DetailPage-MSS-KB

Microsoft small business knowledge base

Article ID: 953230 - Last Review: June 21, 2014 - Revision: 16.0

On This Page

INTRODUCTION

Microsoft has released security bulletin MS08-037. To view the complete security bulletin, visit one of the following Microsoft Web sites:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update (http://support.microsoft.com/ph/6527)

Security solutions for IT professionals: TechNet Security Troubleshooting and Support (http://technet.microsoft.com/security/bb980617.aspx)

Help protect your computer that is running Windows from viruses and malware: Virus Solution and Security Center (http://support.microsoft.com/contactus/cu_sc_virsec_master)

Local support according to your country: International Support (http://support.microsoft.com/common/international.aspx)

Known issues with this security update

Issue with ICMPv6 packets in Windows Server 2003

After you install this security update, Windows Server 2003 may not set the value of the icmp6_cksum field in the icmp6_hdr structure for ICMPv6 packets. To resolve this issue, install hotfix 974927. For more information about hotfix 974927, click the following article number to view the article in the Microsoft Knowledge Base:
974927  (http://support.microsoft.com/kb/974927/ ) Windows Server 2003 does not set the value of the icmp6_cksum field in the icmp6_hdr structure for ICMPv6 packets after you install security update 953230 (MS08-037)

Resource Consumption Issues

Windows DNS server systems may see an increase in memory and file handles resource consumption for systems on which the security update that is described in MS08-037 is installed. This is expected behavior because of the SocketPool randomization feature that was implemented to address this security vulnerability on Windows-based servers. The implementation of the DNS server security update reserves a set of ports. One of the ports is selected randomly for each outgoing DNS query. This design decision was made to address performance concerns for DNS servers that handle and originate a significantly larger number of queries than Windows-based clients. The set of reserved ports that the DNS server reserves is known as a "socket pool."

By default, the size of the socket pool on Windows-based servers is 2,500 sockets. To configure this size, change the SocketPoolSize registry entry in the following subkey in the registry:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters\SocketPoolSize

For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:
956188  (http://support.microsoft.com/kb/956188/ ) You experience issues with UDP-dependent network services after you install DNS Server service security update 953230 (MS08-037)

For more information, visit the following Microsoft Web page:
http://blogs.technet.com/sseshad/archive/2008/12/03/windows-dns-and-the-kaminsky-bug.aspx (http://blogs.technet.com/sseshad/archive/2008/12/03/windows-dns-and-the-kaminsky-bug.aspx)

Port conflict and connection issues

After you install this security update, and then you restart the computer, you may experience issues with User Datagram Protocol (UDP) dependent network services. After you install this security update, a service that depends on a UDP port may not start on a computer that is running Windows 2000, Windows Server 2003, or Windows Server 2008. This issue occurs if the service is allocated to the DNS service after security update 953230 is installed.

For more information about this issue, click the following article numbers to view the articles in the Microsoft Knowledge Base:
956188  (http://support.microsoft.com/kb/956188/ ) You experience issues with UDP-dependent network services after you install DNS Server service security update 953230 (MS08-037)
977512  (http://support.microsoft.com/kb/977512/ ) The DNS Server service binds to all ports in the Windows Deployment Services port range on a server that is running Windows Server 2008 R2 or Windows Server 2008

Service issues on SBS-based systems

After you install this security update, and then you restart a computer that is running Microsoft Windows Small Business Server 2003 (Windows SBS), you may experience many network-related problems.

For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:
956189  (http://support.microsoft.com/kb/956189/ ) Some services may not start or may not work correctly on a computer that is running Windows SBS after you install the DNS Server security update 953230 (MS08-037)

Perimeter firewall devices and NAT issues

After you install this security update on a Microsoft Windows-based computer, you may find that the DNS queries that are sent across a firewall from the computer do not use random source ports.

For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:
956190  (http://support.microsoft.com/kb/956190/ ) DNS queries that are sent across a firewall do not use random source ports after you install security update 953230 (MS08-037)

Issue with ZoneAlarm

After you install this security update on a Windows XP-based computer, on a Windows 2000-based computer, or on a Windows Server 2003-based computer that is running ZoneAlarm, you may be unable to connect to the Internet.

Note This issue does not affect Windows Vista-based computers.

This issue may occur when you run the ZoneAlarm versions that are listed in the following table.
Collapse this tableExpand this table
ApplicationVersion number range
Zone Alarm Internet Security Suite6.5.645.000–7.0.482.000
Zone Alarm Pro6.5.645.000–7.0.482.000
Zone Alarm Anti Virus6.5.645.000–7.0.482.000
Zone Alarm Anti-Spyware6.5.645.000–7.0.482.000
Zone Alarm Basic Firewall6.5.645.000–7.0.482.000
EndPoint Security6.5.645.000–7.0.865.000 (excluding 7.0.843.0007 and 7.0.866.000)
To resolve this issue, install update 958752. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
958752  (http://support.microsoft.com/kb/958752/ ) The version of AFD.SYS that is released together with security update 953230 (MS08-037) and security update 956803 (MS08-066) has an application compatibility issue

For more information about how to resolve this issue, visit the following ZoneAlarm Web site:
http://download.zonealarm.com/bin/free/pressReleases/2008/LossOfInternetAccessIssue.html (http://download.zonealarm.com/bin/free/pressReleases/2008/LossOfInternetAccessIssue.html)
Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.

