I am in the process of using HFSLIP to create a win2K cd-r.
In the list of hot fixes for 2000 there are quite a few ones that MS download pages say they
are for to XP SPs (e.g. 896358), and fewer for server2003 (e.g. 899591).
Should they be included and if so why?
Thanks.
FP
Full Version: 2000 vs. XP vs. server2003 hot fixes
Read the FAQ at HFSLIP.org or any of the stickies on this forum.
I read thru all the FAQs/guides/help I could locate and I did not see an answer to the specific question I asked, namely WHY hotfixes for XP and server 2000 should be slipstreamed into win2000 professional.
Also, should all generations of MSXML (1,2,4,6) be included?
Thanks.
FP
Also, should all generations of MSXML (1,2,4,6) be included?
Thanks.
FP
Hello, oao!The reason why you must use the XP version of some hotfixes when slipstreaming 2000 with HFSLIP is simple. The XP version is easier to handle and/or the 2000 version has a few problems in its construction.
Only MSXML 2, 4, and 6 are supported. However, only very specific versions of each are. Please read through one of the links at hfslip.org for more info.
I don't know where you got your info from but it's incorrect for the most part.
Windows2000-KB896358-x86-ENU.EXE:
"Supported Operating Systems: Windows 2000 Service Pack 3; Windows 2000 Service Pack 4"
Windows2000-KB899591-x86-ENU.EXE:
"Supported Operating Systems: Windows 2000 Service Pack 4"
KB899591 is superseded, btw.
There is one hotfix on my Win2K list that's intended for Server 2003, and that's the time zone update. Microsoft did not release a version for Windows 2000 but HFSLIP supports both the XP and the 2K3 version of KB931836 in any circumstance (any source) so that's why my 2K list shows the Server 2003 version. I originally linked to the XP version but Microsoft later decided to make it a WGA download so I switched to the 2K3 version.
Windows2000-KB896358-x86-ENU.EXE:
"Supported Operating Systems: Windows 2000 Service Pack 3; Windows 2000 Service Pack 4"
Windows2000-KB899591-x86-ENU.EXE:
"Supported Operating Systems: Windows 2000 Service Pack 4"
KB899591 is superseded, btw.
There is one hotfix on my Win2K list that's intended for Server 2003, and that's the time zone update. Microsoft did not release a version for Windows 2000 but HFSLIP supports both the XP and the 2K3 version of KB931836 in any circumstance (any source) so that's why my 2K list shows the Server 2003 version. I originally linked to the XP version but Microsoft later decided to make it a WGA download so I switched to the 2K3 version.
Thanks.
There seems to be some confusion between the KB's that I got from my Windows Update history and
the download pages of Windows updates: the former were applied to my system as 2K, but when I went to the later, they were shown as XP. Not clear why.
Anyway, I am now working with the list at http://users.telenet.be/tc76/winup/_win2k.html and will let you know if any confusion remains.
In a trial run of HFSLIP I noticed that one fix was not applied and a statement with /command? parameter was issued. If it reoccurs I will post here.
I may have a few other questions, but I will first search on the topics here.
There seems to be some confusion between the KB's that I got from my Windows Update history and
the download pages of Windows updates: the former were applied to my system as 2K, but when I went to the later, they were shown as XP. Not clear why.
Anyway, I am now working with the list at http://users.telenet.be/tc76/winup/_win2k.html and will let you know if any confusion remains.
In a trial run of HFSLIP I noticed that one fix was not applied and a statement with /command? parameter was issued. If it reoccurs I will post here.
I may have a few other questions, but I will first search on the topics here.
After som thorough work with the hot fixes and review of the docs here I cane up with the following questions:
1. General question: for security fixes that pertain to components not being used, are the vulnerabilities in the files per-se, or do they occur only if the components are used?
E.g. KB923694 cumulative security update for MSOE: I don't use MSOE, even though it is installed with Windows 2000.
Incidentally: can it be removed from the installtion CD?
2. The following two fixes
msxml2.msi
msxml6_x86.msi
should be placed in HF, or together with UPHClean-Setup.msi in HFGUIRUNONCE?
3.Based on the removed fixes list at http://www.msfn.org/board/index.php?showtopic=58360
February 17-Removed 925454, 911562, and 922616.
