Azure – Another security problem with Azure AD Connect

It has just been published (December 12th, 2017), a new potential security hole in Azure AD Connect (at least version 1.1.649.0, the advisory bulletin does not specify the impacted version(s)) which could leads the Azure AD Connect service account with insufficient restriction when Azure AD Connect automatically creates it.

See the advisory bulleting available at for more details and additional actions to lockdown the service.

You are also invited to upgrade to the latest version (1.1.654.0) from

Leave a Comment

Your email address will not be published. Required fields are marked *

The reCAPTCHA verification period has expired. Please reload the page.