Microsoft fixes Windows Server bug causing crashes, NTLM auth failures


Microsoft has fixed a known issue causing NTLM authentication failures and domain controller reboots after installing last month’s Windows Server security updates.

According to a Windows health dashboard entry, this issue only affects Windows domain controllers in organizations with a lot of NTLM traffic and few primary DCs.

On affected systems, after deploying the April Windows Server security updates, admins will also see high load and, in rare instances, domain controller reboots due to Local Security Authority Subsystem Service (LSASS) process crashes.

“After installing the April 2024 security update on domain controllers (DCs), you might notice a significant increase in NTLM authentication traffic,” Microsoft says.

“This issue is likely to affect organizations that have a very small percentage of primary domain controllers in their environment and high NTLM traffic.”

Read more…