Windows 2003 Post Service Pack 2 Hotfixes

Continually Updated

Obsoletes Removed

PLEASE NOTE:

• this list DOES remove obsolete fixes replaced by more current ones -- to my knowledge that sets this one apart from other lists

• my updates come in bursts. I may do three months or more at a time. Check back if you don't see the current date at the bottom.

Compiled by the_guy (April '07 - Aug '08) and FDV (Sept '08 - forward).

Windows 2003 comes with version IE 6. Be careful not to mismatch IE version and hotfixes.

Start here:
Service Pack 2 for Windows Server 2003

April 2007:
925902 - OBSOLETE. Vulnerabilities in GDI Could Allow Remote Code Execution
932168: Vulnerability in Microsoft Agent Could Allow Remote Code Execution
930178 - OBSOLETE. Vulnerabilities in CSRSS Could Allow Remote Code Execution
931784 - OBSOLETE. Vulnerability in Windows Kernel Could Allow Elevation of Privilege

May 2007:
927891 - Resolves an issue in the Windows Installer (MSI). Upgrade to MSI 4.5 below. Listed here for completeness, and not linking it.

June 2007:
924667 - OBSOLETE. Vulnerability in Microsoft Foundation Classes could allow for remote code execution
935840 - OBSOLETE. Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution
929123: Security Update for Outlook Express and Windows Mail
935839 - OBSOLETE. Vulnerability in Win 32 API Could Allow Remote Code Execution.

July 2007:
933854: Description of the security update for the .NET Framework 1.1 for Windows Server 2003
936357: A microcode reliability update is available that improves the reliability of systems that use Intel processors
926122: Vulnerability in Active Directory Could Allow Remote Code Execution. Though this has been replaced by many subsequent fixes, as far as I can tell, one file in it, w03a2409.dll, has never been replaced. Has it been deprecated? I'm not sure.

August 2007:
936227 - OBSOLETE. Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

October 2007:
933729 - OBSOLETE. Vulnerability in RPC Could Allow Denial of Service

November 2007:
943460 - OBSOLETE: Vulnerability in Windows URL Handling Could Allow Remote Code Execution

December 2007:
944653: Vulnerability in Macrovision driver could allow local elevation of privilege

2008

January 2008:
943485 - OBSOLETE. Vulnerability in LSASS Could Allow Local Elevation of Privilege

February 2008:
942831: Vulnerability in Internet Information Services could allow elevation of privileges
942830 - OBSOLETE. Vulnerability in Internet Information Services could allow remote code execution
946026: Vulnerability in WebDAV Mini-Redirector could allow remote code execution
947890 - OBSOLETE. A vulnerability in OLE Automation could allow remote code execution

April 2008:
945553: Vulnerability in DNS Client Could Allow Spoofing
948590 - OBSOLETE. Vulnerabilities in GDI Could Allow Remote Code Execution
941693 - OBSOLETE. Vulnerability in Windows Kernel Could Allow Elevation of Privilege

June 2008:
951698 - OBSOLETE. Vulnerabilities in DirectX Could Allow Remote Code Execution
948745 - OBSOLETE. Vulnerability in WINS Could Allow Elevation of Privilege
953235 - OBSOLETE. This actually links to KB949014 and KB949269. Vulnerability in Active Directory Could Allow Denial of Service
950762: Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service
942288: (download, bulletin) Windows Installer 4.5 Redistributable

July 2008:
953230: This actually links to KB951748. Vulnerabilities in DNS Could Allow Spoofing

August 2008:
952954: Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution
951066: Security Update for Outlook Express and Windows Mail (does not replace 929123)
950974: Vulnerabilities in Event System Could Allow Remote Code Execution
953839 - OBSOLETE. Cumulative Security Update for ActiveX
938127: Vulnerability in Vector Markup Language Could Allow Remote Code Execution

September 2008:
943729: Group Policy Preference Client Side Extensions
954593 - OBSOLETE. Vulnerabilities in GDI+ Could Allow Remote Code Execution
938464 - OBSOLETE. Attacker could remotely compromise Windows system that uses GDI+ and gain control over it

