Complete list of All XP 64bit SP2 KB's - x64 SP3 wannabe

[TranceEnergy]

Complete List of All XP x64 sp2 hotfixes - The closest thing to x64 SP3
---------------------------------------------------------------------

Acknowledgements:

Thanks to 5eraph for invaluable help + making it sticky. Nuhi for Nlite. iaoupointfr + pavlov / of HotfixShare for dominating the x64 updates & Xable to of course!
This list would not have come to life without you.

I also would like to thank code65536 for some invaluable insight, booogy and Epsilon for Wmp11 Slipstreamer.
You guys = the greatest. Thanks!

Milestone:

As of 12th march 2009, local time +1 gmt, almost all updates to this list towards xp x64 sp2, has been included in 5eraph's march-2009 update pack, and the list updated accordingly. I'm very proud of that.
Kudos 5eraph and GJ!

Life is awesome!

---------------------------------------------------
I have noticed sometimes a few words or partial words are lost when editing post, so if you see something misspelled, or such dont blame me..

Note1:
This list assumes WMP 11 being installed. NEW: Look at end of post for wmp11 list of hotfixes.
Note2: Lines starting with *** indicates that the KB is not found in 5eraph's update pack. This is a new change in this thread, and changes are to follow.

Old flash player 6 kb update isnt supported, download player 10 instead.
http://www.adobe.com/shockwave/download ... owser=MSIE
I also would recommend to remove both flash and msn with nlite, as they are outdated.

Here's what i have typically used to fix remove old flash 6 plugin and install new one. If you use 5eraph's pack you shouldnt have too.
regsvr32 /u /s %windir%\SysWOW64\Macromed\Flash\flash.ocx
del /F %windir%\SysWOW64\Macromed\Flash\flash.ocx
del /F %windir%\inf\swflash.inf
del /F %windir%\inf\swflash.pnf
%Source%Silence\install_flash_player.exe /S
%Source%Silence\install_flash_player_ax.exe /S


The only rule to this list, is that newest version stays, old goes! For older version lookup History list.
---------------------------------------------------
This post is a bit long, and while it may seem hopeless to get through this list i think it serves a few purposes:

#1 - It shows all xp 64bit sp2 updates in its latest form. This means if one installs these updates, every system files (.dll, .exe, .sys etc..) will be of latest version.
#2 - Ultimately it could be used to create a Service Pack 3 for xp 64bit, which this list also goes a long way to show would be nice.
#3 - Troubleshooting issues
#4 - Serving your overkill desire for doing and being totally updated.
#5 - You decide.

For what it's worth i hope you enjoy.
---------------------------------------------

Download sites
Microsoft Support

Hotfix Share - English Windows Server 2003 Hotfix Download And Support - Hotfix Share Rules and Guidelines
http://xp64.ma.cx/ <- quick link courtesy of Passion, tnx!

I also want to add info to any donate link Hotfixshare has if any.
If you have more download links or such, just pm me.
----------------------------------


Tweaks - New options that come with newer drivers/updates/fixes
I list here some additional info that are relevant to the various KB's.
This is not at attempt at bringing you more tweaks, but more info on 'What's new'. As always, it's work in progress..
--------------

With newer TCP Ip drivers, some additional cool stuff are added.

Reference (note that i dont use kb's here referenced, its just for info) :
http://www.speedguide.net/read_articles.php?id=2665
http://support.microsoft.com/kb/949316
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
The properties of this subkey are as follows: Name: TCPCongestionControl Type: REG_DWORD Value: 1
When the value is set to 1, CTCP support is enabled. When the value is set to 0, CTCP support is disabled.


The list - first things first, you need to have Service Pack 2:

Service Pack 2 for Windows XP Professional, x64 Edition
Service Pack 2 for Windows XP Professional, x64 Edition - ISO-9660 CD Image File
The ISO Image file contains the SP2 update.exe as well as support and deployment tools

-----------
Internet Explorer

Update : IE 8 beta 2 works just fine, long story short, ie 8 RC1 and final version will not work properly without explicit knowledge and some manual labour to integrate/slipstream it. For the time being i am strongly recommending to use IE7 instead. IE 8 RC1 screws up your system. DO NOT USE IT! Just trust me on this. Please.

Here follows some quick links to IE7 with updates, I have had IE8 beta 2 installed for near a half year, so this is just what i could find on short notice. I am confident some genius will put together a pack for IE8 that allows proper integration, but let's wait for the final and see how that turns out.

Windows Internet Explorer 7 for Windows 64 bit Client/Server:
http://www.microsoft.com/downloads/deta ... laylang=en

Updates for IE7:

Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB938127)
http://www.microsoft.com/downloads/deta ... layLang=en

Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB960714)
http://www.microsoft.com/downloads/deta ... layLang=en

MS08-073: Cumulative security update for Internet Explorer
http://support.microsoft.com/kb/961260
http://www.microsoft.com/downloads/deta ... laylang=en
MS08-073: Cumulative security update for Internet Explorer





NEW! Additional data needed to keep Windows update empty.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"HonorAutoRunSetting"=dword:00000001

; Add this registry info to avoid KB967715(or running the kb itself) showing up on windows update
; KB967715 already replaced by KB960253.

-----


KB's that *need* specific handling to be installed/Nlite integration failure totally:

http://support.microsoft.com/kb/938464
http://support.microsoft.com/kb/951759
http://support.microsoft.com/kb/956807

http://support.microsoft.com/kb/960715 Microsoft Security Advisory: Update Rollup for ActiveX Kill Bits
http://www.microsoft.com/downloads/deta ... laylang=en
Cumulative Security Update for ActiveX Killbits *must* be installed by method #2, manually (method #1 tested). It also must be updated after internet explorer, goes without saying one could say. This is also true if you update ie after windows install. Hopefully next version of this kb gets 'fixed' for this.

I use method#1 before using nlite or wmp11 slipstreamer. This works without adding additional registry imports or such. I want things to work in simplest ways so for now this is how it will be.

Method #1 - One can use /integrate switch to force kb to be integrated into install image/folder.

Example: KB951759.exe /overwriteoem /integrate:C:\xpsource\ /log:C:\ /nobackup
However, v.3959 is still kept in source. I did this prior to integrating hotfixes with nlite, which may not be ideal, but it works anyway. edit: doing install with /integrate switch after nlite has integrated hotfixes etc, will empty the svcpack.inf. Therefore this must be done prior to nlite.

Method #2 - Guirunonce as example : /quiet /passive /norestart

*** http://support.microsoft.com/kb/961118
Install this update to resolve an issue in which an Inbox Printer driver may be unsigned after you install the Microsoft .NET Framework 3.5 SP1.
- ntprint.cat - digitally signed 09. januar 2009 21:47:57
- Install after installing .Net 3.5sp1

---------------


KB'S I PREFER TO INTEGRATE BY A BATCH FILE before anything else ( (nlite doesnt support direct integration of) with this argument:
'kb123456.exe /integrate:c:\example64installfolder\ /nobackup /passive'


http://support.microsoft.com/kb/919117
A hotfix is available that adds support for GUID partition table (GPT) volumes that are larger than 2 terabytes on a Windows Server 2003-based server cluster
- Updates diskpart.exe to 5.2.3790.4015

http://support.microsoft.com/kb/923845
An update package for Background Intelligent Transfer Service (BITS) is now available for Windows Server 2003 and for Windows XP

http://support.microsoft.com/kb/959194
The transfer speed is very slow when you use the BITS to transfer files on a high latency link on computers that are running Windows Server 2003 or Windows XP Professional x64 Edition
- Updates various BITS files (why didnt they just update it with installer also, then it would replace kb923845 totally)

http://support.microsoft.com/kb/925398
MS06-078: Vulnerability in Windows Media Format could allow remote code execution


http://support.microsoft.com/kb/932716
Description of the Image Mastering API v2.0 (IMAPIv2.0) update package that is dated June 26, 2007

IMAPI_SRV2003_x64 updates files in KB932716 except cdrom.sys - Windows Feature Pack for Storage 1.0 - English (Blu-Ray support)
http://www.microsoft.com/downloads/deta ... layLang=en

http://support.microsoft.com/kb/941560
FIX: A general protection fault (GP fault) error occurs when you restart an outgoing queue in Microsoft Message Queuing 3.0

http://support.microsoft.com/kb/942288
Windows Installer 4.5

http://support.microsoft.com/kb/958756
Windows Installer 4.5 msi.dll update to 4.5.6001.22317 QFE

http://support.microsoft.com/kb/944043
Description of the Windows Server 2008 read-only domain controller compatibility pack for Windows Server 2003 clients and for Windows XP clients


http://support.microsoft.com/kb/961063
security update for DNS server: March 10, 2009
TCP ip drivers +++
Needs registry fix setting for manual install to be in place:

example of registry file import:
"regedit /s %Source%Silence\Setup\kb961063.reg"

--startfile kb961063.reg
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\OC Manager\Subcomponents]
"dns"=dword:00000001
--endfile


http://support.microsoft.com/kb/955839
December 2008 cumulative time zone update for Microsoft Windows operating systems

http://support.microsoft.com/kb/957187
Stop error if you use some OpenType fonts on a computer that is running Windows Server 2003, Windows Vista, or Windows Server 2008: "Stop 0x00000050"

http://support.microsoft.com/kb/957201
A hotfix is available to update the "(GMT-3:00) Brasilia" time zone and the "(GMT-4:00) Manaus" time zone for 2008 through 2009 in Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008

http://support.microsoft.com/kb/959202
The Active Directory Users and Computers snap-in cannot display service principal names (SPNs) that have non-numeric port values when you configure the Delegation properties of a computer account in Windows Server 2003
- updates files from sp2



