Changelog:
August 15-Added 950974, 951066, 952954, 953838, and 953839. Removed 941202, 950759, and 950760.
July 10-Added 951746 and 951748. Removed 941644 and 941672.
June 27-Added 953235, 951698, 950760, 950759, 950749, and 948745. Removed 948881, 947864, 946538, and 941568.
April 18-Added 941693, 945553, 947864, 948590, and 948881. Removed 938829 and 944533.
March 5-Added 942831, 944533, 946538, and 947890. Removed 921503, 926122, and 942615.
January 10-Added 941644 and 943485. Removed 917953. Fixed typos.
December 16-Added 937894, 941568, 941569, and 942615. Removed 904706, 923689, and 939653.
November 16-Added 941672. Removed 935966.
October 10-Added 923810, 933729, 939653, and 941202. Removed 917736, 923694, and 937143. Updated Roots Certificate Update.
September 16-Added 938827. Removed 932168
August 25-Fixed 937413 with correct 937143.
August 14-Added 921503, 936227, 936782, 937413, 938127, 938829, and Windows Script 5.7. Removed 917734, 924191, 929969, 933566, and Windows Script 5.6.
July 11-Added 926122. Updated Roots Certificate Update.
June 20-Added 933566, 935839, and 935840. Removed 917422 and 931768.
May 11-Added 931768 and 935966. Removed 928090.
April 14-Added 925902, 932168, 930178, and 931784. Removed 920958, 896424, and 912919.
February 17-Added 928843, 927779, 926436, 924667, 918118, and 928090. Removed 925454, 911562, and 922616.
January 10-Added 929969. Removed 925486.
December 19-Added 925454, 926247, 923694, 923689 and 925398. Removed 911567 and 922760.
November 17-Added 923980, 922760, 920213, and 924270. Removed 918899, 890046 and 921883.
October 10-Added 923191, 924191, and 923414. Removed 917159.
September 26-Added 925486. Updated 920958 to version 2. Noted that a new version of the Roots Certificate Update was released.
September 13-Added 920685 and 922582. Updated 918899 to version 3 (both versions of IE).
August 9-Added 917008, 917422, 918899, 920670, 920683, 920958, 921398, 921883, and 922616. Removed 916281 and 908523.

Legend:
Windows
Internet Explorer 5.01 SP4/FDV's Fileset
Internet Explorer 6.0 SP1
DirectX 7.0
DirectX 9.0c
Windows Media Player 9
*Server Only*
**New Update**

February 2005:
842773: An update package that includes BITS 2.0 and WinHTTP 5.1 is available for Windows Server 2003, for Windows XP, and for Windows 2000

May 2005:
893803: Windows Installer 3.1 (v2) is available

June 2005:
896358 - MS05-026: A vulnerability in HTML Help could allow remote code execution

July 2005:
901214 - MS05-036: Vulnerability in Microsoft Color Management Module could allow remote code execution

August 2005:
893756 - MS05-040: Vulnerability in Telephony service could allow remote code execution
*899591 - MS05-041: Vulnerability in Remote Desktop Protocol could allow denial of service*
899587 - MS05-042: Vulnerabilities in Kerberos could allow denial of service, information disclosure, and spoofing
896423 - MS05-043: Vulnerability in Print Spooler service could allow remote code execution
Then install: 908506: You may be unable to print to a network printer after you install security update 896423 on a computer that is running Windows 2000 with Service Pack 4

September 2005:
891861: Update Rollup 1 for Windows 2000 SP4 and known issues

October 2005:
905414 - MS05-045: Vulnerability in Network Connection Manager Could Allow Denial of Service
899589 - MS05-046: Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution
905749 - MS05-047: Vulnerability in Plug and Play could allow remote code execution and local elevation of privilege
901017/907245 - MS05-048: Vulnerability in the Microsoft Collaboration Data Objects could allow code execution (Windows)
900725 - MS05-049: Vulnerabilities in Windows Shell Could Allow Remote Code Execution

January 2006:
908519 - MS06-002: Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution

April 2006:
908531 - MS06-015: Vulnerability in Windows Explorer Could Allow Remote Code Execution

May 2006:
913580 - MS06-018: Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service

June 2006:
911280 - MS06-025: Vulnerability in Routing and Remote Access Could Allow Remote Code Execution
914389 - MS06-030: Vulnerability in Server Message Block Could Allow Elevation of Privilege

