Windows 2000 Updates
|
Windows 2000 Updates |
|
Wichtiger Hinweis:Seit dem 9.12.2002 ist ein hausinterner, automatischer
Windows-Update-Service für Windows
2000/XP verfügbar.
Diese Liste wird nicht mehr gepflegt, es werden nur noch "große" Servicepacks angeboten.
|
|
Service Pack 4 |
| Datum | Name (Download deutsche Version) | Beschreibung | US-Version |
|
26.06.03 |
Windows 2000 Service Pack 4 (deutsch) | Readme | Download |
|
Service Pack 4 ist das aktuelle Service Pack für Windows2000. Es enthält SP1, SP2, SP3 und alle Pre-SP4-Hotfixe Achtung: Die aktuelle Ms-Java-VM sowie die aktuelle Internet-Explorer-Version 6.0 sind in SP4 nicht enthalten und müssen ggfls. separat installiert/ aktualisiert werden. Weitere Informationen zu SP4: Übersicht über die in Windows 2000 SP 4 behobenen Probleme, Versionsinformationen für Windows 2000 SP 4, Deployment Guide für Windows 2000 SP 4, FAQ About the Microsoft VM and Windows 2000 SP 4 |
|||
|
04.03.03 |
Java VM ver 3810 für Windows 2000 SP4, msjavwu.exe | FAQ SP4 | |
|
26.06.03 |
Deployment-Tools für Windows 2000, SP4-Update | Readme | |
|
26.06.03 |
Support-Tools für Windows 2000, SP4-Update | Readme | |
|
Pre-SP4 Hotfixes |
| Datum | Name (Download deutsche Version) | Beschreibung | US-Version |
|
24.10.02 |
Windows 2000 Security Patch: Certificate Validation Flaw Could Enable Identity Spoofing | Q329115 | Download |
| This update resolves the "Certificate Validation Flaw Could Enable Identity Spoofing" vulnerability in Windows 2000. Download now to prevent an attacker from attempting identity spoofing using certificates. | |||
|
26.10.02 |
Windows 2000 Patch: WM_TIMER Messages May Stop Being Delivered to Programs in Windows 2000 | Q322913 | Download |
| This update addresses the "WM_TIMER Messages Not Delivered to Programs" issue in Windows 2000, and is discussed in Microsoft Knowledge Base (KB) Article Q322913. Download now to resolve program errors caused by undelivered WM_TIMER Messages. | |||
|
15.10.02 |
Windows 2000 Patch: Problems Upgrading a User-Mode Print Driver By Using Point and Print | Q320914 | Download |
| This update resolves the "Problems Upgrading a User-Mode Print Driver By Using Point and Print" issue in Windows 2000 and is discussed in Microsoft Knowledge Base (KB) Article Q320914. Download now to ensure that if the driver for a shared printer is updated on the server, appropriate client registry updates occur that update and enable the driver on the client. | |||
|
09.10.02 |
Windows 2000 Security Patch: Unchecked Buffer in PPTP Implementation Could Enable Denial of Service | Q329834 | Download |
| This update resolves the "Unchecked Buffer in PPTP Implementation Could Enable Denial of Service" security vulnerability in Windows 2000. Download now to prevent an attacker from disrupting service on a server that offers private networking and uses the PPTP protocol. | |||
|
02.10.02 |
Windows 2000 Security Patch: Unchecked Buffer in HTML Help Security Vulnerability | Q323255 | Download |
| This update resolves the "Unchecked buffer in HTML Help can lead to Code Execution" security vulnerability in Windows XP. Download now to prevent a malicious user from running an unauthorized program on your computer. | |||
|
25.09.02 |
Windows 2000 Patch: Request to SmartHTML Interpreter Could Monopolize Web Server CPU Resources | Q324096 | Download |
| This update resolves the "Buffer Overrun in SmartHTML Interpreter Could Allow Code Execution" vulnerability in Windows 2000. Download now to eliminate a vulnerability of moderate severity in the Front Page 2000 Server Extensions for Microsoft Office. | |||
|
18.09.02 |
Windows 2000 Security Patch: Flaw in Microsoft VM JDBC Classes Could Allow Code Execution | Q329077 | Download |
| This update upgrades your Microsoft VM with the 5.00.3807 patch. This update is available only if you have an affected version of the Microsoft VM installed. All builds of the Microsoft VM up to and including build 5.00.3805 are affected. You can install this patch to the Microsoft VM on computers that are already running version 5.00.3805 of the Microsoft VM. | |||
|
05.09.02 |
Windows 2000 Security Patch: Weak Encryption in RDP Protocol can Lead to Information Disclosure | Q324380 | Download |
| This update resolves the "Cryptographic Flaw in RDP Protocol can Lead to Information Disclosure" security vulnerability in Windows 2000. Download now if you use Remote Desktop or Terminal Services, to prevent an attacker from potentially learning encrypted information that was sent during Remote Desktop or Terminal Services sessions. | |||
|
04.09.02 |
Windows 2000 Security Patch: Certificate Validation Flaw Could Enable Identity Spoofing | Q328145 | Download |
| This update resolves the "Certificate Validation Flaw Could Enable Identity Spoofing" vulnerability in Windows 2000. Download now to prevent an attacker from attempting identity spoofing using certificates. | |||
|
28.08.02 |
Windows 2000 Security Patch: Ability to add root certs to send ActiveX controls on WinXP | Q323172 | Download |
