A memory leak occurs when a computer that is running Live Communications Server connects to another Live Communications computer that has SYN attack protection enabled in Windows Server 2003 Service Pack 1

Consider the following scenario. A computer that is running Microsoft Office Live Communications Server 2005 or Microsoft Live Communications Server 2003 connects to another Live Communications Server computer that has SYN attack protection enabled in Microsoft Windows Server 2003 Service Pack 1 (SP1). However, the connection fails. Additionally, a memory leak occurs in the Live Communications Server computer. This loss in memory resources causes system performance to decrease.

Note This problem occurs only when Windows Server 2003 SP1 is installed on the Live Communication Server computer.

This problem is caused by a memory leak in the Windows Server 2003 SChannel code that is being run by Live Communications Server. The memory leak occurs in Live Communication Server computers that are connected over Mutual Transport Layer Security (MTLS) to one or more servers that have SYN attack protection enabled.

In Windows Server 2003 SP1, connections that are established between Live Communications Server computers will always succeed. These connections succeed because the TCP stack accepts the connection before the TCP stack tells the application in the application pool that there is an incoming connection or before the TCP stack examines the backlog of the application in the application pool. However, when the peer initiates an MTLS negotiation with another Live Communications Server computer, the connection is reset by the TCP stack on the other Live Communications Server computer. This behavior occurs after the other Live Communications Server computer determines that the application in the application pool is out of backlog because of the SYN attack protection. When this occurs, the stacks that were allocated are not freed. Therefore, a memory leak occurs.

Note By default, SYN attack protection is enabled in Windows Server 2003 SP1. The SYN attack protection behavior is not specific to the TCP/IP stack. Therefore, any firewall that has SYN attack protection enabled will experience the problem that is mentioned in the "Symptoms" section.

Hotfix information

A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem.

If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, submit a request to Microsoft Customer Service and Support to obtain the hotfix.

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site: Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.

Prerequisites

Windows Server 2003 SP1 must be installed on the Live Communications Server computer.

Restart requirement

You do not have to restart the computer after you apply this hotfix.

Hotfix replacement information

This hotfix does not replace any other hotfixes.

File information

The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

For more information about the new file naming schema for Microsoft Windows software updates, click the following article number to view the article in the Microsoft Knowledge Base: For more information about the terminology that Microsoft uses for software that is corrected after it is released, click the following article number to view the article in the Microsoft Knowledge Base: