Windows NT 4.0 SP6a Patches

Note: Microsoft has announced that it will stop supporting Windows 98 and Windows NT 4.0 Workstation as of June 30, 2003.

What was the latest SP for Windows NT 4.0?

Windows NT 4.0 Service Pack 6a, the most recent service pack for Windows NT, was released in November of 1999. Microsoft originally planned to release Windows NT 4.0 SP7 in late 2000, approximately one year after the release of Windows NT 4.0 SP6a. At the time, Microsoft had produced relatively few post-SP6a hotfixes, and decided to delay Windows NT 4.0 SP7 until the third quarter of 2001. The frequency of hotfixes has continued to decline, and now, well over 2 years beyond the last Service Pack release, they still have made fewer fixes than were included with either Windows NT 4.0 SP5 or SP6.

There were three reasons why customers were anticipating Windows NT 4.0 SP7:

  • An easy mechanism for deploying all the security fixes Microsoft has publicly released since Windows NT 4.0 SP6a – the post-SP6a Security Rollup Package (SRP) is now available for download here – 299444link out ico

  • Availability of the Windows NT 4.0 Active Directory client, originally planned to be part of SP7 – it is now available for download HERElink out ico

  • International versions of the Internet Explorer High Encryption Pack for Windows NT are available for download HERElink out ico

Microsoft has concluded that Windows NT 4.0 SP7 is not needed, but that an easy way to deploy publicly released security fixes would be appreciated by many of their customers.

Microsoft has released a Security Rollup Package (SRP) for Windows NT 4.0 that includes the functionality from all security patches released for Windows NT 4.0 since the release of Windows NT 4.0 Service Pack 6a (SP6a) . This small, comprehensive rollup of post-SP6a fixes provides an easier mechanism for managing the rollout of security fixes. Please refer to Microsoft Knowledge Base article 299444 for more information about this rollup package. Applying the SRP does not change the encryption level of your computer.

Download SRP for NT 4.0 (13.9mb, released July 26, 2001)link out ico

See also Windows NT 4.0 SRP Info on my site.

A note for Hebrew-enabled Windows NT users

Make sure you download the correct version of the service pack or HotFix. If you cannot find a Hebrew version – DO NOT download it! Consult Microsoft Israel for a suggested patch.

If you apply non-Hebrew versions of the patches on your Hebrew enabled Windows NT 4.0 you will see all sorts of strange fonts, dialog windows and error messages might become unreadable or written in a mixture of English and Hebrew fonts, and finally, you might experience BSODs. Uninstalling the problematic patch might not help, and you’ll have to re-install NT.

See the Language Versions of MS Products – Hebrew article for some more info.

Required Patches

Windows NT 4.0 Server with Service Pack 6a (released November 30, 1999) requires the following security-related patches:

Make sure you read Internet Explorer 5.X and 6.0 Patches, Internet Explorer 6.0 SP1 Patches and IIS 4.0 Patches before you go on.

July 2005

MS05-037 : Vulnerability in JView Profiler Could Allow Remote Code Execution (903235)link out ico

June 2005

MS05-030 : Cumulative Security Update in Outlook Express (897715)link out ico

February 2005

MS05-010 : Vulnerability in the License Logging Service Could Allow Code Execution (885834)link out ico

January 2005

MS05-002 : Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711)link out ico

MS05-001 : Vulnerability in HTML Help Could Allow Code Execution (890175)link out ico

December 2004

MS04-045 : Vulnerability in WINS Could Allow Remote Code Execution (870763)link out ico

MS04-044 : Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835)link out ico

MS04-043 : Vulnerability in HyperTerminal Could Allow Code Execution (873339)link out ico

MS04-042 : Vulnerability in DHCP Could Allow Remote Code Execution and Denial Of Service (885249)link out ico

MS04-041 : Vulnerability in WordPad Could Allow Code Execution (885836)link out ico

October 2004

MS04-037 : Vulnerability in Windows Shell Could Allow Remote Code Execution (841356)link out ico

MS04-036 : Vulnerability in NNTP Could Allow Code Execution (883935)link out ico

MS04-032 : Security Update for Microsoft Windows (840987)link out ico

MS04-031 : Vulnerability in NetDDE Could Allow Remote Code Execution (841533)link out ico