July 2006:
917537 - MS06-034: Vulnerability in Internet Information Services that use Active Server Pages could allow remote code execution
914388 - MS06-036: A vulnerability in the DHCP Client Service could allow remote code execution

August 2006:
920683 - MS06-041: Vulnerability in DNS resolution could allow remote code execution
917008 - MS06-044: Vulnerability in Microsoft Management Console could allow remote code execution
921398 - MS06-045: Vulnerability in Windows Explorer could allow remote code execution
920670 - MS06-050: Vulnerabilities in Microsoft Windows Hyperlink Object Library could allow remote code execution

September 2006:
920685 - MS06-053: Vulnerability in Indexing Service Could Allow Cross-Site Scripting
922582: Error message when you try to update a Microsoft Windows-based computer: "0x80070002" REQUIRES UPDATE ROLLUP 1 (891861)!

October 2006:
923191 - MS06-057: Vulnerability in Windows Explorer Could Allow Remote Execution
923414 - MS06-063: Vulnerability in Server Service Could Allow Denial of Service

November 2006:
923980 - MS06-066: Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution
920213 - MS06-068: Vulnerability in Microsoft Agent Could Allow Remote Code Execution
924270 - MS06-070: Vulnerability in Workstation Service Could Allow Remote Code Execution

December 2006:
926247 - MS06-074: Vulnerability in Simple Network Management Protocol (SNMP) could allow remote code execution
925398 - MS06-078: Vulnerability in Windows Media Player 6.4 could allow remote code execution

February 2007:
928843 - MS07-008: A vulnerability in the HTML Help ActiveX control could allow remote code execution
927779 - MS07-009: Vulnerability in Microsoft Data Access Components could allow remote code execution
926436 - MS07-011: Vulnerability in Microsoft OLE Dialog could allow remote code execution
924667 - MS07-012: Vulnerability in Microsoft Foundation Classes could allow for remote code execution
918118 - MS07-013: Vulnerability in Microsoft RichEdit could allow remote code execution

April 2007:
925902 - MS07-017: Vulnerabilities in GDI Could Allow Remote Code Execution
930178 - MS07-021: Vulnerabilities in CSRSS Could Allow Remote Code Execution
931784 - MS07-022: Vulnerability in Windows Kernel Could Allow Elevation of Privilege

June 2007:
935840 - MS07-030: Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution
935839 - MS07-035: Vulnerability in Win 32 API Could Allow Remote Code Execution

August 2007:
936227 - MS07-042: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

September 2007:
938827 - MS07-051: Vulnerability in Microsoft Agent Could Allow Remote Code Execution

October 2007:
923810 - MS07-055: Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution
933729 - MS07-058: Vulnerability in RPC Could Allow Denial of Service

December 2007:
937894 - MS07-065: Vulnerability in Message Queuing Service could allow remote code execution in Windows XP and in Windows 2000

January 2008:
943485 – Vulnerability in LSASS Could Allow Local Elevation of Privilege

February 2008:
942831 - MS08-005: Vulnerability in Internet Information Services could allow elevation of privileges
947890 - MS08-008: A vulnerability in OLE Automation could allow remote code execution

April 2008:
945553 - MS08-020: Vulnerability in DNS Client Could Allow Spoofing
948590 - MS08-021: Vulnerabilities in GDI Could Allow Remote Code Execution
941693 - MS08-025: Vulnerability in Windows Kernel Could Allow Elevation of Privilege

May 2008:
950749 - MS08-028: Vulnerability in the Microsoft Jet Database Engine could allow remote code execution

June 2008:
*948745 - MS08-034: Vulnerability in WINS Could Allow Elevation of Privilege*
*953235 - MS08-035: Vulnerability in Active Directory Could Allow Denial of Service*

July 2008:
*951746 - MS08-037: Description of the security update for DNS in Windows Server 2008, in Windows Server 2003, and in Windows 2000 Server (server-side): July 8, 2008*
951748 - MS08-037: Description of the security update for DNS in Windows Server 2003, in Windows XP, and in Windows 2000 Server (client side): July 8, 2008

August 2008:
**952954 - MS08-046: Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution**
**950974 - MS08-049: Vulnerabilities in Event System Could Allow Remote Code Execution**

