Core Issue
This is the complete error message:
The critical system application 'C:\WINNT\system32\lsass.exe' (as user NT AUTHORITY\SYSTEM) tried to call the function LoadLibraryA("ws2_32") from a buffer (the return address was 0x78fdaf). The code at this address is 'ffd66653 66683332 68777332 5f54ffd0 68cbedfc 3b50ffd6 5f89e566 81ed0802' This either happens when a program uses self-modifying code or when a program has been subverted by a buffer overflow attack. The user chose 'Terminate (not logged in)'.
The most likely reason for this problem is the Sasser worm virus B.
Resolution
To resolve this issue, refer to Defend Against the Sasser Virus on the MCS Servers.
This problem might also be resolved by upgrading the Cisco Security Agent. For more information, refer to the following documents: