Rapid7 Vulnerability & Exploit Database

MS17-004: Security Update for Local Security Authority Subsystem Service (3216771)

Back to Search

MS17-004: Security Update for Local Security Authority Subsystem Service (3216771)

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
01/10/2017
Created
07/25/2018
Added
01/10/2017
Modified
03/27/2020

Description

A denial of service vulnerability exists in the way the Local Security Authority Subsystem Service (LSASS) handles authentication requests. An attacker who successfully exploited the vulnerability could cause a denial of service on the target system's LSASS service, which triggers an automatic reboot of the system.

Solution(s)

  • WINDOWS-HOTFIX-MS17-004-003db5e2-d101-4911-a1c4-c7a34150eac2
  • WINDOWS-HOTFIX-MS17-004-233193d3-9693-44e4-a6ae-a01d6d3586b7
  • WINDOWS-HOTFIX-MS17-004-2edd3906-4945-4973-9393-2e520518609c
  • WINDOWS-HOTFIX-MS17-004-534ab13f-7280-4bad-825a-4ad303962680
  • WINDOWS-HOTFIX-MS17-004-7f25d757-c97b-4ba9-807e-b6c8541cd60a
  • WINDOWS-HOTFIX-MS17-004-9cd3d6a0-2474-4577-b7a7-d1ba5234c128
  • WINDOWS-HOTFIX-MS17-004-ae2f5344-c1b2-47f6-861d-a1d57394321a
  • WINDOWS-HOTFIX-MS17-004-b6e62861-fb62-4c62-a6a4-a10b6262d5db
  • WINDOWS-HOTFIX-MS17-004-e38966e9-be66-474f-8754-db30468ffeff
  • WINDOWS-HOTFIX-MS17-004-e5913d80-a2eb-4270-8a9e-add06dfb8c0f
  • WINDOWS-HOTFIX-MS17-004-f4e1ed6b-0032-4027-853b-5da33f5e0cfa

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;