The June 2009 Security Updates Are Now Available on the ECE

  • Article

**Updated at 5:47pm, 7/1/09: Correction-The June updates included both the componentized updates for applying to the database, as well as the updates in the \DQI folders that can be applied to runtimes.

  • The downloads in the WindowsEmbeddedStandard\Windows folder are only to be used with the Component Database within the Target Designer toolkit in the Windows Embedded Standard release.
  • The downloads in the WindowsXPEmbedded\Windows folder are only to be used with the Component Database within the Target Designer toolkit in the Windows XP Embedded release.

The June 2009 Windows XP Embedded and Windows Embedded Standard Security Updates - Product Download is now available on the ECE for Windows® Embedded Standard 2009 (Std 2009) and/or Microsoft® Windows® XP Embedded (XPe) with Service Pack 2, Feature Pack 2007, Update Rollup 1.0 and Service Pack 3.

This download is a cumulative update which incorporates all updates from prior months. Therefore you do not need to download and install previous monthly updates. These updates can be applied directly to runtimes that include the necessary dependencies.

The Updates in this rollup package are arranged in the following way:

  • The downloads in WindowsEmbeddedStandard folder are applicable to Windows Embedded Standard 2009 toolkit and images.
    • The downloads in the WindowsEmbeddedStandard\DQI folder contains individual updates for use with Desktop QFE Installer only. Use these updates to individually update the Windows Embedded Standard image.
  • The downloads in WindowsXPEmbedded folder are applicable to Windows XP Embedded toolkit and images.
    • The downloads in the WindowsXPEmbedded\DQI folder contains individual updates for use with Desktop QFE Installer only. Use these updates to individually update the Windows XP Embedded image.

The June Security updates include:

  • KB 969898 - Update Rollup for ActiveX Kill Bits
  • KB 971888 - Update for DNS Devolution
  • KB 969897 - Cumulative Security Update for Internet Explorer
  • KB 970483 - Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege
  • KB 961501 - Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution
  • KB 968537 - Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
  • KB 970238 - Vulnerability in RPC Could Allow Elevation of Privilege

For full details on the June 2009 Embedded Windows Security Updates see the ECE site.

Note: I also want to remind folks that there were no security updates for Std 2009 or XPe released for May 2009.

If you have questions on accessing the ECE, please email MS Mobile & Embedded Communications Feedback & Support, ECE@microsoft.com.

Thanks,

- Patrick