This article was previously published under Q154087
This article has been archived. It is offered "as is" and will no longer be updated.
While running Windows NT, you may receive an Access Violation error messagein Lsass.exe. After this error occurs, you cannot logon locally and theadministrative tools that rely on LSA/LSARPC (such as Event Viewer andServer Manager) do not function.
The failure occurs when a remote client connects to the Local SecurityAuthority over a named pipe and passes an incorrect buffer size (fragmentlength).
To resolve this problem, obtain the latest service pack for Windows NT 4.0 or Windows NT Server 4.0, Terminal Server Edition. For additional information, click the following article number to view the article in theMicrosoft Knowledge Base:
152734 How to Obtain the Latest Windows NT 4.0 Service Pack
Microsoft has updated Lsasrv.dll to correct this problem and posted theupdated version to the following Internet location.
NOTE: Lsa-fix has been superseded by Lsa2-fix.
For your convenience, the English version of this post-SP3 hotfix has beenposted to the following Internet location. However, Microsoft recommendsthat you install Windows NT 4.0 Service Pack 4 to correct this problem.
WARNING: If you install the original (archived) version of this hotfixAFTER you apply the later version, your system may become unusable.Microsoft does not recommend you install the original hotfix after applyingthe later version.
Microsoft has confirmed this problem could result in some degree ofsecurity vulnerability in Windows NT version 4.0. This problem was first corrected in Windows NT 4.0 Service Pack 4.0 and Windows NT Server 4.0, Terminal Server Edition Service Pack 4.