It is time consuming to figure out which critical security fixes shoudl be installed in a TSE/Citrix environment. And to keep it updated. I am wondering what most people do: 1. install every security fix being released by MS$ 2. only install the most critical ones, and is so what would be the list ? 3. are there critical security fixes out there which need W2000 SP4 ? As SP4 can gives issues with Citrix XP, we are (a bit) reluctant to install SP4. Thanks. Jan