AskVG

Fix Kernel Information Disclosure Vulnerability in Windows 10 and 11

- Last updated on by

A new information disclosure vulnerability was discovered in Windows Kernel in Windows 10, Windows 11 and Windows Server operating systems. Microsoft released new updates for Windows 10 21H2/22H2 and Windows 11 21H2/22H2 versions to fix the vulnerability. But older versions of Windows 10 such as 1607, 1809 and 20H2 are still vulnerable as Microsoft has ended support for these Windows 10 versions and no longer releases new updates for these OS.

Don’t worry! Microsoft has provided Registry fixes to manually patch all vulnerable Windows versions to fix the security issue. In this article, we’ll discuss more about the vulnerability and how to fix it.

Fix_Kernel_Information_Disclosure_Vulnerability_Windows_10_11_Server.png

Advertisement

Windows Kernel Information Disclosure Vulnerability Found in Windows 10 and 11

Recently a security vulnerability was discovered in Windows Kernel in Windows 10 and Windows 11 operating systems. This vulnerability was labelled as CVE-2023-32019 and contains following security risk:

An authenticated user (attacker) could trigger an information disclosure vulnerability in Windows Kernel. This vulnerability does not require administrator or other elevated privileges. The attacker who successfully exploits this vulnerability could view heap memory from a privileged process that is running on the server. Successful exploitation of this vulnerability requires an attacker to coordinate the attack with another privileged process that is run by another user in the system.

The vulnerability was discovered in following Windows versions:

  • Windows 10 version 1607, 1809, 20H2, 21H2, 22H2
  • Windows 11 version 21H2, 22H2
  • Windows Server 2016, 2019, 2022

Fix Windows Kernel Vulnerability in Windows 10, Windows 11 and Windows Server

Microsoft has released new updates for Windows 10 21H2/22H2 and Windows 11 21H2/22H2 to patch the vulnerability. The KB5027215, KB5027223 and KB5027231 updates released as a part of Patch Tuesday for June 2023 patch the vulnerability in Windows 10 21H2/22H2, Windows 11 21H2 and Windows 11 22H2 operating systems respectively.

You can install the updates using Windows Update in your device or you can manually download and install the update using following exclusive article:

Important Security News and Updates

By default, the fix for the above mentioned vulnerability is disabled. To apply the fix, you must implement a registry tweak in your Windows device.

Advertisement

If you are using a supported/unsupported Windows 10 or Windows 11 device or you manage Windows Server OS, you must apply the following registry tweak to patch the vulnerability immediately:

1. Press “WIN+R” key combination to launch RUN dialog box then type regedit and press Enter. It’ll open Registry Editor.

2. Now modify following registry key according to your Windows version (you can check your Windows version using any method given in this article):

For Windows 11 22H2:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FeatureManagement\Overrides

In right-side pane, create a new DWORD with the name 4237806220 and set its value to 1

For Windows 11 21H2:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FeatureManagement\Overrides

In right-side pane, create a new DWORD with the name 4204251788 and set its value to 1

For Windows 10 20H2, 21H2, 22H2:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FeatureManagement\Overrides

In right-side pane, create a new DWORD with the name 4103588492 and set its value to 1

For Windows Server 2022:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FeatureManagement\Overrides

In right-side pane, create a new DWORD with the name 4137142924 and set its value to 1

For Windows 10 version 1607 and 1809:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Configuration Manager

In right-side pane, create a new DWORD with the name LazyRetryOnCommitFailure and set its value to 0

PS: You might need to create the keys in Registry if not present.

3. Close Registry Editor and restart your computer to take effect.

Now you are safe from the vulnerability.

Registry Scripts to Patch the Vulnerability Automatically in Windows

If you don’t want to modify registry yourself, we have created ready-made Registry script file for our readers convenience to apply the required Registry tweaks automatically.

Download following ZIP file, extract it using 7-Zip or other file archive utilities and run the extracted REG file:

Registry Script to Patch Kernel Vulnerability in Windows 10, 11 and Server

The script file will ask for confirmation, accept it.

After applying the Registry script, restart computer and your computer will be safe.

Also Check:

[Tip] How to Perform In-Place Upgrade of Windows without Formatting

[Fix] Windows Updates Fail to Install with 0x800f081f Error Code

Published in: Windows 10, Windows 11

About the author: Vishal Gupta (also known as VG) has been awarded with Microsoft MVP (Most Valuable Professional) award. He holds Masters degree in Computer Applications (MCA). He has written several tech articles for popular newspapers and magazines and has also appeared in tech shows on various TV channels.

You are here: Home » Windows 10 » Fix Kernel Information Disclosure Vulnerability in Windows 10 and 11

Comments

NOTE: Older comments have been removed to reduce database overhead. Be the first one to start the discussion.

Leave a Comment

Your email address will not be published. Required fields are marked *

NOTE: Your comment may not appear immediately. It'll become visible once we approve it.