Windows XP Security Updates [2008 to on going]

[Ammy_769]

As you all know Windows XP service pack 2 is losing support from Microsft after July 13, 2010. So you should move to next version.

• Windows XP Sevice Pack 3 (only for 32-bit version)
  

Applies to:
Windows XP (English)

Requirements
Windows XP Home, Windows XP Professional, TabletPC or Media Center (32 bit)
You must have either XP SP1 or SP2 installed.

File Size
316MB

File Name
WindowsXP-kb936929-sp3-x86-enu.exe

Author/Supplier
Microsoft

Description:
Windows XP Service Pack 3 (XP SP3) fixes a range of bugs and adds new features to Windows XP. The file is a large download and can be applied to any version of Windows XP Home, Professional, TabletPC or Media Center (32 bit only). However, you must have installed either Windows SP1 or SP2 before SP3.* Keep in mind that new patches made available after Service Pack 3 was released (mid April 2008) will still need to be applied.

The advantage of this full download is that it can be used on any system - plus it doesn't require an Internet connection to install. You can download SP3, copy it to disc or a portable drive and use it on multiple PCs. Alternatively, since the file is so huge, you can download SP3 on a fast Internet connection and use it to update a PC with a slow or non-existent connection.

Windows XP Service Pack 3 (SP3) includes the following:

• All previous security patches and fixes released for Windows XP.
• All enhancements and new features that were included with Windows XP SP1 and Windows XP SP2
• Only two new features have been added: Black Hole Router Detection Windows and Network Access Protection (NAP).
• The following are already available for Windows XP in stand-alone updates. Windows XP SP3 includes them by default (System administrators must choose to install each of these updates): MMC 3.0, MSXML6, Microsoft Windows Installer 3.1 v2, Background Intelligent Transfer Service (BITS) 2.5, IPsec Simple Policy Update for Windows Server 2003 and Windows XP, Digital Identity, Management Service (DIMS), Peer Name Resolution Protocol (PNRP) 2.1, Wi-Fi Protected Access 2 (WPA2).
• From the Release Notes: Microsoft is not adding significant functionality from newer versions of Windows, such as Windows Vista, to Windows XP through XP SP3. For instance, Windows XP SP3 does not include Windows Internet Explorer 7, although Windows XP SP3 does include updates to both Internet Explorer 6 and Internet Explorer 7, and it will update whichever version is installed on the computer. One notable exception is that, SP3 does include Network Access Protection (NAP).
• *This next bit is going to get confusing. Microsoft stopped supporting the early releases of Windows XP. You can't apply SP3 unless you have, at bare minimum, Windows XP SP1a. However, Service Pack 2 includes all of Service Pack 1a. So... if you have either Windows XP original (with no Service Pack), you must install Service Pack 2 first, followed by Service Pack 3. If you have Windows XP Service Pack 1a or Service Pack 2 already on your system, you can install Service Pack 3 now.

Download Link: Windows XP Service Pack 3

Important notes: Microsoft advise uninstalling any beta or Release Candidate versions before installing this final release. Do not install Service Pack 3 on systems with AMD chips unless a special hotfix has been applied first. This hotfix needs to be applied before SP3, otherwise your system may get stuck in a loop and never start.The file will download directly from Microsoft's servers - you may want to shorten the file name.

• Update to install Windows XP SP3 on AMD system:

Applies to:
Windows XP with AMD processors with SP2 - use before SP3 is installed

Requirements
Windows XP with AMD processors with SP2 - use before SP3 is installed

File Size
0.5MB

File Name
WindowsXP-KB953356-x86-ENU.exe

Author/Supplier
Microsoft

Description:
If you have an AMD processor and are considering upgrading to Windows Service Pack 3 (SP3), then it is important that you apply this patch before SP3. Otherwise, your system may possibly get stuck in a loop of reboots that will stop Windows XP from starting.

On a technical level, there is a problem with the way that the System Preparation (Sysprep) image is created. According to one explanation offered by Microsoft "The problem may occur if the original Sysprep image for Windows XP Service Pack 1 (SP1), for Windows XP SP2, or for Windows XP SP3 is created on a computer that uses an Intel processor and is then deployed on a computer that does not use an Intel processor. In this configuration, the Intel processor driver (Intelppm.sys) may try to load after the computer is upgraded to Windows XP SP2 or to Windows XP SP3. The driver does this because an orphaned registry key remains from the original Sysprep image." In these cases you may also see the following error messages:

A problem has been detected and Windows has been shut down to prevent damage to your computer...

