Major Microsoft Updates

 

This Page Last Updated: Nov 23 '03


 
I
N
D
E
  X  

 
Introduction

Overview

You are no doubt aware that keeping your Windows system up-to-date with bug fixes and security patches is an important part of protecting your privacy and security, especially while you're online. The sheer number of patches and updates that are available from Microsoft, though, can be confusing, frustrating, and even intimidating, so much so that you may even be tempted to throw in the towel and seek refuge in willful ignorance.

That understandable urge ought to be resisted. This page is designed to help you dig through the avalanche of updates for Windows and locate the patches and updates that you need. On this page you will find a listing of major updates, patches, and add-ons that are available from Microsoft for:

Please be aware that this page is NOT comprehensive. It does not contain a complete listing of every update or patch that Microsoft has ever released for these OS packages and software applications. Rather, this page aims to provide an up-to-date list of necessary patches and updates with a minimum of redundancy. There are some cases in which successive, redundant patches or updates are listed. Please consult the subsection titled "A Few Notes About Coverage" as well as the Notes section below for more information.

Manual vs. Automated Updating via Windows Update

There are two main approaches that you can take in order to update your installation of Windows and any accompanying software from Microsoft you might have.

This page is primarily intended to assist those who wish to update their Windows system installations manually by downloading and installing individual updates and patches one-by-one. It can also be used to double-check systems which have been updated via the online Windows Update and Office Update services that Microsoft provides, though there may be discrepancies between the updates that Microsoft offers online and the updates listed on this page.

What is Windows Update?

Microsoft's Windows Update and Office Update services allow Windows users to connect to Microsoft online, view a catalog of available updates and patches tailored specifically for their systems, and download and install those updates and patches with a minimum of user intervention. Windows Update can be accessed here...

          http://windowsupdate.microsoft.com/

Windows Update will update your base operating system (OS) and networking components as well as Internet Explorer and related software components and applications. If you have Office 97 or Office 2000 installed, you should also visit Office Update, which is a similar automated update service site for Microsoft Office:

          http://office.microsoft.com/ProductUpdates/default.aspx

Windows Update and Office Update are available for all versions of Windows 9x as well as Windows NT 4.0 and Windows 2000. There are several pre-requisites for using Windows Update and Office Update, however:

  • Internet Explorer 4.0 or above must be used to connect to Windows Update and Office Update
  • ActiveX controls and Active scripting must be enabled for the .microsoft.com domain (in IE go to Tools or View >> Internet Options... >> Security)
  • Cookies must also be enabled for the .microsoft.com domain (in IE 5.x go to Tools >> Internet Options... >> Security; in IE 4.x go to View >> Internet Options... >> Advanced)

If you have Windows 98, Windows 98SE, Windows Me, or Windows 2000, and you haven't uninstalled or disabled Internet Explorer (or ActiveX controls, Active scripting, and Cookies), you should be able to access Windows Update and Office Update without incident. If you have Windows 95 or Windows NT 4.0, you'll need to make sure that Internet Explorer 4.0 or above is installed first.

Should you use Windows Update?

There are several major advantages to using the Windows Update and Office Update services:

  • users need not have a great knowledge of their installations or the complete catalog of updates that are available
  • a minimum of user intervention is required
  • Windows Update often includes updates that are unavailable for standard download

There are also several major disadvantages, however, to using the Windows Update and Office Update services:

  • critical security updates may take days or even weeks to become available on Windows Update or Office Update
  • updates that are installed via Windows Update and Office Update will not be available later on the user's system should the user need to reinstall Windows; those updates will have to be downloaded anew
  • some users report seemingly insurmountable difficulties connecting to Windows Update or Office Update and getting the service to work
  • some users may not want to have Internet Explorer on their systems or may not want to enable ActiveX controls, Active scripting, and Cookies for security reasons

If you'd rather not spend the time or effort to identify and track down all the updates that are necessary and available from Microsoft for your system, and if you are not interested in archiving updates for future reinstallation, and if you have little concern over using Internet Explorer (as well as ActiveX controls, Active scripting, and Cookies), then Windows Update and Office Update are probably for you.

By contrast, if you prefer to retain maximum control over your system's configuration, or if you prefer to save updates and patches for future use, or if you disdain the security risks of Internet Explorer (as well as ActiveX controls, Active scripting, and Cookies), then this page is for you. Below you will find a wealth of information about updates that are available from Microsoft for all versions of Windows 9x, as well as the most important Windows add-ons and components, including Microsoft Office.

Windows Update Catalog

This page can be especially helpful when using the Windows Update Catalog, a service from Microsoft that allows you to search for and download patches for Windows 98, 98 SE, Me, 2000, and XP

Note: the Windows Update Catalog does require you to install an ActiveX control (much like the standard Windows Update service), but the Windows Update Catalog does not force you to install the updates and patches themselves online -- you can download and save them for future use. Moreover, you can download patches and updates for versions of Windows other than the one you happen to be running.

Having trouble using Windows Update?

If Windows Update or Office Update is refusing to work for you, review the pre-requisites for using Windows Update above. An excellent first place to check for advice on troubleshooting Windows Update difficulties is:

The above page provides a handy checklist of troubleshooting tips, as well as links to many Microsoft Knowledge Base (KB) articles on Windows Update. Some of the more important Microsoft KB articles are:

Another helpful resource from Microsoft is:

You might also find these other pages helpful in troubleshooting Windows Update problems:

Versions of Windows

This web page provides information about updates to base OS and networking components for:

  • Windows 9x (incl. Windows 95, 98, 98SE, and Me)

This page does NOT include information about base OS or networking updates for:

  • Windows NT 4.0 (incl. Workstation and Server versions)
  • Windows 2000 (incl. Professional and Server versions)
  • Windows XP (incl. Professional and Home versions)

This page also provides information about updates to major Windows add-ons and components. These updates are usually compatible with:

  • Windows 9x (incl. Windows 95, 98, 98SE, and Me)
  • Windows NT 4.0 (incl. Workstation and Server versions)

Updates to earlier versions of some Windows add-ons and components may not be compatible with Windows Me. Compatibility issues may also exist between Windows 98SE and some updates to earlier version of components. Always read documentation that accompanies updates or patches that you download and respect all warnings and restrictions.

Many updates for Windows add-ons and components that are listed here will NOT be compatible with Windows 2000 or Windows XP, unless otherwsie noted. Windows 2000 usually requires different versions of patches and updates for Windows add-ons and components, and no effort has been made here to account for them on this page. Users of Windows 2000 and Windows XP should check Microsoft web sites for information about patches and updates which are specifically designed for Windows 2000 and Windows XP.

A Few Notes About Coverage

As emphasized above, this page does not aim to provide a complete, comprehensive listing of every update released by Microsoft for the software packages covered here. Rather, the idea is to give users a catalog of updates that is largely free of redundancy and obsolete updates. To that end...

  • updates that have been rendered obsolete or redundant by later patches have not been included here
  • versions of updates that were subsequently withdrawn and replaced with corrected or fixed versions have not been listed here
  • updates for obsolete versions of software applications are generally not listed here

There are, of course, exceptions to the above rules. Still further, some updates simply don't fit neat descriptions or categories such as "valid" or "up-to-date" or "obsolete" or "redundant." Where possible I have tried to note these exceptions and provide some justification or explanation for the choices that I've made here. I've also attempted to explain how the updates for the various software packages covered here work -- that is, how to determine the order in which updates ought to be be installed, how to distinguish between various versions of software packages, ways to avoid installing redundant updates, et al. For more information on what updates have been included here and why, as well as the nature and proper use of many of these updates, please see the Notes section below.

Some Parting Thoughts...

Regrets....

As much as I wish I could, I simply haven't been able to provide a direct link to every update or patch listed on this page. The logistics of maintaining such a catalog of links would be well beyond my capabilities and resources. (Microsoft is notorious for moving things around its vast web site without warning.) Instead, what I've done is provide a URL specific to each major section or subsection. In most cases these URL's should leave you within a mouse click or two from the download you seek. Unfortunately, some of the more obscure packages may require some digging and searching on your part.

Please also keep in mind that not only may Microsoft move files around on its web site without warning (or even without apparent reason), but MS may re-package, re-label, and re-name updates and patches. This practice is especially true of the older updates for Windows 95. File names and sizes may change, and time stamps in digital certificates may differ markedly from the dates listed here.

And a few words of caution....

Updating your system with the latest bug fixes and security patches is an important part of protecting your privacy and security, however, it is a process which is unavoidably fraught with risk. That old saw, "If it ain't broke, don't fix it," is particularly applicable here. The last thing you want is to install the latest and greatest updates for your system only to be left staring at a system that won't even boot into "Safe Mode."

And some advice....

Users should be cautious and wary when updating their systems. Before installing any updates, patches, or bug fixes, you should take care to...

  • backup the Registry
  • backup critical data and files
  • close all running applications
  • read any accompanying documentation and follow instructions to the letter

And always be diligent in rebooting your PC after applying a patch. Do not install patch after update after bug fix without rebooting. Indeed, when dealing with a series of major system updates, it's a good policy to wait a day or so between updates. Doing so can help you identify which particular patch was in fact the patch which lies at the root of new system problems or anomalies, should they occur.

