The February 2006 Security Updates for Windows XP Embedded with SP1 and SP2 are now available on https://microsoft.embeddedoem.com. Included are the following updates:
- MS05-054: Cumulative Security Update for Internet Explorer (905915) Reissued from December 2005
- MS06-001: Vulnerability in AVI Processing Could Allow Remote Code Execution (912919) January
- MS06-002: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (908519) January
- MS06-005: Vulnerability in Windows Media Player Could Allow Remote Code Execution (911565)
- MS06-006: Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution (911564)
- MS06-007: Vulnerability in TCP/IP Could Allow Denial of Service (913446)
- MS06-008: Vulnerability in TCP/IP Could Allow Denial of Service (911927)
- MS06-009: Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (901190)
MS05-054 was re-released for XPE to address problems reported by PSS. It is highly recommended that you upgrade to the February version of this update to avoid UI problems on your XPE device.
MS06-001 and MS06-002 were originally released in January for Windows XP Embedded with SP1 and SP2 for use with the Desktop QFE Installer Tool.
IMPORTANT NOTE: This release marks the last time these updates will be available in this format on the OEM Secure Site. We will be moving to releasing them as a CD image, or ISO, file, rather than our previous collection of executable and RTF files. Moving to the ISO format allows us to release Windows XP Embedded updates to our customers in a more timely and efficient manner. Customers can download the free ISO Recorder tool from http://isorecorder.alexfeinman.com/isorecorder.htm to manipulate the ISO files, or can use any of a number of commercially available software packages as well.