[et_pb_section bb_built=”1″ fullwidth=”on” _builder_version=”3.0.90″ background_image=”https://www.mdsny.com/wp-content/uploads/2017/08/125007_image_original.jpg” background_position=”center_right” custom_padding=”0px|0px|0px|0px”][et_pb_fullwidth_header title=”Did You Know: Azure Active
Directory Connect Vulnerability” text_orientation=”center” title_font_color=”#ffffff” _builder_version=”3.0.65″ title_font=”Droid Serif||||” title_font_size=”37px” title_text_color=”#ffffff” /][/et_pb_section][et_pb_section bb_built=”1″ _builder_version=”3.0.65″ custom_padding=”12px|0px|0px|0px”][et_pb_row make_fullwidth=”on” custom_padding=”27px|1px|0px|2px” _builder_version=”3.0.65″][et_pb_column type=”4_4″][et_pb_text _builder_version=”3.0.65″ text_font=”Droid Serif||||” text_font_size=”18px”]
By David Mobley, Senior IAM & Information Security Consultant, MDS.
On 12/12/2017, Microsoft released a security advisory for all users who are currently using Azure Active Directory Connect.
This security alert details a specific vulnerability for the account created to install and administer the application. The account was created with settings that allowed a user with password administrator rights the ability to change the password to a value known to them. This allowed you to sign in using this account, and this would constitute an elevation of privilege.
Microsoft has provided a new version of Azure AD Connect that fixes this issue, as well as a PowerShell script that changes to permissions of this account to close this vulnerability. You can see more information on Security Hotfix for Azure AD Connect and Security Advisory.
Maureen Data Systems can help you close this vulnerability and run a full security assessment to keep you safe from other potential threats.
Please contact us at contactus@mdsny.com to set up an appointment to talk to one of our cybersecurity experts.
[/et_pb_text][et_pb_code _builder_version=”3.0.65″ /][/et_pb_column][/et_pb_row][/et_pb_section][et_pb_section bb_built=”1″ admin_label=”section” background_color=”#8d8c91″ _builder_version=”3.0.65″ custom_padding=”4px|0px|20px|0px”][et_pb_row admin_label=”row” make_fullwidth=”on” custom_padding=”10px|0px|27px|0px” _builder_version=”3.0.47″ background_size=”initial” background_position=”top_left” background_repeat=”repeat”][et_pb_column type=”4_4″][et_pb_cta title=”Pulling the plug doesn’t have to be your only security solution.” button_url=”https://www.mdsny.com/contact/” button_text=”Contact Us” use_background_color=”off” _builder_version=”3.0.65″ header_font=”Droid Sans|on|||” header_font_size=”31px” body_font=”Droid Sans||||” body_font_size=”19px” background_size=”initial” background_position=”top_left” background_repeat=”repeat” custom_button=”on” button_text_color=”#2d3743″] Don’t become part of a rising statistic — ensure your company is armed against a security hack.
[/et_pb_cta][/et_pb_column][/et_pb_row][/et_pb_section]