Available since June 15, the latest Patch Tuesday fixes a plethora of bugs and security flaws in Microsoft software. But it can also cause a big problem with Windows, as the publisher points out.
On June 15, 2023, Microsoft deployed its famous Patch Tuesday, this set of patches that the publisher publishes on the second Tuesday of each month, to fix bugs, but also, and above all, to fill recently identified security vulnerabilities and, sometimes , already exploited by hackers. The last delivery was no exception to the rule, by accumulating some 78 patches, 6 of which seal breaches qualified as critical. Nothing unusual from the past. However, the June Patch Tuesday differs from the previous ones on several details. And in particular the fact that it can itself generate a stability problem, as Microsoft officially recognized just after its release.
As always for Windows, Patch Tuesday results in the installation of a “cumulative update” materialized by a new version of the system, the famous KBxxxxx with variations for each version of Windows: namely, KB5027215 for Windows 10 21H2 and 22H2, KB5027223 for Windows 11 and KB5027231 for Windows 11 22H2 (see our article on Builds and KBs). Let’s go over the countless flaws in the still poetic references corrected by Microsoft (CVE-2023-32013, CVE-2023-32015, CVE-2023-32014, CVE-2023-29363CVE-2023-32015, CVE-2023-32014 and CVE-2023-29363…), the nature and risks of which they pose will only be of interest to security experts.
The most important thing to note, and for all users this time, is that these updates are not always painless. Whether it’s Windows 10 or Windows 11, several netizens have reported that the installation was problematic via Windows Update, with a very long process or even simply blocked. Some anointed even noted an endless cleaning operation after restarting the PC, sometimes resulting in a return to square one, without installing the update. Only solution mentioned, while waiting for Microsoft to find an official remedy, uninstalling the update (see our practical sheet)… even if it did not succeed! And for some users, the update crashes Google Chrome because of MalwareBytes, the famous security tool.
Patch Tuesday June 2023: a patch disabled by default
Even more surprising and more annoying, it seems that one of the patches included in Patch Tuesday causes a fatal bug in the Windows kernel (10 and 11), the very heart of the operating system. This patch was originally intended to fix the CVE-2023-32019 vulnerability, a potentially dangerous flaw, but not an immediate threat for most users. According to Microsoft, “An authenticated user (attacker) can cause an information disclosure vulnerability in the Windows kernel. This vulnerability does not require administrator privileges or other elevated privileges. An attacker who successfully exploited this vulnerability could see the heap memory of a privileged process running on the server.“The catch is that the patch itself can open a loophole, according to the publisher:”IMPORTANT: The fix described in this article introduces a potential breakage. Therefore, we are releasing the change disabled by default with the option to enable it. In a future release, this resolution will be enabled by default. We recommend that you validate this resolution in your environment. Then, as soon as it is validated, activate the resolution as soon as possible.“
Clearly, to prevent its patch from doing more harm than good by weakening the Windows kernel, Microsoft preferred to deactivate this patch while waiting to find a solution… And in order not to take any risks, by transferring the responsibility to the users. themselves, the publisher indicates the procedure to follow to activate this famous cursed patch in the different versions of Windows (from Windows 10 1607 to Windows 11 22H2). We believe we are dreaming! but we shouldn’t really be surprised at anything when we see in what perfect mess Microsoft has been developing Windows lately (see our rant)…
Anyway, and without touching anything, we were able to install Patch Tuesday with Windows 11 Build 22621.1848 on several PCs without encountering the slightest problem. Even better, some readers have reported to us that they felt better on their PC after installation, with smoother operation. Insofar as the problems reported do not seem to be the majority, it seems reasonable to apply the June 2023 Patch Tuesday, if only to fill in the identified flaws.
Finally, to conclude on the big ball of developments, note that Microsoft has announced that the Moment 3 update for Windows 11, which brings several small improvements (see our article) will be installed automatically on all compatible PCs from the month of July, while it is still optional. Are you still following? Cheer !