1.0 Introduction
1.1 What Is Service Pack 6?
1.2 List of Fixes in Service Pack 6
1.3 List of Fixes in Windows NT 4.0, Terminal Server Edition Service Packs 4 through 5
1.4 Encryption
1.5 How to Order the Service Pack 6 CD
1.5.1 What is on the Service Pack 6 CD
1.6 Internet Explorer Encryption and Security Fixes
2.0 Installation Instructions for Windows NT 4.0
Server, Terminal Server Edition Service Pack 6
2.1 Downloading and Extracting the Service Pack
2.2 Before You Install the Service Pack
2.2.1 Advanced Power Management
2.2.2 Power Management Utilities
2.2.3 3Com EtherLink 905B NIC Driver
2.3 Service Pack Install Order Documentation
2.4 Installing the Service Pack
2.4.1 Running Update.exe in Unattended Setup Mode (-u)
2.5 Service Pack Uninstall
2.6 Installing Symbol Files from the CD
2.7 Installing Windows NT 4.0, Terminal Server Edition on a Computer Running Windows 2000
2.8 Installing Internet Explorer 5.0
2.9 Important Note on Reapplying Hotfixes
3.0 User Notes
3.1 Emergency Repair Disk
3.2 Adding New Components
3.3 Obtaining Microsoft Data Access Components (MDAC)
4.0 Additional Fixes and Workarounds
4.1 SECURITY: Security Identifier Enumeration Function in LSA Might Not Handle Argument Properly
4.2 SECURITY: Syskey Tool Security Vulnerability
4.3 SECURITY: Unauthorized Account Usage by Using Local Procedure Call
4.4 SECURITY: Registry Data Is Viewable by All Users During Rdisk Repair Update
4.5 SECURITY: Predictable TCP/IP Initial Sequence Numbers
4.6 SECURITY: Buffer Overrun Exposes Computer to General Protection Fault via Mail
4.7 SECURITY: Malformed Resource Enumeration Arguments Might Cause Named Pipes and Other System Services to Fail
4.8 SECURITY: Unchecked Print Spooler Buffer Might Expose System Vulnerability
4.9 SECURITY: Internet Explorer: Local Files May Be Accessed By Using JavaScript Linked to Image Tag
4.10 SECURITY: Password for Auto Connection Saved Without Being Encrypted on Windows 95 and Windows 98 clients
4.11 SECURITY: Denial of Service Attack on Printer Spooler Port 515 Might Cause Access Violation in Lpdsvc.exe
4.12 Error Message: Unable to Log You on Because the Netlogon Service Is Not Running
4.13 Novell Print Banner Always Printed After Applying Service Pack 5
4.14 Blue Screen: Bad SAP Packet Causes Stop 0x0000000A in Afd.sys
4.15 Blue Screen: STOP 0x00000050 Error Message in Windows Terminal Server
4.16 Unable to Open 16-bit Exchange EFD Form by Using Outlook 97 in a Terminal Server Client Window
4.17 User Environment Variables Are Not Passed to Out-of-Process COM Objects
4.18 Too Many Printers Can Cause Unsuccessful Boot
4.19 Compaq Array Configuration Tool Might Not Work on Windows Terminal Server
4.20 International Characters Do Not Display Properly from a Full-Screen MS-DOS Session
4.21 User Profile Folders Are Not Deleted After Users Log Off
4.22 Performance: Keystrokes Appear to Be Buffered and Delayed when User Logs On
4.23 AutoCreated User Printers Visible to All Users When Printer Window is Already Open
4.24 Cannot Insert File Attachment from Locally Mapped Drive to Outlook Messages
4.25 Dual-Booting Between Versions of Windows NT 4.0 and Windows 2000
4.26 NTFS for Windows NT 4.0 Server Version 4 and NTFS for Windows 2000 Support
4.27 Microsoft Proxy Server 1.0 Client
4.28 MDAC 2.0 Service Pack 1
4.29 Installing Internet Explorer 5 as a Non-Default Browser
4.30 Exchange Server Reindexing
4.31 Internet Explorer 5: HTML Help Might Not Function Correctly When You Upgrade from IE 2.0 to IE 5
4.32 Microsoft Office 2000 Web Publishing Wizard
4.33 Unable to Start Windows Explorer After Applying Service Pack 5
5.0 Application Notes
5.1 CheckIt Diagnostic Kit 4.0 by Touchstone
Information in this document, including URL and other Internet Web site references, is subject to change without notice and is provided for informational purposes only. The entire risk of the use or results of the use of this document remains with the user, and Microsoft Corporation makes no warranties, either express or implied. The example companies, organizations, products, people, and events depicted herein are fictitious. No association with any real company, organization, product, person, or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in, or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.
© 2000 Microsoft Corporation. All rights reserved.
Microsoft, MS-DOS, Windows, Windows NT, and NetMeeting are either registered trademarks or trademarks of Microsoft Corporation in the U.S.A. and/or other countries.
The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
This document provides information about Microsoft Windows NT 4.0 Server, Terminal Server Edition Service Pack 6 (SP6), as well as answers to questions that you might have.
For the most up-to-date list of supported hardware, see the Hardware Compatibility List by visiting the Microsoft Web site at:
http://www.microsoft.com/hcl/default.asp
This release of Microsoft Windows NT Server 4.0, Terminal Server Edition Service Pack 6 (SP6) is the latest update to the Microsoft Windows NT Server 4.0, Terminal Server Edition operating system. Service Pack releases are cumulative, containing all previous Service Pack fixes and any new fixes created after Service Pack 5 (SP5).
The Terminal Server Edition of Service Pack 6 also incorporates fixes and workarounds which were included in the Microsoft Windows NT Server 4.0 SP6. For extensive documentation of the fixes and updates contained in Microsoft Windows NT Server 4.0 SP6, visit the Service Packs page at the Microsoft Windows NT Server Web site.
For a list of the fixes and updates which are specific to this Terminal Server Edition of the service pack, visit the Microsoft Windows NT Terminal Server Web site at:
http://www.microsoft.com/ntserver/terminalserver/downloads/recommended/tsesp6.
For a list of some of the main fixes and workarounds, see List of Terminal Server Fixes in this Service Pack, in this document.
Microsoft Windows NT 4.0 Server, Terminal Server Edition Service Pack 6 is easy to apply while Windows NT is running.
Important: You should stop running any critical services before you apply Windows NT 4.0 Server, Terminal Server Edition SP6. For more preinstallation recommendations, see Before You Install the Service Pack, later in this document.
SP6 is a collection of current updates and enhancements to Windows NT Server 4.0, Terminal Server Edition since its release.
SP6 is not a required upgrade. If you have deployed or are in the process of deploying a previous Service Pack, you probably need not change your plans. To accommodate customers in this situation, Microsoft provides software updates for critical issues to previous Service Packs. For example, you can continue to obtain year 2000 (Y2K) software updates if you're using Service Pack 4 (SP4).
SP6 content is focused on:
1.2 List of Fixes in Service Pack 6
To assist customers who are deciding whether to upgrade to SP6, Microsoft provides extensive documentation of the fixes and updates contained in SP6. This documentation gives customers the opportunity to analyze whether the SP6 contents justify the necessary test and deployment resources. For the most recent list of affected Service Pack files, visit the Microsoft Windows NT Terminal Server Web site at:
http://www.microsoft.com/ntserver/terminalserver/
For a list of some of the main fixes and updates which are specific to this Terminal Server Edition of the service pack, see Additional Fixes and Workarounds, in this document.
1.3 List of Fixes in Windows NT 4.0 Server, Terminal Server Edition Service Packs 4 and 5
For a list of fixes contained in Service Packs 4 and 5, visit the Microsoft Personal Online Support Center Web site at:
http://support.microsoft.com/support/
1.5 How to Order the Service Pack 6 CD
The Windows NT 4.0 Server, Terminal Server Edition Service Pack CD contains supplemental and support files that you may find useful. To order the CD, visit the Microsoft Windows NT Server, Terminal Server Edition Web site at:
http://www.microsoft.com/ntserver/terminalserver/
1.5.1 What is on the Service Pack 6 CD
The \Support and \ValueAdd folders on this CD contain additional Windows components that can be installed as you need them. These files are not part of the Service Pack 6 installation, but are included for installation and use at your discretion. They include:
This CD also contain files in the \i386 folder that are not installed automatically. They are also not in the downloaded version of SP6. The files are used to install:
1.6 Internet Explorer Encryption and Security Fixes
Microsoft Internet Explorer 5 is included on this CD in the ValueAdd\Msie5 folder. This version is the standard, 56-bit encryption version. For high (128-bit) encryption, install the 56-bit version and then apply the Internet Explorer High Encryption Pack, which is available at the following Web link:http://www.microsoft.com/windows/ie/download/128bit/intro.htm
Important The version of IE included on this CD might not contain all of the latest IE security fixes. You can get these fixes from the following Web link:http://www.microsoft.com/ie/security/default.htm
Carefully read the installation instructions before you install Service Pack 6, because they might have changed from previous Service Packs.
2.1 Downloading and Extracting the Service Pack
If you have downloaded this Service Pack from an FTP site or a Web site, you should read the release notes completely before you extract and install the Service Pack. For this release, these self-extracting program files are also located at the root of the CD.
Downloading the Service Pack saves a compressed program file on your hard disk. To extract this file and begin the installation process, for example, at the command prompt, type: WTSi386.exe or double-click the file in My Computer. You can also extract the file into the current folder without launching the installation program by using the command prompt switch /x. For example, at the command prompt, type: WTSi386 /x
2.2 Before You Install the Service Pack
Log on to the Terminal Server as administrator and ensure that all other users have logged off before installing the Service Pack. Close all active debugging sessions. Otherwise, the Update program is unable to replace system files that are in use. If a file is in use when you install SP6, a dialog box appears prompting you to cancel the installation or skip the file copy. You should cancel the installation and then uninstall SP6. To uninstall SP6, see Service Pack Uninstall, later in this document.
Also, to maximize recovery of the computer in the event of installation failure, you should do the following before installing SP6:
To enable the uninstall option, run Update.exe. A subfolder named $NtServicePackUninstall$ is created in your Windows NT folder. This requires at least 120 megabytes (MB) of free space on the disk on which Windows NT 4.0 is installed, 60 MB for the uninstall folder, and 60 MB for the Service Pack-updated system files.
2.2.1 Advanced Power Management
Advanced Power Management is not supported by Windows NT 4.0, Terminal Server Edition. As a result, you should remove Advanced Power Management features before installing SP6.
2.2.2 Power Management Utilities
Power Management Utilities might not work on Windows NT 4.0 Server, Terminal Server Edition SP6. Contact the vendor of your Power Management Utilities for an updated version that is compatible with Windows NT 4.0 SP6.
2.2.3 3Com EtherLink 905B NIC Driver
There is a known issue with the 3Com EtherLink 905B network adapter driver prior to version 3.38.40.0. If an earlier version of the driver is detected during SP6 installation, it will be replaced with version 3.40.40.0. If you have an EtherLink 905B network adapter and need to reinstall the drivers, you can obtain the latest drivers from 3Com’s Web site at:2.3 Service Pack Install Order Documentation
Important: If you are installing Service Packs for multiple Microsoft products, the order in which you install the Service Packs can have an effect on stability. To view the documentation about the recommended installation order, visit the Microsoft Windows NT Server Web site at:
http://www.microsoft.com/ntserver/terminalserver/
2.4 Installing the Service Pack
To install SP6 from the CD
- Log on to the Terminal Server as administrator and make sure that all other users have logged off.
- Insert the Service Pack CD into your CD-ROM drive.
- If a Web page opens in your browser after you insert the CD, click Install Service Pack 6, and then click Install Service Pack 6 for Intel-based systems.
- When prompted to download Update.exe or to save it to disk, click Run this program from its current location, and then click OK. Follow the instructions that appear.
Note: To use the uninstall feature of SP6, during the initial installation, you must select the Backup files necessary to uninstall this Service Pack check box.- If a Web page doesn't automatically open when you insert the CD, open the command prompt window, and change the folder to the drive letter associated with the CD-ROM drive.
To open the command prompt
- Click Start, point to Programs, and then click Command Prompt.
- Change the folder by typing CDdrive:\i386\Update, and then type update.
- Follow the instructions that appear.
To install SP6 from a network drive
- Connect to the network drive that has the SP6 files.
- Change the drive letter to that of the network drive.
- Change the folder to \i386\Update, and then type update.
- Follow the instructions that appear.
Note: You should allow Setup to create an Uninstall folder the first time you install SP6.
To enable the uninstall option, run Update.exe. A subfolder named $NtServicePackUninstall$ is created in your Windows NT folder. This requires at least 120 megabytes (MB) of free space on the disk on which Windows NT 4.0 Server, Terminal Server Edition is installed, 60 MB for the uninstall folder, and 60 MB for the Service Pack-updated system files.
To install SP6 from the Internet
- Using your browser, visit the Microsoft Windows NT Server Web site at:
http://www.microsoft.com/ntserver/terminalserver/- Click Install Service Pack 6 to install SP6 on your computer.
This Web page automatically detects which files need to be updated and then copies the appropriate files to a temporary folder on your computer. It then installs only those files that are needed to update your computer.
Note: If you use a Web browser other than Internet Explorer 3.02 or later, you might be unable to install SP6 by using this update method. You can still install SP6 by downloading the entire Service Pack from the Internet onto your computer and running Update.exe locally.
You can use installation switches with Update.exe. The following syntax help is available by typing update /?: at the command prompt.
UPDATE [-u] [-f] [-n] [-o] [-z] [-q]
-u Unattended Setup mode
-f Force other programs to close at shutdown
-n Do not back up files for uninstall
-o Overwrite OEM files without prompting
-z Do not restart when installation is complete
-q Quiet mode - no user interaction
Important: If you change or add new software or hardware components to your computer after you install SP6, you'll need to install SP6 again. This is because the files included on the original Windows NT 4.0 Server, Terminal Server Edition media might not be the same as the files on the Service Pack CD. You can't install new components, such as a new keyboard or printer driver, directly from the Service Pack media. You must install new components from the original product media and then reinstall the Service Pack.
2.4.1 Running Update.exe in Unattended Setup Mode (-u)
To run Update.exe in unattended Setup mode by using the -u flag, you must also use the -o flag to ensure that OEM-supplied files are updated. If you don't use the -o flag, files such as those that contain the hardware abstraction layer (HAL) and disk miniport drivers are not updated.
2.5 Service Pack Uninstall
This Service Pack contains an uninstall feature that you can use to restore your computer to its previous state.
To enable the uninstall option, run Update.exe. A subfolder named $NtServicePackUninstall$ is created in your Windows NT folder. This requires at least 120 megabytes (MB) of free space on the disk on which Windows NT 4.0 is installed, 60 MB for the uninstall folder, and 60 MB for the Service Pack-updated system files.