MS04-029 : Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350)link out ico

July 2004

MS04-020 : Vulnerability in POSIX Could Allow Code Execution (841872)link out ico

April 2004

MS04-014 : Vulnerability in the Microsoft Jet Database Engine Could Allow Code Execution (837001)link out ico

MS04-012 : Cumulative Update for Microsoft RPC/DCOM (828741)link out ico

MS04-011 : Security Update for Microsoft Windows (835732)link out ico

February 2004

MS04-007 : ASN .1 Vulnerability Could Allow Code Execution (828028)link out ico

MS04-006 : Vulnerability in the Windows Internet Naming Service (WINS) Could Allow Code Execution (830352)link out ico

October 2003

MS03-045 : Buffer Overrun in the ListBox and in the ComboBox Control Could Allow Code Execution (824141)link out ico

MS03-044 : Buffer Overrun in Windows Help and Support Center Could Lead to System Compromise (825119)link out ico

MS03-043 : Buffer Overrun in Messenger Service Could Allow Code Execution (828035)link out ico

MS03-041 : Vulnerability in Authenticode Verification Could Allow Remote Code Execution (823182)link out ico

September 2003

MS03-039 : Buffer Overrun In RPCSS Service Could Allow Code Execution (824146)link out ico

MS03-034 : Flaw in NetBIOS Could Lead to Information Disclosure (824105)link out ico

July 2003

MS03-030 : Unchecked Buffer in DirectX Could Enable System Compromise (819696)link out ico

MS03-029 : Flaw in Windows Function Could Allow Denial of Service (823803)link out ico

MS03-026 : Buffer Overrun In RPC Interface Could Allow Code Execution (823980)link out ico

MS03-024 : Buffer Overrun in Windows Could Lead to Data Corruption (817606)link out ico

MS03-023 : Buffer Overrun In HTML Converter Could Allow Code Execution (823559)link out ico

June 2003

MS03-020 : Cumulative Patch for Internet Explorer (818529)link out ico

May 2003

MS03-019 : Flaw in ISAPI extension for Windows Media Services could cause denial of service (817772)link out ico

MS03-018 : Cumulative Patch for Internet Information Service (811114)link out ico

April 2003

MS03-013 : Buffer Overrun in Windows Kernel Message Handling could Lead to Elevated Privileges (811493)link out ico

MS03-011 : Flaw in Microsoft VM Could Enable System Compromise (816093)link out ico

March 2003

MS03-010 : Flaw in RPC Endpoint Mapper Could Allow Denial of Service Attacks (331953) (Patch is not available for NT 4.0. Go to the above link and read the FAQ for more details on how to workaround this issue)link out ico

MS03-008 : Flaw in Windows Script Engine could allow code execution (814078)link out ico

January 2003

MS03-001 : Unchecked Buffer in Locator Service Could Lead to Code Execution (810833)link out ico

December 2002

MS02-071 : Flaw in Windows WM_TIMER Message Handling Can Enable Privilege Elevation (328310)link out ico

November 2002

MS02-065 : Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution (329414)link out ico

MS02-050 : Certificate Validation Flaw Could Enable Identity Spoofing (328115) (Reposted)link out ico

October 2002

MS02-055 : Unchecked Buffer in Windows Help Facility Could Enable Code Execution (323255)link out ico

September 2002

MS02-053 : Buffer Overrun in SmartHTML Interpreter Could Allow Code Execution (324096)link out ico

August 2002

MS02-048 : Flaw in Certificate Enrollment Control Could Allow Deletion of Digital Certificates (323172)link out ico

MS02-045 : Unchecked Buffer in Network Share Provider can lead to Denial of Service (326830)link out ico

June 2002

MS02-029 : Unchecked Buffer in Remote Access Service Phonebook Could Lead to Code Execution (318138)link out ico

May 2002

MS02-024 : Authentication Flaw in Windows Debugger Can Lead to Elevated Privileges (320206)link out ico

April 2002

MS02-017 : Unchecked Buffer in the Multiple UNC Provider Could Enable Code Execution (311967)link out ico

