Jorge Moura

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows versions prior to the fixed version **Description** The issue concerns the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows, which does not properly process authentication requests. This allows local users to gain privileges via a request with a crafted length. An elevation of privilege vulnerability exists in the way that LSASS processes specially crafted authentication requests, which could allow an attacker to run code with elevated privileges and take complete control of an affected system. **Recommendations** For Microsoft Windows versions prior to the fixed version: update to the fixed version to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.