just to mention, Appguard Business block lsass.exe by default via its MemProtect module, which isn't available in the Home Version. Not saying , that to use this exploit in Dan's video , the attacker has to know how is your network , if you are behind a NAT router , no way he can know... Conclusion, this attack is valid only if: - the target system is attacked via another compromised system in the same network...or the attacker know your IP adress , which isn't very easy task because you are behind a NAT router. - the target system is ran under Win7 with SMB1.0 enabled. Since now mostly all system are supposed to be patched , this attack is obsolete.