Microsoft has acknowledged a critical memory leak in the March 2024 Windows Server security update, which has caused widespread crashes among Windows domain controllers.
The news comes a few days after Bleeping Computer reported issues, citing complaints from system administrators posted online to platforms like Reddit.
Redmond has confirmed that the issue stems from an update (OS Build 20348.2340, KB5035857) released on March 12. It affects Windows Server 2022, Windows Server 2019, Windows Server 2016, and Windows Server 2012 R2.
Microsoft addresses Windows Server issue
The problem stems from a memory leak within the Local Security Authority Subsystem Service (LSASS) process, introduced in this month’s cumulative update. According to complaints online cited by Bleeping Computer, admins have reported that affected servers have been freezing and restarting unexpectedly, with LSASS memory usage increasing until system failure occurs.
Microsoft also noted that the issue only affects environments in organizations using some Windows Server platforms, meaning that Home devices look to be unaffected by the update.
Recognizing the severity of the issue, Microsoft has assured users that identifying the root cause has allowed it to make progress in actively developing a fix that will arrive in the coming days.
The company also notes this as a known error in the KB5035857 update page, which highlights some of the changes made.
In the meantime, Microsoft states that there is no workaround for the issue – uninstalling the problematic update from affected domain controllers seems to be the only temporary fix.
Moreover, this isn’t the first time Microsoft has encountered LSASS-related issues. In December 2022, a similar memory leak problem affected domain controllers following Windows Server updates, and another similar instance occurred earlier in March 2022.