October 2008:
956391 - OBSOLETE. Cumulative security update for ActiveX
956803: Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege
956841 - OBSOLETE. Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege
957095 - OBSOLETE. Vulnerability in SMB Could Allow Remote Code Execution
953155: Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution
954211 - OBSOLETE. Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege. (see also 959252 below in November 2008)
958644 - OBSOLETE. Vulnerability in Server Service Could Allow Remote Code Execution
340178: Windows Server 2003 Service Pack 2 Administration x86 Tools Pack - update

November 2008:
957097 - OBSOLETE. Vulnerability in SMB Could Allow Remote Code Execution
955218 - OBSOLETE. Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (XML 3, 4, 6)
958655 - OBSOLETE. Update to resolve an issue in MSI Installer 4.5
959252 - OBSOLETE. Update to resolve an issue in which you receive a 0x0000008e Stop error after installing 954211

December 2008:
955839 - OBSOLETE. Time Zone Updates
956802 - OBSOLETE. Vulnerabilities in GDI Could Allow Remote Code Execution.
958756 - MSI 4.5 hotfix for msi.dll. Requires special request, not available for simple download.

2009

January 2009:
958687 - OBSOLETE. Vulnerabilities in SMB Could Allow Remote Code Execution

February 2009:
960089 - A security issue has been identified in the Windows Internal Database (WYukon)

March 2009:
960225: Vulnerability in SChannel Could Allow Spoofing
967715: A new shell32.dll file correcting "disable Autorun registry key" enforcement
958690 - OBSOLETE. Vulnerabilities in Windows Kernel Could Allow Remote Code Execution

April 2009:
959454 / 952004: (bulletin): Vulnerabilities in Windows could allow elevation of privilege.
959454 / 956572: (bulletin): Vulnerabilities in Windows could allow elevation of privilege.
959426: Blended threat vulnerability in SearchPath could allow elevation of privilege
960803 - OBSOLETE. Vulnerabilities in Windows HTTP services could allow remote code execution
960477: (OS patch that is non-OS related) Vulnerability in WordPad and Office text converters could allow remote code execution
961373 - OBSOLETE. Vulnerability in Microsoft DirectShow could allow remote code execution
960803 - Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution

May 2009:
There were no fixes for the OS in May 2009.

June 2009:
971055 - OBSOLETE. Vulnerabilities in Active Directory Could Allow Remote Code Execution
961501 - OBSOLETE. Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution
963093: Vulnerability in Windows Search Could Allow Information Disclosure
970238 - OBSOLETE. Vulnerability in RPC Could Allow Elevation of Privilege
968537 - OBSOLETE. Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
970483: Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege
972189 - MSI 4.5 hotfix for msiprov.dll. Requires special request, not available for simple download.

July 2009:
961371 - OBSOLETE. Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution
973346 - OBSOLETE. Cumulative Security Update of ActiveX Kill Bits
971633 - OBSOLETE. Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution
970653 - OBSOLETE. Resolves issues caused by revised daylight saving time and time zone laws in several countries

August 2009:
973908: Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution
973354 - OBSOLETE. Outlook Exporess update
973869: (download, bulletin): DHTML editing component ActiveX control
973815: (download, bulletin): Microsoft MSWebDVD ActiveX Control
969883 - OBSOLETE. Vulnerabilities in WINS Could Allow Remote Code Execution
971032: Vulnerability in Message Queuing Could Allow Elevation of Privilege
971657: Vulnerability in Workstation Service Could Allow Elevation of Privilege
960859: Vulnerability in Telnet Could Allow Remote Code Execution
970927: Vulnerabilities in Remote Desktop Connection Could Allow Remote Code Execution
973811: Link 1 (explanation), Strengthens authentication credentials in specific scenarios
968389: Link 2 (reg setting), Strengthens authentication credentials in specific scenarios
968389: Link 3 (download), Strengthens authentication credentials in specific scenarios

September 2009:
956844: Vulnerability in DHTML Editing Component ActiveX Control
967723 - OBSOLETE. Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution
971029 - Install to restrict AutoRun to only CD and DVD drives

