MS16-013: Security Update for Windows Journal to Address Remote Code Execution (3134811)
High Nessus Plugin ID 88645
SynopsisThe remote Windows host is affected by a remote code execution vulnerability.
DescriptionThe remote Windows host is affected by a remote code execution vulnerability in Windows Journal due to improper parsing of Journal files. An unauthenticated, remote attacker can exploit this by convincing a user to open a specially crafted Journal file, resulting in the execution of arbitrary code in the context of the current user.
SolutionMicrosoft has released a set of patches for Windows Vista, 2008, 7, 2008 R2, 2012, 8.1, 2012 R2, and 10.