Microsoft: KB5036909 Windows Server update causing NTLM traffic, LSASS crash issues on DCs [Update]


A few days ago, Microsoft confirmed it had fixed a longstanding “65000″ BitLocker encryption reporting error on Windows Intune. These types of issues can often affect a large number of systems as they are deployed on managed devices across enterprises.

Yesterday, Microsoft confirmed a new issue for Windows Server domain controllers (DCs) as it has cautioned that IT and system administrators may notice a large increase in NTLM authentication traffic. The tech giant has confirmed that this spike is caused as a result of a bug in the latest April 2024 Patch Tuesday (KB5036909) for Windows Servers, and it affects all Server OS versions, from 2008 all the way up to the latest Windows Server 2019 and 2022.

Windows NTLM, or New Technology LAN Manager, is a suite of security protocols that helps to authenticate and verify users’ identity, and it is something Microsoft wishes to eventually disable in Windows 11.

Read more…