Internet Explorer 5.01 SP4
918439 - MS06-022: Vulnerability in ART image rendering could allow remote code execution
This update requires the AOL Image Support Update installed first.
917344 - MS06-023: Vulnerability in Microsoft JScript Could Allow Remote Code Execution
938127 - MS07-050: Vulnerability in Vector Markup Language Could Allow Remote Code Execution
**953838 - MS08-045: Cumulative Security Update for Internet Explorer**
**951066 - MS08-048: Security Update for Outlook Express and Windows Mail**
This update replaces previous Cumulative security update for IE 950759
**953839: Cumulative Security Update for ActiveX**
Roots Update direct download link UPDATED September 25 2007!
Windows Script 5.7.0.16535 direct download link

IE with FDV's Fileset
**953838 - MS08-045: Cumulative Security Update for Internet Explorer**
This update replaces previous Cumulative security update for IE 950759
**953839: Cumulative Security Update for ActiveX**

Internet Explorer 6.0 SP1
905495 - MS05-044: Vulnerability in the Windows FTP client could allow file transfer location tampering
918439 - MS06-022: Vulnerability in ART image rendering could allow remote code execution
This update requires the AOL Image Support Update installed first.
938127 - MS07-050: Vulnerability in Vector Markup Language Could Allow Remote Code Execution
**953838 - MS08-045: Cumulative Security Update for Internet Explorer**
This update replaces previous Cumulative security update for IE 950759
**951066 - MS08-048: Security Update for Outlook Express and Windows Mail**
**953839: Cumulative Security Update for ActiveX**
Roots Update direct download link UPDATED September 25 2007!
Windows Script 5.7.0.16535 direct download link

DirectX 7.0
951698 - MS08-033: Vulnerabilities in DirectX Could Allow Remote Code Execution

DirectX 9.0c
951698 - MS08-033: Vulnerabilities in DirectX Could Allow Remote Code Execution

Windows Media Player 9
911564 - MS06-006: Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution
936782 - MS07-047: Vulnerability in Windows Media Player Could Allow Remote Code Execution
941569 - MS07-068: Vulnerability in Windows Media file format could allow remote code execution

-----------------------------------------------------------------------------------------------------------------------------

This checked as of August 15, 2008. Please tell me any inaccuracies with high priority updates ONLY.

the_guy

Hrm Suppose the date on the thread should update when it's been editted :/

It was edited only 3 days ago...



Edit: Look at the bottom of the post!!! And is still updating.

Good posting, the_guy

@FDV, think you're missing the following IE6 updates from your web page:

IE6.0sp1-KB887797-Windows-2000-XP-x86-ENU.exe
IE6.0sp1-KB905495-Windows2000-x86-ENU.exe

The links for those 2 are up above.

that's allright; i am aiming to completely phase out my lists in favor of the_guy's lists.

i have one modest request but i wonder what others think (maybe i am the only one who thinks this way)

i'd like to see the lists of fixes more friendly...

instead of this
October 2004:
840987 MS04-032: Security update for Microsoft Windows
http://support.microsoft.com/?id=840987

February 2005:
*885834 MS05-010: Vulnerability in the License Logging service could allow code execution
http://support.microsoft.com/kb/885834/*
842773 An update package that includes BITS 2.0 and WinHTTP 5.1 is available for Windows Server 2003, for Windows XP, and for Windows 2000
http://support.microsoft.com/?id=842773


you would have this:
840987 - MS04-032: Security update for Microsoft Windows Oct 2004
885834 - MS05-010: Vulnerability in the License Logging service could allow code execution Feb 2005
842773 - An update package that includes BITS 2.0 and WinHTTP 5.1 is available for Windows Server 2003, for Windows XP, and for Windows 2000 Feb 2005


maybe i am the only one who feels this way because that's how i used to do it? what do others think? i just want it to be friendly for new folks i guess.

Embedded links would look better, but I like the blue and black colour scheme

I think the compact view FDV suggested is more comfortable for using.

I second FDV's suggestion.

885834 MS05-010: Vulnerability in the License Logging service could allow code execution

823353 MS04-018: Cumulative security update for Outlook Express (Install this one first!!!!)

Well theres my recommendation Very few colours are readable, or even look half decent against this blasted blue heh.