To uninstall SP6 using Add/Remove Programs
- Click Start, point to Settings, and then click Control Panel.
- Double-click Add/Remove Programs, click Windows NT Terminal Server 4.0 Service Pack 6, and then click Add/Remove.
- Follow the instructions that appear.
To uninstall SP6 from the command prompt
- Click Start, point to Programs, and then click Command Prompt.
- Change the folder to \%systemroot%\$NtServicePackUninstall$\spuninst\ and then type: Spuninst.exe
- Type Exit to close the Command Prompt window.
Note: If you install any programs or services that require SP6 or have fixes contained in SP6, uninstalling SP6 could adversely affect those programs.
To uninstall SP6, the drive letter for the hard disk must be the same one used when you installed SP6. If you change the drive letter for the hard disk, you cannot uninstall SP6.
Note: If you uninstall SP6 on a computer that previously had SP4 (without Internet Explorer 4.0) installed on it, cryptography will not work correctly after the uninstall completes. To work around this issue, reinstall SP4 after you have uninstalled SP6.
Uninstalling SP6 will not uninstall new versions of CryptoAPI and SChannel.
Important: If you plan to install a previous Service Pack after uninstalling SP6, note that SP6 modifies the Security Account Manager (SAM) database and the Security database so that older versions of the Samsrv.dll, Samlib.dll, Lsasrv.dll, Services.exe, Msv1_0.dll, and Winlogon.exe files no longer recognize the database structure. Therefore, the uninstall process doesn't restore these files when uninstalling SP6. If you install a prior Service Pack (for example, SP3) after uninstalling SP6, when the Confirm File Replace dialog boxes appear, click No to avoid overwriting Samsrv.dll and Winlogon.exe. If you overwrite the newer files with these older versions, you'll be unable to log on to the computer.
Note: If you're reinstalling SP6 after installing new software or hardware, you must create a new Uninstall folder. To retain your ability to return to a startup configuration , copy the current Uninstall folder to a safe location before running the SP6 installation program.
2.6 Installing Symbol Files from the CD
Each program file in Windows NT 4.0, Terminal Server Edition has a corresponding symbol file that is helpful in diagnosing application and computer problems. Symbol files are used in conjunction with a debugger and are not required for proper operation of your computer.
The symbols for SP6 files are compressed in a self-extracting program file named SP6symi.exe. To install the symbol files corresponding to the new binaries in SP6, run the executable file. When prompted, specify the path to the location of the previous version's symbols, such as C:\WTSRV\. In this example, the symbols are stored in C:\WTSRV\symbols.
For more information about debugging in Windows NT 4.0, see Chapter 39, "Windows NT Debugger" in the Microsoft Windows NT 4.0 Workstation Resource Kit.
2.7 Installing Windows NT 4.0 Server, Terminal Server Edition on a Computer Running Windows 2000If you install Windows NT 4.0 Server, Terminal Server Edition on a computer with Windows 2000 beta version or later already installed, Setup may continuously restart after the initial text-mode phase of Windows NT 4.0 Server, Terminal Server Edition Setup.
The updated Winnt32.exe in the \Support\Winnt32 folder of the SP6 compact disc allows you to install Windows NT 4.0 Server, Terminal Server Edition on a computer already running Windows 2000.
To update the Winnt32.exe
- Copy the \Support\Winnt32\i386\Winnt32.exe file from the Windows NT 4.0 Server, Terminal Server Edition SP6 CD to a folder on your hard disk. You can also double-click the file on the SP6 CD.
- When prompted for the location of the Windows NT 4.0 Server, Terminal Server Edition files, supply the path to the \i386 folder on the Windows NT 4.0 Server, Terminal Server Edition CD.
- After Windows NT 4.0 Server, Terminal Server Edition is installed, install SP6.
- Copy Ntldr.com and Ntdetect.com from the Windows 2000 CD to the root of the system drive.
Note: To use this installation method, your installation partition must already be formatted with the Windows FAT file system.
For more information, visit the Microsoft Personal Online Support Center Web site at:
http://support.microsoft.com/support/
If you chose to have Internet Explorer 4.0 installed automatically during the original installation of Windows NT 4.0 Server, Terminal Server Edition, you should install SP6 before upgrading to Internet Explorer 5.0. Otherwise, new users will experience an error: "RUNDLL:An exception occurred while trying to run SIGNUP" during their first logon attempt.
Only the "Typical" and "Minimal" installations of Internet Explorer 5.0 are supported on Terminal Server. Any additional IE5 components installed may result in access errors when users log on.
2.9 Important Note on Reapplying HotfixesIf you have applied recent hotfixes to your Windows NT 4.0 Server, Terminal Server Edition Service Pack 5 installation, it might be necessary to reapply them after installing SP6.
For detailed information, visit the Microsoft Windows NT Terminal Server Web site at:
http://www.microsoft.com/ntserver/terminalserver/downloads/recommended/tsesp6
This section covers information that is specific to Service Pack 6.
