Q4: Will Update Rollup 1 for Windows 2000 SP4 be distributed over Automatic Updates?
A4: At first, this update rollup will not be distributed over Automatic Updates. This delay is because of the transition from the Windows Update version 4 infrastructure to the version 6 infrastructure. This update rollup will be made available as an automatic update in September, 2005.

Q5: Will there be an administrative blocking tool for Update Rollup 1 for Windows 2000 SP4 like there was for Windows XP SP2?
A5: No, Update Rollup 1 for Windows 2000 SP4 is not a service pack. Therefore, this update rollup does not require the same level of deployment control. This update rollup is treated like other security or reliability updates. These updates are typically distributed by Windows Update and by Automatic Updates.

Q6: Do I have to install the individual security bulletin updates before I install Update Rollup 1 for Windows 2000 on new installations of Windows 2000?
A6: No. First install Windows 2000 SP4, and then install the update rollup. After you install the update rollup, run Windows Update to find updates that were released after April 30, 2005, or that were not included in the update rollup.

Q7: Are customers required to install Update Rollup 1 for Windows 2000 SP4?
A7: Customers are not required to install Update Rollup 1 for Windows 2000 SP4. Microsoft designed the update rollup to make it easy to keep Windows 2000-based computers up to date. Therefore, we strongly recommend that customers install Update Rollup 1 for Windows 2000 SP4 as soon as they can.

Q8: After Update Rollup 1 for Windows SP4 is installed on a computer that is running Windows 2000 SP4, will the service pack level of Windows 2000 change?
A8: No. The service pack level of the computer remains at Windows 2000 SP4. After you install Update Rollup 1 for Windows SP4, the computer will be up to date from a life-cycle policy perspective until the end-of-life date for Windows 2000. The end-of-life date for Windows 2000 will be no sooner than January 1, 2010.

Q9: Is this the first time that Microsoft has produced an update rollup instead of a service pack?
A9: No. Microsoft has produced update rollups before. For more information about update rollups that were previously released by Microsoft, click the following article numbers to view the articles in the Microsoft Knowledge Base:

Q10: If Update Rollup 1 for Windows 2000 SP4 offers significant benefits over a new service pack, why does Microsoft not always use update rollups instead of service packs?
A10: Service packs and update rollups play different, yet complimentary roles. Service packs deliver important updates and new features that customers request before the next release of a major operating system. Update rollups deliver a group of updates between more major releases. Microsoft uses update rollups when there is a longer than typical gap between service pack releases. Later in the life cycle of a product, update rollups make it easier for customers to keep their computers up to date. When customers install an update rollup, customers do not have to individually install all the updates that are available for a product.

Q11: How does Microsoft decide which hotfixes to include in an update rollup?
A11: Microsoft examines the number of times that customers request and download each hotfix from Microsoft Web sites and from Product Support. Microsoft also evaluates the potential cost savings for customers. This evaluation is based on experience in the Windows 2000 data center environment at Microsoft.

Q12: What kinds of updates are included in Update Rollup 1 for Windows 2000 SP4?
A12: Update Rollup 1 for Windows 2000 SP4 contains all the security updates that were produced for Windows 2000 after the release of SP4 until April 30, 2005. On April 30, 2005, the contents for Update Rollup 1 were locked down for final testing by Microsoft, by external beta sites, and by customer sites. Update Rollup 1 for Windows 2000 SP4 also contains a small number of important non-security updates. Update Rollup 1 for Windows 2000 SP4 contains updates that meet the following criteria:

• Updates that broadly apply to a variety of customers
• Updates that are frequently downloaded by customers
• Updates that have the potential to help customers significantly decrease their IT costs
  

For example, Update Rollup 1 for Windows 2000 SP4 contains updates to address problems that are time-consuming for support professionals to troubleshoot and fix.

• Updates that were included on new computers by major Windows original equipment manufacturers (OEMs) after Windows 2000 SP4 was released

Q13: What specific updates and hotfixes are included in Update Rollup 1 for Windows 2000 SP4?
A13: The following table lists all the updates and hotfixes that are included in Update Rollup 1 for Windows 2000 SP4.

Fixes that are included in Update Rollup 1 for Windows 2000 SP4

Update Rollup 1 for Windows 2000 SP4 includes the following updates and hotfixes:

