Windows XP Security updates and patches for 2009

These downloads are Microsoft’s 2009 monthly security updates for Windows XP. You will need to also download the 2008 patches – see the Windows section for a complete listing. The list starts from the most recent and goes backwards down the page. Each item includes the official Microsoft Knowledge Base number – starting with the KB – so you can look them up at Microsoft’s site if needed. Clicking a link will start that patch’s file download.

Really important stuff to read first
The patches are only for the Windows XP operating system. You must install Service Pack 3 and the 2008 updates first. Optional updates, drivers, hotfixes and critical releases for Internet Explorer, Media Player, Office or other Microsoft products are not included here and must be downloaded separately. For important information about patching your system, see this page.

December 2009

• KB955759 – AppCompat update for Indeo codec
• KB970430 – Extended Protection for Authentication in the HTTP Protocol Stack (http.sys).
• KB971737 – Extended Protection for Authentication in Microsoft Windows HTTP Services (WinHTTP).
• KB973904 – WordPad and Office Text Converters Could Allow Remote Code Execution.
• KB974318 – Internet Authentication service could allow remote code execution.
• KB974392 – Local Security Authority Subsystem service could allow denial of service.

November 2009

• KB973039 - Active Directory Could Allow Denial of Service.
• KB969947 - Windows Kernel-Mode Drivers Could Allow Remote Code Execution.

October 2009

• KB973525 - Update Rollup for ActiveX Kill Bits .
• KB974571 - Windows CryptoAPI Could Allow Spoofing.
• KB975467 - Local Security Authority Subsystem Service Could Allow Denial of Service.
• KB969059 - Indexing Service Could Allow Remote Code Execution.
• KB975254 - FTP Service for Internet Information Services Could Allow Remote Code Execution.
• KB958869 - GDI+ Could Allow Remote Code Execution .
• KB971486 - Windows Kernel Could Allow Elevation of Privilege.
• KB953297 - Microsoft .NET Common Language Runtime Could Allow Remote Code Execution ( for .NET Framework 1.1 Service Pack 1).
• KB974417 -Microsoft .NET Common Language Runtime Could Allow Remote Code Execution (for Framework .Net 2 Service Pack 1 and .NET Framework 3.5 SP 1).

September 2009

• KB968816 - Windows Media Format Could Allow Remote Code Execution.
• KB956844 - DHTML Editing Component ActiveX Control Could Allow Remote Code Execution.

August 2009

• KB956744 - Remote Desktop Connection Could Allow Remote Code Execution (update 1).
• KB958470 - Remote Desktop Connection Could Allow Remote Code Execution (update 2).
• KB961371 - Embedded OpenType Font Engine Could Allow Remote Code Execution .
• KB968389 - Extended Protection for Authentication.
• KB971557 - Windows Media File Processing Could Allow Remote Code Execution.
• KB971657 - Workstation Service Could Allow Elevation of Privilege.
• KB960859 - Telnet Could Allow Remote Code Execution.
• KB973815 - Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (Microsoft MSWebDVD ActiveX Control).
• KB973507 - Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (Windows ATL Component).
• KB973869 - Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (DHTML Editing Component ActiveX Control).
• KB973540 - Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (Windows Media Player 9, 10 or 11).

Microsoft

Windows XP Home or Windows XP Professional with Service Pack 3 installed.

DOWNLOAD Windows XP Security updates and patches for 2009