Windows 2000® Updates
The following is a compilation of updates, add-ons and tools provided by Microsoft to enhance the features and usability of the Windows 2000® Operating System. The links that are noted below in blue in the main body of this page will take you directly to the Microsoft Windows 2000 Update page and to the respective descriptive pages regarding each update, upgrade, add-on or tool. Given that changes occur on a regular basis, we feel that rather than provide you with direct downloads, we will provide you with basic descriptions and then refer you to directly to the appropriate Microsoft web page for the actual download.
IMPORTANT: Updates on this page do not apply to Windows 2000 Datacenter Server. For more information on Windows 2000 Datacenter Server, please visit The Windows 2000 Datacenter Program.
You will find the following on this page: (Click a link!)
Critical Updates:
This vulnerability could allow a malicious user to corrupt parts of a Windows 2000
systems local security policy, with the effect of disrupting domain membership and trust
relationship information. If a workstation or member server were attacked via this vulnerability,
it would effectively remove the machine from the domain; if a domain controller
were attacked, it could no longer process domain logon requests. Recovering from such an attack would likely
require that a known-working configuration be restored from backup.
It would not be necessary to be an authenticated domain member in order to mount an attack via this vulnerability.
Any user who could establish a RPC connection with an affected machine and send the proper command sequence to it
could exploit the vulnerability. If the malicious user were an intranet user, he could likely attack any machine within
the network; if the malicious user were on the Internet, he could likely attack only machines on the network edge that
allow RPC connections.
Affected Software Versions:
Note: Microsoft Windows 2000 Datacenter Server is not affected by this vulnerability.
You should read: Microsoft Security Bulletin (MS00-062) to determine how this vulnerability effects you.
Follow this link to download the patch directly from Microsoft.
Follow this link to download the patch from our server.
Security Update, June 6, 2000
This update resolves the "ResetBrowser Frame" and "HostAnnouncement Flooding" security
vulnerabilities in Windows 2000 and Windows NT 4.0. Installing this update will prevent a malicious user from
denying network users the ability to locate services or other computers on the network. Without this update, the
malicious user may also be able to provide inaccurate information to network users.
Windows 2000 Service Pack 1 Archive
Critical and recommended updates that are included in the release of Windows 2000 Service Pack 1 (SP1) have been moved
from this catalog to the
Windows 2000 SP1 Archive. The archive is not a comprehensive
list of all the updates in SP1. To keep your Windows 2000 computer current, Microsoft recommends that you install
Windows 2000 SP1.
Security Update, April 17, 2000
This update eliminates the "Malformed TCP/IP Print Request" vulnerability found in the TCP/IP Printing Services for Windows NT 4.0 and Windows 2000 (in Windows 2000, the service is referred to as "Print Services for Unix"). This is an optional service used primarily in mixed Windows NT-Unix environments, and is not installed by default. Installing this update will prevent a malicious user from disrupting printing services on a network that has installed TCP/IP Printing Services. The native Windows NT and Windows 2000 printing service is not affected by this vulnerability.
Security Update, April 14, 2000
This update eliminates the "Virtualized UNC Share" security vulnerability found in Microsoft Internet
Information Server (IIS) and some of its related software. Installing this update will prevent the source code
of certain types of files to be sent from a Web server to a visiting user's browser. The vulnerability does not
enable unauthorized users to change files or take administrative action on the Web server.
Critical Update, March 21, 2000
Windows 2000 Encryption Protection Update. Microsoft has discovered an issue regarding 128-bit versions of
Internet Explorer 5.0 customized by the Internet Explorer Administration Kit (IEAK) 5.0. After installing
customized Internet Explorer 5.0, users of Windows 2000 will be unable to login. Microsoft has already prepared
a protective update to download. Please review your specific situation to determine if you require protection
from the scenario described in the Read Me First page. Please accept our apology for any inconvenience resulting
from this issue.
Security Update, March 7, 2000
Security Update for Microsoft virtual machine (VM). Download the latest update for the Microsoft VM. Installing
this update will resolve the "VM File Reading" security vulnerability in the current Microsoft VM and
will upgrade you to the most recent version available.
Critical Update, February 17, 2000
Bring your computer up-to-date with the latest updates for the Windows 2000 operating system.
Recommended Updates:
Windows 2000 High Encryption Pack
The Windows 2000 High Encryption Pack allows you to enhance your system with the highest available
encryption level (128-bit).
Windows 2000 Update, "Terminal Services OEM License Server Activation
Failure"
This update resolves an issue that occurs only on servers that are obtained through Microsoft
Original Equipment Manufacturers (OEMs) or System Builders and are configured with the Terminal Services
Licensing service. For these specific servers, the Windows 2000 Terminal Services license server activation
does not verify the activation certificate obtained from the Microsoft Clearinghouse. This results in a
failure to activate the server as a Terminal Services license server. As a result, Windows 2000 Terminal
Services Client Access licenses cannot be installed.
