Exploit for Stack-based Buffer Overflow in Microsoft

CVE-2026-41089 !TIP If the setup does not start, add t...

CVE-2026-20875

Null pointer dereference in Windows Local Security Authority Subsystem Service LSASS allows an unauthorized attacker to deny service over a network...

Microsoft Windows Local Security Authority Subsystem Service 输入验证错误漏洞

The Microsoft Windows Local Security Authority Subsystem Service is an internal program of Microsoft Corporation USA that runs Windows system security policies. It verifies user identity, manages user password changes, and generates access characters when a user logs on to a computer standalone o...

PT-2025-24836

Name of the Vulnerable Software and Affected Versions Windows Local Security Authority Subsystem Service LSASS affected versions not specified Description The issue concerns uncontrolled resource consumption in the Windows Local Security Authority Subsystem Service LSASS, allowing an unauthorized...

KLA84760 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, gain privileges, execute arbitrary code, cause denial of service, spoof user interface. Below is a complete list of...

CVE-2020-1267

This security update corrects a denial of service in the Local Security Authority Subsystem Service LSASS caused when an authenticated attacker sends a specially crafted authentication request, aka 'Local Security Authority Subsystem Service Denial of Service Vulnerability'...

CVE-2023-36391 Local Security Authority Subsystem Service Elevation of Privilege Vulnerability

...

Information disclosure

Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability...

September 12, 2023—KB5030216 (OS Build 20348.1970)

September 12, 2023—KB5030216 OS Build 20348.1970 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out...

Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability

...

Privilege escalation

Local Security Authority Subsystem Service Elevation of Privilege Vulnerability...

CVE-2022-21884

Technical details for CVE-2022-21884 are not publicly provided in the connected documents; monitor official disclosures or advisories for affected products, impact, and remediation.

CVE-2020-1509

CVE-2020-1509 is an elevation-of-privilege vulnerability in the Local Security Authority Subsystem Service (LSASS) on Windows. An authenticated attacker could exploit a specially crafted authentication request to elevate privileges on the target system. The issue is addressed by a security update...

KB4571723: Windows 8.1 and Windows Server 2012 R2 August 2020 Security Update

The remote Windows host is missing security update 4571723 or cumulative update 4571703. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when Windows Media Audio Codec improperly handles objects. An attacker who successfully exploited the...

CVE-2020-1267

This security update corrects a denial of service in the Local Security Authority Subsystem Service LSASS caused when an authenticated attacker sends a specially crafted authentication request, aka 'Local Security Authority Subsystem Service Denial of Service Vulnerability'...

MS10-068: Vulnerability in Local Security Authority Subsystem Service could allow elevation of privilege

Resolves a vulnerability in Active Directory directory service, Active Directory Application Mode ADAM, and Active Directory Lightweight Directory Service AD LDS that could allow elevation of privilege if an authenticated attacker sent a specially crafted LDAP messages to a listening LSASS...

CVE-2019-0972

This security update corrects a denial of service in the Local Security Authority Subsystem Service LSASS caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause a denial of service on the...

KLA11874 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products ESU. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface, execute arbitrary code, obtain sensitive information, bypass security restrictions, cause denial of service. Below is a complete list of...

Detecting credential theft through memory access modelling with Microsoft Defender ATP

Stealing user credentials is a key step for attackers to move laterally across victim networks. In today’s attacks, we see a range of tools used to achieve credential theft, requiring protections that target the root behavior and not just individual known tools as is often done by traditional...

March 14, 2017—KB4013429 (OS Build 14393.953)

March 14, 2017—KB4013429 OS Build 14393.953 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed known issue called out in KB3213986. Users may experience delays while running 3D...