Microsoft has acknowledged a new issue that affects Windows 10 versions 1809 and newer that causes the Local Security Authority Subsystem Service (LSASS) to fail on some devices, forcing users to reboot the system. Though the problem was reported widely after this month’s Patch Tuesday updates, the company has acknowledged the bug in the known issues section of the KB articles for impacted versions, which also include articles for the May updates.
The LSASS process is tasked with enforcing security policies on a system that verifies user logon, password changes, and more. The problem relates to a failure in the LSASS.exe file which leads to users losing access to any accounts currently active on the machine. This forces users to reboot the machine. A Microsoft Tech Community thread (spotted by BleepingComputer) detailing the problem was first posted on May 27.
The only workaround, for now, is to uninstall the June Patch Tuesday cumulative updates, meaning that users will have to uninstall KB4561608 (1809), KB4560960 (1903 and 1909), or KB4557957 (2004). However, those that skipped the June updates and are still sporting the May patches will have to uninstall KB4551853 (1809) or KB4556799 (1903 and 1909). Users that manually installed the fixes that were rolled out last week for the printer issues will need to roll back those patches.
One of the support forum responses suggests that the company intends to roll out a fix via its July Patch Tuesday updates. Microsoft says that it is working on a resolution, but has not provided any timelines for when the fix will roll out to affected versions of the OS.