cve 2026 20875

CVE-2026-20875 is a denial-of-service vulnerability in Microsoft's Local Security Authority Subsystem Service (LSASS). LSASS is a core Windows process that handles authentication, token management, and local security policy enforcement. When LSASS fails, the system can become unresponsive or crash, making this a high-priority availability issue for identity-critical hosts such as domain controllers and admin workstations. The vulnerability affects multiple Windows builds, and Microsoft has released patches to address it. Defenders should prioritize patching affected systems to prevent service disruptions. This tag covers discussions about the vulnerability's impact, patch prioritization, and mitigation strategies for enterprise environments.