Another good bit of advice is to keep a log or journal of changes that you make to your system so that you have a record of these changes for future reference. Again, such a log can help you nail down the exact cause of system troubles if they do strike.

And, hey....

I hope that you find this page interesting and useful. If you were to take any bit of advice away from this page, it would be the words of a certain character whose name I now forget but whose knowing grittiness graced one of those old cop shows: "And, hey, be careful out there..."

 
Windows 95 Updates ++ (http://www.microsoft.com/windows95/downloads/)
Description File ## QFE/Date Size ##
 
Base OS Updates A (Original Retail Version Only)
Win95 SP1 (UPD 001-008, 010) setup.exe 12/31/95 1264640
Win95 SP1 (UPD 009) exchupd.exe (disk8.exe) 12/31/95 1324032 (1348892)
Patched Plus! Pak sage.dll plusupd1.exe 960103a 141248
Win95 OLE 32 Upd oleupd.exe 960125a 412080
Win32 Kernel Core Component Upd krnlupd.exe 960202a 337016
MS Win95 Fax Cover Page Upd/Fix coverpg.exe 960202a 154568
IOS Virtual Device Upd iosupd.exe 960319a 146352
DiskTSD Virtual Device Upd dsktsupd.exe 960327a 123360
MS Win95 Backup Application Upd backupd2.exe 960328a  456112
Win95 Internet Mail Service Upd inetmail.exe 4/2/96 241152
Win95 Password Caching Upd mspwlupd.exe 960426b 326304
Win95 RPC Client Upd rpcrtupd.exe 960723a 220600
Upd/Fixed Themes.exe themes.exe 9/9/96 86016
Exchange Inbox Upd for Win95 exupdusa.exe 10/3/96 3097957
 
Base OS Updates B (All Versions) (Note: italicized updates are OSR2 only)
Windows LPT Virtual Device Upd prnt5upd.exe 961118a 163392
Upd OLE Automation oadist.exe 1/15/97 490096
USB Support for OSR2.1 usbsupp.exe 4/10/97 964960
Upd Paint for Office 97 paint95.exe 5/16/97 754670
Removeable Media Support for IDE remideup.exe 970521R1 147096
Password Security Upd (not OSR2) secupd.exe 970527R1 496272
Password Security Upd for OSR2 secupd2.exe   970527R1 508560
Windows NDS PW Security Upd nwredup4.exe 970527R2 226448
Win95 DLC Protocol Driver Upd dlc32upd.exe 970618R1 212640
Upd comctl32.dll for Win95 com32upd.exe 6/25/97 332808
OSR 2.5 USB patch (laptops only) usbupd1.exe 970717R1 153824
OSR 2.5 USB patch & Pentium II fix usbupd2.exe 11/26/97 365920
Euro Currency Support for Win95 w95euro.exe 980821B1 2307920
Upd comctl32.dll for Win95 401comupd.exe 12/2/98 437528
MS Windows Library Upd * speu.exe 12/17/98 1433864
PNP w/ Multifunction Bus Cards OSR2 Upd pccardupd.exe 2/15/99 194784
MS Win95 Y2K Upd w95y2k.exe 2/19/99 2279712
Upd Vtdapi.vxd File (49.7 day crash fix) vtdapi95.exe 3/22/99 135680
Win95 OSR2 Upd for AMD K6 amdk6upd.exe 990602N1 290288
Internet Print Service wpnpins.exe 6/8/99 219152
OLE Automation Fix oainst.exe 8/31/99 472800
Security Upd, September 9, 1999 telnet95.exe 9/9/99 178144
Critical Upd, September 10, 1999 * speu20.exe 9/10/99 2181576
Security Upd, November 12, 1999 245729us5.exe 11/12/99 165352
Microsoft Windows High Encryption Pack (IE 4.0) ie4dom.exe 11/30/99 235088
Microsoft Windows High Encryption Pack (IE 5.0) ie5dom.exe 11/30/99 219216
Microsoft Windows High Encryption Pack (IE 5.01 & above) ie501dom.exe 11/300/99 218704
Security Upd, January 17, 2000 249973usa5.exe 1/17/00 838328
Critical Upd, March 3, 2000 (High Encryption) 249863usa5_128.exe 3/3/00 200888
Critical Upd, March 3, 2000 (Standard Encryption) 249863usa5.exe 3/3/00 212664
Security Upd, March 17, 2000 256015usa5.exe  3/17/00 266936
HTML Help File Code Execution Vulnerability hhupd.exe 6/2/00 732344
Quick Fix Engineering (QFE) for Win95 266772usa5.exe 7/12/00 152224
Security Upd, April 2, 2001 crlupd.exe 4/2/01 127608
OLE DB Provider for Internet Publishing Update rbupdate.exe 4/13/01 417736
Root Certificates Update ** rootsupd.exe 6/21/02 185184
*   Note: "Critical Upd, September 10, 1999" (speu20.exe) replaces "MS Windows Library Upd" (speu.exe), but may not be available for manual download.
** Note: "Root Certificates Update" (rootsupd.exe) is necessary on Win95 only if IE5 or above is installed.
 
Networking Updates (All Versions)
Virtual Network Redirector Upd vrdupd.exe 970911R1 215728
Winsock 2 Upd ws2setup.exe 3/19/98 986400
MS DUN 1.3 Performance & Security Upd msdun13.exe 8/14/98 2355976
Virtual Private Networking Upd vpnupd.exe 7/7/99 350232
DUN 1.3 & Winsock 2 Y2K Upd y2kvdhcp.exe 5/12/99 316944
Security Upd 1, November 29, 1999 238453us5.exe 11/29/99 170616
Security Upd 2, November 29, 1999 168115us5.exe  11/29/99 163840
Security Upd, May 19, 2000 259728usa5.exe 5/19/00 180896
Malformed IPX Ping Packet Vulnerability 265334US5.exe 8/1/00 177832
Malformed IPX NMPI Packet Vulnerability 273727usa5.exe 9/28/00 178336
Share Level Password Upd 273991usa5.exe 10/20/00 207008
MS DUN 1.4 Upgrade for Win95 dun14-95.exe 5/10/01 1890376
 
Misc Add-ons & Utilities for Windows 95
Back UPS Pro 280/420/560 pwrchut.exe 6/13/95 386113
Win95 System Check (for compatibility) ww1247.exe 9/20/95 80825
INF Generator Utility ig.exe 10/19/95 89728
Tripp Lite Smart Series w/PNP Adapter tripplte.exe 11/28/95 832656
MS VoiceView File Transfer Tool vvsetup.exe 12/11/95 197120
Imaging for Win95 1.0 (TIFF, BMP, fax) imginst.exe 12/21/95 2099080
Win95 INF Installer infinstd.exe 12/31/95 38173
SLIP & Scripting Support for DUN script.exe 12/31/95 156672
MS Service for NetWare Directory Services msnds.exe 12/31/95 379978
Win95 Support Assistant assist.exe 12/31/95 1320501
AnswerStation 1.0 (VoiceView Modems) ansinst.exe 2/13/96 345088
Infrared Data Connectivity (IrDA 2.0) for Win95 ir.exe 5/11/96 444416
Infrared Transfer Version 1.0 irxfer.exe 10/31/96 245760
Upd for Apple Printer Utility Users wsipxupd.exe 7/3/97 124392
Upd Drivers for CD-ROM Changers cdchnger.exe 7/16/97 132560
Upd Information Tool for Win95 qfechkup.exe 10/19/97 96408
2 to 4 Digit Date Conversion Tool 2_4date.exe 9/10/99 91112
 
++ Note: An excellent resource for exhaustive information about updates and patches for Win95 (up until roughly August of 1999) is:
     http://www.walbeehm.com/win95upd.html.
## Note: MS has apparently renamed some, but not all Win95 updates and patches with the prefix "W95" -- thus, for example, wsipxupd.exe may be renamed W95wsipxupd.exe. In such cases file sizes may differ slightly from those listed here.
 
Windows 98 Updates (http://www.microsoft.com/windows98/downloads/corporate.asp)
Description File Date Size
 
Base OS & Networking Updates A (Original Version Only)
DUN Security Upgrade dun40.exe 8/17/98 325904
mfc42.dll/msvcrt.dll/olepro32.dll (w/actsetup.cab) mfc42.exe (mfc42.cab) 10/6/98 657120
Win98 Upd for MSNDS & Client for NetWare Networks (w/actsetup.cab) nwnp32.exe 12/9/98 205024
MS Windows Library Upd * speu.exe 12/17/98 1433864
Registration Wizard Update crwid.exe (crwid.cab) 3/16/99 28672
Upd Vtdapi.vxd File (49.7 day crash fix) 216641up.exe 6/4/99 135680
Virtual Private Networking Upd vpnupd.exe (incl. dun40.exe) 7/13/99 350232
* Note: "Critical Upd, September 10, 1999" (speu20.exe, see below) replaces "MS Windows Library Upd" (speu.exe), but may not be available for manual download.
 
