Skip to main content
close search
site logo
Dive Brief

Microsoft reports a "critical" vulnerability in every supported version of Windows

Published Feb. 10, 2016
By
Contributing Editor
Flickr; Kārlis Dambrāns

Dive Brief:

  • Users of all supported versions of Windows — from Vista through Windows 10 — should immediately patch a serious flaw in how the operating system handles certain files, Microsoft said in its monthly security bulletin, ZDNet reports
  • The vulnerability could allow an attacker to run arbitrary code as the logged-in user, the company said.
  • At this point, Microsoft said, it was not aware of any attacker having exploited the flaw.

Dive Insight:

Administrator accounts are at the greatest risk, Microsoft said, although an attacker would have to get a user to open a specially-crafted Journal file in order to gain access. If access were gained, the attacker could "run programs, delete data, and create new accounts with full user rights," ZDNet reports.

Vulnerabilities are a continuing problem for everyone from PC makers like Lenovo to smartphone makers like Android, and everyone in between. In January, Oracle issued a record 248 patches, the majority of which were for Java SE, its platform to run Java applications.

Microsoft releases security updates, as do other companies, but this difference with this one was how it impacted every supported version of Windows. Considering the number of companies that use Microsoft technology, it might be best to security administrators update company systems. 

Recommended Reading

Filed Under: Security, Software

Editors' picks

Company Announcements

View all | Post a press release
Welo Data Launches Innovative Model Assessment Suite, Advancing Multilingual Causal Reasoning …
From Welocalize, Inc.
December 17, 2024
Newgen Software Receives Guidewire PartnerConnect Technology Excellence Award
From Newgen
January 02, 2025

Want to share a company announcement with your peers?

Get started

Editors' picks
Latest in Security
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.