October 2009:
973525 - OBSOLETE. Cumulative Security Update of ActiveX Kill Bits
958869 - OBSOLETE. Vulnerabilities in GDI+ Could Allow Remote Code Execution
971486 - OBSOLETE. Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
969059: (download, bulletin): Vulnerability in Indexing Service Could Allow Remote Code Execution
975254: (download, bulletin): Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution
974571: (download, bulletin): Vulnerabilities in Windows CryptoAPI Could Allow Spoofing
975467: (download, bulletin): Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service

November 2009:
969947 - OBSOLETE. Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
973309 - OBSOLETE. Vulnerability in Active Directory Could Allow Denial of Service. Also called 973037 and 973039
975682 / 969878: (download, bulletin): Vulnerabilities in DirectShow WMA Voice Codec Could Allow Remote Code Execution
975682 / 954155: (download, bulletin): Vulnerabilities in Media Audio Voice Decoder Could Allow Remote Code Execution
975682 / 975025: (download, bulletin): Vulnerabilities in Audio Compression Manager Could Allow Remote Code Execution

December 2009:
975539: (download, bulletin): Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution
974392: (download, bulletin): Vulnerability in LSASS Could Allow Denial of Service
974318: (download, bulletin): Vulnerabilities in Internet Authentication Service Could Allow Remote Code Execution
973904: (OS patch that is non-OS related) Vulnerability in WordPad and Office text converters could allow remote code execution (NOT the same as April 2009 above)
955759: (download, bulletin): AppCompat update for Indeo codec
971737: (download, bulletin): Update that implements Extended Protection for Authentication in Microsoft Windows HTTP Services (WinHTTP)
970430: (download, bulletin): Update that implements Extended Protection for Authentication in the HTTP Protocol Stack (http.sys)
971726: (download, bulletin): Authenticated remote attacker could gain control over system
973917: (download, bulletin): Extended Protection for Authentication in IIS

2010

January 2010:
972270: (download, bulletin): Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution

February 2010:
971468 - OBSOLETE. Vulnerabilities in SMB Server Could Allow Remote Code Execution
975713: (download, bulletin): Vulnerability in Windows Shell Handler Could Allow Remote Code Execution
977165 - OBSOLETE. Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
977935: Link 1 (explanation): Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution
977914: Link 2 (download, bulletin): Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution
975560: Link 3 (download, bulletin): Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution
978037 - OBSOLETE. Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege
978251 - OBSOLETE. Vulnerabilities in SMB Client Could Allow Remote Code Execution
978262 - OBSOLETE. Cumulative Security Update of ActiveX Kill Bits
978706: (download, bulletin): Vulnerability in Microsoft Paint Could Allow Remote Code Execution
976569: (download, bulletin): Update to Dotnet 2 SP2 issued February 22nd

March 2010:
979306 - OBSOLETE. Revised daylight saving time and time zones
973917: (download, bulletin): Strengthen IIS authentication credentials

Please note! As of April 2010, hotfix KB numbers in some cases bear absolutely no relationship whatsoever to the actual KB. In other words, as an actual example, clicking on either KB979309 or KB978601 will bring you to KB981210. Going forward I will do what I can. I know the reason for it, but it's still fucking stupid.

April 2010:
980232 - OBSOLETE. Vulnerabilities in SMB Client Could Allow Remote Code Execution
979309: (download, bulletin): Security update for Windows Cabinet File Viewer Shell Extension
978601: (download, bulletin): Security update for Authenticode Signature Verification
979683 - OBSOLETE. Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
981169 - OBSOLETE. Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution
978338: (download, bulletin): Vulnerability in Windows ISATAP Component Could Allow Spoofing
977816: (download, bulletin): Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution
981832: (download called 976323, bulletin): Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service
981210 - OBSOLETE: Vulnerabilities in SigVerif and CABview Could Allow Remote Code Execution

May 2010:
978542: (download, bulletin): Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution
980232: (download, bulletin): Vulnerabilities in SMB Client Could Allow Remote Code Execution

