(MS12-083) Vulnerability in IP-HTTPS Component Could Allow Security Feature Bypass (2765809)
Schweregrad:: Hoch
CVE Kennungen:: CVE-2012-2549
Hinweisdatum: 12 Dezember 2012
Beschreibung
This patch addresses a vulnerability in Microsoft Windows, which could bypass the security feature via a revoked certificate to an IP-HTTPS server used in Microsoft DirectAccess deployments. Accordingly, this vulnerability can be exploited when an attacker use a certificate issued from the domain for IP-HTTPS server authentication.
Lösungen
Betroffene Software und Version:
- Windows Server 2008 R2 for x64-based Systems
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for Itanium-based Systems
- Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
- Windows Server 2012