Microsoft Knowledge Base Article 828217 contains the following summary:

The Windows Preinstallation Environment (WinPE) is a minimal Win32 subsystem with limited services, and it is based on the Windows XP Professional or the Windows Server 2003 kernel that is running in protected mode. WinPE contains the minimum functionality that you must have to run Windows Setup and to then pull an operating system from a network share.

This article describes how to apply the 824146 security patch to WinPE.

Note The 824146 security patch replaces the 823980 security patch.

For additional information about the 823980 security patch, click the following article number to view the article in the Microsoft Knowledge Base:

823980 MS03-026: Buffer Overrun in RPC May Allow Code Execution

For additional information about the 824146 security patch, click the following article number to view the article in the Microsoft Knowledge Base:

824146 MS03-039: A Buffer Overrun in RPCSS Could Allow an Attacker to Run Malicious Programs

Important In addition to applying the 824146 security patch to WinPE, administrators and OEMs are encouraged to integrate or slipstream the 824146 security patch into their Windows installation source files.

For additional information about how to integrate or slipstream the 824146 security patch into your Windows installation source files, click the following article number to view the article in the Microsoft Knowledge Base:

828930 How to Integrate Product Updates into Your Windows Installation Source Files