Optional / Doesn't update files otherwise on xp x64 install media :
--------------------------------------------------------------------------------

http://support.microsoft.com/kb/890830
The Microsoft Windows Malicious Software Removal Tool

http://support.microsoft.com/kb/925876
Remote Desktop Connection (Terminal Services Client 6.0)

http://support.microsoft.com/kb/936970
Error message when you work in a Terminal Services session and save a document in a 2007 Office program to a redirected drive: "There has been a network or file permission error"

http://support.microsoft.com/kb/943729
new Group Policy preferences

Desktop search needs terminal services.

http://support.microsoft.com/kb/917013
Windows Desktop Search 3.01 and the Multilingual User Interface Pack for Windows Desktop Search 3.01

http://support.microsoft.com/kb/915800
Windows Desktop Search document IFilters - updates Desktop Search 3
- mimefilt.dll nlhtml.dll offfilt.dll = 2006.0.5732.0

http://support.microsoft.com/kb/940157
Windows Search 4.0 and the Multilingual User Interface Pack for Windows Search 4.0
http://www.microsoft.com/windows/produc ... stall%20It
http://download.microsoft.com/download/ ... 64-enu.exe

-----

KB's that can be integrated with nlite but are just run from svcpack - Optional! - installation method : KBXXXXXX.EXE /quiet:

http://support.microsoft.com/?kbid=954430
MS08-069: Description of the security update for XML Core Services 4.0: November 11, 2008

http://support.microsoft.com/?kbid=954459
MS08-069: Description of the security update for XML Core Services 6.0: November 11, 2008



KB's that are *integrated* with Nlite. Integrated = no svcpack
-----------------------------------------------------------------------




http://support.microsoft.com/kb/915377
- Updates ntlanman.dll to 5.2.3790.4050

http://support.microsoft.com/kb/919241
Checkdisk util update
- autochk.exe 5.2.3790.4263

http://support.microsoft.com/kb/924667
MFCDLL Shared Library
- wmfc40u.dll 4.1.0.6141 / wmfc42u.dll 6.6.8063.0

http://support.microsoft.com/kb/925066
Previous Versions property page
- twext.dll 6.0.3790.4127

http://support.microsoft.com/kb/925902
- mf3216.dll , user32.dll / wmf3216.dll , wuser32.dll = 5.2.3790.4033

http://support.microsoft.com/kb/929123
MS07-034: Cumulative security update for Outlook Express and for Windows Mail

http://support.microsoft.com/kb/929161
You receive a Stop error message on a Windows Server 2003 SP1-based computer when a device is suddenly disconnected from a host bus adapter

http://support.microsoft.com/kb/930499
You cannot prevent EFS from generating a self-signed certificate when you try to encrypt an EFS file on a Windows Server 2003-based computer

http://support.microsoft.com/kb/931261
MS07-019: Vulnerability in UPnP could allow remote code execution

http://support.microsoft.com/kb/931301
Error message when you attach a device that loads the Serscan.sys driver to a computer that is running Windows Server 2003 Service Pack 2: "STOP: 0x000000c9 DRIVER_VERIFIER_IOMANAGER_VIOLATION"
- Updates serscan.sys to 5.2.3790.4006 from sp2.

http://support.microsoft.com/kb/932039
Two taskbars are displayed, or the Language bar is displayed two or more times on the taskbar, on a computer that is running Windows Server 2003 or Windows XP

http://support.microsoft.com/kb/932168
MS07-020: Vulnerability in Microsoft Agent could allow remote code execution

http://support.microsoft.com/kb/933061
An update is available that improves the stability of the Windows Management Instrumentation repository in Windows Server 2003
- V2 is 5.2.3790.4334

http://support.microsoft.com/kb/933071
The "Effective Permissions" tab may report incorrect permissions in Windows Server 2003
-authz.dll 5.2.3790.4383

http://support.microsoft.com/kb/934273
Applications that use CDO process the current time in an incorrect time zone after you apply DST updates on a computer that is running Windows Server 2003

http://support.microsoft.com/kb/934401
When you run the "Ipconfig /displaydns" command in Windows Server 2003, the results are incomplete

http://support.microsoft.com/kb/934428
Hotfix for Windows XP that adds support for SDHC cards that have a capacity of more than 4 GB
-update from sp2

http://support.microsoft.com/kb/934794
A Windows Server 2003-based computer stops responding when you perform a surprise removal of an IDE device

http://support.microsoft.com/kb/936342
Network communication may be unsuccessful when you use Internet Explorer to connect to a service provider that uses WinHTTP component for Basic authentication in Windows XP or in Windows Server 2003

http://support.microsoft.com/kb/936357
A microcode reliability update is available that improves the reliability of systems that use Intel processors

http://support.microsoft.com/kb/937549
FIX: Random messages may not be processed, and duplicate messages may be processed by the trigger rule when you use the Message Queuing Triggers service to process messages in Message Queuing 3.0

http://support.microsoft.com/kb/938380
After you apply a GPO to redirect a folder to a network share on Windows XP-based or on Windows Server 2003-based client computers, the redirected folder is empty

http://support.microsoft.com/kb/938759
You cannot distribute or install a software package in Windows Server 2003 if the software package contains a very large signed file

http://support.microsoft.com/kb/940349
Availability of a Volume Shadow Copy Service (VSS) update rollup package for Windows Server 2003 to resolve some VSS snapshot issues

http://support.microsoft.com/kb/940526
Audit event ID 560 incorrectly displays the name of a deleted file in an 8.3 file name format if you delete the file at a command prompt in Windows Server 2003, in Windows XP, or in Windows Vista

http://support.microsoft.com/kb/940569
On a computer that has Microsoft Data Access Components 2.8 installed, an application receives an incorrect value for the identity column from a SQL Server 2005 database

http://support.microsoft.com/kb/940848
A hotfix rollup package is available for Microsoft Management Console (MMC) in Windows Server 2003, in Windows XP, and in Windows Vista

http://support.microsoft.com/kb/941140
-updates tape drivers ... models of IBM LTO3 tape drives and IBM LTO4 tape drives

http://support.microsoft.com/kb/941602
The Dmdiag.exe utility does not correctly list the volume information on a Windows Server 2003-based computer that contains more than 1024 volumes

http://support.microsoft.com/kb/942830
MS08-006: Vulnerability in Internet Information Services could allow remote code execution

http://support.microsoft.com/kb/942831
MS08-005: Vulnerability in Internet Information Services could allow elevation of privileges

http://support.microsoft.com/kb/943172
You experience application performance issues after you install the update from security bulletin MS07-043 on a computer that is running Windows Server 2003 or Windows XP Professional x64 Edition

http://support.microsoft.com/kb/943509
Description of the Jet 4.0 Database Engine hotfix package for Windows XP SP2, Windows Server 2003 SP1, Windows Server 2003 SP2, Windows Vista, Windows Vista SP1, and Windows Server 2008: October 23, 2007

http://support.microsoft.com/kb/944653
MS07-067: Vulnerability in Macrovision driver could allow local elevation of privilege
- Updates secdrv.sys to 4.3.86.0

http://support.microsoft.com/kb/944704
When you try to shut down or to restart a Windows Server 2003-based computer that has USB devices connected, the computer stops responding and displays a black screen

http://support.microsoft.com/kb/944829
On a computer that is running an x64-based version of Windows Server 2003, the 64-bit version of the Findstr.exe tool returns no results if the file size is from 2 GB through 4 GB

http://support.microsoft.com/kb/944971
A Cluster node may lose an MNS quorum, and the Cluster service may stop on a Windows Server 2003, Enterprise Edition-based computer

http://support.microsoft.com/kb/945410
A Windows Server 2003-based computer may stop responding when many connections are created and then disconnected if IPsec is configured

http://support.microsoft.com/kb/945553
Once this file is updated, KB is superceeded:
dnsrslvr.dll 5.2.3790.4238 DNS Caching Resolver Service

http://support.microsoft.com/kb/945778
Error message when you install a network adapter driver on a Windows Server 2003 64-bit-version-based computer that has more than 32 processors: "Stop 0x000000D1"

http://support.microsoft.com/kb/946026
MS08-007: Vulnerability in WebDAV Mini-Redirector could allow remote code execution

http://support.microsoft.com/kb/946118
The handle count of the Smlogsvc.exe process continues to increase when you use the "Performance Logs and Alerts" MMC snap-in in Windows Server 2003

http://support.microsoft.com/kb/946198
The print queue status is displayed as "Offline" on a Windows Server 2003-based print server if SNMP is enabled and if the printer devices do not respond to SNMP commands

http://support.microsoft.com/kb/946459
In an Active Directory forest that is running a Windows Server 2008 schema, the Active Directory Users and Computers MMC snap-in may crash when you open the Properties dialog box for a user object from a Windows Server 2003 member server

http://support.microsoft.com/kb/946504
Several WMIxWDM error events are not logged as expected in an x86-based version of Windows Server 2003 that has Service Pack 1 or Service Pack 2 installed
- Updates iologmsg.dll / wiologmsg.dll 5.2.3790.4281

http://support.microsoft.com/kb/946517
FIX: You may be unable to manage IIS by using Server Manager if two threads access IIS at the same time

