Go to GoReading for breaking news, videos, and the latest top stories in world news, business, politics, health and pop culture.


Technology Microsoft Software & solutions

What Is an lsass.exe Computer Error?

By Technology
104 10

    Security Risks

    • The actual program lives in C:\Windows\System32\, and is included as part of Windows, and periodically gets updates when Windows runs. In August of 2004, there was a known security hazard with the file, documented in Microsoft Security Bulletin MS04-011. Without the update, there was a risk for remote code execution. As lsass.exe is constantly used by Windows, this was considered a very high threat risk.

    Sasser Worm

    • For systems that did not run the patch provided in the MS04-011 security bulletin, an avenue was opened for a computer worm that became widely spread, called Sasser. There were five variants of the Sasser worm, with variants A through D released within a few weeks of each other, and the E variant released shortly after a German teenager was arrested for authoring it. The August 2004 security update removed the vulnerability to the Sasser worm. The primary symptom of the Sasser worm for most home users was an lsass.exe computer error, followed by a shutdown timer.

    Sasser Worm Removal

    • While no longer widespread, there are a number of computers running Windows XP that still have the original, unpatched lsass.exe file. A fix for removing the Sasser worm can be found in the KB841720 critical update available at update.Microsoft.com. Shortly after Microsoft released the removal tool, every anti-virus vendor also released a similar tool.

    Program Substitution

    • Lsass.exe is also an avenue for a different infection, not of the Lsass program itself, but through social engineering. Microsoft uses a sans serif font for system file names, which means that lsass.exe and Isass.exe look almost identical when viewed next to each other, the latter uses an uppercase "I" while the former uses a lowercase "L." Isass.exe is the file used to distribute the Optix.Pro virus, which is a virus that disables local security measures. Isass.exe won't crash your computer, but will make it much easier for your computer to get another, more dangerous infection. Antivirus tools since roughly 2005 have had fixes for Isass.exe

Source...
Related to Technology You might also like

Leave A Reply

Your email address will not be published.

Copyright©2025 - GoReading. All Rights Reserved. Contact: webmaster@goreading.org1,089.844
Sitemap: XML