Service Pack 1 / Customer Service Pack ++ (Original Version Only)
Win98 Y2K Upd y2k.exe 12/4/98 1282832
Internet Explorer 4.01 w/ SP2 n/a 3/16/99 n/a
Win98 System Upd wucsp.exe 5/27/99 1088984
Outlook Express 4.01 w/ SP2 Y2K Upd * en-x86-q234680.exe 5/17/99 143832
Outlook Express 4.01 w/ SP1 Y2K Upd * en-x86-q234681.exe 5/17/99 143352
Win98 Y2K Upd 2 ** y2kw98_2.exe 6/4/99 651248
Win98 Y2K Upd 2 ** y2kw98_2.exe 8/25/99 225240
*    Note: this OE Y2K update is also known as "Critical Upd, May 17, 1999" (see the IE Updates section below).
** Note: Microsoft supplies the smaller y2kw98_2.exe (8/25/99) for Windows Update. The larger y2kw98_2.exe (6/4/99) is available for manual download.
++ Note: MS has bundled the "Win98 Y2K Upd," "Win98 System Upd," "Win98 Y2K Upd 2" together in a package called the "Win98 Customer Service Pack."
 
Base OS & Networking Updates B (All Versions)
Internet Print Service wpnpins.exe 6/8/99 219152
Security Upd, September 9, 1999 telnetup.exe 9/9/99 149984
Critical Upd, September 10, 1999 * speu20.exe 9/10/99 2181576
OLE Automation Fix oainst.exe 8/25/99 477656
Security Upd, November 12, 1999 245729us8.exe 11/12/99 173544
Security Upd 1, November 29, 1999 238453usa8.exe 11/29/99 201376
Security Upd 2, November 29, 1999 ** 168115us8.exe 11/29/99 165864
Microsoft Windows High Encryption Pack (IE 4.0) ie4dom.exe 11/30/99 235088
Microsoft Windows High Encryption Pack (IE 5.0) ie5dom.exe 11/30/99 219216
Microsoft Windows High Encryption Pack (IE 5.01 & above) ie501dom.exe 11/300/99 218704
Win98 Large IDE Upd 243450us8.exe 12/10/99 164840
TCP/IP Packet Retransmittal Patch 236926up.exe 12/23/99 174056
Malformed RTF Control Word Vulnerability 249973usa8.exe 1/17/00 838328
Critical Upd, March 3, 2000 (High Encryption) 249863usa8_128.exe 3/3/00 198328
Critical Upd, March 3, 2000 (Standard Encryption) 249863usa8.exe 3/3/00 210104
Security Upd, March 17, 2000 256015usa8.exe 3/16/00 227512
Security Upd, May 19, 2000 259728usa8.exe 5/19/00 197280
HTML Help File Code Execution Vulnerability hhupd.exe 6/2/00 732344
Windows WebTV Update 245272usa8.exe 7/5/00 291520
Quick Fix Engineering (QFE) for Win98 266772usa8.exe 7/12/00 184992
Malformed IPX Ping Packet Vulnerability 265334usa8.exe 8/3/00 170656
Share Level Password Upd 273991usa8.exe 10/12/00 214720
Security Update, October 11, 2000  274113usa8.exe 10/11/00 185536
Malformed IPX NMPI Packet Vulnerability 273727usa8.exe 10/11/00 170656
Compressed Folders Passwords Recovery *** 252694usa8.exe 3/28/01 210080
Security Upd, April 2, 2001 crlupd.exe 4/2/01 127608
OLE DB Provider for Internet Publishing Update rbupdate.exe 4/13/01 417736
MS DUN 1.4 Upgrade for Win98 **** dun14-98.exe 5/10/01 517192
HyperTerminal Buffer Overflow Vulnerability ++ 274548usa8.exe 5/24/01 309632
Unchecked Buffer in Universal Plug and Play Vulnerability 314941usa8.exe 12/19/01 228936
Security Upd, March 7, 2002 q313829.exe 3/7/02 854096
Security Upd, Memory Leak in SNMP Vulnerability 314147usa8.exe 4/24/02 163432
Root Certificates Update ## rootsupd.exe 6/21/02 185184
Q323172: Security Upd 323172usa8.exe 8/28/02 219472
Q328145: Security Upd +++ (outdated) 328145usa8.exe 9/4/02 329552
Q329048: Security Upd 329048usa8.exe 10/2/02 273744
Q323255: Security Upd 323255usa8.exe 10/2/02 30687
Q329115: Security Upd +++ 329115usa8.exe 11/20/02 417104
Q811630: HTML Help Upd 811630usa8.exe 12/20/02 511312
823559: Security Update 823559usa8.exe 7/9/03 311904
*      Note: "Critical Upd, September 10, 1999" (speu20.exe) replaces "MS Windows Library Upd" (speu.exe, see above), but may not be available for manual download.
**   Note: "Security Upd 2, November 29, 1999" is for Win98 (Original Version) only. Win98 SE is not affected by this vulnerability.
*** Note: "Compressed Folders Password Recovery" is necessary only if the Plus! 98 add-on package has been installed.
**** Note: "MS DUN 1.4 Upgrade for Win98" is for Win98 (Original Version) only. Win98 SE uses a separate upgrade file (see below).
++ Note: This patch was originally released 10/18/00. It was re-released 5/24/01. HyperTerminal 6.1 (hyptrm61.exe) can also be installed to address the same vulnerability (see below).
## Note: "Root Certificates Update" (rootsupd.exe) is necessary on Win998 only if IE5 or above is installed. It is necessary for all Win98SE installations.
+++ Note: "Q329115: Security Update" replaces "Q328145: Security Update," which is now outdated.
 
Windows 98 SE Only Updates
128-Bit Dial-Up Networking for Win98 SE msdun128.exe 10/14/99 235976
Win98 SE Shutdown Supplement 4756us8.exe 11/5/99 516104
Win98 SE 1394 Storage Supplement 242975us8.exe 4/4/00 597720
Critical Upd, May 22, 2000 (Win98 SE Mapped Drives Shutdown Upd) 260067usa8.exe 5/22/00 459928
IDE Hard Drive Cache Package 273017usa8.exe 9/19/00 229568
MS DUN 1.4 Upgrade for Win98 SE dun14-se.exe 5/10/01 470632
 
Misc Updates
Power Management Troubleshooting Tool pmtshoot.exe 5/19/98 161344
Upd for MSNDS & Client for NetWare Networks nwnp32.exe 12/9/98 205024
 
Windows Me Updates (http://www.microsoft.com/windowsme/update/default.asp) ##
Description File Date Size
 
Base OS & Networking Updates
AOL WDM Modem Connection Patch 272016usam.exe 8/23/00 159896
IDE Hard Drive Cache Package 273017usam.exe 9/19/00 228504
WebTV for Windows Denial of Service Vulnerability 274113usam.exe 9/20/00 184984
Malformed IPX NMPI Packet Vulnerability 273727usam.exe 9/22/00 171160
Share Level Password Vulnerability 273991usam.exe 9/26/00 195736
Windows Movie Maker Upd 287564.exe 2/8/01 456344
WinMe System Restore Upd 290700.exe 2/26/01 225136
Compressed Folders Passwords Recovery 252694usam.exe 3/20/01 211608
Security Upd, April 2, 2001 crlupd.exe 4/2/01 127608
OLE DB Provider for Internet Publishing Upd rbupdate.exe 4/13/01 417736
WinMe Help and Support Upd 299014.exe 5/17/01 370752
HyperTerminal Buffer Overflow Vulnerability * 274548usam.exe 5/24/01 327680
Root Certificates Update rootsupd.exe 6/21/02 185184
Unchecked Buffer in Universal Plug and Play Vulnerability 314757usam.exe 12/19/01 228928
Q323172: Security Upd 323172usam.exe 8/28/02 217088
Q328145: Security Upd + (outdated) 328145usam.exe 9/4/02 340800
Q329048: Security Upd 329048usam.exe 10/2/02 293184
Q323255: Security Upd 323255usam.exe 10/2/02 505664
Q329115: Security Update + 329115usam.exe 11/20/02 376640
Q811630: HTML Help Upd 811630usam.exe 12/20/02 509760
Q812709: Security Update 812709usam.exe 2/26/03 300352
823559: Security Update 823559usam.exe 7/9/03 311904
Security Update for Microsoft Windows ME: KB825119 825119usam.exe 10/14/03 217680
*    Note: This patch was originally released 10/18/00. It was re-released 5/24/01. HyperTerminal 6.1 (hyptrm61.exe) can also be installed to address the same vulnerability (see below).
+ Note: "Q329115: Security Update" replaces "Q328145: Security Update," which is now outdated.
 
## Note: this link is to the Windows Update site for Windows Me. To my knowledge there is no "manual" download site for Windows Me. To track down updates for Windows Me that can be downloaded and installed manually, try the sites listed at the bottom of this page here.
 