June 2010:
979559 - OBSOLETE. Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
980195 - OBSOLETE. Security Update for ActiveX Killbits
980218 - OBSOLETE. OpenType Compact Font Format (CFF) Driver Could Allow Elevation of Privilege
977816 - Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution
982666 - IIS vulnerability
979902 / 975562: (download, bulletin): Vulnerabilities in DirectShow Could Allow Remote Code Execution
979902 / 978695: (download, bulletin): Vulnerabilities in Media Format Runtime 9.5 Could Allow Remote Code Execution
979902 / 979332: (download, bulletin): Vulnerabilities in Media Encoder 9 Could Allow Remote Code Execution
979902 / 979482: (download, bulletin): Vulnerabilities in Asycfilt.dll (COM component) Could Allow Remote Code Execution

July 2010:
2229593: (download, bulletin): Vulnerability in Help and Support Center Could Allow Remote Code Execution

August 2010:
2286198 - OBSOLETE. (download, bulletin): Vulnerabilities in Windows Shell Could Allow Elevation of Privilege
980436 - OBSOLETE. Vulnerabilities in Windows SChannel Could Allow Elevation of Privilege
982316: (download, bulletin): TAPI Update
2160329 - OBSOLETE. Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege
982214 - OBSOLETE. Vulnerabilities in SMB Server Could Allow Remote Code Execution
2115168: (download, bulletin): Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (does not replace earlier. Of course not, why would it. Totally logical.)
2079403 - OBSOLETE. Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (new XML 3)
2264107: (download, bulletin): A new CWDIllegalInDllSearch registry entry is available to control the DLL search path algorithm (it's about fucking time)

September 2010:
975558: (download, bulletin): Vulnerability in MPEG-4 Codec Could Allow Remote Code Execution
981322 - OBSOLETE. Vulnerability in Unicode Scripts Processor Could Allow Remote Code Execution. Also called 2320113
981550 - OBSOLETE. Vulnerability in Local Security Authority Subsystem Service Could Allow Elevation of Privilege.
982000 - OBSOLETE. Vulnerability in Local Security Authority Subsystem Service Could Allow Elevation of Privilege.
983539 - OBSOLETE. Vulnerability in Local Security Authority Subsystem Service Could Allow Elevation of Privilege.
982802 - OBSOLETE. Vulnerability in Remote Procedure Call Could Allow Remote Code Execution
2124261: (download, bulletin): Vulnerabilities in Microsoft Internet Information Services (IIS) Could Allow Remote Code Execution. Also called 2267960
2121546 - OBSOLETE. Vulnerability in Windows Client/Server Runtime Subsystem Could Allow Elevation of Privilege
2141007: (download, bulletin): Extended Protection for Authentication for Outlook Express and Windows Mail
2158563 - OBSOLETE. Cumulative time zone update
2259922 - OBSOLETE. Vulnerability in WordPad Text Converters Could Allow Remote Code Execution
2347290: (download, bulletin): Vulnerability in Print Spooler Service Could Allow Remote Code Execution
2418042 - Vulnerability in ASP.NET Could Allow Information Disclosure
2309312: (download, bulletin): You experience poor performance when you create an IPsec VPN site-to-site connection in Windows Server 2003 (Tcpip.sys version 5.2.3790.4776)

October 2010:
979687 (this is also 2405882): (download, bulletin): Vulnerability in COM Validation in Windows Shell and WordPad Could Allow Remote Code Execution
981957 - OBSOLETE. Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege
982132: (download, bulletin): Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution
2279986 - OBSOLETE. Vulnerabilities in the OpenType Font (OTF) Format Driver Could Allow Elevation of Privilege
2296011: (download, bulletin): Vulnerability in Windows Common Control Library Could Allow Remote Code Execution
2345886: (download, bulletin): Extended Protection for Authentication in the Server service
2360937 - OBSOLETE. Vulnerability in Windows Local Procedure Call Could Cause Elevation of Privilege
2387149: (download, bulletin): Vulnerability in Microsoft Foundation Classes Could Allow Remote Code Execution
982132: (download, bulletin): Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution

November 2010:
2388210: (download, bulletin): Resolves a set of known application compatibility issues with Windows
2345886: (download, bulletin): Implements Extended Protection (EAP) for Authentication in the Server service. Of questionable necessity.
2360937: (download, bulletin): Vulnerability in Windows Local Procedure Call Could Cause Elevation of Privilege
979687: (download, bulletin): Vulnerability in COM Validation in Windows Shell and WordPad Could Allow Remote Code Execution
2296011: (download, bulletin): Vulnerability in Microsoft Foundation Classes Could Allow Remote Code Execution

December 2010:
2440591: (download, bulletin): Vulnerability in Routing and Remote Access Could Allow Elevation of Privilege
2443105: (download, bulletin): Insecure Library Loading in Internet Connection Signup Wizard Could Allow Remote Code Execution
2296199 - OBSOLETE. Vulnerabilities in the OpenType Font (OTF) Format Driver Could Allow Elevation of Privilege
2423089: (download, bulletin): Vulnerability in Windows Address Book Could Allow Remote Code Execution
2207559: (download, bulletin): Vulnerability in Windows Netlogon Service Could Allow Denial of Service
2436673 - OBSOLETE. Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege
2467659 - OBSOLETE. Addresses an issue with the Internet Explorer on the auto-detection of Japanese Encoding JIS
2443685 - OBSOLETE. Cumulative Timezone Update
2440591: (download, bulletin): Vulnerability in Routing and Remote Access Could Allow Elevation of Privilege

2011

January 2011:
2419635: (download, bulletin): Vulnerability in MDAC

February 2011:
2478960: (download, bulletin): Vulnerability in Local Security Authority Subsystem Service Could Allow Local Elevation of Privilege
2476687 - OBSOLETE. Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege
2393802 - OBSOLETE. Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
2485376 - OBSOLETE. Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution
2478953 - Vulnerability in Active Directory Could Allow Denial of Service
2483185 - Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Execution
2496930 - Vulnerabilities in Kerberos Could Allow Elevation of Privilege

March 2011:
2483619, 2481109, 2508062: (bulletin): Vulnerability in Remote Desktop Client Could Allow Remote Code Execution
2479628 - OBSOLETE. Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege

April 2011:
2508272 - OBSOLETE. Active X Killbits
2491683: (download, bulletin): Vulnerabilities in Windows Fax Cover Page Editor Could Allow Remote Code Execution, part 1 (fxscover.exe)
2506212: (download, bulletin): Vulnerabilities in Windows Fax Cover Page Editor Could Allow Remote Code Execution, part 2 (mfc42.dll)
2485663: (download, bulletin): Vulnerability in WordPad Text Converters Could Allow Remote Code Execution
2412687 - OBSOLETE: Vulnerability in GDI+ Could Allow Remote Code Execution
2507618 - OBSOLETE: Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution
2503658 - OBSOLETE. Vulnerability in MHTML Could Allow Information Disclosure
2509553: (download, bulletin): Vulnerability in DNS Resolution Could Allow Remote Code Execution
2510581: (download, bulletin): Vulnerability in JScript and VBScript Scripting Engines Could Allow Remote Code Execution
2506223 - OBSOLETE. Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege
2511455 - OBSOLETE. Vulnerabilities in SMB Client Could Allow Remote Code Execution
2508429: (download, bulletin): Vulnerabilities in SMB Client Could Allow Remote Code Execution (srv.sys, w03a3409.dll)
2508272, 2514666: (download, bulletin): Vulnerability in JScript and VBScript Scripting Engines Could Allow Remote Code Execution
2492386: (download, no bulletin): Application compatability issues

May 2011:
2524426: (download, bulletin): Vulnerability in WINS Could Allow Remote Code Execution

June 2011:
2535512: (download, bulletin): Vulnerabilities in Distributed File System Could Allow Remote Code Execution
2476490: (download, bulletin): Vulnerability in OLE Automation Could Allow Remote Code Execution
2518295: (download, bulletin): Vulnerability in Active Directory Certificate Services Web Enrollment Could Allow Elevation of Privilege
2503665 - OBSOLETE. Vulnerability in Ancillary Function Driver Could Allow Elevation of Privilege
971737 - Extended Protection for Authentication in WinHTTP

