- Users of all supported versions of Windows — from Vista through Windows 10 — should immediately patch a serious flaw in how the operating system handles certain files, Microsoft said in its monthly security bulletin, ZDNet reports.
- The vulnerability could allow an attacker to run arbitrary code as the logged-in user, the company said.
- At this point, Microsoft said, it was not aware of any attacker having exploited the flaw.
Administrator accounts are at the greatest risk, Microsoft said, although an attacker would have to get a user to open a specially-crafted Journal file in order to gain access. If access were gained, the attacker could "run programs, delete data, and create new accounts with full user rights," ZDNet reports.
Vulnerabilities are a continuing problem for everyone from PC makers like Lenovo to smartphone makers like Android, and everyone in between. In January, Oracle issued a record 248 patches, the majority of which were for Java SE, its platform to run Java applications.
Microsoft releases security updates, as do other companies, but this difference with this one was how it impacted every supported version of Windows. Considering the number of companies that use Microsoft technology, it might be best to security administrators update company systems.