spacesurfer

Windows XP Post SP3 Security Updates + IE7 and WMP11

36 posts in this topic

This list is no longer updated. Please see this link for updates: http://www.vorck.com/windows/hotfixes_xp.html.

Post-SP3 XP Updates

KB#, Rating, Release date, [brief summary]

KB936929, 5/6/2008, [Windows XP Service Pack 3 Network Install, 316.4 MB]

[June 2008, 6 updates]

KB950762, Important, June 10, 2008, [Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service]

KB949269, Important, June 10, 2008, [Vulnerability in Active Directory Could Allow Denial of Service]

KB951376, Critical, June 10, 2008, [Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (this is ver 2)]

KB951698, Critical, June 10, 2008, [Vulnerabilities in DirectX Could Allow Remote Code Execution]

KB950760, Moderate, June 10, 2008, [Cumulative Security Update of ActiveX Kill Bits]

KB931212, Critical, June 10, 2008, [Vulnerabilities in .NET Framework Could Allow Remote Code Execution]

[July 2008, 1 update]

KB951748, Important, July 8, 2008, [Vulnerabilities in DNS Could Allow Spoofing]

[August 2008, 4 update]

KB955702, Important, August 11, 2008, [Vulnerability in Windows Messenger Could Allow Information Disclosure]

KB950974, Important, August 11, 2008, [Vulnerabilities in Event System Could Allow Remote Code Execution]

KB952954, Critical, August 11, 2008, [Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution]

KB951066, Important, August 11, 2008, [security Update for Outlook Express and Windows Mail*]

KB953839, August 12, 2008, [Cumulative security update for ActiveX]

[september 2008, 1 update (plus 2 WMP updates below)]

KB938464, Critical, September 9, 2008, [Vulnerabilities in GDI+ Could Allow Remote Code Execution]

[October 2008, 5 update]

KB956803, Important, October 14, 2008, [Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege]

KB956841, Important, October 14, 2008, [Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege]

KB957095, Important, October 14, 2008, [Vulnerability in SMB Could Allow Remote Code Execution]

KB953155, Important, October 14, 2008, [Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution]

KB954211, Important, October 14, 2008, [Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege]

[Non-security update but worth installing]

KB942763, April 21, 2008, [DST Update for SP3, replaces older KB931836; WGA required; if you have installed older, then newer may not install after SP3.]

KB953979, July 3, 2008, [After you install Windows XP Service Pack 3 (SP3), Device Manager may not show any devices, and Network Connections may not show any network connections.]

Internet Explorer 7 Updates

Windows Internet Explorer 7, 5/6/2008, 14.7 MB

KB956390, Critical, October 14, 2008, [Cumulative Security Update for IE7]

KB938127, Critical, August 14, 2008, [Vulnerability in Vector Markup Language Could Allow Remote Code Execution]

(Assuming that the cumulative update includes all previous updates, I have removed the individual IE7 updates and opted to list only the latest cumulative update.)

Windows Media Player 11 Updates

Note that although these updates were released prior to SP3, they are still necessary after installing WMP11, which is not included in SP3.

KB936782, Important, Aug 14, 2007, [Vulnerabilities in Windows Media Player Could Allow Remote Code Execution]

KB941569, Critical, July 15, 2000, [Vulnerability in Windows Media File Format Could Allow Remote Code Execution; this one seems to have been updated]

KB954154, Critical, September 9, 2008, [Vulnerability in Windows Media Player Could Allow Remote Code Execution]

KB954156, Critical, September 9, 2008, [Vulnerability in Windows Media Encoder 9 Could Allow Remote Code Execution]

For WMP11 fixes, please see WMP11 Slipstreamer.

If I'm missing any, please let me know. Only security updates are included and any major worthwhile update.

*Windows Mail is for Vista. Vista users, see security bulletin for update.

Edited by spacesurfer
0

Share this post


Link to post
Share on other sites

Thats !! Nice Share :D

The thread should be pinned.

0

Share this post


Link to post
Share on other sites

Hi, all. Only 1 update for those with Windows XP SP3 this month. The other 3 updates released this month (July 2008) are for other software and/or SP2 and prior.

Also added a non-security update for people with device manager and networking problems after sp3.

So, download and it and feel secure for another month.

Edited by spacesurfer
0

Share this post


Link to post
Share on other sites

Just to make sure - these updates apply to ALL SP3 installations, yes? Just like the old similar thread?

