The latest Patch Tuesday has been available since June 15th and fixes a variety of bugs and security vulnerabilities in Microsoft software. But, as the publisher points out, major problems can also arise under Windows.
On June 15, 2023, Microsoft deployed its famous Patch Tuesday, that series of patches that the publisher releases every second Tuesday of the month to fix bugs but also and above all to close vulnerabilities recently identified and sometimes already of exploited by hackers. The latest shipment was no exception to the rule and included around 78 patches, 6 of which were classified as critical seal breaches. Nothing unusual from the past. However, the June Patch Tuesday differs from the previous ones in several details. And especially the fact that it can generate a stability problem itself, as Microsoft officially recognized shortly after its release.
As always for Windows, Patch Tuesday leads to the installation of a “cumulative update” realized through a new version of the system, the famous KBxxxxx with variations for each Windows version: namely KB5027215 for Windows 10 21H2 and 22H2, KB5027223 for Windows 11 and KB5027231 for Windows 11 22H2 (see our article on builds and KBs). Now let’s move on to the myriad of bugs with references that are still just as poetic as corrected by Microsoft (CVE-2023-32013, CVE-2023-32015, CVE-2023-32014, CVE-2023-29363, CVE-2023-32015, CVE- 2023). -32014 and CVE-2023-29363…), the nature of which and the associated risks will only be of interest to security professionals.
The most important thing to note, and this time for all users, is that these updates aren’t always painless. Be it Windows 10 or Windows 11, several internet users have reported that the installation via Windows Update is problematic, takes a very long time or even just gets blocked. Some experts even noticed an endless cleaning process after restarting the PC, sometimes leading to starting over without installing the update. The only solution mentioned: while waiting for Microsoft to come up with an official solution, let’s uninstall the update (see our practice sheet)… even if it doesn’t work! And for some users, update Google Chrome crashes due to MalwareBytes, the famous security tool.
Patch Tuesday, June 2023: A patch that is disabled by default
Even more surprising and annoying is that one of the patches included in Patch Tuesday causes a fatal flaw in the Windows kernel (10 and 11), the heart of the operating system. This patch was originally intended to fix the CVE-2023-32019 vulnerability, a potentially dangerous vulnerability that does not pose an immediate threat to most users. According to Microsoft, “an authenticated user (attacker) could introduce an information disclosure vulnerability in the Windows kernel. This vulnerability does not require administrative or other elevated privileges. The attacker who successfully exploited this vulnerability could see the heap memory of a running privileged process on the server.” The catch is that the patch itself may open a hole, as the publisher says: “IMPORTANT: The one described in this article Patch leads to a potential disruption. Therefore, we are posting the change disabled by default with an option to enable it. In a future release, this resolution will be enabled by default. We recommend that you validate this resolution in your environment. Once validated, activate the resolution as soon as possible.
In order to prevent its patch from doing more harm than good by weakening the Windows kernel, Microsoft apparently preferred to disable this patch while waiting for a solution… And not to take any risks by shifting the responsibility to users . the publisher himself indicates how to proceed to activate this famous cursed patch in the different versions of Windows (from Windows 10 1607 to Windows 11 22H2). We believe we are dreaming! But we shouldn’t really be surprised when we see what a perfect mess Microsoft has been building Windows in lately (see our rant)…
Anyway, and without touching anything, we were able to install Patch Tuesday with Windows 11 Build 22621.1848 on multiple PCs without facing the slightest problem. Even better: Some readers have told us that after installing it on their PC they felt more comfortable and the operation was smoother. Since the problems reported do not seem to be the majority, it seems sensible to apply the June 2023 Patch Tuesday, if only to correct the deficiencies found.
To conclude, I would like to point out the great development: Microsoft has announced that the Moment 3 update for Windows 11, which brings with it several small improvements (see our article), will be automatically installed on all compatible PCs from July, it is still optional . Are you still following? To cheer !