Microsoft에서는 Windows XP Embedded 와 Windows Embedded Standard 제품에 대한 2012년 11월자 Security 업데이트를 발표하였습니다.
아래 내용을 참고하시고 Windows XP Embedded 와 Windows Embedded Standard 제품을 사용하여 개발하시는 경우에는 해단 패치를 다운로드 받으셔서 적용하시기 바랍니다.
다운로드를 위해서는 ECE 사이트에 로그인이 필요합니다.
아래의 경로로 들어가시면 원문을 보실 수 있습니다.
Embedded Distributors and OEMs Who Purchase Through Distribution
The November 2012 Security Update is now available on the ECE for Microsoft® Windows® XP Embedded with Service Pack 3 and/or Windows® Embedded Standard 2009. This Update includes KB 2737019, KB 2729449, KB 2761226, KB 2729450 and KB 2727528.
This download is a cumulative update which incorporates all updates from prior months, for the current year. Therefore you do not need to download and install previous monthly updates. The new updates included in this download can be applied directly to runtime images. The componentized versions of these updates for updating the database will be included in next month’s security update release.
The Updates in this rollup package are arranged in the following way:
The files in WindowsEmbeddedStandard folder are applicable to Windows Embedded Standard 2009 toolkit and images.
The executables in the WindowsEmbeddedStandard\Windows folder are only to be used with the Component Database within the Target Designer toolkit in the Windows Embedded Standard release.
The executables in the WindowsEmbeddedStandard\DQI folder contains individual updates to individually update the Windows Embedded Standard image.
The files in WindowsXPEmbedded folder are applicable to Windows XP Embedded toolkit and images.
The executables in the WindowsXPEmbedded\Windows folder are only to be used with the Component Database within the Target Designer toolkit in the Windows XP Embedded release.
The executables in the WindowsXPEmbedded\DQI folder contains individual updates to individually update the Windows XP Embedded image.
These updates should not be used with any other operating system.
|This Update is rated as Critical:
The severity rating system provides a single rating for each vulnerability. The definitions of the ratings are in the table below. For more information regarding the severity system, please visit the Microsoft Security Response Center (MSRC) website.
||A vulnerability whose exploitation could allow the propagation of an Internet worm without user action.
||A vulnerability whose exploitation could result in compromise of the confidentiality, integrity, or availability of users data, or of the integrity or availability of processing resources.
||Exploitability is mitigated to a significant degree by factors such as default configuration, auditing, or difficulty of exploitation.
||A vulnerability whose exploitation is extremely difficult, or whose impact is minimal.
An optional supplement consisting of Supplemental Code and any associated documentation (collectively, the "Supplement") to the Licensed Products identified below is being made available as part of the Licensed Product Deliverables under the License Agreement. You may use the Supplement only in connection with Products and Versions listed below for which you are currently licensed.
Product Names and Versions: