Security News > 2023 > August > Microsoft enables Windows Kernel CVE-2023-32019 fix for everyone

Microsoft has enabled a fix for a Kernel information disclosure vulnerability by default for everyone after previously disabling it out of concerns it could introduce breaking changes to Windows.
While it is not believed to have been exploited in the wild, Microsoft initially released the security update with the fix disabled, warning that it could cause breaking changes in the operating system.
Microsoft would not share what conflicts could arise from enabling the update, simply telling BleepingComputer at the time that it would be enabled by default in the future.
As first spotted by Neowin, Microsoft has now enabled the fix for CVE-2023-32019 by default in the August 2023 Patch Tuesday updates.
"The resolution described in this article has been released enabled by default. To apply the enabled by default resolution, install the Windows update that is dated on or after August 8, 2023." explains Microsoft in an update to its support bulletin.
Microsoft: Windows Kernel CVE-2023-32019 fix is disabled by default.
News URL
Related news
- Microsoft patches Windows Kernel zero-day exploited since 2023 (source)
- New Microsoft script updates Windows media with bootkit malware fixes (source)
- Microsoft has finally fixed Date & Time bug in Windows 11 (source)
- Microsoft shares workaround for Windows security update issues (source)
- Windows 10 KB5051974 update force installs new Microsoft Outlook app (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Microsoft fixes bug causing Windows Server 2025 boot errors (source)
- Microsoft to remove the Location History feature in Windows (source)
- Microsoft testing fix for Windows 11 bug breaking SSH connections (source)
- Microsoft launches ad-supported Office apps for Windows users (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-14 | CVE-2023-32019 | Exposure of Resource to Wrong Sphere vulnerability in Microsoft products Windows Kernel Information Disclosure Vulnerability | 0.0 |