Uninstall issues

Systems that are running supported editions of Windows 2000 Server and Windows Server 2003 will receive the DNS server updates in addition to the DNS client updates. The DNS server updates and the DNS client updates share binaries. Therefore, they must be uninstalled in the reverse order that they were installed to avoid regressing the shared binaries to earlier versions.

Consider the following scenario:
  • You install the DNS client security update (951748) that is described in security bulletin MS08-037.
  • You install the DNS server security update (951746) that is described in security bulletin MS08-037.
  • You uninstall the DNS client security update (951748) that is described in security bulletin MS08-037.
In this scenario, the DNS server security update (951746) that is described in security bulletin MS08-037 may revert to the vulnerable version. This behavior causes the DNS server security update (951746) that is described in security bulletin MS08-037 to be reoffered to the vulnerable system. Therefore, you must reinstall the DNS server security update (951746) that is described in security bulletin MS08-037.

For more information about this security update and for information about any known issues with specific releases of this software, click the following article number to view the article in the Microsoft Knowledge Base:
823836  (http://support.microsoft.com/kb/823836/ ) Removing Windows software updates in the wrong order may cause the operating system to stop functioning

Socket connection issues

The updates that are offered in bulletin MS08-037 prevent the DNS service from conflicting with the reserved ports that other services may be listening on.
DNS Source Port randomization
As a part of DNS Source Port randomization, Microsoft has reserved ports to reduce the source port randomization risk. The default size of the Socket Pool on Windows Server 2003 and down-level platforms is 2500. This size is configurable by modifying the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters\SocketPoolSize registry subkey.

When the value of the SocketPoolSize registry entry is changed, the DNS service must restart for the changes go into effect. On DNS servers that have other services listening on UDP ports, it is helpful to prevent the DNS service from conflicting with the reserved ports of other services.

For more information about ReservedPorts keys, click the following article number to view the article in the Microsoft Knowledge Base:
812873  (http://support.microsoft.com/kb/812873/ ) How to reserve a range of ephemeral ports on a computer that is running Windows Server 2003 or Windows 2000 Server
MaxUserPort
On Windows Server 2003 and Windows 2000 Server, the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\MaxUserPort registry subkey is defined as the maximum port up to which ports may be allocated for wildcard binds. The value of the MaxUserPort registry entry defines the dynamic port range.

For more information about the MaxUserPort registry entry, visit the following Microsoft Web site:
http://technet.microsoft.com/en-us/library/cc938196.aspx (http://technet.microsoft.com/en-us/library/cc938196.aspx)
What is the effective port range when the value of the MaxUserPort registry entry is set explicitly?

In Windows Server 2003 or Windows 2000 Server, the value of the MaxUserPort registry entry defines the dynamic port range. The range starts from 1024 to MaxUserPort.

Modifying the ephemeral port in Windows Server 2008 or later

To adjust the ephemeral port in Windows Server 2008 or later, run the following command:
netsh int <ipv4|ipv6> set dynamic <tcp|udp> start=number num=range
To view the current ephemeral port range, run the following command:
netsh int <ipv4|ipv6> show dynamicport <tcp|udp>
For more information, click the following article number to view the article in the Microsoft Knowledge Base:
929851  (http://support.microsoft.com/kb/929851/ ) The default dynamic port range for TCP/IP has changed in Windows Vista and in Windows Server 2008
The following is the fix behavior on Windows Server 2003 and down-level platforms after you install the MS08-037 DNS update:
  • If the value of the MaxUserPort registry entry is set, allocate ports randomly from the [1024, MaxUserPort] range.
  • If the value of the MaxUserPort registry entry is not set, allocate ports randomly from the [49152, 65535] range.

More information about this security update

For more information about this security update and for information about any known issues with specific releases of this software, click the following article numbers to view the articles in the Microsoft Knowledge Base:
951748  (http://support.microsoft.com/kb/951748/ ) MS08-037: Description of the security update for DNS in Windows Server 2003, in Windows XP, and in Windows 2000 Server (client side): July 8, 2008
951746  (http://support.microsoft.com/kb/951746/ ) MS08-037: Description of the security update for DNS in Windows Server 2008, in Windows Server 2003, and in Windows 2000 Server (server-side): July 8, 2008

File information (client side)

The English (United States) version of this software update installs files with the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). Note that dates and times for these files on your local computer are displayed in your local time and with your current daylight savings time bias. The dates and times may also change when you perform certain operations on the files.

For all supported editions of Microsoft Windows 2000 Service Pack 4

Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Afd.sys5.0.2195.7204119,15218-Oct-200800:08x86
Dnsapi.dll5.0.2195.7280139,02421-Apr-200910:00x86
Dnsrslvr.dll5.0.2195.728098,06421-Apr-200910:00x86
Msafd.dll5.0.2195.7158105,74421-Apr-200910:00x86
Mswsock.dll5.0.2195.715864,78414-Oct-200900:47x86
Tcpip.sys5.0.2195.7162320,52819-Jun-200812:05x86

Windows XP and Windows Server 2003 file information notes

  • The files that apply to a specific milestone (RTM, SPn) and service branch (QFE, GDR) are noted in the "SP requirement" and "Service branch" columns.
  • GDR service branches contain only fixes that are broadly released to address widespread, critical issues. QFE service branches contain hotfixes in addition to broadly released fixes.
  • In addition to the files listed in these tables, this software update also installs an associated security catalog file (KBnumber.cat) that is signed with a Microsoft digital signature.
For all supported x86-based versions of Windows XP
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
6to4svc.dll5.1.2600.2975100,35216-Aug-200611:58x86SP2SP2GDR
Afd.sys5.1.2600.3394138,36820-Jun-200810:44x86SP2SP2GDR
Dnsapi.dll5.1.2600.3394148,99220-Jun-200815:11x86SP2SP2GDR
Mswsock.dll5.1.2600.3394245,24820-Jun-200817:41x86SP2SP2GDR
Tcpip.sys5.1.2600.3394360,32020-Jun-200810:45x86SP2SP2GDR
Tcpip6.sys5.1.2600.3394225,92020-Jun-200807:22x86SP2SP2GDR
6to4svc.dll5.1.2600.2975100,35216-Aug-200612:08x86SP2SP2QFE
Afd.sys5.1.2600.3394138,36820-Jun-200810:44x86SP2SP2QFE
Dnsapi.dll5.1.2600.3394147,96820-Jun-200817:36x86SP2SP2QFE
Mswsock.dll5.1.2600.3394245,24820-Jun-200817:36x86SP2SP2QFE
Tcpip.sys5.1.2600.3394360,96020-Jun-200810:44x86SP2SP2QFE
Tcpip6.sys5.1.2600.3394225,92020-Jun-200809:32x86SP2SP2QFE
Afd.sys5.1.2600.5625138,49620-Jun-200811:40x86SP3SP3GDR
Dnsapi.dll5.1.2600.5625147,96820-Jun-200817:46x86SP3SP3GDR
Mswsock.dll5.1.2600.5625245,24820-Jun-200817:46x86SP3SP3GDR
Tcpip.sys5.1.2600.5625361,60020-Jun-200811:51x86SP3SP3GDR
Tcpip6.sys5.1.2600.5625225,85620-Jun-200811:08x86SP3SP3GDR
Afd.sys5.1.2600.5625138,49620-Jun-200811:48x86SP3SP3QFE
Dnsapi.dll5.1.2600.5625147,96820-Jun-200817:43x86SP3SP3QFE
Mswsock.dll5.1.2600.5625245,24820-Jun-200817:43x86SP3SP3QFE
Tcpip.sys5.1.2600.5625361,60020-Jun-200811:59x86SP3SP3QFE
Tcpip6.sys5.1.2600.5625225,85620-Jun-200811:16x86SP3SP3QFE

For all supported x86-based versions of Windows Server 2003

Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
6to4svc.dll5.2.3790.277199,84016-Aug-200613:52x86SP1SP1GDR
Afd.sys5.2.3790.3161150,52820-Jun-200815:59x86SP1SP1GDR
Dnsapi.dll5.2.3790.3161158,20820-Jun-200819:39x86SP1SP1GDR
Mswsock.dll5.2.3790.3161256,51220-Jun-200819:39x86SP1SP1GDR
Tcpip.sys5.2.3790.3161333,82420-Jun-200815:59x86SP1SP1GDR
Tcpip6.sys5.2.3790.3161225,85620-Jun-200810:13Not applicableSP1SP1GDR
6to4svc.dll5.2.3790.277199,84016-Aug-200614:01x86SP1SP1QFE
Afd.sys5.2.3790.3161152,57620-Jun-200810:38x86SP1SP1QFE
Dnsapi.dll5.2.3790.3161158,72020-Jun-200818:52x86SP1SP1QFE
Mswsock.dll5.2.3790.3161258,04820-Jun-200818:52x86SP1SP1QFE
Tcpip.sys5.2.3790.3161394,75220-Jun-200810:38x86SP1SP1QFE
Tcpip6.sys5.2.3790.3161225,98420-Jun-200810:04Not applicableSP1SP1QFE
Afd.sys5.2.3790.4318150,52820-Jun-200814:22x86SP2SP2GDR
Dnsapi.dll5.2.3790.4318160,76820-Jun-200818:19x86SP2SP2GDR
Mswsock.dll5.2.3790.4318256,00020-Jun-200818:19x86SP2SP2GDR
Tcpip.sys5.2.3790.4318384,00020-Jun-200814:22x86SP2SP2GDR
Tcpip6.sys5.2.3790.4318234,36820-Jun-200813:55Not applicableSP2SP2GDR
Afd.sys5.2.3790.4318150,52820-Jun-200811:02x86SP2SP2QFE
Dnsapi.dll5.2.3790.4318160,76820-Jun-200819:39x86SP2SP2QFE
Mswsock.dll5.2.3790.4318257,02420-Jun-200818:07x86SP2SP2QFE
Tcpip.sys5.2.3790.4318390,65620-Jun-200811:01x86SP2SP2QFE
Tcpip6.sys5.2.3790.4318234,49620-Jun-200810:19Not applicableSP2SP2QFE

