New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

Windows 2000 SP4 Patches

Required Patches

Windows 2000 Server/Advanced Server with Service Pack 4 requires the following security-related patches:

Make sure you read Internet Explorer 6.0 SP1 Patches and IIS 5.0 Patches before you go on.

Internet Explorer 6 Service Pack 1

Download IE 6.0 + SP1

October 2005

MS05-051 : Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution (902400)

MS05-050 : Vulnerability in DirectShow Could Allow Remote Code Execution (904706)

MS05-049 : Vulnerabilities in Windows Shell Could Allow Remote Code Execution (900725)

MS05-048 : Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution (907245)

MS05-046 : Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution (899589)

MS05-045 : Vulnerability in Network Connection Manager Could Allow Denial of Service (905414)

MS05-044 : Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering (905495)

August 2005

MS05-043 : Vulnerability in Print Spooler Service Could Allow Remote Code Execution (896423)

MS05-042 : Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing (899587)

MS05-041 : Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (899591)

MS05-040 : Vulnerability in Telephony Service Could Allow Remote Code Execution (893756)

July 2005

MS05-036 : Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution (901214)

June 2005

MS05-033 : Vulnerability in Telnet Client Could Allow Information Disclosure (896428)

MS05-032 : Vulnerability in Microsoft Agent Could Allow Spoofing (890046)

MS05-031 : Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution (898458)

MS05-030 : Cumulative Security Update in Outlook Express (897715)

MS05-027 : Vulnerability in Server Message Block Could Allow Remote Code Execution (896422)

MS05-026 : Vulnerability in HTML Help Could Allow Remote Code Execution (896358)

May 2005

MS05-024 : Vulnerability in Web View Could Allow Remote Code Execution (894320)

April 2005

MS05-019 : Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066)

MS05-018 : Vulnerability in Windows Kernel Could Allow Elevation of Privilege and Denial of Service (890859)

MS05-016 : Vulnerability in Windows Shell that Could Allow Remote Code Execution (893086)

February 2005

MS05-015 : Vulnerability in Hyperlink Object Library Could Allow Remote Code Execution (888113)

MS05-013 : Vulnerability in the DHTML Editing ActiveX Control could allow code execution (891781)

MS05-012 : Vulnerability in OLE and COM Could Allow Remote Code Execution (873333)

MS05-011 : Vulnerability in Server Message Block Could Allow Remote Code Execution (885250)

MS05-010 : Vulnerability in the License Logging Service Could Allow Code Execution (885834)

MS05-009 : Vulnerability in PNG Processing Could Lead to Buffer Overrun (890261)

MS05-008 : Vulnerability in Windows Shell Could Allow Remote Code Execution (890047)

MS05-004 : ASP.NET Path Validation Vulnerability (887219)

January 2005

MS05-003 : Vulnerability in the Indexing Service Could Allow Remote Code Execution (871250)

MS05-002 : Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711)

MS05-001 : Vulnerability in HTML Help Could Allow Code Execution (890175)

December 2004

MS04-045 : Vulnerability in WINS Could Allow Remote Code Execution (870763)

MS04-044 : Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835)

MS04-043 : Vulnerability in HyperTerminal Could Allow Code Execution (873339)

MS04-041 : Vulnerability in WordPad Could Allow Code Execution (885836)

October 2004

MS04-037 : Vulnerability in Windows Shell Could Allow Remote Code Execution (841356)

MS04-036 : Vulnerability in NNTP Could Allow Code Execution (883935)

MS04-032 : Security Update for Microsoft Windows (840987)

MS04-031 : Vulnerability in NetDDE Could Allow Remote Code Execution (841533)

MS04-030 : Vulnerability in WebDav XML Message Handler Could Lead to a Denial of Service (824151)

July 2004

MS04-024 : Vulnerability in Windows Shell Could Allow Remote Code Execution (839645)

MS04-023 : Vulnerability in HTML Help Could Allow Code Execution (840315)

MS04-022 : Vulnerability in Task Scheduler Could Allow Code Execution (841873)

MS04-020 : Vulnerability in POSIX Could Allow Code Execution (841872)

MS04-019 : Vulnerability in Utility Manager Could Allow Code Execution (842526)

June 2004

MS04-016 : Vulnerability in DirectPlay Could Allow Denial of Service (839643)

April 2004

MS04-014 : Vulnerability in the Microsoft Jet Database Engine Could Allow Code Execution (837001)

MS04-012 : Cumulative Update for Microsoft RPC/DCOM (828741)

MS04-011 : Security Update for Microsoft Windows (835732)

February 2004

MS04-007 : ASN .1 Vulnerability Could Allow Code Execution (828028)

MS04-006 : Vulnerability in the Windows Internet Naming Service (WINS) Could Allow Code Execution (830352)

November 2003

MS03-049 : Buffer Overrun in the Workstation Service Could Allow Code Execution (828749)

October 2003

MS03-045 : Buffer Overrun in the ListBox and in the ComboBox Control Could Allow Code Execution (824141)

MS03-044 : Buffer Overrun in Windows Help and Support Center Could Lead to System Compromise (825119)

MS03-043 : Buffer Overrun in Messenger Service Could Allow Code Execution (828035)

MS03-042 : Buffer Overflow in Windows Troubleshooter ActiveX Control Could Allow Code Execution (826232)

MS03-041 : Vulnerability in Authenticode Verification Could Allow Remote Code Execution (823182)

September 2003

MS03-039 : Buffer Overrun In RPCSS Service Could Allow Code Execution (824146)

MS03-034 : Flaw in NetBIOS Could Lead to Information Disclosure (824105)

July 2003

MS03-026 : Buffer Overrun In RPC Interface Could Allow Code Execution (823980)

MS03-025 : Flaw in Windows Message Handling through Utility Manager Could Enable Privilege Elevation (822679)

MS03-024 : Buffer Overrun in Windows Could Lead to Data Corruption (817606)

MS03-023 : Buffer Overrun In HTML Converter Could Allow Code Execution (823559)

June 2003

MS03-022 : Flaw in ISAPI Extension for Windows Media Services Could Cause Code Execution (822343)

Full list

For the full list of Windows 2000 post-SP4 fixes please visit the following URL:

Windows 2000 post-SP4 hotfixes, updates, and security patches

Note that this list contains ALL fixes, not just the security updates. Depending on your configuration you might not need to apply all the fixes listed above.