June 2023 Patch Tuesday « Giveaway of the Day Forums

Back to Giveaway of the Day

Giveaway of the Day Forums » Technical notes

June 2023 Patch Tuesday

(3 posts) (1 voice)

Started 1 year ago by mikiem2
Latest reply from mikiem2

mikiem2
Moderator

bleepingcomputer[.]com/news/microsoft/microsoft-june-2023-patch-tuesday-fixes-78-flaws-38-rce-bugs/

bleepingcomputer[.]com/news/microsoft/windows-10-kb5026435-and-kb5027215-updates-released/

bleepingcomputer[.]com/news/microsoft/windows-11-kb5027231-cumulative-update-released-with-34-changes/

I haven't seen anyone reporting that this month's update patches any zero days actively being exploited, which is good news. The bad news is that a couple of problems have already surfaced, plus Microsoft released a fix that by default is disabled, with nothing in the way of explanations.

Some people are reporting that KB5027215 for Win10 is taking a long time to install, or won't install. Microsoft also released compatibility updates on Tuesday to improve installing & recovering Windows that are supposed to install automatically. Microsoft does not say that they'll be any help with Windows Update, but if you're stuck it *may* be worth a try. I do not see this KB# in my update history, so either it's combined with the cumulative update, or isn't reaching everyone.

neowin[.]net/news/compatibility-updates-kb5027573-kb5027572-kb5012419-kb5027385-for-windows-1110-out/

support.microsoft[.]com/en-us/topic/kb5027573-compatibility-update-for-installing-and-recovering-windows-11-version-22h2-june-13-2023-ac5708c3-3ad7-4fad-b1f3-446af9c9a88a

Win11 update KB5027231 broke the Chrome browser if you're running Malwarebytes, but a beta fix has been released.

neowin[.]net/news/microsofts-latest-windows-11-patch-tuesday-causes-malwarebytes-to-block-google-chrome/

If you've managed to hang on to Win10 21H2 without Microsoft forcing an update, it hit EOL this week, with no further patches being released for that version.

petri[.]com/microsoft-support-windows-10-version-21h2/

And finally there's the somewhat mysterious fix, KB5028407...

bleepingcomputer[.]com/news/security/microsoft-windows-kernel-cve-2023-32019-fix-is-disabled-by-default/

support.microsoft[.]com/en-us/topic/kb5028407-how-to-manage-the-vulnerability-associated-with-cve-2023-32019-bd6ed35f-48b1-41f6-bd19-d2d97270f080

Microsoft says:

An authenticated user (attacker) could cause an information disclosure vulnerability in Windows Kernel. This vulnerability does not require administrator or other elevated privileges.

The attacker who successfully exploits this vulnerability could view heap memory from a privileged process that is running on the server.

Successful exploitation of this vulnerability requires an attacker to coordinate the attack with another privileged process that is run by another user in the system.

IMPORTANT The resolution described in this article introduces a potential breaking change. Therefore, we are releasing the change disabled by default with the option to enable it. In a future release, this resolution will be enabled by default. We recommend that you validate this resolution in your environment. Then, as soon as it is validated, enable the resolution as soon as possible.

The keys they talk about did not exist in Win10 Home, Pro, or Ent., nor are they present in Win11 Pro or Ent. The easiest way to add them is to copy/paste the following into a new .txt file in Notepad, renaming the file to have an .reg extension [e.g., [SomeName].reg], then double clicking the file to merge it with the registry. Since the value names are different for different versions of Windows, you have to replace the "XXX" with the appropriate name before saving the file.

Windows 10 20H2, 21H2, 22H2: Add a new DWORD registry value named 4103588492

Windows 11 21H2: Add a new DWORD registry value named 4204251788

Windows 11 22H2: Add a new DWORD registry value named 4237806220

Windows Server 2022: Add a new DWORD registry value named 4137142924

---------------

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FeatureManagement]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FeatureManagement\Overrides]
"XXX"=dword:00000001

----------------

Optionally you can also create a .reg file to delete that stuff if you want to, putting things back the way they were.

-------------

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft]

-------------

Posted 1 year ago #
mikiem2
Moderator

bleepingcomputer[.]com/news/microsoft/windows-11-kb5027231-also-breaks-chrome-for-cisco-watchguard-edr-users/

The Windows 11 22H2 KB5027231 cumulative update released during this month’s Patch Tuesday also breaks Google Chrome on systems protected by Cisco and WatchGuard EDR and antivirus solutions.

Posted 1 year ago #
mikiem2
Moderator

bleepingcomputer[.]com/news/microsoft/malwarebytes-issues-fix-for-chrome-broken-by-windows-11-kb5027231/

Malwarebytes has released a fix for the Chrome browser not working after the update.

Posted 1 year ago #

RSS feed for this topic

Reply

You must log in to post.