Although Microsoft decided to cancel the development and release of Windows NT 4.0 Service Pack 7 (SP7), the company is releasing security-related hotfixes for that OS. To make applying those security hotfixes easier, Microsoft recently released the Post-SP6a Security Rollup Package.
Available on Microsoft's Web site, the Post-SP6a Security Rollup Package contains all security-related hotfixes Microsoft has released since SP6a--to date, more than 60 such hotfixes, which include 27 corrections to the core OS and 22 corrections to IIS.
The Post-SP6a Security Rollup Package Web page also lists several other security-related fixes that users can apply to the OS, IIS, and FrontPage. Microsoft didn't include these fixes in the rollup package because they require administrative action rather than a patch application. Microsoft also reminds users that under certain conditions, users need to reapply service packs and hotfixes, as explained in Microsoft article Q196269, "When to Reinstall a Service Pack."