For all supported x64-based versions of Windows Server 2003 and Windows XP Professional x64 edition

Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
6to4svc.dll5.2.3790.2771124,41620-Jun-200818:28x64SP1SP1GDR
Afd.sys5.2.3790.3161299,00820-Jun-200818:28x64SP1SP1GDR
Dnsapi.dll5.2.3790.3161306,68820-Jun-200818:28x64SP1SP1GDR
Mswsock.dll5.2.3790.3161490,49620-Jun-200818:28x64SP1SP1GDR
Tcpip.sys5.2.3790.3161703,48820-Jun-200818:28x64SP1SP1GDR
Tcpip6.sys5.2.3790.3161362,75220-Jun-200818:29x64SP1SP1GDR
W6to4svc.dll5.2.3790.277199,84020-Jun-200818:29x86SP1SP1GDR\WOW
Wdnsapi.dll5.2.3790.3161158,20820-Jun-200818:29x86SP1SP1GDR\WOW
Wmswsock.dll5.2.3790.3161232,44820-Jun-200818:29x86SP1SP1GDR\WOW
6to4svc.dll5.2.3790.2771124,41620-Jun-200818:28x64SP1SP1QFE
Afd.sys5.2.3790.3161299,52020-Jun-200818:28x64SP1SP1QFE
Dnsapi.dll5.2.3790.3161306,68820-Jun-200818:28x64SP1SP1QFE
Mswsock.dll5.2.3790.3161491,52020-Jun-200818:28x64SP1SP1QFE
Tcpip.sys5.2.3790.3161829,95220-Jun-200818:29x64SP1SP1QFE
Tcpip6.sys5.2.3790.3161363,13620-Jun-200818:29x64SP1SP1QFE
W6to4svc.dll5.2.3790.277199,84020-Jun-200818:29x86SP1SP1QFE\WOW
Wdnsapi.dll5.2.3790.3161158,72020-Jun-200818:29x86SP1SP1QFE\WOW
Wmswsock.dll5.2.3790.3161233,47220-Jun-200818:29x86SP1SP1QFE\WOW
Afd.sys5.2.3790.4318291,84021-Jun-200807:07x64SP2SP2GDR
Dnsapi.dll5.2.3790.4318306,17621-Jun-200807:07x64SP2SP2GDR
Mswsock.dll5.2.3790.4318492,54421-Jun-200807:07x64SP2SP2GDR
Tcpip.sys5.2.3790.4318768,51221-Jun-200807:07x64SP2SP2GDR
Tcpip6.sys5.2.3790.4318375,68021-Jun-200807:07x64SP2SP2GDR
Wdnsapi.dll5.2.3790.4318160,76821-Jun-200807:07x86SP2SP2GDR\WOW
Wmswsock.dll5.2.3790.4318233,47221-Jun-200807:07x86SP2SP2GDR\WOW
Afd.sys5.2.3790.4318292,35220-Jun-200818:29x64SP2SP2QFE
Dnsapi.dll5.2.3790.4318306,68820-Jun-200818:29x64SP2SP2QFE
Mswsock.dll5.2.3790.4318493,05620-Jun-200818:29x64SP2SP2QFE
Tcpip.sys5.2.3790.4318784,89620-Jun-200818:29x64SP2SP2QFE
Tcpip6.sys5.2.3790.4318375,80820-Jun-200818:29x64SP2SP2QFE
Wdnsapi.dll5.2.3790.4318160,76820-Jun-200818:30x86SP2SP2QFE\WOW
Wmswsock.dll5.2.3790.4318234,49620-Jun-200818:30x86SP2SP2QFE\WOW

