Windows 2000 Updates


Wichtiger Hinweis:

Seit dem 9.12.2002 ist ein hausinterner, automatischer Windows-Update-Service für Windows  2000/XP verfügbar. Diese Liste wird nicht mehr gepflegt, es werden nur noch "große" Servicepacks angeboten.
Aktuelle Hotfixe zum Download erhalten Sie über Microsoft WindowsUpdate unter dem Punkt "Windows Update-Katalog"!
 

 

Service Pack 4

 Datum       Name (Download deutsche Version) Beschreibung    US-Version  

26.06.03

Windows 2000 Service Pack 4 (deutsch) Readme Download
  Service Pack 4 ist das aktuelle Service Pack für Windows2000. 
Es enthält SP1, SP2, SP3 und alle Pre-SP4-Hotfixe
Achtung: Die aktuelle Ms-Java-VM sowie die aktuelle Internet-Explorer-Version 6.0 sind in SP4 nicht enthalten und müssen ggfls. separat installiert/ aktualisiert werden.
Weitere Informationen zu SP4: Übersicht über die in Windows 2000 SP 4 behobenen Probleme, Versionsinformationen für Windows 2000 SP 4, Deployment Guide für Windows 2000 SP 4, FAQ About the Microsoft VM and Windows 2000 SP 4

04.03.03

Java VM ver 3810 für Windows 2000 SP4, msjavwu.exe FAQ SP4  

26.06.03

Deployment-Tools für Windows 2000, SP4-Update Readme  

26.06.03

Support-Tools für Windows 2000, SP4-Update Readme  
 
 

Pre-SP4 Hotfixes

 Datum       Name (Download deutsche Version) Beschreibung    US-Version  
 

24.10.02

Windows 2000 Security Patch: Certificate Validation Flaw Could Enable Identity Spoofing Q329115 Download
  This update resolves the "Certificate Validation Flaw Could Enable Identity Spoofing" vulnerability in Windows 2000. Download now to prevent an attacker from attempting identity spoofing using certificates.
 

26.10.02

Windows 2000 Patch: WM_TIMER Messages May Stop Being Delivered to Programs in Windows 2000 Q322913 Download
  This update addresses the "WM_TIMER Messages Not Delivered to Programs" issue in Windows 2000, and is discussed in Microsoft Knowledge Base (KB) Article Q322913. Download now to resolve program errors caused by undelivered WM_TIMER Messages.
 

15.10.02

Windows 2000 Patch: Problems Upgrading a User-Mode Print Driver By Using Point and Print Q320914 Download
  This update resolves the "Problems Upgrading a User-Mode Print Driver By Using Point and Print" issue in Windows 2000 and is discussed in Microsoft Knowledge Base (KB) Article Q320914. Download now to ensure that if the driver for a shared printer is updated on the server, appropriate client registry updates occur that update and enable the driver on the client.
 

09.10.02

Windows 2000 Security Patch: Unchecked Buffer in PPTP Implementation Could Enable Denial of Service Q329834 Download
  This update resolves the "Unchecked Buffer in PPTP Implementation Could Enable Denial of Service" security vulnerability in Windows 2000. Download now to prevent an attacker from disrupting service on a server that offers private networking and uses the PPTP protocol.
 

02.10.02

Windows 2000 Security Patch: Unchecked Buffer in HTML Help Security Vulnerability Q323255 Download
  This update resolves the "Unchecked buffer in HTML Help can lead to Code Execution" security vulnerability in Windows XP. Download now to prevent a malicious user from running an unauthorized program on your computer.
 

25.09.02

Windows 2000 Patch: Request to SmartHTML Interpreter Could Monopolize Web Server CPU Resources Q324096 Download
  This update resolves the "Buffer Overrun in SmartHTML Interpreter Could Allow Code Execution" vulnerability in Windows 2000. Download now to eliminate a vulnerability of moderate severity in the Front Page 2000 Server Extensions for Microsoft Office.
 

18.09.02

Windows 2000 Security Patch: Flaw in Microsoft VM JDBC Classes Could Allow Code Execution Q329077 Download
  This update upgrades your Microsoft VM with the 5.00.3807 patch. This update is available only if you have an affected version of the Microsoft VM installed. All builds of the Microsoft VM up to and including build 5.00.3805 are affected. You can install this patch to the Microsoft VM on computers that are already running version 5.00.3805 of the Microsoft VM.
 

05.09.02

Windows 2000 Security Patch: Weak Encryption in RDP Protocol can Lead to Information Disclosure Q324380 Download
  This update resolves the "Cryptographic Flaw in RDP Protocol can Lead to Information Disclosure" security vulnerability in Windows 2000. Download now if you use Remote Desktop or Terminal Services, to prevent an attacker from potentially learning encrypted information that was sent during Remote Desktop or Terminal Services sessions.
 

