Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. On a Windows Server 2003-based computer that has the update from security bulletin MS07-062 installed, you may experience a memory leak in DNS

On a Windows Server 2003-based computer that has the update from security bulletin MS07-062 installed, you may experience a memory leak in DNS

View products that this article applies to.

Symptoms

On a Windows Server 2003-based computer that has the update from security bulletin MS07-062 or MS08-037 installed, you may experience the following symptoms:
  • A DNS server consumes increasing amounts of memory over time. In extreme cases, the DNS server may consume about 2.8 gigabytes (GB) of memory on an x86-based domain controller that has 4 GB of RAM installed.
  • A DNS server consumes more CPU resources than expected. In extreme cases, CPU utilization for the DNS server may reach 100 percent.
  • DNS stops responding after several days of run time. By restarting the operating system on the DNS server, or by restarting DNS, you enable DNS to function as expected until a certain threshold of leaked memory is reached again.
  • Computers that have the update from security bulletin MS07-062 installed become unresponsive to logon requests at the console. Or, they become unresponsive to administration from the local console or from a remote console.
  • Operations that depend on DNS name resolution fail. Such operations include, but are not limited to, logon requests (CTRL+ALT+DEL) from domain members, Active Directory replication, and mail flow.
  • DNS zones do not load, or they take longer than expected to load. Additionally, zone transfer may fail between primary and secondary DNS servers.
  • The following DNS event (111) is logged in the event log of DNS servers that have the update from MS07-062 installed:

    Event Type: Error
    Event Source: DNS Event
    Category: None
    Event ID: 111
    User: N/A
    Computer: <computer name>
    Description: The DNS server could not create a thread. System may be out of resources. You might close applications not in use, restart the DNS server or reboot your computer. The event data is the error code.
    Data: 0000: 08 00 00

    Note The "08 00 00" extended error may appear as "000008" in the data section of the event.

↑ Back to the top

Cause

This memory leak issue occurs because DNS cannot release memory that must be allocated for User Datagram Protocol (UDP) packets in some scenarios.

↑ Back to the top

Resolution

Hotfix information

A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.

If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix.

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site:
http://support.microsoft.com/contactus/?ws=support
Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.

Prerequisites

To apply this hotfix, you must be running Windows Server 2003 with Service Pack 1 (SP1) or Windows Server 2003 with Service Pack 2 (SP2).

Restart requirement

You must restart the computer after you apply this hotfix.

Hotfix replacement information

This hotfix does not replace any other hotfixes.

File information

The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.
Windows Server 2003 with SP1, x86-based versions
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatformSP requirement
Dns.exe5.2.3790.3112445,95227-Mar-200809:49x86SP1
W03a2409.dll5.2.3790.309029,69614-Feb-200809:41x86SP1
Windows Server 2003 with SP2, x86-based versions
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Dns.exe5.2.3790.4262445,95227-Mar-200810:03x86
Windows Server 2003 with SP1, Itanium-based versions
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Dns.exe5.2.3790.31121,134,08028-Mar-200802:27IA-64SP1Not Applicable
W03a2409.dll5.2.3790.309028,67228-Mar-200802:27IA-64SP1Not Applicable
Wdns.exe5.2.3790.3112445,95228-Mar-200802:27x86SP1WOW
Ww03a2409.dll5.2.3790.309029,69628-Mar-200802:27x86SP1WOW
Windows Server 2003 with SP2, Itanium-based versions
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Dns.exe5.2.3790.42621,134,59228-Mar-200802:31IA-64
Windows Server 2003, x64-based versions
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Dns.exe5.2.3790.3112766,46428-Mar-200802:26x64SP1Not Applicable
W03a2409.dll5.2.3790.309030,20828-Mar-200802:26x64SP1Not Applicable
Wdns.exe5.2.3790.3112445,95228-Mar-200802:26x86SP1WOW
Ww03a2409.dll5.2.3790.309029,69628-Mar-200802:26x86SP1WOW
Windows Server 2003 with SP2, x64-based versions
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Dns.exe5.2.3790.4262766,46428-Mar-200802:34x64

↑ Back to the top

Workaround

To work around the issue, you must restart DNS .

↑ Back to the top

More information

For more information, click the following article number to view the article in the Microsoft Knowledge Base:
941672� MS07-062: Vulnerability in DNS could allow spoofing
For more information about the standard terminology that is used to describe Microsoft software updates, click the following article number to view the article in the Microsoft Knowledge Base:
824684� Description of the standard terminology that is used to describe Microsoft software updates

↑ Back to the top

Keywords: kbautohotfix, kbexpertiseinter, kbbug, kbfix, kbhotfixserver, kbqfe, KB946565

↑ Back to the top

Article Info
Article ID : 946565
Revision : 3
Created on : 10/7/2008
Published on : 10/7/2008
Exists online : False
Views : 362