October 2008 Security Updates Include a Bonus

The October Security Updates for XP Embedded SP2, FP2007 and UPR1 are available on the ECE site. This month's updates for the component database are listed below.

938464
Vulnerabilities in GDI+ Could Allow Remote Code Execution.

956390
Cumulative Security Update for Internet Explorer

954211
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege

953155
Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution

957095
Vulnerability in SMB Could Allow Remote Code Execution

956841
Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege

956803
Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege

956391
Cumulative Security Update of ActiveX Kill Bits

The following update only applies to Update Rollup 1.0: 

KB 954154
Vulnerability in Windows Media Player Could Allow Remote Code Execution.

In addition, another critical out-of-band security update is also now available (only in the DQI folder in the download package).

This applies to Windows XP Embedded with SP2, FP2007 and/or Update Rollup 1.0 installed:

958644

Vulnerability in Server Service Could Allow Remote Code Execution

- Lynda

Technorati Tags: Embedded, XPe