Note: Microsoft has announced that it will stop supporting Windows 98 and Windows NT 4.0 Workstation as of June 30, 2003.
Windows NT 4.0 Service Pack 6a, the most recent service pack for Windows NT, was released in November of 1999. Microsoft originally planned to release Windows NT 4.0 SP7 in late 2000, approximately one year after the release of Windows NT 4.0 SP6a. At the time, Microsoft had produced relatively few post-SP6a hotfixes, and decided to delay Windows NT 4.0 SP7 until the third quarter of 2001. The frequency of hotfixes has continued to decline, and now, well over 2 years beyond the last Service Pack release, they still have made fewer fixes than were included with either Windows NT 4.0 SP5 or SP6.
There were three reasons why customers were anticipating Windows NT 4.0 SP7:
An easy mechanism for deploying all the security fixes Microsoft has publicly released since Windows NT 4.0 SP6a – the post-SP6a Security Rollup Package (SRP) is now available for download here – 299444
Availability of the Windows NT 4.0 Active Directory client, originally planned to be part of SP7 – it is now available for download HERE
International versions of the Internet Explorer High Encryption Pack for Windows NT are available for download HERE
Microsoft has concluded that Windows NT 4.0 SP7 is not needed, but that an easy way to deploy publicly released security fixes would be appreciated by many of their customers.
Microsoft has released a Security Rollup Package (SRP) for Windows NT 4.0 that includes the functionality from all security patches released for Windows NT 4.0 since the release of Windows NT 4.0 Service Pack 6a (SP6a) . This small, comprehensive rollup of post-SP6a fixes provides an easier mechanism for managing the rollout of security fixes. Please refer to Microsoft Knowledge Base article 299444 for more information about this rollup package. Applying the SRP does not change the encryption level of your computer.
Download SRP for NT 4.0 (13.9mb, released July 26, 2001)
See also Windows NT 4.0 SRP Info on my site.
Make sure you download the correct version of the service pack or HotFix. If you cannot find a Hebrew version – DO NOT download it! Consult Microsoft Israel for a suggested patch.
If you apply non-Hebrew versions of the patches on your Hebrew enabled Windows NT 4.0 you will see all sorts of strange fonts, dialog windows and error messages might become unreadable or written in a mixture of English and Hebrew fonts, and finally, you might experience BSODs. Uninstalling the problematic patch might not help, and you’ll have to re-install NT.
See the Language Versions of MS Products – Hebrew article for some more info.
Windows NT 4.0 Server with Service Pack 6a (released November 30, 1999) requires the following security-related patches:
Make sure you read Internet Explorer 5.X and 6.0 Patches, Internet Explorer 6.0 SP1 Patches and IIS 4.0 Patches before you go on.
July 2005
MS05-037 : Vulnerability in JView Profiler Could Allow Remote Code Execution (903235)
June 2005
MS05-030 : Cumulative Security Update in Outlook Express (897715)
February 2005
MS05-010 : Vulnerability in the License Logging Service Could Allow Code Execution (885834)
January 2005
MS05-001 : Vulnerability in HTML Help Could Allow Code Execution (890175)
December 2004
MS04-045 : Vulnerability in WINS Could Allow Remote Code Execution (870763)
MS04-044 : Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835)
MS04-043 : Vulnerability in HyperTerminal Could Allow Code Execution (873339)
MS04-042 : Vulnerability in DHCP Could Allow Remote Code Execution and Denial Of Service (885249)
MS04-041 : Vulnerability in WordPad Could Allow Code Execution (885836)
October 2004
MS04-037 : Vulnerability in Windows Shell Could Allow Remote Code Execution (841356)
MS04-036 : Vulnerability in NNTP Could Allow Code Execution (883935)
MS04-032 : Security Update for Microsoft Windows (840987)
MS04-031 : Vulnerability in NetDDE Could Allow Remote Code Execution (841533)
MS04-020 : Vulnerability in POSIX Could Allow Code Execution (841872)
April 2004
MS04-014 : Vulnerability in the Microsoft Jet Database Engine Could Allow Code Execution (837001)
MS04-012 : Cumulative Update for Microsoft RPC/DCOM (828741)
MS04-011 : Security Update for Microsoft Windows (835732)
MS04-007 : ASN .1 Vulnerability Could Allow Code Execution (828028)
MS03-043 : Buffer Overrun in Messenger Service Could Allow Code Execution (828035)
MS03-041 : Vulnerability in Authenticode Verification Could Allow Remote Code Execution (823182)
MS03-039 : Buffer Overrun In RPCSS Service Could Allow Code Execution (824146)