If you use the Windows NT 4.0, Terminal Server Edition Emergency Repair Disk to repair your Windows NT 4.0, Terminal Server Edition computer, Windows NT 4.0, Terminal Server Edition requires that you supply the original Windows NT 4.0, Terminal Server Edition media at some time after you install SP6. This means you need to reinstall SP6 after the repair is completed because the Emergency Repair Disk repairs your computer by restoring your original Windows NT 4.0, Terminal Server Edition system files. After the repair is complete, to reinstall SP6, follow the Installation Instructions in Section 2.0. For more information about using the Windows NT 4.0 Emergency Repair Disk utility, visit the Microsoft Personal Online Support Center Web site at:
http://support.microsoft.com/support/
Note: To use the Emergency Repair Disk utility, you must have the updated version of Setupdd.sys that comes with SP6. To update your version of Setupdd.sys, copy Setupdd.sys from the Service Pack to your Windows NT 4.0, Terminal Server Edition Setup Disk 2 from the original product media. This replaces the earlier version of Setupdd.sys with the updated version. For more information, see the Microsoft Personal Online Support Center Web site at:
http://support.microsoft.com/support/
3.2 Adding New Components
If you change or add new software or hardware components to your computer after you install SP6, you'll need to install SP6 again. This is because the files included on the original Windows NT 4.0 Server, Terminal Server Edition media might not be the same as the files on the Service Pack CD. You can't install new components, such as a new keyboard or printer driver, directly from the Service Pack media. You must install new components from the original product media and then reinstall the Service Pack.
For example, if you install the Simple Network Management Protocol (SNMP) service after installing SP6, you'll need to reinstall the Service Pack. Otherwise, you'll receive the message "Entrypoint SnmpSvcGetEnterpriseOID could not be located in Snmpapi.dll." This informs you that some of the files in the SNMP service have been updated in SP6 and that you have a version mismatch. Reinstalling SP6 fixes the problem by copying the newer versions of the files onto your computer.
Note: SNMP security provides the ability to set a permission level on the SNMP agent computer. The permission level determines how the SNMP agent computer processes requests from an SNMP community.
3.3 Obtaining Microsoft Data Access Components (MDAC)
To download the latest version of MDAC, visit the Microsoft Universal Data Access Web site at: http://www.microsoft.com/data/default.htm
To obtain information about MDAC year 2000 compliance, visit the Microsoft Year 2000 Resource Center Web site at: http://www.microsoft.com/year2000
This section contains additional fixes and workarounds for Windows NT 4.0 Server, Terminal Server Edition SP6.
4.1 SECURITY: Security Identifier Enumeration Function in LSA Might Not Handle Argument Properly
When the LsaLookupSids() function in Windows NT Local Security Authority (LSA) is used to determine the Security Identifier (SID) associated with a particular user or group name, invalid or contradictory arguments passed to the function might not be handled correctly. The result causes LSA to cease functioning properly and prevent the computer from working. You can restart an affected computer to put it back into service, but any work that was in progress at the time would be lost. This behavior has been fixed in SP6.
NOTE: This vulnerability does not affect computers running Microsoft Windows 2000.
For more information about this issue, see Microsoft Security Program: Microsoft Security Bulletin (MS99-057)
4.2 SECURITY: Syskey Tool Security Vulnerability
The cryptographic error in the Syskey tool that enabled offline password attacks under certain conditions has been fixed. Before SP6, Syskey reused the same keystream when encrypting certain elements in the Security Accounts Manager (SAM) database, making the tool vulnerable to an attack that used a known cryptanalytic method. This vulnerability could allow offline password attacks to be mounted against a Syskey-protected SAM database. This security vulnerability has been repaired in SP6.
For more information about this issue, see Microsoft Knowledge Base article #Q248183
4.3 SECURITY: Unauthorized Account Usage by Using Local Procedure Call
It is no longer possible for a malicious user to use a program that makes a specific local procedure call (LPC) to impersonate any other user who has local logon privileges. Previously, this security hole would have allowed the unauthorized user on a computer running Windows NT 4.0 to run any program, including programs that can run in the LocalSystem context. If the domain administrator's credentials were present on the computer, this could have resulted in compromised security for the domain.
For more information about this issue, see Microsoft Knowledge Base article #Q247869
4.4 SECURITY: Registry Data Is Viewable by All Users During Rdisk Repair Update
The security vulnerability that allowed registry data to be accessible to all users while the Rdisk Tool was being run on a computer running Windows NT 4.0 has been fixed in SP6. This problem occurred because of a temporary file created by Rdisk during its update repair information process. This file enumerated all of the registry hives and their current settings. The permissions on this file did not prevent anyone from reading or changing its contents while Rdisk was running, or at any time if Rdisk was interrupted or ended abnormally.
For more information about this issue, see Microsoft Knowledge Base article #Q249108
4.5 SECURITY: Predictable TCP/IP Initial Sequence Numbers
The TCP protocol assigns an initial sequence number to each connection. Prior to Windows NT 4.0 Server, Terminal Server Edition Service Pack 6, it was possible, through careful analysis, to determine the initial TCP sequence number for a specific Windows NT communications session. By predicting a TCP session's sequence number, it could then be possible to disrupt the integrity of a communication session that does not provide its own session integrity. This is often referred to as "connection hijacking."
