Microsoft KB Archive/903927

= A memory leak occurs when a computer that is running Live Communications Server connects to another Live Communications computer that has SYN attack protection enabled in Windows Server 2003 Service Pack 1 =

Article ID: 903927

Article Last Modified on 7/26/2006

-

APPLIES TO


 * Microsoft Office Live Communications Server 2005 Enterprise Edition
 * Microsoft Office Live Communications Server 2005 Standard Edition
 * Microsoft Office Live Communications Server 2005 Service Pack 1
 * Microsoft Office Live Communications Server 2003

-





SYMPTOMS
Consider the following scenario. A computer that is running Microsoft Office Live Communications Server 2005 or Microsoft Live Communications Server 2003 connects to another Live Communications Server computer that has SYN attack protection enabled in Microsoft Windows Server 2003 Service Pack 1 (SP1). However, the connection fails. Additionally, a memory leak occurs in the Live Communications Server computer. This loss in memory resources causes system performance to decrease.

Note This problem occurs only when Windows Server 2003 SP1 is installed on the Live Communication Server computer.



CAUSE
This problem is caused by a memory leak in the Windows Server 2003 SChannel code that is being run by Live Communications Server. The memory leak occurs in Live Communication Server computers that are connected over Mutual Transport Layer Security (MTLS) to one or more servers that have SYN attack protection enabled.

In Windows Server 2003 SP1, connections that are established between Live Communications Server computers will always succeed. These connections succeed because the TCP stack accepts the connection before the TCP stack tells the application in the application pool that there is an incoming connection or before the TCP stack examines the backlog of the application in the application pool. However, when the peer initiates an MTLS negotiation with another Live Communications Server computer, the connection is reset by the TCP stack on the other Live Communications Server computer. This behavior occurs after the other Live Communications Server computer determines that the application in the application pool is out of backlog because of the SYN attack protection. When this occurs, the stacks that were allocated are not freed. Therefore, a memory leak occurs.

Note By default, SYN attack protection is enabled in Windows Server 2003 SP1. The SYN attack protection behavior is not specific to the TCP/IP stack. Therefore, any firewall that has SYN attack protection enabled will experience the problem that is mentioned in the &quot;Symptoms&quot; section.



Hotfix information
A supported hotfix is now available from Microsoft, but it is only intended to correct the problem that this article describes. Apply it only to systems that are experiencing this specific problem.

To resolve this problem, contact Microsoft Product Support Services to obtain the hotfix. For a complete list of Microsoft Product Support Services telephone numbers and information about support costs, visit the following Microsoft Web site:

http://support.microsoft.com/contactus/?ws=support

Note In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The usual support costs will apply to additional support questions and issues that do not qualify for the specific update in question.

Prerequisites
Windows Server 2003 SP1 must be installed on the Live Communications Server computer.

Restart requirement
You do not have to restart the computer after you apply this hotfix.

Hotfix replacement information
This hotfix does not replace any other hotfixes.

File information
The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the &quot;Applies to&quot; section.



MORE INFORMATION
For more information about the new file naming schema for Microsoft Windows software updates, click the following article number to view the article in the Microsoft Knowledge Base:

816915 New file naming schema for Microsoft Windows software update packages

For more information about the terminology that Microsoft uses for software that is corrected after it is released, click the following article number to view the article in the Microsoft Knowledge Base:

824684 Description of the standard terminology that is used to describe Microsoft software updates

Additional query words: LCS LCS2003 LCS2005

Keywords: kbqfe kbhotfixserver kbpubtypekc kbbug kbfix KB903927

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.