A Security Feature Bypass vulnerability exists in ASP.NET when the number of incorrect login attempts is not validated.
An attacker who successfully exploited this vulnerability could try an infinite number of authentication attempts.
The update addresses the vulnerability by validating the number of incorrect login attempts.