The August 2008 Windows XP Embedded Security Updates are now available on the Mobile & Embedded Communications Extranet (ECE) for Microsoft® Windows® XP Embedded Service Pack 2, Feature Pack 2007, and/or Update Rollup 1.0. The downloads are cumulative and include updates for the Desktop QFE Installer (DQI) Tool and the Component Database.
The following updates are included in this release – please see the ECE for more details:
· KB 951072 - August 2008 cumulative time zone update for Microsoft Windows operating systems
· KB 953838 - Cumulative Security Update for Internet Explorer.
· KB 952954 - Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution.
· KB 951066 - Security Update for Outlook Express and Windows Mail.
· KB 950974 - Vulnerabilities in Event System Could Allow Remote Code Execution.
· KB 946648 - Vulnerability in Windows Messenger Could Allow Information Disclosure.
· KB 953839 - Cumulative Security Update of ActiveX Kill Bits.
· KB 951376 - Vulnerability in Bluetooth Stack Could Allow Remote Code Execution.
· KB 951748 - Vulnerabilities in DNS Could Allow Spoofing.
· KB 944338 - Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution.
The August 2008 Windows XP Embedded Security Updates are available at the following link on the ECE:
If you have questions on accessing the ECE, please email MS Mobile & Embedded Communications Feedback & Support, ECE@microsoft.com.