August 14, 2023 By Lawrence Abrams
Microsoft has enabled a fix for a Kernel information disclosure vulnerability by default for everyone after previously disabling it out of concerns it could introduce breaking changes to Windows.
The vulnerability is tracked as CVE-2023-32019 and has a medium severity range 4.7/10, with Microsoft rating the flaw as 'important' severity.
The bug was discovered by Google Project Zero security researcher Mateusz Jurczyk, and it allows an authenticated attacker to access the memory of a privileged process to extract information.
While it is not believed to have been exploited in the wild, Microsoft initially released the security update with the fix disabled, warning that it could cause breaking changes in the operating system.
