It was the second Tuesday of the month this week and as such, Microsoft released Patch Tuesday updates on Windows 10 (KB5027215, among others), and Windows 11 (KB5027231).
The update addressed security issues, among other bugs, and as is often the case, there are major bugs affecting it as well. On Windows 11, Patch Tuesday was causing Malwarebytes to go a bit haywire and block Google Chrome. Meanwhile, users reported that Windows 10 update is having installation issues.
While at the time of writing this article, Microsoft is yet to confirm and document either of these bugs, the company has announced that a kernel patch that was released on all versions of Windows, both 10 and 11, has the potential to break the OS. This issue was being tracked under ID "CVE-2023-32019". The patch notes on the update read:
This update addresses an issue that affects the Windows Kernel. This issue is related to CVE-2023-32019.
Microsoft gave additional information about the issue on a knowledge base support document on its website. However, since the release of the update, the company has added a portion to the support page which adds that the change has been disabled by default with an option added to enable it.
The company explains:
IMPORTANT The resolution described in this article introduces a potential breaking change. Therefore, we are releasing the change disabled by default with the option to enable it. In a future release, this resolution will be enabled by default. We recommend that you validate this resolution in your environment. Then, as soon as it is validated, enable the resolution as soon as possible.
Here is a summary of the vulnerability as provided by Microsoft:
An authenticated user (attacker) could cause an information disclosure vulnerability in Windows Kernel. This vulnerability does not require administrator or other elevated privileges.
The attacker who successfully exploits this vulnerability could view heap memory from a privileged process that is running on the server.
Successful exploitation of this vulnerability requires an attacker to coordinate the attack with another privileged process that is run by another user in the system.
You can find the support document on Microsoft's site under KB5028407.
11 Comments - Add comment