An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session, aka 'Windows Information Disclosure Vulnerability'.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1172