Access Violation in Lsass.exe in Low-Memory Situations (309566)


The information in this article applies to:

  • Microsoft Windows 2000 Server SP1
  • Microsoft Windows 2000 Server SP2
  • Microsoft Windows 2000 Advanced Server SP1
  • Microsoft Windows 2000 Advanced Server SP2
  • Microsoft Windows 2000 Professional SP1
  • Microsoft Windows 2000 Professional SP2
This article was previously published under Q309566

SYMPTOMS

You may receive an access violation in the Lsass.exe service under low-memory conditions.

CAUSE

When memory for a local trust list is freed, some resources may not be successfully initialized under a NO_MEMORY condition. In this case, an access violation may occur in Lsass.exe during an attempt to free uninitialized fields in the trust list data structure.

Lsass.exe is the service responsible for all domain-related functions, such as user logon validation and user account management. If Lsass.exe does not complete successfully, all domain-related requests to the server are unsuccessful.

RESOLUTION

To resolve this problem, obtain the latest service pack for Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

260910 How to Obtain the Latest Windows 2000 Service Pack

The English-language version of this fix should have the following file attributes or later: 
   Date         Time   Version           Size     File name
   -----------------------------------------------------------
   11-Oct-2001  21:36  5.0.2195.4472     123,664  Adsldp.dll       
   11-Oct-2001  21:36  5.0.2195.4308     130,832  Adsldpc.dll      
   11-Oct-2001  21:36  5.0.2195.4016      62,736  Adsmsext.dll     
   11-Oct-2001  21:36  5.0.2195.4384     364,816  Advapi32.dll     
   11-Oct-2001  21:36  5.0.2195.4141     133,904  Dnsapi.dll       
   11-Oct-2001  21:36  5.0.2195.4379      91,408  Dnsrslvr.dll     
   11-Oct-2001  21:39  5.0.2195.4411     529,168  Instlsa5.dll     
   11-Oct-2001  21:36  5.0.2195.4437     145,680  Kdcsvc.dll       
   05-Oct-2001  04:00  5.0.2195.4471     199,440  Kerberos.dll     
   04-Sep-2001  16:32  5.0.2195.4276      71,024  Ksecdd.sys
   27-Sep-2001  22:58  5.0.2195.4411     511,248  Lsasrv.dll       
   07-Sep-2001  01:31  5.0.2195.4301      33,552  Lsass.exe        
   27-Sep-2001  22:59  5.0.2195.4285     114,448  Msv1_0.dll       
   11-Oct-2001  21:36  5.0.2195.4153     312,080  Netapi32.dll     
   11-Oct-2001  21:36  5.0.2195.4495     358,672  Netlogon.dll     
   11-Oct-2001  21:36  5.0.2195.4464     912,656  Ntdsa.dll        
   11-Oct-2001  21:36  5.0.2195.4433     387,856  Samsrv.dll       
   11-Oct-2001  21:36  5.0.2195.4117     111,376  Scecli.dll       
   11-Oct-2001  21:36  5.0.2195.4476     299,792  Scesrv.dll       
   11-Oct-2001  21:36  5.0.2195.4025      50,960  W32time.dll      
   02-Aug-2001  04:44  5.0.2195.4025      56,592  W32tm.exe        
   11-Oct-2001  21:36  5.0.2195.4433     125,712  Wldap32.dll

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Windows 2000 Service Pack 3.

MORE INFORMATION

This update causes all fields in the data structure to be initialized to NULL.
Modification Type:MinorLast Reviewed:9/26/2005
Keywords:kbHotfixServer kbQFE kbbug kbDirServices kbfix kbWin2000PreSP3Fix kbWin2000sp3fix KB309566
©2004 Microsoft Corporation. All rights reserved.