January 2008 KB941644 – Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (replaces KB917953 from June 2006) KB943485 – Vulnerability in LSASS Could Allow Local Elevation of Privilege By the way, you've listed update 936782 twice in your original post, once under IE7 and again under WMP9-11. The actual fix applies to WMP whereas the IE hotfix you've probably got wrong is 938127. Cheers, ael