KB5028407: How to manage the vulnerability associated with CVE-2023-32019
Summary
An authenticated user (attacker) could cause an information disclosure vulnerability in Windows Kernel. This vulnerability does not require administrator or other elevated privileges.
The attacker who successfully exploits this vulnerability could view heap memory from a privileged process that is running on the server.
Successful exploitation of this vulnerability requires an attacker to coordinate the attack with another privileged process that is run by another user in the system.
For more information about this vulnerability, see CVE-2023-32019 | Windows Kernel Information Disclosure Vulnerability.
Resolution
To mitigate the vulnerability associated with CVE-2023-32019, install the June 2023 Windows update or a later Windows update. By default, the fix for this vulnerability is disabled. To enable the fix, you must set a registry key value based on your Windows operating system.
Registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FeatureManagement\Overrides
DWORD name: 4237806220
Value data: 1
Registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FeatureManagement\Overrides
DWORD name: 4204251788
Value data: 1
Registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FeatureManagement\Overrides
DWORD name: 4103588492
Value data: 1
Registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FeatureManagement\Overrides
DWORD name: 4137142924
Value data: 1
Registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Configuration Manager
DWORD name: LazyRetryOnCommitFailure
Value data: 0
Registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Configuration Manager
DWORD name: LazyRetryOnCommitFailure
Value data: 0
