Microsoft released security update KB5028407 on August 15, which fixed a security vulnerability labeled CVE-2023-32019 for its supported operating system versions, including Win10, Win11, and Windows Server. The vulnerability was originally discovered by Mateusz Jurczyk, a security researcher on Google's Project Zero team. Although the vulnerability is rated 4.7/10 (medium severity), Microsoft considers it to pose a certain risk and is therefore assessed as "important"
It is understood that this vulnerability The main problem is that it allows authenticated users (i.e. potential attackers) to access memory in a privileged process without requiring administrator privileges, potentially obtaining some sensitive information. It is important to note that successful exploitation of this vulnerability requires a coordinated attack between the attacker and other privileged processes on the system. This means that an attacker would need to cooperate with another privileged process running on the system to successfully exploit this vulnerability. Threats, Microsoft strongly recommends users to install June and later security updates as soon as possible. Users can obtain these important security updates through various methods, such as using Windows Update. By keeping the system updated, users can reduce the risk of the system facing potential threats and improve the overall security of the system. It should be emphasized that the security updates released this time are not only applicable to Windows 11, but also to Windows 10. and Windows Server and other operating system versions. For users using these operating system versions, timely installation of these security updates is one of the important measures to ensure system security. Keeping your operating system up to date is one of the key steps to prevent security risks. Users should pay close attention to Microsoft's security notices and take necessary measures to ensure the security of their digital information
The above is the detailed content of Microsoft releases a new security update to fix the risk of memory information leakage in Win10/Win11 (KB5028407). For more information, please follow other related articles on the PHP Chinese website!