A security feature bypass vulnerability exists when Active Directory Federation Services (ADFS) improperly updates its list of banned IP addresses.To exploit this vulnerability, an attacker would have to convince a victim ADFS administrator to update the list of banned IP addresses.This security update corrects how ADFS updates its list of banned IP addresses.