For all supported Itanium-based versions of Windows Server 2003

Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
6to4svc.dll5.2.3790.2771362,49620-Jun-200818:34IA-64SP1SP1GDR
Afd.sys5.2.3790.3161582,14420-Jun-200818:34IA-64SP1SP1GDR
Dnsapi.dll5.2.3790.3161438,27220-Jun-200818:34IA-64SP1SP1GDR
Mswsock.dll5.2.3790.3161780,80020-Jun-200818:34IA-64SP1SP1GDR
Tcpip.sys5.2.3790.31611,116,67220-Jun-200818:34IA-64SP1SP1GDR
Tcpip6.sys5.2.3790.3161736,38420-Jun-200818:35Not applicableSP1SP1GDR
W6to4svc.dll5.2.3790.277199,84020-Jun-200818:35x86SP1SP1GDR\WOW
Wdnsapi.dll5.2.3790.3161158,20820-Jun-200818:35x86SP1SP1GDR\WOW
Wmswsock.dll5.2.3790.3161232,44820-Jun-200818:35x86SP1SP1GDR\WOW
6to4svc.dll5.2.3790.2771362,49620-Jun-200818:29IA-64SP1SP1QFE
Afd.sys5.2.3790.3161584,19220-Jun-200818:29IA-64SP1SP1QFE
Dnsapi.dll5.2.3790.3161438,27220-Jun-200818:29IA-64SP1SP1QFE
Mswsock.dll5.2.3790.3161784,89620-Jun-200818:29IA-64SP1SP1QFE
Tcpip.sys5.2.3790.31611,308,67220-Jun-200818:29IA-64SP1SP1QFE
Tcpip6.sys5.2.3790.3161737,02420-Jun-200818:29Not applicableSP1SP1QFE
W6to4svc.dll5.2.3790.277199,84020-Jun-200818:29x86SP1SP1QFE\WOW
Wdnsapi.dll5.2.3790.3161158,72020-Jun-200818:29x86SP1SP1QFE\WOW
Wmswsock.dll5.2.3790.3161233,47220-Jun-200818:29x86SP1SP1QFE\WOW
Afd.sys5.2.3790.4318583,68021-Jun-200807:04IA-64SP2SP2GDR
Dnsapi.dll5.2.3790.4318438,27221-Jun-200807:04IA-64SP2SP2GDR
Mswsock.dll5.2.3790.4318785,40821-Jun-200807:04IA-64SP2SP2GDR
Tcpip.sys5.2.3790.43181,287,16821-Jun-200807:04IA-64SP2SP2GDR
Tcpip6.sys5.2.3790.4318763,77621-Jun-200807:04Not applicableSP2SP2GDR
Wdnsapi.dll5.2.3790.4318160,76821-Jun-200807:04x86SP2SP2GDR\WOW
Wmswsock.dll5.2.3790.4318233,47221-Jun-200807:04x86SP2SP2GDR\WOW
Afd.sys5.2.3790.4318584,19220-Jun-200818:33IA-64SP2SP2QFE
Dnsapi.dll5.2.3790.4318438,27220-Jun-200818:33IA-64SP2SP2QFE
Mswsock.dll5.2.3790.4318789,50420-Jun-200818:33IA-64SP2SP2QFE
Tcpip.sys5.2.3790.43181,310,20820-Jun-200818:34IA-64SP2SP2QFE
Tcpip6.sys5.2.3790.4318764,41620-Jun-200818:34Not applicableSP2SP2QFE
Wdnsapi.dll5.2.3790.4318160,76820-Jun-200818:34x86SP2SP2QFE\WOW
Wmswsock.dll5.2.3790.4318234,49620-Jun-200818:34x86SP2SP2QFE\WOW

File information (server side)

The English (United States) version of this software update installs files with the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). Note that dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time bias. The dates and times may also change when you perform certain operations on the files.

For all supported editions of Microsoft Windows 2000 Service Pack 4

Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Afd.sys5.0.2195.7158119,15208-May-200806:08x86
Dns.exe5.0.2195.7162332,04812-Jun-200809:21x86
Dnsperf.dll5.0.2195.715733,55225-Jun-200807:14x86
Dnsperf.hNot applicable6,64230-Apr-200807:49Not applicable
Dnsperf.iniNot applicable11,59730-Apr-200807:49Not applicable
Msafd.dll5.0.2195.7158105,74425-Jun-200807:14x86
Tcpip.sys5.0.2195.7162320,52818-Jun-200807:35x86

Windows XP and Windows Server 2003 file information notes

  • The files that apply to a specific milestone (RTM, SPn) and service branch (QFE, GDR) are noted in the "SP requirement" and "Service branch" columns.
  • GDR service branches contain only fixes that are broadly released to address widespread, critical issues. QFE service branches contain hotfixes in addition to broadly released fixes.
  • In addition to the files listed in these tables, this software update also installs an associated security catalog file (KBnumber.cat) that is signed with a Microsoft digital signature.