In Windows NT 4.0 Server, Terminal Server Edition SP 6, the method of assigning sequence numbers to TCP sessions has changed to make them more unpredictable. The security hole which allowed a session's initial sequence numbers (ISN) to be predicted on a computer running Windows NT 4.0 and TCP/IP has been fixed.
For more information about this issue, see Microsoft Security Program: Microsoft Security Bulletin (MS99-046)
4.6 SECURITY: Buffer Overrun Exposes Computer to General Protection Fault via Mail
Prior to SP6, there is a buffer overrun in Riched20.dll which creates a security vulnerability. This vulnerability could be potentially exploited by a malicious user via e-mail to cause a General Protection Fault on a computer running Windows NT 4.0. This problem has been fixed in SP6.
For more information about this issue, see Microsoft Security Program: Microsoft Security Bulletin (MS99-047)
In NT 4.0, a vulnerability exists which can cause Srvsvc.dll to reference an invalid memory location, such that Windows NT clients are unable to gain access to shared file resources. This vulnerability has been fixed in SP6.
For more information about this issue, see Microsoft Knowledge Base article #Q246045
4.8 SECURITY: Unchecked Print Spooler Buffer Might Expose System Vulnerability
A vulnerability in the Windows NT 4.0 print spooler sub-system Application Programming Interface (API) allowed users under certain conditions to bypass the computer security settings and run an unauthorized program using a buffer overrun technique. This vulnerability has been fixed in SP6.
For more information about this issue, see Microsoft Knowledge Base article #Q243649
When you visit a Web page that contains a JavaScript Uniform Resource Locator (URL) in an IMG (image) tag, a malicious Web site operator could view files on your computer, under certain circumstances. The Web site operator does need to know (or guess) the name and location of the file, and can view only file types that can be opened in a browser window. If the malicious site is in a Security Zone that does not allow Active Scripting, the vulnerability cannot be exploited. This security vulnerability has been fixed in SP6.
For more information about this issue, see Microsoft Knowledge Base article #Q251109
On clients running Windows 95 and Windows 98, it is possible for a user to log on without an official username. This happens when a user presses ESC from the Windows logon prompt. When such an unknown user creates an auto-logon Terminal Server connection using the SP5 or earlier version of Connection Manager, the password for the connection is stored as clear text in the registry.
Solution: A new version of Connection Manager (conman.exe) and the Terminal Services Client (Mstsc.exe) is contained in SP6. These new files correct the problem in future connections created with Connection Manager. In addition, the new and old versions of these components interact in the following ways.
The following scenarios will work:
The following scenarios will not work:
To convert an old (bad) clear-text connection to a properly enrypted connection
- Run the new version of Connection Manager on the computer running Windows 95 or Windows 98.
- Right click the connection, and then click Properties.
- In the Properties dialog box, click OK. The Password is now encrypted.
Because of a security vulnerability, a client computer using line printer remote (LPR) to send a print job to a computer running Windows NT 4.0, Terminal Server Edition can cause an Access Violation in Lpdsvc.exe if the LPR command contains random characters. This vulnerability has been fixed in SP6.
4.12 Error Message: Unable to Log You on Because the Netlogon Service Is Not Running
The problem that caused the Netlogon service not to start if the locale for the computer was set to use certain code pages (such as Danish and Hungarian) has been fixed in SP6. This behavior occurred because the Security Accounts Manager (SAM) for the domain did not initialize if the locale for the computer is set to use a code page that uses Unicode double compression.
For more information about this issue, see Microsoft Knowledge Base article #Q234655
4.13 Novell Print Banner Always Printed After Applying Service Pack 5
After you installed Windows NT 4.0 Service Pack 5 (SP5) or Windows NT Server 4.0, Terminal Server Edition Service Pack 5 (SP5) on a computer running Client Services for NetWare (CSNW) or Gateway Services for NetWare (GSNW), the print banner was always printed, regardless of whether it was enabled or disabled in the CSNW tool in Control Panel. This behavior has been fixed in SP6.
For more information about this issue, see Microsoft Knowledge Base article #Q232559
4.14 Blue Screen: Bad SAP Packet Causes Stop 0x0000000A in Afd.sys
The problem that caused computers running Windows NT to blue screen with a Stop 0x0000000A error message shortly after the Logon screen appeared or shortly after being put back on the network has been fixed. This problem occurred when a faulty network interface card (NIC) broadcast bad SAP packets on the network with a large value for Bytes Remaining.
For more information about this issue, see Microsoft Knowledge Base article #Q174465
4.15 Blue Screen: STOP 0x00000050 Error Message in Windows Terminal Server
The problem that caused computers running Windows NT and Terminal Server to blue screen with a stop 0x00000050 error message has been fixed in SP6. This problem occurred if you had Microsoft Outlook 97 installed, and you had a large number of appointment reminders in your calendar.