0

Share this post


Link to post
Share on other sites

yes, they apply to all sp3 installs; but not sure which old similar thread you're talking about.

___

And with this post, i thee acquire 1000 posts!

0

Share this post


Link to post
Share on other sites

Nice topic!

But can't seem to find 953235 and 953230.

Could you add a link to the download pages please?

0

Share this post


Link to post
Share on other sites

@BlueFlame.

Both are there. KB953230 and KB953235 are the collective KB's for all affected software. Once you click on the link, then you click on your product - which in this case is XP SP3 (or XP SP2 since both can be affected). Then, the KB# changes to the one specific for the software.

So KB953230 changes to KB951748. I'm not sure exactly why, but it's the same KB # for SP2/SP3 and x64 but the download size is different.

Anyway, I'm not sure what convention MS uses and why the KB# change but you should find all updates from the links provided as long as you choose your product affected.

Remember, if XP SP3 is NOT affected, then the link may or may not be there for your product.

0

Share this post


Link to post
Share on other sites

Updated with 5 security updates so far (4 XP and 1 Windows Explorer or you can do the cumulative).

I think this takes care of August updates.

*** Also, I changed all links to their direct download rather than their security bulletin link (MSXX-YYY). I left the .Net vulnerability to its security bulletin article because you have to download the update for your version of .Net Framework. If you need the KB or security bulletin, it's on the download page anyway.***

Edited by spacesurfer
0

Share this post


Link to post
Share on other sites

Mine are post-sp3 so you must have sp3 installed.

Only thing he has that I don't is the ActiveX Killbits cumulative update. Otherwise the lists are similar. Only the KB article numbers may differ depending what he's linking to and what I'm linking to.

0

Share this post


Link to post
Share on other sites

Well, I belive what he lists on top of the first post are post-SP3 ones as well!

Numbers do not matter (though I do not understand why they differ either :)), but should't the total number of updates the same? (if first line of this post is true, which I belive is, considering the name of the_guy's thread).

0

Share this post


Link to post
Share on other sites

Updated with September updates. Includes 1 XP update and 2 for Windows Media updates.

0

Share this post


Link to post
Share on other sites
You may want to add KB938127 V2 for IE7 to your IE7 updates list, spacesurfer. The original IE7 KB938127 vgx.dll patch could not install under XP SP3 and only installed under XP SP2 but Microsoft issued a revised patch in late August to correct the problem. Get the revised patch here:

http://www.microsoft.com/downloads/details...;displaylang=en

Thanks.

0

Share this post


Link to post
Share on other sites

It might be very nice to mark new updates since last time in some different color - especially over time when the list gets a bit longer.

0

Share this post


Link to post
Share on other sites

I've Internet Explorer 8 beta 2, which is currently the lastest one. So do I need to get updates released for IE 7?

0

Share this post


Link to post
Share on other sites

List of updates for WMP 11:

http://www.boooggy.org/slipstreamer/

WMP 11 has been updated to v11.0.6000.6344. Many websites display this version number, though I found the same version number in the version properties of the installer, which is v11.0.5721.5145.

But I am certain that WMP 11 has been updated due to different HASH number (MD5).

May be some updates released prior to this updated WMP 11 are not needed. Anyone? Know which updates which are not needed?

Edited by MillenX
0

Share this post


Link to post
Share on other sites

Also, please add a "log" at the end of first post for such cases as one update being replaced by some other. The point is not having old useless ones saved.

Thanks.

0

Share this post


Link to post
Share on other sites

OP updated with October security updates with 5 Windows XP updates and 1 IE 7 update.

I deleted individual IE7 updates since the latest cumulative update should include all previously released updates.

In hindsight, I now regret changing all my links from Security Bulletin links to direct download links, as some of these updates apply to multiple platforms. Oh well.

I'm not sure how long I can keep up if MS continues to plug holes like this. I have moved on to Vista x64, so I'll continue as long as I can until I give up on XP.

0

Share this post


Link to post
Share on other sites

The link given for

KB931212 update have many options in it.

I want to slipstream windows XP sp3

so there are two options for that also 1 is windows messenger 4.7 and other is windows messenger 5.1

Will i have to download both the hot fixes or only one of them?

0

Share this post


Link to post
Share on other sites

KB931212 update is for .Net framework, not Windows Messenger. The update you download depends on which you version you have installed.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.