About Domain Controller November 2022 Patch LSASS Memory Leak

As you know, Microsoft had released a possible memory leak in the “Local Security Authority Subsystem Service (LSASS.exe)” in various Windows Server versions as of November 2022 and confirming the memory leak in “Local Security Authority Subsystem Service (LSASS.exe)“.

 

The update information is as follows;

  • Windows Server 2019: Update KB5019966
  • Windows Server 2016: Update KB5019964
  • Windows Server 2012 R2: Update KB5020023, Update KB5020010
  • Windows Server 2012: Update KB5020009, Update KB5020003
  • Windows Server 2008 R2 SP1: Update KB5020000, Update KB5020013
  • Windows Server 2008 SP2: OOB-Update KB5021657

The problem can be mitigated with a workaround but issue was resolved in KB5021235.

If you used the above workaround, please see KB5020805:
How to manage Kerberos protocol changes related to CVE-2022-37967 for further information on how to configure KrbtgtFullPacSignature.

Possible memory leak in Local Security Authority Subsystem Service (LSASS.exe) for Windows Server 2016

Possible memory leak in Local Security Authority Subsystem Service (LSASS.exe) for Windows Server 2019

 

Have a nice day!