back to article Microsoft confirms memory leak in March Windows Server security update

If your Windows domain controllers have been crashing since a security update was installed earlier this month, there's no longer any need to speculate why: Microsoft has admitted it introduced a memory leak in its March patches and fixed the issue. Reports of the bug poured in across recent days as sysadmins reported Windows …

  1. DCdave
    Boffin

    Microsoft recommends using DISM not WUSA for uninstall

    Granted that the servicing stack itself is not really relevant to a problematic specific issue like an LSASS memory leak, but Microsoft nonetheless officially recommend using DISM to uninstall cumulative patches:

    [Quote]

    To remove the LCU after installing the combined SSU and LCU package, use the DISM/Remove-Package command line option with the LCU package name as the argument. You can find the package name by using this command: DISM /online /get-packages.

    Running Windows Update Standalone Installer (wusa.exe) with the /uninstall switch on the combined package will not work because the combined package contains the SSU. You cannot remove the SSU from the system after installation.

    [/Quote]

    1. ldo Silver badge

      Re: Microsoft recommends using DISM not WUSA for uninstall

      Not since the days of IBM mainframes have I seen such a litany of gobbledegook. Microsoft truly inherits—nay, snatches—the mantle of most incomprehensible insiderspeak from IBM. The master of the previous generation just isn’t in the same league any more.

  2. 43300 Silver badge

    What isn't clear in what I've read is whether the dodgy update needs to be removed before installing the subsequent patch. Anyone know?

    1. DCdave

      On the 2022 patch page, Microsoft says:

      [Quote]

      If you installed earlier updates, only the new updates contained in this package will be downloaded and installed on your device.

      [/Quote]

      From this, I would infer that no uninstall of the previous patch is required.

  3. WonkoTheSane
    IT Angle

    Smoking gun?

    I wonder if this might be the cause of the recent payment outages at Gregg's / Sainsbury / McDonalds etc?

    1. Lee D Silver badge

      Re: Smoking gun?

      While that's possible, in that case then the REAL cause of the outage is pushing patches to production without adequate testing for a global / multinational / huge company.

      Microsoft's obsession with just letting everything auto-update is the real cause of the problems, and admins having to "step in" for known-bad updates literally days after Patch Tuesday should be extremely rare, rather than a regular occurrence.

      1. sbegrupt

        Re: Smoking gun?

        "Adequate testing" is a rush against the clock when a vendor announces that the patch contains security fixes.

        1. 43300 Silver badge

          Re: Smoking gun?

          Yeah, quite - and the risk of falling foul of the terms of cyber insurance policies if patching is delayed.

  4. steamnut

    Like Boeing too big.

    Like Boeing, Microsoft is showing the same lack of care in readying it's products for release. Testing is being left to the user base. As no one (usually) dies, they get away with it time after time.

    1. ldo Silver badge

      Re: Like Boeing too big.

      As long as their customers keep throwing money at them, where is the incentive to change their behaviour?

      At least there are Government regulators all over the world keeping an eye on Boeing.

  5. ldo Silver badge

    Proofpoint Is A Factor In Some Of That “Data Loss’

    I was trying to correspond with UPS over a laptop shipment about a month ago, to settle the GST payment so they could release the item to me. I sent the payment through, and got my laptop. Then later discovered that none of my emails had actually got through—they had all been blocked by Proofpoint. So the UPS folks were nice enough to see that the bank transfer had gone through without seeing any reply from me, and processed things on that basis.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like