The January 2012 Security Updates are now available on the ECE site for Windows® Embedded Standard 2009 and/or Microsoft® Windows® XP Embedded with Service Pack 3.
The January Security Updates include:
The list below applies to Standard 2009:
KB2656351 - Vulnerability in .NET Framework Could Allow Elevation of Privilege
The list below applies to XPE SP3 and Standard 2009:
KB2584146 - Vulnerability in Windows Could allow Remote Code Execution
KB2603381 - Vulnerability in Windows Object Packager Could Allow Remote Code Execution
KB2598479 - Vulnerabilities in Windows Media Could Allow Remote Code Execution
KB2631813 - Vulnerabilities in Windows Media Could Allow Remote Code Execution
KB2585542 - Vulnerability in SSL/TLS Could Allow Information Disclosure
KB2646524 - Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege
KB2656352 - Vulnerability in .NET Framework Could Allow Elevation of Privilege
The new updates included in this download can be applied directly to runtime images. The componentized versions of these update for updating the database will be included in next month’s security update release. The database updates incorporate all security updates from prior months for the current year; therefore you do not need to install previous security database updates.