Following the recent turmoil about the latest Windows worm, I Google’d for lsass.exe. The first entry lead me to something about a “WinTasks process library“, that describes it as
“Windows Local Security Authority Server Process handles Windows security mechanisms. It verifies the validity of user logons to your computer or server. Technically, the software generates the process that is responsible for authenticating users for the Winlogon service.”
So, it’s a local process that handles security mechanisms. That’s why it now seems to be one of the most dangerous worms ever – duh!
Best part about the entry on the site above:
Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): No