Description

These downloads are Microsoft’s 2009 monthly security updates for Windows XP. You will need to also download the 2008 patches – see the Windows section for a complete listing. The list starts from the most recent and goes backwards down the page. Each item includes the official Microsoft Knowledge Base number – starting with the KB – so you can look them up at Microsoft’s site if needed. Clicking a link will start that patch’s file download.

Really important stuff to read first

The patches are only for the Windows XP operating system. You must install Service Pack 3 and the 2008 updates first. Optional updates, drivers, hotfixes and critical releases for Internet Explorer, Media Player, Office or other Microsoft products are not included here and must be downloaded separately. For important information about patching your system, see this page.

September 2009

• KB968816 – Windows Media Format Could Allow Remote Code Executio
• KB956844 – DHTML Editing Component ActiveX Control Could Allow Remote Code Execution

August 2009

• KB956744 – Remote Desktop Connection Could Allow Remote Code Execution (update 1)
• KB958470 – Remote Desktop Connection Could Allow Remote Code Execution (update 2)
• KB961371 – Embedded OpenType Font Engine Could Allow Remote Code Execution
• KB968389 – Extended Protection for Authentication
• KB971557 – Windows Media File Processing Could Allow Remote Code Execution
• KB971657 – Workstation Service Could Allow Elevation of Privilege
• KB960859 – Telnet Could Allow Remote Code Execution
• KB973815 – Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (Microsoft MSWebDVD ActiveX Control)
• KB973507 – Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (Windows ATL Component)
• KB973869 – Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (DHTML Editing Component ActiveX Control)
• KB973540 – Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (Windows Media Player 9, 10 or 11)

July 2009

• KB973346 – Cumulative Security Update for ActiveX Killbits.
• KB961371 – Embedded OpenType Font Engine Could Allow Remote Code Execution. (Updated and re-issued in August 2009)
• KB971633 – Microsoft DirectShow Could Allow Remote Code Execution.

June 2009

• KB957579 – Security update for DNS Devolution.
• KB961501 – Windows Print Spooler Could Allow Remote Code Execution.
• KB963093 – Windows Search Could Allow Information Disclosure.
• KB968537 – Windows Kernel Could Allow Elevation of Privilege.
• KB969898 – Update Rollup for ActiveX Kill Bits (replaced by July update)
• KB970437 – Active Directory Could Allow Remote Code Execution.
• KB970483 – Internet Information Services (IIS) Could Allow Elevation of Privilege.

May 2009
No updates were released for Windows XP

Apri 2009l

• KB961373 – Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution.
• KB960803 – Vulnerabilities in Windows HTTP services.
• KB959426 – Blended Threat Vulnerability in SearchPath.
• KB956572 – Vulnerability in Windows Service Isolation (patch 1).
• KB952004 – Vulnerability in Windows Service Isolation (patch 2).
• KB923561 – Vulnerabilities in WordPad and Office Text Converters.

March 2009

• KB960225 – Vulnerabilities in SChannel.
• KB958690 – Vulnerabilities in Windows Kernel (updated and re-released in June 2009).
• KB938464 – Vulnerabilities in GDI+.

February 2009

• KB960715 – Update Rollup for ActiveX Kill Bits (updated and re-released in June 2009)
• KB959252 – Install this update to resolve an issue where you receive a 0×0000008e stop error after you install security update KB954211 (MS08-061).

January 2009

• KB952069: Vulnerabilities in Windows Media Components.
• KB958687: Vulnerabilities in SMB.
• KB951748: Vulnerabilities in DNS.

PR: wait… I: wait… L: wait… LD: wait… I: wait… wait… Rank: wait… Traffic: wait… Price: wait… C: wait…