Fortinet Discovers Microsoft Journal Heap Overflow Vulnerability
Fortinet's FortiGuard Labs has discovered a heap overflow vulnerability in Windows Journal.
Windows Journal is a note-taking application that was first introduced in Windows XP Tablet PC Edition. It's currently a component of all supported client versions of Windows through Windows 10 Version 1511.
A heap overflow vulnerability has been discovered in Windows Journal. The vulnerability can be triggered with a crafted .jtp file which causes an out of bounds memory write, due to improper bounds checking. It could allow malicious users to create code execution scenarios.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Sep 12, 2016
Users should apply the solution provided by Microsoft.
The file format used by Windows Journal has been demonstrated to be susceptible to many security exploits. Therefore, Microsoft removes Journal from all versions of Windows in KB3161102.
This vulnerability was discovered by Honggang Ren of Fortinet's FortiGuard Labs.