The Windows June 2023 security patches are here and address these issues
It is the second Tuesday of the month, and that means that Microsoft has released security updates for the Windows operating system, Microsoft Office and other company products.
The Windows updates are available already and will be distributed on most Home systems via Windows Updates. System administrators may expedite the installation of the security updates.
The monthly overview offers information about the released updates. System administrators and home users alike may use the resource as an overview of the Patch Day. It lists all major update releases for Windows, links to support pages and direct downloads, lists all known issues confirmed by Microsoft, and more.
Microsoft released a fix for a Kernel vulnerability, but the mitigation is not enabled. It affects Windows 10 versions 1607, 1809, 20H2, 21H2 and 22H2, Windows 11 version 21H2 and 22H2, and Windows Server 2022. Instructions on enabling the fix are available here. Administrators need to set a Registry key to enable it. Microsoft has not provided a reason yet that explains why the fix is not enabled by default.
Click here to open the May 2023 overview of Windows updates.
Microsoft Windows Security Updates: June 2023
You can download the following Excel spreadsheet. It lists the released security updates of the May 2023 Microsoft Patch Day. Click on the following link to download it: microsoft windows security updates june 2023
Executive Summary
- Microsoft released security updates for all supported client and server versions of Windows. The company has released patches for a total of 73 CVEs for Microsoft products and 22 CVEs for non-Microsoft products.
- Windows 10 version 21H2 has reached end of servicing today. No future updates will be released for the Home, Pro, Pro Education and Pro for Workstations editions of that version of Windows 10. Devices should be updated to Windows 10 version 22H2, which continues to be supported.
- The following Windows client version have known issues: Windows 10 version 21H2 and 22H2, Windows 11 version 21H2 and 22H2
- The following Windows server versions have known issues: Windows Server 2008, Windows Server 2008 R2, Windows Server 2019 and 2022.
Operating System Distribution
- Windows 10 version 21H2: 29 vulnerabilities, 4 critical and 25 important.
- Windows Hyper-V Denial of Service Vulnerability -- CVE-2023-32013
- Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability -- CVE-2023-32015
- Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability -- CVE-2023-32014
- Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability -- CVE-2023-29363
- Windows 10 version 22H2: 29 vulnerabilities, 4 critical and 25 important.
- same as Windows 10 version 21H2.
- Windows 11 version 21H2: 29 vulnerabilities, 4 critical and 25 important
- Windows Hyper-V Denial of Service Vulnerability -- CVE-2023-32013
- Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability -- CVE-2023-32015
- Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability -- CVE-2023-32014
- Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability -- CVE-2023-29363
- Windows 11 version 22H2: 31 vulnerabilities, 4 critical and 27 important
- same as Windows 11 version 21H2
Windows Server products
- Windows Server 2008 R2 (extended support only): 18 vulnerabilities: 3 critical and 15 important
- Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability -- CVE-2023-32015
- Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability -- CVE-2023-32014
- Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability -- CVE-2023-29363
- Windows Server 2012 R2: 23 vulnerabilities: 3 critical and 20 important
- same critical vulnerabilities as Windows Server 2008 R2
- Windows Server 2016: 28 vulnerabilities: 3 critical and 25 important.
- same critical vulnerabilities as Windows Server 2008 R2
- Windows Server 2019: 32 vulnerabilities: 4 critical and 28 important.
- Windows Hyper-V Denial of Service Vulnerability -- CVE-2023-32013
- Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability -- CVE-2023-32015
- Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability -- CVE-2023-32014
- Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability -- CVE-2023-29363
- Windows Server 2022: 34 vulnerabilities: 4 critical and 30 important.
- same as Windows Server 2019
Windows Security Updates
Windows 10 version 21H2 and 22H2
- Support Page: KB5027215
Updates and improvements:
- Fixes the copy, save and attach files issue that affects some 32-bit apps that use a specific API.
- Addresses CVE-2023-32019 that affects Windows Kernel. Additional information about the information disclosure vulnerability is available here.
- Plus the non-security updates released as a preview in May 2023.
Windows 11 Release version
- Support Page: KB5027223
Updates and improvements:
- Fixes the copy, save and attach files issue that affects some 32-bit apps that use a specific API.
