Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Targeting AD FS With External Brute-Force Attacks" "On July 2019 Patch Tuesday, Microsoft released a patch for CVE-2019-1126, an important vulnerability ... While Microsoft only released one patch, we believe there are two vulnerabilities that allow attackers to remotely launch brute-force attacks on AD FS servers from the outside of the network. Attackers can bypass the Extranet Lockout Protection security feature and also bypass the Microsoft AD lockout policy(!) in certain scenarios ..." VG Bernd [0] https://blog.preempt.com/security-advisory-targeting-ad-fs-with-external-bru... -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler@itc.rwth-aachen.de https://www.itc.rwth-aachen.de