Link Color: 3333FF
Windows2000 Color: 000099
IE6/OE etc, Color: CC0000

Perhaps we should link the SP4 download for completeness sake.

Just wondering. I haven't included KB887797 ("additional" cumulative update for OE) in the last couple of HFSLIPs and Windows Update never complained. Am I the only one who doesn't need it, or has something changed in the HFSLIP script?

The KB page doesn't contain a link to the download page. Here it is:
http://www.microsoft.com/downloads/details...56-a1a3da675baf


@fdv:
Something like this?

887797 is one of those oddities, it doesn't even showup in the download list (if using windows update) until you apply the other OE Cumulative update, if you read the article associated with it. Yet they are both called "cumulative update". It's not linked properly on MS site, so has likely slipped through the cracks.

It's a bit of a mess, yes. But MS do distinguish between both: one is a "cumulative update" (KB887797) while the other is a "cumulative security update" (KB823353).

On the download page for KB887797 they even say "This non-security update helps resolve..."

KB885834 (Vulnerability in the License Logging service) is supposed to be included in the Update Rollup:
http://support.microsoft.com/kb/891861/#XS...123120121120120 (13th from the bottom)

Would you consider KB894391 "critical"?
"Generic Host Process" error message (5/18/2005)
It's included in the list of hotfixes for Windows XP...

KB900725 / MS05-049 (Vulnerabilities in the Windows shell) replaces KB894320 / MS05-024 (Vulnerability in Web View).

Although there's no direct download link included in KB887797 article, you can still find OS specific files by searching up the article number http://www.microsoft.com/downloads/results...eeText=KB887797
Maybe you should provide a direct link to the pages so that localized versions can be easily downloaded as well.

Confusingly, there's a separate package for Windows XP, even though IE6 SP1 updates for both XP and 2000 always ship in one package. And the reason why didn't Microsoft include them in the article is beyond me... does it have to do with multiple registry hacks that's needed to enable the functionality provided by these updates?


The same goes for Windows Script 5.6 - you can search up the files http://www.microsoft.com/downloads/results...Text=script+5.6
There are several pages for various OS, each offering localized versions.


[Edit] Just noticed that TomCat76 has already posted the link to the download page for Windows2000/XP version of KB887797...

BTW, there are two new Security Bulletins
MS05-055 Vulnerability in Windows Kernel Could Allow Elevation of Privilege (908523) (Windows 2000)
MS05-054 Cumulative Security Update for Internet Explorer (905915)

Thanks, Dmitry.

As far as I can tell from reading the article, the problem only surfaces when you have file attachments with DBCS filenames. So I would say it's far from critical.

887797 is definitely very optional. If you read the KB article, all these updates are not even enabled, unless you make registry changes to enable them. I think they are low-priority updates which some customers wanted. I would NOT include it in any standard list of SP4 fixes for everyone.

Regarding Outlook Express 6 SP1 in general, there are three candidate hotfixes, of which I think only one really needs to be included in a clean-slate install CD.

823353 and 897715 are both OE cumulative security updates. If you read the bulletins, 897715 really has all the security fixes accumulated on OE6SP1. 823353 has one additional fix that fixes a problem introduced by an even older cumulative security fix, namely the creation of a copy of the windows address book with the name TILDE "~". The only reason to install 823353 is if you are updating an existing system that's already been patched.

And, as mentioned earlier, 887797 is just some low-need fixes that are enabled only by a registry change, even after you install it. Really not needed.

So, conclusion: all you really need is 897715.

What about 828026 for Media Player 9? It is listed as a critical fix by Windows Update. It does seem to have some security-related changes in it from reading the article, like not allowing a stream to take IE web pages to a lower security zone.

Shouldn't you have this on your hotfix list?

About Outlook Express, I don't know. I'll remove the 887797 as that didn't show up for me at all under a fresh install. 823353 does, so i'll leave that in.

1 thing, I don't know if HFSLIP integrates that. Personally, I would just integrate 832353 instead as it has newer binaries.

There is also an update to replace 885492. It is 892313. I don't know if HFSLIP does that 1 either.

the_guy

Just so you know, my objective is to come up with the "right" list and procedure for clean installs of Win2K, without using HFSLIP.

For Outlook Express, with Windows Update, if you install 823353, then run Windows Update again, it will then tell you you need 897715, and it will also offer 887797 as a recommended but not critical update.