- Addresses CVE-2023-32019 that affects Windows Kernel. Additional information about the information disclosure vulnerability is available here.
- Fixes a compatibility issue caused by unsupported use of the Registry (no details provided).
- Plus, the non-security updates released as a preview in May 2023.
Windows 11 version 22H2
- Support Page: KB5027231
Updates and improvements:
- Fixes the copy, save and attach files issue that affects some 32-bit apps that use a specific API.
- Addresses CVE-2023-32019 that affects Windows Kernel. Additional information about the information disclosure vulnerability is available here.
- Fixes a compatibility issue caused by unsupported use of the Registry (no details provided).
- Plus, the non-security updates released as a preview in May 2023.
Other security updates
2023-06 Cumulative Update for Windows 10 Version 1507 (KB5027230)
2023-06 Dynamic Cumulative Update for Windows 10 Version 22H2 and Windows 10 Version 21H2 (KB5027215)
2023-06 Dynamic Cumulative Update for Windows 11 (KB5027223)
2023-06 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5027225)
2023-06 Cumulative Update for Windows 11 Version 22H2 (KB5027231)
Server
2023-06 Security Only Quality Update for Windows Server 2008 (KB5027277)
2023-06 Security Monthly Quality Rollup for Windows Server 2008 (KB5027279)
2023-06 Security Only Quality Update for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5027256)
2023-06 Security Monthly Quality Rollup for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5027275)
2023-06 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012 (KB5027281)
2023-06 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB5027283)
2023-06 Security Monthly Quality Rollup for Windows Server 2012 R2 (KB5027271)
2023-06 Security Only Quality Update for Windows Server 2012 R2 (KB5027282)
2023-06 Cumulative security Hotpatch for Azure Stack HCI, version 21H2 and Windows Server 2022 Datacenter: Azure Edition for x64-based Systems (KB5027319)
2023-06 Cumulative Update for Windows Server 2016 and Windows 10 Version 1607 (KB5027219)
2023-06 Cumulative Update for Windows Server 2019 and Windows 10 Version 1809 (KB5027222)
2023-06 Servicing Stack Update for Windows Server 2012 R2 (KB5027574)
2023-06 Servicing Stack Update for Windows Embedded 8 Standard and Windows Server 2012 (KB5027575)
.NET Framework
2023-06 Security Only Update for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012 (KB5027107)
2023-06 Security Only Update for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5027108)
2023-06 Security Only Update for .NET Framework 4.8 for Windows Server 2012 R2 (KB5027109)
2023-06 Security Only Update for .NET Framework 4.8 for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5027110)
2023-06 Security Only Update for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012 (KB5027111)
2023-06 Security Only Update for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012 R2 (KB5027112)
2023-06 Security Only Update for .NET Framework 4.6.2 for Windows Embedded Standard 7, Windows Server 2008 R2, and Windows Server 2008 (KB5027113)
2023-06 Security Only Update for .NET Framework 2.0, 3.0 for Windows Server 2008 (KB5027114)
2023-06 Security Only Update for .NET Framework 3.5.1 for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5027115)
2023-06 Security Only Update for .NET Framework 3.5 for Windows Server 2012 R2 (KB5027116)
2023-06 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5027126)
2023-06 Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2012 R2 (KB5027128)
2023-06 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5027129)
2023-06 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012 (KB5027132)
2023-06 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012 R2 (KB5027133)
2023-06 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows Server 2008 R2, and Windows Server 2008 (KB5027134)
2023-06 Security and Quality Rollup for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012 (KB5027138)
2023-06 Security and Quality Rollup for .NET Framework 2.0, 3.0 for Windows Server 2008 (KB5027139)
2023-06 Security and Quality Rollup for .NET Framework 3.5.1 for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5027140)
2023-06 Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012 R2 (KB5027141)
2023-06 Security Only Update for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5027531)
2023-06 Security Only Update for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5027532)
2023-06 Security Only Update for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 (KB5027533)
2023-06 Security Only Update for .NET Framework 2.0, 3.0, 4.6.2 for Windows Server 2008 (KB5027534)
2023-06 Security and Quality Rollup for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7 and Windows Server 2008 R2 (KB5027540)
2023-06 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5027541)
