Happy Friday my friend,
Microsoft has confirmed that a memory leak introduced with the March 2024 Windows Server security updates is behind a widespread issue causing Windows domain controllers to crash. The update causes a memory leak in the Local Security Authority Subsystem Service (LSASS) on Active Directory (AD) domain controllers that eventually grinds systems to a halt.
The reason this is such an issue is that AD controllers are responsible for authenticating users when they log on to office workstations. If it's down, your staff might not be able to work.
The Takeaway
While employees may still be able to log into their workstations using cached credentials, other network devices such as scanners and WiFi captive portals won't be able to authenticate. So, in short, if you're a network administrator it's best to get ahead of this problem.
Temporary workaround. Until Microsoft releases a fix for this severe memory leak issue and if you don't want to monitor the affected systems' memory usage and keep rebooting them, it's best to remove the troublesome updates from your domain controllers.
To do this from an elevated command prompt, run: wusa /uninstall /kb:5035855
wusa /uninstall /kb:5035849
wusa /uninstall /kb:5035857
That should do it. Stay safe out there.
-Attila
PS. If you think this email might be of value to a friend or colleague, feel free to forward it along.
PPS. I get lots of eye rolls on these Friday funnies. Do you have a good one to share? If so, reply and send it on over!
New Friday Funnies
Why is it so hard to throw a party in outer space?
You have to planet.