Latest Windows Server Patch Causes LSASS Memory Leaks on Domain Controllers

Latest Windows Server Patch Causes LSASS Memory Leaks on Domain Controllers

Mar 26, 2024 | Computer Support, System Administration

The March 2024 updates for Windows Server contained a nasty memory leak for Domain Controllers. System Administrators have seen leaks of ~2GB per hour.


This is pretty typical of what you would expect to see from a memory leak on a computer. Over time you notice an increase in memory usage and system performance degrades until things break. Everything seems to come back fine after a reboot.

  • Unusually High Memory Usage
  • Performance Problems
  • Failing Services
  • Problems are “resolved” after a reboot, but come back

Windows Server – LSASS Memory Leaks

I found a post with links to the fixes over at Microsoft TechCommunity. And if you’re extra curious you might also want to check out the Windows Server 2022 Release Health notice put out by Microsoft.

Following installation of the March 2024 security update, released March 12, 2024 (the Originating KBs listed above), Local Security Authority Subsystem Service (LSASS) may experience a memory leak on domain controllers (DCs). This is observed when on-premises and cloud-based Active Directory Domain Controllers service Kerberos authentication requests.

Extreme memory leaks (repoted to be ~2GB per hour in some instances) may cause LSASS to crash, which triggers an unscheduled reboot of underlying domain controllers (DCs).

You might want to wait before patching your Windows DCs. But if you’ve already done the deed and you are seeing the ~2GB of memory leak per hour, here are the Out of Band (OOB) patches for the affected Windows Server versions.

Affected platforms

This chart will point you towards the fix for your Windows Server memory leaks. I’m including the originating KB in case you wish to learn more about how the situation developed.

Server VersionsMessage IDOriginating KBResolved KB
Windows Server 2022WI748847KB5035857KB5037422
Windows Server 2019WI748848KB5035849KB5037425
Windows Server 2016WI748849KB5035855KB5037423
Windows Server 2012 R2WI748850KB5035885KB5037426

Travis Fisher

Travis is Inacom’s Executive Vice President, tasked with assisting customers with their web based marketing initiatives. He’s kinda famous for his BBQ. He lives in Easton, MD with his amazing wife, two kids, and two dogs.


Looking For a great IT service provider?

Recent Posts