Microsoft Security Bulletin MS14-016 - Important: Vulnerability in Security Account Manager...


Extraordinary Robot
News Feed
Severity Rating: Critical
Revision Note: V1.1 (May 20, 2014): Clarified in the vulnerability FAQ what systems are primarily at risk for CVE-2014-0317. Added Update FAQ to explain why users running Windows Vista, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server 2012 R2 might not be offered the update. These are informational changes only.
Summary: This security update resolves one privately reported vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker makes multiple attempts to match passwords to a username.

Continue reading...