December 2008 Updates are Available (including for XPe SP3 and Standard)

  • Article

The December 2008 Windows XP Embedded Security Updates are now available on the ECE for Microsoft® Windows® XP Embedded with Service Pack 2, Feature Pack 2007, Update Rollup 1.0.

Also included this month are updates for XPe SP3 and Windows Embedded Standard 2009. The updates are cumulative (include all previous updates).

These are the new updates for December for all product versions:

  • 958644 Vulnerability in Server service could allow remote code execution
  • 957097 Vulnerability in SMB Could Allow Remote Code Execution
  • 955069 Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution
  • 956802 Vulnerabilities in GDI Could Allow Remote Code Execution
  • 958215 Cumulative Security Update for Internet Explorer
  • 954600 Vulnerabilities in Windows Media Components Could Allow Remote Code Execution
  • 952609 Vulnerabilities in Windows Media Components Could Allow Remote Code Execution
  • 955839 December 2008 cumulative time zone update for Microsoft Windows operating systems

The following apply only to XPe SP3 and Standard- these are the security updates that were released from July onwards that are now available for these two newest versions of the product:

  • 938127 Vulnerability in Vector Markup Language Could Allow Remote Code Execution
  • 941569 Vulnerability in Windows Media Format Could allow Remote Code Execution
  • 951376 Vulnerability in Bluetooth Stack Could Allow Remote Code Execution
  • 951748 Vulnerabilities in DNS Could Allow Spoofing
  • 953838 Cumulative Security Update for Internet Explorer
  • 952954 Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution 
  • 951066 Security Update for Outlook Express and Windows Mail
  • 950974 Vulnerabilities in Event System Could Allow Remote Code Execution
  • 946648 Vulnerability in Windows Messenger Could Allow Information Disclosure
  • 953839 Cumulative Security Update of ActiveX Kill Bits
  • 938464 Vulnerabilities in GDI+ Could Allow Remote Code Execution
  • 954154 Vulnerability in Windows Media Player Could Allow Remote Code Execution
  • 956390 Cumulative Security Update for Internet Explorer
  • 954211 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
  • 953155 Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution
  • 957095 Vulnerability in SMB Could Allow Remote Code Execution
  • 956841 Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege
  • 954459 Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution
  • 956803 Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege
  • 956391 Cumulative Security Update of ActiveX Kill Bits 

For full details on the December 2008 Windows XP Embedded Security Updates see the ECE site:
https://ece.partners.extranet.microsoft.com/ece/ProductSupplements/DownloadCenter/Embedded/XPE/XPEMonthlyUpdates/DistOEM-1208WinXPEmbWinEmbStdSecurUpd.htm

If you have questions on accessing the ECE, please email MS Mobile & Embedded Communications Feedback & Support, ECE@microsoft.com.

Thanks.

- Lynda

Technorati Tags: Xpe,Embedded