2023-06 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 (KB5027542)
2023-06 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.6.2 for Windows Server 2008 (KB5027543)
2023-06 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 10 Version 22H2 and Windows 10 Version 21H2 (KB5027117)
2023-06 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11 (KB5027118)
2023-06 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2 (KB5027119)
2023-06 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system version 21H2 for x64 (KB5027121)
2023-06 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 22H2 and Windows 10 Version 21H2 (KB5027122)
2023-06 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10 Version 1607 (KB5027123)
2023-06 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 2019 and Windows 10 Version 1809 (KB5027124)
2023-06 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 11 (KB5027125)
2023-06 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2 for x64 (KB5027127)
2023-06 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows Server 2019 and Windows 10 Version 1809 (KB5027131)
2023-06 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system, version 22H2 for x64 (KB5027535)
2023-06 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows Server 2019 and Windows 10 Version 1809 (KB5027536)
2023-06 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2 (KB5027537)
2023-06 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 (KB5027538)
2023-06 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 11 (KB5027539)
2023-06 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Microsoft server operating system version 21H2 for x64 (KB5027544)
Known Issues
Windows 10 versions 21H2 and 22H2
- (Old) Custom installations may not receive the new Microsoft Edge web browser, while the old version may be removed.
- Workaround described on the support page.
Windows 11 version 21H2
- (Old) Some Windows devices with third-party user interface customizations may not start up after installing this update or future updates.
- Microsoft recommends uninstalling the third-party UI customization applications before installing this update, or updating them, if updates are available. Check out our support article for additional information on the issue.
Windows 11 version 22H2
- (Fixed) Some applications may "have intermittent issues with speech recognition, expressive input, and handwriting when using Chinese or Japanese languages".
- To mitigate the issue, do the following: close the app that is having the issues, then open Task Manager and end the ctfrmon.exe process. The app should now be ready for use again.
- (Old) Provisioning packages may not work as expected. Windows may only be configured partially and the " Out Of Box Experience might not finish or might restart unexpectedly".
- Provisioning the Windows device before upgrading to Windows 11 version 22H2 fixes the issue.
Security advisories and updates
- ADV 990001 -- Latest Servicing Stack Updates
Non-security updates
2023-06 Dynamic Update for Windows 10 Version 1507 (KB5027385)
2023-06 Dynamic Update for Windows 10 Version 1607 (KB5027386)
2023-06 Dynamic Update for Windows 11 (KB5027572)
2023-06 Dynamic Update for Windows 10 Version 22H2 (KB5027389)
2023-06 Dynamic Update for Microsoft server operating system, version 22H2 for x64-based Systems (KB5027388)
Microsoft Office Updates
You find Office update information here.
How to download and install the June 2023 security updates
Security updates are downloaded and installed automatically on most Windows home systems thanks to the automatic updating functionality. Administrators may speed up the installation of updates by either downloading and installing updates manually, or by using Windows Update to check for updates.
Do the following to run a manual check for updates:
- Select Start, type Windows Update and load the Windows Update item that is displayed.
- Select check for updates to run a manual check for updates.
Direct update downloads
Below are resource pages with direct download links, if you prefer to download the updates to install them manually.
Windows 10 Version 21H2
- KB5027215 -- 2023-06 Cumulative Update for Windows 10 Version 21H2
Windows 10 version 22H2
- KB5027215 -- 2023-06 Cumulative Update for Windows 10 Version 21H2
Windows 11 Release version
- KB5027223 -- 2023-06 Cumulative Update for Windows 11
- KB5027231 -- 2023-06 Cumulative Update for Windows 11 version 22H2
Additional resources
- June 2023 Security Updates release notes
- List of software updates for Microsoft products
- List of the latest Windows Updates and Services Packs
- Security Updates Guide
- Microsoft Update Catalog site
- Our in-depth Windows update guide
- How to install optional updates on Windows 10
- Windows 11 Update History
- Windows 10 Update History
so still no FIX for the Windows11 May update that broke VPN connections?