823353 is Security Bulletin 04-018. It replaces the previous OE cumulative security update described in 04-013. It fixes a Malformed E-mail Header vulnerability, rolls up the previous cumulative security updates, and undoes a change that was made in 03-014 that annoyingly creates a copy of your Address Book under the filename of ~ in the root directory.

897715 is Security Bulletin 05-030. It fixes a Newsreader vulnerability. It also claims to roll up all previous security updates *except* for the undoing of the tilde file change. So that's why I thought it would be OK just to use 897715 for a clean install.

As far as binaries go, 897715 has newer versions of msoe.dll and inetcomm.dll than 823353 does. I don't know why you say 823353 has newer binaries.

I guess if you were being completely kosher you should FIRST install 823353, THEN 897715, to get a completely updated OE6SP1.




?what? I can't find that anywhere. Are you sure "892313" is the right number?

support.microsoft.com/?id=892313 works for me.

I will remove the MS04-018 update. If anyone wants these updates left on, please post and i'll put them back asap.

the_guy

Security Update for Windows 2000 (KB912919)

http://www.microsoft.com/downloads/details...&displaylang=en

Thank you x-pert. Will put into the post right away. Never thought this would happen early.

the_guy

Maybe a day late or a dollar short, but I believe the scripten.exe hotfix is needed only if you slipstream ie6. It's not needed when doing fdv's fileset. Can someone verify?

TommyP, the way I have my HFSLIP folder setup, I have HF with just Hotfixes (no IE specific stuff).

Then I copy hotfixes from IE5Hotfix folder if I'm doing a FDV HFSLIP, or I copy stuff from IE6Hotfix and IE6Cabs folder if doing an IE6 HFSLIP.

scripten.exe is in my IE6Hotfix folder so back when I was looking at this real carefully, my conclusion was that scripten.exe is only needed if doing an IE6 HFSLIP.

Post updated with new updates. The new IE update is NOT required for IE6. The new WMP update supersedes 885492 (911565). 911564 does not supersedew any updates. There is also an update for WMP 7.1 available in the article for 911565.

the_guy

Is it possible to create a standalone, cumulative/fully patched IE6 SP1? I’m interested in an up-to-date, slipstreamed IE6 – something like an unofficial SP2.

Tomcat76’s list is:

IE6.0sp1-KB823353-x86-ENU.exe
IE6.0sp1-KB833989-x86-ENU.exe
IE6.0sp1-KB887797-Windows-2000-XP-x86-ENU.exe
oe6.0sp1-KB897715-Windows-2000-XP-x86-ENU.exe
IE6.0sp1-KB905495-Windows2000-x86-ENU.exe
IE6.0sp1-KB905915-Windows-2000-XP-x86-ENU.exe (replaces KB896688)

KBs 823353 and 887797 are Outlook Express updates. If it’s possible to create a standalone updated IE6, I’m assuming the Outlook files could be slipped in?

If it’s possible, I would try to nLite it. Thanks

Outlook Express 6 is part of the IE6 package...

List updated to include the new hotfixes

the_guy

have not tried them yet in a virtual pc, and maybe i am wayyy off base here, but i wanted to draw people's attention to this post:
http://www.msfn.org/board/Windows-2000-Security-Upd-t72161.html
perhaps the IE update will cause users some serious problems?

IE Changes on The Way

That ought to pump up FireFox.

Or Linux.

so i hear the 908531 fix messes things up when COM-accessing proggies are run.
i am on a machine setting it up to update automatically (she's challenged) and need a way to prevent this kb from installing, so i wrote an inf to do that. here it is, for what it's worth, until M$ (which knows about it) can issue a fix.

List updated with August patches.

the_guy

List updated with September Patches.

the_guy

Hi. Sorry if this info is somewhere else and I missed it...
About IE package update ( IE6.0sp1-KB918899-Windows-2000-XP-v3-x86-ENU.exe ), should we rename it to IE6.0sp1-KB918899-Windows-2000-XP-x86-ENU.exe ( to get rid of "-v3-" ) or is it ok to let the filename have the "-v3-" ?
Thanks

Joao Clemente

It doesn't matter. HFSLIP doesn't filter on the version (yet)

Updated to include MS06-055. Removed MS04-028 for IE6SP1.

the_guy

Greetings from a newbie!