January 10-Removed 925486.
December 19-Removed 911567 and 922760.
November 17-Removed 918899, 890046 and 921883.
October 10-Removed 917159.
August 9-Removed 916281 and 908523.
The following fixes are neither shown as removed, nor in the currently valid fix list at
http://users.telenet.be/tc76/winup/_win2k.html
Are they valid, or should they be disregarded?
Security Update for Windows 2000 (KB896422)
Windows2000-KB896422-x86-ENU.EXE
http://www.microsoft.com/downloads/details...;displaylang=en
Update for Windows 2000 (KB904368)
Windows2000-KB904368-v3-x86-ENU.EXE
http://www.microsoft.com/downloads/details...46-910be4ddcbbc
Cumulative Update for Internet Explorer 6 SP1 (KB912812)
IE6.0sp1-KB912812-Windows-2000-XP-x86-ENU.exe
http://www.microsoft.com/downloads/details...;displaylang=en
MS05-037: Vulnerability in JView Profiler could allow remote code execution
IE-KB903235-x86-ENU.exe
http://support.microsoft.com/kb/903235#appliesto
Microsoft Data Access Components - Disable ADODB.Stream object from Internet Explorer (KB870669)
Windows-KB870669-x86-ENU.exe
http://www.microsoft.com/downloads/details...;displaylang=en
Critical Update for Windows Media Player (All Versions) for Windows 2000, Windows XP, and Windows Server 2003 (KB828026)
WindowsMedia-Q828026-x86-ENU.exe
http://www.microsoft.com/downloads/details...;displaylang=en
Security Update for Windows Media Player 9 Series (KB885492)
WindowsMedia9-KB885492-x86-ENU.exe
http://www.microsoft.com/downloads/details...;displaylang=en
Security Update for Windows Media Player 9 (KB911565)
WindowsMedia9-KB911565-x86-ENU.exe
http://www.microsoft.com/downloads/details...;displaylang=en
Windows Media Player Plug-in for Netscape Navigator
wmpplugin.exe
http://www.microsoft.com/downloads/details...;displaylang=en
Security Update for Windows Media Player Plug-in (KB911564)
WindowsMedia-KB911564-x86-ENU.exe
http://www.microsoft.com/downloads/details...;displaylang=en
QuoVadis Root Certificate
rootsupd.exe
http://download.windowsupdate.com/msdownlo...en/rootsupd.exe
Thanks.
FP
1. General question: for security fixes that pertain to components not being used, are the vulnerabilities in the files per-se, or do they occur only if the components are used?
E.g. KB923694 cumulative security update for MSOE: I don't use MSOE, even though it is installed with Windows 2000.
Incidentally: can it be removed from the installtion CD?
2. The following two fixes
msxml2.msi
msxml6_x86.msi
should be placed in HF, or together with UPHClean-Setup.msi in HFGUIRUNONCE?
3.Based on the removed fixes list at http://www.msfn.org/board/index.php?showtopic=58360
February 17-Removed 925454, 911562, and 922616.
January 10-Removed 925486.
December 19-Removed 911567 and 922760.
November 17-Removed 918899, 890046 and 921883.
October 10-Removed 917159.
August 9-Removed 916281 and 908523.
The following fixes are neither shown as removed, nor in the currently valid fix list at
http://users.telenet.be/tc76/winup/_win2k.html
Are they valid, or should they be disregarded?
