Microsoft Windows Kernel Information Disclosure Vulnerability

A vulnerability in the Windows Kernel allows an authorized attacker to locally disclose sensitive information. This issue could potentially be exploited to reveal certain memory addresses within kernel space, which an attacker might leverage for malicious activities.

Impact

Exploitation of this vulnerability could lead to unauthorized information disclosure, specifically revealing sensitive memory addresses within the kernel, potentially facilitating further attacks.

Remediation

Users can download the security update for this vulnerability via the Microsoft Update Catalog. Security update KB5066836 is available for Windows Server 2016 and Windows Server 2019. For Windows Server 2022, the security update is part of the 23H2 edition (Server Core installation). Windows Server 2025 and its Server Core installation also have this update available. Users can refer to the respective Knowledge Base articles for more information.