When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Microsoft makes potentially-breaking Windows kernel patch default after an earlier warning

Neowin · · Hot! with 5 comments

A bug Windows 11 Patch Tuesday

Microsoft, earlier this week, released its August Patch Tuesday updates for Windows 10 (KB5029244) and Windows 11 (KB5029263/KB5029253) and also Servers. The one for 10 finally fixed an Intel DirectX issue on an older Windows 10 version.

Aside from Windows, Microsoft also rolled out Office security updates for Outlook, Excel, Word, and more, which fix issues like spoofing and remote code execution (RCE). So you should probably update if you haven't already (find the download links here).

Speaking of security updates, this month's Patch enables a kernel security vulnerability fix by default, something Microsoft had cautioned back in June that it could potentially break something on your system, though it didn't really go into much detail about it. The support page for the issue has been updated with the following message now:

IMPORTANT The resolution described in this article introduces a potential breaking change. Therefore, we are releasing the change disabled by default with the option to enable it. We recommend that you validate this resolution in your environment. Then, as soon as it is validated, enable the resolution as soon as possible.

NOTE The resolution described in this article has now been released enabled by default.

[...]

IMPORTANT The resolution described in this article has been released enabled by default. To apply the enabled by default resolution, install the Windows update that is dated on or after August 8, 2023. No further user action is required.

Here is a summary of the vulnerability as provided by Microsoft. The flaw, a Windows kernel information disclosure vulnerability is tracked under ID "CVE-2023-32019":

Summary

An authenticated user (attacker) could cause an information disclosure vulnerability in Windows Kernel. This vulnerability does not require administrator or other elevated privileges.

The attacker who successfully exploits this vulnerability could view heap memory from a privileged process that is running on the server.

Successful exploitation of this vulnerability requires an attacker to coordinate the attack with another privileged process that is run by another user in the system.

You can find the support document on Microsoft's site under KB5028407.

Report a problem with article
Microsoft Edge browser
Next Article

Microsoft Edge team works with the Office team for performance improvements

Claude safety comparisons
Previous Article

Anthropic launches Claude Instant 1.2 which hallucinates less than other models

Join the conversation!

Login or Sign Up to read and post a comment.

5 Comments - Add comment