| This update resolves the "Flaw in Digital Certificate Enrollment Component Allows Certificate Deletion" security vulnerability in Windows 2000. Download now to stop a Web site or HTML e-mail from deleting digital certificates on your computer and preventing you from using the services they are associated with. | |||
|
22.08.02 |
Windows 2000 Security Patch: DoS Vulnerability Report in SMB Implementation | Q326830 | Download |
| This update resolves the "Unchecked Buffer in Network Share Provider can lead to Denial of Service" vulnerability in Windows 2000. Download now to prevent a malicious user from launching a denial of service (DoS) attack on your computer. | |||
|
14.08.02 |
Windows 2000 Security Patch: Flaw in Network Connection Manager Can Cause Rights Elevation | Q326886 | Download |
| The Network Connection Manager (NCM) provides a controlling mechanism for all network connections managed by a host system. A flaw could make it possible for an unprivileged user to cause the handler routine to run in the security context of LocalSystem. Please install this fix to correct problem. | |||
|
26.07.02 |
Windows 2000 Patch: A Lock Occurs Between Two Threads of System GDI in Windows 2000 | Q322842 | Download |
| This update resolves the "DeadLock Occurs Between Two Threads of System GDI in Windows 2000" issue in Windows 2000 and is discussed in Microsoft Knowledge Base (KB) Article Q322842. Download now to prevent your computer from not responding if you utilize user-defined fonts or characters. | |||
|
22.05.02 |
Windows 2000 Security Patch: Local Privilege Elevation through Debugging Vulnerability | Q320206 | Download |
| A privilege elevation vulnerability exists that can allow a malicious user to pose as any user on the computer, including any administrator or the operating system itself. Because this vulnerability requires the ability to log on interactively and to run a program, the computers that are most likely to be affected by this vulnerability are client computers and Terminal Services servers, which regularly permit users to interactively log on. Internet servers, file and print servers, and program servers such as SQL servers typically restrict the ability to log on interactively, and are less likely to be affected by this vulnerability. | |||
|
Service Pack 3 |
| Datum | Name (Download deutsche Version) | Beschreibung | US-Version |
|
31.07.02 |
Windows 2000 Service Pack 3 (deutsch) | Readme | Download |
|
Service Pack 3 ist das aktuelle Service Pack für Windows2000. Es enthält SP1, SP2 und alle Post-SP1 (=Pre-SP2) und Post-SP2 HotfFixes und das CRL-Update |
|||
|
Pre-SP3 Hotfixes |
| Datum | Name (Download deutsche Version) | Beschreibung | US-Version |
|
26.07.02 |
Windows 2000 Patch: A Lock Occurs Between Two Threads of System GDI in Windows 2000 | Q322842 | Download |
| This update resolves the "DeadLock Occurs Between Two Threads of System GDI in Windows 2000" issue in Windows 2000 and is discussed in Microsoft Knowledge Base (KB) Article Q322842. Download now to prevent your computer from not responding if you utilize user-defined fonts or characters. | |||
|
22.05.02 |
Windows 2000 Security Patch: Local Privilege Elevation through Debugging Vulnerability | Q320206 | Download |
| A privilege elevation vulnerability exists that can allow a malicious user to pose as any user on the computer, including any administrator or the operating system itself. Because this vulnerability requires the ability to log on interactively and to run a program, the computers that are most likely to be affected by this vulnerability are client computers and Terminal Services servers, which regularly permit users to interactively log on. Internet servers, file and print servers, and program servers such as SQL servers typically restrict the ability to log on interactively, and are less likely to be affected by this vulnerability. | |||
|
30.04.02 |
Windows 2000 Patch: High CPU Utilization When You Print to a Hewlett-Packard Multifunction Printer | Q299956 | Download |
| When you are printing to a Hewlett-Packard (HP) multifunction printer (such as the HP OfficeJet series) that is attached to a parallel port, CPU utilization may rise to 50-100 percent and remain high. For computers with a single CPU, utilization may reach 100 percent | |||
|
02.04.02 |
Windows 2000 Security Patch: Multiple UNC Provider Buffer Overflow Vulnerability | Q311967 | Download |
| The vulnerability results because of a flaw in the Multiple UNC (uniform naming convention) Provider (MUP), which is a network file system resource locator that runs in kernel-mode memory in Windows. Due to an unchecked buffer (a temporary storage area of limited capacity), a malicious user can send a specially malformed request, and either cause the computer to restart or run programs as if he or she were the user. | |||
|
25.03.02 |
Windows 2000 Patch: Encrypted Outlook Mail Certificate Update | Q308707 | Download |
