MS17-019: Security Update for Active Directory Federation Services (4010320)

The remote Windows host is missing a security update. It is, therefore, affected by an information disclosure vulnerability in Active Directory Federation Services ADFS when handling XML external entities. An authenticated, remote attacker can exploit this issue, via a specially crafted request, ...

March 2017 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1

March 2017 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1 Summary This security update resolves the following vulnerabilities in Windows: MS17-022 Security update for Microsoft XML Core Services MS17-021 Security update for DirectShow MS17-020 Security update for...

KLA10986 Information disclosure vulnerability in Microsoft Active Directory Federation Services

An improper honoring of XML External Entities was found in Microsoft Active Directory Federation Services ADFS. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a specially designed request. Original advisories...