The October Security Updates for XP Embedded SP2, FP2007 and UPR1 are available on the ECE site. This month's updates for the component database are listed below.
Vulnerabilities in GDI+ Could Allow Remote Code Execution.
Cumulative Security Update for Internet Explorer
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution
Vulnerability in SMB Could Allow Remote Code Execution
Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege
Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege
Cumulative Security Update of ActiveX Kill Bits
The following update only applies to Update Rollup 1.0:
Vulnerability in Windows Media Player Could Allow Remote Code Execution.
In addition, another critical out-of-band security update is also now available (only in the DQI folder in the download package).
This applies to Windows XP Embedded with SP2, FP2007 and/or Update Rollup 1.0 installed:
Vulnerability in Server Service Could Allow Remote Code Execution