For all supported x86-based versions of Windows Server 2003

Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
6to4svc.dll5.2.3790.277199,84016-Aug-200613:52x86SP1SP1GDR
Afd.sys5.2.3790.3161150,52820-Jun-200815:59x86SP1SP1GDR
Dns.exe5.2.3790.3161446,97620-Jun-200809:57x86SP1SP1GDR
Dnsperf.dll5.2.3790.316111,77621-Jun-200814:45x86SP1SP1GDR
Dnsperf.hNot applicable6,64226-Apr-200804:36Not applicableSP1SP1GDR
Dnsperf.iniNot applicable11,59726-Apr-200804:33Not applicableSP1SP1GDR
Mswsock.dll5.2.3790.3161256,51221-Jun-200814:45x86SP1SP1GDR
Tcpip.sys5.2.3790.3161333,82420-Jun-200815:59x86SP1SP1GDR
Tcpip6.sys5.2.3790.3161225,85620-Jun-200810:13Not applicableSP1SP1GDR
6to4svc.dll5.2.3790.277199,84016-Aug-200614:01x86SP1SP1QFE
Afd.sys5.2.3790.3161152,57620-Jun-200810:38x86SP1SP1QFE
Dns.exe5.2.3790.3161448,00020-Jun-200810:02x86SP1SP1QFE
Dnsperf.dll5.2.3790.316111,77621-Jun-200814:37x86SP1SP1QFE
Dnsperf.hNot applicable6,64226-Apr-200804:36Not applicableSP1SP1QFE
Dnsperf.iniNot applicable11,59726-Apr-200804:33Not applicableSP1SP1QFE
Mswsock.dll5.2.3790.3161258,04821-Jun-200814:37x86SP1SP1QFE
Tcpip.sys5.2.3790.3161394,75220-Jun-200810:38x86SP1SP1QFE
Tcpip6.sys5.2.3790.3161225,98420-Jun-200810:04Not applicableSP1SP1QFE
W03a2409.dll5.2.3790.316130,20820-Jun-200809:56x86SP1SP1QFE
Afd.sys5.2.3790.4318150,52820-Jun-200814:22x86SP2SP2GDR
Dns.exe5.2.3790.4318447,48820-Jun-200813:38x86SP2SP2GDR
Dnsperf.dll5.2.3790.431811,77621-Jun-200814:06x86SP2SP2GDR
Dnsperf.hNot applicable6,64226-Apr-200804:36Not applicableSP2SP2GDR
Dnsperf.iniNot applicable11,59726-Apr-200804:33Not applicableSP2SP2GDR
Mswsock.dll5.2.3790.4318256,00021-Jun-200814:06x86SP2SP2GDR
Tcpip.sys5.2.3790.4318384,00020-Jun-200814:22x86SP2SP2GDR
Tcpip6.sys5.2.3790.4318234,36820-Jun-200813:55Not applicableSP2SP2GDR
Afd.sys5.2.3790.4318150,52820-Jun-200811:02x86SP2SP2QFE
Dns.exe5.2.3790.4318448,00020-Jun-200810:20x86SP2SP2QFE
Dnsperf.dll5.2.3790.431811,77621-Jun-200814:14x86SP2SP2QFE
Dnsperf.hNot applicable6,64226-Apr-200804:36Not applicableSP2SP2QFE
Dnsperf.iniNot applicable11,59726-Apr-200804:33Not applicableSP2SP2QFE
Mswsock.dll5.2.3790.4318257,02421-Jun-200814:14x86SP2SP2QFE
Tcpip.sys5.2.3790.4318390,65620-Jun-200811:01x86SP2SP2QFE
Tcpip6.sys5.2.3790.4318234,49620-Jun-200810:19Not applicableSP2SP2QFE

