Venafi TPP versions 15.2.x and older
Installing Microsoft server OS update MS16-065 on 2008 R2 and 2012 R2 causes Venafi services failure.
Microsoft released on May 10th a security update to patch a vulnerability within the Microsoft .NET framework. This update, while helping protect your system causes two symptoms within Venafi that we have discovered:
- The log service encounters exceptions (crash, crashes, crashing) and will not start. Error may look something like: "Event 1026, .NET Runtime"
- The VED or TPP service may consume all of the system memory.
You may read Microsoft’s description of the vulnerability here:
You may read the Microsoft patch details here:
If you have already installed the patch on your server and experience these symptoms, removing the patch will let Venafi return to normal operation.
You can implement Microsoft's workaround instead of installing the patch. You can find them in the 'Workaround' section Microsoft provides here:
The Venafi fix is included in the following Service Packs:
- 15.2.6 released 5/17/16
- 15.1.5 released 5/19/16
- 14.4.9 released 5/19/16
- 14.3.11 released 5/16/16
- 14.2.13 released 5/20/16
These patches address the new Windows Server behavior changed by Microsoft.