MS15-007 - Important: Vulnerability in Network Policy Server RADIUS Implementation Could Cause...

News

Extraordinary Robot
News Feed
#1
Severity Rating: Important
Revision Note: V1.0 (January 13, 2015): Bulletin published
Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service on an Internet Authentication Service (IAS) or Network Policy Server (NPS) if an attacker sends specially crafted username strings to the IAS or NPS. Note that the denial of service vulnerability would not allow an attacker to execute code or to elevate user rights; however, it could prevent RADIUS authentication on the IAS or NPS.

Continue reading...
 


This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.