For more information about this issue, see Microsoft Knowledge Base article #Q253215
4.16 Unable to Open 16-bit Exchange EFD Form by Using Outlook 97 in a Terminal Server Client Window
The problem that caused 16-bit Microsoft Exchange Electronic Forms Designer (EFD) forms not to open within a session of Microsoft Outlook 97 running inside a Terminal Server client window has been fixed in SP6.
For more information about this issue, see Microsoft Knowledge Base article #Q247962
4.17 User Environment Variables Are Not Passed to Out-of-Process COM Objects
The problem that caused user environment variables not to be inherited in Terminal Server client sessions has been fixed in SP6. This problem occurred when a program was run as a COM object from within a Terminal Server client session. When the same program was run from a Terminal Server console, the user environment variables would be inherited.
For more information about this issue, see Microsoft Knowledge Base article #Q247351
4.18 Too Many Printers Can Cause Unsuccessful Boot
The problem that caused computers running Windows NT not to boot if too many printers were installed has been fixed in SP6. Depending on the number and types of drivers involved, this problem would occur when approximately 900 or more printers were installed. Upon starting Windows NT, the following error message would appear:
Windows NT could not start because the following file is missing or corrupt: \%SystemRoot%\System32\Config\SystemHardware Profile/Last Known Good menu
For more information about this issue, see Microsoft Knowledge Base article #Q244135
4.19 Compaq Array Configuration Tool Might Not Work on Windows Terminal Server
In previous versions of Windows NT 4.0, Terminal Server Edition, the Compaq Array Configuration utility might fail with the following error message:
An internal communications error has occurred when attempting to lock the Compaq Fibre Array Controller in the Fibre Array YYYYYYYYYYYYYYYYYYY. You will not be able to configure this controller until the problem is corrected.
This occurs because Windows Terminal Server incorrectly truncates the symbolic name created by the Compaq Fibre Array system driver. This behavior has been fixed in SP6.
For more information about this issue, see Microsoft Knowledge Base article #Q241346
4.20 International Characters Do Not Display Properly from a Full-Screen MS-DOS Session
The problem with the display of international characters in the full-screen display mode of an MS-DOS session has been fixed in SP6.
For more information about this issue, see Microsoft Knowledge Base article #Q194830
4.21 User Profile Folders Are Not Deleted After Users Log Off
The problem with the Delete Cached Profile feature on Windows NT Server, Terminal Server Edition, has been fixed. Previously, when this feature was enabled and a user logged off from the Terminal Server, the top level folder of the user profile might not be deleted when the cached copy of the profile was recursively removed. This behavior has been fixed in SP6.
For more information about this issue, see Microsoft Knowledge Base article #Q251278
4.22 Performance: Keystrokes Appear to be Buffered and Delayed When User Logs On
Prior to Service Pack 6, keystrokes may appear to be delayed during or shortly after Terminal Services client printer mapping. The problem occurs because client printer mapping causes a large number of writes to the registry when a user logs in. These changes have to be flushed to disk, and the registry flusher holds an exclusive lock on the registry lock while flushing. Any application that tries to access the registry must wait until the flusher releases the lock, which can take several seconds. This behavior has been fixed in SP6.
For more information about this issue, see Microsoft Knowledge Base article #Q250042
4.23 AutoCreated User Printers Visible to All Users When Printer Window Is Already Open
Previously, users connecting to a Terminal Server running SP5 or earlier and Metaframe 1.8 were in certain circumstances able to view the printers autocreated in other user sessions. This behavior has been fixed in SP6.
For more information about this issue, see Microsoft Knowledge Base article #Q253922
4.24 Cannot Insert File Attachment from Locally Mapped Drive to Outlook Messages
In Windows NT 4.0 Server, Terminal Server Edition Service Pack 5, users of Metaframe 1.8 or earlier encountered a problem using the Insert File feature from a locally mapped drive in Microsoft Outlook. This problem has been fixed in SP6.
For more information about this issue, see Microsoft Knowledge Base article #Q249255
If you dual-boot your computer to run both Windows NT 4.0 Server, Terminal Server Edition and Windows 2000, each installation or instance of Windows must have a unique computer name.
Note: These unique names are required only if the two instances of Windows on the dual-boot computer are on the same Windows domain.
4.26 NTFS for Windows NT 4.0 Version 4 and NTFS for Windows 2000 Support
There are two recent versions of the NTFS File System:
This Service Pack contains an updated version of NTFS.sys that can also read NTFS Version 5 volumes created in NTFS for Windows 2000.
Note: The following scenarios don't support dual-booting:
You cannot gain access to the following features of Windows 2000-supported NTFS from SP6, even with the updated NTFS.sys file:
Attempts by Windows NT 4.0 SP6 users or programs to gain access to release points created on NTFS for Windows 2000 drives with a Windows 2000 installation fail, usually with an "access denied" message.
Antivirus programs might report to the user (by log file, dialog box, or both) when a file can't be accessed. These programs might report their failure to access Native Structured Storage (NSS) files with extensions that the programs are set to scan. Archiving programs can't add NSS files to an archive, and the archiving might be reported as an error. Backup programs won't back up NSS files or release points as expected. The programs might log the failures as either "file in use" or "file not available." Some backup programs fail when they try to verify folders that contain NSS files during the backup process.