04.09.02

Windows 2000 Security Patch: Certificate Validation Flaw Could Enable Identity Spoofing Q328145 Download
  This update resolves the "Certificate Validation Flaw Could Enable Identity Spoofing" vulnerability in Windows 2000. Download now to prevent an attacker from attempting identity spoofing using certificates.
 

28.08.02

Windows 2000 Security Patch: Ability to add root certs to send ActiveX controls on WinXP Q323172 Download
  This update resolves the "Flaw in Digital Certificate Enrollment Component Allows Certificate Deletion" security vulnerability in Windows 2000. Download now to stop a Web site or HTML e-mail from deleting digital certificates on your computer and preventing you from using the services they are associated with.
 

22.08.02

Windows 2000 Security Patch: DoS Vulnerability Report in SMB Implementation Q326830 Download
  This update resolves the "Unchecked Buffer in Network Share Provider can lead to Denial of Service" vulnerability in Windows 2000. Download now to prevent a malicious user from launching a denial of service (DoS) attack on your computer.
 

14.08.02

Windows 2000 Security Patch: Flaw in Network Connection Manager Can Cause Rights Elevation Q326886 Download
  The Network Connection Manager (NCM) provides a controlling mechanism for all network connections managed by a host system. A flaw could make it possible for an unprivileged user to cause the handler routine to run in the security context of LocalSystem. Please install this fix to correct problem.
 

26.07.02

Windows 2000 Patch: A Lock Occurs Between Two Threads of System GDI in Windows 2000 Q322842 Download
  This update resolves the "DeadLock Occurs Between Two Threads of System GDI in Windows 2000" issue in Windows 2000 and is discussed in Microsoft Knowledge Base (KB) Article Q322842. Download now to prevent your computer from not responding if you utilize user-defined fonts or characters.
 

22.05.02

Windows 2000 Security Patch: Local Privilege Elevation through Debugging Vulnerability Q320206 Download
  A privilege elevation vulnerability exists that can allow a malicious user to pose as any user on the computer, including any administrator or the operating system itself. Because this vulnerability requires the ability to log on interactively and to run a program, the computers that are most likely to be affected by this vulnerability are client computers and Terminal Services servers, which regularly permit users to interactively log on. Internet servers, file and print servers, and program servers such as SQL servers typically restrict the ability to log on interactively, and are less likely to be affected by this vulnerability.
 
 

Service Pack 3

 Datum       Name (Download deutsche Version) Beschreibung    US-Version  

31.07.02

Windows 2000 Service Pack 3 (deutsch) Readme Download
  Service Pack 3 ist das aktuelle Service Pack für Windows2000. 
Es enthält SP1, SP2 und alle Post-SP1 (=Pre-SP2) und Post-SP2 HotfFixes und das CRL-Update
 

Pre-SP3 Hotfixes

 Datum       Name (Download deutsche Version) Beschreibung    US-Version  
 

26.07.02

Windows 2000 Patch: A Lock Occurs Between Two Threads of System GDI in Windows 2000 Q322842 Download
  This update resolves the "DeadLock Occurs Between Two Threads of System GDI in Windows 2000" issue in Windows 2000 and is discussed in Microsoft Knowledge Base (KB) Article Q322842. Download now to prevent your computer from not responding if you utilize user-defined fonts or characters.
 

22.05.02

Windows 2000 Security Patch: Local Privilege Elevation through Debugging Vulnerability Q320206 Download
  A privilege elevation vulnerability exists that can allow a malicious user to pose as any user on the computer, including any administrator or the operating system itself. Because this vulnerability requires the ability to log on interactively and to run a program, the computers that are most likely to be affected by this vulnerability are client computers and Terminal Services servers, which regularly permit users to interactively log on. Internet servers, file and print servers, and program servers such as SQL servers typically restrict the ability to log on interactively, and are less likely to be affected by this vulnerability.
 

30.04.02

Windows 2000 Patch: High CPU Utilization When You Print to a Hewlett-Packard Multifunction Printer Q299956 Download
  When you are printing to a Hewlett-Packard (HP) multifunction printer (such as the HP OfficeJet series) that is attached to a parallel port, CPU utilization may rise to 50-100 percent and remain high. For computers with a single CPU, utilization may reach 100 percent
 

02.04.02

Windows 2000 Security Patch: Multiple UNC Provider Buffer Overflow Vulnerability Q311967 Download
  The vulnerability results because of a flaw in the Multiple UNC (uniform naming convention) Provider (MUP), which is a network file system resource locator that runs in kernel-mode memory in Windows. Due to an unchecked buffer (a temporary storage area of limited capacity), a malicious user can send a specially malformed request, and either cause the computer to restart or run programs as if he or she were the user.
 

25.03.02

Windows 2000 Patch: Encrypted Outlook Mail Certificate Update Q308707 Download
  This update resolves the "'Certificate Revocation List Is Not Available' Error Message Appears with Encrypted Outlook Mail" issue in Windows 2000 and is discussed in Microsoft Knowledge Base Article (KB) 308707. Download now to prevent an error message from appearing when you receive an encrypted e-mail message.
 

