Vulnerability in Active Directory Federation Services could allow an attacker to obtain information related to the service account being used. An attacker could then attempt logons from outside the corporate network, which would result in account lockout of the service account used by AD FS if an account lockout policy has been configured. This would result in denial of service for all applications relying on the AD FS instance.
Read Security Bulletin MS13-066 here – http://technet.microsoft.com/en-us/security/bulletin/MS13-066