MS.Windows.Journal.memcpy.Heap.Overflow
Description
This indicates the detection of an attack attempt against a Heap Overflow vulnerability in Windows Journal.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted file. A remote attacker may be able to exploit this to execute arbitrary code with the context of the application, via a crafted file.
Affected Products
Windows Journal version 6.1.7601.17514 and before
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the latest update from the vendor.
https://support.microsoft.com/en-us/kb/3161102
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |