Microsoft released urgent updates to fix a problem causing Windows domain controllers to crash after installing the March 2024 Windows Server security updates.
Microsoft released the following emergency Windows Server cumulative updates that should fix the LSASS memory leak and prevent impacted servers from crashing and restarting:
By infosecbulletin
/ Sunday , April 28 2024
This May, Dhaka, Bangladesh, will host Phoenix Summit 2024, a landmark event in the global cyber security arena. Set from...
Read More
By infosecbulletin
/ Saturday , April 27 2024
The worm was first discovered in a 2023 post by security firm Sophos. It became active in 2019 when a...
Read More
By infosecbulletin
/ Friday , April 26 2024
Palo Alto Networks has given urgent advice to the remediation of a critical vulnerability, known as CVE-2024-3400, which attackers have...
Read More
By infosecbulletin
/ Friday , April 26 2024
Organizations across all sectors and of all sizes are too frequently impacted by damaging ransomware incidents. Many of these incidents...
Read More
By infosecbulletin
/ Friday , April 26 2024
According to the report by several Indian media, social media platform Meta will withdraw its entire service from India if...
Read More
By infosecbulletin
/ Friday , April 26 2024
Someone is pretending to be Rajshahi University Vice-Chancellor, Professor Dr. Golam Sabbir Sattar, by creating a fake email account and...
Read More
By infosecbulletin
/ Friday , April 26 2024
Platform BreachForum, bad actor perell, same person who claimed to expose the data of "Bharat Sanchar Nigam Limited" BSNL for...
Read More
By infosecbulletin
/ Thursday , April 25 2024
“Our customers are our utmost priority and we are wholeheartedly dedicated to safe guarding their interests. It has come to...
Read More
By infosecbulletin
/ Thursday , April 25 2024
CISA issued eight advisories about Industrial Control Systems (ICS) on April 25, 2024. The advisories share important information about security...
Read More
By infosecbulletin
/ Thursday , April 25 2024
Google fixed a serious Chrome bug known as CVE-2024-4058 in the ANGLE graphics layer engine along with four vulnerabilities in...
Read More
KB5037422 (Windows Server 2022)
KB5037423 (Windows Server 2016)
“This update resolves a problem with the Local Security Authority Subsystem Service (LSASS) that may cause memory leaks on domain controllers (DCs),”
“The leak occurs when on-premises and cloud-based Active Directory DCs process Kerberos authentication requests. This substantial leak might cause excessive memory usage. Because of this, LSASS might stop responding, and the DCs will restart when you do not expect it.”
To resolve this issue, administrators should download and install the OOB updates from the Microsoft Update Catalog onto affected domain controllers.
If you already installed previous updates for Windows Server, only the new updates included in these packages will be downloaded and installed. Microsoft has not reported any known issues with these emergency updates.
In December 2022, Microsoft fixed additional crashes in Windows Server that were caused by the updates released in November 2022. They also addressed the problem of domain controller reboots that admins had reported in March 2022.