Microsoft says latest Windows Kernel fix might actually break more things

Windows 11 2H22 update screenshots
(Image credit: Microsoft)

Microsoft rolled out 63 patches as a part of its June 2023 update for Windows 11 and Windows 10 last Tuesday. Included among them was a fix intended to patch up a vulnerability found in Windows Kernel that could lead to information disclosure, but as it turns out the patch may lead to further issues.

The vulnerability goes by CVE-2023-32019, and it's described as allowed "An authenticated user (attacker) could cause an information disclosure vulnerability in Windows Kernel. This vulnerability does not require administrator or other elevated privileges. The attacker who successfully exploits this vulnerability could view heap memory from a privileged process that is running on the server."

Ultimately, the vulnerability, while potentially dangerous, shouldn't pose an immediate threat to most. However, the fix for it might.

In an update to the bugfix page, Microsoft said (via Neowin):

"IMPORTANT The resolution described in this article introduces a potential breaking change. Therefore, we are releasing the change disabled by default with the option to enable it. In a future release, this resolution will be enabled by default. We recommend that you validate this resolution in your environment. Then, as soon as it is validated, enable the resolution as soon as possible."

Window shopping

Windows 11 Square logo

(Image credit: Microsoft)

Windows 11 review: What we think of the new OS
How to install Windows 11: Safe and secure install
What you need to know before upgrading: Things to note before downloading the latest OS
Windows 11 TPM requirements: Microsoft's strict security policy

Now you have the option to either enable or disable the bugfix based on whether the OS you're running needs it most. By default, the fix is disabled, but Microsoft lists when it should be enabled in a support page.

The difficulty that gamers face right now with Windows is whether to actually download the latest June 13 update (KB5027231/KB5027223/KB5027219). 

On the one hand, it's filled with security fixes that you really should have on your machine.

On the other hand, Reddit is filled with anecdotal reports of Windows users complaining that the latest build of Windows has, to quote one unlucky user, "royally f***ked my pc." Ouch. 

TOPICS
Jacob Ridley
Managing Editor, Hardware

Jacob earned his first byline writing for his own tech blog. From there, he graduated to professionally breaking things as hardware writer at PCGamesN, and would go on to run the team as hardware editor. He joined PC Gamer's top staff as senior hardware editor before becoming managing editor of the hardware team, and you'll now find him reporting on the latest developments in the technology and gaming industries and testing the newest PC components.