Windows 2000 security fixes released

After Bill Gates' call for an increased focus on security, Microsoft releases the Windows 2000 Security Rollup Package, a collection of all fixes issued since May.

2 min read
Microsoft on Wednesday issued an important collection of security fixes for Windows 2000.

The release of the 17MB downloadable Windows 2000 Security Rollup Package (SRP1) comes as Microsoft steps up its emphasis on security. In an e-mail to Microsoft's 47,000 employees earlier this month, Chairman Bill Gates called for putting security ahead of adding new features to products.

Among the fixes: several denial-of-service and buffer-overflow patches, telnet and file-transfer protocol tweaks and authentication-error repairs, among others.

SRP1 is a cumulative collection of security fixes released since Microsoft issued Windows 2000 Service Pack 2 in May. Service packs are collections of fixes and enhancements periodically released for Windows. Service Pack 3 for Windows 2000 is currently in beta testing.

Given the increased emphasis on security, and the amount of time since the last service, the release of the security fixes is appropriate, say analysts.

"I think it's good, but how well it's accepted depends on how much the word gets out," Technology Business Research analyst Bob Sutherland said.

In October, Microsoft unveiled the Strategic Technology Protection program, for the purpose of getting out consolidated security fixes to its customers. At the same time, the company said that with the release of Service Pack 3, it would significantly beef up Windows 2000's security features and the OS's capability to receive new updates.

The newer Windows XP, by contrast, already has built-in plumbing that lets the system quickly receive security and bug fixes. With the new OS, officially launched Oct. 25, Microsoft made the Windows Update feature more automatic. With older Windows versions, including 2000, people had to go out to a Web site to retrieve enhancements or fixes. With XP, updates can be retrieved automatically and installed when the user is ready.

Microsoft's ability to quickly deliver timely security fixes or updates for Windows 2000 could be crucial for thousands of businesses deploying the operating system. While XP is gaining ground with consumers, businesses are holding to their Windows 2000 adoption plans. Gartner estimates that only about 16 percent of PCs sold to businesses this year will have XP; more than 40 percent are expected to pack Windows 2000.

Still, Microsoft faces a host of challenges as it tries to knuckle down on security. The company has been besieged with a host of recent glitches affecting Excel and PowerPoint, secure digital content, Windows XP and Internet Explorer, among other products.

But security experts and analysts praised Microsoft's newfound emphasis on security.

"Microsoft's announcement they're all about security is definitely reflective of the final acknowledgement they have serious problems both internally and externally," Sutherland said.