| This update resolves the "'Certificate Revocation List Is Not Available' Error Message Appears with Encrypted Outlook Mail" issue in Windows 2000 and is discussed in Microsoft Knowledge Base Article (KB) 308707. Download now to prevent an error message from appearing when you receive an encrypted e-mail message. | |||
|
13.03.02 |
Windows 2000 Patch: Commerce Server-based programs Update | Q316430 | Download |
| This update resolves the "Performance of Microsoft Commerce Server-based Programs May Degrade Over Time" issue in Windows 2000, and is discussed in Microsoft Knowledge Base (KB) Article Q316430. Download now to prevent performance degradations in Windows 2000 when you use programs that are base on Microsoft Commerce Server 2000. | |||
|
12.03.02 |
Windows 2000 Patch: COM+ Rollup Package 18.1 | Q313582 | Download |
| The COM+ Rollup Package 18.1 provides a cumulative rollup of updates that have been offered since the release of Windows 2000 SP2, and is discussed in Microsoft Knowledge Base (KB) article Q313582. Download now to update your COM+ services to the most stable, secure, and best performing COM+ runtime. | |||
|
07.03.02 |
Windows 2000 Security Patch: Unchecked Buffer in Windows Shell Could Lead to Code Execution | Q313829 | Download |
| The vulnerability results because of an unchecked buffer (a temporary storage area of limited capacity) in the Windows User Environment. An attacker could exploit this vulnerability, and run programs as if he or she were the user. | |||
|
05.03.02 |
Windows 2000 Security Patch: Java Applet Can Redirect Browser Traffic | Q300845 | Download |
| A session hijacking vulnerability exists in the Microsoft virtual machine (Microsoft VM) that could allow a maliciously crafted Java applet to silently reroute all browser traffic to the applet's host without the user's knowledge. After an attacker possesses the rerouted browser traffic, he or she could take any action or any combination of actions that he or she chooses | |||
|
20.02.02 |
Windows 2000 Security Patch: SMTP Rollup | Q313450 | Download |
| Microsoft has released a patch for Windows 2000 that will eliminate a vulnerability that exists because a malicious user could issue a specially formatted, non-RFC compliant SMTP command that will result in a Denial of Service attack. This would be carried out more typically through a custom application where the malformed data would cause the SMTP service to fail. Download now to prevent a possible Denial of Service Attack. | |||
|
15.02.02 |
Windows 2000 Patch: Devices May Not Power Up Properly When Resuming from Standby | Q311537 | Download |
| This problem occurs because the Pci.sys driver does not wait the required 10 milliseconds to access the device after the power is restored. | |||
|
14.02.02 |
Windows 2000 Patch: PCMCIA device driver update | Q265296 | Download |
| This update resolves the "Toshiba PC Card Controller May Power 3.3-Volt R2 PC Card at 5 Volts" issue in Windows 2000 and is discussed in Microsoft Knowledge Base (KB) Article Q265296. Download now to ensure that the bus voltage handles both 3.3-volt and 5-volt PC Cards appropriately. | |||
|
13.02.02 |
Windows 2000 Security Patch: Memory Leak in SNMP Vulnerability | Q314147 | Download |
| This update resolves the "Unchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Run" security vulnerability in Windows 2000, and is discussed in Microsoft Security Bulletin MS02-006. Download now to prevent a malicious user from running code of their choice or launching a Denial of Service (DoS) attack on your computer. | |||
|
07.02.02 |
Windows 2000 Patch: Active Server Pages will respond slowly if cookies are requested | Q291597 | Download |
| The IsDBCSLeadByteEx function may take a long time to complete if code page CP_UTF8 (65001) is passed in. | |||
|
30.01.02 |
Windows 2000 Security Rollup Package 1 (SRP1), January 2002 | Q311401 | Download |
| Windows 2000
Security Rollup Package 1 (SRP1) includes all of the security updates that
have been released since the release of Windows 2000 Service Pack 2 (SP2)
. This small, comprehensive rollup of updates is an easy mechanism for
managing the rollout of security fixes. Applying SRP1 does not change the
encryption level of your computer. Full Install (17 MB): Download der vollständigen Datei. |
|||
|
30.01.02 |
Windows 2000 Security Rollup Package 1 (SRP1), January 2002 | Q311401 | Download |
| Windows 2000
Security Rollup Package 1 (SRP1) includes all of the security updates that
have been released since the release of Windows 2000 Service Pack 2 (SP2)
. This small, comprehensive rollup of updates is an easy mechanism for
managing the rollout of security fixes. Applying SRP1 does not change the
encryption level of your computer. Express Install (0.5 MB): Download der Installationsdatei. Der aktuelle Installationsstand des PC´s wird überprüft und nur die benötigten Dateien aus dem Internet werden nachgeladen. Installation nur bei bestehendem Online-Zugang möglich (Beim Internet Explorer kann auch "Programm von diesem Ort ausführen" gewählt werden.). |
|||
|
20.11.01 |
Windows Security Patch: Media Player Fix | WM308567 | Download |
| Windows Media Player .ASF Processor
Contains Unchecked Buffer.