http://support.microsoft.com/kb/946633
The "Font smoothing" feature has no effect in Windows Server 2003 terminal sessions
- Unique KB update to licdll.dll and winlogon.exe (also old version of win32k.sys 5.2.3790.4277)

http://support.microsoft.com/kb/946813
Windows Server 2003-based IAS servers do not send "access reject" packets to IAS clients when the clients use unknown domain names in authentication requests

http://support.microsoft.com/kb/946924
When a 32-bit process calls the GetRawInputDeviceList function on a computer that is running a 64-bit version of Windows Vista or a 64-bit version of Windows Server 2003, memory corruption occurs

http://support.microsoft.com/kb/947354
The function fails and returns error code 3017 (NMERR_NO_MATCHING_NPPS) when you call the "GetNPPBlobTable" function together with a TAG_INTERFACE_TRANSMIT filter in Windows Server 2003

http://support.microsoft.com/kb/947848
On a computer that is running Windows Server 2003 or a 64-bit version of Windows XP, an application that uses the FlushViewOfFile() function stops responding when you manually disconnect a removable storage device

http://support.microsoft.com/kb/947870
Error message when you run the Icacls.exe utility to set ownership of a file or of a folder on a computer that is running Windows Server 2003 SP2: "Access is denied"

http://support.microsoft.com/kb/948234
A kernel driver cannot be unloaded on a Windows Server 2003-based computer when the Service Control Manager (SCM) incorrectly increases a reference count

http://support.microsoft.com/kb/948570
When you start a 32-bit application in a 64-bit version of Windows Server 2003, a delay occurs

http://support.microsoft.com/kb/948656
A program that allocates a large block of contiguous memory may not start or may intermittently fail in Windows Server 2003 with Service Pack 2

http://support.microsoft.com/kb/948698
You cannot use the Reg.exe utility to access 64-bit registry keys on a 64-bit computer from a computer that is running a 32-bit version of Windows Server 2003

http://support.microsoft.com/kb/948700
After you use the AddIPAddress function to add an IP address in Windows Server 2003, and then you use the "Advanced TCP/IP Setting" dialog box to delete an IP address, the wrong IP address is deleted

http://support.microsoft.com/kb/948963
An update is available to adds support for the TLS_RSA_WITH_AES_128_CBC_SHA AES128-SHA and the TLS_RSA_WITH_AES_256_CBC_SHA AES256-SHA AES cipher suites in Windows Server 2003

http://support.microsoft.com/kb/949483
Stop error when you resume a computer that is running Windows XP or a 64-bit version of Windows Server 2003 from hibernation: "STOP 0x1000007E"

http://support.microsoft.com/kb/949729
When you run an NDISTest on a Windows-based computer that has a RNDIS driver installed, a failure is reported, or the computer may become unresponsive

http://support.microsoft.com/kb/950037
The Netset03.exe tool does not work for non-English language versions of Windows Server 2003

http://support.microsoft.com/kb/950085
The Group Policy Object Editor MMC snap-in displays a Group Policy setting as "Not configured" in Windows Server 2003 when the value of the setting is longer than 1,024 characters

http://support.microsoft.com/kb/950224
Scalable Networking Pack (SNP) hotfix rollup package

http://support.microsoft.com/kb/950323
Event ID 6008 is logged in the System log even though the Windows Server 2003-based computer shuts down successfully

http://support.microsoft.com/kb/950426
You cannot apply the changes that you make on the Access tab of the properties page for an SMTP virtual server on a Windows Server 2003-based computer after you apply hotfix 946517

http://support.microsoft.com/kb/950474
Error message when you run the SharePoint Products and Technologies Configuration Wizard on a Windows Server 2003-based computer: "Application has generated an exception that could not be handled"

http://support.microsoft.com/kb/950676
PING commands to a Windows Server 2003-based computer may fail if you have enabled the Routing and Remote Access service by configuring the "NAT and basic firewall" and "LAN routing" services

http://support.microsoft.com/kb/950762
MS08-036: Vulnerabilities in Pragmatic General Multicast (PGM) could allow denial of service

http://support.microsoft.com/kb/950903
The system may not detect that a logical unit was replaced on a Windows Server 2003-based computer

http://support.microsoft.com/kb/950974
MS08-049: Vulnerability in Event System could allow remote code execution

http://support.microsoft.com/kb/951066
MS08-048: Security update for Outlook Express and Windows Mail

http://support.microsoft.com/kb/951347
A memory leak occurs when you use the IFaxIncomingMessageIterator interface to query incoming fax messages on a fax server that is running Windows Server 2003 or Windows XP

http://support.microsoft.com/kb/951376
MS08-030: Vulnerability in Bluetooth stack could allow remote code execution

http://support.microsoft.com/kb/951410
Devices that stream data over more than two isochronous channels by using IEEE 1394 connections may have choppy or distorted output on a Windows-based computer

http://support.microsoft.com/kb/951531
The W32Time service does not synchronize the CMOS clock time to the Internet time on a Windows XP or Windows Server 2003-based computer after the W32Time service stops

http://support.microsoft.com/kb/951698
MS08-033: Vulnerabilities in DirectX could allow remote code execution

http://support.microsoft.com/kb/951748
MS08-037: Description of the security update for DNS in Windows Server 2003, in Windows XP, and in Windows 2000 Server (client side): July 8, 2008

http://support.microsoft.com/kb/951851
The WebClient service stop responding when you try to map a network drive to a WebDAV shared folder from a Windows Server 2003-based computer

http://support.microsoft.com/kb/951859
A program that runs under the NT Authority\System account does not recognize environment variable changes on a Windows Server 2003-based computer until you restart the computer

http://support.microsoft.com/kb/952145
An application exits unexpectedly when an application that uses remote procedure call (RPC) runtime tries to enter a critical section on a Window Server 2003-based computer

http://support.microsoft.com/kb/KB952206
- Localspl.dll 5.2.3790.4295

http://support.microsoft.com/kb/952312
The Active Directory Users and Computers MMC snap-in sets incorrect ISO country codes for Jersey, for Guernsey, and for the Isle of Man on a Windows Server 2003-based computer

http://support.microsoft.com/kb/952813
In the Power Options item in Control Panel, the "Estimated UPS capacity" field remains unavailable after you reconnect a Smart-UPS device to a Windows Server 2003-based computer

http://support.microsoft.com/kb/952826
Microsoft® Volume Shadow Copy Requestor/Writer Services API DLL 5.2.3790.4308 vssapi.dll

http://support.microsoft.com/kb/952943
Windows Server 2003 MS DTC Hotfix Rollup Package 14
-MS DTCconsole program, updates sp2 files.

http://support.microsoft.com/kb/952954
MS08-046: Vulnerabilities in Microsoft Windows Image Color Management could allow remote code execution

http://support.microsoft.com/kb/953028
On a computer that is running Windows Server 2003 or Windows XP, an application experiences an access violation and then crashes if the computer has more than four cores or more than four logical processors

http://support.microsoft.com/kb/953155
MS08-062: Vulnerability in Windows Internet Printing service could allow remote code execution

http://support.microsoft.com/kb/953176
A handle leak occurs when you call the InitializeClientContextFromToken2 method on a Windows Server 2003-based computer

http://support.microsoft.com/kb/953490
- Hal.dll 5.2.3790.4354 Ntkrnlmp.exe 5.2.3790.4449 Ntoskrnl.exe 5.2.3790.4449

http://support.microsoft.com/kb/953675
Error message when many users log on to a Windows Server 2003-based terminal server through RDP connections: "Winlogon has encountered a problem and needs to close"

http://support.microsoft.com/kb/953829
-updates tcpip6.sys to 5.2.3790.4403 - directly integrated.

http://support.microsoft.com/kb/953955
- Cimwin32.dll 5.2.3790.4403 QFE

http://support.microsoft.com/kb/953988
An application that uses the IEnumVARIANT interface triggers a memory leak, and this causes system performance to decrease on a Windows Server 2003-based computer

http://support.microsoft.com/kb/954057
Call-forwarding function requests from TAPI 2.x clients fail with a "LINEERR_INVALIDPARAM" error on a Windows Server 2003-based telephony server

http://support.microsoft.com/kb/954091
You cannot access the correct DFS shared folders from a Windows Server 2003-based DFS client after the link targets are updated

http://support.microsoft.com/kb/954149
You cannot modify some files under an NTFS junction point after you use the Security Configuration and Analysis snap-in to analyze or apply security settings on a Windows Server 2003-based computer

http://support.microsoft.com/kb/954193
Description of the Jet 4.0 Database Engine cumulative hotfix package for Windows XP SP2 and SP3, Windows Server 2003 SP1 and SP2, Windows Vista, Windows Vista SP1, and Windows Server 2008: July 2, 2008

http://support.microsoft.com/kb/954600 - http://www.microsoft.com/downloads/deta ... laylang=en
- Media Player 6.4 update

http://support.microsoft.com/kb/954896
A stack overflow issue occurs when you use the incorrect name format to enter a user name as a parameter for the TranslateName function on a Windows Server 2003-based computer

http://support.microsoft.com/kb/955069
MS08-069: Description of the security update for XML Core Services 3.0: November 11, 2008
-MSXML 3.0 SP10 8.100.1048.0 - source update.

