Question

A systems administrator reports degraded performance on a virtual server. The administrator increases the virtual memory allocation, which improves conditions, but performance degrades again after a few days. The administrator runs an analysis tool and sees the following output:

==3214== timeAttend.exe analyzed
==3214== ERROR SUMMARY:
==3214== malloc/free: in use at exit: 4608 bytes in 18 blocks.
==3214== checked 82116 bytes
==3214== definitely lost: 4608 bytes in 18 blocks.

The administrator terminates the timeAttend.exe, observes system performance over the next few days, and notices that the system performance does not degrade. Which of the following issues is MOST likely occurring?
1) DLL injection
2) API attack
3) Buffer overflow
4) Memory leak

Answer 1

The system's degraded performance was likely due to a memory leak in the timeAttend.exe application, as indicated by analysis revealing memory not being released by the application. After terminating the problematic application, system performance stabilized, confirming the memory leak was the issue.

Step-by-step explanation:

The issue most likely occurring with the virtual server experiencing degraded performance is a memory leak. A memory leak happens when an application fails to release memory that it no longer needs. The output from the analysis tool indicates that the application timeAttend.exe was using memory that was not properly freed ('definitely lost: 4608 bytes in 18 blocks') even after the application was no longer in use. Terminating timeAttend.exe stopped the memory from being continually used up, which is why the system performance did not degrade anymore. In contrast, DLL injection, API attacks, and buffer overflows are security-related issues that do not typically result in a gradual loss of system performance over time like memory leaks do.