Microsoft Windows Server 2012
Moderate fix2 remedies
cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*
Moderate fix2 remedies
Microsoft Windows Kerberos Information Disclosure Vulnerability
Vulnerability
A vulnerability in Windows Kerberos allows an authorized attacker to locally disclose information by exploiting the use of a broken or risky cryptographic algorithm. This issue affects several versions of Windows Server, including 2008, 2012, 2016, 2019, 2022, and 2025, as well as Windows Server 2022 23H2 Edition.
Impact
Exploitation of this vulnerability could lead to unauthorized information disclosure, specifically secrets or privileged information belonging to the user of the affected application.
Remediation
Users can apply the security update for this vulnerability, which is included in the January 2026 Monthly Rollup for all affected Windows Server versions. Instructions for downloading this update are available on the Microsoft Update Catalog.
Added: Jan 13, 2026, 8:06 PM
Updated: Jan 13, 2026, 8:06 PM
Vulnerability Rating
Custom Algorithm
spread
8.1impact
2.5exploitability
3.5remediation
7.7relevance
2.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.