http://support.microsoft.com/kb/955087
Error message that is triggered by the Fltmgr.sys driver on a computer that is running Windows Server 2003: "Stop 0000008E"

http://support.microsoft.com/kb/955407
A memory leak occurs when you run the "list volume" command or the "select volume" command in the DiskPart.exe utility in Windows Server 2003 or in Windows XP Professional x64 Edition
- diskpart.exe 5.2.3790.4420

http://support.microsoft.com/kb/955417
Protected storage (PStore) uses a lower-quality cryptographic function when the system locale is set to French (France) on a Microsoft Windows-based computer

http://support.microsoft.com/kb/955536
VBScript throws a floating-point exception when the C runtime returns a stale floating-point status flag in a Windows Server 2003 environment
- update over sp2

http://support.microsoft.com/kb/955543
- dmio.sys 5.2.3790.4442 (srv03_sp2_qfe.090108-1308) NT Disk Manager I/O Driver
- update over sp2

http://support.microsoft.com/kb/955549
Wordpad / Richedit update..

http://support.microsoft.com/kb/955575
The InitializeSecurityContext function fails with a status of "STATUS_INSUFFICIENT_RESOURCES (0xC000009A)" when the token size of a security principal is greater than 20,000 bytes in Windows Server 2003

http://support.microsoft.com/kb/955692
Your screen flickers when you start WPF applications in a Windows Server 2003 terminal server session
- This updates direct3d9.dll (DirectX) Still valid for directx 2008.

new addition:
http://support.microsoft.com/kb/955807
An SSL connection may fail when you use Internet Explorer to make the SSL connection to an HTTPS Web site on a Windows Server 2003-based computer
-schannel.dll 5.2.3790.4338 (this is a partial update over other kb)

http://support.microsoft.com/kb/955843
An ADO-based application may stop responding when it uses the adAsyncExecute option to open a Recordset object in Windows Server 2003 or in Windows XP
- Only msado15.dll / wmsado15.dll is needed from this kb. odbc files are updated in http://support.microsoft.com/kb/957585

http://support.microsoft.com/kb/956594
- http.sys HTTP Protocol Stack 5.2.3790.4350

http://support.microsoft.com/kb/956048
An application that calls the Image Color Management (ICM) functions in the Icm32.dll module may crash on a Windows Server 2003-based computer

http://support.microsoft.com/kb/956438
- termdd.sys - 5.2.3790.4454 QFE - Terminal Server Driver

http://support.microsoft.com/kb/956625
After you run Internet Explorer 7 for a long time on a computer that is running Windows XP or Windows Server 2003, Internet Explorer becomes unstable or crashes

http://support.microsoft.com/kb/956802
- gdi32.dll 5.2.3790.4396 GDR

http://support.microsoft.com/kb/957052
The Hbaapi.dll module leaks two handles when the module is unloaded on a system that is running Windows Server 2003, Windows Vista Service Pack 1, or Windows Server 2008

http://support.microsoft.com/kb/957089
FIX: Local activation occurs on the client computer when you install a COM+ application proxy that was exported from a partition other than the Base Application Partition
- which is a update over sp2

http://support.microsoft.com/kb/957271
The Logical Disk Manager Administrative Service process may stop unexpectedly on a Windows Server 2003-based computer
- dmadmin.exe 5.2.3790.4363

http://support.microsoft.com/kb/957492
When you try to start a terminal session to a Windows Server 2003-based computer, the computer may be unresponsive
- updates Oledlg.dll , Woledlg.dll to 5.2.3790.4382 from sp2

http://support.microsoft.com/kb/957585
You cannot easily determine the source of a time-out error when you run a query by using the ODBC SQL Server driver or the OLE DB provider in MDAC on a computer that is running Windows Server 2003

http://support.microsoft.com/kb/957778
Volume Shadow Copy
-Swprv.dll / Vssvc.exe = 5.2.3790.4375 QFE

http://support.microsoft.com/kb/958147
The Member ID field is logged incorrectly in the audit event on a Windows Server 2003 domain controller if you add a user of a different domain to a universal group

http://support.microsoft.com/kb/958246
The logoff process may take a long time when a user makes a terminal session from a Windows Server 2003 terminal server in a trusted domain, and the terminal service roaming profiles are used
- userenv.dll 5.2.3790.4390

http://support.microsoft.com/kb/958353
- updates sorttbls.nls , wsorttbls.nls from SP2.

http://support.microsoft.com/kb/958476
RDP clients and ICA clients cannot connect to a Windows Server 2003-based terminal server after hotfix 938759 is applied to the server

http://support.microsoft.com/kb/958644
MS08-067: Vulnerability in Server service could allow remote code execution

http://support.microsoft.com/kb/958687
MS09-001: Vulnerabilities in SMB could allow remote code execution
- srv.sys 5.2.3790.4425 GDR

http://support.microsoft.com/kb/958910
When you send a print job to an Internet Printer Protocol (IPP) print server from a Windows-based computer, the print job fails and never restarts
- inetpp.dll 5.2.3790.4417 QFE

http://support.microsoft.com/kb/959207
- Ntdll.dll 5.2.3790.4450 Wntdll.dll 5.2.3790.4450

http://support.microsoft.com/kb/959873
-updates Wldap32.dll/Wwldap32.dll to 5.2.3790.4413 from sp2

http://support.microsoft.com/kb/959608
- ntfs.sys 5.2.3790.4409 QFE

http://support.microsoft.com/kb/960007
- ole32.dll 5.2.3790.4413 QFE

http://support.microsoft.com/kb/960028
- winsrv.dll 5.2.3790.4410 QFE

http://support.microsoft.com/kb/960037
- wow64.dll 5.2.3790.4415 / sysmain.sdb update QFE

http://support.microsoft.com/kb/960092
Redirected Drive Buffering SubSystem Driver
- Rdbss.sys 5.2.3790.4414 QFE

http://support.microsoft.com/kb/960225
ksecdd.sys 5.2.3790.4458 Kernel Security Support Provider Interface
schannel.dll 5.2.3790.4458 TLS / SSL Security Provider (+ x86 file=same version)

http://support.microsoft.com/kb/960228
win32k.sys 5.2.3790.4456 Multi-User Win32 Driver

http://support.microsoft.com/kb/960253
- shell32.dll 6.0.3790.4423 QFE

http://support.microsoft.com/kb/960417
- kernel32.dll 5.2.3790.4417

http://support.microsoft.com/kb/960608
- Sctasks.exe / Wsctasks.exe 5.2.3790.4418 updates sp1 files.

http://support.microsoft.com/kb/960652
Stop error when you copy a file from a redirected disk to a Windows Server 2003-based terminal server in a terminal server session: "0x0000007E"
- rdpdr.sys 5.2.3790.4437 QFE

http://support.microsoft.com/kb/960680
A hotfix is available to update the Slovak koruna currency symbol (Sk) to the Euro currency symbol (€) and to update the Turkish currency symbol from Yeni Türk Lirası (YTL) to Türk Lirası (TL)

http://support.microsoft.com/kb/960831
- Virtual Disk Service 5.2.3790.4467

http://support.microsoft.com/kb/960882
- Mrxsmb.sys 5.2.3790.4441 QFE - Windows NT SMB Minirdr

http://support.microsoft.com/kb/961160
- Kerberos.dll 5.2.3790.4439 Wkerberos.dll

http://support.microsoft.com/kb/961180
- ole32.dll 5.2.3790.4428

http://support.microsoft.com/kb/961361
- oakley.dll - Oakley Key Manager - 5.2.3790.4451 QFE

http://support.microsoft.com/kb/961799
- netbt.sys MBT Transport driver 5.2.3790.4452

http://support.microsoft.com/kb/965230
- comsvcs.dll 2001.12.4720.4453 COM+ Services

http://support.microsoft.com/kb/967327
- volsnap.sys Volume Shadow Copy Driver 5.2.3790.4465

http://support.microsoft.com/kb/967587
- sens.dll 5.2.3790.4466 System Event Notification Service (SENS)

http://support.microsoft.com/kb/967663
Only one 32-bit service can print on a computer that is running a 64-bit version of Windows Server 2003 when multiple services are configured to run under one non-SYSTEM account
- Splwow64.exe 5.2.3790.4457

----------------------------------------

New:

Windows Media Player 11 updates.
wmp11 hotfixes last update 27-feb-2009.
I wanted to have everything i needed in one place that i use for the integration process, so i thought why not..

Booogy's 'official' list of Wmp11 Hotfixes can be found here http://www.boooggy.org/slipstreamer/#hotfixes

http://support.microsoft.com/kb/928788 - http://support.microsoft.com/kb/929399 - http://support.microsoft.com/kb/929773
http://support.microsoft.com/kb/932390 - http://support.microsoft.com/kb/933547 - http://support.microsoft.com/kb/935551
http://support.microsoft.com/kb/935552 - http://support.microsoft.com/kb/939209 - http://support.microsoft.com/kb/939683
http://support.microsoft.com/kb/941569 - http://support.microsoft.com/kb/944882 - http://support.microsoft.com/kb/952069
http://support.microsoft.com/kb/954067 - http://support.microsoft.com/kb/954154 - http://support.microsoft.com/kb/959772




------------------------------------------------------------------------------------
For a geek like me, it's an asthonishing great feeling to have everything in its latest version. And now with Vista well out the door, more and more updates for XP x64 is actually stemmed from vista/server 2008, compiled for x64 xp.

[TranceEnergy]

I moved History here and removed empty lines. In an attempt to make threads and post smaller.
---------------------------------------
Rewritten History section :

From 16feb 2009 I am cutting list into newest updates vs old. Changes to follow. Might scrap everything old ?


