Windows 2000 Security Rollup Package 1 (SRP1), January 2002
(Q311401)
The information in this article applies to:
- Microsoft Windows
2000 SP2 , Professional
- Microsoft Windows
2000 SP2 , Server
- Microsoft Windows
2000 SP2 , Advanced Server
SUMMARY
Windows 2000 Security Rollup Package 1 (SRP1) includes all of
the security updates that have been released since the release
of Windows
2000 Service Pack 2 (SP2) . This small, comprehensive rollup
of updates is an easy mechanism for managing the rollout of security
fixes. Applying SRP1 does not change the encryption level of your
computer.
For more information about this first release of the SRP, visit
the following Microsoft Web site:
http://support.microsoft.com/default.aspx?scid=http://www.Microsoft.com/technet/security/news/w2ksrp1.asp
MORE INFORMATION
For additional information about SRP1 and any actions you should
take before you apply it, click the article number below to view
the article in the Microsoft Knowledge Base:
Q315683
Windows 2000 Security Rollup Package 1 (SRP1), January 2002, Release
Notes
Patches are available from the following Microsoft Web site (if
your language is not listed, please check back later):
http://support.microsoft.com/default.aspx?scid=http://www.microsoft.com/windows2000/downloads/critical/q311401/default.asp
NOTE : This patch requires Windows
2000 SP2 .
Release Date: January 30, 2002
For additional information about how to download Microsoft Support
files, click the article number below to view the article in the
Microsoft Knowledge Base:
Q119591
How to Obtain Microsoft Support Files from Online Services
Microsoft used the most current virus detection software available
on the date of posting to scan this file for viruses. Once posted,
the file is housed on secure servers that prevent any unauthorized
changes to the file.
Fixes Included in SRP1
SRP1 includes all post-SP2 security updates that have been delivered
via Microsoft
Security Bulletins . In addition, it also includes a small number
of security updates that have not been previously discussed. Because
security bulletins are disruptive to customers' normal maintenance
procedures, Microsoft typically issues them only when a security
issue poses an immediate danger to your systems. Issues that do
not meet this standard are typically addressed through other delivery
vehicles such as service packs or, in this case, the SRP.
Q252795
MS01-046: Windows 2000 Does Not Support Mapping Virtual COM Ports
to Infrared Ports
Q273854
MS00-077: Denial of Service Can Occur with Microsoft NetMeeting
Q276471
MS00-079: Patch for "HyperTerminal Buffer Overflow" Vulnerability
In Windows 2000
Q282806
MS01-031: Telnet Service Prevents an Idle Telnet Session from
Timing Out
Q285156
MS01-013: Windows 2000 Event Viewer Contains an Unchecked Buffer
Q285851
MS01-007: Patch Available for Network DDE Agent Request Vulnerability
Q285985
MS01-004: Patch Available for New Variant of File Fragment Reading
via .HTR Vulnerability
Q286043
MS01-051: Patch Available for Telnet Logging Vulnerability
Q287397
MS01-011: Patch Available for Malformed Domain Controller Service
Request Vulnerability
Q287912
MS01-031: Predictable Named Pipes Could Enable Privilege Elevation
with Telnet
Q288855
MS01-026: FTP Service Allows Login to Domain Guest Account
Q289243
MS02-001: Forged SID Could Result in Elevated Privileges in Windows
2000
Q289782
INFO: Post Windows 2000 Service Pack 2 COM+ Rollup Hotfix 8 Is
Available
Q292435
MS01-040: Invalid RDP Data Can Cause Memory Leak in Terminal Services
Q293826
MS01-026: Pattern-Matching Function Can Cause Access Violation
on FTP Server
Q294370
MS01-026: Updated Patch for Microsoft Security Bulletin MS00-060
Q294379
Addressees Appear in Body of SMTP Message Instead of the Header
If You Specify Many Addressees
Q294391
MS01-024: Malformed Request to Domain Controller Can Cause Memory
Exhaustion
Q294774
MS01-044: IIS Loads ISAPI Extension In-Process Even When Application
Is Marked for High Isolation
Q295534
MS01-026: Superfluous Decoding Operation Can Allow Command Execution
Through IIS
Q296185
MS01-025: Patch Available for New Variant of the "Malformed Hit-Highlighting"
Vulnerability
Q297860
MS01-044: IIS 5.0 Security and Post-Windows NT 4.0 SP5 IIS 4.0
Patch Rollup
Q298009
Cipher.exe Security Tool for the Encrypting File System
Q298012
MS01-041: Malformed RPC Request Can Cause Service Problems
Q298340
MS01-044: Patch Available for WebDAV Denial of Service
Q299553
MS01-031: Logon Command That Contains a Particular Malformation
Causes an Access Violation in the Telnet Service
Q299687
MS01-036: Function Exposed By Using LDAP over SSL Could Enable
Passwords to Be Changed
Q299796
MS00-077: Denial-of-Service Attack on Port 1720 May Cause a Memory
Leak in Conf.exe
Q300477
MS01-035: FPSE: Potential Buffer Overrun Vulnerability in Visual
Studio RAD (Remote Application Deployment)
Q300855
MS01-031: Windows 2000 Telnet Security Rollup
Q300901
MS01-031: Telnet Service Allows Logging On to Domain Guest Account
Q300905
MS01-031: Handle Leak in Telnet Service Causes a Denial-of-Service
Vulnerability
Q300908
MS01-031: Program Running with Normal Privileges Can Terminate
a Telnet Session
Q300972
MS01-033: Unchecked Buffer in Index Server ISAPI Extension Can
Enable Web Server Compromise
Q301625
MS01-044: Patch Available for SSI Privilege Elevation Vulnerability
Q302755
MS01-037: Authentication Error in SMTP Service Could Allow Mail
Relaying
Q303984
MS01-043: NNTP Service in Windows 2000 Contains a Memory Leak
Q304867
MS01-044: Patch Available for MIME Header Denial of Service Vulnerability
Q305601
MS01-060: FIX: CRT String Format Functions May Underwrite Buffer
Q306118
FPSE2000: List of Issues Fixed in FrontPage Server Extensions
Service Release 1.3
Q306121
MS01-051: Malformed "Dotless" IP Address Can Cause a Web Page
to Be Handled in the Intranet Zone
Q307454
MS01-052: Invalid RDP Data Can Cause Terminal Services Failure
Q308268
.IDA and .IDQ Mappings Restored After You Install Service Pack
or Add/Remove a Windows Component
Q308414
MS01-051: Patch Available for HTTP Request Encoding Vulnerability
Q311355
MS01-041: The Danish Version of Security Hotfix MS01-041 Is Not
Installed
Q311371
Terminal Services Sessions Are Disconnected Because of a Decryption
Error
Q315404
MS01-052: Clients with an Expired Temporary License May Be Unable
to Connect to Terminal Services
|
|