Internet Explorer Updates (http://www.microsoft.com/windows/ie/downloads/default.asp) ##
Description File Date Size
 
IE 6.0 w/ SP1
Internet Explorer 6.0 w/SP1 n/a 8/19/02 n/a
April 2003, Cumulative Patch for Outlook Express (Q330994) q330994.exe 4/23/03 1992832
IE6 SP1 Upd for Outlook Express (Q331488) q331488.exe 9/16/03 624768
November 2003, Cumulative Patch for Internet Explorer (824145) q824145.exe 11/3/03 2226304
 
IE 6.0
Internet Explorer 6.0 * n/a 8/17/01 n/a
Security Upd, February 13, 2002 Click HERE 2/13/02 n/a
Security Upd, February 14, 2002 Click HERE 2/14/02 n/a
Unchecked Buffer in Outlook Express S/MIME Parsing ** q328676.exe 10/10/02 671344
February 2003, Cumulative Patch for Internet Explorer (Q810847) ++ q810847.exe 2/5/03 2547320
April 2003, Cumulative Patch for Outlook Express (Q330994) ** q330994.exe 4/23/03 873080
November 2003, Cumulative Patch for Internet Explorer (824145) ++ q824145.exe 11/3/03 2655864
** Note: The "April 2003, Cumulative Patch for Outlook Express (Q330994)" is for Windows XP systems only (and replaces all previous "cumulative" patches). The last patch for Outlook Express 6.0 on other Windows versions was the "Unchecked Buffer in Outlook Express S/MIME Parsing." Except on Windows XP, Microsoft is apparently no longer releasing patches for any version of OE 6.0.
++ Note: The "November 2003, Cumulative Patch for Internet Explorer (824145)" is for Windows XP systems only (and replaces all previous "cumulative" patches). The last patch for Internet Explorer 6.0 on other Windows versions was the "February 2003, Cumulative Patch for Internet Explorer (Q810847)." Except on Windows XP, Microsoft is apparently no longer releasing patches for any version of IE 6.0.
* Note: Win9x and WinMe users who upgrade from IE 5 or above to IE 6 may be affected by a glitch in the IE 6 installation process that causes certain security patches not to be applied in the upgrade. Please see the following MS KB article for more information:
     Security Patches May Not Be Applied When You Upgrade to Internet Explorer 6 (Q308411)
Users can avoid this problem by installing "Security Upd, March 29, 2001" (IE 5.01 w/SP1), "Security Upd, May 16, 2001" (IE 5.01 w/SP2), or "Security Upd, May 24, 2001" (IE 5.5 w/SP1) before upgrading to IE6 (see below). Users can also avoid this problem by choosing the "Typical" or "Full" installation option when installing IE6.
 
IE 5.5 w/ SP2
Internet Explorer 5.5 w/SP2 n/a 7/23/01 n/a
Quicktime ActiveX Plugin * n/a 8/20/01 n/a
Security Upd, February 14, 2002 Click HERE 2/14/02 n/a
April 2003, Cumulative Patch for Outlook Express (Q330994) q330994.exe 4/23/03 855952
November 2003, Cumulative Patch for Internet Explorer (824145) q824145.exe 11/3/03 2340752
* Note: The "Quicktime ActiveX Plugin" is not supplied by Microsoft, but rather Apple. This ActiveX plugin replaces the Netscape style Quicktime plugin tool that is no longer supported by IE 5.5 w/SP2. It can be downloaded from:      http://www.apple.com/quicktime/tools_tips/tutorials/activex.html
 
IE 5.01 w/ SP2, SP3, or SP4 ++
Unchecked Buffer in Outlook Express S/MIME Parsing q328389.exe 10/10/02 893840
November 2003, Cumulative Patch for Internet Explorer (824145) **(Windows 2000 w/ SP4) q824145.exe 11/3/03 1933312
November 2003, Cumulative Patch for Internet Explorer (824145) **(Windows 2000 w/ SP3) q824145.exe 11/3/03 1930624
November 2003, Cumulative Patch for Internet Explorer (824145) **(Windows 2000 w/ SP2) q824145.exe 11/3/03 1930584
++ Note: Internet Explorer 5.01 w/ SP3 is installed by Windows 2000 SP3 on Windows 2000 systems still running Internet Explorer 5.01. Internet Explorer 5.01 w/ SP4 is installed by Windows 2000 SP4 on Windows 2000 systems still running Internet Explorer 5.01. Except on Windows 2000, Microsoft is apparently no longer releasing patches for any version of IE 5.01.
** Note: These patches are for Internet Explorer 5.0.1 w/SP2, SP3, or SP4 running on Windows 2000 w/ SP2, SP3, or SP4. Except on Windows 2000, Microsoft is apparently no longer releasing patches for any version of IE 5.01.
 
Internet Explorer Add-ons & Extras ++
Agent 2.0 msagent.exe 2/14/00 400536
Agent 2.0 msagent.exe 10/2/98 401144
Chat 2.5 mschat25.exe 6/26/98 1786096
Chat 2.0 (stand alone) mschat2a.exe 4/1/97 1777280
Chat 2.0 (IE add-on) mschat2.exe 4/1/97 1139840
Internet Explorer Error Reporting iedw.exe 2/27/01 220376
MSN Chat Control Security Fix msnchatsecfix.exe 6/11/01 86592
MSN Messenger Service 4.6 mmssetup.exe 6/11/01 1486296
MSN Messenger Service for .NET/Exchange mmssetup.exe 6/11/01 2136096
NetMeeting 3.01 * nm30.exe 10/20/00 1641104
NetMeeting 3.0 * nm30.exe 12/22/99 1639376
NetMeeting 3.0 * nm30.exe 6/18/99 1634256
NetMeeting 2.11 nm211.exe 1/8/99 2130656
NetMeeting 2.1 nm21.exe 4/18/98 2166520
VRML 2.0 Viewer vrml2c.exe 1/8/99 3294752
VRML 2.0 Viewer vrml2c.exe 1/11/99 3294464
*     Note: three different versions of NetMeeting 3.0 can be found on Microsoft's site. The file names are the same; only the file sizes and associated dates distinguish them.
++ Note: some of these add-ons and extras may be available only through Windows Update.
 
Internet Explorer Utilities
IE4 PowerToys ie4power.exe 9/29/97 240560
IE5 Web Accessories ie5wa.exe 9/29/97 139584
IE5 Power Tweaks Web Accessories pwrtwks.exe 3/1/99 129368
IE5 Toolbar Wallpaper tbwlpapr.exe 3/11/99 174408
IE5 Web Developer Accessories webdevaccess.exe  3/12/99 116048
 
## Other Sites for IE Downloads:
          Internet Explorer Security Updates:
http://www.microsoft.com/windows/ie/security/default.asp Down
          Internet Explorer Home Page: http://www.microsoft.com/windows/Ie/default.htm
     See also the sites listed at the bottom of this page here.
 
Major Windows Add-ons/Components
Description File Date Size
 
MS DCOM (http://www.microsoft.com/com/tech/dcom.asp)
DCOM 1.3 for Win95 dcom95.exe 3/30/99 1229056
DCOM 1.3 for Win98 dcom98.exe 3/29/99 1229056
DCOM Congfiguration 1.3 Configuration Utility * dcm95cfg.exe 3/30/99 196368
* Note: dcm95cnfg.exe is for both Win95 & Win98.
 
MS Windows Script (http://msdn.microsoft.com/scripting/)
Windows Scripting Engines 5.1 ste51en.exe 4/11/01 757696
Windows Scripting Engines 5.5 scr55en.exe 4/11/01 633792
Microsoft Windows Script 5.6 (Win98/Me/NT) scr56en.exe 10/18/01 735328
Microsoft Windows Script 5.6 (Win2K) scripten.exe 10/18/01 734816
Security Update, February 14, 2002 (IE 5.01 & Win9x/NT) * vbs51men.exe 2/14/02 305248
Security Update, February 14, 2002 (IE 5.01 & Win2K) * vbs51nen.exe 2/14/02 309856
Security Update, February 14, 2002 (IE 5.5 & Win9x/NT) * vbs55men.exe 2/14/02 314464
Security Update, February 14, 2002 (IE 5.5 & Win2K) * vbs55nen.exe 2/14/02 314464
Security Update, February 14, 2002 (IE 6 & Win98/NT) * vbs56men.exe 2/14/02 314976
Security Update, February 14, 2002 (IE 6 & Win2K/XP) * vbs56nen.exe 2/14/02 315488
JScript 5.1 Security Patch - Q814078 (Win98/Me/NT) + js51men.exe 3/19/03 325472
JScript 5.1 Security Patch - Q814078 (Win2K) + js51nen.exe 3/19/03 330080
JScript 5.5 Security Patch - Q814078 (Win98/Me/NT) + js55men.exe 3/19/03 353632
JScript 5.5 Security Patch - Q814078 (Win2K) + js55nen.exe 3/19/03 354144
JScript 5.6 Security Patch - Q814078 (Win98/Me/NT) + js56men.exe 3/19/03 369504
JScript 5.6 Security Patch - Q814078 (Win2K/XP) + js56nen.exe 3/19/03 369504
Microsoft Windows Script 5.6 (Win2K/XP) scripten.exe 4/23/03 674656
Microsoft Windows Script 5.6 (Win98/Me/NT) scr56en.exe 6/9/03 679280
* Note: for more help determining which version of the "Security Update, February 14, 2002" your system needs, see the following MS Security Bulletin:
     Incorrect VBScript Handling in IE can Allow Web Pages to Read Local Files (MS02-009)
+ Note: the "Security Update, February 14, 2002" updates for Windows Script are not superseded by "JScript 5.6 Security Patch - Q814078." These two sets of updates involve different parts of the Windows Script package. See the following MS Security Bulletin for more details:
     Flaw in Windows Script Engine could allow code execution (MS03-008)
 
