Windows Server

Windows NT 4.0 SP6a Patches

Daniel Petri


Note: Microsoft has announced that it will stop supporting Windows 98 and Windows NT 4.0 Workstation as of June 30, 2003.

What was the latest SP for Windows NT 4.0?

Windows NT 4.0 Service Pack 6a, the most recent service pack for Windows NT, was released in November of 1999. Microsoft originally planned to release Windows NT 4.0 SP7 in late 2000, approximately one year after the release of Windows NT 4.0 SP6a. At the time, Microsoft had produced relatively few post-SP6a hotfixes, and decided to delay Windows NT 4.0 SP7 until the third quarter of 2001. The frequency of hotfixes has continued to decline, and now, well over 2 years beyond the last Service Pack release, they still have made fewer fixes than were included with either Windows NT 4.0 SP5 or SP6.


There were three reasons why customers were anticipating Windows NT 4.0 SP7:

  • An easy mechanism for deploying all the security fixes Microsoft has publicly released since Windows NT 4.0 SP6a – the post-SP6a Security Rollup Package (SRP) is now available for download here – 299444

  • Availability of the Windows NT 4.0 Active Directory client, originally planned to be part of SP7 – it is now available for download HERE

  • International versions of the Internet Explorer High Encryption Pack for Windows NT are available for download HERE


Microsoft has concluded that Windows NT 4.0 SP7 is not needed, but that an easy way to deploy publicly released security fixes would be appreciated by many of their customers.

Microsoft has released a Security Rollup Package (SRP) for Windows NT 4.0 that includes the functionality from all security patches released for Windows NT 4.0 since the release of Windows NT 4.0 Service Pack 6a (SP6a) . This small, comprehensive rollup of post-SP6a fixes provides an easier mechanism for managing the rollout of security fixes. Please refer to Microsoft Knowledge Base article 299444 for more information about this rollup package. Applying the SRP does not change the encryption level of your computer.

Download SRP for NT 4.0 (13.9mb, released July 26, 2001)

See also Windows NT 4.0 SRP Info on my site.


A note for Hebrew-enabled Windows NT users

Make sure you download the correct version of the service pack or HotFix. If you cannot find a Hebrew version – DO NOT download it! Consult Microsoft Israel for a suggested patch.

If you apply non-Hebrew versions of the patches on your Hebrew enabled Windows NT 4.0 you will see all sorts of strange fonts, dialog windows and error messages might become unreadable or written in a mixture of English and Hebrew fonts, and finally, you might experience BSODs. Uninstalling the problematic patch might not help, and you’ll have to re-install NT.

See the Language Versions of MS Products – Hebrew article for some more info.

Required Patches

Windows NT 4.0 Server with Service Pack 6a (released November 30, 1999) requires the following security-related patches:

Make sure you read Internet Explorer 5.X and 6.0 Patches, Internet Explorer 6.0 SP1 Patches and IIS 4.0 Patches before you go on.

July 2005

MS05-037 : Vulnerability in JView Profiler Could Allow Remote Code Execution (903235)

June 2005

MS05-030 : Cumulative Security Update in Outlook Express (897715)

February 2005

MS05-010 : Vulnerability in the License Logging Service Could Allow Code Execution (885834)

January 2005

MS05-002 : Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711)

MS05-001 : Vulnerability in HTML Help Could Allow Code Execution (890175)

December 2004

MS04-045 : Vulnerability in WINS Could Allow Remote Code Execution (870763)

MS04-044 : Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835)

MS04-043 : Vulnerability in HyperTerminal Could Allow Code Execution (873339)

MS04-042 : Vulnerability in DHCP Could Allow Remote Code Execution and Denial Of Service (885249)

MS04-041 : Vulnerability in WordPad Could Allow Code Execution (885836)

October 2004

MS04-037 : Vulnerability in Windows Shell Could Allow Remote Code Execution (841356)

MS04-036 : Vulnerability in NNTP Could Allow Code Execution (883935)

MS04-032 : Security Update for Microsoft Windows (840987)

MS04-031 : Vulnerability in NetDDE Could Allow Remote Code Execution (841533)

MS04-029 : Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350)

July 2004

MS04-020 : Vulnerability in POSIX Could Allow Code Execution (841872)

April 2004

MS04-014 : Vulnerability in the Microsoft Jet Database Engine Could Allow Code Execution (837001)

MS04-012 : Cumulative Update for Microsoft RPC/DCOM (828741)

MS04-011 : Security Update for Microsoft Windows (835732)

February 2004

MS04-007 : ASN .1 Vulnerability Could Allow Code Execution (828028)

MS04-006 : Vulnerability in the Windows Internet Naming Service (WINS) Could Allow Code Execution (830352)

October 2003

MS03-045 : Buffer Overrun in the ListBox and in the ComboBox Control Could Allow Code Execution (824141)

MS03-044 : Buffer Overrun in Windows Help and Support Center Could Lead to System Compromise (825119)

MS03-043 : Buffer Overrun in Messenger Service Could Allow Code Execution (828035)

MS03-041 : Vulnerability in Authenticode Verification Could Allow Remote Code Execution (823182)

September 2003

MS03-039 : Buffer Overrun In RPCSS Service Could Allow Code Execution (824146)

MS03-034 : Flaw in NetBIOS Could Lead to Information Disclosure (824105)

July 2003

MS03-030 : Unchecked Buffer in DirectX Could Enable System Compromise (819696)

MS03-029 : Flaw in Windows Function Could Allow Denial of Service (823803)

MS03-026 : Buffer Overrun In RPC Interface Could Allow Code Execution (823980)

MS03-024 : Buffer Overrun in Windows Could Lead to Data Corruption (817606)

MS03-023 : Buffer Overrun In HTML Converter Could Allow Code Execution (823559)

June 2003

MS03-020 : Cumulative Patch for Internet Explorer (818529)

May 2003

MS03-019 : Flaw in ISAPI extension for Windows Media Services could cause denial of service (817772)

MS03-018 : Cumulative Patch for Internet Information Service (811114)

April 2003

MS03-013 : Buffer Overrun in Windows Kernel Message Handling could Lead to Elevated Privileges (811493)

MS03-011 : Flaw in Microsoft VM Could Enable System Compromise (816093)

March 2003

MS03-010 : Flaw in RPC Endpoint Mapper Could Allow Denial of Service Attacks (331953) (Patch is not available for NT 4.0. Go to the above link and read the FAQ for more details on how to workaround this issue)

MS03-008 : Flaw in Windows Script Engine could allow code execution (814078)

January 2003

MS03-001 : Unchecked Buffer in Locator Service Could Lead to Code Execution (810833)

December 2002

MS02-071 : Flaw in Windows WM_TIMER Message Handling Can Enable Privilege Elevation (328310)

November 2002

MS02-065 : Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution (329414)

MS02-050 : Certificate Validation Flaw Could Enable Identity Spoofing (328115) (Reposted)

October 2002

MS02-055 : Unchecked Buffer in Windows Help Facility Could Enable Code Execution (323255)

September 2002

MS02-053 : Buffer Overrun in SmartHTML Interpreter Could Allow Code Execution (324096)

August 2002

MS02-048 : Flaw in Certificate Enrollment Control Could Allow Deletion of Digital Certificates (323172)

MS02-045 : Unchecked Buffer in Network Share Provider can lead to Denial of Service (326830)

June 2002

MS02-029 : Unchecked Buffer in Remote Access Service Phonebook Could Lead to Code Execution (318138)