I have recently come across HFSLIP ( http://www.vorck.com/2ksp5.html#ie-6 ) and I am trying to follow the instructions there.

So far I managed to complete step 6 and most of step 7, but stumbled over the following comment:



Now, l looked up this Post SP4 Rollup and discovered that for some reason it is not included in your excellent list of post-sp4 hotfixes. So before proceeding to make a silly mistake, I was wondering whether I can understand why it is ommited? (I am sure it is intentional and for a good reason, I just would like to better understand what I am doing).

Also, I noticed that your post-sp4 hotfixes list starts from February 2005, while I think that I saw a post-sp4 hotfixes (or more) pre-dating this. For example, ENU_Q832483_MDAC_x86.EXE.

Am I correct in my observation or did I miss something? If I am correct, could explain why such post-sp4 hotfixes were ommitted?

To summarize, I basically have 2 questions:
1. What's special about the Post SP4 Rollup that makes it outside your regular list of hotfixes?
2. Why does your list start from Feburary 2005 and not earlier?

Thanks!
William

The post SP4 Rollup is listed, it's under September 2005. The reason that it startys in February 2005 is that all previous updates (and most from before April 30, 2005, with the exception of 842773) are replaced by the Rollup.

Also, 832483 was replaced by MS06-014 for 2000 and MDAC 2.5 SP3 (MDAC 2.8 SP1 includes the fix).

the_guy

You are right. I simply missed it (I wonder whether I missed other hotfixes this way. I guess I'll know when I first try using the resultant CD).

BTW, I found lots of references to FDV and especially to "FDV's fileset". Who/What is FDV and what is that fileset?

Thank you so much for the great work you are doing!

William

The fileset is used to remove IE and a lot of other stuff from a Windows 2000 install. www.vorck.com is his site.

the_guy

Updated list with October fixes.

the_guy

Attempting to slipstream/intergrate (using HFSLIP) (Thanks to the_guy for compiling the list 'o' updates.)

I pretty much have everything together but the following issues:

1) KB923191 keeps appearing on WU.

2) minor: one of the update packs (I think) for .Net 1.1 prompts to reboot.

I hope that this is the correct place for this topic.
(And I hope that it is not too long)

Any help/suggestions would be appreciated.
tech269

Here is my HFSLIP.LOG
================================================
HFSLIP Version - 60810
HFSLIP Path - E:\HFSLIP\
OS in SOURCESS - 2000 SP4 English
MSIE Version - 2KIE6
DirectX9c Slipstreamed
DRIVER.CAB Updated
CD Install Path - Default
================================================
Files in your FIX folder:

Files in your HF folder:
Windows2000-KB921883-x86-ENU.EXE
Windows2000-KB920683-x86-ENU.EXE
Windows2000-KB917008-x86-ENU.EXE
Windows2000-KB921398-x86-ENU.EXE
Windows2000-KB842773-x86-ENU.EXE
WindowsInstaller-KB893803-v2-x86.exe
Windows2000-KB896358-x86-ENU.EXE
Windows2000-KB890046-x86-ENU.EXE
Windows2000-KB901214-x86-ENU.EXE
Windows2000-KB893756-x86-ENU.EXE
Windows2000-KB899587-x86-ENU.EXE
Windows2000-KB896423-x86-ENU.EXE
Windows2000-KB908506-x86-ENU.EXE
Windows2000-KB891861-v2-x86-ENU.EXE
Windows2000-KB905414-x86-ENU.EXE
Windows2000-KB899589-x86-ENU.EXE
Windows2000-KB905749-x86-ENU.EXE
Windows2000-KB901017-x86-ENU.EXE
Windows2000-KB900725-x86-ENU.EXE
Windows2000-KB896424-x86-ENU.EXE
Windows2000-KB912919-x86-ENU.EXE
Windows2000-KB908519-x86-ENU.EXE
Windows2000-KB908531-v2-x86-ENU.EXE
Windows2000-KB913580-x86-ENU.EXE
Windows2000-KB911280-v2-x86-ENU.EXE
Windows2000-KB914389-x86-ENU.EXE
Windows2000-KB917736-x86-ENU.EXE
Windows2000-KB917953-x86-ENU.EXE
Windows2000-KB917537-x86-ENU.EXE
Windows2000-KB917159-x86-ENU.EXE
Windows2000-KB914388-x86-ENU.EXE
Windows2000-KB922616-x86-ENU.EXE
Windows2000-KB920958-v2-x86-ENU.EXE
Windows2000-KB920670-x86-ENU.EXE
Windows2000-KB917422-x86-ENU.EXE
Windows2000-KB920685-x86-ENU.EXE
Windows2000-KB922582-x86-ENU.EXE
Windows2000-KB904706-DX9-x86-ENU.exe
IE6.0sp1-KB918899-Windows-2000-XP-v3-x86-ENU.exe
WindowsMedia9-KB885492-x86-ENU.exe
rootsupd.exe
msxmlcab.exe
Windows2000-KB917344-56-x86.EXE
IE6.0sp1-KB925486-Windows2000-x86-ENU.exe
MDAC253-KB911562-x86-ENU.exe
OE6.0sp1-KB911567-Windows-2000-XP-x86-ENU.exe
IE6.0sp1-KB905495-Windows2000-x86-ENU.exe
1_Windows2000-KB923191-x86-ENU.EXE
Windows2000-KB923414-x86-ENU.EXE
Windows2000-KB924191-x86-ENU.EXE
Windows-KB890830-V1.21.exe
Windows-KB909520-v1.000-x86-ENU.exe
WindowsMedia9-KB917734-x86-ENU.exe
WindowsMedia-KB911564-x86-ENU.exe
ENU_Q832483_MDAC_x86.EXE