Microsoft XML (MSXML) (http://www.microsoft.com/)
Security Update, February 13, 2002 (MSXML v. 4.0) * msxml4qfe.exe 2/18/02 4674352
Security Update, February 13, 2002 (MSXML v. 3.0) * q318203_msxml30_x86_en.exe 2/13/02 557896
Security Update, February 13, 2002 (MSXML v. 2.6) * q318202_msxml20_x86_en.exe 2/13/02 390472
* Note: systems with Windows XP, Internet Explorer 6.0, or SQL Server 2000 may need one or more of these MSXML patches, depending on the version(s) of MSXML installed. See the following MS Security Bulletin for more information on determining whether your system needs any of these patches as well as the version(s) of MSXML currently installed:
     XMLHTTP Control Can Allow Access to Local Files (MS02-008)
 
Microsoft Java Virtual Machine (VM) ++ (http://www.microsoft.com/java/default.htm)
MS Java Virtual Machine (VM) build 3810 (Win95/98/98SE/Me/NT/XP) msjavwu.exe 4/9/03 5319000
MS Java Virtual Machine (VM) build 3810 (Hotfix) (Win2K) q816093_w2k_sp4_x86_en.exe 4/9/03 2,424,336
++ Note: Microsoft no longer makes available its Java Virtual Machine for download, except through Windows Update and the Windows Update Catalog.
 
DirectX (http://www.microsoft.com/windows/directx/default.asp)
Q819696: Unchecked Buffer in DirectX Could Enable System Compromise (Win98/98SE/Me/2K/XP - DirectX 9.0a only) directx9-kb819696-x86-enu.exe 7/23/03 970312
Q819696: Unchecked Buffer in DirectX Could Enable System Compromise (WinXP - DirectX 8.1 only) q819696_wxp_sp2_x86_enu.exe 7/23/03 818464
Q819696: Unchecked Buffer in DirectX Could Enable System Compromise (Win98/98SE/Me/2K - DirectX 8.0/8.1 only) directx9-kb819696-x86-enu.exe 8/20/03 809048
Q819696: Unchecked Buffer in DirectX Could Enable System Compromise (Win2K - DirectX 7 only) directx8-kb819696-x86-enu.exe 7/23/03 543792
Q819696: Unchecked Buffer in DirectX Could Enable System Compromise (WinNT4 only) q819696i.exe 7/23/03 523856
DirectX 9.0b (Win98/98SE/Me/2K/XP) dx90b_redist.exe 7/21/03 33395808
DirectX 9.0a (Win98/98SE/Me/2K/XP) dx90a_redist.exe 5/7/03 33428576
DirectX 9.0 (Win98/98SE/Me/2K/XP) dx90_redist.exe 12/16/02 33372760
DirectPlay 8.2 (Win98/98SE/Me/2K/XP) dplay82 update.exe 9/27/02 28325976
DirectX 8.1b (Win98/98SE/Me/2K/XP) dx81bredist.exe 6/6/02 25774688
DirectX 8.1 (Win2K) dx81nteng.exe 11/8/01 7936144
DirectX 8.1 (Win98/98SE/Me) dx81eng.exe 11/8/01 12144784
Pedals on Thrustmaster/Guillemot Racing Wheels Upd for DirectX 8.0 dx51099_wu.exe 6/29/01 68976
1394 Digital Video Updater for DirectX 8.0 & DirectX 8.0a (Win98/98SE/Me/2K) dx80bda.exe 3/1/01 1224312
DirectX 8.0a (Win2K) dx80nteng.exe 2/5/01 7345816
DirectX 8.0a (Win95/98/98SE/Me) dx80eng.exe 2/5/01 11477656
DirectX 8.0 (Win95/98/98SE/Me) dx80eng.exe 11/9/00 11475632
DirectX 7.0a (Win95/98/98SE only) dx7aeng.exe 12/17/99 6340040
DirectX 7.0 (Win95/98/98SE only) dx70eng.exe 9/9/99 6311904
DirectX Media Runtime Upd for DirectAnimation(Win95/98 only) dxm6ptch.exe 6/30/99 1019936
DirectX 6.1 (Win95/98 only) dx61eng.exe 1/11/99 7006496
DirectX 6.0 (Win95/98 only) * dx6eng.exe 7/29/98 3760920
DirectX 5.2 (Win95 only) dx52eng.exe 11/5/97 3664024
DirectX 5.0 (Win95 only) dx5eng.exe 7/14/97 5804600
* Note: Microsoft initially made available separate versions of DirectX 6.0 for Win95 & Win98 (original version). The version of DirectX 6.0 listed here is compatible with both Win95 and Win98 (original version).
 
Windows Media Player 6.4 (http://microsoft.com/windows/windowsmedia/download/)
Windows Media Player 6.4 (stand alone) mpfull.exe 11/16/99 3596784
Windows Media Player 6.4 (requires IE 4.0 or above) mpie4ful.exe 11/16/99 2406384
Windows Media Player Plugin for Netscape wmpplugin.exe 4/13/00 297192
Windows Media Player 7.0 Codecs wmv7codec.exe 9/15/00 705784
Windows Media Player 8.0 Codecs wmpcdcs8.exe 6/19/01 733528
Windows Media Player 6.4 Cumulative Patch, June 26, 2002 * wm320920_64.exe 7/24/02 957552
Security Update for Windows Media Player 6.4 (WinNT4) WindowsMedia64-KB828026-x86-ENU.exe 10/3/03 424024
Security Update for Windows Media Player 6.4 (WinMe) WindowsMedia-KB828026-x86-ENU.exe 10/3/03 2326664
* Note: Microsoft re-released this patch on July 24, 2002. See Microsoft Security Bulletin MS02-032 for more information.
 
Windows Media Player 7.x (Win98/Me/2000 only) (http://microsoft.com/windows/windowsmedia/download/)
Windows Media Player 7.0 wmp7.exe 6/30/00 9547408
Windows Media Player 7.0 Security Patch: OCX Attachment Vulnerability wmsu28412.exe 9/26/00 294912
Windows Media Player 7.0 ASX Buffer Overrun & .WMS Script Execution Vulnerabilities wmsu34419.exe 11/22/00 1062344
Windows Media Player 7.0 Bonus Pack mpbonus_net.exe 12/4/00 169736
Windows Media Player 7 Skins File Download Vulnerability wmsu38041.exe 2/12/01 1197512
Windows Media Player 7.1 mp71.exe 5/15/01 10431072
Windows Media Player 8.0 Codecs wmpcdcs8.exe 6/19/01 733528
Windows Media Player 7.1 Cumulative Patch, June 26, 2002 * wm320920_71.exe 7/24/02 1431152
Windows Media Player 9.0 Codecs wm9codecs.exe 1/7/03 842376
Windows Media Player Security Patch: Flaw in Windows Media Player Skins WindowsMedia71-KB817787-x86-ENU.exe 5/6/03 268936
Security Update for Windows Media Player 7.1 (WinMe) WindowsMedia-KB828026-x86-ENU.exe 10/3/03 2326664
* Note: Microsoft re-released this patch on July 24, 2002. See Microsoft Security Bulletin MS02-032 for more information.
 
Windows Media Player for WinXP (WinXP only) (http://microsoft.com/windows/windowsmedia/download/)
Windows Media Player for WinXP Cumulative Patch, June 26, 2002 wm320920_8.exe 7/24/02 1395320
Windows Media Player 9.0 Codecs wm9codecs.exe 1/7/03 842376
Windows Media Player Security Patch: Flaw in Windows Media Player Skins WindowsMedia8-KB817787-x86-ENU.exe 5/6/03 367752
* Note: Microsoft re-released this patch on July 24, 2002. See Microsoft Security Bulletin MS02-032 for more information.
 
