Microsoft Windows Journal Multiple Vulnerabilities

Last Update Date: 9 Sep 2015 15:06 Release Date: 9 Sep 2015 3624 Views

RISK: High Risk

High Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

A denial of service vulnerability exists in Windows Journal when a specially crafted Journal file is opened in Windows Journal. An attacker who successfully exploited this vulnerability could cause data loss on the target system. Note that the denial of service would not allow an attacker to execute code or to elevate their user rights.

For an attack to be successful, a user must open a specially crafted Journal file with an affected version of Windows Journal. In an email attack scenario, an attacker could exploit the vulnerability by sending a specially crafted Journal file to the user and by convincing the user to open the file. The update addresses the vulnerability by correcting how Windows Journal manages objects in memory.

Microsoft received information about this vulnerability through coordinated vulnerability disclosure. When this security bulletin was issued, Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers.

Impact

  • Remote Code Execution

System / Technologies affected

  • Windows Vista, 7, 8, 8.1, RT, RT 8.1, 10
  • Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  •     The vendor has issued a fix

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft Graphics Component Multiple Vulnerabilities

9 Sep 2015 3516 Views

Next

Microsoft Office Multiple Vulnerabilities

9 Sep 2015 3631 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY