Earlier this week, Microsoft confirmed problems with LSASS (Local Security Authority Subsystem Service) memory leaks on several Windows Server versions, which could trigger an unscheduled reboot of domain controllers. Shortly after, the company pushed an out-of-band update to resolve the problem.
A series of unscheduled updates is now available on the Microsoft Update Catalog for several Windows Server versions. Windows Server 2022 received KB5037422, Windows Server 2016 received KB5037423, and Windows Server 2012 R2 received KB5037426. Microsoft says the update for Windows Server 2019 will arrive "in near term."
Microsoft has identified an issue that affects Windows Server domain controllers (DCs), and has expedited a resolution that can be applied to affected devices. Out-of-band (OOB) updates have been released for some versions of Windows today, March 22, 2024, to addresses this issue related to a memory leak in the Local Security Authority Subsystem Service (LSASS). This occurs when on-premises and cloud-based Active Directory domain controllers service Kerberos authentication requests.
Updates are available on the Microsoft Update Catalog only. These are cumulative updates, so you do not need to apply any previous update before installing them, and they supersede all previous updates for affected versions. If your organization uses the affected server platforms as DCs and you haven’t deployed the March 2024 security updated yet, we recommend you apply this OOB update instead. For more information and instructions on how to install this update on your device, consult the below resources for your version of Windows:
It is worth adding that the problem with memory leaks in LSASS should not bother regular home users with personal devices. The issue was only observed in Windows Server, plus domain controllers are not something regular customers use on their computers.
What does affect most Windows 10 and 11 users is the expanded rollout of Copilot. Microsoft recently published a notification that its new AI-powered assistant is rolling out to more eligible devices. The rollout is scheduled to be completed by the end of May 2024.