Microsoft Windows Kernel CVE-2023-32019 fix is disabled by default


A Kernel information leak vulnerability that affects computers running several Windows versions, including the most recent Windows 10, Windows Server, and Windows 11 releases, has been fixed by Microsoft with an optional patch.

Redmond has classified this security issue as being of crucial severity despite its medium severity range CVSS base score of 4.7/10. The flaw, discovered by Mateusz Jurczyk of Google Project Zero, allows authorised attackers to access the heap memory of privileged processes running on unpatched devices.

Read More…