In the early morning of January 11, 2017 (Beijing Time), Microsoft released the first set of patches in the year to fix the remote denial of service vulnerability (ID: CVE-2017-0004) in the Local Security Authority Subsystem Service (LSASS). It is an uncommon security risk. Hackers can exploit this vulnerability to send malicious data packets, causing crash of the key processes in the target system, similar to the unexpected shutdown with 60-second countdown in the case of MSBlast.
See the following for more information about the vulnerability.
Microsoft LSASS remote DoS vulnerability
Hackers can exploit this vulnerability to send malicious data packets to and initiate a distributed denial of service (DDoS) against Port 445, causing crash of key processes in the target system.
Condition and method of exploitation
This vulnerability is triggered by means of a remote compromise of Port 445.
Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2
How to fix or mitigate
Install patches. For more information, see https://technet.microsoft.com/en-us/library/security/MS17-004.