Home / bulletins MS15-007 - Important: Vulnerability in Network Policy Server RADIUS Implementation Could Cause Denial of Service (3014029) - Version: 1.0
Posted on 14 January 2015
ImportantSeverity Rating: Important
Revision Note: V1.0 (January 13, 2015): Bulletin published
Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service on an Internet Authentication Service (IAS) or Network Policy Server (NPS) if an attacker sends specially crafted username strings to the IAS or NPS. Note that the denial of service vulnerability would not allow an attacker to execute code or to elevate user rights; however, it could prevent RADIUS authentication on the IAS or NPS.