Patch for 5 New Zero-Day Vulnerabilities Released by Microsoft with November 2023 Update
November 16, 2023
Artificial Intelligence and Privacy – Issues and Challenges in 2023
November 18, 2023
The problem, which caused blue screens and boot failures, was initially reported by Windows administrators following the deployment of the October cumulative update, KB5031364. The issue specifically affected VMs on VMware ESXi hosts using an AMD Epyc processor, with certain settings enabled such as “Expose IOMMU to guest OS” and Virtualization Based Security.
To resolve this, Microsoft released the KB5032198 update during a recent Patch Tuesday, effectively fixing the boot-up failures and blue screen errors. For those unable to immediately apply the latest update, temporary solutions were suggested, such as disabling the “Expose IOMMU to guest OS” option in the VM settings or, as a last resort, uninstalling the problematic KB5031364 update, though this would also remove all the security patches included in it.
These issues are not new to Microsoft’s Windows Server updates. Previously, in late 2022 and early 2023, Microsoft had to release out-of-band updates to fix problems related to Hyper-V VMs booting and the creation of new VMs on specific hosts. A similar issue was also acknowledged earlier this year affecting VMware ESXi VMs with Secure Boot enabled, following the February 2023 cumulative updates. In response, VMware swiftly issued emergency updates for vSphere ESXi to address the root cause of these VMs’ inability to find a bootable operating system.