Dieses Update ist für alle Windows-Betriebssysteme mit Windows Media Player 7.1 / 7.0 / 6.4 bestimmt. Dieses Update ist auch für Windows 2000 / Me mit oder ohne Windows Media Player bestimmt. |
|||
|
16.08.01 |
Network DDE Agent Request Vulnerability Fix | Q285851 | Download |
| The vulnerability could, under
certain conditions, allow an attacker to gain complete control over an
affected machine.
Update der Version vom 06.02.01 |
|||
|
15.08.01 |
DoS Attack Causes Memory Leak Fix | Q299796 | Download |
| The vulnerability could allow a malicious user to temporarily prevent an affected machine from providing any NetMeeting services and possibly consume 100% CPU utilization during an
attack.
Update der Version vom 20.06.01 |
|||
|
15.10.01 |
Windows 2000 Patch: 3.3-Volt PC Card May Not Work with Toshiba PC Card Controller After Resuming from Hibernation | Q303392 | Download |
|
|
A supported fix is now available from Microsoft, but it is only intended to correct the problem described in this article and should be applied only to systems experiencing this specific problem. This fix may receive additional testing at a later time, to further ensure product quality. Therefore, if you are not severely affected by this problem, Microsoft recommends that you wait for the next Windows 2000 service pack that contains this fix. | ||
|
13.09.01 |
Windows 2000 Patch: RSVP Service Provider Causes some Winsock Applications to Stop Responding | Q300980 | Download |
|
|
After you install Windows 2000 Service Pack 2 (SP2), a WinSock application may stop responding (hang) during startup. In a debugger, you may receive the following error message: Provider 'RSVP UDP Service Provider' returned bad proc table! R->WSPStartup() failed: 10091 | ||
|
23.08.01 |
Windows 2000 Patch: Stop Error Message When Using CD-Rom | Q302827 | Download |
|
|
Microsoft has released a patch that will resolve the "Stop 0x00000050" error message. This issue is caused by a problem in Udfs.sys that does not calculate a file name's length correctly. This problem may occur intermittently. Download now to prevent the "Stop Error" message from occuring. | ||
|
15.08.01 |
Windows 2000 does not support mapping virtual COM ports to IR ports | Q252795 | Download |
|
|
For mobile, Infrared Data Association (IrDA)-enabled
phones, obtain the update referenced below which adds IrCOMM modem support
to Windows 2000. The IrCOMM modem driver recognizes and installs
IrCOMM-enabled cell phones as modems. Furthermore, this implementation
only supports computer initiated IrCOMM connections to a phone and not the
reverse. NOTE: This update still does not allow for mapping of infrared ports to a Virtual COM port. The added support is specifically for IrDA-enabled mobile phones. This update makes the IrCOMM support identical to Windows XP. |
||
|
15.08.01 |
Windows 2000 IIS5 Security Patch: SSI Privilege Elevation Vulnerability | Q301625 | Download |
|
Code |
Microsoft has released a cumulative patch for IIS 4.0 and 5.0. In addition to eliminating virtually all previously identified security vulnerabilities in IIS, it also eliminates several newly discovered ones. These include three denial of service vulnerabilities, one of which is exploited by the Code Red worm, and two vulnerabilities that could enable an attacker with the ability to load low-privilege code on the server to gain higher privileges. | ||
|
15.08.01 |
Code Read II Cleaner (CodeRedCleanup.exe) | Info | |
|
Code |
Tool to Remove Obvious Effects of the Code Red II Worm Achtung: Ersetzt nicht die Hotfixe zur Verhinderung neuer Infizierung!! |
||
|
23.07.01 |
Memory Leak in Telnet Server with Services for Unix (SFU) 2.0 Fix | Q301514 | Download |
| Among the components provided by Services for Unix (SFU) 2.0 are services that implement the NFS (Network File System) and Telnet protocols. Both services contain memory leaks that could be triggered by a user request. Download now to prevent an attacker deliberately sending such requests in order to deplete kernel memory and prevent the server from performing useful service. | |||
|
23.07.01 |
Denial-of-Service Attack with Services for Unix (SFU) 2.0 Fix | Q294380 | Download |
| Among the components provided by Services for Unix (SFU) 2.0 are services that implement the NFS (Network File System) and Telnet protocols. Both services contain memory leaks that could be triggered by a user request. Download now to prevent an attacker deliberately sending such requests in order to deplete kernel memory and prevent the server from performing useful service. | |||
|
23.07.01 |
Attack EP Vulnerability Security Fix | Q298012 | Download |
| A denial-of-service vulnerability exists in the Microsoft products that are listed at the beginning of this article. This vulnerability can disrupt a server's ability to service legitimate users' requests if a specially malformed request is received. | |||
