The March 2024 updates for Windows Server contained a nasty memory leak for Domain Controllers. System Administrators have seen leaks of ~2GB per hour.
Table of Contents
Symptoms
This is pretty typical of what you would expect to see from a memory leak on a computer. Over time you notice an increase in memory usage and system performance degrades until things break. Everything seems to come back fine after a reboot.
- Unusually High Memory Usage
- Performance Problems
- Failing Services
- Problems are “resolved” after a reboot, but come back
Windows Server – LSASS Memory Leaks
I found a post with links to the fixes over at Microsoft TechCommunity. And if you’re extra curious you might also want to check out the Windows Server 2022 Release Health notice put out by Microsoft.
Following installation of the March 2024 security update, released March 12, 2024 (the Originating KBs listed above), Local Security Authority Subsystem Service (LSASS) may experience a memory leak on domain controllers (DCs). This is observed when on-premises and cloud-based Active Directory Domain Controllers service Kerberos authentication requests.
Extreme memory leaks (repoted to be ~2GB per hour in some instances) may cause LSASS to crash, which triggers an unscheduled reboot of underlying domain controllers (DCs).
https://techcommunity.microsoft.com/t5/ask-the-directory-services-team/this-just-in-high-lsass-usage-after-windows-update-3b-march-2024/ba-p/4096250
You might want to wait before patching your Windows DCs. But if you’ve already done the deed and you are seeing the ~2GB of memory leak per hour, here are the Out of Band (OOB) patches for the affected Windows Server versions.
Affected platforms
This chart will point you towards the fix for your Windows Server memory leaks. I’m including the originating KB in case you wish to learn more about how the situation developed.