CVE-2015-6097

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version

Description The issue is a heap-based buffer overflow in Windows Journal that allows remote attackers to execute arbitrary code via a crafted Journal (.jnt) file. This can enable an attacker to take control of the affected system, install programs, view, change, or delete data, or create new accounts with full user rights. The vulnerability requires a user to open a specially crafted Journal file with an affected version of Windows Journal. Users with fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Recommendations For Microsoft Windows versions prior to the fixed version, update to the latest version to resolve the issue. As a temporary workaround, consider avoiding the use of Windows Journal to open .jnt files until a patch is available. Restrict access to Windows Journal to minimize the risk of exploitation.