Azure – Another security problem with Azure AD Connect

It has just been published (December 12th, 2017), a new potential security hole in Azure AD Connect (at least version 1.1.649.0, the advisory bulletin does not specify the impacted version(s)) which could leads the Azure AD Connect service account with insufficient restriction when Azure AD Connect automatically creates it.

See the advisory bulleting available at https://docs.microsoft.com/en-us/security-updates/securityadvisories/2017/4056318 for more details and additional actions to lockdown the service.

You are also invited to upgrade to the latest version (1.1.654.0) from http://go.microsoft.com/fwlink/?LinkId=615771

Leave a Comment

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.