Active Directory Federation Services
The latest Active Directory Federation Services coverage — news, analysis, and updates from the WindowsNews.AI desk.
July Windows Updates Shut Down XSS Vulnerability in AD FS That Could Aid Identity Spoofing
Microsoft’s July 14, 2026 cumulative security updates fix a cross-site scripting flaw in Active Directory Federation Services that could let an already-privileged attacker spoof web content...
Microsoft Patches AD FS Vulnerability That Freezes Federation Services with a Single Network Packet
On July 14, 2026, Microsoft released security updates that fix a high-severity denial-of-service vulnerability in Active Directory Federation Services (AD FS). Tracked as CVE-2026-50647, the flaw...
Unpatched AD FS? One Malformed Request Can Crash Your Authentication—Here’s the July Fix
On July 14, 2026, Microsoft dropped a security update that closes a remotely exploitable denial-of-service vulnerability in Active Directory Federation Services (AD FS). Tracked as CVE-2026-50411,...
CVE-2026-50355: Microsoft Patches AD FS Flaw That Lets Attackers Remotely Crash Sign-In Services
On July 14, 2026, Microsoft released its monthly security updates, including a fix for a stack-based buffer overflow in Active Directory Federation Services (AD FS) that could allow an...
Microsoft Patches AD FS Infinite Loop Vulnerability That Could Disable Enterprise Sign-Ons
On July 14, 2026, Microsoft’s monthly security updates included a patch for a vulnerability in Active Directory Federation Services (AD FS) that could let an unauthenticated attacker trigger an...
A Single Unpatched AD FS Server Can Crash Your Sign-Ins: Patch the July 14 DoS Flaw Now
Microsoft’s July 14, 2026 security updates fix a bug that lets an unauthenticated attacker crash an Active Directory Federation Services (AD FS) server over the network—and brings down...
Microsoft Ships AD FS Fix, But Automatic Remediation Is Months Away — Here’s How to Secure Your Keys Now
Microsoft shipped a security fix on July 14, 2026, for a dangerous elevation-of-privilege flaw in Active Directory Federation Services (AD FS) that attackers are already exploiting. But any...
Patch Now: CISA Adds Two Microsoft Zero-Days and Two SonicWall Flaws to Must-Fix List
The Cybersecurity and Infrastructure Security Agency added four actively exploited vulnerabilities to its Known Exploited Vulnerabilities catalog on July 14, 2026. Two of them — flaws in Microsoft...
Microsoft's 570-Fix Patch Tuesday: Two Zero-Days Exploited, BitLocker Bypass Disclosed
On July 14, Microsoft unloaded a record-breaking 570 security fixes across its product portfolio — the largest Patch Tuesday in the company’s history. Two of the vulnerabilities are zero-days...
Microsoft's July Patches Stop Unauthenticated AD FS Crashes — Patch Your Identity Servers Now
Microsoft dropped its July 2026 security updates on the 14th, and one fix in particular should grab the attention of any organization still running Active Directory Federation Services (AD FS)....
Microsoft's July 14 Patch Blocks a Network Attack That Can Crash AD FS Without Authentication
On July 14, 2026, Microsoft released a security update that fixes a critical weakness in Active Directory Federation Services (AD FS) — a stack-based buffer overflow that enables an unauthenticated...