The October 2010 Security Updates are now available on the ECE site for Windows® Embedded Standard 2009 and/or Microsoft® Windows® XP Embedded with Service Pack 2, Feature Pack 2007, Update Rollup 1.0 and Service Pack 3.
This security update can be applied to the database.
The October Security Updates include:
- KB 979687 Vulnerability in COM validation in Windows Shell and Wordpad could allow remote code execution
- KB 981957 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege
- KB 982132 Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution
- KB 2279986 Vulnerability in the OpenType Font Format (OTF) Driver Could Allow Elevation of Privilege
- KB 2296011 Vulnerability in Windows Common Control Library Could Allow Remote Code Execution
- KB 2360131 Cumulative Security Update for Internet Explorer
- KB 2360937 Vulnerability in Windows Local Procedure Call Could Cause Elevation of Privilege
- KB 2378111 Vulnerability in Windows Media Player Could Allow Remote Code Execution
- KB 2387149 Vulnerability in Microsoft Foundation Classes Could Allow Remote Code Execution
- KB 2158563 September 2010 cumulative time zone update for Windows operating systems
- KB 2418042 Vulnerability in ASP.NET Could Allow Information Disclosure. This KB solution is comprised of the following KB update packages: KB2416472, KB2416473 and KB2418240.
If you have questions on accessing the ECE, please email MS Mobile & Embedded Communications Feedback & Support, ECE@microsoft.com.