When you mount a Windows 2000-supported NTFS volume under Windows NT 4.0, Terminal Server Edition SP6, NTFS for Windows 2000 features are unavailable, and Chkdsk can't be performed against the volume. However, most read/write operations function normally if they don't make use of any NTFS for Windows 2000 features. Also, since files can be read and written on Windows 2000-supported volumes under Windows NT 4.0, Terminal Server Edition, Windows 2000 may need to perform "clean-up" operations by running Chkdsk on the volume after it's mounted on Windows NT 4.0, Terminal Server Edition. These clean-up operations ensure that the NTFS for Windows 2000 data structures are consistent after a Windows NT 4.0, Terminal Server Edition mount operation.
4.27 Microsoft Proxy Server 1.0 Client
Installing SP6 on a computer running Windows NT 4.0 Server, Terminal Services Edition with Microsoft Proxy Server 1.0 client installed disables the WinSock Proxy Client component. As a result, programs that access the Internet and depend on the Proxy client may not be able to gain access to the Internet. You should uninstall Microsoft Proxy Client before installing SP6. After you install SP6, you can reinstall the Proxy Client.
If you install MDAC 2.0 or later after installing SP6, the ODBC Help files, Obdcinst.hlp and Obdcinst.cnt, will not match the help file for the installed version of MDAC. This is because the ODBC Help file installed by SP6 has the SP6 file date. To work around this, before you install MDAC, delete Odbcinst.hlp and Odbcinst.cnt. If you've already installed MDAC, delete Odbcinst.hlp and reinstall MDAC.
4.29 Installing Internet Explorer 5 as a Non-Default Browser
You can install Internet Explorer 5 without adding the Internet Explorer icon to the desktop and without adding the system file associations that make Internet Explorer 5 the default browser. If you have the SP6 CD, you can find Internet Explorer 5 in the \ValueAdd\MSIE5 folder.
To install Internet Explorer 5 as a non-default browser
- Click Start, and then click Run.
- In Named, type:
IE5SETUP.EXE /C:"ie5wzd /S:""#e"" /X /R:N /Q:A /m:0"- Click OK.
This command changes the Internet Explorer 5 installation to prevent adding the Internet Explorer icon to the desktop or changing the system file associations to make Internet Explorer 5 the default browser.
Note: This command only works if you have not installed the Microsoft Windows Desktop Update on your computer.
For more information, visit the Microsoft Personal Online Support Center Web site at:
http://support.microsoft.com/support/
4.30 Exchange Server Reindexing
If you install SP6 on a computer running Microsoft Exchange Server, the installation might trigger Exchange to begin a lengthy reindexing process. While the Sort Order for Windows NT 4.0
Server, Terminal Server Edition has not changed in this Service Pack, Exchange might still interpret the application of the Service Pack as a possible Sort Order change and reindex to ensure data integrity. After reindexing is completed, the database should start. Do not attempt to interrupt the server while it is reindexing because that can cause the database to become inconsistent. For more information, visit the Microsoft Personal Online Support Center Web site at:
http://support.microsoft.com/support/
If you install IE 5 on a computer running Windows NT 4.0, Terminal Server Edition and IE 2.0, some features of HTML Help might not work. Specifically, the Contents and Index tabs of HTML Help files might not open. To work around this, upgrade your version of IE to IE 4.0 prior to installing IE 5.
4.32 Microsoft Office 2000 Web Publishing Wizard
If you perform a default install of Office 2000 on a computer running Windows NT 4.0, Terminal Server Edition, the Office 2000 installation program automatically upgrades Internet Explorer components and adds the Web Publishing Wizard. When new users log on the computer, they might receive an Access Denied error message as follows:
WEB PUBLISHING WIZARD
ADVANCED INF INSTALL
INF FAILURE. REASON ACCESS IS DENIED.
To work around this problem, use the following procedure:
- If Internet Explorer 5 is already installed on your computer, uninstall it.
- Start Office 2000 Setup in the "Custom" installation mode.
- When Setup asks if you want to install Internet Explorer 5, select No Upgrade.
- After Office 2000 setup is complete, install Internet Explorer 5.01 from the Service Pack 6 CD.
4.33 Unable to Start Windows Explorer After Applying Service Pack 5
An update made to the Shell32.dll file by Service Pack 5 caused Windows Explorer not to start after SP5 was installed and caused the following error message to appear:
This operation has been cancelled due to restrictions in effect on this computer. Please contact your system administrator.
This behavior has been fixed in SP6.
For more information about this issue, see Microsoft Knowledge Base article #Q236387
This section includes program notes for SP6.
5.1 CheckIt Diagnostic Kit 4.0 by Touchstone
The CheckIt Diagnostic Kit version 4.0 won't have full functionality when you install it onto Windows NT 4.0 Server, Terminal Server Edition.
Note: This application has not been tested for compatibility with Windows NT 4.0, Terminal Server Edition.