The June 2010 Security Updates are now available on the ECE site for Windows® Embedded Standard 2009 and/or Microsoft® Windows® XP Embedded with Service Pack 2, Feature Pack 2007, Update Rollup 1.0 and Service Pack 3.
These security updates can be applied directly to runtime images.
The June Security Updates include:
- 978542 Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution.
- 979902 Vulnerabilities in Media Decompression Could Allow Remote Code Execution. This KB solution is comprised of the following KB update packages: KB975562, KB978695, and KB979482.
- 979559 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege.
- 980195 Cumulative Security Update of ActiveX Kill Bits
- 980218 Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Elevation of Privilege.
- 981793 May 2010 cumulative time zone update.
- 982381 Cumulative Security Update for Internet Explorer.
- 982865 Vulnerability in Microsoft .NET Framework Could Allow Tampering
- 974378 Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution. This KB solution is comprised of the following KB update packages: KB953300 and KB974417.
- 981343 Vulnerability in Microsoft .NET Framework Could Allow Tampering. This KB solution is comprised of the following KB update packages: KB979909 and KB982865.
- 982168 Microsoft .NET Framework 3.0 SP2 Update (Rollup of KB976765, KB980773 and KB976769 to allow .Net opt-in to Extended Protection for Authentication: Security Advisory KB973811).
An update is also included that resolves an issue introduced with April, 2010 Component database Security updates where duplicate package locked Packages view in Database Manager.
If you have questions on accessing the ECE, please email MS Mobile & Embedded Communications Feedback & Support, ECE@microsoft.com.