Windows Media Player 9.x (Win98/Me/2000/XP only) (http://microsoft.com/windows/windowsmedia/download/)
Windows Media Player 9.0 (Win98/Me/2000) mpsetup.exe 1/7/03 13951112
Windows Media Player 9.0 (WinXP) mpsetupxp.exe 1/7/03 10135688
Windows Media Player 9.0 Media Library Access Patch (Q819639)(Win98/Me/2K/XP) WindowsMedia9-KB819639-x86-ENU.exe 6/25/03 1947784
Security Update for Windows Media Player 9.0 (WinMe) WindowsMedia-KB828026-x86-ENU.exe 10/3/03 2326664
Security Update for Windows Media Player 9.0 (Win2K/WinXP) WindowsMedia-KB828026-x86-ENU.exe 10/3/03 2908808
 
HyperTerminal Private Edition (http://www.hilgraeve.com/htpe/index.html)
HyperTerminal Private Edition 6.3 * htpe63.zip 6/27/01 878078
HyperTerminal Private Edition 6.1 * hyptrm61.exe 10/18/00 851373
* Note: HyperTerminal PE for Win98 & WinMe can also be patched with 274548usa8.exe (Win98) or 274548usam.exe (WinMe). See the Windows 98 or Windows Me sections above for more information.
 
Office 97 Updates (http://office.microsoft.com/)
Description File Date Size
 
Office 97 Service Releases
Office 97 Service Release 1a sr1off97.exe 7/11/97 7321224
Office 97 Service Release 2a * sr2aof97.exe 10/6/98 24166112
Office 97 Service Release 2b * ++ sr2bof97.exe 10/11/99 24165848
*    Note: Office SR1a must be installed first before installing SR2a or SR2b.
++ Note: Office SR2b consists of Office 97 SR2a plus the following: jetcopkg.exe & o97dtfix.exe (see below).
 
Major Office 97 Patches (Post SR2)
Excel Call Function Patch xl8p4pkg.exe 12/9/98 134376
Forms 2.0 Control Security Patch fm2paste.exe 1/11/99 668384
Excel ODBC Driver Vulnerability Security Upd * jetcopkg.exe 10/6/99 4878824
Office 97 HTML Script Vulnerability ppt97sec.exe 7/12/00 122032
Excel REGISTER.ID Function Vulnerability xl8p10pkg.exe 7/21/00 2869416
Word 97 Mail Merge Vulnerability wdac97.exe 10/31/00 3087544
Word 97 Security Upd: Macro Vulnerability wd97mcrs.exe 5/15/01 3605048
Excel 97 Security Patch: KB830356 office97-kb830356-enu.exe 11/11/03 2863512
Word 97 Security Patch: KB830354 office97-kb830354-enu.exe 11/11/03 3082648
* Note: jetcopkg.exe, which includes Jet 3.5 SP3 and Jet 4.0 SP3 (jet35sp3.exe & jet40sp3.exe -- see below), is included in Office 97 SR2b (but not SR2a) (see above).
 
Other Office 97 Extras & Updates
Internet Assistant Wizard Upd for Excel html.exe 9/9/97 334552
Draw 98 for Office 97 & Publisher draw98.exe 2/10/98 982136
Office 97 Value Pak off97vpk.exe 10/6/98 18158328
More Euro Enabled Fonts for MS Office offttupd.exe 2/10/99 2493704
Office 97 Unique Identifier Patch off97uip.exe 3/12/99 90440
Office 97 Unique Identifier Removal Tool pf_setup.exe 3/16/99 144216
MS Clip Gallery Catalog Upd Tool mscagkwt.exe 5/6/99 241888
Office Document Open Confirmation Tool cnfupd.exe 8/5/99 95224
Snapshot Viewer for Access 97 snpvw.exe 9/3/03 1837280
 
FrontPage 97 & 98 Updates
FrontPage 98b Patch fp98bupd.exe 5/20/98 433936
FrontPage 97 Y2K Patch fp97-y2k.exe 12/15/98 131336
FrontPage PWS File Access Vulnerability Patch fppws98.exe 2/2/99 161056
File Access Vulnerability in PWS pwssecup.exe 4/2/99 529696
 
Outlook 97 & 98 Updates
Mail Attachment Security Add-in attchwrn.exe 3/25/97 152256
WinFax Pro Upd Utility for Outlook 98 wfupdate.exe 5/27/98 51712
Outlook 98 Patch outptch2.exe 8/10/98 4973368
Rules Wizard for Outlook 97 ruleswiz.exe 9/8/98 746528
Importer Field Mapping Patch for Outlook 98 field98.exe 9/28/98 241984
Outlook 98 Archive Patch arch98en.exe 3/1/99 5255496
Outlook 97 Y2K Import/Export Fix * o97dtfix.exe 5/13/99 185848
Outlook 97 Archive Patch arch97en.exe 5/14/99 3923432
Outlook 98 Y2K Import/Export Fix o98dtfix.exe 5/28/99 205824
Outlook 97 Email Attachment Security Upd o97attch.exe 7/12/99 1982936
Outlook 98 Email Attachment Security Upd o98attch.exe 8/3/99 2609324
Outlook 98 Email Security Upd o98secu.exe 6/6/00 8733832
* Note: o97dtfix.exe is included in Office 97 SR2b (but not SR2a) (see above).
 
Office 2000 Updates (http://office.microsoft.com/)
Description File Date Size
 
Pre-SR1 ++
ODBC Driver Vulnerability * jetcopkg.exe 10/6/99 4870328
OL 2000 Email Attachment Security Upd o2kattch.exe 11/12/99 3315208
HTML Help 1.3 Upd hhupd.exe 12/3/99 721384
XL 2000 Upd: Programmatic Text Export xl9p2pkg.exe 12/29/99 3821240
vCard Update for Office 2000 q248120.exe 2/14/00 325304
MS Clip Gallery PSS - Buffer Overrun Vulnerability Patch cilupdt.exe 3/6/00 97480
ClipArt Gallery CIL File  Security Upd cagpkg.exe 6/15/00 308392
*    Note: jetcopkg.exe includes Jet 4.0 SP3 (jet40sp3.exe, see below).
++ Note: Office 2000 SR1 and SR1a (see below) include all of the pre-SR1 updates listed above.
 
SR1 +
Office 2000 SR1 o2ksr1dl.exe 3/22/00 54166760
Office 2000 SR1a * ??? ??/??/00 ???
*    Note: Office 2000 SR1a includes the same updates as SR1, but ships with some bug fixes for the installer.
+ Note: Office 2000 SR1 & SR1a include all of the pre-SR1 updates listed above.
 
Post-SR1 +
Upd 128-Bit Encryption Provider for OL 2000 SR-1 out128.exe 2/8/00 264376
Upd 40- or 56-Bit Encryption Provider for OL 2000 SR-1 out40.exe 2/9/00 261304
UA Control Vulnerability uactlsec.exe 5/12/00 153248
OL 2000 Upd: E-mail Security * (outdated) out2ksec.exe 6/6/00 2078352
Non-Gregorian Calendar Upd oainst.exe 6/6/00 482944
WD 2000 Upd:  Mail Command Security * wd2ksec.exe 6/28/00 3406008
OL 2000 Collaboration Data Objects (CDO) Upd cdoupdt.exe 7/12/00 710312
XL/PPT 2000 HTML Script Vulnerability addinsec.exe 7/12/00 1001672
WD 2000 Proofing Tools Hyphenation hyphenup.exe 7/18/00 176400
XL 2000 Security Upd: REGISTER.ID xl9p3pkg.exe 7/21/00 929456
HTML Data Upd (Object Tag  Security) of9data.exe 8/10/00 638656
WD 2000 Upd: Mail Merge Security wrdacc.exe 10/3/00 3187992
*    Note: out2ksec.exe & wd2ksec.exe are installed as a pair. This version of out2ksec.exe is outdated by a later version (see Post-SR2 fixes below).
+ Note: Office 2000 SP2 (see below) includes all of the post-SR1 updates.
 
SP2 +
Office 2000 SR2 sp2upd.exe 10/12/00 9190040
+ Note: Office 2000 SP2 includes all of the post-SR1 updates listed above. Office 2000 SR1 or SR1a (see above) must be installed first.
 
Post-SP2 +
Web Client Security Upd fpwsec.exe 12/18/00 750896
PPT 2000 Security Upd: Parsing Vulnerability (outdated) ppt2ksec.exe 1/18/01 813224
PPT 2000 Security Upd: Parsing Vulnerability (updated) ppt2ksec.exe 1/25/01 808200
WD 2000 Security Upd: Macro Vulnerability wd2kmsec.exe 5/8/01 3382432
OL 2000 Upd: E-mail Security * (updated) out2ksec.exe 6/19/01 2559688
OL 2000 Security Upd: View Control Security outlctlx.exe 8/16/01 151184
XL 2000 Security Upd: Macro Security Bypass e2kmac.exe 8/28/01 1152704
PPT 2000 Security Upd: Macro Security Bypass p2kmac.exe 8/28/01 813248
WD 2000 Upd: April 25, 2002 wrd0901.exe 4/25/02 3469960
XL 2000 Upd: June 19, 2002 exc0901.exe 6/19/02 1221640
WD 2000 Upd: October 16, 2002 wrd0902.exe 10/16/02 3503000
* Note: This version of out2ksec.exe replaces the earlier, post-SR1 version of out2ksec.exe (see Post-SR1 fixes above).
+ Note: Office 2000 SP3 (see below) includes all of the post-SP2 updates listed above.
 
