Managing Windows XP Professional Hotfixes

Wondering how to deal with all the Hotfixes Microsoft releases? Read on for more details. Hotfixes are smaller patches released between the larger Service Pack operating system updates, for problems that Microsoft deems need urgently to be sorted.

They are available as executable files, named something like Q815227_WXP_SP2_x86_ENU.exe. The name breaks down into the following components, separated by underscores:

  • Six-digit Knowledge Base Query Number
  • Operating system
  • Service pack level
  • Machine architecture
  • Language

Hotfixes are usually rolled into the Service Packs eventually, but some are interim bug fixes and feature add-ons that could get dropped if Microsoft decides the code in question needs a total rewrite. However, with the current spate of security alerts and virus headaches, Hotfixes are raining down thick and hard through Windows Update. On my Windows XP Professional installation alone I counted 40 Hotfixes.

The sheer number of Hotfixes required to run Windows XP Professional in a safe and stable state creates severe pain if you have to do a new installation of the operating system. You could, of course, just run Windows Update after a clean installation, but it’s a lengthy process with well in excess of 100MB of data to download for the Hotfixes alone. Plus, while the updates are being downloaded from the Internet, the system is in a vulnerable state, so beware.

A safer and faster method is to keep copies of the Hotfixes on a central file server, or removable media. If you don’t want to download all the files needed over the Internet, contact Microsoft Support, which will supply them for a charge.

Please make sure that your installation files are updated to the latest Service Pack level (currently SP2) before applying any Hotfixes.

Getting Hotfixes

Working out which Hotfixes are required for your system is a chore, unfortunately. Microsoft lists a large number of Hotfixes going back to 1998 and NT4 ( You should subscribe to Microsoft’s Security Notification Service, which is free and sends out messages about current issues and fixes for them.

Microsoft commissioned Shavlik Technologies ( to develop the Security Baseline Analyzer (MBSA), which among other things checks the updates you have installed and determines if some have been missed. It’s a good tool, well worth the 3.7MB download from

Note that MBSA isn’t infallible. On my system, it told me that I hadn’t installed the security patch bundled with the DirectX 9.0b update, which I had — MBSA didn’t recognise the higher version number. You need to double-check its recommendations by reading the Knowledge Base article that goes with the Hotfix before installing anything, and check file time-stamps and version numbers.


Once you’ve figured out which Hotfixes you need and have obtained them, there are a couple of ways to install them. Doing it one-by-one is tedious and may require several system reboots, so you’ll want to install the Hotfixes in a single batch.

The first involves using the Qchain functionality that’s included in all current Windows XP Hotfixes. This batch file installs Hotfixes 322011, 327979 and 328310 from the D: drive in one go, without rebooting between:

@echo off
set HOTFIXPATH=D:\hotfixes

%HOTFIXPATH%\Q322011_wxp_sp2_x86.exe /z /q /u
%HOTFIXPATH%\Q327979_wxp_sp2_x86.exe /z /q /u
%HOTFIXPATH%\Q328310_wxp_sp2_x86.exe /z /q /u

The /z switch sets the no reboot option, and the /q switch quiet mode, with no user interaction required. The /u switch sets unattended Setup mode, with no messages. Other switches for the hotfix executables include:

/f force other applications to close at operating system shutdown
/n do not back up files for removing hotfixes
/l lists installed hotfixes


If you have installed the DirectX 9.0b update and your TV tuner/capture card no longer works, there is no longer any need either to back out of the patch or to use the more complex method I described in a previous column if you’ve been running Windows XP Professional with System Restore disabled.

Microsoft has now formally acknowledged the problem at and released a Hotfix for it, which you can download at