KB950224 > KB942088
KB952206 > KB955455
KB961160 > KB940925
KB940349 > KB933653

KB960831 > KB959336

KB961799 netbt.sys 5.2.3790.4452 > KB955860 > SP2

961260 > 958215 MS09-002: Cumulative security update for Internet Explorer
960715 > 956391 Cumulative Security Update for ActiveX Killbits
959207 > 944762 Ntdll.dll 5.2.3790.4450


KB953490-v2 > KB956841
KB956841 > KB954434
KB956841 updated! > KB944984 / Kb954434
KB956841, KB944984 is eliminated, also Kb954434.

KB944984 > KB931761 / KB935926 / KB938486 / KB942004 / KB950772 / KB952177 / KB952244 /KB954337

Old --Pre 16february 2009 >>>>>

Explanation: KB950903 replaces KB946448, KB946448 replaces KB939315, KB940467, KB943545 and KB945119 :
KB950903 (5.2.3790.4368) > KB946448 (5.2.3790.4207) > KB946448 / KB939315 / KB940467 / KB943545 / KB945119
KB919241 > KB919241 (new version of same kb) / KB931689
KB944043 > KB925027 / KB940742 Newer version in both KB944043 and KB951531 / (new version of same kb) / KB947861



KB956802 > KB948590
KB954211 And KB948590 (I will sort this out later) :
---------- KB952679 replaced by KB954211 (5.2.3790.4305 vs 5.2.3790.4375)
---------- KB952679 and KB948590 > KB928942 / KB931282 / KB936775
---------- KB952679 > KB944916 / KB946068 / KB951749

KB960028 > KB959338 > KB948928 > KB930178
KB959336 > KB952630 > KB941773 > KB931300



KB959608 > KB953325

KB942835 Newer version by combining KB944984 and KB953325, which together kill KB942835.
This became a bit confusing even to me, when rewriting this.
KB932716 > KB932716 (New version of same KB exists.) / KB949310 Newer version in KB932716-v2
KB951571 > KB933397
KB954429 > KB933906 / KB946331
KB960417 > KB944340 > KB935839
KB953325 > KB937455
KB950574 > KB938134 / KB944200
KB936342 > Newer version of same kb exists.
KB944704 > KB938136
KB950474 > KB938397 / KB945344
KB938759 > Newer version in newer version of same KB.
KB955839 >KB951072 / 957201> KB938977 / KB943000
KB946517 > KB939573
KB958147 > KB950156 > KB939820 (.4250)
KB955843 > KB940046
KB956390 (IE7 GDR update ) > KB953838 > KB941158
KB949483 > KB941716
KB940848 > KB942213 / KB948703
KB953325 > KB942528 / KB949123
KB948963 > KB942841
KB952145 > KB950136 / KB942880 / KB930850 (KB930850 never was in list)
KB948570 > KB943040
KB947870 > KB943043
KB941084 > KB943576 / KB949876 / KB951323
kb944971 > KB943809 (This is strange, but file contains same versions as KB944971, tho this kb is older then kb944971 on dates, so its marked outdated instead.)
KB953176 > KB943875
KB951748 > KB944135 / KB945466 / KB947369 / KB947773 / KB947775 / KB949234 / KB949316 / KB950092
KB948704 > KB944195
KB948046 > KB944203 / KB948046 (Newer version in new version of KB948046)
KB960652 > KB960677 > KB940458 > KB944341 (.4205)
KB955410 (kdcsvc.dll 5.2.3790.4332) > KB944402 KB (.4178)
- removed from list because i could not confirm the existance in xp x64 sp2 media.
KB948698 > KB945219
KB960253 > KB953323 > KB945272
KB950323 > KB945463
KB953419 > KB957749 + 956803 >KB952087 > KB946565 > KB945532
KB961180 > KB953876 > KB947100
KB960037 > KB948931 > KB947634
KB946924 > KB947841
KB952630 > KB949002
KB953675 > KB950094
KB952022 > KB950681
KB958246 > KB953663 > KB951059 (.4278) > KB950928
KB957052 > KB957052 - Update from SP2 - 5.2.3790.4375
KB956391 (Revision 2.0) > kb953839 (1.2)
KB956803 > KB956803 - new addition - updates afd.sys from SP2
KB953155 (win32spl.dll 5.2.3790.4371) > KB953546 (5.2.3790.4301)
KB958820-v2 (KB957877-v2) (KB955066-v2) > KB959252 > KB954211
KB958687 > KB957095 > KB927435 / KB943459 / KB950298
KB957585-v2 > KB945142
KB955455 localspl.dll 5.2.3790.4336 QFE > KB952206 > KB932699
KB955692 (d3d9.dll 5.3.3790.4336) > KB953028

KB960092 > KB944505
KB957778 > KB949391

Windows installer 4.5 > KB939273 (Msi 3.1 update)

KB957187 (Unidrv Printer Driver Resource DLL 6.0.6001.22252) (PCL-XL Printer Driver 6.0.5479.0)
This updates printer drivers found in sp2, drivers from .Net 3.5sp1, and Euro Expansion font package v2 update, all in a single KB.

Microsoft XML Core Services 4.0 : KB954430 > kb941833
Microsoft XML Core Services 6.0 : KB954459 > kb933579

KB957271 dmadmin.exe 5.2.3790.4363 > KB924390
KB953955 > KB956523 > KB952022

958476 > 930045

KB952826 > KB951568
KB955407 > KB951202

KB958756 (msi.dll) > KB958655
---

KB960228 > KB960266 / KB959505 > KB959466 > KB958820
- KB958820 has the same contents as 957877 AND KB955066-v2 does. This isn't the first time i've seen duplicate kb's with different names.
- replaces KB959252
---

[RickSteele]

.....simply awesome, thanks Trance'

[TranceEnergy]

No problem really. I told 5eraph to just yell at me if there are any additional information wanted to add. And that goes for everyone.

I will however point out - I really love the KISS principle (short for Keep it simple stupid, i really should write that on my wallpaper)

Meaning no additional information such as file size, md5sum etc these kind of things, im not interested in adding or keeping track of, nor see any reason why. If there are arguments or wishes for that, then make an reason for it, i dont understand nor see reason what for.

5eraph or any other active xp x64 mod/adm may edit this list as seen fit. I will however try to update the list at least on a weekly basis.

This list superceedes the list on msfn forum, for various reasons, previously mentioned.

[TranceEnergy]

List updated. I just wanted to make small notice that this kb's description.
It's a update for files already found on x64 xp SP2. It isn't Desktop Search 4.0 as we know it today. Actually the KB article references Desktop search 3.0. Anyway, it is updating retail components of xp x64.

For this and probably for many more to come thanks to 5eraph for uploading this to hotfixshare, so it caught my attention. Thanks.

Edit: On second thought, if Desktop Search 4.0 updates the same components, which im going to find out in a few, then this KB would not be needed.

edit 2: This KB is NOT in any way replaceable by installing Desktop search 4.0. So to be perfectly clear:

WindowsSearch-KB940157-Srv2K3_XP-x64-enu.exe Does NOT overrule KB915800, unless for some reason KB940157 downloads or extracts data from archive i dont know about. I took a quick look inside KB940157, and didnt see anything that was a file update over any component in x64 xp. Meaning Desktop search 4.0 is most likely a truly stand alone product. Which is just perfect for me, i didnt like it that much anyway, DS4.0 that is.

[code65536]

Thanks for maintaining this list.

To answer your question,

i dont know if this GDI works like Visual C++ runtimes, or like .dot net versions.

Look in the policies for the assembly in question. For the GDI+ assembly, you will see this:

Code: Select all

<bindingRedirect oldVersion="1.0.0.0-1.0.2600.5581" newVersion="1.0.2600.5581"/>

What that does should be fairly self-explanatory, and will tell you what versions are superseded and what versions are not when a particular assembly is installed.

no additional information such as file size, md5sum

Yea, there's no need for md5sums since all hotfix packages are signed, and that can (and should) be used instead of hashes to verify integrity and authenticity.

[TranceEnergy]

Thanks, but i dont understand how that answears my wondering on GDI. I understand, i think, your gdi example there, but im no genius or programmer etc. Just a guy liking newer file versions a lot

Short of answearing myself:
I do however think it's good to have the various versions of gdi installed, since i see a lot of software bundle their own gdi dll files. I tried some time ago to overwrite a gdi.dll file for wacom tablet driver i think it was, which didnt work, it needed that specific version of it.

Anyho, list is closing in on 170 releases to be able to fully update full xp x64 source.
With IE 8 final coming that number may be nearer or farther away. I haven't bothered with checking the beta versions, as the findings of that could go either way with the upcoming final.


Final IE8 Confirmed for November, Possibly November 1
http://news.softpedia.com/news/Final-IE ... 2876.shtml

However, if that is true, by november (i was hoping like withing 2-3 weeks), 170 would most likely be reached by then.

Having said that, i just realized that my system32 (root of it only) holds 371 files from sp1 (gold) of xp x64 source. (3790.1830)
For quite some time now, there's been coming out kb's for xp x64 that have descriptions of being vista relative. Personally i've even noticed some of my hardware's control programs work better with vista build, both audio driver as well as my tablet.

Therefore, at some point, it could be interesting to make a list of Vista system files, if possible, that works under xp x64, it would require user to have sfc patched and tweaked of course, and perhaps not for the those faint of heart.