| 20.07.01 | Winbond Super I/O Update | Q301077 | Download |
| This update addresses an issue in Windows 2000 running on Compaq computer systems that use the Winbond Super I/O disk controller to access the floppy disk drive, and is discussed in Microsoft Knowledge Base (KB) Article Q301077. Download now to prevent your computer from erroneously reporting that there is no floppy disk in the floppy disk drive. | |||
|
06.07.01 |
Authentication Error in SMTP Service Could Allow Mail Relaying Fix | Q302755 | Download |
| A vulnerability exists in the Windows 2000 SMTP service that could enable an unauthorized user to conduct mail relaying by using a Windows 2000 server. This could enable an attacker to disguise the origination point of an e-mail message, or co-opt a server's resources for mass mailings. | |||
| 19.06.01 | New Cipher.exe Tool | Q298009 | Download |
| Cipher.exe is a command-line tool (included with Windows 2000) that you can use to manage encrypted data by using the Encrypting File System (EFS). | |||
|
18.06.01 |
"Unchecked Buffer in Index Server ISAPI Extension Could Enable Web Server Compromise" Fix | Q300972 | Download |
|
Code |
The Indexing Service ISAPI (Indexing Service Application Programming Interface) extension, idq.dll file, which installs as part of Indexing Service in Windows 2000 has an unchecked buffer (a temporary data storage area that has a limited capacity) in the code that handles incoming requests. A specifically malformed request from a malicious user can cause the buffer to overflow. Doing so grants the malicious user Local System privileges, allowing him or her to take complete control of the Web server. | ||
|
13.04.01 |
OLE DB Provider for Internet Publishing Fix (RBUPDATE) | Q296441 | Download |
| WebDAV Service Provider Can Allow Scripts to Levy Requests as User Security Vulnerability. | |||
|
25.05.01 |
HyperTerminal Security Fix (originally posted: 18.10.00) | Q276471 | Download |
| "HyperTerminal Buffer Overflow" security vulnerability. | |||
| 22.01.01 | DBCS Printing Issue With Pagemaker | Q278438 | Download |
| DBCS characters may be incorrectly printed out Japanese PageMaker 6.53 with PostScript printer. | |||
|
26.02.01 |
Event Viewer Fix | Q285156 | Download |
| Windows 2000 Event Viewer Contains an Unchecked Buffer. | |||
|
02.02.01 |
New Variant of File Fragment Reading via .HTR Vulnerability Fix | Q285985 | Download |
| obsolet, in Q293826
enthalten! (ism.dll) Microsoft has released a patch that eliminates a security vulnerability in Internet Information Server (IIS) 4.0 and Internet Information Services (IIS) 5.0. Under very unusual conditions, this vulnerability can allow an attacker to read fragments of files from a Web server. |
|||
| 28.02.01 | 16Bit Program Fix | Q288165 | Download |
| 16-bit Programs that Call to GlobalAlloc for Large Memory Allocations Cause Programs to Hang. | |||
| 15.03.01 | Lsass Fix | Q291340 | Download |
| When you are using an active server page (ASP) that creates a remote component services component by using local user accounts with basic authentication, there may be a token handle leak in Lsass.exe. | |||
|
31.05.01 |
IIS 5.0 Security Update (originally posted: 14.05.01) | Q293826 | Download |
| Sammlung bisheriger Hotfixe für IIS 5 Superfluous Decoding Operation Could Allow Command Execution via IIS, Pattern-Matching Function Can Cause Access Violation on FTP Server |
|||
| 31.05.01 | SCSI Bus Reset Update | Q297961 | Download |
| When you restart your computer after applying
Windows 2000 Service Pack 2 (SP2) on a computer that has an NCR Storage Cabinet (NSC) array attached, the restart process may take as long as one hour to finish. |
|||
|
07.06.01 |
Telnet Access Security Fix | Q299553 | Download |
| This update addresses the "Predicatable Name Pipes Could Enable Privilege Elevation via Telnet" security vulnerability in the Windows 2000 Telnet service that is discussed in Microsoft Security Bulletin MS01-031. Download now to prevent a malicious user from launching programs on your computer, gaining access to your network, or initiating a denial of service attack against your computer. | |||
|
23.02.01 |
Malformed URL can cause Service Failure security vulnerability | Q286818 | Download |
| obsolet, in Q293826
enthalten! (httpext.dll) This update resolves the "Malformed URL can cause Service Failure in IIS 5.0 and Exchange 2000" security vulnerability in Internet Information Server (IIS) 5.0 and Exchange 2000, and is discussed in Microsoft Security Bulletin MS01-014. Download now to prevent a malicious user from causing IIS 5.0 to fail. |
|||
|
08.05.01 |
Malformed Domain Controller Service Request security vulnerability | Q294391 | Download |
| This update resolves the "Malformed Domain Controller Service Request" security vulnerability in Windows 2000, and is discussed in Microsoft Security Bulletin MS01-024. Download now to prevent a malicious user from temporarily disrupting service on your domain controller. | |||
