Security Bulletins Included in Windows 2000 Service Pack 4
Microsoft has released Service Pack 4 for Windows 2000.
Service Pack 4 (SP4) provides the latest updates to the Windows 2000 family of operating systems in the following areas: security, operating system reliability, application compatibility, and setup. This service pack includes fully regression-tested versions of the patches for all security vulnerabilities affecting Windows 2000 found up to the closing date of Service Pack development. The following Microsoft Security Bulletins are included in Service Pack 4.
MS03-030 (819696) - Unchecked Buffer in DirectX Could Enable System Compromise
MS03-025 (822679) - Flaw in Windows Message Handling through Utility Manager Could Enable Privilege Elevation
MS03-024 (817606) - Buffer Overrun in Windows Could Lead to Data Corruption
MS03-019 (817772) - Flaw in ISAPI extension for Windows Media Services could cause denial of service
MS03-018 (811114) - Cumulative Patch for Internet Information Service
MS03-014 (330994) - Cumulative Patch for Outlook Express
MS03-013 (811493) - Buffer Overrun in Windows Kernel Message Handling Could Lead to Elevated Privileges
MS03-010 (331953) - Flaw in RPC Endpoint Mapper Could Allow Denial of Service Attacks
MS03-008 (814078) - Flaw in Windows Script Engine Could Allow Code Execution
MS03-007 (815021) - Unchecked buffer in Windows Component Could Cause Web Server Compromise
MS03-001 (810833) - Unchecked Buffer in Locator Service Could Lead to Code Execution
MS02-071 (328310) - Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation
MS02-070 (329170) - Flaw in SMB Signing Could Enable Group Policy to be Modified
MS02-065 (329414) - Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution
MS02-063 (329834) - Unchecked Buffer in PPTP Implementation Could Enable Denial of Service Attacks
MS02-055 (323255) - Unchecked Buffer in Windows Help Facility Could Enable Code Execution
MS02-053 (324096) - Buffer Overrun in SmartHTML Interpreter Could Allow Code Execution
MS02-051 (324380) - Cryptographic Flaw in RDP Protocol can Lead to Information Disclosure
MS02-050 (329115) - Certificate Validation Flaw Could Enable Identity Spoofing
MS02-048 (323172) - Flaw in Certificate Enrollment Control Could Allow Deletion of Digital Certificates
MS02-045 (326830) - Unchecked Buffer in Network Share Provider can Lead to Denial of Service
MS02-042 (326886) - Flaw in Network Connection Manager Could Enable Privilege Elevation
MS02-032 (320920) - Cumulative Patch for Windows Media Player
MS01-022 (296441) - WebDAV Service Provider Can Allow Scripts to Levy Requests as User
For more information, or to download the Service Pack, go to the Windows 2000 Service Pack 4 download page