July 2011:
2555917 - OBSOLETE. Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege
2507938: (download, bulletin): Vulnerabilities in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege
2544521 - OBSOLETE. Vulnerability in Vector Markup Language Could Allow Remote Code Execution

August 2011:
2570791 - OBSOLETE. Time Zone Updates
2536276: (download, bulletin): Vulnerability in SMB Client Could Allow Remote Code Execution (mrxsmb.sys)
2570222 - OBSOLETE. Vulnerability in Remote Desktop Protocol Could Allow Denial of Service
2567680 - OBSOLETE. Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege
2566454 - Vulnerability in Remote Access Service NDISTAPI Driver Could Allow Elevation of Privilege

September 2011:
2616676 - OBSOLETE. Update to the certificate revocation list. Binary contains an obsolete version of CRYPT32.DLL
2607712 - OBSOLETE. Update to the certificate revocation list. Binary contains an obsolete version of CRYPT32.DLL
2570947: (download, bulletin): Remote code execution if a user opens a legit rtf, txt, or doc
2571621: (download, bulletin): Vulnerability in WINS

October 2011:
2567053 - OBSOLETE. Vulnerabilities in Windows kernel-mode drivers could allow remote code execution
2592799: (download, bulletin): Vulnerability in ancillary function driver could allow elevation of privilege
2564958, 2623699: (download, bulletin): Vulnerability in Microsoft Active Accessibility Could Allow Remote Code Execution
2562485 - OBSOLETE. Vulnerabilities in DNS Server Could Allow Remote Code Execution
948496 - Turn off default SNP features (do not use unless you are affected)

November 2011:
2601626, 2630837 - OBSOLETE. Vulnerability in Active Directory Could Allow Elevation of Privilege
2616310: (download, bulletin): Security update for Active Directory Application Mode (ADAM)
2544893: (download, bulletin): Vulnerability in MHTML could allow information disclosure
2641690 - PROBABLY OBSOLETE: (download, bulletin): Fraudulent digital certificates could allow spoofing. Contains an obsolete version of CRYPT32.DLL, so it's possible the entire fix is obsolete.
2633952 - OBSOLETE. Timezone Updates

December 2011:
2633171 - OBSOLETE. Vulnerability in Windows Kernel Could Allow Elevation of Privilege
2639417 - OBSOLETE. Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution
2618451 - OBSOLETE. ActiveX Kill Bits Cumulative Security Update
2624667 - OBSOLETE. Vulnerability in OLE Could Allow Remote Code Execution
2626416: (download, bulletin): Vulnerability in Active Directory Could Allow Elevation of Privilege
2621146 - OBSOLETE. Vulnerability in Active Directory Could Allow Elevation of Privilege
2620712: (download, bulletin): Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege

2012

January 2012:
2643584 - OBSOLETE. Vulnerability in SSL/TLS Could Allow Information Disclosure
2603381: (download, bulletin): Vulnerability in Windows Object Packager could allow remote code execution
2584146: (download, bulletin): Vulnerability in Microsoft Windows could allow remote code execution
2632503: (download, bulletin): Array elements in very large loops may be returned as undefined in JScript 5.8
2646524 - OBSOLETE. Vulnerability in Windows client/server run-time subsystem could allow elevation of privilege
2644615: (download, bulletin): Vulnerability in Windows Kernel Could Allow Security Feature Bypass
2643584 / 2585542 - OBSOLETE. Vulnerability in SSL/TLS Could Allow Information Disclosure
2643584 / 2638806: (download, bulletin): Vulnerability in SSL/TLS Could Allow Information Disclosure
2669182: (download, bulletin): Known issues that occur when you install update 2509553 for Windows Server 2003. (Tcpip6.sys version 5.2.3790.4662)

February 2012:
2660465 - OBSOLETE: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution
2645640 - OBSOLETE: Vulnerabilities in Ancillary Function Driver Could Allow Elevation of Privilege
2657025: (download, bulletin): Update for 2011 calendar history in Windows operating systems

