Severity Rating: Critical
Revision Note: V1.1 (May 20, 2014): Clarified in the vulnerability FAQ what systems are primarily at risk for CVE-2014-0317. Added Update FAQ to explain why users running Windows Vista, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server 2012 R2 might not be offered the update. These are informational changes only.
Summary: This security update resolves one privately reported vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker makes multiple attempts to match passwords to a username.
Continue reading...
Revision Note: V1.1 (May 20, 2014): Clarified in the vulnerability FAQ what systems are primarily at risk for CVE-2014-0317. Added Update FAQ to explain why users running Windows Vista, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server 2012 R2 might not be offered the update. These are informational changes only.
Summary: This security update resolves one privately reported vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker makes multiple attempts to match passwords to a username.
Continue reading...