Technical information:

STOP: 0x0000007E (0xC0000005, [number1], [number2], [number3])
SYSTEM_THREAD_EXCEPTION_NOT_HANDLED

When Physical Address Extensions (PAE) is enabled, you may receive the following error message: STOP 0x000000FC (ATTEMPTED_EXECUTE_OF_NOEXECUTE_MEMORY)

[number1], [number2] and [number3] listed above will be random, alphanumeric and 10 digits long. However, 0x0000007E and 0xC0000005 will always be present for this type of error. Note 0x0000007E errors have multiple causes, but if it is an AMD processor and you have just installed SP3, there is a good bet that this patch will fix the issue. Ideally the patch should be applied before the Windows XP Service Pack 3 .

Download Link: WindowsXP-KB953356-x86-ENU.exe

• Updates released by Microsoft in (June 2008- untill 2014)

Applies to:
Windows XP (English) with Service Pack 3 installed.

Requirements
Windows XP Home or Windows XP Professional with Service Pack 3 installed.



Author/Supplier
Microsoft

Really important stuff to read first
The patches are only for the Windows XP operating system.You must install SP3 first. Optional updates, drivers, hotfixes and critical releases for Internet Explorer, Media Player, Office or other Microsoft products are not included here and must be downloaded separately.

• Patch notes:

Months with no patches XP

• May 2009 - there were no patches released for Windows XP.
• May 2008 - there were no patches released for Windows XP. A security update for the Microsoft Jet service was released, but this is only needed if you have this feature: most PCs do not have it. See Microsoft's article KB950749 for details.

Windows XP
Windows XP SP3 was released in April 2008 and this included every patch that had been released since Service Pack 1a*. As mentioned above, there were no XP updates in May 2008. This means you need only apply June 2008 onwards for Windows XP SP3.
What is on your system now: Right click on My Computer, select Properties. In the window that appears, it should be showing the General tab. If not, click the General tab at the top. On the right side, under the heading 'System' it will state your version of Windows XP. The last line under the System heading will state which Service Pack you have: Service Pack 1a, Service Pack 2 or Service Pack 3. If there is no mention of a service pack, then you have the original release of XP.
*This next bit is going to get confusing. Microsoft stopped supporting the early releases of Windows XP. In other words, you can't apply SP3 unless you have, at bare minimum, Windows XP SP1a. However, Service Pack 2 includes all of Service Pack 1a. So...
What to install:

• If you have Windows XP original (with no Service Pack), you must install Service Pack 2 first, followed by Service Pack 3 and then the updates from June 2008 onwards.
• If you have Windows XP Service Pack 1a or Service Pack 2 already on your system, install Service Pack 3 and then the updates from June 2008 onwards.
• If you have Windows XP Service Pack 3, all you need are the updates from June 2008 onwards.

Yet more patches
To make everything a little more complicated, sometimes Microsoft will upgrade a component of Windows. For example, if you have Windows XP, there are six different versions of Media Player that can run on your system (versions 6.4, 7, 8, 9, 10, 11) and each release has its own collection of patches. Our view is that you should upgrade to the latest release of the program and patch that version. This is why there are no listings for patches affecting earlier versions of Media Player (only version 11 is listed on this site) or Internet Explorer (only version 8 and its patches are listed). If you decide not to upgrade to the latest release of a Windows component, you must still patch the program in order to maintain a secure system. In these cases, you will need consult Microsoft for further details. In a nutshell: upgrade to the latest version, then patch it.

The order of installing patches should be:
Download and install the latest service pack (SP3 for Windows XP)

• Apply any other patches in the order that they were released since the Service Pack, starting with the oldest patch. For Windows XP, this is June 2008, for Vista this is June 2009.
• Upgrade software included with Windows to the latest releases. For Windows XP this includes: Media Player 11, Internet Explorer 8, DirectX 9.0c.
• Download optional updates if needed - these patches are not critical to security, but generally improve Windows or fix a specific error. If you don't need the new feature or the error doesn't affect you, there is no real reason to download the file. On the other hand, most optional updates can be downloaded if you are uncertain.
• Important: to ensure you have all the needed patches and they are properly installed, you should run a scan of your system using Microsoft's Windows Update - this is the only way to check that you have all the needed patches.

