October 2009 Security Update Notes

  • Article

* Updated 11/5/09 

Installing the .Net 1.1 SP1 Security Update, KB953297, on Windows Embedded for Point of Service

The MS09-061, Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution update may fail to install on a Windows Embedded Point Of Service Minimum configuration.  Extracting the package, and then running the .msp manually will successfully install this update.

Installing the GDI+ Security Update, KB958869, on Windows Embedded for Point of Service and certain installations of Windows Embedded POSReady 2009

Due to an issue with settings to minimize the footprint of Windows Embedded Point Of Service, the MS09-062, Vulnerabilities in GDI+ Could Allow Remote Code Execution update is not getting installed. This has been an ongoing problem with the GDI+ updates and we are working with WinSE to correct this issue for future updates. Please follow these instructions to install this important update. If you have already installed the SP3 update for Windows Embedded Point Of Service, you should use the files from the SP3QFE directory when instructed to move the QFE folder.

  1. Start a command prompt, this can be done by Clicking on Run from the Start menu, typing ‘cmd’ and pressing Enter.
  2. Extract the files from the package by changing directories to the directory where you have copied the update and typing the following at the command prompt:
    WindowsXP-KB958869-x86-ENU.exe /x:<dir name>
    The remainder of these steps can be done from within Windows Explorer or from the Command Prompt as shown by the examples.
  3. Move the SP2QFE\ASMS folder (or the SP3QFE\ASMS folder if you have installed the SP3 update for WEPOS) to the root of your extracted folder.
    move <dir name>\SP2QFE\ASMS . (Note: space and period are required)
  4. Execute the update.
    <dir name>\update\update.exe
  5. You will be guided through installation wizard to install the package. After installation is complete, the system will reboot.
  6. You can now delete the temporary folder:
    rmdir /s <dir name>

Example: (from a command prompt)
WindowsXP-KB958869-x86-ENU.exe /x:c:\temp\KB958869
cd /d c:\temp\KB958869
move SP2QFE\ASMS . (Note: space and period are required) 
cd update
update.exe

Note: This issue may also be evident in Windows Embedded POSReady 2009 systems that are installed to a USB Storage device (not to a standard hard drive). The same workaround can be applied.

-Gina

Technorati Tags: WEPOS,Point of Sale