Export (0) Print
Expand All
Microsoft Root Certificate Program
Expand Minimize

Window NT Server 4.0, Terminal Server Edition Security Rollup Package 1 Now Available

Archived content. No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

Microsoft has released the first Security Rollup Package (SRP) for Microsoft® Windows NT Server 4.0, Terminal Server Edition (TSE SRP1). TSE SRP1 includes the functionality of virtually all security patches since the release of Windows NT Server 4.0, Terminal Server Edition Service Pack 6 (SP6).

TSE SRP1 is a small, comprehensive rollup of post-SP6 fixes, and provides an easier mechanism for managing the rollout of security fixes. For more information, please refer to Microsoft Knowledge Base article 317636.

On This Page

Patches included in TSE SRP1
Patches not included in TSE SRP1

Patches included in TSE SRP1

TSE SRP1 for Windows NT Server 4.0, Terminal Server Edition supersedes the patches delivered in the following security bulletins:

Core OS:

  • MS99-041 (242294): Tool Available for "RASMAN Security Descriptor" Vulnerability. While the SRP does not include the tool itself, the SRPs installer package does perform the functions that the tool performs, and resets the permissions to the appropriate value.

  • MS00-007 (248399): Patch Available for "Recycle Bin Creation" Vulnerability

  • MS00-021 (257870): Patch Available for "Malformed TCP/IP Print Request" Vulnerability

  • MS00-027 (259622): Patch Available for "Malformed Environment Variable" Vulnerability

  • MS00-029 (259728): Patch Available for "IP Fragment Reassembly" Vulnerability

  • MS00-036 (262694)and (263307): Patch Available for 'ResetBrowser Frame' and 'HostAnnouncement Frame' Vulnerabilities

  • MS00-040 (264684): Patch Available for 'Remote Registry Access Authentication' Vulnerability

  • MS00-047 (269239): Patch Available for 'NetBIOS Name Server Protocol Spoofing' Vulnerability

  • MS00-052 (269049): Patch Available for 'Relative Shell Path' Vulnerability

  • MS00-070 (266433): Patch Available for Multiple LPC and LPC Ports Vulnerabilities

  • MS00-083 (274835): Patch Available for 'Netmon Protocol Parsing' Vulnerability

  • MS00-087 (277910): Patch Available for 'Terminal Server Login Buffer Overflow' Vulnerability

  • MS00-091 (275567): Patch Available for 'Incomplete TCP/IP Packet' Vulnerability

  • MS00-094 (276575): Patch Available for 'Phone Book Service Buffer Overflow' Vulnerability

  • MS01-003 (279336): Weak Permissions on Winsock Mutex Can Allow Service Failure

  • MS01-008 (280119): Malformed NTLMSSP Request Can Enable Code to Run with System Privileges

  • MS01-009 (283001): Malformed PPTP Packet Stream can Cause Kernel Exhaustion

  • MS01-017 (293818): Erroneous VeriSign-Issued Digital Certificates Pose Spoofing Hazard

  • MS01-040 (292435): Invalid RDP Data Can Cause Memory Leak in Terminal Services

  • MS01-041 (298012): Malformed RPC Request Can Cause Service Failure

  • MS01-052 (303628): Patch Available for 'Relative Shell Path' Vulnerability

  • MS02-001 (289246): Trusting Domains Do Not Verify Domain Membership of SIDs in Authorization Data

FrontPage 2002 Server Extensions:

  • MS00-100 (280322): Patch Available for 'Malformed Web Form Submission' Vulnerability

    Note: FrontPage 2002 Server Extensions ship as part of the NT 4.0 Option Pack, which is not supported on Windows NT Server 4.0, Terminal Server Edition. Patches for FPSE have been provided as part of TSE SRP1 only as a means of allowing customers who have installed the Option Pack to protect their systems while migrating to a supported platform.

Index Server 2.0:

  • MS00-006 (252463): Patch Available for "Malformed Hit-Highlighting Argument" Vulnerability

  • MS01-033 (300972): Unchecked Buffer in Index Server ISAPI Extension Can Enable Web Server Compromise

    Note: Index Server 2.0 is part of the NT 4.0 Option Pack which is not supported on Windows NT Server 4.0, Terminal Server Edition. Patches for Index Server 2.0 have been provided as part of TSE SRP1 only as a means of allowing customers who have installed the Option Pack to protect their systems while migrating to a supported platform.

Internet Information Server 4.0:

  • MS02-018 (319733): Cumulative Patch for Internet Information Service. This patch supersedes all previously delivered patches for IIS 4.0.

    Note: Internet Information Server 4.0 is part of the NT 4.0 Option Pack which is not supported on Windows NT Server 4.0, Terminal Server Edition. Patches for IIS 4.0 have been provided as part of TSE SRP1 only as a means of allowing customers who have installed the Option Pack to protect their systems while migrating to a supported platform.

Patches not included in TSE SRP1

TSE SRP1 does not supersede the patches delivered in the following post-SP6 security bulletins, because they were released after the cut-off date for inclusion in the SRP:

  • MS02-006 (314147): Unchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Run.

  • MS02-008 (318202): XMLHTTP Control Can Allow Access to Local Files.

  • MS02-013 (300845): 04 March 2002 Cumulative VM Update.

  • MS02-014 (313829): Unchecked Buffer in Windows Shell Could Lead to Code Execution.

  • MS02-017 (311967): Unchecked buffer in the Multiple UNC Provider Could Enable Code Execution.

  • Patches for Windows NT Server 4.0, Terminal Server Edition, that were delivered after 15 April 2002.

TSE SRP1 does not include the patch delivered in the following post-SP6 security bulletin, as it should only be applied if WebDAV has been installed on the server.

  • MS01-022 (296441): WebDAV Service Provider Can Allow Scripts to Levy Requests as User.

TSE SRP1 does not include the tool provided as part of the following bulletin. This tool should be downloaded and run separately.

TSE SRP1 does not supersede the following bulletin, because the remediation in this case requires an administrative procedure rather than a software change.

  • MS99-036 (241219): Windows NT 4.0 Does Not Delete Unattended Installation File.

For more information about the security rollup and to download the package, click here.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft