Friday, May 2, 2025
HomeCyber Security NewsMicrosoft Releases Out-of-band Update to Fix Windows Server Memory Leak Flaw

Microsoft Releases Out-of-band Update to Fix Windows Server Memory Leak Flaw

Published on

SIEM as a Service

Follow Us on Google News

Microsoft released an out-of-band update, KB5037422, on March 22, 2024, specifically for Windows Server 2022 (OS Build 20348.2342) to address a critical memory leak issue in the Local Security Authority Subsystem Service (LSASS). 

The leak occurred on domain controllers (DCs) after installing the March 2024 security updates (KB5035857) and impacted both on-premises and cloud-based Active Directory DCs during Kerberos authentication requests. 

Excessive memory usage could lead to LSASS crashing and unexpected DC restarts, while the update addresses the LSASS memory leak and improves the overall servicing stack functionality for future Windows updates. 

- Advertisement - Google News

Out-of-band Update

The memory leak vulnerability manifested after installing the KB5035857 update, which was released on March 12, 2024, as the flaw was triggered when DCs processed Kerberos authentication requests, leading to a substantial memory leak. 

Document

Free Webinar : Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities. :

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

AcuRisQ, which helps you to quantify risk accurately:

The excessive memory consumption could cause LSASS to crash, resulting in unexpected domain controller reboots, while the update specifically targets and resolves the critical LSASS memory leak issue. 

It’s essential to apply this update to DCs, especially those that haven’t yet uninstalled the vulnerable KB5035857 update, to prevent potential crashes and subsequent downtime on your domain network.

Microsoft released a servicing stack update (SSU) for Windows Server 2022, KB5035857 (OS Build 20348.2334), which specifically targets the servicing stack component, a critical system function responsible for the deployment of Windows updates. 

Windows Server Racks
Windows Server Racks

By implementing quality improvements to the servicing stack, this SSU enhances its reliability and robustness. Consequently, devices receiving this update will benefit from a more efficient and reliable process for acquiring and installing future Windows updates. 

The improvement is particularly significant for maintaining a healthy and up-to-date Windows Server environment, as timely updates are essential for addressing security vulnerabilities, bug fixes, and new feature implementations.

The update delivers the latest cumulative update (LCU) bundled with the latest servicing stack update (SSU) for Windows 10, improving the reliability of the update process.  

While Microsoft isn’t aware of any issues, the update isn’t available through Windows Update or Windows Update for Business.

Instead, it needed to download from the Microsoft Update Catalog website or leverage Windows Server Update Services (WSUS) for deployment. 

If it is required to remove the LCU after installation, the DISM tool with the LCU package name can be used, but be aware that this won’t remove the SSU.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Dutch Services Disrupted by DDoS Attacks From Russian-Affiliated Hacktivists

Multiple Dutch organizations have experienced significant service disruptions this week due to a series...

Seven Malicious Packages Exploit Gmail SMTP to Run Harmful Commands

A major supply chain security incident has rocked the Python open-source community as researchers...

CISA Issues New ICS Advisories Addressing Critical Vulnerabilities and Exploits

The Cybersecurity and Infrastructure Security Agency (CISA) has issued two new advisories revealing critical...

NVIDIA TensorRT-LLM Vulnerability Let Hackers Run Malicious Code

NVIDIA has issued an urgent security advisory after discovering a significant vulnerability (CVE-2025-23254) in...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Dutch Services Disrupted by DDoS Attacks From Russian-Affiliated Hacktivists

Multiple Dutch organizations have experienced significant service disruptions this week due to a series...

Seven Malicious Packages Exploit Gmail SMTP to Run Harmful Commands

A major supply chain security incident has rocked the Python open-source community as researchers...

CISA Issues New ICS Advisories Addressing Critical Vulnerabilities and Exploits

The Cybersecurity and Infrastructure Security Agency (CISA) has issued two new advisories revealing critical...