A memory leak issue in the Lsass.exe process causes an application or a service to stop responding if the application or the service uses the NTLM authentication on a computer that is running Windows Server 2008 or Windows Vista.
An application or a service that uses the NTLM authentication runs on a computer that is running Windows Server 2008 or Windows Vista. In this scenario, the memory usage of the Lsass.exe process keeps increasing. If this issue lasts for a long time, the application or the service may stop responding or encounter an exception because the available memory is too low.
For example, this issue occurs when a Web server uses NTLM for outgoing authentication. After this issue occurs, the Web server stops responding, and you must restart the server to recover from the issue.
For more information on this issue, including potential causes, workarounds, and resolutions, see: Microsoft KB Article KB971265.