AOL Image Support Update for Windows 2000
This package provides support to display Johnson-Grace compressed images, or .ART files, most commonly used by
America Online. If you are an America Online user running Windows 2000, this is a required upgrade.
Windows 2000 Update, "Iomega Tools do not Recognize Parallel Port
Drives"
This update addresses the "Iomega Tools do not Recognize Parallel Port Drives" issue
found in Windows 2000. Installing this update will resolve an incompatibility between Windows
2000 and Iomega software used to access storage devices attached to a parallel port (Zip or Jaz,
for example). This update allows Iomega software tools to view parallel port drives with Windows
2000.
Windows 2000 Update, "Incorrect Signature for Xenroll.dll file"
This update addresses the "Incorrect Signature for Xenroll.dll file" issue found in some international
language versions of Windows 2000. The Xenroll.dll file is incorrectly signed in the Japanese, German, French,
Italian, and Spanish versions of Windows 2000. Client browsers connecting to a Windows 2000 server for certificate
enrollment will receive a message stating the file was modified after signing, or that the file is unsigned. Installing
this update will provide the correctly signed Xenroll.dll file.
Microsoft Virtual Machine for Internet Explorer 5.5 (Build 3802, released 1/25/01) The Microsoft® virtual machine (Microsoft VM) is designed to run on Microsoft® Windows® 95, Microsoft® Windows® 98, Microsoft® Windows® Millennium Edition (Me), Microsoft® Windows NT® 4.0, and Microsoft® Windows® 2000 or later. For a complete list of updates, view the list of fixes.
Necessary Deployment Tools:
Windows 2000 Readiness Analyzer
The Windows 2000 Readiness Analyzer tool analyzes your system and reports potentially incompatible
hardware devices and software applications. The tool compares the devices and applications on your
system against a list of known issues. Although this check also occurs during Windows 2000 Setup,
you can download and run the tool before installing Windows 2000 to help ensure your installation
will succeed.
Windows 2000 Readiness Analyzer - Disk Image Version
This Disk Image Version allows you to run the Readiness Analyzer on computers that are not on the
Internet or your network. Using two floppy disks, you can download the tool using a computer connected
to the Internet. Then run the tool on offline computers that you want analyzed before installing Windows
2000 to help ensure your installation will succeed.
Windows 2000 Compatibility Updates
Windows 2000 was specifically developed to enable users to easily add additional application
support after the product had shipped for general release. The February 2000 package
is the first release of such additional application support and includes software compatibility
updates for Windows 2000. During product compatibility testing prior to release, Microsoft focused
on the top volume business applications (thousands of applications run out-of-the-box). With that
testing complete, we are now broadening our original focus and have addressed some minor compatibility
issues with a few of the more popular home/entertainment/gaming applications.
Windows 2000 Active Directory Migration Tool
The Active Directory Migration Tool provides an easy, secure, and fast way to migrate to
Windows 2000 Active Directory service. As a system administrator, you can use this tool to
diagnose any possible problems before starting migration operations to Windows 2000 Server
Active Directory.
Windows 2000 System Preparation Tool, Version 1.1
The Windows 2000 System Preparation Tool (Sysprep) Version 1.1 enables administrators to prepare
Windows 2000 System Images as part of an automated deployment. Sysprep 1.1 is an update to Sysprep
1.0 and adds the ability to reduce the number of images required in a deployment by supporting
multiple mass storage controllers.
Windows 2000 Active Directory Sizer Tool
The Active Directory Sizer tool allows you to estimate the hardware required for deploying
Active Directory in your organization. The estimate provided is based on your organization's
profile, domain information and site topology.
Windows 2000 Evaluation Upgrade Utility
Download this utility if you have installed the Windows 2000 Evaluation Edition and want to
upgrade it to full code using the Windows 2000 Upgrade CD. To successfully complete the upgrade,
you will need to have a valid qualifying Windows CD such as Windows 98 or Windows NT 4.0. If you
are trying to upgrade using the Standard (non-upgrade) Windows 2000 CD, you do not need this download.
You can successfully upgrade the Evaluation Edition with a Standard Windows 2000 CD.
Other Useful Downloads:
Windows 2000 Help Files
Download your choice of Help files for Windows 2000 Professional, Windows 2000 Server, or Windows
2000 Advanced Server. You can install the Help files you need, regardless of which Windows 2000
platform you have on your computer.
Windows 2000 Customer Support Diagnostics
The Microsoft Windows 2000 Customer Support Diagnostics package consists of important tools and
data for diagnosing your Windows 2000 system.
Windows 2000 Resource Kit Tools
Microsoft Windows 2000 Resource Kit software tools can help you streamline administrative tasks
such as managing Active Directory, administering security features, working with Group Policy and
Terminal Services, automating application deployment, and other important jobs.
Last updated August 28, 2000
Copyright ©2000
DEW Associates Corporation. All rights reserved.
Your privacy will be respected at all times.
Year 2000 Readiness Disclosure.