1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

MS13-066 - Important : Vulnerability in Active Directory Federation Services Could Allow...

Discussion in 'Security Updates' started by Microsoft Security, Aug 21, 2013.

  1. Microsoft Security

    Microsoft Security Guest

    Severity Rating: Important
    Revision Note: V2.1 (August 19, 2013): Rereleased bulletin to announce the reoffering of the 2843638 update for Active Directory Federation Services 2.0 on Windows Server 2008 and Windows Server 2008 R2. See the Update FAQ for details.
    Summary: This security update resolves a privately reported vulnerability in Active Directory Federation Services (AD FS). The vulnerability could reveal information pertaining to the service account used by AD FS. An attacker could then attempt logons from outside the corporate network, which would result in account lockout of the service account used by AD FS if an account lockout policy has been configured. This would result in denial of service for all applications relying on the AD FS instance.

    View the full article
     
    Microsoft Security, Aug 21, 2013
    #1

Share This Page