MS.Active.Directory.Information.Disclosure.Vuln.MS14-077

description-logoDescription

Microsoft Active Directory is a directory service.
The vulnerability could allow information disclosure if a user leaves their browser open after logging off from an application, and an attacker reopens the application in the browser immediately after the user has logged off.

affected-products-logoAffected Products

Windows Server 2008
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2

Impact logoImpact

The vulnerable system can be compromised by an attacker for gaining partial access to the system. Therefore there is a risk of leaking sensitive information and application configuration modification without user notice.

recomended-action-logoRecommended Actions

Please download and apply patches as instructed in https://technet.microsoft.com/library/security/MS14-077.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)