IMPORTANT The resolution described in this article has been released enabled by default. To apply the enabled by default resolution, install the Windows update that is dated on or after August 8, 2023. No further user action is required.
Summary
An authenticated user (attacker) could cause an information disclosure vulnerability in Windows Kernel. This vulnerability does not require administrator or other elevated privileges.
The attacker who successfully exploits this vulnerability could view heap memory from a privileged process that is running on the server.
Successful exploitation of this vulnerability requires an attacker to coordinate the attack with another privileged process that is run by another user in the system.
For more information about this vulnerability, see CVE-2023-32019 | Windows Kernel Information Disclosure Vulnerability.
Resolution
We recommend that you install Windows security updates released on or after August 8, 2023 to address the vulnerability associated with CVE-2023-32019. The Windows security updates released on or after August 8, 2023 have the resolution enabled by default.
If you install Windows security updates released in June 2023 or July 2023, you will have to enable the resolution to be protected by setting a registry key value based on your Windows operating system listed below.
Registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FeatureManagement\Overrides
DWORD name: 4237806220
Value data: 1
Registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FeatureManagement\Overrides
DWORD name: 4204251788
Value data: 1
Registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FeatureManagement\Overrides
DWORD name: 4103588492
Value data: 1
Registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FeatureManagement\Overrides
DWORD name: 4137142924
Value data: 1
Registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Configuration Manager
DWORD name: LazyRetryOnCommitFailure
Value data: 0
Registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Configuration Manager
DWORD name: LazyRetryOnCommitFailure
Value data: 0
References
Learn about the standard terminology that is used to describe Microsoft software updates.
Change date |
Change description |
---|---|
August 9, 2023 |
Added notes to the top of the article and to the "Resolution" section about the resolution that has now been released enabled by default. No further user action is required. |
August 18, 2023 |
Removed the recommendation for validation concerning breaking changes in the "Resolution" section because after multiple investigations and tests, no issues were found associated with this update. |