13.03.02

Windows 2000 Patch: Commerce Server-based programs Update Q316430 Download
  This update resolves the "Performance of Microsoft Commerce Server-based Programs May Degrade Over Time" issue in Windows 2000, and is discussed in Microsoft Knowledge Base (KB) Article Q316430. Download now to prevent performance degradations in Windows 2000 when you use programs that are base on Microsoft Commerce Server 2000.
 

12.03.02

Windows 2000 Patch: COM+ Rollup Package 18.1 Q313582 Download
  The COM+ Rollup Package 18.1 provides a cumulative rollup of updates that have been offered since the release of Windows 2000 SP2, and is discussed in Microsoft Knowledge Base (KB) article Q313582. Download now to update your COM+ services to the most stable, secure, and best performing COM+ runtime.
 

07.03.02

Windows 2000 Security Patch: Unchecked Buffer in Windows Shell Could Lead to Code Execution Q313829 Download
  The vulnerability results because of an unchecked buffer (a temporary storage area of limited capacity) in the Windows User Environment. An attacker could exploit this vulnerability, and run programs as if he or she were the user.
 

05.03.02

Windows 2000 Security Patch: Java Applet Can Redirect Browser Traffic Q300845 Download
  A session hijacking vulnerability exists in the Microsoft virtual machine (Microsoft VM) that could allow a maliciously crafted Java applet to silently reroute all browser traffic to the applet's host without the user's knowledge. After an attacker possesses the rerouted browser traffic, he or she could take any action or any combination of actions that he or she chooses
 

20.02.02

Windows 2000 Security Patch: SMTP Rollup Q313450 Download
  Microsoft has released a patch for Windows 2000 that will eliminate a vulnerability that exists because a malicious user could issue a specially formatted, non-RFC compliant SMTP command that will result in a Denial of Service attack. This would be carried out more typically through a custom application where the malformed data would cause the SMTP service to fail. Download now to prevent a possible Denial of Service Attack.
 

15.02.02

Windows 2000 Patch: Devices May Not Power Up Properly When Resuming from Standby Q311537 Download
  This problem occurs because the Pci.sys driver does not wait the required 10 milliseconds to access the device after the power is restored.
 

14.02.02

Windows 2000 Patch: PCMCIA device driver update Q265296 Download
  This update resolves the "Toshiba PC Card Controller May Power 3.3-Volt R2 PC Card at 5 Volts" issue in Windows 2000 and is discussed in Microsoft Knowledge Base (KB) Article Q265296. Download now to ensure that the bus voltage handles both 3.3-volt and 5-volt PC Cards appropriately.
 

13.02.02

Windows 2000 Security Patch: Memory Leak in SNMP Vulnerability Q314147 Download
  This update resolves the "Unchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Run" security vulnerability in Windows 2000, and is discussed in Microsoft Security Bulletin MS02-006. Download now to prevent a malicious user from running code of their choice or launching a Denial of Service (DoS) attack on your computer.
 

07.02.02

Windows 2000 Patch: Active Server Pages will respond slowly if cookies are requested Q291597 Download
  The IsDBCSLeadByteEx function may take a long time to complete if code page CP_UTF8 (65001) is passed in.
 

30.01.02

Windows 2000 Security Rollup Package 1 (SRP1), January 2002 Q311401 Download
  Windows 2000 Security Rollup Package 1 (SRP1) includes all of the security updates that have been released since the release of Windows 2000 Service Pack 2 (SP2) . This small, comprehensive rollup of updates is an easy mechanism for managing the rollout of security fixes. Applying SRP1 does not change the encryption level of your computer.

Full Install (17 MB): Download der vollständigen Datei.

 

30.01.02

Windows 2000 Security Rollup Package 1 (SRP1), January 2002 Q311401 Download
  Windows 2000 Security Rollup Package 1 (SRP1) includes all of the security updates that have been released since the release of Windows 2000 Service Pack 2 (SP2) . This small, comprehensive rollup of updates is an easy mechanism for managing the rollout of security fixes. Applying SRP1 does not change the encryption level of your computer.

Express Install (0.5 MB):  Download der Installationsdatei. Der aktuelle Installationsstand des PC´s wird überprüft und nur die benötigten Dateien aus dem Internet werden nachgeladen. Installation nur bei bestehendem Online-Zugang möglich (Beim Internet Explorer kann auch "Programm von diesem Ort ausführen" gewählt werden.).

 

20.11.01

Windows Security Patch: Media Player Fix WM308567 Download
  Windows Media Player .ASF Processor Contains Unchecked Buffer.

Dieses Update ist für alle Windows-Betriebssysteme mit Windows Media Player 7.1 / 7.0 / 6.4 bestimmt. Dieses Update ist auch für Windows 2000 / Me mit oder ohne Windows Media Player bestimmt.

 

16.08.01

Network DDE Agent Request Vulnerability Fix Q285851 Download
  The vulnerability could, under certain conditions, allow an attacker to gain complete control over an affected machine.

Update der Version vom 06.02.01

 

15.08.01 

DoS Attack Causes Memory Leak Fix Q299796 Download
  The vulnerability could allow a malicious user to temporarily prevent an affected machine from providing any NetMeeting services and possibly consume 100% CPU utilization during an attack.

Update der Version vom 20.06.01

 

15.10.01 

Windows 2000 Patch: 3.3-Volt PC Card May Not Work with Toshiba PC Card Controller After Resuming from Hibernation Q303392 Download

 

A supported fix is now available from Microsoft, but it is only intended to correct the problem described in this article and should be applied only to systems experiencing this specific problem. This fix may receive additional testing at a later time, to further ensure product quality. Therefore, if you are not severely affected by this problem, Microsoft recommends that you wait for the next Windows 2000 service pack that contains this fix.
 

13.09.01 

Windows 2000 Patch: RSVP Service Provider Causes some Winsock Applications to Stop Responding Q300980 Download

 

After you install Windows 2000 Service Pack 2 (SP2), a WinSock application may stop responding (hang) during startup. In a debugger, you may receive the following error message: Provider 'RSVP UDP Service Provider' returned bad proc table! R->WSPStartup() failed: 10091
 

23.08.01 

Windows 2000 Patch: Stop Error Message When Using CD-Rom Q302827 Download

 

Microsoft has released a patch that will resolve the "Stop 0x00000050" error message. This issue is caused by a problem in Udfs.sys that does not calculate a file name's length correctly. This problem may occur intermittently. Download now to prevent the "Stop Error" message from occuring.
 

15.08.01 

Windows 2000 does not support mapping virtual COM ports to IR ports Q252795 Download

 

For mobile, Infrared Data Association (IrDA)-enabled phones, obtain the update referenced below which adds IrCOMM modem support to Windows 2000. The IrCOMM modem driver recognizes and installs IrCOMM-enabled cell phones as modems. Furthermore, this implementation only supports computer initiated IrCOMM connections to a phone and not the reverse.
NOTE: This update still does not allow for mapping of infrared ports to a Virtual COM port. The added support is specifically for IrDA-enabled mobile phones. This update makes the IrCOMM support identical to Windows XP.
 

15.08.01 

Windows 2000 IIS5 Security Patch: SSI Privilege Elevation Vulnerability Q301625 Download

Code
Red!

Microsoft has released a cumulative patch for IIS 4.0 and 5.0. In addition to eliminating virtually all previously identified security vulnerabilities in IIS, it also eliminates several newly discovered ones. These include three denial of service vulnerabilities, one of which is exploited by the Code Red worm, and two vulnerabilities that could enable an attacker with the ability to load low-privilege code on the server to gain higher privileges.
 

15.08.01 

Code Read II Cleaner (CodeRedCleanup.exe) Info    

Code
Red!

Tool to Remove Obvious Effects of the Code Red II Worm
Achtung: Ersetzt nicht die Hotfixe zur Verhinderung neuer Infizierung!!
 

23.07.01 

Memory Leak in Telnet Server with Services for Unix (SFU) 2.0 Fix Q301514 Download
  Among the components provided by Services for Unix (SFU) 2.0 are services that implement the NFS (Network File System) and Telnet protocols. Both services contain memory leaks that could be triggered by a user request. Download now to prevent an attacker deliberately sending such requests in order to deplete kernel memory and prevent the server from performing useful service.
 

23.07.01 

Denial-of-Service Attack with Services for Unix (SFU) 2.0 Fix Q294380 Download
  Among the components provided by Services for Unix (SFU) 2.0 are services that implement the NFS (Network File System) and Telnet protocols. Both services contain memory leaks that could be triggered by a user request. Download now to prevent an attacker deliberately sending such requests in order to deplete kernel memory and prevent the server from performing useful service.
 

 23.07.01 

Attack EP Vulnerability Security Fix Q298012 Download
  A denial-of-service vulnerability exists in the Microsoft products that are listed at the beginning of this article. This vulnerability can disrupt a server's ability to service legitimate users' requests if a specially malformed request is received.
 
 20.07.01  Winbond Super I/O Update Q301077 Download
  This update addresses an issue in Windows 2000 running on Compaq computer systems that use the Winbond Super I/O disk controller to access the floppy disk drive, and is discussed in Microsoft Knowledge Base (KB) Article Q301077. Download now to prevent your computer from erroneously reporting that there is no floppy disk in the floppy disk drive.
 

