The Windows updates from Microsoft's March patch day could potentially paralyze Windows Server and force it to restart unplanned. Microsoft has now provided an initial solution. However, IT managers must take action themselves and download and install corrective updates.
Advertisement
The problem: After installing March security update KB5035857 (for Windows Server 2022, different KB numbers for older servers), the Local Security Authority Subsystem Service (LSASS) may have memory leaks on domain controllers (DCs). This can be observed if on-premise or cloud-based Active Directory Domain Controllers send Kerberos authentication requests. This can lead to performance losses or even trigger an unexpected restart in the event of “extreme memory leaks”.
Windows Server: Update after update
In the Windows release health notes for Windows Server 2022, Microsoft has now announced that the developers have provided an out-of-order update with the KB number KB5037422. It is intended to iron out the underlying error that may be causing the problems on domain controllers. However, administrators must download and apply the update manually from the Windows Update catalog.
A search for the KB article in the Windows Update Catalog reveals an update for Windows Server 2022 with status 21H2. The 394.1 MB package replaces the previous March patch for Windows Server 2022 as a cumulative update. The developers recommend not installing the original update on domain controllers, but rather using the new, corrected version directly. The update package can be imported manually into a WSUS server and Configuration Manager.
Since Microsoft writes that Windows Server 2012R2, Windows Server 2016 and Windows Server 2019 are also affected by the problem, further updates are pending. Those affected can now at least equip the current server 2022 with the March security updates.
(dmk)