MS16-020: Security Update for Active Directory Federation Services to Address Denial of Service (3134222)
Medium Nessus Plugin ID 88652
SynopsisThe remote Windows host is affected by a denial of service vulnerability.
DescriptionThe remote Windows host is missing a security update. It is, therefore, affected by a denial of service vulnerability in Active Directory Federation Services (ADFS) due to a failure to properly process certain input during forms-based authentication. A remote attacker can exploit this, via crafted input, to cause the server to become unresponsive.
SolutionMicrosoft has released a set of patches for Windows Server 2012 R2.