 06.07.01 

Authentication Error in SMTP Service Could Allow Mail Relaying Fix Q302755 Download
  A vulnerability exists in the Windows 2000 SMTP service that could enable an unauthorized user to conduct mail relaying by using a Windows 2000 server. This could enable an attacker to disguise the origination point of an e-mail message, or co-opt a server's resources for mass mailings.
 
 19.06.01  New Cipher.exe Tool Q298009 Download
  Cipher.exe is a command-line tool (included with Windows 2000) that you can use to manage encrypted data by using the Encrypting File System (EFS).
 

 18.06.01 

"Unchecked Buffer in Index Server ISAPI Extension Could Enable Web Server Compromise" Fix Q300972 Download

Code
Red
Attack!

The Indexing Service ISAPI (Indexing Service Application Programming Interface) extension, idq.dll file, which installs as part of Indexing Service in Windows 2000 has an unchecked buffer (a temporary data storage area that has a limited capacity) in the code that handles incoming requests. A specifically malformed request from a malicious user can cause the buffer to overflow. Doing so grants the malicious user Local System privileges, allowing him or her to take complete control of the Web server.
 

 13.04.01 

OLE DB Provider for Internet Publishing Fix (RBUPDATE) Q296441 Download
  WebDAV Service Provider Can Allow Scripts to Levy Requests as User Security Vulnerability.
 

 25.05.01

HyperTerminal Security Fix (originally posted: 18.10.00) Q276471 Download
  "HyperTerminal Buffer Overflow" security vulnerability.
 
 22.01.01 DBCS Printing Issue With Pagemaker Q278438 Download
  DBCS characters may be incorrectly printed out Japanese PageMaker 6.53 with PostScript printer.
 

 26.02.01

Event Viewer Fix Q285156 Download
  Windows 2000 Event Viewer Contains an Unchecked Buffer.
 

 02.02.01

New Variant of File Fragment Reading via .HTR Vulnerability Fix Q285985 Download
  obsolet, in Q293826  enthalten! (ism.dll)
Microsoft has released a patch that eliminates a security vulnerability in Internet Information Server 
(IIS) 4.0 and Internet Information Services (IIS) 5.0. Under very unusual conditions, 
this vulnerability can allow an attacker to read fragments of files from a Web server.
 
 28.02.01 16Bit Program Fix Q288165 Download
  16-bit Programs that Call to GlobalAlloc for Large Memory Allocations Cause Programs to Hang.
 
 15.03.01 Lsass Fix Q291340 Download
  When you are using an active server page (ASP) that creates a remote component services component by using local user accounts with basic authentication, there may be a token handle leak in Lsass.exe.
 

 31.05.01

IIS 5.0 Security Update (originally posted: 14.05.01) Q293826 Download
  Sammlung bisheriger Hotfixe für IIS 5
Superfluous Decoding Operation Could Allow Command Execution via IIS,
Pattern-Matching Function Can Cause Access Violation on FTP Server
 
 31.05.01 SCSI Bus Reset Update Q297961 Download
  When you restart your computer after applying Windows 2000 Service Pack 2 (SP2) on a computer
that has an NCR Storage Cabinet (NSC) array attached, the restart process may take as long 
as one hour to finish.
 

 07.06.01

Telnet Access Security Fix Q299553 Download
  This update addresses the "Predicatable Name Pipes Could Enable Privilege Elevation via Telnet" security vulnerability in the Windows 2000 Telnet service that is discussed in Microsoft Security Bulletin MS01-031. Download now to prevent a malicious user from launching programs on your computer, gaining access to your network, or initiating a denial of service attack against your computer.
 

 23.02.01

Malformed URL can cause Service Failure security vulnerability Q286818 Download
  obsolet, in Q293826  enthalten! (httpext.dll)
This update resolves the "Malformed URL can cause Service Failure in IIS 5.0 and Exchange 2000" security vulnerability in Internet Information Server (IIS) 5.0 and Exchange 2000, and is discussed in Microsoft Security Bulletin MS01-014. Download now to prevent a malicious user from causing 
IIS 5.0 to fail.
 

 08.05.01

Malformed Domain Controller Service Request security vulnerability Q294391 Download
  This update resolves the "Malformed Domain Controller Service Request" security vulnerability in Windows 2000, and is discussed in Microsoft Security Bulletin MS01-024. Download now to prevent a malicious user from temporarily disrupting service on your domain controller.
 

 10.05.01

Malformed Hit-Highlighting security vulnerability Q296185 Download
  This update addresses the "Malformed Hit-Highlighting" security vulnerability in Windows 2000 computers running Indexing Service, and is discussed in Microsoft Security Bulletin MS01-025. Download now to prevent a malicious user from reading files on your Web server
 

 02.04.01

Erroneous VeriSign-Issued Digital Cert security vulnerability (CRLUPD) Q293818 Download
  Dieses Update ist in SP2 bereits enthalten!
This update resolves the "Erroneous VeriSign-Issued Digital Certificates Pose Spoofing Hazard" 
security vulnerability, and is discussed in Microsoft Security Bulletin MS01-017. Download now to 
prevent an unauthorized user from running code on your computer by digitally signing programs as "Microsoft Corporation."
 

