Learn What IT Pros Need to Know About Windows 11 - August 26th at 1 PM ET! Learn What IT Pros Need to Know About Windows 11 - August 26th at 1 PM ET!
Windows Server

Windows NT 4.0 SRP Info


Post-Windows NT 4.0 Service Pack 6a Security Rollup Package (SRP)

Microsoft has released a Security Rollup Package (SRP) for Windows NT 4.0 that includes the functionality from all security patches released for Windows NT 4.0 since the release of Windows NT 4.0 Service Pack 6a (SP6a) . This small, comprehensive rollup of post-SP6a fixes provides an easier mechanism for managing the rollout of security fixes. Please refer to Microsoft Knowledge Base article 299444 for more information about this rollup package.

Download SRP for NT 4.0 (13.9mb, released July 26, 2001)

What is included in the SRP?

The following Microsoft Security Bulletins are included in the SRP:

Sponsored Content

Read the Best Personal and Business Tech without Ads

Staying updated on what is happening in the technology sector is important to your career and your personal life but ads can make reading news, distracting. With Thurrott Premium, you can enjoy the best coverage in tech without the annoying ads.

Core OS

Internet Information Server 4.0

Index Server

Front Page Server Extensions

What SRP does NOT include

The fixes for the following vulnerabilities affecting Windows NT 4.0 systems are not included in the SRP. Administrators should read the associated security bulletin to determine if these patches should be applied:

Core OS

  • MS01-022 (296441) – WebDAV Service Provider Can Allow Scripts to Levy Requests as User
  • MS00-079 – Hyperterminal issue (this patch was re-released after the NT4 SRP)

Front Page Server Extensions

  • MS01-035 (300477) – FrontPage Server Extension Sub-Component Contains Unchecked Buffer

Java Virtual Machine

  • MS00-081 (277014) – New Variant of VM File Reading Vulnerability Which includes patches for:
    • MS99-031 : Virtual Machine Sandbox Vulnerability
    • MS99-045 : Virtual Machine Verifier Vulnerability
    • MS00-011 : VM File Reading Vulnerability
    • MS00-059 : Java VM Applet Vulnerability

The following fixes are not included in the SRP because they require administrative action rather than a software change. Administrators should ensure that in addition to applying this patch, they also have taken the administrative action discussed in the following bulletins:

Core OS

Internet Information Server