Security Bulletin	Article title	Article number
MS02-050	Certificate validation flaw could permit identity spoofing	329115
MS03-022	Vulnerability in ISAPI Extension for Windows Media Services may cause code execution	822343
MS03-025	Flaw in Windows message handling through Utility Manager could enable privilege elevation	822679
MS03-041	Vulnerability in Authenticode verification could allow remote code execution	823182
MS03-023	Buffer overrun in the HTML converter could allow code execution	823559
MS03-026	Buffer overrun in RPC could allow code execution	823980
MS03-034	Flaw in NetBIOS could lead to information disclosure	824105
MS03-045	Buffer overrun in the ListBox and in the ComboBox Control could allow code execution	824141
MS03-039	A buffer overrun in RPCSS could allow an attacker to run malicious programs	824146
MS03-044	Buffer overrun in Windows Help and Support Center could lead to system compromise	825119
MS03-042	Buffer Overflow in Windows Troubleshooter ActiveX Control Could Allow Code Execution	826232
MS03-043	Buffer overrun in Messenger service could allow code execution	828035
MS03-049	Buffer overrun in the Workstation service could allow code execution	828749
MS04-007	An ASN.1 vulnerability could allow code execution	828028
MS04-008	Vulnerability in Windows Media Services could allow a Denial of Service attack	832359
MS04-012	Cumulative Update for Microsoft RPC/DCOM	828741
MS04-006	A vulnerability in the Windows Internet Name Service (WINS) could allow code execution	830352
MS04-011	Security Update for Microsoft Windows	835732
MS04-014	Vulnerability in the Microsoft Jet Database Engine could permit code execution	837001
MS04-016	Vulnerability in DirectPlay could allow denial of service	839643
MS04-024	A vulnerability in the Windows shell could allow remote code execution	839645
MS04-023	Vulnerability in HTML Help could allow code execution	840315
MS04-020	A vulnerability in POSIX could allow code execution	841872
MS04-022	A vulnerability in Task Scheduler could allow code execution	841873
MS04-019	A vulnerability in Utility Manager could allow code execution	842526
MS04-030	Vulnerability in WebDAV XML message handler could lead to a denial of service	824151
MS04-032	Security update for Microsoft Windows	840987
MS04-038	Cumulative Security Update for Internet Explorer	834707
MS04-037	Vulnerability in Windows shell could allow remote code execution	841356
MS04-031	Vulnerability in NetDDE could allow remote code execution	841533
MS04-045	Vulnerability in WINS could allow remote code execution	870763
MS04-043	Vulnerability in HyperTerminal could allow code execution	873339
MS04-036	Vulnerability in NNTP could allow code execution	883935
MS04-044	Vulnerabilities in Windows Kernel and LSASS could allow elevation of privilege	885835
MS04-041	A vulnerability in WordPad could allow code execution	885836
MS05-003	Vulnerability in the Indexing Service could allow remote code execution	871250
MS05-008	Vulnerability in Windows shell could allow remote code execution	890047
MS05-011	Vulnerability in server message block could allow remote code execution	885250
MS05-010	Vulnerability in the License Logging service could allow code execution	885834
MS05-015	Vulnerability in hyperlink object library could allow remote code execution in Windows Server 2003	888113
MS05-001	Vulnerability in HTML Help could allow code execution	890175
MS05-013	Vulnerability in the DHTML editing component ActiveX control could allow code execution	891781
MS05-002	Vulnerability in cursor and icon format handling could allow remote code execution	891711
MS05-012	Vulnerability in OLE and COM could allow remote code execution	873333
MS05-016	Vulnerability in Windows Shell that could allow remote code execution	893086
MS05-019	Vulnerabilities in TCP/IP could allow remote code execution and denial of service	893066
MS05-017	Vulnerability in MSMQ could allow code execution	892944
MS05-018	Vulnerabilities in Windows kernel could allow elevation of privilege and denial of service	890859
MS05-020	Cumulative security update for Internet Explorer	890923
MS03-022	Vulnerability in ISAPI Extension for Windows Media Services may cause code execution	822343
MS05-014	Cumulative security update for Internet Explorer	867282

For more information about fixes that are included in Update Rollup 1 for Microsoft Windows 2000 SP4, click the following article number to view the article in the Microsoft Knowledge Base:

Update Rollup 1 for Windows 2000 SP4 TAPI information

Update Rollup 1 for Windows 2000 SP4 changes how telephony server and client computers communicate using the Telephony Application Programming Interface (TAPI).

After you install Update Rollup 1 for Windows 2000 SP4, a Windows 2000 telephony client accepts only encrypted RPC packets from a telephony server. The client does not communicate with a telephony server that sends non-encrypted RPC packets. However, this restriction does not apply to TAPI deployments where the client computers are using mailslot instead of remote procedure call (RPC) for communications with the telephony server. This restriction also does not apply where the telephony server uses mailslot for communications.

By default, a Windows 2000 client uses mailslot to communicate with the telephony server. A Windows 2000 client uses RPC only when the client is explicitly configured as connection-oriented. To configure the client this way, use the tcmsetup command together with the -x switch. For example, use the following command:

Notes

Update Rollup 1 for Windows 2000 SP4 does not contain updates for Windows components that are not included with a clean slipstream install of Windows 2000 SP4. If components were previously installed or updated, you must download individual security updates by using Windows Update.

Examples of these updates include the following:

• MS03-011 - Flaw in Microsoft VM Could Enable System Compromise (KB816093)
  

The Microsoft VM is not included in SP4 natively. However the VM may be resident on systems which were updated to SP4 from a prior SP or installed by a third party software package.

• Internet Explorer 6 and Outlook Express 6
  

Windows 2000 originally included Internet Explorer 5.01. Service packs for Windows 2000 only affect this version. We recommend that you install Internet Explorer 6 SP1 and the current cumulative Internet Explorer security updates on Windows 2000 computers.

After you apply Microsoft Windows 2000 Update Rollup 1, you may receive an error message when you try to print. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

Note The log file name for the Update Rollup 1 for Windows 2000 SP4 is named UpdateRollupPack.log. This file is located in the %Systemroot% folder.