MS03-034 : Flaw in NetBIOS Could Lead to Information Disclosure (824105)
MS03-030 : Unchecked Buffer in DirectX Could Enable System Compromise (819696)
MS03-029 : Flaw in Windows Function Could Allow Denial of Service (823803)
MS03-026 : Buffer Overrun In RPC Interface Could Allow Code Execution (823980)
MS03-024 : Buffer Overrun in Windows Could Lead to Data Corruption (817606)
MS03-023 : Buffer Overrun In HTML Converter Could Allow Code Execution (823559)
MS03-020 : Cumulative Patch for Internet Explorer (818529)
MS03-019 : Flaw in ISAPI extension for Windows Media Services could cause denial of service (817772)
MS03-018 : Cumulative Patch for Internet Information Service (811114)
MS03-011 : Flaw in Microsoft VM Could Enable System Compromise (816093)
MS03-010 : Flaw in RPC Endpoint Mapper Could Allow Denial of Service Attacks (331953) (Patch is not available for NT 4.0. Go to the above link and read the FAQ for more details on how to workaround this issue)
MS03-008 : Flaw in Windows Script Engine could allow code execution (814078)
MS03-001 : Unchecked Buffer in Locator Service Could Lead to Code Execution (810833)
MS02-071 : Flaw in Windows WM_TIMER Message Handling Can Enable Privilege Elevation (328310)
MS02-065 : Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution (329414)
MS02-050 : Certificate Validation Flaw Could Enable Identity Spoofing (328115) (Reposted)
MS02-055 : Unchecked Buffer in Windows Help Facility Could Enable Code Execution (323255)
MS02-053 : Buffer Overrun in SmartHTML Interpreter Could Allow Code Execution (324096)
MS02-045 : Unchecked Buffer in Network Share Provider can lead to Denial of Service (326830)
MS02-029 : Unchecked Buffer in Remote Access Service Phonebook Could Lead to Code Execution (318138)
MS02-024 : Authentication Flaw in Windows Debugger Can Lead to Elevated Privileges (320206)
MS02-017 : Unchecked Buffer in the Multiple UNC Provider Could Enable Code Execution (311967)
MS02-014 : Unchecked Buffer in Windows Shell Could Lead to Code Execution
MS02-013 : 04 March 2002 Cumulative VM Update
MS02-008 : XMLHTTP Control Can Allow Access to Local Files
MS02-006 : Unchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Run
MS01-048 : Malformed Request to RPC Endpoint Mapper Can Cause RPC Service to Fail
MS01-043 : NNTP Service in Windows NT 4.0 and Windows 2000 Contains Memory Leak
MS01-041 : Malformed RPC Request Can Cause Service Failure
MS01-022 : WebDAV Service Provider Can Allow Scripts to Levy Requests as User
MS01-017 : Erroneous VeriSign-Issued Digital Certificates Pose Spoofing Hazard
MS01-009 : Malformed PPTP Packet Stream Can Cause Kernel Exhaustion
MS01-008 : Malformed NTLMSSP Request Can Enable Code to Run with System Privileges
MS01-003 : Weak Permissions on Winsock Mutex Can Allow Service Failure
MS00-095 : Registry Permissions Vulnerability
MS00-094 : Phone Book Service Buffer Overflow Vulnerability
MS00-091 : Incomplete TCP/IP Packet Vulnerability
MS00-083 : Netmon Protocol Parsing Vulnerability
MS00-079 : HyperTerminal Buffer Overflow Vulnerability
MS00-070 : Multiple LPC and LPC Ports Vulnerabilities
MS00-063 : Invalid URL Vulnerability
MS00-052 : Relative Shell Path Vulnerability
MS00-047 : NetBIOS Name Server Protocol Spoofing Vulnerability
MS00-040 : Remote Registry Access Authentication Vulnerability
MS00-036 : ResetBrowser Frame and Host Announcement Frame Vulnerabilities
MS00-029 : IP Fragment Reassembly Vulnerability
MS00-027 : Malformed Environment Variable Vulnerability
MS00-024 : OffloadModExpo Registry Permissions Vulnerability
MS00-021 : Malformed TCP/IP Print Request Vulnerability
MS00-008 : Registry Permissions Vulnerability
MS00-007 : Recycle Bin Creation Vulnerability
MS00-004 : RDISK Registry Enumeration File Vulnerability
MS00-005 : Malformed RTF Control Word Vulnerability
MS00-003 : Spoofed LPC Port Request Vulnerability
MS99-057 : Malformed Security Identifier Request Vulnerability
MS99-056 : Syskey Keystream Reuse Vulnerability
MS99-055 : Malformed Resource Enumeration Argument Vulnerability
MS99-047 : Malformed Spooler Request Vulnerability
MS99-046 : Improve TCP Initial Sequence Number Randomness
MS99-045 : Virtual Machine Verifier Vulnerability
MS99-041 : RASMAN Security Descriptor Vulnerability
MS99-036 : Windows NT 4.0 Does Not Delete Unattended Installation File
MS99-031 : Virtual Machine Sandbox Vulnerability
MS98-001 : Disabling Creation of Local Groups on a Domain by Non-Administrative Users
Windows NT 4.0 Terminal Server Edition requires other Service Packs and Hotfixes than the regular server edition. For more info on that visit THIS page.