KB5037782: Microsoft fixes Windows NTLM bug KB5036909, no word on LSASS crashes – Neowin

0
KB5037782: Microsoft fixes Windows NTLM bug KB5036909, no word on LSASS crashes – Neowin

By Sayan Sen

Neowin
·



View full version

Earlier this month, Microsoft confirmed that a Windows Server update KB5036909 was buggy, causing spikes in NTLM traffic in domain controllers (DCs). The tech giant later added that in some cases LSASS crashes also occurred, leading to a system reboot.

With the latest Windows Server Patch Tuesday update, Microsoft has fixed this issue. He notes on the Windows Health Dashboard website:



Resolution: This issue was fixed by Windows Updates released on May 14, 2024 (KB5037782) and later. We recommend that you install the latest security update for your device. It contains important improvements and issue fixes, including this one.

The resolution was also listed in the highlights of KB5037782. However, there is no specific mention of LSASS crashes, which may or may not be fixed:

This update addresses a known issue that could affect domain controllers (DCs). NTLM authentication traffic may increase.

The full list of improvements in server update KB5037782 is shown below:

  • This update addresses a known issue that could affect domain controllers (DCs). NTLM authentication traffic may increase.

  • This update addresses an issue that affects IE mode. A web page stops working as expected when a modal dialog box is opened.

  • This update addresses an issue that affects IE mode. He no longer responds. This happens if you press the left arrow key when an empty text box has focus and cursor navigation is enabled.

  • This update addresses an issue that affects Wi-Fi Protected Access 3 (WPA3) in Group Policy Editor. HTML preview fails to render.

  • This update addresses an issue that affects a server after it is removed from a domain. THE Get-LocalGroupMember The cmdlet throws an exception. This happens if local groups contain domain members.

  • This update affects Next Secure Record 3 (NSEC3) validation in a recursive resolver. Its limit is now 1,000 calculations. A calculation is equivalent to validating a label with one iteration. DNS server administrators can change the default number of calculations. To do this, use the registry setting below.

  • This update addresses an issue that affects a network. An error occurs when the credentials expire.

  • This update resolves an issue that occurs when you use LoadImage() to load a descending bitmap. If the bitmap has a negative height, the image does not load and the function returns NULL.

  • This update includes quarterly changes to the Windows kernel vulnerable driver blocklist file, DriverSiPolicy.p7b. It is added to the list of drivers who are at risk of being victims of BYOVD (Bring Your Own Vulnerable Driver) attacks.

  • This update addresses an issue that affects a desktop that is not in a domain. When you connect to a share and use an IPV6 address, you get the “ERROR_BAD_NET_NAME” error.

  • This update addresses a known issue that could cause your VPN connection to fail. This occurs after installing the update dated April 9, 2024 or later.

  • This update addresses an issue that may affect Virtual Secure Mode (VSM) scenarios. They might fail. These scenarios include VPN, Windows Hello, Credential Guard, and Key Guard.

  • This update addresses an issue that affects the redirection of Group Policy folders in a multi-forest deployment. The issue prevents you from choosing a group account in the target domain. For this reason, you cannot apply advanced folder redirection settings to this domain. This issue occurs when the target domain has a one-way trust with the administrator user’s domain. This issue affects all Enhanced Security Admin Environment (ESAE), Hardened Forests (HF), or Privileged Access Management (PAM) deployments.

You can view the support article on this page of the Microsoft website.




Report a problem with the item

Previous article

Amazon deal: Motorola Razr flip phone drops to its lowest price again

T
WRITTEN BY

Related posts