Microsoft Windows Local Security Authority Subsystem Service (LSASS) Resource Exhaustion Vulnerability( 09 December 2009 )
Last Update Date:
28 Jan 2011
Release Date:
9 Dec 2009
5358
Views
RISK: Medium Risk
A denial of service vulnerability exists in Microsoft Windows due to the way that the Local Security Authority Subsystem Service (LSASS) improperly handles specially crafted ISAKMP messages communicated through IPsec.
Impact
- Denial of Service
System / Technologies affected
- Microsoft Windows 2000
- Windows XP
- Windows Server 2003
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Download locations for this patch
- Microsoft Windows 2000 Service Pack 4
- Windows XP Service Pack 2 and Windows XP Service Pack 3
- Windows XP Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition Service Pack 2
- Windows Server 2003 with SP2 for Itanium-based Systems
Vulnerability Identifier
Source
Related Link
Share with