Microsoft's Security Bulletin MS01-033 (the one announcing the vulnerability being used by Code Red, and the patch availability) states : "The Windows NT 4.0 patch can be installed on systems Windows NT 4.0 Service Pack 6a." (See http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/security/ bulletin/ms01-033.asp, and click "Additional information about this patch".) And the relevant KB article http://support.microsoft.com/support/kb/articles/Q300/9/72.ASP says "NOTE: Due to file dependencies, this hotfix requires Microsoft Windows NT 4.0 Service Pack 6a." Can anyone provide any experience of successfully using the patch ("Q300972i.exe") on an NT4 Server running *earlier* service packs ? A statement from Microsoft would be nice (like: What is the impact of applying the patch to a server running an earlier SP ? What would be broken ?) [ We have a couple of NT4 servers stuck with earlier SPs (one with SP4, and one with SP5) due to alleged non-certification of their major application with any later service pack. I've set up a test NT4/SP5/IIS4 server, and installed Q300972i, and IIS is back up & running without apparent sickness ...] Thanks for any light anyone can shed. Nick Boyce EDS, Bristol, UK
This archive was generated by hypermail 2b30 : Fri Jul 20 2001 - 13:46:38 PDT