"Microsoft's Active Directory Certificate Services (AD CS) is affected by a vulnerability whereby certificate templates using schema version 1 allow the requester to specify the application policies in the form of OIDs to be included in the signed certificate ..."