Microsoft confirms that KB5035857 update is causing serious memory leak problems in Windows Server
Following complaints from large numbers of system administrators, Microsoft has finally acknowledged that there are problems with the recently released KB5035857 update for Windows Server.
The March 2024 security update was released 10 days ago, and it did not take long for users to start experiencing problems. Now Microsoft has confirmed that it is aware of an issue with Kerberos requests on domain controllers which may cause LSASS memory leaks. [UPDATE: there is now a fix available]
See also:
- Microsoft is finally adding a spell checker to Notepad in Windows 11
- KB5035853 update is slowing down Windows 11 and causing other problems for users
- Microsoft Office 2024 will be available without subscription
Microsoft is quick to point out that the issue only affects environments in organizations using some Windows Server platforms, stressing that home users have nothing to be concerned about. But with the problem blighting Windows Server 2022, Windows Server 2019, Windows Server 2016, and Windows Server 2012 R2 the impact is still potentially huge.
In a status update posted to the Windows release health page, Microsoft issues the following advisory:
Following installation of the March 2024 security update, released March 12, 2024 (KB5035857), Local Security Authority Subsystem Service (LSASS) may experience a memory leak on domain controllers (DCs). This is observed when on-premises and cloud-based Active Directory Domain Controllers service Kerberos authentication requests.
Extreme memory leaks may cause LSASS to crash, which triggers an unscheduled reboot of underlying domain controllers (DCs).
Worryingly, Microsoft is yet to come up with a fix, although this should not be too far off as the reasons for the issues have been determined. The company says:
The root cause has been identified and we are working on a resolution that will be released in the coming days. This text will be updated as soon as the resolution is available.
More information and further announcements are available here.
[UPDATE: there is now a fix available]
Image credit: liorpt / depositphotos