March 2012:
2671387: (download, bulletin): Vulnerabilities in Remote Desktop Could Allow Remote Code Execution
2641653 - OBSOLETE. Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege
2647170: (download, bulletin): Vulnerability in DNS Server Could Allow Denial of Service
2669182: (download, bulletin): Known issues that occur when you install update 2509553
AD add-on: (download): Monitoring Pack for Active Directory (this is an MSI)

April 2012:
2653956: (download, bulletin): Vulnerability in Windows Could Allow Remote Code Execution
2695962: (download, bulletin): Update Rollup for ActiveX Kill Bits
2681578: (download, bulletin): Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight

May 2012:
2698707: (download, bulletin): Morocco DST Update
2659262: (download, bulletin): Security update for Windows GDI+
2676562: (download, bulletin): Vulnerability in Windows Kernel Could Allow Elevation of Privileg
2681578: (download, bulletin): Security update for CVE-2012-0181

June 2012:
2698365: (download, bulletin): Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution
2709162 - OBSOLETE. Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege
2718704: (download, bulletin): Unauthorized digital certificates could allow spoofing
2707511 / 2711167 - OBSOLETE. Vulnerabilities in Windows kernel-mode drivers could allow elevation of privilege

July 2012:
2718523 - OBSOLETE. Vulnerabilities in Windows kernel-mode drivers could allow elevation of privilege
2728973: (download, bulletin): Unauthorized digital certificates could allow spoofing
2698365: (download, bulletin): Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution
2691442: (download, bulletin): Vulnerability in Windows Shell Could Allow Remote Code Execution
2655992: (download, bulletin): Vulnerability in TLS Could Allow Information Disclosure
2719985: (download, bulletin): XML3
2721691 / 2721693 - OBSOLETE. XML4 and XML6 flaws
2685939: (download, bulletin): Vulnerability in Remote Desktop Could Allow Remote Code Execution
2636391 / 2598479: (download, bulletin): Vulnerabilities in Windows Multimedia Library Could Allow Remote Code Execution
2636391 / 2631813: (download, bulletin): Vulnerabilities in Windows DirectShow Could Allow Remote Code Execution

August 2012:
2705219 / 2733594: (download, bulletin): Security update for Windows Networking Components
2705219 / 2733594 / 2712808: (download, bulletin): A second, different security update for Windows Networking Components
2706045: (download, bulletin): Vulnerability in 64 bit JScript and VBScript Engines Could Allow Remote Code Execution does not apply to 32 bit
2731847: (download, bulletin): Vulnerabilities in Windows kernel-mode drivers could allow elevation of privilege
2661254: (download, bulletin): Increasing the minimum level of encryption on Windows systems

September 2012:
2736233: (download, bulletin is a 404, and MS never fixes 404's, what else would you expect): Security Update for ActiveX Killbits
2733594: (download, bulletin): Vulnerabilities in Windows Networking Components Could Allow Remote Code Execution

October 2012:
2756822 - OBSOLETE. Timezone Updates
2724197 - OBSOLETE. Vulnerability in Windows Kernel could allow elevation of privilege
2749655: (download, bulletin): Security Advisory: Compatibility issues affecting signed Microsoft binaries

November 2012:
2727528: (download, bulletin): Vulnerabilities in Windows Shell Could Allow Remote Code Execution
2761226 - OBSOLETE. Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution

December 2012:
2779562: (download, bulletin): December 2012 cumulative time zone update for Windows operating systems
2748349: (download, bulletin): Corrupted files are found in backup data that is restored by using the Windows Volume Shadow Copy
2770660: (download, bulletin): Vulnerability in DirectPlay Could Allow Remote Code Execution
2758857: (download, bulletin): Vulnerability in Windows File Handling Component Could Allow Remote Code Execution
2783534 / 2753842: (download, bulletin): Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution
2783534 / 2779030 - OBSOLETE. Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution

