Security Bulletins Included in Windows 2000 Service Pack 4

Microsoft has released Service Pack 4 for Windows 2000.

Service Pack 4 (SP4) provides the latest updates to the Windows 2000 family of operating systems in the following areas: security, operating system reliability, application compatibility, and setup. This service pack includes fully regression-tested versions of the patches for all security vulnerabilities affecting Windows 2000 found up to the closing date of Service Pack development. The following Microsoft Security Bulletins are included in Service Pack 4.

MS03-030 (819696) - Unchecked Buffer in DirectX Could Enable System Compromise

MS03-025 (822679) - Flaw in Windows Message Handling through Utility Manager Could Enable Privilege Elevation

MS03-024 (817606) - Buffer Overrun in Windows Could Lead to Data Corruption

MS03-019 (817772) - Flaw in ISAPI extension for Windows Media Services could cause denial of service

MS03-018 (811114) - Cumulative Patch for Internet Information Service

MS03-014 (330994) - Cumulative Patch for Outlook Express

MS03-013 (811493) - Buffer Overrun in Windows Kernel Message Handling Could Lead to Elevated Privileges

MS03-010 (331953) - Flaw in RPC Endpoint Mapper Could Allow Denial of Service Attacks

MS03-008 (814078) - Flaw in Windows Script Engine Could Allow Code Execution

MS03-007 (815021) - Unchecked buffer in Windows Component Could Cause Web Server Compromise

MS03-001 (810833) - Unchecked Buffer in Locator Service Could Lead to Code Execution

MS02-071 (328310) - Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation

MS02-070 (329170) - Flaw in SMB Signing Could Enable Group Policy to be Modified

MS02-065 (329414) - Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution

MS02-063 (329834) - Unchecked Buffer in PPTP Implementation Could Enable Denial of Service Attacks

MS02-055 (323255) - Unchecked Buffer in Windows Help Facility Could Enable Code Execution

MS02-053 (324096) - Buffer Overrun in SmartHTML Interpreter Could Allow Code Execution

MS02-051 (324380) - Cryptographic Flaw in RDP Protocol can Lead to Information Disclosure

MS02-050 (329115) - Certificate Validation Flaw Could Enable Identity Spoofing

MS02-048 (323172) - Flaw in Certificate Enrollment Control Could Allow Deletion of Digital Certificates

MS02-045 (326830) - Unchecked Buffer in Network Share Provider can Lead to Denial of Service

MS02-042 (326886) - Flaw in Network Connection Manager Could Enable Privilege Elevation

MS02-032 (320920) - Cumulative Patch for Windows Media Player

MS01-022 (296441) - WebDAV Service Provider Can Allow Scripts to Levy Requests as User

For more information, or to download the Service Pack, go to the Windows 2000 Service Pack 4 download page