The flaw lets an attacker use the same second factor to bypass multifactor authentication for any account on the same ADFS service. A newly discovered vulnerability in Microsoft's Active Directory Federation Services (ADFS) lets threat actors bypass multifactor authentication (MFA) as long as they have the username and password for another person on the same ADFS service. Microsoft patched the fla