Hotfixes For Windows XP Professional SP1

[Aaron]

This is a list of all the critical hotfixes you need for Windows XP Professional SP1 32-bit. Recommended Updates are excluded from this list as they are not always needed for every system, whereas the Critical Updates should be installed for every system. This list will be updated regularly and old ones removed when a newer hotfix supersedes it.

Looking for the Office 2003 Updates list? Click here

--------------------------------------------------

Type 1 Hotfixes (Switches to use: Click here)

Q819696 (23rd July 2003)

Unchecked Buffer in DirectX Could Enable System Compromise

Download - 800KB

Note: This is for DirectX 8.1 on Windows XP, you do not have to download/install this if you plan to install DirectX 9.0c.

Q823182 (14th October 2003)

Vulnerability in Authenticode Verification Could Allow Remote Code Execution

Download - 424 KB

Q824105 (3rd September 2003)

Flaw in NetBIOS Could Lead to Information Disclosure

Download - 339 KB

Q824141 (29th September 2003)

Buffer Overrun in the ListBox and in the ComboBox Control Could Allow Code Execution

Download - 2.12 MB

Q825119 (14th September 2003)

Buffer Overrun in Windows Help and Support Center Could Lead to System Compromise

Download - 299 KB

Q826939 (14th September 2003)

Update Rollup 1 for Windows XP

Download - 9 MB

Q828026 (10th February 2004)

Update for Windows Media Player URL Script Command Behavior

Download - 2.77 MB

Q828035 (29th October 2003)

Buffer Overrun in Messenger Service Could Allow Code Execution

Download - 358 KB

Q828741 (12th April 2004)

Cumulative Update for Microsoft RPC/DCOM

Download - 3.2 MB

Q833987 (14th September 2004)

Buffer overrun in JPEG processing (GDI+) could allow code execution

Download - 1389KB

Q835732 (12th April 2004)

Security Update for Microsoft Windows

Download - 2.6 MB

Q837001 (12th April 2004)

Vulnerability in the Microsoft Jet Database Engine Could Allow Code Execution

Download - 2.9 MB

Q839645 (13th July 2004)

Vulnerability in Windows Shell Could Allow Remote Code Execution

Download - 3.81 MB

Q840315 (13th July 2004)

Vulnerability in HTML Help Could Allow Code Execution

Download - 375 KB

Q840374 (11th May 2004)

Vulnerability in Help and Support Center Could Allow Remote Code Execution

Download - 854 KB

Q841873 (13th July 2004)

Vulnerability in Task Scheduler Could Allow Code Execution

Download - 882 KB

Q842773 (13th July 2004)

Update for Background Intelligent Transfer Service (BITS) 2.0 and WinHTTP 5.1

Download - 635 KB

Q883357 (13th August 2004)

Your backup program may fail or incorrectly exclude some files from your backup in Windows XP

Download - 320KB

--------------------------------------------------

Type 2 Hotfixes (Switches to use: /Q:A /R:N)

Q814078 Also known as JS56NEN.exe (19th March 2003)

Flaw in Windows Script Engine May Allow Code to Run

Download - 361 KB

Q816093

Flaw in the Microsoft VM Could Enable System Compromise

WindowsUpdate Corporate (Search for 816093)

Note: This is the MSJava 3810 Update, only download if you use SP1 and not SP1a. - 5.07 MB

Q823353 (13th July 2004)

Cumulative Security Update for Outlook Express (July 2004)

Download 1.90 MB

Q867801 (30th July 2004) *NEW*

Cumulative Security Update for Internet Explorer 6 SP1

Download - 2.77 MB

Q870669 (2nd July 2004)

Critical Update for Microsoft Data Access Components - Disable ADODB.Stream object from Internet Explorer

Download 104 KB

--------------------------------------------------

MDAC - Requires different switch. Do not use this syntax directly in svcpack.inf. You can create a batch file to call out that syntax from svcpack.inf, or do it from GuiRunOnce:

As outlined in the Technet article, install using:

xxx_Q832483_MDAC_X86.EXE /C:"dahotfix.exe /q /n" /q

where xxx is your language version.

Q832483 (13th January 2004)

Buffer overrun in an MDAC function could allow code execution

Download - 1.99 MB

--------------------------------------------------

NOT SVCPACK.INF SUPPORTED - Anything shown below must not be processed by svcpack. Instead, these should be installed on first logon to process silent unattended installations of these updates.

Q817787 (Switch: /Q:A /R:N) (6th May 2003)

Flaw in Windows Media Player Skins Downloading Could Allow Code Execution

Download - 360 KB

Note: This is for Windows Media Player 8 on Windows XP, you do not have to install this if you plan to install Windows Media Player 9.

