This service pack also reenables the windows update feature in case you disabled it. Frequently contacting the Microsoft website and its computers without notifying you. Only Microsoft knows what information it is grabbing off your computer. Just another indication of sneaky behavior. We generally recommend to customers that have spent considerable time "stripping" windows of programs they don't want activated and disabling features that could compromise the system to "leave it alone" if it's working fine. Don't apply service packs. Rely on your firewall, antivirus software, and what you have done. It's much safer.

The full articles on these "Q" numbers are available at the Microsoft Windows 2000 Support Site. here .

1. Q258060 - Resolved Vulnerability in the SMAPI Port

2. Q259166 - UNC Path Can Be Used to Start Programs by Using .chm Files

3. Q259622 - Command Processor May Not Parse Excessive Arguments Properly

4. Q257870 - Malformed Print Request May Stop Windows 2000 TCP/IP Printing Service

5. Q267868 - Renaming CD-ROM Drive Creates Share to Which Everyone Has Full Permission

6. Q267866 - Buffer Overflow in Network Monitor May Cause Vulnerability

7. Q262388 - Denial-of-Service Attack Possible from Linux RPC Client

8. Q268082 - DNS SOA Record May Reveal Administrator Account Name

9. Q264345 - False URL Can Steal or Set Cookies for Different Domain

10. Q260197 - Interactive Logon Allows Unauthorized Actions in Desktop Process

11. Q260219 - High Encryption Pack Does Not Protect Windows 2000 Private Keys

12. Q260927 - Windows 2000 with Blank Administrator Password Vulnerable During Setup

13. Q266794 - Windows 2000 SNMP Registry Entries Are Saved in Plain Text Format and Are Readable

14. Q262694 - Malicious User Can Shut Down Computer Browser Service

15. Q260853 - Security Concern with Share-Level Security and Terminal Services

16. Q269523 - Service Control Manager Named Pipe Impersonation Vulnerability

17. Q269239 - NetBIOS Vulnerability May Cause Duplicate Name on the Network Conflicts

18. Q262509 - Patch Available for the Frame Domain Verification, Unauthorized Cookie Access, Malformed Component Attribute, and WPAD Spoofing Vulnerabilities

19. Q269049 - Registry-Invoked Programs Use Standard Search Path

20. Q267868 - Renaming CD-ROM Drive Creates Administrators Share to Which Everyone Has Full Permission

21. Q272743 - HTML E-mail Link Transmits User Name and Password to Unauthorized Server

22. Q272303 - RPC Server Service Stops Responding if a malicious user transmits a malformed Remote Procedure Call (RPC) client packet

23. Q271641 - The Configure Your Computer Wizard Sets Blank Recovery Mode Password

24. Q272736 - Windows 2000 Still Image Service Exposes User Elevation Vulnerability

25. Q281492 - Windows Installer Allows Files To Be Written to NTFS Protected Directories

26. Q282806 Telnet Service Prevents an Idle Telnet Session from Timing Out

27. Q285156 Windows 2000 Event Viewer Contains an Unchecked Buffer

28. Q285851 Patch Available for Network DDE Agent Request Vulnerability

29. Q285985 Patch Available for New Variant of File Fragment Reading via .HTR Vulnerability

30. Q286043 Patch Available for Telnet Logging Vulnerability

31. Q287397 Patch Available for Malformed Domain Controller Service Request Vulnerability

32. Q287912 Predictable Named Pipes Could Enable Privilege Elevation with Telnet

33. Q288855 FTP Service Allows Login to Domain Guest Account

34. Q289243 Forged SID Could Result in Elevated Privileges in Windows 2000

35. Q289782 INFO: Post Windows 2000 Service Pack 2 COM+ Rollup Hotfix 8 Is Available

36. Q292435 Invalid RDP Data Can Cause Memory Leak in Terminal Services

37. Q293826 Pattern-Matching Function Can Cause Access Violation on FTP Server

38. Q294370 Updated Patch for Microsoft Security Bulletin MS00-060

39. Q294379 Addressees Appear in Body of SMTP Message Instead of the Header If You Specify Many Addressees

40. Q294391 Malformed Request to Domain Controller Can Cause Memory Exhaustion

41. Q294774 IIS Loads ISAPI Extension In-Process Even When Application Is Marked for High Isolation

42. Q295534 Superfluous Decoding Operation Can Allow Command Execution Through IIS

43. Q296185 Patch Available for New Variant of the "Malformed Hit-Highlighting" Vulnerability

44. Q297860 IIS 5.0 Security and Post-Windows NT 4.0 SP5 IIS 4.0 Patch Rollup

45. Q298009 Cipher.exe Security Tool for the Encrypting File System

46. Q298012 Malformed RPC Request Can Cause Service Problems

47. Q298340 Patch Available for WebDAV Denial of Service

48. Q299553 Logon Command That Contains a Particular Malformation Causes an Access Violation in the Telnet Service

49. Q299687 Function Exposed By Using LDAP over SSL Could Enable Passwords to Be Changed

50. Q299796 Denial-of-Service Attack on Port 1720 May Cause a Memory Leak in Conf.exe

51. Q300477 FPSE: Potential Buffer Overrun Vulnerability in Visual Studio RAD (Remote Application Deployment)

52. Q300855 Windows 2000 Telnet Security Rollup

53. Q300901 Telnet Service Allows Logging On to Domain Guest Account

54. Q300905 Handle Leak in Telnet Service Causes a Denial-of-Service Vulnerability

55. Q300908 Program Running with Normal Privileges Can Terminate a Telnet Session

56. Q300972 Unchecked Buffer in Index Server ISAPI Extension Can Enable Web Server Compromise

57. Q301625 Patch Available for SSI Privilege Elevation Vulnerability

58. Q302755 Authentication Error in SMTP Service Could Allow Mail Relaying

59. Q303984 NNTP Service in Windows 2000 Contains a Memory Leak

60. Q304867 Patch Available for MIME Header Denial of Service Vulnerability

61. Q305601 FIX: CRT String Format Functions May Underwrite Buffer

62. Q306118 FPSE2000: List of Issues Fixed in FrontPage Server Extensions Service Release 1.3

63. Q306121 Malformed "Dotless" IP Address Can Cause a Web Page to Be Handled in the Intranet Zone

64. Q307454 Invalid RDP Data Can Cause Terminal Services Failure

65. Q308268 IDA and .IDQ Mappings Restored After You Install Service Pack or Add/Remove a Windows Component

66. Q308414 Patch Available for HTTP Request Encoding Vulnerability

67. Q311355 The Danish Version of Security Hotfix MS01-041 Is Not Installed

68. Q311371 Terminal Services Sessions Are Disconnected Because of a Decryption Error

69. Q315404 Clients with an Expired Temporary License May Be Unable to Connect to Terminal Services