You're in: Panda Security > Home Users > security-info > about-malware > encyclopedia > overview

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Encyclopedia GetVirusCard True 0

MS09-059
Threat LevelDamageDistribution

At a glance Tech details Solution

Effects

MS09-059 is not categorized as virus, worm, Trojan or backdoor. It is an important vulnerability in the Windows Local Authority Subsystem Service on Windows 7/2008/Vista/2003/XP/2000, which allows denial of service attacks to be launched.

LSASS (Local Security Authority Subsystem Service) provides an interface for managing local security, domain authentication and Active Directory processes. However, there is a vulnerability because the Windows NTLM (NT Lan Manager) implementation in LSASS does not properly handle specific malformed packets during the authentication process.

If exploited successfully, it could cause the vulnerable system to automatically restart.

This vulnerability is usually exploited by creating a specially crafted packet and sending it during the HTML authentication process.

If you have a Windows 7/2008/Vista/2003/XP/2000 computer, it is recommended to download and apply the security patch for this vulnerability. Click here to access the web page for downloading the patch.

Panda Security. New Lineup 2012. Renew now

Antivirus Solutions

Technical Support