This june update breaks Chrome if you are using Malwarebytes with W11.
https://forums.malwarebytes.com/topic/299100-june-2023-update-kb5027231-prevents-google-chrome-from-displaying/
How can anyone with a brain consider Microsoft reliable or trustworthy enough to have unfettered access to their personal computer. I have updates turned off and only allow updating after updates have been reviewed and passed by the folks at AskWoody.com.
Microsoft want force upgrade to windows 11 TPM with their polemic kb5027408
“Known Issues
Windows 10 versions 21H2 and 22H2
(Old) Custom installations may not receive the new Microsoft Edge web browser, while the old version may be removed. ”
Yay! Never installed Edge on Win10 anyway.
No sound after these 2 june updates.
Sound settings and voice meter detect sound playing, nothing come from speakers. Worked seconds before update/restart….
Do seek if any optional driver update is available. I had one driver to update after installed.
Here there is the content for *.reg files to apply the fix for the kernel exploit for Windows 10 versions 1607, 1809, 20H2, 21H2 and 22H2, Windows 11 version 21H2 and 22H2, and Windows Server 2022:
https://support.microsoft.com/en-us/topic/kb5028407-how-to-manage-the-vulnerability-associated-with-cve-2023-32019-bd6ed35f-48b1-41f6-bd19-d2d97270f080
For Windows 11 22H2:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FeatureManagement\Overrides]
“4237806220”=dword:00000001
For Windows 11 21H2:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FeatureManagement\Overrides]
“4204251788”=dword:00000001
For Windows 10 20H2, 21H2, 22H2:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FeatureManagement\Overrides]
“4103588492”=dword:00000001
For Windows Server 2022:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FeatureManagement\Overrides]
“4137142924”=dword:00000001
For Windows 10 1607, 1809:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Configuration Manager]
“LazyRetryOnCommitFailure”=dword:00000000
A friend of mine that it’s using W11 has seen this error after applied this June update:
“Bitlocker key is held in TPM (ftpm) changing disk to another system it can’t ind the key. Bitlocker should have been disabled on original configuration first. Press Y to reset ftpm. If you have bitlocker or encryption enabled the system will not not without a recovery key. Press N to keep previous ftpm record. And continue system reboot. Ftpm will not enable in new cpu. You can swap back to the old cpu to B recover tpm related keys and date.”
He hasn’t Bitlocker so he selected the “Y” option and then he was able to enter the account pin again (he previously needed to paste a code from a sent message by internal Microsoft account security to his e-mail service). So weird indeed. :S
Thank you Martin for helping me understand Windows 10 version 22H2 – 29 vulnerabilities, 4 critical and 25 important updates.
This helped me understand what I was doing when I updated to Windows 10 Pro. 22H2 (OS build 19045.3086.)
What’s weird to me is that I don’t see any of Microsoft’s past 3 zero-day exploits being mentioned in the recent monthly security patch update articles:
CVE-2023-29336 – Microsoft Win32K Privilege Escalation Vulnerability
CVE-2023-28252 – Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
CVE-2019-1388 – Microsoft Windows Certificate Dialog Privilege Escalation Vulnerability
I’m assuming that they send out patches on the day that the zero-day is announced, but wouldn’t they do something on their monthly security patch day to ensure computers have received these most critical patches?
There should be weekly high speed patches for the severe and dangerous exploits and then some monthly minor patches or any other features that can be added in some way. There is no possible logic in waiting an entire long month to just release fixes that aren’t enabled by default, or even not include the most severe zero-day ones at all! Just big fault by them!
Yes I guess you are right John G. Still seems like they should be mentioned as part of the entire month’s security wrap-up by Microsoft.
“Microsoft released a fix for a Kernel vulnerability, but the mitigation is not enabled.”
This is quite unacceptable. If a fix is released just enable it, the system is on risk! :[
A few days ago, I used the updated Windows 11 .iso which seemed to work fine and have all the details:
https://betanews.com/2023/06/07/now-you-can-download-the-updated-windows-11-22h2-iso-from-microsoft/
Nice idea, I will wait for version 23H2 to do the same updating method if required sometime.