Microsoft recognized a new known issue that led to critical system failure of the Local Security Authority Subsystem (LSASS) and forced reboots on some Windows 10 devices.
LSASS is responsible for enforcing the security policy on Windows systems and is used by the system to add entries to the security log, as well as to handle user logins, password changes, and the creation of security tokens. access.
When LSASS fails, the user will immediately lose access to the accounts available on the machine, an error will be displayed and the machine will be forced to restart.
Devices running Windows 10 1809 or later affected
Microsoft explains that “[t]The Local Security Authority Subsystem Service (LSASS) file (lsass.exe) may fail on some devices with the error message:
A critical system process, C:WINDOWSsystem32lsass.exe, failed with status code c0000008. The machine must now be restarted.
The known issue was added today by Microsoft in KB4557957 and KB4560960 cumulative update posts released as part of this month’s Patch Tuesday on June 9, 2020, as well as KB4567512 and KB4567523 optional update posts that fixed a above problem causing printing problems.
While these updates can only be applied to versions 1903 or later of Windows 10, users also reported experiencing the same issue with devices running fully updated installations of Windows 10, version 1809.
“We have some machines in our domain that crash when logging in,” said one user. “They get the ‘Your PC will automatically reboot in a minute’ and then they are forced to reboot. After the reboot, they can log in again and continue working until the next day.”
Another said that he was experiencing reboots after turning on his laptop with Windows 10 1809 Enterprise.
Microsoft is working on an official solution
Microsoft has not yet formally recognized this issue (no new support document has been released so far, or new known issues have been added to the Windows 10 Health Dashboard), and an official fix for this issue is not yet available.
However, as the company explains, Redmond developers are working on a resolution to be provided to affected customers as part of an upcoming release.
While an official fix for this is not available, users who are unable to use their devices due to continued LSASS failure can get rid of the issue by uninstalling the cumulative updates for June 2020.
Before uninstalling the two cumulative updates, you should first know that you are also removing the mitigation of security issues affecting your Windows 10 device.
Microsoft says in the details of the two updates (1, 2) that they can be removed by “selecting View installed updates in the Programs and Features Control Panel.”
If you are willing to degrade your computer’s security defense, you should follow this procedure:
1. Select the start button or Windows Desktop Search and type update history and select View your update history.
2. In the Settings / View update history dialog box, select Uninstall updates.
3. In the Installed updates dialog window, find and select KB4560960 or KB4557957, and select the Uninstall button.
4. Restart your device.
We also have a detailed tutorial on how to uninstall, pause, or block Windows updates if they are causing problems.