The January 2012 Security Updates are now available on the ECE site for Windows® Embedded Standard 2009 and/or Microsoft® Windows® XP Embedded with Service Pack 3.

The January Security Updates include:

The list below applies to Standard 2009:

  • KB2656351 - Vulnerability in .NET Framework Could Allow Elevation of Privilege

The list below applies to XPE SP3 and Standard 2009:

  • KB2584146 - Vulnerability in Windows Could allow Remote Code Execution

  • KB2603381 - Vulnerability in Windows Object Packager Could Allow Remote Code Execution

  • KB2598479 - Vulnerabilities in Windows Media Could Allow Remote Code Execution

  • KB2631813 - Vulnerabilities in Windows Media Could Allow Remote Code Execution

  • KB2585542 - Vulnerability in SSL/TLS Could Allow Information Disclosure

  • KB2646524 - Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege

  • KB2656352 - Vulnerability in .NET Framework Could Allow Elevation of Privilege

  • KB2657424 - Vulnerability in .NET Framework Could Allow Elevation of Privilege

The new updates included in this download can be applied directly to runtime images. The componentized versions of these update for updating the database will be included in next month’s security update release. The database updates incorporate all security updates from prior months for the current year; therefore you do not need to install previous security database updates.

 

Thanks,
Chan