Microsoft had rolled out a Windows Server update for this month’s Patch but it led to instances of domain controllers crashing which Microsoft has also acknowledged in a posting on its site on March 20. Detailing the problem Microsoft said that local security authority subsystem service or (LSASS) which enforces the security policy can crash precipitated by the memory leaks and can lead to a “unscheduled” reboot of the underlying domain controllers.
Microsoft has identified the cause of the problem and has said that it has already started the process to resolve the bugs which will be accomplished in the coming days.
Microsoft also added that the problem only happened in IT environments in organizations using Windows Server platforms and not on home devices.
However, CEO at Syxsense Ashley Leonard added that the patches don’t normally go through the same level of testing by vendors as a full product release and therefore urged the teams to remain proactive and do a robust testing schedule before moving to production.
Leonard said,
“Security teams also need to balance the speed of the roll-out against the risk of delaying patching to allow better testing. If the environment is exposed to vulnerability under active attack, the team might have to accept the risk of mass deploying the patch, understanding that it might occasionally have a negative impact on IT operations, but it’s better than a breach.”
The latest outage and its implications go much beyond operational hiccups according to Callie Guenther, senior manager, cyber threat research at Critical Start. He also pointed out the risks which are associated with the cumulative update model. Such updates even if it is from a single process can seriously affect critical infrastructure operations. He also emphasized the need for a robust testing process before deploying updates in production environments.
The issue was first brought into light by many admins on Wednesday who revealed that servers are freezing and restarting without warning and the bug was traced to a Local Security Authority Subsystem Service (LSASS) process memory leak. One admin also revealed that since the March updates were rolled out, the DCs have reported increasing lsass memory usage.
Microsoft has revealed that the issue will affect all domain controller servers with the latest Windows Server 2012 R2, 2016, 2019, and 2022 updates.
Also Read: Hermès Faces Lawsuit in California for Allegedly Selling Birkins Exclusively to Elite Customers
-
Google’s AI Tells Users To Eat Rocks for Digestion, Add Glue To Their Pizza Amid Other Bizzare Responses
-
Simple steps to recover unplayable and inaccessible videos
-
Unlocking the Web: Top Free VPNs for Chrome in 2024 (freevpnmentor.com)
-
Scarlett Johansson Battles OpenAI: Claims ChatGPT Voice Mimics Hers, Legal Action Underway
-
How to Transfer Files from One Google Drive to Another Quickly | Full Guide
-
Canada Security Head Issues Warnings Regarding Data Breach to Canadian Citizens
-
Google I/O 2024 Discussed In Detail: Gemini AI Comes With New Capabilities
-
ChatGPT-4o: OpenAI Rolls Out Faster and Enhanced Version for Free and Paid Users; Deets Inside