Redmond releases security update for all Windows versions

Feb 10, 2016 12:54 GMT  ·  By

One of the updates that Microsoft rolled out as part of this month’s Patch Tuesday cycle comes to address a critical security flaw in absolutely all Windows versions that are still being supported, starting with Windows Vista Service Pack 2 and ending with Windows 10.

MS16-013 is an update flagged by Microsoft as critical and fixes a Windows Journal vulnerability that would allow an attacker to get control of an unpatched system.

Microsoft explains:

“This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted Journal file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.”

“For an attack to be successful, this vulnerability requires that a user open a specially crafted Journal file with an affected version of Windows Journal. In an email attack scenario, an attacker could exploit the vulnerability by sending a specially crafted Journal file to the user and then convincing the user to open the file.”

What to do until the patch is installed

In case you haven’t yet installed the patch, Microsoft recommends users to avoid opening suspicious file attempts, but also to remove the .jnt file type association to make sure that Windows Journal won’t be launched to allow cybercriminals to exploit the flaw. Needless to say, if you still want to open .jnt files, you need a third-party solution with support for this extension.

Additionally, you can remove Windows Journal by disabling the Windows feature that installs it (which is called Tablet PC Components in Windows 7 and 8.1) or deny access to Journal.exe through a firewall.

Obviously, the best way to remain protected is to install the new patch, which is currently being shipped via Windows Update to Windows computers, but as a general recommendation, it’s better not to open any files coming from unknown sources anyway.