Overview
KB5035885, released on March 12, 2024, is a Monthly Rollup update for Windows Server 2012 R2. This cumulative security update includes improvements from the previous update KB5034819 and addresses various security vulnerabilities. It is particularly relevant for organizations still using Windows Server 2012 R2, which has reached its end of support as of October 10, 2023. Extended Security Updates (ESUs) are available for purchase, allowing continued security updates until October 13, 2026. The update is crucial for maintaining security and compliance in environments that rely on this operating system, especially for domain controllers (DCs).
General Purpose
The primary purpose of KB5035885 is to enhance the security and reliability of Windows Server 2012 R2. This update addresses a significant issue where the Local Security Authority (LSA) may fail when interfacing with third-party software, which can lead to potential security vulnerabilities. Additionally, it includes improvements that help mitigate memory leaks in the Local Security Authority Subsystem Service (LSASS) on domain controllers, which is critical for organizations using Active Directory. The update is part of Microsoft's ongoing commitment to provide security updates for legacy systems under the ESU program, ensuring that organizations can continue to operate securely while planning for future upgrades.
General Sentiment
The general sentiment regarding KB5035885 is mixed. While the update is essential for maintaining security on Windows Server 2012 R2, users have reported significant issues, particularly concerning memory leaks in LSASS on domain controllers. This problem can lead to unscheduled reboots, which poses a risk for organizations relying on these systems for critical operations. However, Microsoft has acknowledged these issues and provided a subsequent update (KB5037426) to address them. Users are advised to carefully consider the implications of installing this update, especially in production environments, and to stay informed about the latest patches and fixes.
Known Issues
- LSASS may experience a memory leak on domain controllers after installing KB5035885, affecting Kerberos authentication requests.
- Excessive memory leaks can cause LSASS to crash, leading to unscheduled reboots of domain controllers.
- This issue does not affect Home devices and is specific to organizational environments using certain Windows Server platforms.
- A fix for this issue is available in update KB5037426.
Disclaimer: We take measures to ensure that AI-generated content is of the highest possible quality, but we cannot guarantee its accuracy and recommend that users do their own independent research. Generated on 2024-12-22 03:23 AM