|
10.05.01 |
Malformed Hit-Highlighting security vulnerability | Q296185 | Download |
| This update addresses the "Malformed Hit-Highlighting" security vulnerability in Windows 2000 computers running Indexing Service, and is discussed in Microsoft Security Bulletin MS01-025. Download now to prevent a malicious user from reading files on your Web server | |||
|
02.04.01 |
Erroneous VeriSign-Issued Digital Cert security vulnerability (CRLUPD) | Q293818 | Download |
| Dieses Update ist in SP2 bereits enthalten! This update resolves the "Erroneous VeriSign-Issued Digital Certificates Pose Spoofing Hazard" security vulnerability, and is discussed in Microsoft Security Bulletin MS01-017. Download now to prevent an unauthorized user from running code on your computer by digitally signing programs as "Microsoft Corporation." |
|||
|
06.06.01 |
Terminal Services Licensing Enhancements Update | Q287687 | Download |
| This update includes two "Terminal Services Licensing
Enhancements" for Windows 2000, and is discussed in Microsoft Knowledge
Base (KB) article Q287687. Download now to improve the way Windows 2000
handles Terminal Services (TS) Client Access License (CAL) tokens, thereby increasing logon security. |
|||
|
Service Pack 2 |
| Datum | Name (Download deutsche Version) | Beschreibung | US-Version |
|
16.05.01 |
Windows 2000 Service Pack 2 (deutsch) | Readme | Download |
|
Service Pack 2 ist das aktuelle Service Pack für Windows2000. Es enthält SP1 und alle Post-SP1 (=Pre-SP2) HotfFixes und das CRL-Update |
|||
|
Pre-SP2 Hotfixes |
| Datum | Name (Download deutsche Version) | Beschreibung | US-Version |
| 27.06.00 | Ultra-DMA 100 Fix | Q260233 | Download |
| Windows 2000 does not support ATA 100 (Mode 5) for IDE hard disks. All ATA 100 IDE hard disks that are used with Windows 2000 default to ATA 66 (Mode 4). | |||
| 13.10.00 | 3D-Grafik-Fix (VIA Mainboard-Chipsatz) | Q261606 | Download |
| Video Hangs When Running 3D Graphics Programs. (Installation nur für VIA-Chipsatz erforderlich) | |||
| 31.11.00 | PC-Card Fix | Q265296 | Download |
| Toshiba PC Card Controller May Power 3.3-Volt R2 PC Card at 5 Volts. | |||
|
28.12.00 |
Security Fix | Q266794 | Download |
| Windows 2000 SNMP Registry Entries Are Saved in Plain Text Format and Are Readable. | |||
| 14.07.00 | Telnet Server Fix | Q267843 | Download |
| Windows 2000 Telnet Server Stops Responding After Binary Input. | |||
| 30.11.00 | Removable Media Fix | Q269013 | Download |
| Non-Administrative User Cannot Access Removable Media After NTFS Format. | |||
|
17.08.00 |
Search Path Fix | Q269049 | Download |
| It may be possible for a malicious user to place a program named Explorer.exe in the C:\ folder (the root of drive C) so that it is run in place of the standard Windows shell program. By default, the share permissions on the C:\ folder are set to Everyone Full Access. Anyone who has access to this share, either locally or through a network connection, can place a program there that is run before the Explorer.exe shell. | |||
|
29.09.00 |
"NetBIOS Name Server Protocel Spoofing" Fix | Q269239 | Download |
| If a malicious user exploits this vulnerability, Windows 2000 and Windows NT® 4.0 computers cannot register a name on the network, or they can lose their current name registration, making the computers unavailable as network resources. | |||
|
05.09.00 |
Service Control Manager Fix | Q269523 | Download |
| Service Control Manager Named Pipe Impersonation Vulnerability. | |||
| 06.10.00 | "Simplified Chinese IME State Recognition" Security Fix | Q270676 | Download |
| The Input Method Editor (IME) for Simplified Chinese inappropriately exposes functionality when it is used as part of a computer's logon screen. | |||
| 06.10.00 | Xenroll.dll File Signature Update | Q272252 | |
| This update addresses the "Incorrect Signature for Xenroll.dll file" issue found in some international language versions of Windows 2000. The Xenroll.dll file is incorrectly signed in the Japanese, German, French, Italian, and Spanish versions of Windows 2000. Client browsers connecting to a Windows 2000 server for certificate enrollment will receive a message stating the file was modified after signing, or that the file is unsigned. Installing this update will provide the correctly signed Xenroll.dll file. | |||
|
18.10.00 |
RPC Server Service Fix | Q272303 | Download |
| This update resolves the "Malformed RPC Packet" security vulnerability in Windows 2000 and is discussed in Microsoft Security Bulletin MS00-066. Download now to prevent a malicious user from launching a Denial of Service attack via the Remote Procedure Call (RPC) client. | |||
|
26.10.00 |
"Still Image Service Privilege Escalation" security vulnerability Fix | Q272736 | Download |
