(MS15-062) Vulnerability in Active Directory Federation Services Could Allow Elevation of Privilege (3062577)

  Severity: HIGH
  CVE Identifier: CVE-2015-1757
  Advisory Date: JUN 24, 2015

  DESCRIPTION

This security update addresses a vulnerability in Microsoft Active Directory Federation Services (AD FS) that could allow elevation of privilege when an attacker submits a specially crafted URL to a target site.

  SOLUTION

  AFFECTED SOFTWARE AND VERSION

  • Windows Server 2008 R2
  • Windows Server 2012
  • Windows Server 2008