SP3 +
Office 2000 SP3 o2ksp3.exe 10/21/02 13588888
+ Note: Office 2000 SP3 includes all of the updates included in SP2 (see above) as well as all of the post-SP2 updates listed above. Office 2000 SR1 or SR1a (see above) must be installed first.
 
Post-SP3
OL 2000 Upd: December 18, 2002 Olk0901.exe 12/18/02 150936
Word 2000 Security Patch: KB824936 office2000-kb824936-client-enu.exe 9/3/03 1009560
Office 2000 WordPerfect 5.x Converter Security Patch: KB824993 office2000-kb824993-client-enu.exe 9/3/03 302,488
Access 2000 Snapshot Viewer Security Patch: KB826292 office2000-kb826292-client-enu.exe 9/3/03 180672
Access 2000 Runtime Security Patch: KB827431 office2000-kb827431-client-enu.exe 9/3/03 626072
Word 2000 & Works Suite 2001 Security Patch: KB830347 office2000-kb830347-client-enu.exe 11/11/03 1016728
Excel 2000 Security Patch: KB830349 office2000-kb830349-client-enu.exe 11/11/03 1194392
 
Office XP Updates (http://office.microsoft.com/)
Description File Date Size
 
Pre-SP1 +
Outlook 2002 Upd: June 21, 2001 olk1001.exe 6/21/01 1085064
Word 2002 Upd: June 21, 2001 wrd1001.exe 6/21/01 4148360
Publisher 2002 Upd: June 21, 2001 pub1001.exe 6/21/01 496264
Outlook 2002 Upd: August 16, 2001 olk1003.exe 8/16/01 1240232
Excel 2002 Upd: October 4, 2001 exc1001.exe 10/4/01 8776864
PowerPoint 2002 Upd: October 4, 2001 ppt1001.exe 10/4/01 1151664
Outlook 2002 Upd: October 4, 2001 olk1004.exe 10/4/01 1753768
Office XP Activation Upd: October 4, 2001 oxp1001.exe 10/4/01 2380448
+ Note: Office XP SP1 (see below) includes all of the pre-SP1 updates listed above.
 
SP1 +
Office XP SP1 oxpsp1.exe 11/21/01 18330960
+ Note: Office XP SP1 includes all of the pre-SP1 updates listed above.
 
Post-SP1 +
Word 2002 Upd: April 25, 2002 wrd1003.exe 4/25/02 4064920
Excel 2002 Upd: June 19, 2002 exc1002.exe 6/19/02 11846800
Excel 2002 Upd: June 19, 2002 wrd1004.exe 6/19/02 4323472
+ Note: Office XP SP2 (see below) includes all of the post-SP1 updates listed above.
 
SP2 +
Office XP SP2 oxpsp2.exe 8/5/02 15519744
+ Note: Office XP SP2 includes all of the post-SP1 updates listed above. Office XP SP1 must be installed in order to install SP2.
 
Post-SP2
Word 2002 Update: October 16, 2002 wrd1005.exe 10/16/02 735632
Excel 2002 Update: October 16, 2002 exc1003.exe 10/16/02 457104
Outlook 2002 Upd: December 4, 2002 olk1005.exe 12/4/02 519568
Outlook 2002 Upd: January 22, 2003 olk1006.exe 1/22/03 532880
Word 2002 Security Patch: KB824934 officexp-kb824934-client-enu.exe 9/3/03 1519512
Office XP WordPerfect 5.x Converter Security Patch: KB824938 officexp-kb824938-client-enu.exe 9/3/03 302488
Access 2002 Snapshot Viewer Security Patch: KB826293 officexp-kb826293-client-enu.exe 9/3/03 180672
Access 2002 Runtime Security Patch: KB827430 officexp-kb827430-client-enu.exe 9/3/03 588696
Word 2002 & Works Suite 2002/2003/2004 Security Patch: KB830346 office2002-kb830346-client-enu.exe 11/11/03 1578904
Excel 2002 Security Patch: KB830350 officexp-kb830350-client-enu.exe 11/11/03 1511832
 
Office Web Components
Office Web Components Upd: August 16, 2001 ** owc1001.exe 8/16/01 2367632
Office Web Components (outdated) * owc10.exe 8/9/02 8605528
Office Web Components Security Upd: August 20, 2002 ** owcupd.exe 8/20/02 4397976
Office Web Components * owc10.exe 11/21/03 8475464
*    Note: Office XP Web Components need not be installed if you installed Office XP (as opposed to a standalone program such as FrontPage 2002, Excel 2002, Word 2002, etc.). Office XP automatically installs the Office Web Components.
** Note: this Office XP Web Components Security Update need not be installed if you installed the Office Web Components package dated 8/9/02 or 11/21/03(see above). These versions of Office Web Components incorporates the fixes in the Security Update.
 
Microsoft Producer
Microsoft Producer 1.1 msprod11.exe 6/5/02 23373184
Microsoft Producer 2.0 msprod2.exe 8/29/03 48958816
 
Office 2003 Updates (http://office.microsoft.com/)
Description File Date Size
 
Pre-SP1
Office 2003 Critical Upd: KB828041 office2003-kb828041-client-enu.exe 11/4/03 913768
 
Misc. Windows Components (http://www.microsoft.com/downloads/searchdl.asp?)
Description File Date Size
 
Windows Installer 1.0 Update
Windows Installer Upd (9x; outdated) instmsi.exe 11/24/99 1857280
Windows Installer Upd (NT; outdated) instmsiw.exe 11/24/99 1880064
Windows Installer Upd (9x; obsolete) instmsi.exe 1/11/00 1494280
Windows Installer Upd (NT; obsolete) instmsiw.exe 1/11/00 1505032
 
Windows Installer 2.0
Windows Installer 2.0 (9x; outdated) instmsi.exe 9/25/01 1707856
Windows Installer 2.0 (NT/2000; outdated) instmsi.exe 9/25/01 1821008
Windows Installer 2.0 (9x) instmsia.exe 2/19/02 1708856
Windows Installer 2.0 (NT/2000) instmsiw.exe 2/19/02 1822520
 
MS Jet/MDAC Updates (http://www.microsoft.com/data/)
MDAC 2.1 SP2 * mdac_typ.exe 6/9/99 6509576
Jet 3.5 SP 3 ** + jet35sp3.exe 8/5/99 1297896
Jet 4.0 SP 3 ** + jet40sp3.exe 8/4/99 1475560
MDAC 2.5 SP1 * mdac_typ.exe 8/17/00 7881896
Jet 4.0 SP 6 (Win9x/NT4) ++ jet40sp6_9xnt.exe 3/5/02 3016728
Jet 4.0 SP 6 (WinMe) ++ jet40sp6_wme.exe 3/18/02 3022872
Jet 4.0 SP 6 (Win2K) ++ jet40sp6_w2k.exe 3/25/02 4210944
Jet 4.0 SP 6 (WinXP) ++ jet40sp6_wxp.exe 4/9/02 3402344
MDAC Security Hotfix for Q329414 ## q329414_mdacall_x86.exe 11/20/02 833144
Jet 4.0 SP 7 (Win9x/NT4) ++ jet40sp7_9xnt.exe 6/25/03 3637536
Jet 4.0 SP 7 (WinMe) ++ jet40sp7_wme.exe 6/25/03 3643680
Jet 4.0 SP 7 (Win2K) ++ windows2000-kb282010-x86-enu.exe 6/25/03 2981936
Jet 4.0 SP 7 (WinXP) ++ windowsxp-kb282010-x86-enu.exe 6/25/03 2973984
MDAC Security Patch MS03-033 q823718_mdac_securitypatch.exe 8/20/03 1632320
Jet 4.0 SP 8 (Win2K) ++ windows2000-KB829558-x86-enu.exe 10/16/03 2963304
Jet 4.0 SP 8 (WinXP) ++ windowsxp-kb829558-x86-enu.exe 10/16/03 2961504
*    Note: if Jet 3.0 is installed (Office 97), then mdac_typ.exe upgrades the Jet database engine from v. 3.x to v. 4.0. If Jet 4.0 is installed (Office 2000), then mdac_typ.exe updates Jet 4.0 database engine to the latest service pack level.
**  Note: Jet 3.5 SP3 (jet35sp3.exe) is included in Office 97 SR2b (but not SR2a) in the form of jetcopkg.exe (see above). Jet 4.0 SP3 (jet40sp3.exe) is included in Office 2000 SR1 & SR1a in the form of jetcopkg.exe (see above)
+    Note: Jet 3.5 SP3 & Jet 4.0 SP3 (jet35sp3.exe & jet40sp3.exe) are included in jetcopkg.exe (see the entries for Office 97 and Office 2000 above).
++ Note: Office 97 ships with Jet 3.5. In order to use Jet 4.0 SP6, SP7, or SP8, Office 97 users should upgrade to Jet 4.0 SP3 via MDAC 2.1 SP2 (mdac_typ.exe) first. Users could also optionally upgrade from Jet 3.5 directly to Jet 4.0 SP5 via MDAC 2.5 SP1 (mdac_typ.exe).
## Note: "MDAC Security Hotfix for Q329414" is not for Windows XP systems, which are not affected. See the Microsoft Security Bulletin MS02-065 for a complete list of systems on which this patch should be applied.
 
