Vulnerability in DirectAccess Could Allow Security Feature Bypass

With the November 2013 security bulletin release, Microsoft advises that DirectAccess includes a vulnerability that could allow security feature bypass. This update affects all supported versions of Microsoft Windows and addresses an issue with how the DirectAccess server authenticates connections with DirectAccess clients. The vulnerability could be leveraged by an attacker to pose as a man-in-the-middle and intercept their communication. For more details, please review Microsoft Security Advisory 2862152.

Leave a comment


  1. Hi Richard,
    I’m confused about this update. We are using DirectAccess scenario in our network.
    I understood I have to apply the security update on the DA client (IPSec initiator) but not entirely got clear about registry editing and how. My questions are –

    What certificate type that KB article referring? We have Computer Certificate which has EKU configured for client and server authentication issued by our internal enterprise root CA and IP-HTTPS certificate for external publishing which has EKU configured for server authentication.

    So, if I’m not wrong I have to add registry value on UAG server side only?
    I see two type of configuration for certificate authentication for Directaccess -certification authentication by using AuthIP and Certification authentication by using IKEv1 .What type of authentication by default DirectAccess client do in basic scenario?

    In Registry edit, what IPv4/IPv6 or DNS should add as DATA value of the new registry key?

    Sorry for multiple questions. I have read the KB article over and over but not got clear. your explanation would be much helpful to me.

    Thanks 🙂

    • You are not the only one who is confused about this update. 🙂 I’m working on a blog post to add some clarification for it. Stay tuned…

  1. TechNet Blogs

Leave a Reply

%d bloggers like this: