CVE-2013-3876 Information

Description

DirectAccess in Microsoft Windows XP SP2 and SP3 Windows Server 2003 SP2 Windows Vista SP1 and SP2 Windows Server 2008 SP2 and R2 SP1 Windows 7 SP1 Windows 8 Windows 8.1 Windows Server 2012 Gold and R2 and Windows RT Gold and 8.1 does not properly verify server X.509 certificates which allows man-in-the-middle attackers to spoof servers and read encrypted domain credentials via a crafted certificate.

Reference

http://technet.microsoft.com/security/advisory/2862152