Security Update for Windows 2000 (KB896422)
Windows2000-KB896422-x86-ENU.EXE
http://www.microsoft.com/downloads/details...;displaylang=en
Update for Windows 2000 (KB904368)
Windows2000-KB904368-v3-x86-ENU.EXE
http://www.microsoft.com/downloads/details...46-910be4ddcbbc
Cumulative Update for Internet Explorer 6 SP1 (KB912812)
IE6.0sp1-KB912812-Windows-2000-XP-x86-ENU.exe
http://www.microsoft.com/downloads/details...;displaylang=en
MS05-037: Vulnerability in JView Profiler could allow remote code execution
IE-KB903235-x86-ENU.exe
http://support.microsoft.com/kb/903235#appliesto
Microsoft Data Access Components - Disable ADODB.Stream object from Internet Explorer (KB870669)
Windows-KB870669-x86-ENU.exe
http://www.microsoft.com/downloads/details...;displaylang=en
Critical Update for Windows Media Player (All Versions) for Windows 2000, Windows XP, and Windows Server 2003 (KB828026)
WindowsMedia-Q828026-x86-ENU.exe
http://www.microsoft.com/downloads/details...;displaylang=en
Security Update for Windows Media Player 9 Series (KB885492)
WindowsMedia9-KB885492-x86-ENU.exe
http://www.microsoft.com/downloads/details...;displaylang=en
Security Update for Windows Media Player 9 (KB911565)
WindowsMedia9-KB911565-x86-ENU.exe
http://www.microsoft.com/downloads/details...;displaylang=en
Windows Media Player Plug-in for Netscape Navigator
wmpplugin.exe
http://www.microsoft.com/downloads/details...;displaylang=en
Security Update for Windows Media Player Plug-in (KB911564)
WindowsMedia-KB911564-x86-ENU.exe
http://www.microsoft.com/downloads/details...;displaylang=en
QuoVadis Root Certificate
rootsupd.exe
http://download.windowsupdate.com/msdownlo...en/rootsupd.exe
Thanks.
FP
I am removing the following fix from the above list, as it is valid:
Security Update for Windows Media Player Plug-in (KB911564)
WindowsMedia-KB911564-x86-ENU.exe
http://www.microsoft.com/downloads/details...;displaylang=en
Security Update for Windows Media Player Plug-in (KB911564)
WindowsMedia-KB911564-x86-ENU.exe
http://www.microsoft.com/downloads/details...;displaylang=en
I am adding the following two XML fixes which Windows Update applied to my computer, but
which are not in your valid list:
Vulnerabilities in Microsoft XML Core Services 4.0 SP2 Could Allow Remote Code Execution (925672)
msxml4-KB925672-enu.exe
http://www.microsoft.com/downloads/details...;displaylang=en
Vulnerabilities in Microsoft XML Core Services 4.0 Could Allow Remote Code Execution (927978)
msxml4-KB927978-enu.exe
http://www.microsoft.com/downloads/details...;displaylang=en
which are not in your valid list:
Vulnerabilities in Microsoft XML Core Services 4.0 SP2 Could Allow Remote Code Execution (925672)
msxml4-KB925672-enu.exe
http://www.microsoft.com/downloads/details...;displaylang=en
Vulnerabilities in Microsoft XML Core Services 4.0 Could Allow Remote Code Execution (927978)
msxml4-KB927978-enu.exe
http://www.microsoft.com/downloads/details...;displaylang=en
From the above list, the following were applied to my computer by Windows update:
925672 xml4 sp2
927978 xml4 sp2
828026 wmp
896422
925902
926436
I have removed them and Windows Update notifies me that the last 4 should be applied. So it looks they are valid, why are they not in your list? And what about the 2 XML fixes?
Regards,
FP
925672 xml4 sp2
927978 xml4 sp2
828026 wmp
896422
925902
926436
I have removed them and Windows Update notifies me that the last 4 should be applied. So it looks they are valid, why are they not in your list? And what about the 2 XML fixes?
Regards,
FP
KB925672 is superseded by KB927978.
KB927978 is on my list so I conclude that you didn't go through the "Update your Windows 2000 configuration" part, where you'll find a checkbox to include MSXML4 among many other upgrade possibilities.
KB927978 is on my list so I conclude that you didn't go through the "Update your Windows 2000 configuration" part, where you'll find a checkbox to include MSXML4 among many other upgrade possibilities.
>KB925672 is superseded by KB927978.
Well, when 927978 installs it does not remove 925672, so it's hard to tell.
>KB927978 is on my list so I conclude that you didn't go through the "Update your Windows 2000 configuration" part, where you'll find a checkbox to include MSXML4 among many other upgrade possibilities.
I've been working from several lists, the main one being
http://users.telenet.be/tc76/winup/_win2k.html and it does not have it.
I will go over yours more carefully and check out any differences.
What about the other 4?
Well, when 927978 installs it does not remove 925672, so it's hard to tell.
