Security Vulnerability Revealed in Azure Active Directory Connect
The existence of a new and potentially serious privilege escalation and password reset vulnerability in Azure Active Directory Connect (AADC) was recently made public by Microsoft.
https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnectsync-whatis
Fixing the problem can be achieved by means of an upgrade to the latest available release of AADC 1.1.553.0.
https://www.microsoft.com/en-us/download/details.aspx?id=47594
The Microsoft security advisory qualifies the issue as important and was published on Technet under reference number 4033453:
https://technet.microsoft.com/library/security/4033453.aspx#ID0EN
Azure Active Directory Connect as we know takes care of all operations related to the synchronization of identity information between on-premises environments and Active Directory Federation Services (ADFS) in the cloud.… [Keep reading] “Security Vulnerability Revealed in Azure Active Directory Connect”