08.24.01. The "Access Violation in IrDA Driver Can Cause System to Restart" patch eliminates a vulnerability in Windows 2000 that makes it possible for a malicious user to send a specially crafted IrDA packet to a victim's system. This could enable the attacker to conduct a buffer overflow attack and cause an access violation on the system.
08.15.01. The "NNTP Service Contains Memory Leak" patch eliminates a vulnerability in the NNTP (Network News Transport Protocol) service in Windows NT 4.0 and Windows 2000. The NNTP service contains a memory leak in a routine that processes news postings. Each time such a posting is processed that contains a particular construction, the memory leak causes a small amount of memory to no longer be available for use. If an attacker sent a large number of posts, the server memory could be depleted to the point at which normal service would be disrupted.
07.30.01. The "Malformed RPC Request Can Cause Service Failure" patch eliminates a vulnerability in Microsoft Exchange, SQL Server, Win NT 4 and Win 2000 that exists due to several of the RPC servers associated with system services not adequately validating inputs, and in some cases accepting invalid inputs that prevent normal processing.
05.02.01. The "Unchecked Buffer in ISAPI Extension" patch eliminates a security vulnerability in Windows 2000 Server editions that results because the ISAPI extension that is accessed via IIS 5.0 for using the Internet Printing Protocol (IPP) contains an unchecked buffer in a section of code that handles input parameters.
02.27.01. The "Event Viewer Unchecked Buffer" patch eliminates a security vulnerability in a Windows 2000 event viewer snap-in that has an unchecked buffer in a section of the code that displays the detailed view of event records. If the event viewer attempted to display an event record that contained specially malformed data in one of the fields, the code of the attacker's choice could be made to run via a buffer overrun.
02.22.01. The "Malformed Request to Domain Controller" patch eliminates a security vulnerability in a core service running on all Microsoft Windows 2000 domain controllers.
02.06.01. The "Network DDE Agent Request" patch eliminates a security vulnerability in Microsoft Windows 2000 that could, under certain conditions, allow an attacker to gain complete control over an affected machine.
01.31.01. The "Hotfix Packaging Anomalies" tool and patch help customers diagnose and eliminate the effects of anomalies in the packaging of hotfixes for Windows 2000. Under certain circumstances, these anomalies could cause the removal of some hotfixes, which could include some security patches, from a Windows 2000 system.
01.12.01. The "Web Client NTLM Authentication" patch eliminates a vulnerability in a component that ships with Office 2000, Win2000, and Windows Me that could, under certain circumstances, allow a malicious user to obtain cryptographically protected logon credentials from another user when requesting an Office document from a web server.