 06.06.01

Terminal Services Licensing Enhancements Update Q287687 Download
  This update includes two "Terminal Services Licensing Enhancements" for Windows 2000, and is discussed in Microsoft Knowledge Base (KB) article Q287687. Download now to improve the way Windows 2000 handles Terminal Services (TS) Client Access License (CAL) tokens, thereby 
increasing logon security.
 

Service Pack 2

 Datum       Name (Download deutsche Version) Beschreibung    US-Version  

 16.05.01

Windows 2000 Service Pack 2 (deutsch) Readme Download
  Service Pack 2 ist das aktuelle Service Pack für Windows2000. 
Es enthält SP1 und alle Post-SP1 (=Pre-SP2) HotfFixes und das CRL-Update
 

Pre-SP2 Hotfixes

 Datum       Name (Download deutsche Version) Beschreibung    US-Version  
 27.06.00 Ultra-DMA 100 Fix  Q260233 Download
  Windows 2000 does not support ATA 100 (Mode 5) for IDE hard disks. All ATA 100 IDE hard disks that are used with Windows 2000 default to ATA 66 (Mode 4). 
 
13.10.00 3D-Grafik-Fix (VIA Mainboard-Chipsatz) Q261606 Download
  Video Hangs When Running 3D Graphics Programs. (Installation nur für VIA-Chipsatz erforderlich)
31.11.00 PC-Card Fix Q265296 Download
  Toshiba PC Card Controller May Power 3.3-Volt R2 PC Card at 5 Volts.

28.12.00

Security Fix Q266794 Download
  Windows 2000 SNMP Registry Entries Are Saved in Plain Text Format and Are Readable.
14.07.00 Telnet Server Fix Q267843 Download
  Windows 2000 Telnet Server Stops Responding After Binary Input.
30.11.00 Removable Media Fix Q269013 Download
  Non-Administrative User Cannot Access Removable Media After NTFS Format.

17.08.00

Search Path Fix Q269049 Download
  It may be possible for a malicious user to place a program named Explorer.exe in the C:\ folder (the root of drive C) so that it is run in place of the standard Windows shell program. By default, the share permissions on the C:\ folder are set to Everyone Full Access. Anyone who has access to this share, either locally or through a network connection, can place a program there that is run before the Explorer.exe shell.

29.09.00

"NetBIOS Name Server Protocel Spoofing" Fix Q269239 Download
  If a malicious user exploits this vulnerability, Windows 2000 and Windows NT® 4.0 computers cannot register a name on the network, or they can lose their current name registration, making the computers unavailable as network resources.

05.09.00

Service Control Manager Fix Q269523 Download
  Service Control Manager Named Pipe Impersonation Vulnerability.
06.10.00 "Simplified Chinese IME State Recognition" Security Fix Q270676 Download
   The Input Method Editor (IME) for Simplified Chinese inappropriately exposes functionality when it is used as part of a computer's logon screen.
06.10.00 Xenroll.dll File Signature Update Q272252  
  This update addresses the "Incorrect Signature for Xenroll.dll file" issue found in some international language versions of Windows 2000. The Xenroll.dll file is incorrectly signed in the Japanese, German, French, Italian, and Spanish versions of Windows 2000. Client browsers connecting to a Windows 2000 server for certificate enrollment will receive a message stating the file was modified after signing, or that the file is unsigned. Installing this update will provide the correctly signed Xenroll.dll file.

18.10.00

RPC Server Service Fix Q272303 Download
  This update resolves the "Malformed RPC Packet" security vulnerability in Windows 2000 and is discussed in Microsoft Security Bulletin MS00-066. Download now to prevent a malicious user from launching a Denial of Service attack via the Remote Procedure Call (RPC) client.

26.10.00

"Still Image Service Privilege Escalation" security vulnerability Fix Q272736 Download
  The Still Image Service is automatically installed when a still image device (such as a digital camera or scanner) is attached to the Windows 2000 host. There is an unchecked buffer in the Still Image Service that could allow a malicious program to obtain LocalSystem privileges.

16.09.00

"Telnet Client NTLM Authentication" Security Fix Q272743 Download
  A malicious user who operates a Telnet server could initiate a session with another computer and collect the computer's NTLM authentication credentials. These credentials could be subjected to an offline attack to discover the user’s clear-text password.
15.01.01 SCSIPort Driver Update Q276253 Download
  If the SCSIPort driver encounters multiple busy or queue full request completions, it attempts to requeue requests in the logical unit's Device queue. When this occurs, the SCSIPort driver expects to find the Device queue in a busy state. However, it is possible for the queue to be in a not-busy state if it was drained by delivering LuNextRequests to the miniport driver. When this error occurs, the SCSI bus resets.

