FortiClient VulnerabilityMicrosoft Local Security Authority Subsystem Service CVE-2020-1267 Denial of Service Vulnerability
Description
This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause a denial of service on the target system's LSASS service, which triggers an automatic reboot of the system. The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests.
Affected Applications
Windows RT 8.1
Windows Server version 2004 (Server Core installation)
Windows Server version 1903 (Server Core installation)
Windows Server 2016
Windows Server 2012
Windows 8
Windows Server 2008
Windows 10
Windows 7
Windows Server version 1909 (Server Core installation)
Windows Server 2019
CVE References
CVE-2020-1267Other References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-1267| ID | 64286 |
| Created | Jul 14, 2020 |
| Description Updated |
Dec 21, 2023 |
| Risk |
|
| Coverage | FortiClient |
| OS | Windows |
| Vendor | Microsoft |
| Patch | auto |
| Application | Windows RT 8.1 , Windows Server version 2004 (Server Core installation) , Windows Server version 1903 (Server Core installation) , Windows Server 2016 , Windows Server 2012 , Windows 8 , Windows Server 2008 , Windows 10 , Windows 7 , Windows Server version 1909 (Server Core installation) , Windows Server 2019 |