Endpoint Vulnerability

Microsoft: AD FS Security Feature Bypass Vulnerability


A security feature bypass vulnerability exists when Active Directory Federation Services (AD FS) improperly handles multi-factor authentication requests. To exploit this vulnerability, an attacker could send a specially crafted authentication request. An attacker who successfully exploited this vulnerability could bypass some, but not all, of the authentication factors. This security update corrects how AD FS handles multi-factor authentication requests.

Affected Products

Windows Server 2016,Windows Server, version 1803 (Server Core Installation),Windows Server 2012,Windows Server, version 1709 (Server Core Installation)