Visual Basic for Applications
Office 2000 Security Patch: KB822035 office2000-kb822035-client-enu.exe 9/3/03 654232
Office XP Security Patch: KB822036 officexp-kb822036-client-enu.exe 9/3/03 715672
Microsoft Project 2000 Security Patch: KB822478 project2000-kb822478-fullfile-enu.exe 9/3/03 1435032
Microsoft Project 2002 Security Patch: KB822211 project2002-kb822211-fullfile-enu.exe 9/3/03 1458072
Microsoft Visual Basic for Applications Update: Q822150 vba64-kb822150-x86-enu.exe 9/3/03 1708136
Visio 2002 Security Patch: KB822212 visio2002-kb822212-fullfile-enu.exe 1/12/96 1444760
 
Visual Basic Runtimes
Visual Basic 4 Runtimes vb4run.exe 1/12/96 880124
Visual Basic 5 SP3 Runtimes vb5rtsp3.exe 9/18/97 1316398
Visual Basic 6 SP3 Runtimes vbrun60sp3.exe 5/10/99 1036512
Visual Basic 6 SP5 Runtimes vbrun60sp5.exe 2/27/01 1044168
 
Misc. Add-ons & Utilities
KernelToys w95krnltoys.exe 7/4/96 57120
PowerToys w95powertoy.exe 11/17/96 209241
RegMaid (Registry OLE cleaner) regmaid.exe 10/28/97 262066
True Type Font Property Extensions ttfext.exe 10/22/97 348728
Icon & Cursor Editors (aniedit/imagedit) imagedit.zip 11/16/97 72726
RegClean 4.1a (safe for IE4) rgcln41a.zip 12/30/97 800136
TweakUI 2000 (v. 1.33) tweakui133.exe/tweakui.exe 8/29/00 113040
 
Other Sites for MS Downloads & Update Info

Microsoft Sites:

     Microsoft Download Center: http://www.microsoft.com/downloads/search.aspx?
     Windows Update: http://windowsupdate.microsoft.com/
     Windows Update Catalog: http://windowsupdate.microsoft.com/catalog
     Microsoft Support Downloads: http://support.microsoft.com/default.aspx?scid=fh;EN-US;DOWNLOADOVER
     Microsoft Office Downloads: http://www.microsoft.com/office/downloads/default.asp
     Microsoft Office Updates - Download Center: http://office.microsoft.com/Downloads/default.aspx
     Microsoft Office Updates - Product Updates: http://office.microsoft.com/ProductUpdates/default.aspx
     Microsoft Office 97 Resource Kit Tools & Utilities: http://www.microsoft.com/office/ork/appa/appa.htm
     Microsoft Office 2000 Resource Kit Toolbox: http://www.microsoft.com/office/ork/2000/appndx/toolbox.htm
     Microsoft Office XP Resource Kit Toolbox: http://www.microsoft.com/office/ork/xp/appndx/appa00.htm
     Microsoft Personal Security Advisor: http://www.microsoft.com/technet/mpsa/start.asp
     Microsoft Security Tool Kit: http://www.microsoft.com/technet/security/tools/tools/stkintro.asp
     Microsoft TechNet Security Bulletins:http://www.microsoft.com/technet/security/current.asp
     Microsoft Windows Media 8 Codecs:http://microsoft.com/windows/windowsmedia/format/codecdownload.aspx
     Microsoft Windows Media 9 Codecs:http://microsoft.com/windows/windowsmedia/9series/codecs.aspx

     For a full explanation of download sites, see "Where to Find Microsoft Security Patches":
          http://www.microsoft.com/technet/columns/security/essays/secpatch.asp

3rd Party Sites:

     Search MS TechNet Security Bulletins by Product: Click HERE
     ActiveWin - Microsoft Security Bulletin Summary List 2003: http://www.activewin.com/bugs/secb.shtml
     ActiveWin - Microsoft Security Bulletin Summary List 2002: http://www.activewin.com/bugs/secb2002.shtml
     ActiveWin - Microsoft Security Bulletin Summary List 2001: http://www.activewin.com/bugs/secb2001.shtml
     TechSpot - OS Updates: http://www.techspot.com/tweaks/updates/
     PatchDayReview.com: http://www.patchdayreview.com/
     Anthology of Microsoft Greatest Hits: http://radsoft.net/resources/rants/20011102,00.html
     University of Cambridge - Patches & Hotfixes: http://www-tus.csx.cam.ac.uk/pc_support/security/iepat.html
     AXCEL216's Max Speed Free Software Essentials http://www.mdgx.com/web.htm
     ERPMan's IE & WMP Updates Page http://members.tripod.com/erpman1/iewmpupd.html

 

 
Notes

Not Finished Yet.

 
A Note On Security Update Names

Microsoft often names its security updates for Windows and Internet Explorer after the dates they were issued (e.g., Security Update 1, November 29, 1999). This naming scheme can be confusing inasmuch as these security updates are often referred to by the vulnerabilities that they close (e.g., Spoofed Route Pointer & Fragmented IGMP Packet Vulerabilities).

What follows below is a guide to the various names that security patches from Microsoft go by.

Security Upd Name Vulnerability Name
 
Windows (base OS/networking)
Security Upd, September 3, 1999 Fragmented IGMP Packet Security Vulnerability
Security Upd, September 9, 1999 Malformed Telnet Argument
Critical Upd, September 10, 1999 MS Windows Library 2.0 Upd
Security Upd, November 12, 1999 File Access URL Vulnerability
Security Upd 1, November 29, 1999 Spoofed Route Pointer & Fragmented IGMP Packet Vulerabilities
Security Upd 2, November 29, 1999 Legacy Credential Caching Vulnerability
Security Upd, January 17, 2000 Malformed RTF Control Word Vulnerability
Critical Upd, March 3, 2000 Upd for Web Connections using SGC
Security Upd, March 7, 2000 Upd Java VM Vulnerability
Security Upd, March 17, 2000 DOS Device in Path Name Vulnerability
Security Upd, May 19, 2000 IP Fragment Reassembly Security Vulnerability
Critical Upd, May 22, 2000 Win98 SE Mapped Drives Shutdown Upd
Security Upd, Oct 11, 2000 WebTV for Windows Denial of Service" Vulnerability
Security Upd, April 2, 2001 Erroneous VeriSign-Issued Digital Certificates Spoofing Hazard
 
Internet Explorer
Security Upd, April 21, 1999/ Info & Privacy Upd DHTML Edit Control Vulnerability
Critical Upd, May 17, 1999 Outlook Express Year 2000 Update
Security Upd, May 27, 1999 Favorites Security Upd
Security Upd, September 7, 1999 Scriptlet.typlib & Eyedog ActiveX Controls Vulerabilities
Security Upd, September 30, 1999 ImportExportFavorites Issue & Unsafe ActiveX Controls Vulerabilities
Security Upd, November 17, 1999 Javascript Redirect Vulnerability
Security Upd, December 8, 1999 Server-Side Page Reference Redirect Vulnerability
(incl. ImportExportFavorites Vulnerability)
Security Upd, February 9, 2000 Image Source Redirect Security Vulnerability
Security Upd, May 17, 2000 Frame Domain Verification, Unauthorized Cookie Access, & Malformed Component Attribute Vulnerabilities
Security Upd, June 2, 2000 SSL Certificate Validation Vulnerability
Security Upd, June 29, 2000 / June 14, 2000 Active Setup Download Security Vulnerability
Critical Upd, July 14, 2000 IE 5.01 w/SP1 on Windows 2000 & Office 2000 Help Error Message
Security Upd, July 19, 2000 Malformed E-mail Header, Persistent Mail-Browser Link, & Cache Bypass Security Vulnerabilities
Security Upd, August 9, 2000 Scriptlet Rendering & Frame Domain Verification Security Vulnerabilities
Security Upd, October 10, 2000 Cached Web Credentials Vulnerability
Security Upd, November 22, 2000 Browser Print Template, File Upload via Form, & Frame Domain Verification Security Vulnerabilities
Security Upd, February 22, 2001 Malformed vCard Security Vulnerability
Security Upd 1, February 27, 2001 Cached Content Identification Vulnerability & New Variant of Frame Domain Verification Vulnerability
Security Upd 2, February 27, 2001 Telnet Invocation Vulnerability
Security Upd, March 29, 2001 Incorrect MIME Header & Email Attachment Vulnerability
Security Upd, May 16, 2001 Web Server Certificate Validation Spoofing Vulnerability
Security Upd, May 24, 2001 Cached Content Identification Vulnerability & Web Server Certificate Validation Spoofing Vulnerability
 
A Note On Dates

Not Finished Yet.

 

Home [frames]        Home [no frames]

Advice, Organization, & Compilation 
2000, 2001, 2002 Eric L. Howes