Severity: : High
  CVE Kennungen: : CVE-2012-2549
  Advisory Date: 12 de grudnia de 2012

  DESCRIPTION

This patch addresses a vulnerability in Microsoft Windows, which could bypass the security feature via a revoked certificate to an IP-HTTPS server used in Microsoft DirectAccess deployments. Accordingly, this vulnerability can be exploited when an attacker use a certificate issued from the domain for IP-HTTPS server authentication.

  SOLUTION

  AFFECTED SOFTWARE AND VERSION:

  • Windows Server 2008 R2 for x64-based Systems
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1
  • Windows Server 2008 R2 for Itanium-based Systems
  • Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
  • Windows Server 2012