Azure AD Connect – Potential vulnerability in version

A vulnerability in Azure Active Directory Connect (Azure AD Connect), the directory synchronization tool for Office 365/Azure AD, version (the latest one released last late April) has been found.

This vulnerability may lead to an elevation of privileges, under specific conditions, allowing an attacker to execute 2 PowerShell cmdlets in the context of a privileged account.

Details are available here

A new version of Azure AD Connect is under way to fix this issue; stay tuned.

UPDATE the new version is available from download here

Leave a Comment

Your email address will not be published. Required fields are marked *