Windows kernel fix for CVE-2023-32019 enabled for all (August 2023)

Posted on 2023-08-20 by guenni

Windows[German]Small addendum to the vulnerability CVE-2023-32019 in the Windows kernel. Microsoft had patched the relevant vulnerability on patchday (June 13, 2023), but had not armed it. The vulnerability CVE-2023-32019 can be used to obtain information. To enable the fix against the vulnerability, administrators could previously set a registry entry under Windows. Now Microsoft has automatically armed this protection against the vulnerability for all users with the security updates of August 8, 2023.

Advertising

Vulnerability CVE-2023-32019

Vulnerability CVE-2023-32019 was reported to Microsoft by Mateusz Jurczyk of Google Project Zero and affects the Windows kernel. An attacker could exploit this vulnerability to read heap memory from a privileged process running on the server. The attacker does not need admin or other elevated privileges to do this, but must be authenticated.

However, for successful exploitation of this vulnerability, an attacker must coordinate the attack with another privileged process run by another user on the system. Therefore, Microsoft rates the vulnerability as "important" but considers the practical exploitability to be low.

June 2023 Patchday (KB5028407)

The vulnerability had been closed in June 2023 update for Windows 10, Windows 11 and Windows Server 2019-2022 (see also Patchday: Windows 10-Updates (June 13, 2023) and Patchday: Windows 11/Server 2022-Updates (June 13, 2023)). However, the fix has not been activated, as you can read for example in the relevant support article KB5028407. There you can find the note that the patch is ineffective because this fix is disabled by default. To apply this fix, a registry entry had to be set, but it depended on the Windows version. I had discussed the details within the article June 2023 Patchday (KB5028407): Windows Kernel vulnerability CVE-2023-32019 requires registry fix.

Fix for CVE-2023-32019 activated in general

On August 2023 patchday (8.8.2023), Microsoft then armed the patch in general for affected Windows versions. The English-language support article KB5028407 now states:

IMPORTANT The resolution described in this article has been released enabled by default. To apply the enabled by default resolution, install the Windows update that is dated on or after August 8, 2023. No further user action is required.

I missed that, but the folks at neowin.net spottet it on August 10, 2023. And now I'm  mentioned the information here on the blog.

Advertising

Similar articles:
Microsoft Security Update Summary (August 8, 2023)
Patchday: Windows 10 Updates (August 8, 2023)
Patchday: Windows 11/Server 2022 Updates (August 8, 2023)
Microsoft Security Update Summary (June 13, 2023)
Patchday: Windows 10-Updates (June 13, 2023)
Patchday: Windows 11/Server 2022-Updates (June 13, 2023)
June 2023 Patchday (KB5028407): Windows Kernel vulnerability CVE-2023-32019 requires registry fix

Advertising
This entry was posted in Security, Update, Windows and tagged , , , . Bookmark the permalink.

2 Responses to Windows kernel fix for CVE-2023-32019 enabled for all (August 2023)

    • guenni says:
      2023-08-23 at 1:08

      Notice that – in my understanding, there is nothing new that extends the blog post – or I am wrong?

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).