Q817778 (Switch: Same as "type 1" switches) (23rd July 2003)

Advanced Networking Pack for Windows XP - 1.21 MB

--------------------------------------------------

Extras (Switches to use: varies)

These files can also be installed using svcpack.inf:

DirectX 9.0c redist (Extract, and use /silent on dxsetup.exe) *NEW*

WMP9 and MM2 Bundle (no switch needed)

Tip: Make sure Q828026 is queued up after WMP9 in svcpack.inf.

--------------------------------------------------

Updates

21st September 2004 - 2 new Type 1 updates added (833987 and 883357), both can be installed via svcpack.inf.

30th July 2004 - New Cumulative update for Internet Explorer released (867801), this replaces the last cumulative update (832894) and all the ones before that. We stress that you remove all old IE cumulative updates from svcpack.inf to avoid issues.

27th July 2004 - DirectX 9.0c is released, and is listed under Extras. The switch /silent can be used on dxsetup.exe. The DirectX 9.0b Security Update (Q839643) has been removed from the list, this is superceded by DirectX 9.0c which contains all past fixes, so you can remove this from your svcpack.inf file.

13th July 2004 - Good news, all 5 updates marked *NEW* (4 in Type1, and 1 in Type2) can be installed via svcpack.inf without any difficulty. Remove Q837009.exe from both svcpack.inf and your svcpack folder as this is superseded by the newer OE Update.

2nd July 2004 - New Critical Update workaround for Internet Explorer to protect against the Download.Ject exploit. KB870669 under Type 2 Hotfixes. I haven't had time to test this thoroughly, but install this after any MDAC patches you plan to install.

13th June 2004 - DirectX update added Q839643, make sure you download the correct hotfix by reading the notes in brackets in this list.

11th May 2004 - 1 new Windows XP Update today: Q840374 - Vulnerability in Help and Support Center Could Allow Remote Code Execution. You may also want to re-download Q837001, as it's been re-released.

Edited September 26, 2004 by Alanoll

[TheMYsterio]

Thanks m8

[b0r3d]

Thanks AaronXP.

This is a fantastic timesaver.

Just make sure to keep it updated

[Drewdatrip]

What adding a known and working batch cmd to install these files properly?

My last install dident go so well!

|Drew|

[creopard]

you don't need Q329170 when you install Q817606 (both update the srv.sys, but Q817606 is newer)

you don't need Q810577 when you install Q816073 (not listed here)

you may also want to add Q818857 (IE 6 Patch) - Slow Performance When You Use Internet Explorer 6 SP1 to View MIME Type File Attachments

see http://support.microsoft.com/default.aspx?kbid=818857

download http://download.microsoft.com/download/c/4...705/q818857.exe (english only)

[DaveXP]

I get some message about "Illgel DLL Relocation in user32.dll cause by shell32.dll" when use some of these hotfixes

[Aaron]

you don't need Q329170 when you install Q817606 (both update the srv.sys, but Q817606 is newer)

According to the Knowledge Base article Q817606, it says the following:

Patch Replacement Information

This patch does not replace any other patches.

you don't need Q810577 when you install Q816073 (not listed here)

816073 isn't downloadable :/

you may also want to add Q818857 (IE 6 Patch) - Slow Performance When You Use Internet Explorer 6 SP1 to View MIME Type File Attachments

see http://support.microsoft.com/default.aspx?kbid=818857

The urlmon.dll file (6.0.2800.1226) in the August 2003 Cumulative IE6SP1 patch supercedes the version of urlmon.dll (6.0.2800.1216) in the IE6SP1 update released yesterday. I don't know what prompted Microsoft to release this, but this cannot be installed if the August Cumulative patch is installed.

This hotfix list was created from a normal install of XP SP1 I ran yesterday, viewed on WindowsUpdate

[creopard]

816073 isn't downloadable :/

get it at w2s

[Aaron]

816073 isn't downloadable :/

get it at w2s

I could, but I won't. Other people can if they want, but this patch does need to go though additional internal testing before Microsoft choose to make it available to download officially. Non-official patches won't be added to the main list.

[creopard]

ok, sorry....

[Aaron]

But thanks for your help though swgreed!

[Sunil]

Hey Guys, are there any sites available out there that i can download all the patches for windows Xp in one giant file.

[Aaron]

Yes, One of Keyser Soze's package has all the hotfixes which he released about a month ago. And another one at techconnect.

http://www.MSFN.org/comments.php?id=4314

[Sunil]

Kool, thanks AaronXP

[kenneth11zz]

Quick question. This is my first time installing hotfixes using the unattended installation for a clean installation. In the past, I have installed hoftixes on an existed Windows XP using Windows Updates that creates so many Uninstalls in the Remove and Install Program list. Will this also do the same that adds Uninstalls into the Remove and Install Program list which I hated it?

-Kenneth