March 2002

MS02-014 : Unchecked Buffer in Windows Shell Could Lead to Code Executionlink out ico

MS02-013 : 04 March 2002 Cumulative VM Updatelink out ico

February 2002

MS02-008 : XMLHTTP Control Can Allow Access to Local Fileslink out ico

MS02-006 : Unchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Runlink out ico

September 2001

MS01-048 : Malformed Request to RPC Endpoint Mapper Can Cause RPC Service to Faillink out ico

August 2001

MS01-043 : NNTP Service in Windows NT 4.0 and Windows 2000 Contains Memory Leaklink out ico

July 2001

MS01-041 : Malformed RPC Request Can Cause Service Failurelink out ico

April 2001

MS01-022 : WebDAV Service Provider Can Allow Scripts to Levy Requests as Userlink out ico

March 2001

MS01-017 : Erroneous VeriSign-Issued Digital Certificates Pose Spoofing Hazardlink out ico

February 2001

MS01-009 : Malformed PPTP Packet Stream Can Cause Kernel Exhaustionlink out ico

MS01-008 : Malformed NTLMSSP Request Can Enable Code to Run with System Privilegeslink out ico

January 2001

MS01-003 : Weak Permissions on Winsock Mutex Can Allow Service Failurelink out ico

December 2000

MS00-095 : Registry Permissions Vulnerability link out ico

MS00-094 : Phone Book Service Buffer Overflow Vulnerability link out ico

November 2000

MS00-091 : Incomplete TCP/IP Packet Vulnerability link out ico

MS00-083 : Netmon Protocol Parsing Vulnerabilitylink out ico

October 2000

MS00-079 : HyperTerminal Buffer Overflow Vulnerability link out ico

MS00-070 : Multiple LPC and LPC Ports Vulnerabilitieslink out ico

September 2000

MS00-063 : Invalid URL Vulnerabilitylink out ico

July 2000

MS00-052 : Relative Shell Path Vulnerabilitylink out ico

MS00-047 : NetBIOS Name Server Protocol Spoofing Vulnerability link out ico

June 2000

MS00-040 : Remote Registry Access Authentication Vulnerabilitylink out ico

May 2000

MS00-036 : ResetBrowser Frame and Host Announcement Frame Vulnerabilitieslink out ico

MS00-029 : IP Fragment Reassembly Vulnerabilitylink out ico

April 2000

MS00-027 : Malformed Environment Variable Vulnerabilitylink out ico

MS00-024 : OffloadModExpo Registry Permissions Vulnerabilitylink out ico

March 2000

MS00-021 : Malformed TCP/IP Print Request Vulnerabilitylink out ico

MS00-008 : Registry Permissions Vulnerabilitylink out ico

February 2000

MS00-007 : Recycle Bin Creation Vulnerabilitylink out ico

January 2000

MS00-004 : RDISK Registry Enumeration File Vulnerabilitylink out ico

MS00-005 : Malformed RTF Control Word Vulnerabilitylink out ico

MS00-003 : Spoofed LPC Port Request Vulnerabilitylink out ico

December 1999

MS99-057 : Malformed Security Identifier Request Vulnerabilitylink out ico

MS99-056 : Syskey Keystream Reuse Vulnerabilitylink out ico

MS99-055 : Malformed Resource Enumeration Argument Vulnerabilitylink out ico

November 1999

MS99-047 : Malformed Spooler Request Vulnerabilitylink out ico

October 1999

MS99-046 : Improve TCP Initial Sequence Number Randomnesslink out ico

MS99-045 : Virtual Machine Verifier Vulnerabilitylink out ico

September 1999

MS99-041 : RASMAN Security Descriptor Vulnerabilitylink out ico

MS99-036 : Windows NT 4.0 Does Not Delete Unattended Installation Filelink out ico

August 1999

MS99-031 : Virtual Machine Sandbox Vulnerabilitylink out ico

June 1998

MS98-001 : Disabling Creation of Local Groups on a Domain by Non-Administrative Users link out ico

Windows NT 4.0 Terminal Server Edition requires other Service Packs and Hotfixes than the regular server edition. For more info on that visit THIS page.link out ico