Files in your HFCABS folder:
MPLAY2U.CAB
CRLUPD.CAB
filelist.dat
ie6setup.exe
IEEXINST.CAB
iesetup.dir
iesetup.ini
IEW2K_1.CAB
IEW2K_2.CAB
IEW2K_3.CAB
IEW2K_4.CAB
MAILNEWS.CAB
BRANDING.CAB
OEEXCEP.CAB
README.CAB
SCRIPTEN.CAB
This folder is safe to delete.txt
WAB.CAB
Oct2005_xinput_x86.cab
Apr2005_d3dx9_25_x86.cab
Apr2006_d3dx9_30_x86.cab
Apr2006_MDX1_x86_Archive.cab
Apr2006_XACT_x86.cab
Apr2006_xinput_x86.cab
Aug2005_d3dx9_27_x86.cab
AUG2006_XACT_x86.cab
AUG2006_xinput_x86.cab
BDA.cab
BDANT.cab
BDAXP.cab
Dec2005_d3dx9_28_x86.cab
DirectX.cab
dsetup32.dll
DSETUP.dll
dxdllreg_x86.cab
dxnt.cab
dxupdate.cab
Feb2005_d3dx9_24_x86.cab
Feb2006_d3dx9_29_x86.cab
Feb2006_XACT_x86.cab
Jun2005_d3dx9_26_x86.cab
JUN2006_XACT_x86.cab
LegitCheckControl.cab

Files in your HFSVCPACK folder:
ZMPSetup.exe
dotnetfx.exe
dotntfx2.exe
NDP20-KB917283-X86.exe
NDP20-KB922770-X86.exe
NDP1.1sp1-KB867460-X86.exe
NDP1.1sp1-KB886903-X86.exe

Files in your HFSVCPACK_SW folder:

Files in your HFTOOLS folder:
bbie.lic
bbie.exe

================================================
HFSLIP run time: 32m46s

try removing the 1_ in the filename for 923191.

the_guy

Why is your hfslip log of the HF directory not in alphebetical order? Are you sure you didn't modify it before posting?

Thanks for the replies...

First attempt was without the "1_".
The "1_" was my second (or third) attempt (guess) at fixing the problem.

As to why the listing is not alphabetical, I do not know.
I copied the text directly from the log file to the post.

tech269

Sorry... I didn't see this earlier.

KB923191 for Win2K with IE6 is not supported by the current "final" version of HFSLIP. This is one of those special hotfixes which contain one or more separate files for Win2K with IE5 and Win2K with IE6; the files for Win2K with IE6 are in a subfolder called "xpsp2_binarydrop". The problem with this hotfix is that the file in xpsp2_binarydrop is about two hours older than the file for Win2K IE5. Version 60810 of HFSLIP only overwrites the files intended for IE5 if the IE6-versions are newer. That problem is corrected in the current test releases.