Category: Microsoft|May 10, 2024 | Author: Admin

April Windows Server updates also cause crashes, reboots

Share on

Microsoft has confirmed that last month's Windows Server security updates may also cause domain controller reboots after the Local Security Authority Subsystem Service (LSASS) process crashes.

LSASS is a Windows service that handles security policies, user logins, access token creation, and password changes.


The list of impacted Windows versions and buggy security updates includes Windows Server 2022 (KB5036909), Windows Server 2019 (KB5036896), Windows Server 2016 (KB5036899), Windows Server 2012 R2 (KB5036960), Windows Server 2012 (KB5036969), Windows Server 2008 R2 (KB5036967), and Windows Server 2008 (KB5036932).


"In rare instances, Windows Servers running the Domain Controller (DC) role might experience Local Security Authority Subsystem Service (LSASS) crashes resulting in a reboot," Microsoft explains in a new update added to the Windows release health dashboard.


Microsoft released emergency out-of-band (OOB) updates to resolve other Windows Server crash issues caused by LSASS memory leaks after installing the March 2024 Windows Server security updates.


The company addressed other LSASS crash issues in December 2022 and March 2022 after widespread admin reports of domain controller reboots.


NTLM auth failures and VPN issues

As previously acknowledged by Microsoft, the April 2024 Windows security updates are also causing NTLM authentication failures and high load on impacted domain controllers.


Additionally, users across client and server Windows platforms are also being impacted by VPN connection failures.


While Redmond has yet to provide information on the root cause and is still working on a fix, small and large enterprise customers are advised to reach out through the "Support for Business" portal and home users to use the Windows Get Help app if they need support.


Currently, there is no official workaround on affected systems until Microsoft releases a fix. However, you can still temporarily fix these known issues by uninstalling the security problematic updates.


"To remove the LCU after installing the combined SSU and LCU package, use the DISM/Remove-Package command line option with the LCU package name as the argument. You can find the package name by using this command: DISM /online /get-packages," Microsoft says.


However, it's also important to note that Redmond also includes security fixes in the Patch Tuesday cumulative update; hence, removing the April 2024 updates to resolve the domain controller, NTLM, and VPN issues will also wipe all fixes for patched security vulnerabilities.

Sponsored Ads:


Smart mobile function on its way to Windows

Category: Microsoft|May 28, 2024 | Author: Admin

The camera upgrade will be fantastic

Category: IT|May 27, 2024 | Author: Admin

Microsoft battens security hatches on Windows admin accounts

Category: Microsoft|May 26, 2024 | Author: Admin

Apple will not be alone in this

Category: Apple|May 25, 2024 | Author: Admin

Spotify gadgets become trash in December

Category: General|May 24, 2024 | Author: Admin

Need to share passwords?

Category: Google|May 23, 2024 | Author: Admin

Gets cool function soon

Category: Google|May 22, 2024 | Author: Admin

Will be open source

Category: IT|May 21, 2024 | Author: Admin

Frustration grows over Google's AI Overviews feature, how to disable

Category: Google|May 20, 2024 | Author: Admin

Is a tablet for NOK 3,800 good enough? - "OnePlus Pad Go"

Category: IT|May 19, 2024 | Author: Admin

Microsoft is ending Edge support on computers without SSE3

Category: Microsoft|May 18, 2024 | Author: Admin

Gratulerer med 17. mai!

Category: General|May 17, 2024 | Author: Admin

Now many can try Android 15

Category: Google|May 16, 2024 | Author: Admin

Apple has released iOS 17.5

Category: Apple|May 15, 2024 | Author: Admin

Toshiba demonstrates 30TB+ HDDs using HAMR and MAMR technologies — customer sampling scheduled for 2025

Category: IT|May 14, 2024 | Author: Admin