March 01, 2001, 9:57 AM — Were always looking for new fixes, patches and service packs -- but we dread the consequences of installing them. Most network managers subscribe to the "if it ain't broke, don't fix it" philosophy. But even when we don't notice that somethings broken (such as with security holes which crackers can exploit), there are some patches we'll install right away.
Now it appears that -- while its a remote chance -- under certain circumstances its possible for some Microsoft hotfixes to remove earlier fixes, and you won't know it happened.
It seems that all new hotfixes come with a catalog listing all hotfixes released through the date of the current hotfix. Hotfixes produced after the release of Service Pack 1, and before Dec. 18, 2000, had incorrect catalogs included. This could cause Windows File Protection to remove a valid hotfix from a system, under fairly specific conditions. This could cause your system to revert to a version of a Windows 2000 module that contained a security vulnerability.
For this to occur, you would have to have applied multiple hotfixes in nonchronological order. You also would have had to explicitly run Windows File Protection (by running sfc/scannow for instance) or trigger it through some administrator action (for example, a group policy specifying that it be invoked).
Nevertheless, the effect is so serious that Microsoft has released a patch to address this issue, and it is one that everyone should install -- because you really can't be sure you have already suffered damage.
Actually, you can be sure -- because there's also a diagnostic tool that will tell you if you've suffered the problem. Head over to http://www.microsoft.com/technet/security/bulletin/MS01-005.aspand download and run the diagnostic tool. If this identifies that you have a problem, then go ahead and download (and install) the fix. You'll sleep better.