Shulou(Shulou.com)06/02 Report--

This article is about what lsass.exe refers to. Xiao Bian thinks it is quite practical, so share it for everyone to make a reference. Let's follow the editor and have a look.

lsass.exe is a system process used for Microsoft Windows security mechanisms, as well as local security and login policies; lsass.exe may also be created by Windang.worm, irc.ratsou.b, etc., viruses spread through floppy disks, mass emails, and P2P file sharing.

lsass.exe is a system process used as a security mechanism for Microsoft Windows systems. It is used for local security and login policies. Note: lsass.exe may also have been created by Windang.worm, irc.ratsou.b, Webus.B, MyDoom.L, Randex.AR, Nimos.worm, and spread via floppy disks, mass mailings, and P2P file sharing.

process information

Process file: lsass or lsass.exe

Process Name: Local Security Authority Service

Produced by Microsoft Corp.

Microsoft Windows Operating System

System Process: Yes

Background Program: Yes

Use of networks: Yes

Port used: 49154 (TCP)

Hardware related: No

Common Error: Unknown N/A

Memory Usage: Unknown N/A

Safety level (0-5): 0

Spyware: No

Adware: No

Virus: No

Trojans: No

process description

The Local Security Rights Service controls Windows security, a system process that starts automatically when the system boots.

Managing IP security policies and launching ISAKMP/Oakley (IKE) and IP security drivers, etc., is a native security authorization service and generates a process for authorized users using winlogon services. This process is executed by using licensed packages, such as msgina.dll by default. If authorization is successful, lsass generates the user's entry token, which does not use the initial shell. Other user-initiated processes inherit this token. Windows Active Directory remote stack overflow vulnerability, it is the use of LDAP3 search request function for user submission request missing correct buffer boundary check, build more than 1000 "AND" requests, and sent to the server, resulting in triggering stack overflow, so that Lsass.exe service crash, the system restarts within 60 seconds. And it can cause some functional failures.

Thank you for reading! About lsass.exe refers to what program to share here, I hope the above content can be of some help to everyone, so that everyone can learn more knowledge. If you think the article is good, you can share it so that more people can see it!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.