Home / bulletins MS14-077 - Important: Vulnerability in Active Directory Federation Services Could Allow Information Disclosure (3003381) - Version: 1.0
Posted on 12 November 2014
ImportantSeverity Rating: Important
Revision Note: V1.0 (November 11, 2014): Bulletin published.
Summary: This security update resolves a privately reported vulnerability in Active Directory Federation Services (AD FS). The vulnerability could allow information disclosure if a user leaves their browser open after logging off from an application, and an attacker reopens the application in the browser immediately after the user has logged off.