[5eraph]

[KB938464] updates GDI. This is stored in WinSxs, this hotfix itself is outdated by [KB951759], however, i dont know if this GDI works like Visual C++ runtimes, or like .dot net versions.

What [the SxS policy code] does should be fairly self-explanatory, and will tell you what versions are superseded and what versions are not when a particular assembly is installed.

Thanks, but i dont understand how that answears my wondering on GDI.

I think what code65536 is saying is that KB951759 supersedes KB938464 because the former contains the following policy code...

Code: Select all

<bindingRedirect oldVersion="1.0.0.0-1.0.3790.4347" newVersion="1.0.3790.4347"/>

...which shows that build 4347 is meant to be used even when build 4278 from the latter update is installed. Build 4278 will never be used, so there's no point in including the older SxS runtime. I don't yet know whether the registry entries installed by the older update are necessary for AU/MU to detect it.

[code65536]

Thanks, but i dont understand how that answears my wondering on GDI. I understand, i think, your gdi example there, but im no genius or programmer etc. Just a guy liking newer file versions a lot

Ah, well I misunderstood your question, then. I thought you were asking if it was like a system library (where new versions always supersede the previous) or if it was like a .NET runtime (where v2 coexists with v1, etc.). Anyway, GDI+ is a system library that is used only if an app was designed and coded to use it, and it is not interchangeable with GDI (since they export totally different functions). As for different versions of GDI+, in theory, they should be interchangeable within the range specified by the policy file (are you sure that it's GDI+, and not some custom wrapper for GDI+?))

Therefore, at some point, it could be interesting to make a list of Vista system files, if possible, that works under xp x64, it would require user to have sfc patched and tweaked of course, and perhaps not for the those faint of heart.

Um, I would not recommend doing that. It really depends on what you mean by backporting. If the backported file has a Vista build number, then a copy from Vista might work (though it's still doubtful, because they may be compiling with different headers and using a different set of libraries during link), but it's still iffy. If the backported hotfix has a 3790 build number, then you should not do that, because those are fixes are something along the lines of this: "Hmm, we just made this fix on the Vista branch; can this fix be adapted for the 2600 branch and 3790 branch?" In those cases, only that particular change to the Vista branch is being brought to 2600 or 3790 (so if you just copied a Vista file over, you'd not only get that, but every single change between 3790 and 6001, which is not advisable). And I wouldn't be surprised if the 3790 version of a particular fix differs from the 6001 version, as the code base is probably different, so a slightly different approach may be needed for the two. IOW, no, do not mix-and-match Vista system files with pre-Vista system files.

[TranceEnergy]

Concerning the issue of the old kb with gdi, as it is , i now consider that solved thanks to the following very helpful guys. I do however puzzle over why windows update was whining to me about it.

In any case all of this made just realize once more how important it is to NOT let tool such as nlite delete the .cat files

5eraph: Thank you, i have been reading these 2 posts for 10 minutes now, and finally managed to get my head around it. I just woke up from a bloody fire alarm. I just couldnt understand it. lol ! =)

code65536 : I wrote that it could be interesting. Anyway it was just that at this point. Could. A possibile adventure for me. Sorry for any confusion that it would have something to do with this list, if that was the case. =)

I'm a bit confused at this point, gdi , gdi+, custom wrapper for gdi+.

you said:
. Anyway, GDI+ is a system library that is used only if an app was designed and coded to use it, and it is not interchangeable with GDI ..

This leads me to believe my suspicions are true, since that is what i basically said except for the part with not interchangeable with GDI. I'm sorry but i dont understand or remember what 'interchangeable' means. Ill look it up.

I found that Adobe CS3 i have installed, have at least 4 different file versions of gdiplus.dll
however, i did a quick test, i just moved gdiplus.dll out of program folders to desktop, and those programs started without it.

Sorry for any confusion, not all things translate very well. Ill lookup google now.

[TranceEnergy]

Concerning http://support.microsoft.com/kb/957201

which says:

Note
We recommend that you install the August 2008 cumulative time zone update for Microsoft Windows operating systems (hotfix 951072) before you install this hotfix. Installing hotfix 951072 after this hotfix will reset the DST configuration for the Brazil time zones to a previous state.

--------
What does "reset DST configuration" mean? So does one need both Kb's? This and Kb951072 i mean.
File wise there's no additional or fewer files difference, 957201 is v.4370 vs 4324 for 951072 i think it was.

[code65536]

So does one need both Kb's?

Yes. This is not cumulative.

957201 is v.4370 vs 4324 for 951072 i think it was.

The file versions are irrelevant for TZ hotfixes. You can even discard the tzchange.exe tool afterwards; for TZ hotfixes, there is one and only one file that you need to pay attention to: update_[branch].inf (there should be no differences between the branches for TZ hotfixes beyond the name of the branch). In the end, the only thing of substance changed by a TZ hotfix is the registry.

[ricktendo64]

How do we merge them?

The AddReg is easy but not sure about the tzchange switch stuff

if somebody could post the new switches for "Central Brazilian Standard Time" and "E. South America Standard Time" this would be nice (not 100% sure how to merge the first two or if I should fully replace the second)

[TranceEnergy]

In the end, the only thing of substance changed by a TZ hotfix is the registry.

Thank you btw!
Okay forgive me if this then sounds stupid, but can one just import some registry keys/reg file then which would do the same job?

Because that would be nice, cap off 2 KB at once and save also some megabytes even.

[5eraph]

It's more than just registry entries, guys. All time zone updates also include command lines that must be executed. For example, the following are necessary for KB957201. KB951072 includes many more.

Code: Select all

[ProcessesToRunBeforeArchive]
    "%sourcepath%\SP2QFE\tzchange.exe /A ""Central Brazilian Standard Time"" /S 10 6 3 23 59 59 0 /E 2 6 2 23 59 59 0 /D -60 /R 0 /B 240 /G /I 2147483720 /T ""%Central_Brazilian_Std%"" /L ""%Central_Brazilian_Dlt%"" /N ""%Central_Brazilian_Display%"\
""
    "%sourcepath%\SP2QFE\tzchange.exe /F ""Central Brazilian Standard Time"" /S 10 6 3 23 59 59 999 /E 2 6 2 23 59 59 999 /G /K 957201"
    "%sourcepath%\SP2QFE\tzchange.exe /F ""E. South America Standard Time"" /S 10 6 3 23 59 59 999 /E 2 6 2 23 59 59 999 /G"

EDIT: Heh. 957201 is an anagram of 952071.

[ricktendo64]

OK I just figured it out, /K 957201 was messing me up but now that I know what it does its all good

[TranceEnergy]

I noticed that anagram too, it was kind of confusing, i kept having to doublecheck what file i was looking into.

To me it looks like Tzchange.exe is just a modified tool like reg.exe, just that tzchange only does timechange operations.

Having said that, i'm going out on the plank and say that to me, it looks like one can just save
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones
and HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Time Zones
into a registry file then import at install or so on. Again, that's what this looks like to me.
Of course after installing these 2 kb's.

Since i have nothing better to do, im going to try that and see if windows update agrees.

[ricktendo64]

MU does not care what the timezones end up like, it only checks the TZVersion (it may also look at KBLast which is what /K switch does) but it cannot know if your timezones are correctly imported

[code65536]

All time zone updates also include command lines that must be executed.

...command lines that ultimately result in changes in the registry. I only said that it boils down to the registry; I didn't say that it was all in the INF.

[TranceEnergy]

I'm sorry guys but even with http://support.microsoft.com/kb/951759 integrated and leaving out http://support.microsoft.com/kb/938464, 938464 still shows up on windows update. I have checked,double,triple checked. I am using nlite and integrating them. I have gone through manual display reports etc. This biatch wont go away.

I am however using a set of custom removals, but as far as i know i dont touch anything gdi or policies wise.

Furthermore i could find no trace of 951759 inside winsxs folder, or for that matter, anywhere else, when i only had select to integrate 951759. Just .3959 was present. (sp2 source)

Immidiately upon manually installing 938464, i can find that in winsxs etc.

So until i figure out what the hell is going on here, 938464 is going back in on the list.
I would like to clean it out, but as of right now, 951759 is problematic in itself.
According to 951759 article kb information it does not replace any other KB's. And perhaps for once thats right.

If any of you have a different experience let me hear it, but i need to know that things just "work". In theory i was totally buying that it was replaced, but that's just it, theory.

I am doing a reinstall later on with BOTH kb's and come with a confirmation on what the status is for sure. I think i didnt have any issues with both kb's integrated in iso image, but i want to be 100% sure, not 99%. All attempts are made on a real computer, not vm.

[5eraph]

The following registry entries are necessary for MU to properly detect KB938464. They're in the update pack.

Code: Select all

HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB938464","Backup Dir",0,""
HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB938464","Comments",0,"Security Update for Windows XP (KB938464)"
HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB938464","Fix Description",0,"Security Update for Windows XP (KB938464)"
HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB938464","Installed",0x10001,1
HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB938464","Installed By",0,"5eraph's Post-SP2 Update Pack"
HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB938464","Installed On",0,"Version 2008-09_1"
HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB938464","Service Pack",0x10001,3
HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB938464","Valid",0x10001,1
HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB938464\File 1","Flags",0,""
HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB938464\File 1","New File",0,""
HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB938464\File 1","New Link Date",0,""
HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB938464\File 1","Old Link Date",0,""

[TranceEnergy]

I hear you 5eraph. But that doesnt help the situation at all. =) I am saying i integrated 951759
And it isnt anywhere to be found after windows is finished installing. I literally only could find v.3959 version.
So if the problem was that the KB wasnt detected and i had the files, then i would be helped by that registry information you provided there, but that is not the case. Am i missing something? If so i dont know what.

