Reports of another recently-discovered bug in Windows 10 Version 2004 have surfaced. This one features a crash in the Local Security Authority Subsystem Service, aka LSASS. It’s what’s responsible for enforcing security policy on Windows PCs, including such all-important activities as logging in, setting or changing passwords, and creating access tokens (SIDs) for login sessions. In other words, Windows can’t really run without it. Thus, an LSASS crash forces a reboot, with a one-minute timer to give people the chance to save their work before it happens. The text of the associated error message reads as follows:
A critical system process, C:\WINDOWS\system32\lsass.exe, failed with status code c0000008. The machine must now be restarted.
If the LSASS Bug Strikes, Then What?
Reports on this error have been popping up for some time, as a quick look at this TechCommunity post, started on May 27, 2020, at Microsoft reveals: “Windows 10 Restart after Login.” This thread mentions a corporate MS client having received a hotfix “that seems to have resolved the issue.” But nothing has apparently hit WU in the form of an out-of-band update or CU at present.
That’s why I’ll repeat the workaround advice from that same thread as a possible strategy for avoiding trouble until the fix is in for all of us ordinary mortals. Affected users can put their PCs into a sleep state overnight instead of shutting down to avoid daily crashes when booting up every morning. Apparently, Fast Startup may be part of the problem — avoiding it seems to stop the bug dead in its tracks for those affected.
And so far, there’s no sign of “official acknowledgement” of this issue — apparently introduced with KB4551853 in the Windows 10 Version 2004 list of Known Issues. But clearly the bug is real, because BleepingComputer.com was able to provoke the LSASS error and capture a screenshot of what Windows 10 Version 2004 presents to users who fall prey to it. My thanks to them for sharing that image, which also appears at the head of this story. I’ve not been able to produce this bug on any of my 6 machines running Build 14031.329, nor on either of the two machines running the Release Preview (Build 14031.330). But if you’ll poke around you’ll see it widely reported: Ghacks.net, Neowin.net, and MSPowerUser.com, to name just a few.
You’ve been warned, and should now have some idea of how to avoid a recurrence if this bug pops up on any of your Windows 10 2004 systems.
Author: Ed Tittel
Ed Tittel is a 30-plus-year computer industry veteran. He’s a Princeton and multiple University of Texas graduate who’s worked in IT since 1981 when he started his first programming job. Over the past three decades he’s also worked as a manager, technical evangelist, consultant, trainer, and an expert witness. See his professional bio for all the details.