Four new Windows patches to avoid: KB 2952664, 2976978, 2977759, and Windows Journal 3170735

Microsoft has released four new patches for Windows 7 and 8.1, and they’re all worthy of your neglect.

Three of yesterday’s patches, KB 2952664, KB 2976978, KB 2977759, are like bad patching pennies — they keep turning up. These “compatibility updates” are meant to help users navigate the delicate transition from Windows 7 SP1, Windows 8 and 8.1, and Windows 7 RTM (respectively) to Windows 10. I last wrote about them on March 31, and there doesn’t appear to be anything new with any of them.

The patches are up to versions 23, 27, and 23, respectively, making a total of 73 times they’ve been pushed out the automatic update chute. All are marked as optional (and thus unchecked) nonsecurity patches. No doubt they’ll morph into recommended patches in a week or two, as is Microsoft’s wont.

The fourth patch, KB 3170735, has a different pedigree. It’s an optional, nonsecurity update for Windows Journal that “adds the capability to notify you about future Windows Journal developments.” Windows Journal, you may recall, is a prehistoric, pen-centric, note-taking application — kind of a Neanderthal OneNote — that appeared in WinXP Tablet. Except for security patches, it has languished unchanged since then.

Windows Journal produces .JNT files, which can be read by the Windows Journal app itself (even on Windows 10) or by a specially crafted standalone JNT Viewer. The KB 816091 article associated with the Viewer has been archived, which means Microsoft no longer supports it. I couldn’t find the Viewer available for download from Microsoft’s site, but it is available from various third-party sites.

OneNote doesn’t work with JNT files.

Windows Journal has long been a thorn in Microsoft’s side. Attackers have found that jimmying the JNT file can take over a PC — if you double-click on a JNT file, your PC could be handed over to an exploiter. You don’t have to do anything other than open the JNT file.

There have been six security patches released in the past two years for Windows Journal alone:

• MS14-038 / KB 2975689 in July 2014
• MS15-045 / KB 3046002 in May 2015
• MS15-098 / KB 3069114 in September 2015
• MS15-114 / KB 3100213 in November 2015
• MS16-013 / KB 3115858 in February 2016
• MS16-056 / KB 3156761 in May 2016

In addition, there have been nonsecurity patches — for the most part undocumented — including KB 3138378 in May, a problematic patch that is up to revision 4.

We’ve even seen Windows Journal patches creeping into Windows 10 cumulative updates, with Windows 10.1.12 (version 1511 build 10586.318), released in May, identifying Windows Journal patches specifically. No doubt there were other cumulative updates with Windows Journal patches that simply remain undocumented.

Why is Microsoft giving Windows Journal such special treatment now, with a KB designed to “notify you about future Windows Journal developments”? I have a theory. My guess is that Microsoft is going to deprecate Windows Journal in the Win10 Anniversary Update. Further, I think this KB only exists in order to warn you that you’re going to lose Windows Journal if you install the Anniversary Update, presumably after Aug. 2.

If you type “Windows Journal” in the Cortana search box in Win10 build 1511, Windows Journal appears, begging for you to install a print driver. If you type “Windows Journal” in the Cortana search box in any recent “Redstone 1” build of Windows 10, you’re met with a blank stare — or a Bing search, which is Cortana’s version of a blank stare.

The long and short of it: Windows Journal is a massive security hole in Windows that Microsoft hasn’t been able to fix. Microsoft has let Journal lie fallow since XP days. I believe Journal’s about to get the axe.

I can’t say I blame Microsoft.