>KB927978 is on my list so I conclude that you didn't go through the "Update your Windows 2000 configuration" part, where you'll find a checkbox to include MSXML4 among many other upgrade possibilities.
I've been working from several lists, the main one being
http://users.telenet.be/tc76/winup/_win2k.html and it does not have it.
I will go over yours more carefully and check out any differences.
What about the other 4?
The list is missing 1 update for Windows 2000 which Microsoft released a few days ago. It's KB925902, and it replaces KB912919 and KB896424.
I can't say anything about the WMP updates if I don't know whether you're slipstreaming WMP9 or not.
However, please go through the "Update your Windows 2000 configuration" section because checking/unchecking boxes dynamically updates the hotfix list at the bottom.
I can't say anything about the WMP updates if I don't know whether you're slipstreaming WMP9 or not.
However, please go through the "Update your Windows 2000 configuration" section because checking/unchecking boxes dynamically updates the hotfix list at the bottom.
Hi,
Yes, I slipstream WMP9 and IE6.
I focused on just two Win2K lists, the configuration one you refer to and The Guy's, and I hope that this is the latest iteration of the discrepancies I found. This is based on checking everything in your configuration list:
1. Neither list has the following:
* KB896422 Security Update for Windows 2000
* KB828026 Critical Update for Windows Media Player (All Versions) for Windows 2000, Windows XP, and Windows Server 2003
* KB870669 Microsoft Data Access Components - Disable ADODB.Stream object from Internet Explorer
* KB885492 Security Update for Windows Media Player 9 Series
* KB904368 Update for Windows 2000
* KB903235 Security Update for JView Profiler
* KB911565 Security Update for Windows Media Player 9
* KB912812 Cumulative Update for Internet Explorer 6 SP1
* KB891122 Update for DRM-enabled Media Players
* KB911564 Security Update for Windows Media Player Plug-in
Windows Update insists that the first two, KB828026 and KB896422, be applied even after removing them.
3. Your configuration list includes MSXML2.MSI which the MS download page says it applies to SQL Server, not Windows 2000.
4. Any ideas why The Guy's list does not have the following ones that you have in your configuration list? ( I emailed him this question too).
* Microsoft Data Access Components (MDAC) 2.8 SP1
* KB887606 FIX: The Microsoft XML Parser (MSXML) uses cached credentials incorrectly
* KB927978 MS06-071: Security update for Microsoft XML Core Services 4.0
* Microsoft Core XML Services (MSXML) 6.0 Service Pack 1
* Roots certificate update
* KB908506 Update for Windows 2000
* KB926121 Security Update for Windows 2000
* KB926247 MS06-074: Vulnerability in Simple Network Management Protocol (SNMP) could allow remote code execution
* KB909520 Microsoft Base Smart Card Cryptographic Service Provider Package: x86
* KB917275 Microsoft Windows Rights Management Services Client with Service Pack 2 - x86
* WindowsUpdateAgent20-x86.exe
Please advise.
Thanks.
FP
Yes, I slipstream WMP9 and IE6.
I focused on just two Win2K lists, the configuration one you refer to and The Guy's, and I hope that this is the latest iteration of the discrepancies I found. This is based on checking everything in your configuration list:
1. Neither list has the following:
* KB896422 Security Update for Windows 2000
* KB828026 Critical Update for Windows Media Player (All Versions) for Windows 2000, Windows XP, and Windows Server 2003
* KB870669 Microsoft Data Access Components - Disable ADODB.Stream object from Internet Explorer
* KB885492 Security Update for Windows Media Player 9 Series
* KB904368 Update for Windows 2000
* KB903235 Security Update for JView Profiler
* KB911565 Security Update for Windows Media Player 9
* KB912812 Cumulative Update for Internet Explorer 6 SP1
* KB891122 Update for DRM-enabled Media Players
* KB911564 Security Update for Windows Media Player Plug-in
Windows Update insists that the first two, KB828026 and KB896422, be applied even after removing them.
3. Your configuration list includes MSXML2.MSI which the MS download page says it applies to SQL Server, not Windows 2000.
4. Any ideas why The Guy's list does not have the following ones that you have in your configuration list? ( I emailed him this question too).
* Microsoft Data Access Components (MDAC) 2.8 SP1
* KB887606 FIX: The Microsoft XML Parser (MSXML) uses cached credentials incorrectly
* KB927978 MS06-071: Security update for Microsoft XML Core Services 4.0
* Microsoft Core XML Services (MSXML) 6.0 Service Pack 1
* Roots certificate update
* KB908506 Update for Windows 2000
* KB926121 Security Update for Windows 2000
* KB926247 MS06-074: Vulnerability in Simple Network Management Protocol (SNMP) could allow remote code execution
* KB909520 Microsoft Base Smart Card Cryptographic Service Provider Package: x86
* KB917275 Microsoft Windows Rights Management Services Client with Service Pack 2 - x86
* WindowsUpdateAgent20-x86.exe
Please advise.
Thanks.
FP
How are you checking for these discrepancies? Are you using an old outdated mssecure.xml file? Are you googling old windows updates on the web? The MSBLA will guide you the right direction for applying the latest and greatest updates.
As far as some hotfixes you list..... Here is an interesting finding while searching the boards for hotfix 896422 - link. For KB912812, an cumulative update to IE6 released April 2006. Each month last year, IE6 had a cumulative rollup. 912812 is 12 updates behind at this point and it would be unwise to slipstream it.
I can probably answer for the_guy with his hotfix lists. He concentrates on critical updates and not recommended updates. Tomcat76 includes some recommended ones and some fixes that are nice to have, xml stuff falls into this category.
As far as some hotfixes you list..... Here is an interesting finding while searching the boards for hotfix 896422 - link. For KB912812, an cumulative update to IE6 released April 2006. Each month last year, IE6 had a cumulative rollup. 912812 is 12 updates behind at this point and it would be unwise to slipstream it.
I can probably answer for the_guy with his hotfix lists. He concentrates on critical updates and not recommended updates. Tomcat76 includes some recommended ones and some fixes that are nice to have, xml stuff falls into this category.
[1]
KB896422 is partially replaced by Update Rollup 1 v2 and partially by KB923414.
KB828026 is partially replaced by Update Rollup 1 v2 and partially by KB917734 for WMP9.
KB870669 is replaced by the subsequent Cumulative IE updates.
KB885492 is replaced by KB917734 for WMP9.
KB904368 is replaced by Update Rollup 1 v2.
KB903235 is replaced by the subsequent Cumulative IE updates.
KB911565 is replaced by KB917734 for WMP9.
KB912812 is replaced by KB928090 (current Cumulative IE update).
KB891122 - HFSLIP sort of supports this WMP9 codec update. You need to extract wmfdist.exe into the HF folder (that's the only file of importance). The "Windows Media 9/10 codecs" checkbox in the "Update your Windows 2000 configuration" section links to this update. Also, as explained in the Notes section at the top of my dynamic 2K list: "You will need a decompression program (such as 7-zip or WinRAR) to extract the necessary files out of some of the downloaded installers. From the updates listed below, this applies to DirectX9, the new DirectX9 gaming binaries and the Windows Media 9/10 codecs."
KB911564 - "WindowsMedia-KB911564-x86-ENU.exe" is in my list.
[2]
If Windows Update insists you need KB828026 and KB896422, you have probably slipstreamed version 1 of Update Rollup 1. Please include HFSLIP.LOG next time.
[3]
MSXML2 is MSXML2. The download page I'm linking to contains the most recent public version.
[4]
TommyP answered this.
KB896422 is partially replaced by Update Rollup 1 v2 and partially by KB923414.
KB828026 is partially replaced by Update Rollup 1 v2 and partially by KB917734 for WMP9.
KB870669 is replaced by the subsequent Cumulative IE updates.
KB885492 is replaced by KB917734 for WMP9.
KB904368 is replaced by Update Rollup 1 v2.
KB903235 is replaced by the subsequent Cumulative IE updates.
KB911565 is replaced by KB917734 for WMP9.
KB912812 is replaced by KB928090 (current Cumulative IE update).
KB891122 - HFSLIP sort of supports this WMP9 codec update. You need to extract wmfdist.exe into the HF folder (that's the only file of importance). The "Windows Media 9/10 codecs" checkbox in the "Update your Windows 2000 configuration" section links to this update. Also, as explained in the Notes section at the top of my dynamic 2K list: "You will need a decompression program (such as 7-zip or WinRAR) to extract the necessary files out of some of the downloaded installers. From the updates listed below, this applies to DirectX9, the new DirectX9 gaming binaries and the Windows Media 9/10 codecs."
KB911564 - "WindowsMedia-KB911564-x86-ENU.exe" is in my list.
[2]
If Windows Update insists you need KB828026 and KB896422, you have probably slipstreamed version 1 of Update Rollup 1. Please include HFSLIP.LOG next time.
[3]
MSXML2 is MSXML2. The download page I'm linking to contains the most recent public version.
[4]
TommyP answered this.
>How are you checking for these discrepancies? Are you using an old outdated mssecure.xml file? Are you googling old windows updates on the web? The MSBLA will guide you the right direction for applying the latest and greatest updates.
I have already described my procedure: I checked everything on your configuration file and then compared the generated list to The Guy's latest list. I also considered the updates that Windows Update has applied to my system. When I found missing items in either or both lists I checked the MS download pages.
What is MSBLA?
>As far as some hotfixes you list..... Here is an interesting finding while searching the boards for hotfix 896422 - link. For KB912812, an cumulative update to IE6 released April 2006. Each month last year, IE6 had a cumulative rollup. 912812 is 12 updates behind at this point and it would be unwise to slipstream it.
The problem is that Windows Update does not always delete fixes that are superseded by new ones; nor do the MS download pages document very clearly what is being superseded.
>I can probably answer for the_guy with his hotfix lists. He concentrates on critical updates and not recommended updates. Tomcat76 includes some recommended ones and some fixes that are nice to have, xml stuff falls into this category.
OK, that's what I needed to know. Regarding vulnerabilities: are they a problem due to the existence of non-updated files per se, or do those files need to be actually used to cause vulnerability? E.g. Windows installs OE, but I don't use it. Should I then bother to apply OE security fixes?
And is it possible to remove OE and other components during slipstreaming?
Thanks.
FP
I have already described my procedure: I checked everything on your configuration file and then compared the generated list to The Guy's latest list. I also considered the updates that Windows Update has applied to my system. When I found missing items in either or both lists I checked the MS download pages.
What is MSBLA?
>As far as some hotfixes you list..... Here is an interesting finding while searching the boards for hotfix 896422 - link. For KB912812, an cumulative update to IE6 released April 2006. Each month last year, IE6 had a cumulative rollup. 912812 is 12 updates behind at this point and it would be unwise to slipstream it.
The problem is that Windows Update does not always delete fixes that are superseded by new ones; nor do the MS download pages document very clearly what is being superseded.
>I can probably answer for the_guy with his hotfix lists. He concentrates on critical updates and not recommended updates. Tomcat76 includes some recommended ones and some fixes that are nice to have, xml stuff falls into this category.
OK, that's what I needed to know. Regarding vulnerabilities: are they a problem due to the existence of non-updated files per se, or do those files need to be actually used to cause vulnerability? E.g. Windows installs OE, but I don't use it. Should I then bother to apply OE security fixes?
And is it possible to remove OE and other components during slipstreaming?
Thanks.
FP
>KB891122 - HFSLIP sort of supports this WMP9 codec update. You need to extract wmfdist.exe into the HF folder (that's the only file of importance). The "Windows Media 9/10 codecs" checkbox in the "Update your Windows 2000 configuration" section links to this update. Also, as explained in the Notes section at the top of my dynamic 2K list: "You will need a decompression program (such as 7-zip or WinRAR) to extract the necessary files out of some of the downloaded installers. From the updates listed below, this applies to DirectX9, the new DirectX9 gaming binaries and the Windows Media 9/10 codecs."
I had actually done all this as per the instructions, I just did not connect it to KB891122.
>If Windows Update insists you need KB828026 and KB896422, you have probably slipstreamed version 1 of Update Rollup 1. Please include HFSLIP.LOG next time.
Actually, the rollup 2 and 923414 WERE installed, but WU would still push 896422. I reinstalled the rollup and 923414 and it now looks as WU is happy.
As per my initial message, I am now only PREPARING for slipstream in case I will need to reinstall the system. My comment referred to the already installed system, which was not slipstreamed. I just want to make sure that no update/fix will be missing, or unnecessary for the slipstream CD I am preparing.
Thanks for all your help.
Regards,
FP
I had actually done all this as per the instructions, I just did not connect it to KB891122.
>If Windows Update insists you need KB828026 and KB896422, you have probably slipstreamed version 1 of Update Rollup 1. Please include HFSLIP.LOG next time.
Actually, the rollup 2 and 923414 WERE installed, but WU would still push 896422. I reinstalled the rollup and 923414 and it now looks as WU is happy.
As per my initial message, I am now only PREPARING for slipstream in case I will need to reinstall the system. My comment referred to the already installed system, which was not slipstreamed. I just want to make sure that no update/fix will be missing, or unnecessary for the slipstream CD I am preparing.
Thanks for all your help.
Regards,
FP
For any Win2K SP4 update/fix that does not appear in your configuration list, if it is added to the HF folder, will it be slipstreamed, or will HFSLIP slipstream only those in your list?
Regards,
FP
Regards,
FP
>The list is missing 1 update for Windows 2000 which Microsoft released a few days ago. It's KB925902, and it replaces KB912919 and KB896424.
As far as I can tell KB925902 is for Vista, not 2000:
http://www.microsoft.com/downloads/details...;displaylang=en
As far as I can tell KB925902 is for Vista, not 2000:
http://www.microsoft.com/downloads/details...;displaylang=en
QUOTE (oao @ Apr 8 2007, 06:08 PM) 
What is MSBLA?
He meant MBSA.QUOTE (oao @ Apr 8 2007, 06:08 PM)
The problem is that Windows Update does not always delete fixes that are superseded by new ones;
Windows Update is not really that smart. If a file was updated twice since you last ran Windows Update, it will show you both updates even though you only need the latest (installing both, the newest will overwrite the older).QUOTE (oao @ Apr 8 2007, 06:08 PM)
nor do the MS download pages document very clearly what is being superseded.
This is true, but we unpack the hotfix executables to see which files are inside of them. It's much more reliable than the tables MS provide. Also, sometimes a hotfix is replaced by two or more newer hotfixes together; this is never explained in a Hotfix Replacement table.QUOTE (oao @ Apr 8 2007, 06:08 PM)
Regarding vulnerabilities: are they a problem due to the existence of non-updated files per se, or do those files need to be actually used to cause vulnerability? E.g. Windows installs OE, but I don't use it. Should I then bother to apply OE security fixes?
Yes. If it's on your system, it's vulnerable.QUOTE (oao @ Apr 8 2007, 06:08 PM)
And is it possible to remove OE and other components during slipstreaming?
I don't think it's possible to remove just OE but I'm not sure; this isn't my domain. See here for more info:vorck.com: Remove IE from Windows 2000 at install
hfslip.org: HFCLEANUP - Reduce your source
I wouldn't jump into this just yet, though. It's pretty advanced stuff.
QUOTE (oao @ Apr 8 2007, 10:16 PM)
For any Win2K SP4 update/fix that does not appear in your configuration list, if it is added to the HF folder, will it be slipstreamed, or will HFSLIP slipstream only those in your list?
The script doesn't use my list as a base, but it does assume certain standards (how Type 1 and Type 2 hotfixes are named, how they are composed internally, etc.). There will surely be some updates that don't work but it would take too much time to find out which those are and to add support for all of them. That's why only updates that are shown on Windows Update are said to be supported.QUOTE (oao @ Apr 8 2007, 11:31 PM)
As far as I can tell KB925902 is for Vista, not 2000
Windows2000-KB925902-x86-ENU.EXE
@Tomcat76, I'm not quite sure where to post this as your update topics are no longer pinned. Anyway, why is KB935448 on your list and KB928843 removed? As far as I can tell, KB935448 isn't on Windows Update, although do I understand it fixes problems people may have after installing KB925902 (MS07-017).
My hotfix lists have always been more open to more recent updates for hotfixes that are shown on Windows Update if the newer versions are public and not WGA-protected. The COM+ Hotfix Rollup Package is another example of this.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.