| The Still Image Service is automatically installed when a still image device (such as a digital camera or scanner) is attached to the Windows 2000 host. There is an unchecked buffer in the Still Image Service that could allow a malicious program to obtain LocalSystem privileges. | |||
|
16.09.00 |
"Telnet Client NTLM Authentication" Security Fix | Q272743 | Download |
| A malicious user who operates a Telnet server could initiate a session with another computer and collect the computer's NTLM authentication credentials. These credentials could be subjected to an offline attack to discover the user’s clear-text password. | |||
| 15.01.01 | SCSIPort Driver Update | Q276253 | Download |
| If the SCSIPort driver encounters multiple busy or queue full request completions, it attempts to requeue requests in the logical unit's Device queue. When this occurs, the SCSIPort driver expects to find the Device queue in a busy state. However, it is possible for the queue to be in a not-busy state if it was drained by delivering LuNextRequests to the miniport driver. When this error occurs, the SCSI bus resets. | |||
|
10.01.01 |
"ActiveX Parameter Validation" Security Fix | Q278511 | Download |
| This update resolves the "ActiveX Parameter Validation" security vulnerability in Windows 2000 and is discussed in Microsoft Security Bulletin MS00-085. Download now to prevent a malicious user from causing the ActiveX® buffer to overflow, thereby adding, creating, or deleting files or formatting your hard disk. | |||
| 28.02.01 | Unresponsive Socket Program Update | Q278522 | Download |
| This issue exists because there is an error in the way requests are processed on computers that are running Windows 2000 SP1. When a program does not respond to a request for the creation of a socket, the socket is not created, and the program becomes unresponsive. This can result in 100 percent Central Processing Unit (CPU) usage. | |||
| 19.02.01 | GetEffectiveRightsFromAcl() Function Fix | Q286360 | Download |
| Microsoft has released a Windows 2000 patch that prevents the The GetEffectiveRightsFromAcl function from returning the "1355 0x54b ERROR_NO_SUCH_DOMAIN" message when one of the access control entries (ACEs) in the Access Control List (ACL) parameter contains a domain global group security identifier (SID). | |||
| 19.02.01 | LSA Memory Loss Fix | Q288861 | Download |
| When you use the System Monitor tool, you may notice memory leaks in the Local Security Authority (LSA) during a Kerberos change-password request or when LSA loads a security package. You may need to restart the computer to restore performance and to shrink Lsass.exe. | |||
|
02.01.01 |
"Indexing Service File Enumeration" Security Fix | Q280838 | Download |
| An ActiveX® control that is shipped with Indexing Service is incorrectly marked as "safe for scripting." The control makes it possible for Web applications and other programs to list the names of files and folders on a computer running Windows 2000. Because this control is marked "safe for scripting," a malicious Web site operator could use the control to gather the names and properties of files and folders on a visiting user's affected computer. Under very specific circumstances, if Indexing Service 3.0 is running on an affected computer, the malicious Web site operator might be able to search for files that contain specific words. | |||
|
16.01.01 |
"Web Client NTLM Authentification" Fix | Q282132 | Download |
| Under specific conditions, this vulnerability allows a malicious Web site operator to obtain the cryptographically protected logon credentials of a visiting user. This is because the security settings for WEC components are set to incorrect levels, which allows your computer to send information about your authentication credentials to remote Web applications. | |||
| 23.01.01 | "Memory Leak in Component Services Applicationomponent" Update | Q282769 | Download |
| A memory leak can occur when you make calls between components that reside in different contexts in a Component Services application. The memory leak occurs only when the call is made through the IDispatch interface. | |||
|
30.01.01 |
Virtual Machine Security Fix | Q287030 | Download |
| This update upgrades your computer to build 3802 of the Microsoft virtual machine (VM), which includes the same vulnerability fixes as those contained in Microsoft VM build 3319. If you have already installed Microsoft VM build 3319, then your computer is not affected by the vulnerability. | |||
| 07.03.01 | WinSock Recvfrom() Fix | Q263823 | Download |
| In Windows 2000, a User Datagram Protocol (UDP) program may not work and may generate a WSAECONNRESET response. | |||
|
Service Pack 1 |
| Datum | Name (Download deutsche Version) | Beschreibung | US-Version |
|
26.07.00 |
Windows 2000 Service Pack 1 (deutsch) | Readme | |
|
Internet Explorer 5.5 SP2 Hotfixe (auch für SP2 erforderlich!) |
| Datum | Name (Download deutsche Version) | Beschreibung | US-Version |
|
11.02.02 |
