August 2007 Monthly Security Updates are Now Available on the ECE



The August 2007 Windows XP Embedded Monthly Security Updates are now available on the Mobile & Embedded Communications Extranet (ECE) for Microsoft® Windows® XP Embedded Service Pack 2, Feature Pack 2007, and Update Rollup 1.0.  This supplement includes updates for both the Desktop QFE Installer (DQI) Tool and the Component Database.



The following updates are included in this release – please see the ECE for more details:
·         KB 939373     Vulnerability in Microsoft Internet Information Services Could Allow Remote Code Execution
·         KB 925398     Vulnerability in Windows Media Format Could Allow Remote Code Execution
·         KB 936021     Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution
·         KB 921503     Vulnerability in OLE Automation Could Allow Remote Code Execution
·         KB 937143     Cumulative Security Update for Internet Explorer
·         KB 938829     Vulnerability in GDI Could Allow Remote Code Execution
·         KB 936782     Vulnerability in Windows Media Player could allow remote code execution.
·         KB 933360     August 2007 cumulative time zone update for Microsoft Windows
·         KB 929123     Cumulative Security Update for Outlook Express and Windows Mail - URL Redirect Cross Domain Information Disclosure Vulnerability
·         KB 935839     Vulnerability in Win 32 API Could Allow Remote Code Execution
·         KB 935840     Vulnerability in SChannel could allow Remote Code Execution
·         KB 928365     Vulnerabilities in .NET Framework Could Allow Remote Code Execution
·         KB 938127     Vulnerability in Vector Markup Language Could Allow Remote Code
·         KB 923689     Vulnerability in Windows Media Format Could Allow Remote Code Execution



Please note that the Component Database version of KB938127 UPR1 will be available in October- this is to accommodate testing for the later IE version used by UPR1. This release also includes UPR1 Component Database updates for June, July and August, bringing UPR1 updates current. The IE rollup from June has been superseded by the IE rollup package included in this August release. Lastly, please note that as previously announced on the blog,, an optional software update was also made available this month from the Embedded Product Group. Moving forward in even numbered months, you can expect to see more optional software updates made available in the same time frame as the Security Updates. You can review the optional software updates to see if they contain items that would be useful for your images.



The August 2007 Windows XP Embedded Monthly Security Updates are available at the following link on the ECE:
https://ece.partners.extranet.microsoft.com/ece/ProductDownloads/TheDownloads/Embedded/XPE/XPEMonthlyUpdates/Aug07XPEmbeddedSecurityUpdates.htm


If you have questions on accessing the ECE, please email MS Mobile & Embedded Communications Feedback & Support, ECE@microsoft.com.



-Katy

Skip to main content