April 2010 Security Updates for Standard 2009 and XPe are Available on ECE

The April 2010 Security Updates are now available on the ECE site for Windows® Embedded Standard 2009 and/or Microsoft® Windows® XP Embedded with Service Pack 2, Feature Pack 2007, Update Rollup 1.0 and Service Pack 3.

These security updates can be applied to the component database.

The April Security Updates include:

  • KB 979306 February 2010 cumulative time zone update for Windows operating systems
  • KB 975561 Vulnerability in Windows Movie Maker Could Allow Remote Code Execution
  • KB 980182 Cumulative Security Update for Internet Explorer
  • KB 981210 Vulnerabilities in Windows Could Allow Remote Code Execution. This KB solution is comprised of the following KB Update packages: 978601 and 979309
  • KB 980232 Vulnerabilities in SMB Client Could Allow Remote Code Execution
  • KB 979683 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
  • KB 981169 Vulnerability in VBScript Could Allow Remote Code Execution. This KB solution is comprised of the following KB Update packages: 981332 for Standard 2009, 981349 for XPe UPR1, SP3 and Standard 2009, and 981350 for XPe SP2 and FP2007.
  • KB 981832 Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service. This KB solution is comprised of the following KB Update packages: 976323
  • KB 977816 Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution
  • KB 978338 Vulnerabilities in Windows ISATAP Component Could Allow Spoofing
  • KB 979402 Vulnerability in Windows Media Player Could Allow Remote Code Execution

This update also includes a revised release of KB 968816 for MS09-047 (Master KB 973812) to correct an issue with DRM content and missing CAT file.

If you have questions on accessing the ECE, please email MS Mobile & Embedded Communications Feedback & Support, ECE@microsoft.com.


- Lynda

Technorati Tags: XPe,Standard 2009

Comments (1)

  1. Chris Raplee says:

    I installed the WindowsXPESP3-April2010-x86-ENU.exe into our component repository. I then opened the slx file for one of our devices in the Target Designer and selected the SMB Redirector component, right clicked on it, and selected Upgrade. Next I ran a dependency check which found no new dependencies so I went ahead and rebuilt the image.

    I deployed the image per our usual deployment process and then loaded our application onto the device. When I went to launch the application (the version currently in use by our test organization although they’re using the OS image that does not have this update) the application started throwing exceptions immediately related to reading and writing memory.

    I went ahead and redeployed our OS image without loading the product software onto it and Windows itself is extremely unstable and faulting. The easiest repro I have found is to click on the shutdown button on the winlogon dialog which results in:

    “The instruction at 0x77f3e51c referred to memory at 0x7c80ac61 the memory could not be written”

    Dismissing this dialog causes the system to bluescreen as follows:

    STOP: x000021a { Fatal system error }

    The windows login process terminated unexpectedly with a status of 0xc000005 ( 0x0000000, 0x0000000 )

    Accepting this patch is the only change we have made between the previous (working) OS image and the now broken image.

    Do you have any guidance or insight as to how I can resolve this problem?

Skip to main content