This week, Microsoft released routine security updates to Windows 10/11 and server versions . This security update involves the CVE-2023-32019 vulnerability.

According to the description, this security update is to fix an information disclosure vulnerability in the kernel, but unfortunately there seems to be a problem with the fix code that will cause some new problems.

In view of this, Microsoft has modified the policy to disable kernel-related changes by default, and enterprises can verify that there is no problem in the environment before enabling them.

Authenticated users including an attacker could lead to kernel information disclosure, this vulnerability does not require administrator privileges or privilege escalation by other means.

An attacker who successfully exploited this vulnerability could view heap memory in a privileged process running on the server, which can also be combined with other vulnerabilities to achieve privilege escalation.

To resolve this vulnerability, the 2023-06 routine update needs to be installed. By default, this solution has been disabled, and enterprises can enable the solution on demand.

Microsoft did not clearly state what problems the code modification of the kernel would cause, but Microsoft emphasized that deploying this solution may cause some new problems.

Therefore, Microsoft disables relevant changes by default. Microsoft recommends that enterprises verify the repair solution in the environment, and then enable the solution after there is no problem.

This repair solution will be enabled by default in the future, so if the enterprise does not install it for testing in advance, it may cause damage after it is enabled by default later.

Install the latest security update on the test machine, install it and after restarting to confirm the installation is complete, go to the following path of the registry editor and follow the prompts.

1. # Registry editor path
2. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FeatureManagement\Overrides
3. # Create a new DWORD32 and name it
4. 4237806220 #Windows 11 22H2
5. 4204251788 #Windows 11 21H2
6. 4103588492 #Windows 10 20H2/21H2/22H2
7. 4137142924 #Windows Server 2022
8. # After creating a new one, modify its key value to
9. 1 # enable policy
10. 0 # disable policy
11. # Corresponding names of other systems
12. LazyRetryOnCommitFailure #Windows 10 v1809 / Server 2019
13. LazyRetryOnCommitFailure #Windows 10 v1607 / Server 2016
14. # Change its key value to
15. 0

For specific help documents, visit Microsoft’s official website: How to manage the vulnerability associated with CVE-2023-32019