Local Security Authority Service - LSASS.EXE

Lsass.exe is a system process for Microsoft Windows security mechanisms. It generates the process responsible for authenticating users for the Winlogon service. This process is performed by using authentication packages such as the default Msgina.dll. If authentication is successful, Lsass generates the user's access token, which is used to launch the initial shell. Other processes that the user initiates inherit this token.

This program has been mentioned in many security bulletins after the Sasser worm was created and the LSASS vulnerability in Microsoft's Operating Systems was discovered. It also installs with Randex and Mydoom variants and numerous other worms. You'll need to leave this file in place. So you'll want to keep up to date with any security updates and service packs from Microsoft.

How to Obtain Windows XP Service Pack 2 - http://www.microsoft.com/athome/security/protect/windowsxp/choose.aspx

Lsass.exe Stops Working Intermittently on a Domain Controller or Global Catalog - http://support.microsoft.com/default.aspx?scid=kb;EN-US;q300621

Additional Microsoft Knowledgebase articles about lsass.exe.

Safe

Required

Microsoft.com