Security News > 2023 > August > Microsoft enables Windows Kernel CVE-2023-32019 fix for everyone

Microsoft has enabled a fix for a Kernel information disclosure vulnerability by default for everyone after previously disabling it out of concerns it could introduce breaking changes to Windows.
While it is not believed to have been exploited in the wild, Microsoft initially released the security update with the fix disabled, warning that it could cause breaking changes in the operating system.
Microsoft would not share what conflicts could arise from enabling the update, simply telling BleepingComputer at the time that it would be enabled by default in the future.
As first spotted by Neowin, Microsoft has now enabled the fix for CVE-2023-32019 by default in the August 2023 Patch Tuesday updates.
"The resolution described in this article has been released enabled by default. To apply the enabled by default resolution, install the Windows update that is dated on or after August 8, 2023." explains Microsoft in an update to its support bulletin.
Microsoft: Windows Kernel CVE-2023-32019 fix is disabled by default.
News URL
Related news
- Microsoft patches Windows Kernel zero-day exploited since 2023 (source)
- Microsoft lifts Windows 11 update block for some AutoCAD users (source)
- Microsoft replacing Remote Desktop app with Windows App in May (source)
- Microsoft: Recent Windows updates make USB printers print random text (source)
- Microsoft: March Windows updates mistakenly uninstall Copilot (source)
- Microsoft fixes Windows update bug that uninstalled Copilot (source)
- Microsoft lifts Windows 11 upgrade block after Asphalt 8 crash fix (source)
- Microsoft: Recent Windows updates cause Remote Desktop issues (source)
- Microsoft fixes printing issues caused by January Windows updates (source)
- Microsoft: New Windows scheduled task will launch Office apps faster (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-14 | CVE-2023-32019 | Exposure of Resource to Wrong Sphere vulnerability in Microsoft products Windows Kernel Information Disclosure Vulnerability | 4.7 |