A memory leak occurs in the Lsass.exe process during a high SSL workload in Windows Server 2012 R2 or Windows Server 2012

Symptoms

When you use the Centralized Certificate Store feature, a memory leak occurs in the Local Security Authority Subsystem Service (Lsass.exe) during a high Secure Sockets Layer (SSL) workload in Windows Server 2012 R2 or Windows Server 2012.

Resolution

To resolve this issue, we have released a hotfix. Even though this issue has been observed only in Windows Server 2012 R2 or Windows Server 2012, the hotfix also applies to Windows 8.1, Windows RT 8.1, and Windows 8.

Hotfix information

A supported hotfix is available from Microsoft Support. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing the problem described in this article. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.

If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix.

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, go to the following Microsoft website: Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.

Prerequisites

To apply this hotfix, you must have April 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 (2919355) installed in Windows 8.1 or Windows Server 2012 R2.

There are no prerequisites for Windows 8 or Windows Server 2012 to install this hotfix.

Restart requirement

You do not have to restart the computer after you apply this hotfix.

Hotfix replacement information

This hotfix does not replace any previously released hotfix.
File information

Additional file information

Additional file information for Windows 8.1 and for Windows Server 2012 R2
Additional files for all supported x86-based versions of Windows 8.1
File propertyValue
File nameX86_10e21102efcf7f44baa38f4f5bdbf55f_31bf3856ad364e35_6.3.9600.17903_none_8d374a005ac4c742.manifest
File versionNot applicable
File size705
Date (UTC)12-Jun-2015
Time (UTC)17:36
PlatformNot applicable
File nameX86_microsoft-windows-security-schannel_31bf3856ad364e35_6.3.9600.17903_none_b70b8347709c7bab.manifest
File versionNot applicable
File size13,286
Date (UTC)11-Jun-2015
Time (UTC)19:45
PlatformNot applicable
Additional files for all supported x64-based versions of Windows 8.1 and of Windows Server 2012 R2
File propertyValue
File nameAmd64_0548274de79a8bdf2da420133b33aa53_31bf3856ad364e35_6.3.9600.17903_none_3fbd780fdc0a06d3.manifest
File versionNot applicable
File size709
Date (UTC)12-Jun-2015
Time (UTC)17:36
PlatformNot applicable
File nameAmd64_ab349c5615d2d94d8a5d7386d78412fa_31bf3856ad364e35_6.3.9600.17903_none_b7df3750dc52b5c6.manifest
File versionNot applicable
File size709
Date (UTC)12-Jun-2015
Time (UTC)17:36
PlatformNot applicable
File nameAmd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.3.9600.17903_none_132a1ecb28f9ece1.manifest
File versionNot applicable
File size13,290
Date (UTC)11-Jun-2015
Time (UTC)21:27
PlatformNot applicable
File nameWow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.3.9600.17903_none_1d7ec91d5d5aaedc.manifest
File versionNot applicable
File size7,312
Date (UTC)11-Jun-2015
Time (UTC)19:45
PlatformNot applicable
Additional files for all supported Windows RT 8.1
File propertyValue
File nameArm_cf71b918e3692c7e905dcb491d997273_31bf3856ad364e35_6.3.9600.17903_none_94d73be41c08cd6c.manifest
File versionNot applicable
File size705
Date (UTC)12-Jun-2015
Time (UTC)17:36
PlatformNot applicable
File nameArm_microsoft-windows-security-schannel_31bf3856ad364e35_6.3.9600.17903_none_b70df59f70999a71.manifest
File versionNot applicable
File size13,286
Date (UTC)11-Jun-2015
Time (UTC)20:19
PlatformNot applicable

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

References

Learn about the terminology that Microsoft uses to describe software updates.
Properties

Article ID: 3064307 - Last Review: Jul 22, 2015 - Revision: 1

Windows Server 2012 R2 Datacenter, Windows Server 2012 R2 Standard, Windows Server 2012 R2 Essentials, Windows Server 2012 R2 Foundation, Windows 8.1 Enterprise, Windows 8.1 Pro, Windows 8.1, Windows RT 8.1, Windows Server 2012 Datacenter, Windows Server 2012 Datacenter, Windows Server 2012 Datacenter, Windows Server 2012 Datacenter, Windows Server 2012 Standard, Windows Server 2012 Standard, Windows Server 2012 Standard, Windows Server 2012 Standard, Windows Server 2012 Essentials, Windows Server 2012 Foundation, Windows Server 2012 Foundation, Windows Server 2012 Foundation, Windows Server 2012 Foundation, Windows 8 Enterprise, Windows 8 Pro, Windows 8

Feedback