All articles tagged with #domain controllers
Researchers have discovered a new technique called Win-DDoS that exploits flaws in Windows LDAP and RPC protocols to turn public domain controllers into a powerful botnet for DDoS attacks, without requiring code execution or credentials, and identified multiple related DoS vulnerabilities that can be exploited remotely or internally, challenging assumptions about internal system safety.
Microsoft has released emergency out-of-band updates to address a memory leak in the LSASS process causing Windows domain controllers to crash after installing the March 2024 Windows Server security updates. The issue affects servers with the latest Windows Server 2012 R2, 2016, 2019, and 2022 updates, leading to ballooning memory usage and unexpected reboots. Admins can download and install the emergency updates from the Microsoft Update Catalog to resolve the problem.
The March 2024 Windows Server updates are causing domain controllers to crash and reboot due to a memory leak in the Local Security Authority Subsystem Service (LSASS) process. Admins are advised to uninstall the KB5035855 and KB5035857 updates as a temporary workaround until Microsoft officially addresses the issue. This is not the first time LSASS memory leaks have affected domain controllers, with similar issues reported in December 2022 and March 2022.