2013

January 2013:
2798897: (download, bulletin): Fraudulent digital certificates could allow spoofing
2756145 / 2758694 / 2758696: (download xml4, download xml6, bulletin): Vulnerabilities in Microsoft XML 4 and 6 Core Services Could Allow Remote Code Execution (remember XML5 was part of Office 2k3 and 2k7, not part of the OS)
2794119: (download, bulletin): Israel and Libya time zone update

February 2013:
2797052: (download, bulletin): Vulnerability in Vector Markup Language Could Allow Remote Code Execution
2780091: (download, bulletin): Vulnerability in Media Decompression Could Allow Remote Code Execution
2799494 - OBSOLETE. Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
2778344 - OBSOLETE. Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege

March 2013:
2807986: (download, bulletin): Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation Of Privilege

April 2013:
2830914 / 2772930: (download, bulletin): Vulnerability in Active Directory Could Lead to Denial of Service
2830914 / 2801109: (download, bulletin): Vulnerability in Active Directory Application Mode (ADAM) Could Lead to Denial of Service
2828223: (download, bulletin): Vulnerability in Remote Desktop Client Could Allow Remote Code Execution
2829996 / 2808735 - OBSOLETE. Vulnerabilities in Kernel-Mode Driver Could Allow Elevation Of Privilege
2813170 - OBSOLETE. Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
2820917: (download, bulletin): Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) Could Allow Elevation of Privilege

May 2013:
2820197: (download, KB (bulletin is 404, naturally)): Update Rollup for ActiveX Kill Bits
2829361 / 2840221 - OBSOLETE. Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation of Privilege
2836198: (download, bulletin): Update available that allows Authenticode Signing for CSP signatures in Windows XP SP3 and Windows Server 2003 SP2

June 2013:
2839229 - OBSOLETE. Vulnerability in Windows Kernel Could Allow Information Disclosure
2808679: (download, bulletin): Update protects an external network from verifying, via a nested S/MIME email message, whether a URL port on an internal network is open or closed.

July 2013:
2850851 - OBSOLETE. Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution
2834886 / 2848295: (download, bulletin): Vulnerability in GDI+ Could Allow Remote Code Execution
2845142 / 2847883: (download, bulletin): Vulnerability in Windows Media Format Runtime Could Allow Remote Code Execution
2845187: (download, bulletin): Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution

August 2013:
2849470: (download, bulletin): Vulnerability in Remote Procedure Call Could Allow Elevation of Privilege
2863058: (download, KB, no bulletin): Timezone update
2850869: (download, bulletin): Vulnerability in Unicode Scripts Processor Could Allow Remote Code Execution
2873872: (download, bulletin): Vulnerability in Active Directory Federation Services Could Allow Information Disclosure
2859537: (download, bulletin): Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
2847883: (download, bulletin): Vulnerability in Windows Media Format Runtime Could Allow Remote Code Execution

September 2013:
2876217: (download, bulletin): Vulnerability in OLE Could Allow Remote Code Execution
2876315: (download, bulletin): Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation of Privilege
2864063: (download, bulletin): Vulnerability in Windows Theme File Could Allow Remote Code Execution

October 2013:

2847311
2864058
2868038
2862335
2862330
2883150
2884256

November 2013:
0000000

December 2013:
0000000

 

Please note that the latest versions of TCPIP.SYS and TCPIP6.SYS (which are both linked above at Sept 2010 and Jan 2012) are 'special request' hotfixes. This is the only way to get the most current versions.


Other Windows Components: Internet Explorer 6
Obsolete hotfixes will not be listed.
IE Cumulative: (download): Cumulative Security Update for Internet Explorer

I'm sure everyone knows my attitude about IE. I'm not listing other versions. You can find them from the version 6 download link if you need them.

Access based enumeration tool

AD testing tool

Profile deletion utility

Other Windows Components: .NET
There are WAY too many of these, and I am not clear on whether they replace each other or are cumulative anyway. Sorry. Dot net is a mess on Windows. It should be a complete cumulative install like the way IE is done with each hotfix.

Roots Update direct download link last updated September 25 2007
Windows Script 5.7.0.16535 direct download link

MS Server 2003 fixes link