• June 2008:

1. KB949269: Vulnerability in Active Directory
2. KB950760: Cumulative Security Update for ActiveX Killbits (updated and re-issued in October 2009)
3. KB950762: Vulnerabilities in Pragmatic General Multicast
4. KB951376: Vulnerability in Bluetooth Stack
5. KB951698: Vulnerabilities in DirectX

• July 2008:

1. KB951748: Vulnerabilities in DNS

• August 2008:

1. KB944338: Vulnerability in VBScript and JScript Scripting Engines
2. KB946648: Vulnerability in Windows Messenger
3. KB950582: Vulnerability in Windows Explorer
4. KB950974: Vulnerabilities in Event System
5. KB951066: Vulnerabilities in MHTML Protocol
6. KB952954: Vulnerability in Microsoft Windows Image Color Management System
7. KB953839: Cumulative Security Update for ActiveX Killbits (updated and re-issued in October 2009)

• September 2008:

1. KB938464: Vulnerabilities in GDI. This was replaced by a newer version in March 2009.

• October 2008:

1. KB956391: Cumulative Security Update for ActiveX Killbits (updated and re-issued in October 2009)
2. KB953155: Vulnerability in Windows Internet Printing
3. KB954211: Vulnerabilities in Windows Kernel
4. KB956841: Vulnerability in Virtual Address Descriptor Manipulation
5. KB956803: Vulnerability in the Ancillary Function Driver
6. KB957095: Vulnerability in SMB
7. KB958644: Vulnerability in Server Service

• November 2008:

1. KB954459: Vulnerabilities in XML Core Services (patch 1)
2. KB955069: Vulnerabilities in XML Core Services (patch 2)
3. KB957097: Vulnerability in SMB

• December 2008:

1. KB956802: Vulnerabilities in GDI
2. KB954600: Vulnerabilities in Windows Media Components
3. KB952069: Withdrawn by Microsoft and re-issued in January 2009.

• January 2009:

1. KB952069: Vulnerabilities in Windows Media Components
2. KB958687: Vulnerabilities in SMB
3. KB951748: Vulnerabilities in DNS

• February 2009:

1. KB960715 - Update Rollup for ActiveX Kill Bits (updated and re-issued in July 2009)
2. KB959252 - Install this update to resolve an issue where you receive a 0x0000008e stop error after you install security update KB954211 (MS08-061).

• March 2009:

1. KB960225 - Vulnerabilities in SChannel
2. KB958690 - Vulnerabilities in Windows Kernel (updated and re-issued in June 2009)
3. KB938464 - Vulnerabilities in GDI+

• April 2009:

1. KB961373 - Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution
2. KB960803 - Vulnerabilities in Windows HTTP services
3. KB959426 - Blended Threat Vulnerability in SearchPath
4. KB956572 - Vulnerability in Windows Service Isolation (patch 1)
5. KB952004 - Vulnerability in Windows Service Isolation (patch 2)
6. KB923561 - Vulnerabilities in WordPad and Office Text Converters

• May 2009:

No updates were released for Windows XP

• June 2009:

1. KB957579 - Security update for DNS Devolution
2. KB961501 - Windows Print Spooler Could Allow Remote Code Execution
3. KB963093 - Windows Search Could Allow Information Disclosure
4. KB968537 - Windows Kernel Could Allow Elevation of Privileg
5. KB969898 - Update Rollup for ActiveX Kill Bits (updated and re-issued in October 2009)
6. KB970437 - Active Directory Could Allow Remote Code Execution
7. KB970483 - Internet Information Services (IIS) Could Allow Elevation of Privilege

• July 2009:

1. KB973346 - Cumulative Security Update for ActiveX Killbits (updated and re-issued in October 2009)
2. KB961371 - Updated and re-issued in August 2009
3. KB971633 - Microsoft DirectShow Could Allow Remote Code Execution

• August 2009:

1. KB956744 - Remote Desktop Connection Could Allow Remote Code Execution (update 1)
2. KB958470 - Remote Desktop Connection Could Allow Remote Code Execution (update 2)
3. KB961371 - Embedded OpenType Font Engine Could Allow Remote Code Execution
4. KB968389 - Extended Protection for Authentication
5. KB971557 - Windows Media File Processing Could Allow Remote Code Execution
6. KB971657 - Workstation Service Could Allow Elevation of Privilege
7. KB960859 - Telnet Could Allow Remote Code Execution
8. KB973815 - Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (Microsoft MSWebDVD ActiveX Control)
9. KB973507 - Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (Windows ATL Component)
10. KB973869 - Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (DHTML Editing Component ActiveX Control)
11. KB973540 - Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (Windows Media Player 9, 10 or 11)

• September 2009:

1. KB968816 - Windows Media Format Could Allow Remote Code Execution
2. KB956844 - DHTML Editing Component ActiveX Control Could Allow Remote Code Execution

• October 2009:

1. KB973525 - Update Rollup for ActiveX Kill Bit
2. KB974571 - Windows CryptoAPI Could Allow Spoofing
3. KB975467 - Local Security Authority Subsystem Service Could Allow Denial of Service
4. KB969059 - Indexing Service Could Allow Remote Code Execution
5. KB975254 - FTP Service for Internet Information Services Could Allow Remote Code Execution
6. KB958869 - GDI+ Could Allow Remote Code Execution
7. KB971486 - Windows Kernel Could Allow Elevation of Privilege
8. KB953297 - Microsoft .NET Common Language Runtime Could Allow Remote Code Execution ( for .NET Framework 1.1 Service Pack 1)
9. KB974417 -Microsoft .NET Common Language Runtime Could Allow Remote Code Execution (for Framework .Net 2 Service Pack 1 and .NET Framework 3.5 SP 1)

• November 2009:

1. KB973039 - Active Directory Could Allow Denial of Service
2. KB969947 - Windows Kernel-Mode Drivers Could Allow Remote Code Execution

• December 2009:

1. KB955759 - AppCompat update for Indeo codec
2. KB970430 - Extended Protection for Authentication in the HTTP Protocol Stack (http.sys)
3. KB971737 - Extended Protection for Authentication in Microsoft Windows HTTP Services (WinHTTP)
4. KB973904 - WordPad and Office Text Converters Could Allow Remote Code Execution
5. KB974318 - Internet Authentication service could allow remote code execution
6. KB974392 - Local Security Authority Subsystem service could allow denial of service

• January 2010:

1. KB972270 - Vulnerability in the Embedded OpenType Font Engine

• February 2010:

1. KB977165 - Vulnerabilities in Windows Kernel
2. KB978262 - Cumulative Security Update for ActiveX Killbits [replaced and updated in June 2010]
3. KB977377 - Vulnerability in TLS/SSL could allow spoofing
4. KB975560 - Vulnerability in Microsoft DirectShow
5. KB971468 - Vulnerabilities in SMB Server
6. KB978251 - Vulnerabilities in SMB Client
7. KB975713 - Vulnerability in Windows Shell Handler
8. KB978706 - Vulnerability in Microsoft Paint
9. KB978037 - Vulnerability in Windows Client/Server Run-time Subsystem
10. KB977914 - Vulnerability in Microsoft DirectShow

• March 2010:

1. KB975561 - Vulnerability in Windows Movie Maker

• April 2010:

1. KB979309 - Security Update for Windows Cabinet File Viewer Shell Extension
2. KB979683 - Vulnerabilities in Windows Kernel could allow elevation of privilege
3. KB980232 - Vulnerabilities in SMB client
4. KB981349 - Vulnerability in VBScript Scripting Engine 5.7
5. KB981332 - Vulnerability in VBScript Scripting Engine 5.8
6. KB977816 - Vulnerability in Microsoft MPEG Layer-3 Codecs
7. KB976323 - Vulnerabilities in Microsoft Exchange and Windows SMTP
8. KB978338 - Vulnerability in Windows ISATAP Component
9. KB978601 - Vulnerabilities in Windows Authenticode
   

• May 2010:

1. KB978542 - Vulnerability in Outlook Express and Windows Mail
2. KB974945 - Vulnerability in Microsoft Visual Basic for Application

• June 2010:

1. KB982381 - Cumulative Security Update for Internet Explorer 8 for Windows XP
2. KB980195 - Cumulative Security Update for ActiveX Killbits
3. KB978695 - Security Update for Windows Media Format Runtime 9, 9.5 & 11 for Windows XP SP3
4. KB979482 - Vulnerability in Media Decompression (update 1)
5. KB975562 - Vulnerability in Media Decompression (update 2)
6. KB982167 - Security update for .NET Framework 3.5 Service Pack 1
7. KB980218 - Vulnerability in OpenType Compact Font Format (CFF) Drive
8. KB979559 - Vulnerabilities in Windows Kernel-Mode Driver
9. KB978542 - Vulnerabilities in Outlook Express and Windows Mail

• July 2010:

1. KB2229593 - Vulnerability in Help and Support Center

• August 2010:

1. KB982214 - Vulnerabilities in SMB Server
2. KB981852 - Vulnerabilities in Windows Kernel
3. KB980436 - Vulnerabilities in SChannel
4. KB981997 - Vulnerability in Windows Movie Maker
5. KB982316 - Update for the Windows Telephony Application Programming Interface (TAPI)
6. KB983583 - Security Update for .Net Framework 3.5 Service Pack 1 and .NET Framework 2.0 Service Pack 2
7. KB982665 - Vulnerability in Cinepak Codec
8. KB2079403 - Vulnerability in Microsoft XML Core Services
9. KB2115168 - Vulnerability in Microsoft MPEG Layer-3 Codecs
10. KB2160329 - Vulnerabilities in Windows Kernel-Mode Drivers
11. KB2183461 - Cumulative Security Update for Internet Explorer 8 for Windows XP
12. KB2286198 - Vulnerability in Windows Shell

• September 2010:

1. KB975558 - Vulnerability in MPEG-4 Codec
2. KB982000 - Vulnerability in Local Security Authority Subsystem
3. KB981322 - Vulnerability in Unicode Scripts Processor
4. KB982802 - Vulnerability in Remote Procedure Call
5. KB2121546 - Vulnerability in Windows Client/Server Runtime Subsystem
6. KB2259922 - Vulnerability in WordPad Text Converter
7. KB2290570 - Vulnerabilities in Microsoft Internet Information Service
8. KB2347290 - Vulnerability in Print Spooler Service
9. KB2124261 - Vulnerabilities in Microsoft Internet Information Services (IIS)

• October 2010:

1. KB979687 - Vulnerability in COM Validation in Windows Shell and WordPad
2. KB981957 - Vulnerabilities in Windows Kernel-Mode Drivers
3. KB982132 - Vulnerability in the Embedded OpenType Font Engine
4. KB2279986 - Vulnerabilities in the OpenType Font (OTF) Format Driver
5. KB2296011 - Vulnerability in Windows Common Control Library
6. KB2360131 - Cumulative Security Update for Internet Explorer 8 in Windows XP
7. KB2360937 - Vulnerability in Windows Local Procedure Call
8. KB2378111 - Vulnerability in Windows Media Player
9. KB2387149 - Vulnerability in Microsoft Foundation Classes

• November 2010:

No updates were released for Windows XP

• December 2010:

1. KB2296199 - Vulnerability in OpenType Font (OTF) Driver
2. KB2443105 - Vulnerability in Library Loading in Internet Connection Signup Wizard
3. KB2436673 - Vulnerability in Windows Kernel-Mode Drivers
4. KB2440591 - Vulnerability in Routing and Remote Access
5. KB2423089 - Vulnerability in Windows Address Book
6. KB2416400 - Cumulative Security Update for Internet Explorer 8

• January 2011:

1. KB2419632 - Vulnerability in Microsoft Data Access Components

[Nabeelah]

wow gr88888 ammy thanx for sharing..................................

[Aleyaan]

i like the post

[jacky27]

Its very nice sharing. thanks a lot

[`BaaRisH`]

very Informative...........!!!!!!!!!!!!!!!!!!!!!!!

[sqsohaib]

this is nice for me because i was looking for this kind of news.

[Malik Boota]

A single Thanks button is not good enough for such a thread and I am sad that I could hit Thanks only once..... :$

[Jahangeer Thaheem]

thank you for updating

[nahidaa009]

windows update now Windows 8. Now a days this is more high security and more feature.