vulnerability
Microsoft Windows: CVE-2016-7237: Local Security Authority Subsystem Service Denial of Service Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:L/Au:S/C:N/I:N/A:C) | Nov 10, 2016 | Jun 10, 2024 | Oct 14, 2025 |
Severity
7
CVSS
(AV:N/AC:L/Au:S/C:N/I:N/A:C)
Published
Nov 10, 2016
Added
Jun 10, 2024
Modified
Oct 14, 2025
Description
Local Security Authority Subsystem Service (LSASS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote authenticated users to cause a denial of service (system hang) via a crafted request, aka "Local Security Authority Subsystem Service Denial of Service Vulnerability."
Solutions
microsoft-windows-windows_10-1507-kb3198585microsoft-windows-windows_10-1511-kb3198586microsoft-windows-windows_10-1607-kb3200970microsoft-windows-windows_server_2016-1607-kb3200970
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.