IE 5.5 SP2 Security Update: February 2002 (enthält alle vorherigen) | Q316059 | Download |
| The "11 February 2002 Cumulative Patch for Internet Explorer" update eliminates all known security vulnerabilities affecting Internet Explorer 5.5SP2, as well as six new vulnerabilities, and is discussed in Microsoft Security Bulletin MS02-005. Download now to protect your computer from these vulnerabilities, the most serious of which could allow an attacker to run code on your computer. | |||
|
13.12.01 |
IE 5.5 SP2 Security Update: December 2001 | Q313675 | Download |
| This update eliminates all known security vulnerabilities affecting Internet Explorer 5.5 Service Pack 2 (SP2) and Internet Explorer 6, and addresses the "Incorrect Content-Disposition Handling Can Cause IE to Execute Code Automatically" security vulnerabilities in Internet Explorer 5.5 SP2 and 6, and is discussed in Microsoft Security Bulletin MS01-058. Download now to protect your computer from all previously discussed security vulnerabilities affecting Internet Explorer 5.5 SP2 and 6, as well as three newly discovered vulnerabilities: the File Execution vulnerability, a variant of the Frame Domain Verification vulnerability, and the File Name Spoofing vulnerabilty. | |||
|
10.10.01 |
IE 5.5 SP2 Security Update: October 2001 | Q306121 | Download |
| This update eliminates three security vulnerabilities affecting Internet Explorer, and is discussed in Microsoft Security Bulletin MS01-051. Download now to prevent a malicious user from taking advantage of the Zone Spoofing vulnerability, the HTTP Request Encoding vulnerability, or a new variant of the Telnet Invocation vulnerability in Internet Explorer. | |||
|
Internet Explorer 5.5 SP1 Hotfixe (auch für SP2 erforderlich, wenn IE55SP2 nicht installiert ist!) |
| Datum | Name (Download deutsche Version) | Beschreibung | US-Version |
|
25.03.01 |
Patch for "Browser Print Template" Vulnerability | Q279328 | Download |
| Microsoft has released an update to Internet Explorer that
addresses a potential security issue in which a Web-based program could invoke a custom print template without approval from the user. |
|||
|
22.02.01 |
Patch or Malformed vCard Vulnerability (Outlook Express) | Q283908 | Download |
| A malicious user can use the vulnerability to create a virtual business card (vCard); if the vCard is opened, the malicious user can use the vCard to take any action on the recipient's computer. | |||
|
24.5.01 |
IE 5.5SP1 Security Update | Q299618 | Download |
| This update resolves several security vulnerabilities in Internet Explorer 5.5 Service Pack 1 (SP1) and is discussed in Microsoft Security Bulletins MS01-015 and MS01-027. It also includes a previously released update, which is discussed in Microsoft Security Bulletin MS01-020 | |||
|
Sonstige Updates und Tools |
| Datum | Name (Download deutsche Version) | Beschreibung | US-Version |
|
16.01.02 |
QFECHECK.EXE | Q282784 | Download |
|
Microsoft has released a command-line tool that easily enumerates all of the installed fixes by Microsoft Knowledge Base article number. Customers can then confirm that they have installed the appropriate set of fixes before using a valuable support incident and potentially experiencing unplanned down time. Dieses Tool ist momentan nur für die englische Version erhältlich. |
|||
| 13.12.99 | 128Bit-Verschlüsselung (in SP2 enthalten) | Download | |
| Wichtiger Hinweis: Die Verschlüselungsstärke (40/128bit) von Win2000 und IE5.x müssen übereinstimmen. IE 5.5(SP1) verwendet 128bit Verschlüselungsstärke. | |||
| 29.08.01 | Internet Explorer 6.0 | Download | |
|
Installation/Update von dieser Web-Site. Sie können die Installations-EXE-Datei direkt
von hier ausführen. Auf diesem Server
befindet sich eine Kopie der Microsoft Download-Quellen. Wird nach Ende der Installation kein Neustart durchgeführt, bitte Windows manuell neu starten! |
|||
| 08.09.01 | Internet Explorer 5.5 SP2 | Download | |
|
Installation/Update von dieser Web-Site. Sie können die Installations-EXE-Datei direkt
von hier ausführen. Auf diesem Server
befindet sich eine Kopie der Microsoft Download-Quellen. Wird nach Ende der Installation kein Neustart durchgeführt, bitte Windows manuell neu starten! |
|||
| 16.03.01 | QCHAIN.EXE (für silent Installation mehrerer Hotfixe) | Q296861 | Download |
|
Use QChain.exe to Install Multiple Hotfixes with Only One Reboot. Qchain stellt sicher, dass nur die jeweilis aktuellesten Dateien installiter werden. |
|||
| 25.06.02 | DirectX 8.1b | Download | |
| aktuelles Direct-X-Update für Windows 2000 | |||
| 16.01.01 | Novell NetWare Client 32 v 4.8SP1 für Win2000/NT (US-Version) | Download | |
| Die US-Version wird auch für deutsches Win2000 empfohlen! EXE-File kann direkt ausgeführt werden (nur aus IE4/IE5 möglich). Neuinstallation oder Update, für Windows 2000 und Windows NT. | |||
|
Wolfram Oestreicher, Florian Steinbauer - 04.07.2003 |