Microsoft 365


Active Directory


Windows Server


Microsoft Teams Day is back!


Windows Server

Windows NT 4.0 SP6a Patches

Daniel Petri


Note: Microsoft has announced that it will stop supporting Windows 98 and Windows NT 4.0 Workstation as of June 30, 2003.

What was the latest SP for Windows NT 4.0?

Windows NT 4.0 Service Pack 6a, the most recent service pack for Windows NT, was released in November of 1999. Microsoft originally planned to release Windows NT 4.0 SP7 in late 2000, approximately one year after the release of Windows NT 4.0 SP6a. At the time, Microsoft had produced relatively few post-SP6a hotfixes, and decided to delay Windows NT 4.0 SP7 until the third quarter of 2001. The frequency of hotfixes has continued to decline, and now, well over 2 years beyond the last Service Pack release, they still have made fewer fixes than were included with either Windows NT 4.0 SP5 or SP6.

There were three reasons why customers were anticipating Windows NT 4.0 SP7:

  • An easy mechanism for deploying all the security fixes Microsoft has publicly released since Windows NT 4.0 SP6a – the post-SP6a Security Rollup Package (SRP) is now available for download here – 299444

  • Availability of the Windows NT 4.0 Active Directory client, originally planned to be part of SP7 – it is now available for download HERE

  • International versions of the Internet Explorer High Encryption Pack for Windows NT are available for download HERE

Microsoft has concluded that Windows NT 4.0 SP7 is not needed, but that an easy way to deploy publicly released security fixes would be appreciated by many of their customers.

Microsoft has released a Security Rollup Package (SRP) for Windows NT 4.0 that includes the functionality from all security patches released for Windows NT 4.0 since the release of Windows NT 4.0 Service Pack 6a (SP6a) . This small, comprehensive rollup of post-SP6a fixes provides an easier mechanism for managing the rollout of security fixes. Please refer to Microsoft Knowledge Base article 299444 for more information about this rollup package. Applying the SRP does not change the encryption level of your computer.

Download SRP for NT 4.0 (13.9mb, released July 26, 2001)

See also Windows NT 4.0 SRP Info on my site.

A note for Hebrew-enabled Windows NT users

Make sure you download the correct version of the service pack or HotFix. If you cannot find a Hebrew version – DO NOT download it! Consult Microsoft Israel for a suggested patch.

If you apply non-Hebrew versions of the patches on your Hebrew enabled Windows NT 4.0 you will see all sorts of strange fonts, dialog windows and error messages might become unreadable or written in a mixture of English and Hebrew fonts, and finally, you might experience BSODs. Uninstalling the problematic patch might not help, and you’ll have to re-install NT.

See the Language Versions of MS Products – Hebrew article for some more info.

Required Patches

Windows NT 4.0 Server with Service Pack 6a (released November 30, 1999) requires the following security-related patches:

Make sure you read Internet Explorer 5.X and 6.0 Patches, Internet Explorer 6.0 SP1 Patches and IIS 4.0 Patches before you go on.

July 2005

MS05-037 : Vulnerability in JView Profiler Could Allow Remote Code Execution (903235)

June 2005

MS05-030 : Cumulative Security Update in Outlook Express (897715)

February 2005

MS05-010 : Vulnerability in the License Logging Service Could Allow Code Execution (885834)

January 2005

MS05-002 : Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711)

MS05-001 : Vulnerability in HTML Help Could Allow Code Execution (890175)

December 2004

MS04-045 : Vulnerability in WINS Could Allow Remote Code Execution (870763)

MS04-044 : Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835)

MS04-043 : Vulnerability in HyperTerminal Could Allow Code Execution (873339)

MS04-042 : Vulnerability in DHCP Could Allow Remote Code Execution and Denial Of Service (885249)

MS04-041 : Vulnerability in WordPad Could Allow Code Execution (885836)

October 2004

MS04-037 : Vulnerability in Windows Shell Could Allow Remote Code Execution (841356)

MS04-036 : Vulnerability in NNTP Could Allow Code Execution (883935)

MS04-032 : Security Update for Microsoft Windows (840987)

MS04-031 : Vulnerability in NetDDE Could Allow Remote Code Execution (841533)

MS04-029 : Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350)

July 2004

MS04-020 : Vulnerability in POSIX Could Allow Code Execution (841872)

April 2004

MS04-014 : Vulnerability in the Microsoft Jet Database Engine Could Allow Code Execution (837001)

MS04-012 : Cumulative Update for Microsoft RPC/DCOM (828741)

MS04-011 : Security Update for Microsoft Windows (835732)

February 2004

MS04-007 : ASN .1 Vulnerability Could Allow Code Execution (828028)

MS04-006 : Vulnerability in the Windows Internet Naming Service (WINS) Could Allow Code Execution (830352)

October 2003

MS03-045 : Buffer Overrun in the ListBox and in the ComboBox Control Could Allow Code Execution (824141)

MS03-044 : Buffer Overrun in Windows Help and Support Center Could Lead to System Compromise (825119)

MS03-043 : Buffer Overrun in Messenger Service Could Allow Code Execution (828035)

MS03-041 : Vulnerability in Authenticode Verification Could Allow Remote Code Execution (823182)

September 2003

MS03-039 : Buffer Overrun In RPCSS Service Could Allow Code Execution (824146)

MS03-034 : Flaw in NetBIOS Could Lead to Information Disclosure (824105)

July 2003

MS03-030 : Unchecked Buffer in DirectX Could Enable System Compromise (819696)

MS03-029 : Flaw in Windows Function Could Allow Denial of Service (823803)

MS03-026 : Buffer Overrun In RPC Interface Could Allow Code Execution (823980)

MS03-024 : Buffer Overrun in Windows Could Lead to Data Corruption (817606)

MS03-023 : Buffer Overrun In HTML Converter Could Allow Code Execution (823559)

June 2003

MS03-020 : Cumulative Patch for Internet Explorer (818529)

May 2003

MS03-019 : Flaw in ISAPI extension for Windows Media Services could cause denial of service (817772)

MS03-018 : Cumulative Patch for Internet Information Service (811114)

April 2003

MS03-013 : Buffer Overrun in Windows Kernel Message Handling could Lead to Elevated Privileges (811493)

MS03-011 : Flaw in Microsoft VM Could Enable System Compromise (816093)

March 2003

MS03-010 : Flaw in RPC Endpoint Mapper Could Allow Denial of Service Attacks (331953) (Patch is not available for NT 4.0. Go to the above link and read the FAQ for more details on how to workaround this issue)

MS03-008 : Flaw in Windows Script Engine could allow code execution (814078)

January 2003

MS03-001 : Unchecked Buffer in Locator Service Could Lead to Code Execution (810833)

December 2002

MS02-071 : Flaw in Windows WM_TIMER Message Handling Can Enable Privilege Elevation (328310)

November 2002

MS02-065 : Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution (329414)

MS02-050 : Certificate Validation Flaw Could Enable Identity Spoofing (328115) (Reposted)

October 2002

MS02-055 : Unchecked Buffer in Windows Help Facility Could Enable Code Execution (323255)

September 2002

MS02-053 : Buffer Overrun in SmartHTML Interpreter Could Allow Code Execution (324096)

August 2002

MS02-048 : Flaw in Certificate Enrollment Control Could Allow Deletion of Digital Certificates (323172)

MS02-045 : Unchecked Buffer in Network Share Provider can lead to Denial of Service (326830)

June 2002

MS02-029 : Unchecked Buffer in Remote Access Service Phonebook Could Lead to Code Execution (318138)

May 2002

MS02-024 : Authentication Flaw in Windows Debugger Can Lead to Elevated Privileges (320206)

April 2002

MS02-017 : Unchecked Buffer in the Multiple UNC Provider Could Enable Code Execution (311967)

March 2002

MS02-014 : Unchecked Buffer in Windows Shell Could Lead to Code Execution

MS02-013 : 04 March 2002 Cumulative VM Update

February 2002

MS02-008 : XMLHTTP Control Can Allow Access to Local Files

MS02-006 : Unchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Run

September 2001

MS01-048 : Malformed Request to RPC Endpoint Mapper Can Cause RPC Service to Fail

August 2001

MS01-043 : NNTP Service in Windows NT 4.0 and Windows 2000 Contains Memory Leak

July 2001

MS01-041 : Malformed RPC Request Can Cause Service Failure

April 2001

MS01-022 : WebDAV Service Provider Can Allow Scripts to Levy Requests as User

March 2001

MS01-017 : Erroneous VeriSign-Issued Digital Certificates Pose Spoofing Hazard

February 2001

MS01-009 : Malformed PPTP Packet Stream Can Cause Kernel Exhaustion

MS01-008 : Malformed NTLMSSP Request Can Enable Code to Run with System Privileges

January 2001

MS01-003 : Weak Permissions on Winsock Mutex Can Allow Service Failure

December 2000

MS00-095 : Registry Permissions Vulnerability

MS00-094 : Phone Book Service Buffer Overflow Vulnerability

November 2000

MS00-091 : Incomplete TCP/IP Packet Vulnerability

MS00-083 : Netmon Protocol Parsing Vulnerability

October 2000

MS00-079 : HyperTerminal Buffer Overflow Vulnerability

MS00-070 : Multiple LPC and LPC Ports Vulnerabilities

September 2000

MS00-063 : Invalid URL Vulnerability

July 2000

MS00-052 : Relative Shell Path Vulnerability

MS00-047 : NetBIOS Name Server Protocol Spoofing Vulnerability

June 2000

MS00-040 : Remote Registry Access Authentication Vulnerability

May 2000

MS00-036 : ResetBrowser Frame and Host Announcement Frame Vulnerabilities

MS00-029 : IP Fragment Reassembly Vulnerability

April 2000

MS00-027 : Malformed Environment Variable Vulnerability

MS00-024 : OffloadModExpo Registry Permissions Vulnerability

March 2000

MS00-021 : Malformed TCP/IP Print Request Vulnerability

MS00-008 : Registry Permissions Vulnerability

February 2000

MS00-007 : Recycle Bin Creation Vulnerability

January 2000

MS00-004 : RDISK Registry Enumeration File Vulnerability

MS00-005 : Malformed RTF Control Word Vulnerability

MS00-003 : Spoofed LPC Port Request Vulnerability

December 1999

MS99-057 : Malformed Security Identifier Request Vulnerability

MS99-056 : Syskey Keystream Reuse Vulnerability

MS99-055 : Malformed Resource Enumeration Argument Vulnerability

November 1999

MS99-047 : Malformed Spooler Request Vulnerability

October 1999

MS99-046 : Improve TCP Initial Sequence Number Randomness

MS99-045 : Virtual Machine Verifier Vulnerability

September 1999

MS99-041 : RASMAN Security Descriptor Vulnerability

MS99-036 : Windows NT 4.0 Does Not Delete Unattended Installation File

August 1999

MS99-031 : Virtual Machine Sandbox Vulnerability

June 1998

MS98-001 : Disabling Creation of Local Groups on a Domain by Non-Administrative Users

Windows NT 4.0 Terminal Server Edition requires other Service Packs and Hotfixes than the regular server edition. For more info on that visit THIS page.

Article saved!

Access saved content from your profile page. View Saved