10.01.01

"ActiveX Parameter Validation" Security Fix Q278511 Download
  This update resolves the "ActiveX Parameter Validation" security vulnerability in Windows 2000 and is discussed in Microsoft Security Bulletin MS00-085. Download now to prevent a malicious user from causing the ActiveX® buffer to overflow, thereby adding, creating, or deleting files or formatting your hard disk.
28.02.01 Unresponsive Socket Program Update Q278522 Download
  This issue exists because there is an error in the way requests are processed on computers that are running Windows 2000 SP1. When a program does not respond to a request for the creation of a socket, the socket is not created, and the program becomes unresponsive. This can result in 100 percent Central Processing Unit (CPU) usage.
19.02.01 GetEffectiveRightsFromAcl() Function Fix Q286360 Download
  Microsoft has released a Windows 2000 patch that prevents the The GetEffectiveRightsFromAcl function from returning the "1355 0x54b ERROR_NO_SUCH_DOMAIN" message when one of the access control entries (ACEs) in the Access Control List (ACL) parameter contains a domain global group security identifier (SID).
19.02.01 LSA Memory Loss Fix Q288861 Download
  When you use the System Monitor tool, you may notice memory leaks in the Local Security Authority (LSA) during a Kerberos change-password request or when LSA loads a security package. You may need to restart the computer to restore performance and to shrink Lsass.exe.

02.01.01

"Indexing Service File Enumeration" Security Fix Q280838 Download
  An ActiveX® control that is shipped with Indexing Service is incorrectly marked as "safe for scripting." The control makes it possible for Web applications and other programs to list the names of files and folders on a computer running Windows 2000. Because this control is marked "safe for scripting," a malicious Web site operator could use the control to gather the names and properties of files and folders on a visiting user's affected computer. Under very specific circumstances, if Indexing Service 3.0 is running on an affected computer, the malicious Web site operator might be able to search for files that contain specific words.

16.01.01

"Web Client NTLM Authentification" Fix Q282132 Download
  Under specific conditions, this vulnerability allows a malicious Web site operator to obtain the cryptographically protected logon credentials of a visiting user. This is because the security settings for WEC components are set to incorrect levels, which allows your computer to send information about your authentication credentials to remote Web applications.
23.01.01 "Memory Leak in Component Services Applicationomponent" Update Q282769 Download
  A memory leak can occur when you make calls between components that reside in different contexts in a Component Services application. The memory leak occurs only when the call is made through the IDispatch interface.

30.01.01

Virtual Machine Security Fix Q287030 Download
  This update upgrades your computer to build 3802 of the Microsoft virtual machine (VM), which includes the same vulnerability fixes as those contained in Microsoft VM build 3319. If you have already installed Microsoft VM build 3319, then your computer is not affected by the vulnerability.
07.03.01 WinSock Recvfrom() Fix Q263823 Download
  In Windows 2000, a User Datagram Protocol (UDP) program may not work and may generate a WSAECONNRESET response.
 

Service Pack 1

 Datum       Name (Download deutsche Version) Beschreibung    US-Version  

26.07.00

Windows 2000 Service Pack 1 (deutsch) Readme  
 
 

Internet Explorer 5.5 SP2 Hotfixe (auch für SP2 erforderlich!)

 Datum       Name (Download deutsche Version) Beschreibung    US-Version  

11.02.02

IE 5.5 SP2 Security Update: February 2002 (enthält alle vorherigen) Q316059 Download
  The "11 February 2002 Cumulative Patch for Internet Explorer" update eliminates all known security vulnerabilities affecting Internet Explorer 5.5SP2, as well as six new vulnerabilities, and is discussed in Microsoft Security Bulletin MS02-005. Download now to protect your computer from these vulnerabilities, the most serious of which could allow an attacker to run code on your computer.

13.12.01

IE 5.5 SP2 Security Update: December 2001  Q313675 Download
  This update eliminates all known security vulnerabilities affecting Internet Explorer 5.5 Service Pack 2 (SP2) and Internet Explorer 6, and addresses the "Incorrect Content-Disposition Handling Can Cause IE to Execute Code Automatically" security vulnerabilities in Internet Explorer 5.5 SP2 and 6, and is discussed in Microsoft Security Bulletin MS01-058. Download now to protect your computer from all previously discussed security vulnerabilities affecting Internet Explorer 5.5 SP2 and 6, as well as three newly discovered vulnerabilities: the File Execution vulnerability, a variant of the Frame Domain Verification vulnerability, and the File Name Spoofing vulnerabilty.

10.10.01

IE 5.5 SP2 Security Update: October 2001 Q306121 Download
  This update eliminates three security vulnerabilities affecting Internet Explorer, and is discussed in Microsoft Security Bulletin MS01-051. Download now to prevent a malicious user from taking advantage of the Zone Spoofing vulnerability, the HTTP Request Encoding vulnerability, or a new variant of the Telnet Invocation vulnerability in Internet Explorer.
 

