By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
If an attacker is able to gain access to LSA secrets (possibly by using
), then they might discover the user name and password for a service account. Accounts that are used to run services may have privileges beyond that held by the user of the compromised account and maybe domain-level accounts. Armed with the information, the attacker can log on and now have those privileges. If the account is a domain account, his privileges extend to many computers in the domain, not just the one he was able to compromise.