FYI: I dont have any problems with any of these KB's not being detected when they are installed. 951759 just wont install as far as i can see for the moment.I installed both numerically order now and they are both detected. But forget that since thats not the problem here.

[5eraph]

Can nLite integrate KB938464? If so, then I don't see why it can't integrate KB951759.

I plan on using the files from the newer update with the code snippet I posted above. It's incredibly easy to integrate: just copy the ASMS folder from the update package into the AMD64 folder. I also include the CAT from the update folder, but I'm not entirely convinced it's necessary with SxS binaries.

[code65536]

If you are finding the older version in WinSxS, then nLite is not integrating is correctly. The older version should not even exist. I haven't used nLite in a long time, so I don't know why it doesn't work with nLite; maybe they have problems with ASMS in general?

And yea, you also need those registry entries to let WU know that you have installed the hotfix, but let's not worry about that until you get the bigger problem fixed.

5er, no, the CAT in the update folder is not needed for SxS installs.

[TranceEnergy]

5eraph: yes i think nlite can integrate 938464. See Post 2. As i remember i checked with that kb as well.
However, since i dont trust myself ill give an definitive answear when i reinstall later.
I will redo post 2 with info on what KB's was selected for integration also, later on. Sorry for late answear, power went offline in whole city for a few hours, and then internet too afterwards. If it aint one thing, it is always the other, imho.

Edit/update: Grrr... It seems like nlite doesnt update GDIplus.dll at all.
I can't believe this, i know i had it installed, but i also did other changes to my unattended install, but nothing that makes sense that this KB (or any other for that matter) would be interrupted. I dont remove anything at all with nlite so unless it is possible it could be fubared during prelogin stage of guirun once batch file, i dont have a clue. On second thought, it cant be that either, so i dont have a clue... =)

So basically, for the time being, i as in anyone has to install relative KB update "manually" meaning running it as an "addon" ?

[TranceEnergy]

This is a great one!

http://support.microsoft.com/kb/957187

This updates printer drivers found in sp2, drivers from .Net 3.5sp1, and Euro Expansion font package v2 update, all in a single KB. It also updates at least one other older KB, but i can't figure out what that was at this time (not present in current new list). I am seriously looking forward to testing this with my next reinstall in a few hrs.

[TranceEnergy]

Might as well use this opportunity to ask for something that this post is the very example of :
namely that it is a post replying to myself.

so #1 : Is it not possible to see threads by last edit instead of last post? (checking after this in profile,but that should be default if possible imho..(for any forum ))

#2 on topic: My post 2 steps up is updated.

#3 this GDI integration thing with nlite, should be reported to nuhi yes?

[5eraph]

1. I don't believe it's possible. I wish it were. Then I wouldn't have to bump my own threads/releases when I update them.
2. 
3. Yes, nuhi may want to know about it.

[TranceEnergy]

Sent a pm to nuhi. According to my post #2 here, both of the GDI KB's are successfully integrated according to nlite itself. So obviously something is up. Removed 938464 from list(ed:and added it back in). Moving 951759 into 'manual'.
Hopefully this gets resolved not within eternity so thread can be cleaned up.

[RogueSpear]

I don't know if this is anything worthwhile or not, but it looks like MS updated the x64 installer for WMP11.

http://www.microsoft.com/downloads/deta ... layLang=en

[code65536]

it looks like MS updated the x64 installer for WMP11

The "Date Published" field at the download center is not a reliable indicator of the age of the package. There have been countless incidents where Microsoft bumped the "Date Published" field for whatever reason (usually for some wording change on the download page) without changing the package at all. Age should be determined by the timestamp of the package's digital signature, which in this case is 4 Jan 2007. They did the same thing with the 32-bit package earlier this month.

[RogueSpear]

Yea, I know that they sometimes randomly rev the date published, but I actually saw this on microsoftpost.com, which in my experience, is a fairly good indicator. Granted sometimes all that has been done is the installer itself is updated somehow rather any of the code contained within..

This was the case with the x86 WMP11 installer back in August IIRC.

[TranceEnergy]

Nuisance edit:

KB957052 - Update from SP2 - 5.2.3790.4375
KB950903 - Replaces KB946448 - New version 5.2.3790.4368 vs old 5.2.3790.4207
KB954434 same version as 954429, except in 954434 it's GDR version.
-----
Method #1 - One can use /integrate switch to force kb to be integrated into install image/folder.

Example: KB951759.exe /overwriteoem /integrate:C:\xpsource\ /log:C:\ /nobackup
Which works for me. However, v.3959 is still kept in source. I did this prior to integrating hotfixes with nlite, which may not be ideal, but it works anyway.
-----
Your thoughts are appreciated on this. I haven't received any rep from nuhi yet.
At least this works to get it installed, and one doesnt need to install it via other methods.
Looking into svcpack.inf at the kb install order, looks quite messy, and nlite doesnt change kb951759's position in that "list", it stays on top here when i did integrate that kb951759.

Whether or not it is a good thing that v.3959 stays i dont know, but i dont think i can blame it on the kb's integrate switch since i dont think it would try to remove the old version (.3959).

Looking at svpack.inf made me think of another question whether or not those kb's are listed as they are when i select them in nlite. But there's also the wmp11 slipstreamer kb's to take into consideration.
I could take a guess here, but there are others out there who ARE qualified to answear that pondering of mine.

update: 938464 refusal

Even with the registry information posted by 5eraph that was for 938464, that is present with KB951759 (by default btw, except for installation date and install user, which are empty), it still shows on windows update(938464 that is). Even when KB951759 is installed with /integrate switch into the windows source folder. This biatch just wont die.

wmp11 x64 installer :

Indeed it is updated. KB925749 has been updated inside the installer, what the actual change is i dont know at this moment.

[TranceEnergy]

Currently got the flu, but still here

http://support.microsoft.com/kb/956390
MS08-058: Cumulative security update for Internet Explorer

http://support.microsoft.com/?kbid=956391
Microsoft Security Advisory: Cumulative security update for ActiveX

http://support.microsoft.com/kb/956803
MS08-066: Vulnerability in the Microsoft Ancillary Function driver could allow elevation of privilege

http://support.microsoft.com/kb/953155
MS08-062: Vulnerability in Windows Internet Printing service could alle codeote code execution

Version history
--------

KB953838 replaced by KB956390 - IE7 GDR update
kb953839 replaced by KB956391 - Revision 1.2 vs 2.0
KB956803 - new addition - updates afd.sys. Afd.sys is found in several kb's, i wish they could merge em, sigh..

KB953546 - Newer version inside kb953155 (win32spl.dll ver:5.2.3790.4301 VS ver:5.2.3790.4371)


- Cleanup time! - :

http://support.microsoft.com/kb/954211
MS08-061: Vulnerabilities in Windows kernel could allow elevation of privilege

http://support.microsoft.com/kb/956841
MS08-064: Vulnerability in Virtual Address Descriptor manipulation could allow elevation of privilege


http://support.microsoft.com/kb/957095
MS08-063: Vulnerability in SMB could allow remote code execution


Version history:

KB952679 replaced by KB954211 (5.2.3790.4305 vs 5.2.3790.4375)

KB944984 : KB956841 updates ntkrnlmp.exe and ntoskrnl.exe to 5.2.3790.4354
It does note update hal.dll but since newest version of hal.dll is in KB954434, KB944984 is eliminated.

KB927435 : Newer version in KB957095 (srv.sys 5.2.3790.4161 vs 5.2.3790.4363)

KB943459 : Newer version in KB957095 (srv.sys 5.2.3790.4222 vs 5.2.3790.4363)

KB950298 : Newer version in KB957095 (srv.sys 5.2.3790.4262 vs 5.2.3790.4363)

KB932699 Newer version in KB952206 (localspl.dll 5.2.3790.4087 vs 5.2.3790.4295)

[oao]

It would be generally helpful to have also the post dates of each fix.

One advantage of this would be that at any point we could compare the date of the latest pack with the dates on the list and would know which posted after the pack and are not included.

Since the current pack is from April, it would be necessary to add dates only to the latest fixes -- past and future -- that are not in the latest pack, which is much easier than adding dates to all past fixes.

[TranceEnergy]

That's not going to happen. Also i think you are confusing this list with 5eraph's update pack. For me to make a update pack out of this, would involve so much more then i'm capable of, not that i havent tried finding answears, but that's another story.

Currently what would be much more interesting would be f.example a download list that folks could download, which i think people could like.

F.ex for firefox, downthemall plugin. Possibly i could make a list of all downloads, and export that list and keep it updated here.

However, it would require users here to have that.
The pro's and cons are obvious, the good thing is it would be a very fast way to get hold of every kb.

[TranceEnergy]

Lists updated:

I have found some kb's, quite a few actually, that i can find no evidence of being XP x64bit native, all though they will install just fine, their usage seems to me to be none. The thing is that some of these Kb's are saying they are for xp x64 sp2, but it doesnt make sense. Some kb's are just for 2003, or at least 1 was just for the Itanium version of xp x64. Which i dont think is any common at all.

In any case, i have removed the following from the lists.

KB931685 , KB939383 , KB945921 , KB947186 , KB947498 , KB948701 , KB948925 , KB950310 and KB950574.

edit: - also these: KB941084 , KB951571 , KB956548

Of course, if anyone disagrees with any of these KB's being removed and there's valid reason to put it back in, that will naturally happen.

I would like to take the follow up for an immidiate discussion:

The question is simple, Does it belong to xp x64 or not? :
The thing to keep in mind, is if these KB's (as other kb's too) are an update for other packages, such as support tools.

KB941602 installs dmdiag.exe 5.2.3790.4235
This isnt a update, but it does work on xp x64.
While it does work, i dont see it as essential or native x64, so i think i can remove it?

KB946459 installs adsiedit.dll 5.2.3790.4277
The Kb article information about this i found to be controversial, it doesnt make sense to me.
It seems to be also update for windows server 2003 support tools (same as xp x64 support tools).

KB952312 - While the KB information says it doesnt apply to Xp x64, it does indeed install, and register itself into the registry (dsprop.dll)

That's the 3 kb's im not really sure about, the other's i think can be forgotten, i will look into it later.

Other changes:
I will be adding a single line of what each KB updates, to a certain degree.
This as a reminder to myself mostly, sort of a verifier line that the KB is validated, that it has a purpose. This will take some time tho.

[TranceEnergy]

Added KB958644 - a GDR update over SP2 netapi32.dll / wnetapi32.dll to v. 5.2.3790.4392 - Not tested with nlite integration yet.

KB953028 replaced by KB955692 - d3d9.dll 5.3.3790.4293 vs 5.3.3790.4336
- also not tested with nlite integration yet.

Concerning KB955692 please note it says in the KB information that it is not meant for Windows xp x64 , yet it installs perfectly (manual tested) and the direct3d9.dll gets updated. This KB is a perfect example of why i find keeping this complete list alive.

Will add a new post when this is done. I only post results based on real installation atm, so it should be safe for all.

[TranceEnergy]

added http://support.microsoft.com/kb/956807

Recently added KB's are working with nlite integration , tested on real install. KB956807 i add to manual integration, i dont see any reason why nlite integration would work with this KB when it does not for the other two GDI updates.

update: added http://support.microsoft.com/kb/931301
The x86 version of this kb exist at hotfixshare, the x64 does not. Tested and confirmed nlite integration working, with real install as always.

update 2: Added KB959252 which replaces KB954211.

[TranceEnergy]

History section rewritten.

KB953663 replaced by KB958246

Made some larger changes to list.
gone over the last 4 weeks of hotfixshare and did some updating:


Adding...

http://support.microsoft.com/kb/955860
High CPU usage occurs for six seconds on a Windows Server 2003-based computer that has multiple network adapters
- updates netbt.sys 5.2.3790.4356 from SP2.

added to history:
-KB930850 old replaced by KB952145 (new upload, "old" kb)

new addition:
http://support.microsoft.com/kb/955807
An SSL connection may fail when you use Internet Explorer to make the SSL connection to an HTTPS Web site on a Windows Server 2003-based computer
-schannel.dll 5.2.3790.4338 (this is a partial update over other kb)

new addition:
http://support.microsoft.com/kb/957089
FIX: Local activation occurs on the client computer when you install a COM+ application proxy that was exported from a partition other than the Base Application Partition
- which is a update over sp2

new addition:
http://support.microsoft.com/kb/957492
When you try to start a terminal session to a Windows Server 2003-based computer, the computer may be unresponsive
- updates Oledlg.dll , Woledlg.dll to 5.2.3790.4382 from sp2


Note:

I have yet to doublecheck the KB's i removed not long ago if they should get back in the list. At the time, i could not find any filename reference or such. However, there is the added possibilty one does not without 3d party software installed. I am certain one recent new KB that was with Intel adapter whatever can be useful.

However, here's the problem. I would need either some document that states the driver is for xp x64 sp2, or i would need the hardware.

I'm confident i will figure all that out. In time, when also time allows.

[TranceEnergy]

Happy birthday Cosmocat!

May you live forever to paradise and beyond!

Skål!!!! =)


Added http://support.microsoft.com/kb/933071 - QFE update from SP2.
Added http://support.microsoft.com/kb/957585 replaces KB945142.

[TranceEnergy]

Happy Days!

All KB's have now been confirmed manually by checking file existances against XP x64 sp2 media.
I only found 1 to remove, KB955410.

Now begins setting up a list of these kb's removed if they can be reinset to list when/if found the software to which these kb's are an update for.
The plan is basically to start from scratch here and install all available windows additional components and go from there.

update: Even after adding all available additional xp x64 components, windows update shows no more updates. So far, i am running an additional build to test for Message Queuing, but it all looks good. This might mean i wont have to add any more kb updates for this.

[TranceEnergy]

Added http://support.microsoft.com/kb/934428 an update from sp2

Added http://support.microsoft.com/kb/957877 - replaces KB959252 , win32k.sys 5.2.3790.4401 vs old 5.2.3790.4398

Added http://support.microsoft.com/kb/957097 update over sp2.
I was unsure of this when it first came out, but Kurt Aust says its ok is good enough for me. Thanks. Nlite direct integration confirmed personally.

Please note kb957877 has the same contents as KB955066-v2 does. This isn't the first time i've seen duplicate kb's with different names.

[TranceEnergy]

Added http://support.microsoft.com/kb/957749
- updated dns.exe to 5.2.3790.4374, drivers are of .4318 - same drivers as in kb952087
I really wish nlite would integrate this directly as the rest of the kb's i must manual install. =(

Edit 1: http://support.microsoft.com/kb/933061 is updated to v2.
A hotfix is available that improves the stability of the Windows Management Instrumentation repository in Windows Server 2003
- old = 5.2.3790.4080 new v2 = 5.2.3790.4334

I usually wont comment on updates to kb's, as the links such as they are, stays the same. WMI is however very important to update.

edit 2: Added MS XML history

http://support.microsoft.com/kb/955069 is replacing KB936021
MSXML 3.0 SP10 8.100.1048.0 vs old version MSXML 3.0 SP9 8.90.1101.0

Added : http://support.microsoft.com/kb/953829
-Tcpip6.sys 5.2.3790.4403

From now on i will be replacing the MS comments with just files update or such info. Another attempt to shorten post =)

[TranceEnergy]

Added KB957271 which replaces KB924390 , Added KB956523 which replaces KB952022.
New addition KB955536 , update over sp2.

KB958820-v2 contains win32k.sys 5.2.3790.4401 which is the same as that of kb957877 AND KB955066-v2 does. This isn't the first time i've seen duplicate kb's with different names.
- replaces KB959252 , win32k.sys 5.2.3790.4401 vs old 5.2.3790.4398

edit:Added http://support.microsoft.com/kb/958655 Windows installer 4.5 update.

[TranceEnergy]

Added KB953419 which replaces KB957749 and KB956803. I was hoping they would include an update to DNS cache resolver service driver and DNSApi, all in one 1kb, as it is now its 3 different kb's, still its better then 4 =))

Xmas coming up! It's snowing already =)

edit: Added KB959466 >KB958820
win32k.sys 5.2.3790.4403

Added KB958752 > KB956803 Which for some reason i hadnt in list, ie i blame life. =(
afd.sys 5.2.3790.4392

edit2 : Removed Kb954434. Already superceeded by KB956841, since long in list. This was a cleanup.

[5eraph]

Added KB958752...

Nice find.

[TranceEnergy]

Thanks. While i do use Hotfix site actively, I think list is coming along nicely now too. On that note, the hotfix share isnt always xp x64. I wish there could be a x64 xp unique sub forum there for such KB's but thats dreaming.

While i once thought i could just go ahead and add comments to each of the xp x64 kb's at hotfix site, that wouldnt be so relevant, since its both 2003 x64 and XP x64. Hence the problem. 2003 users wouldnt be interested in that information.

*IF* there was such a sub forum, i'd actively participate in that with comments to each of the KB's, what supercedes what etc. But as i said its 2003/xp x64 so its not so interesting to me then.

Also, the tweaker in me would like to see older QFE kb's deleted, and inbetween GDR versions can be kept. -> Going one step further in this theory, one could link OLDER versions of a kb to the newest version as a substitute, possibly. Tho just simply sticking to newest version > Best imo.

There are very few exceptions, actually i cant think of any at the moment.

[TranceEnergy]

update 05.12.08 - KB959608 replaces KB953325 / KB960028 replaces KB948928.
update 07.12.08 - KB960092 replaces KB944505 / KB957778 replaces KB949391.
update 08.12.08 - KB955839 > KB951072 /KB957201 (timezone changes 12.2008) - need to check this one.
update 10.12.08 - KB956802 replaces KB948590 (gdi32.dll .4396 vs .4237)
KB952826 replaces KB951568 (volume shadow copy)
Added list of wmp11 hotfixes. Because of the recent KB rollout from MS, where yet another IE6 and IE7 update, i removed IE7 permanently. Also removed link /info to outdated flash 6 kb and msn 4.5 update.
update 13.12.08 - New addition KB959202.There were others before it im sure, but havent had time to validate till now. This one is not directly integrateable with nlite,i checked.

[TranceEnergy]

Added KB954600, as i here show links to.

Here's a question: Can i use these download links?

This is the link after i have selected to download:
http://www.microsoft.com/downloads/than ... layLang=en

and this is prior to that:

http://www.microsoft.com/downloads/deta ... laylang=en

Or will these links just time-out eventually? Which im suspecting they do.
In any case i would now like to pursue adding download links.

Ideas anyone? I dont like such long download links, but if i dont have a choice, nothing i can do.