Internet Explorer 5.5 SP1 Hotfixe (auch für SP2 erforderlich, wenn IE55SP2 nicht installiert ist!)

 Datum       Name (Download deutsche Version) Beschreibung    US-Version  

25.03.01

Patch  for "Browser Print Template" Vulnerability Q279328 Download
  Microsoft has released an update to Internet Explorer that addresses a potential security issue in 
which a Web-based program could invoke a custom print template without approval from the user.

22.02.01

Patch or Malformed vCard Vulnerability (Outlook Express) Q283908 Download
  A malicious user can use the vulnerability to create a virtual business card (vCard); if the vCard is opened, the malicious user can use the vCard to take any action on the recipient's computer.
 

24.5.01

IE 5.5SP1 Security Update Q299618 Download
  This update resolves several security vulnerabilities in Internet Explorer 5.5 Service Pack 1 (SP1) and is discussed in Microsoft Security Bulletins MS01-015 and MS01-027. It also includes a previously released update, which is discussed in Microsoft Security Bulletin MS01-020
 
 

Sonstige Updates und Tools

 Datum       Name (Download deutsche Version) Beschreibung    US-Version  
 

16.01.02

QFECHECK.EXE Q282784 Download
 

Microsoft has released a command-line tool that easily enumerates all of the installed fixes by Microsoft Knowledge Base article number. Customers can then confirm that they have installed the appropriate set of fixes before using a valuable support incident and potentially experiencing unplanned down time.

Dieses Tool ist momentan nur für die englische Version erhältlich.

13.12.99 128Bit-Verschlüsselung (in SP2 enthalten)   Download
  Wichtiger Hinweis: Die Verschlüselungsstärke (40/128bit) von Win2000 und IE5.x müssen übereinstimmen. IE 5.5(SP1) verwendet 128bit Verschlüselungsstärke.
 
29.08.01 Internet Explorer 6.0   Download
  Installation/Update von dieser Web-Site. Sie können die Installations-EXE-Datei direkt von hier ausführen. Auf diesem Server befindet sich eine  Kopie der Microsoft Download-Quellen.
Wird nach Ende der Installation kein Neustart durchgeführt, bitte Windows manuell neu starten!
 
08.09.01 Internet Explorer 5.5 SP2   Download
  Installation/Update von dieser Web-Site. Sie können die Installations-EXE-Datei direkt von hier ausführen. Auf diesem Server befindet sich eine  Kopie der Microsoft Download-Quellen.
Wird nach Ende der Installation kein Neustart durchgeführt, bitte Windows manuell neu starten!
 
16.03.01 QCHAIN.EXE (für silent Installation mehrerer Hotfixe) Q296861 Download 
  Use QChain.exe to Install Multiple Hotfixes with Only One Reboot. 
Qchain  stellt sicher, dass nur die jeweilis aktuellesten Dateien installiter werden.
25.06.02 DirectX 8.1b   Download
  aktuelles Direct-X-Update für Windows 2000
 
16.01.01 Novell NetWare Client 32 v 4.8SP1  für Win2000/NT (US-Version)   Download
  Die US-Version wird auch für deutsches Win2000 empfohlen!  EXE-File kann direkt ausgeführt werden (nur aus IE4/IE5 möglich). Neuinstallation oder Update, für Windows 2000 und Windows NT.
 

 
Hinweise zur Installation der Hotfixe (automatisierte Installation ohne Reboot)

  • Den aktuellen Hotfix-Stand können Sie mit dem Kommando HOTFIX /l erfagen. In Zweifelsfällen ist es darüber hinaus ratsam, die Versionsnummern der betroffenen Dateien zu überprüfen (alle Hotfix-Pakete lassen sich mit WinZip o.ä. einsehen/entpacken).
      

  • Die meisten Systeme-Hotfixe fordern normalerweise zu einem Reboot nach der Installation auf. Um einen oder mehrere Hotfixe nacheinander "silent" (unattended) ohne Reboot zu installieren, müssen Sie die jeweilige Hotfix-EXE-Datei mit den Parametern -m -z oder -q -z ausführen.
    Um Probleme durch Installation gleicher Dateien unterschiedlicher Version zu vermeiden (Reihenfolge der Hotfixe!), muss als letztes Kommando einer unattended (ohne Reboot) Hotfix-Serie der Befehl QCHAIN.EXE gegeben werden. Dieses stellt sicher, dass die jeweils aktuellste Datei installiert wird.
     

  • Zur automatisierten Installation der Internet-Explorer-Hotfixe ohne Reboot sind die Parameter /q:a /r:n erforderlich.
    Darüberhinaus gibt es Hotfixe, die spezielle Parameter für die automatisierte Installation ohne Reboot benötigen.


Wolfram Oestreicher, Florian Steinbauer - 04.07.2003