From: Chris Robinson 

It's a lotta stuff!  Do you use the hotfix chainer to install them (so you don't
have to reboot between each one)?

Chris.

"Geo." wrote:

> So today I had to setup a new internal W2K web server. I don't do the
> windows update thing because from time to time it doesn't work right, I
> track and apply patches manually to make sure I get them all. Anyway, I am
> absolute amazed at how much crap I had to apply and I just don't understand
> how MS can even believe people can secure a machine or that THEY can secure
> a machine via windows update.
>
> What am I talking about?
>
> To patch a W2K web server (not secure, just to patch code to current fix
> level):
>
> Install W2K
> Install SP3 so  you can go on the web and get IE6 without getting wormed
> connect to web
> Install IE6 from web
> Install SP3 again since IE6 replaces parts of it
> then install these hotfixes:
> Q321599
> Q326830
> Q323759
> Q323172
> Q326866
> Q328145
> Q323255
> Q327696
> Q329414
> Q329115
> Q329170
> Q810030
> Q810649
> Q810833
> Q324096
> Q324380
> Q324929
> Q328310
> Q329834
> Q318203
> Q815021
> JS56NEN2K (JAVA HOTFIX)
> Q331953
> Q816093
> Q811493
> Q330994
> Q813489
> Q811630
>
> Those done in that order will patch a web server, also if you want you can
> add:
> Q814033
> Q329553
>
> which are critical patches for windows update features (patching the
> patcher?) but are not needed to secure a web server.
>
> Oh, and btw I found my notes on how to change the extension execution order
> so .bat gets run before .exe
> from a command prompt type:
>
> set PATHEXT=.com;.bat;.exe;.cmd
>
> but no promises on what may break if you do that. You should add that to the
> setvars in control panel/system if you want to make the change permanent.
>
> Geo.

--- BBBS/NT v4.01 Flag-4