Jump to content
  • Microsoft cautions that Patch Tuesday Windows kernel bugfix could break something


    Karlston

    • 1.2k views
    • 2 minutes
     Share


    • 1.2k views
    • 2 minutes

    It was the second Tuesday of the month this week and as such, Microsoft released Patch Tuesday updates on Windows 10 (KB5027215, among others), and Windows 11 (KB5027231).

     

    The update addressed security issues, among other bugs, and as is often the case, there are major bugs affecting it as well. On Windows 11, Patch Tuesday was causing Malwarebytes to go a bit haywire and block Google Chrome. Meanwhile, users reported that Windows 10 update is having installation issues.

     

    While at the time of writing this article, Microsoft is yet to confirm and document either of these bugs, the company has announced that a kernel patch that was released on all versions of Windows, both 10 and 11, has the potential to break the OS. This issue was being tracked under ID "CVE-2023-32019". The patch notes on the update read:

     

    This update addresses an issue that affects the Windows Kernel. This issue is related to CVE-2023-32019.

     

    Microsoft gave additional information about the issue on a knowledge base support document on its website. However, since the release of the update, the company has added a portion to the support page which adds that the change has been disabled by default with an option added to enable it.

     

    The company explains:

     

    IMPORTANT The resolution described in this article introduces a potential breaking change. Therefore, we are releasing the change disabled by default with the option to enable it. In a future release, this resolution will be enabled by default. We recommend that you validate this resolution in your environment. Then, as soon as it is validated, enable the resolution as soon as possible.

     

    Here is a summary of the vulnerability as provided by Microsoft:

     

    An authenticated user (attacker) could cause an information disclosure vulnerability in Windows Kernel. This vulnerability does not require administrator or other elevated privileges.

     

    The attacker who successfully exploits this vulnerability could view heap memory from a privileged process that is running on the server.

     

    Successful exploitation of this vulnerability requires an attacker to coordinate the attack with another privileged process that is run by another user in the system.

     

    You can find the support document on Microsoft's site under KB5028407.

     

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...