Hotfix file versions question

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hi, I'm having trouble getting a definitive answer to this:

Is it always the case that a later version number of a file will contain all
fixes made to date in both public *and* security Windows 2000 hotfixes?

Also, what exactly is the difference between a public hotfix and a private
one?

Thanks,
Alice
 
Ask them here.

Free support for security updates. 1-866-PCSAFETY

--
Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect

:
| Hi, I'm having trouble getting a definitive answer to this:
|
| Is it always the case that a later version number of a file will contain
all
| fixes made to date in both public *and* security Windows 2000 hotfixes?
|
| Also, what exactly is the difference between a public hotfix and a private
| one?
|
| Thanks,
| Alice
|
|
 
Public Hotfixes are those which you can download from their site. The Private Hotfixes are those which have not been regression tested; have to ask for them; are password protected; and may do more harm than good. Public Hotfixes also can also satisy the last attribute so basically one you have to ask for the other is available through Windows Update or off one of Microsoft's Web pages.
 
Thanks for your suggestions. Unfortunately 1-866-PCSAFETY does not apply for
me as I am not in the US. I did however find a number to ring in the UK and
spoke to a very clued-up sounding woman who said that for Windows 2000 & 2003
"all hotfixes are cumulative" - so basically if you have a later file
version, it will contain all fixes made to that file, whether from a security
hotfix or a non-security hotfix.

Alice
 
Hi ALice,

She is wrong. There are hot fixes which are called "Roll-Up"
or "Cumulative" hot fixes. There are also Service Packs, and
there are plain "hot fixes".

The Service packs are cumulative, the "roll up" hot fixes
are cumulative, but the ordinary hot fixes are NOT cumulative.

The service packs contain all fixes of both sorts between
the old service pack and the new one. The cumulative fixes
contain all fixes since the last service pack but usually in
only one area, such as security. Other fixes are eventually
included in roll up hot fix or a service pack.

Cheers,

Cliff
 
Hi Cliff, thanks for your posting.

By "all hotfixes are cumulative" she meant solely in the context of the
files that they contain. Therefore a version number of a file, e.g.
shell32.dll v5.0.3900.7032, contains all changes made to that file in earlier
file version numbers. Does that clarify?

Cheers,
Alice
 
No. Most hotfixes being Private never make it into released Hotfixes. The reason being they are never fully regression tested. Yes some do make it into a Service Pack say but not many. No most security fixes are directed to one thing and one thing only. Except for those pesky IE security fixes. They can even tie your shoes. Cumulative Gad I hope not.
 
It's not true. A file can be versioned up with a fix which turns out to be bad. They do NOT version down when they remove that attempt for a fix. It is versioned up also. There is no guarantee that higher version has the fix because it may have turned out the previous fix was a show stopper and so scratched that attempt for a fix.

Anything a prior version did and was regression tested should appear in the later versions. But Private hotfixes are NOT regression tested and so one version to the next of the files in those Hotfixes say nothing concluusive about later versions of the files.
 
I used to think it was along the lines of what you are saying, and the
QFE/GDR branching hotfixes supplied for IE and Window Server 2003 seems to
support this, but then numerous people told me otherwise.

Does this therefore mean that someone with, say, 20 "ask Microsoft to
receive" (i.e. not directly downloadable from their website) hotfixes has to
get them all remade to incorporate, say, 5 (optimistic!) or so security
hotfixes that are released every month? I have been told several times this
is not necessary.

Even their KB articles seem to me to contradict this, as they always say:
"Apply it only to systems that are experiencing this specific problem".

If I wish hard enough, do you think they might change their minds and
release service pack 5?

Alice
 
No I doubt SP5 will ever arrive. There is no money in it.
Does this therefore mean that someone with, say, 20 "ask Microsoft to
receive" (i.e. not directly downloadable from their website) hotfixes has to
get them all remade to incorporate, say, 5 (optimistic!) or so security
hotfixes that are released every month? I have been told several times this
is not necessary.
Click to expand...

I am not sure what you are saying here. If you mean can you convince Microsoft to do something for you? No don't expect that.

Installing security fixes as they come out is not in my lexicon. Is in some but not mine. Can a security fix break a "Private" hotfix? Oh yeah sure it can. SP4 is one good example. Applying SP4 to Windows 2000 with one of I think it was 6 "private" hotfixes installed resulted in a failed installation and a dead system and those "Private" hotfixes had to be removed first. Trouble is they rarely can be so you do the math.

Also Microsoft is full of KB articles with fixes for their applications which were broke by security fixes for their applications. The only people who find glee in this are those which cause Microsoft to run around in circles chasing their tail. One way to avoid this is to soberly assess your susceptibility of these security issues before taking the chance with them. And then wait.

--
George Hester
_______________________________
Alice said:
I used to think it was along the lines of what you are saying, and the
QFE/GDR branching hotfixes supplied for IE and Window Server 2003 seems to
support this, but then numerous people told me otherwise.

Does this therefore mean that someone with, say, 20 "ask Microsoft to
receive" (i.e. not directly downloadable from their website) hotfixes has to
get them all remade to incorporate, say, 5 (optimistic!) or so security
hotfixes that are released every month? I have been told several times this
is not necessary.

Even their KB articles seem to me to contradict this, as they always say:
"Apply it only to systems that are experiencing this specific problem".

If I wish hard enough, do you think they might change their minds and
release service pack 5?

Alice
Click to expand...
 
Back
Top