LSASSLocal Security Authority Subsystem Service (Microsoft)
LSASSLightweight Seismic/Acoustic Surveillance System
References in periodicals archive ?
McAfee Host IPS and McAfee Entercept(R) protect users against code execution that may result from common classes of exploits targeted at the vulnerability in Microsoft LSASS.
E or any of its variants, it is necessary to install the patch which Microsoft offers to correct the security flaw LSASS, and which can be downloaded from http://www.
The LSASS vulnerability was first reported on April 13, 2004, and was first utilized by a variant of the AGOBOT worm (WORM_AGOBOT.
The Bobax-H worm exploits the same LSASS vulnerability first reported by Microsoft on 13 April 2004 in Microsoft Security Bulletin MS04-011, and later exploited by the widespread Sasser worm.
There is a buffer overflow in the Local Procedure Call (LPC) interface to the LSASS which allows an attacker with local access to escalate their privileges to a higher level within the business-critical IT infrastructure.
It does this by exploiting several operating system vulnerabilities such as LSASS or RPC-DCOM.
The most prevalent attacks came from several worms, such as Sasser and Korgo, seeking to exploit a vulnerability located within LSASS, a security component of the Microsoft Windows operating system.
Immediately following Microsoft's disclosure of the vulnerability on April 13, TippingPoint delivered a Virtual Software Patch in a Digital Vaccine update to UnityOne Intrusion Prevention Systems that guarded the entire LSASS vulnerability.
Microsoft Vulnerability Overview -- MSO4-041- Vulnerability in WordPad Could Allow Code Execution (885836) -- MS04-042- Vulnerability in DHCP Could Allow Remote Code Execution and Denial of Service (885249) -- MS04-043- Vulnerability in HyperTerminal Could Allow Code Execution (873339) -- MS04-044- Vulnerabilities in Window Kernel and LSASS Could Allow Elevation of Privilege (885835) -- MS04-045- Vulnerability in WINS Could Allow Remote Code Execution (870763) Scope of Potential Compromises
Although Microsoft first issued a patch to protect against the LSASS vulnerability on April 13th, many organizations were unable to patch their systems ahead of the rapidly spreading Sasser worm.