| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS16-020 | Security Update for Active Directory Federation Services to Address Denial of Service (3134222) | Windows Server | Important | 10-02-2016 |
Technical Information
Brief overview of the risk:
This security update resolves a vulnerability in Active Directory Federation Services (ADFS). The vulnerability could allow denial of service if an attacker sends certain input data during forms-based authentication to an ADFS server, causing the server to become nonresponsive.
Detailed Information on the risk:
A denial of service vulnerability exists when Active Directory Federation Services (ADFS) attempts to process certain input during forms-based authentication. An attacker who successfully exploits this vulnerability by sending certain input during forms-based authentication could cause the server to become nonresponsive.
Windows Server 2012 R2Further information on this exploit is available at : MS16-020
Windows Server 2012 R2 (Server Core installation)
Affected Software
Windows Server 2012 R2Windows Server 2012 R2 (Server Core installation)