For all supported x64-based versions of Windows Server 2003

Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
6to4svc.dll5.2.3790.2771124,41621-Jun-200812:55x64SP1SP1GDR
Afd.sys5.2.3790.3161299,00821-Jun-200812:55x64SP1SP1GDR
Dns.exe5.2.3790.3161767,48821-Jun-200812:55x64SP1SP1GDR
Dnsperf.dll5.2.3790.316114,33621-Jun-200812:55x64SP1SP1GDR
Dnsperf.hNot applicable6,64221-Jun-200812:55Not applicableSP1SP1GDR
Dnsperf.iniNot applicable11,59721-Jun-200812:55Not applicableSP1SP1GDR
Mswsock.dll5.2.3790.3161490,49621-Jun-200812:55x64SP1SP1GDR
Tcpip.sys5.2.3790.3161703,48821-Jun-200812:55x64SP1SP1GDR
Tcpip6.sys5.2.3790.3161362,75221-Jun-200812:55x64SP1SP1GDR
W6to4svc.dll5.2.3790.277199,84021-Jun-200812:55x86SP1SP1GDR\WOW
Wdns.exe5.2.3790.3161446,97621-Jun-200812:55x86SP1SP1GDR\WOW
Wdnsperf.dll5.2.3790.316111,77621-Jun-200812:55x86SP1SP1GDR\WOW
Wmswsock.dll5.2.3790.3161232,44821-Jun-200812:55x86SP1SP1GDR\WOW
6to4svc.dll5.2.3790.2771124,41622-Jun-200804:55x64SP1SP1QFE
Afd.sys5.2.3790.3161299,52022-Jun-200804:55x64SP1SP1QFE
Dns.exe5.2.3790.3161770,56022-Jun-200804:55x64SP1SP1QFE
Dnsperf.dll5.2.3790.316114,33622-Jun-200804:55x64SP1SP1QFE
Dnsperf.hNot applicable6,64222-Jun-200804:55Not applicableSP1SP1QFE
Dnsperf.iniNot applicable11,59722-Jun-200804:55Not applicableSP1SP1QFE
Mswsock.dll5.2.3790.3161491,52022-Jun-200804:55x64SP1SP1QFE
Tcpip.sys5.2.3790.3161829,95222-Jun-200804:55x64SP1SP1QFE
Tcpip6.sys5.2.3790.3161363,13622-Jun-200804:55x64SP1SP1QFE
W03a2409.dll5.2.3790.316130,72022-Jun-200804:55x64SP1SP1QFE
W6to4svc.dll5.2.3790.277199,84022-Jun-200804:55x86SP1SP1QFE\WOW
Wdns.exe5.2.3790.3161448,00022-Jun-200804:55x86SP1SP1QFE\WOW
Wdnsperf.dll5.2.3790.316111,77622-Jun-200804:55x86SP1SP1QFE\WOW
Wmswsock.dll5.2.3790.3161233,47222-Jun-200804:55x86SP1SP1QFE\WOW
Ww03a2409.dll5.2.3790.316130,20822-Jun-200804:55x86SP1SP1QFE\WOW
Afd.sys5.2.3790.4318291,84022-Jun-200805:16x64SP2SP2GDR
Dns.exe5.2.3790.4318768,51222-Jun-200805:16x64SP2SP2GDR
Dnsperf.dll5.2.3790.431814,33622-Jun-200805:16x64SP2SP2GDR
Dnsperf.hNot applicable6,64222-Jun-200805:16Not applicableSP2SP2GDR
Dnsperf.iniNot applicable11,59722-Jun-200805:16Not applicableSP2SP2GDR
Mswsock.dll5.2.3790.4318492,54422-Jun-200805:16x64SP2SP2GDR
Tcpip.sys5.2.3790.4318768,51222-Jun-200805:16x64SP2SP2GDR
Tcpip6.sys5.2.3790.4318375,68022-Jun-200805:16x64SP2SP2GDR
Wdnsperf.dll5.2.3790.431811,77622-Jun-200805:16x86SP2SP2GDR\WOW
Wmswsock.dll5.2.3790.4318233,47222-Jun-200805:16x86SP2SP2GDR\WOW
Afd.sys5.2.3790.4318292,35222-Jun-200805:16x64SP2SP2QFE
Dns.exe5.2.3790.4318771,07222-Jun-200805:16x64SP2SP2QFE
Dnsperf.dll5.2.3790.431814,33622-Jun-200805:16x64SP2SP2QFE
Dnsperf.hNot applicable6,64222-Jun-200805:16Not applicableSP2SP2QFE
Dnsperf.iniNot applicable11,59722-Jun-200805:16Not applicableSP2SP2QFE
Mswsock.dll5.2.3790.4318493,05622-Jun-200805:16x64SP2SP2QFE
Tcpip.sys5.2.3790.4318784,89622-Jun-200805:16x64SP2SP2QFE
Tcpip6.sys5.2.3790.4318375,80822-Jun-200805:16x64SP2SP2QFE
Wdnsperf.dll5.2.3790.431811,77622-Jun-200805:16x86SP2SP2QFE\WOW
Wmswsock.dll5.2.3790.4318234,49622-Jun-200805:16x86SP2SP2QFE\WOW

For all supported Itanium-based versions of Windows Server 2003

Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
6to4svc.dll5.2.3790.2771362,49621-Jun-200812:53IA-64SP1SP1GDR
Afd.sys5.2.3790.3161582,14421-Jun-200812:53IA-64SP1SP1GDR
Dns.exe5.2.3790.31611,136,64021-Jun-200812:53IA-64SP1SP1GDR
Dnsperf.dll5.2.3790.316126,62421-Jun-200812:54IA-64SP1SP1GDR
Dnsperf.hNot applicable6,64221-Jun-200812:54Not applicableSP1SP1GDR
Dnsperf.iniNot applicable11,59721-Jun-200812:54Not applicableSP1SP1GDR
Mswsock.dll5.2.3790.3161780,80021-Jun-200812:54IA-64SP1SP1GDR
Tcpip.sys5.2.3790.31611,116,67221-Jun-200812:54IA-64SP1SP1GDR
Tcpip6.sys5.2.3790.3161736,38421-Jun-200812:54Not applicableSP1SP1GDR
W6to4svc.dll5.2.3790.277199,84021-Jun-200812:54x86SP1SP1GDR\WOW
Wdns.exe5.2.3790.3161446,97621-Jun-200812:54x86SP1SP1GDR\WOW
Wdnsperf.dll5.2.3790.316111,77621-Jun-200812:54x86SP1SP1GDR\WOW
Wmswsock.dll5.2.3790.3161232,44821-Jun-200812:54x86SP1SP1GDR\WOW
6to4svc.dll5.2.3790.2771362,49621-Jun-200812:55IA-64SP1SP1QFE
Afd.sys5.2.3790.3161584,19221-Jun-200812:55IA-64SP1SP1QFE
Dns.exe5.2.3790.31611,140,73621-Jun-200812:55IA-64SP1SP1QFE
Dnsperf.dll5.2.3790.316126,62421-Jun-200812:55IA-64SP1SP1QFE
Dnsperf.hNot applicable6,64221-Jun-200812:55Not applicableSP1SP1QFE
Dnsperf.iniNot applicable11,59721-Jun-200812:55Not applicableSP1SP1QFE
Mswsock.dll5.2.3790.3161784,89621-Jun-200812:55IA-64SP1SP1QFE
Tcpip.sys5.2.3790.31611,308,67221-Jun-200812:55IA-64SP1SP1QFE
Tcpip6.sys5.2.3790.3161737,02421-Jun-200812:55Not applicableSP1SP1QFE
W03a2409.dll5.2.3790.316129,18421-Jun-200812:55IA-64SP1SP1QFE
W6to4svc.dll5.2.3790.277199,84021-Jun-200812:55x86SP1SP1QFE\WOW
Wdns.exe5.2.3790.3161448,00021-Jun-200812:55x86SP1SP1QFE\WOW
Wdnsperf.dll5.2.3790.316111,77621-Jun-200812:55x86SP1SP1QFE\WOW
Wmswsock.dll5.2.3790.3161233,47221-Jun-200812:55x86SP1SP1QFE\WOW
Ww03a2409.dll5.2.3790.316130,20821-Jun-200812:55x86SP1SP1QFE\WOW
Afd.sys5.2.3790.4318583,68022-Jun-200805:01IA-64SP2SP2GDR
Dns.exe5.2.3790.43181,139,20022-Jun-200805:01IA-64SP2SP2GDR
Dnsperf.dll5.2.3790.431826,62422-Jun-200805:01IA-64SP2SP2GDR
Dnsperf.hNot applicable6,64222-Jun-200805:01Not applicableSP2SP2GDR
Dnsperf.iniNot applicable11,59722-Jun-200805:01Not applicableSP2SP2GDR
Mswsock.dll5.2.3790.4318785,40822-Jun-200805:01IA-64SP2SP2GDR
Tcpip.sys5.2.3790.43181,287,16822-Jun-200805:01IA-64SP2SP2GDR
Tcpip6.sys5.2.3790.4318763,77622-Jun-200805:01Not applicableSP2SP2GDR
Wdnsperf.dll5.2.3790.431811,77622-Jun-200805:01x86SP2SP2GDR\WOW
Wmswsock.dll5.2.3790.4318233,47222-Jun-200805:01x86SP2SP2GDR\WOW
Afd.sys5.2.3790.4318584,19221-Jun-200812:53IA-64SP2SP2QFE
Dns.exe5.2.3790.43181,140,73621-Jun-200812:53IA-64SP2SP2QFE
Dnsperf.dll5.2.3790.431826,62421-Jun-200812:53IA-64SP2SP2QFE
Dnsperf.hNot applicable6,64221-Jun-200812:53Not applicableSP2SP2QFE
Dnsperf.iniNot applicable11,59721-Jun-200812:53Not applicableSP2SP2QFE
Mswsock.dll5.2.3790.4318789,50421-Jun-200812:53IA-64SP2SP2QFE
Tcpip.sys5.2.3790.43181,310,20821-Jun-200812:53IA-64SP2SP2QFE
Tcpip6.sys5.2.3790.4318764,41621-Jun-200812:53Not applicableSP2SP2QFE
Wdnsperf.dll5.2.3790.431811,77621-Jun-200812:53x86SP2

Applies to
  • Microsoft Windows Server 2003, Standard x64 Edition
  • Microsoft Windows Server 2003, Enterprise x64 Edition
  • Microsoft Windows Server 2003, Datacenter x64 Edition
  • Microsoft Windows Server 2003 Service Pack 1, when used with:
    • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
    • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
    • Microsoft Windows Server 2003, Web Edition
    • Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
    • Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
    • Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
  • Microsoft Windows Server 2003 Service Pack 2, when used with:
    • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
    • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
    • Microsoft Windows Server 2003, Web Edition
    • Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
    • Microsoft Windows Server 2003, Standard x64 Edition
    • Microsoft Windows Server 2003, Enterprise x64 Edition
    • Microsoft Windows Server 2003, Datacenter x64 Edition
    • Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
    • Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
    • Microsoft Windows XP Professional x64 Edition
  • Microsoft Small Business Server 2000 Standard Edition
  • Microsoft Windows XP Media Center Edition 2005
  • Microsoft Windows XP Service Pack 3, when used with:
    • Microsoft Windows XP Home Edition
    • Microsoft Windows XP Professional
  • Microsoft Windows XP Service Pack 2, when used with:
    • Microsoft Windows XP Home Edition
    • Microsoft Windows XP Professional
  • Windows Server 2008 for Itanium-Based Systems
  • Windows Server 2008 Datacenter
  • Windows Server 2008 Enterprise
  • Windows Server 2008 Standard
  • Windows Web Server 2008
Keywords: 
atdownload kbexpertiseinter kbfix kbbug kbsecvulnerability kbsecbulletin kbsecurity kbqfe kbexpertisebeginner KB953230
Share
Additional support options
Ask The Microsoft Small Business Support Community
Contact Microsoft Small Business Support
Find Microsoft Small Business Support Certified Partner
Find a Microsoft Store For In-Person Small Business Support