PERMISSIONS FLAW FOUND ON AZURE AD CONNECT [source: threatpost]
by CIRT Team
A permissions flaw in Microsoft’s Azure AD Connect software could allow a rogue admin to escalate account privileges and gain unauthorized universal access within a company’s internal network.
Microsoft issued an advisory for the vulnerability on Tuesday. Affected are Office 365 customers running Microsoft’s Active Directory Domain Services in conjunction with Azure AD Connect software installed with the Express Settings, according to Preempt Security that first identified the vulnerability.
Microsoft didn’t release a patch to fix the bug, rather it made available a PowerShell script that adjusts the permissions of the Active Directory domain accounts to protect customers from the vulnerability. Microsoft also said future versions of affected software (after version 1.1.654.0) would not be impacted by this vulnerability.
“Before this release, the account was created with settings that allowed a user with password administrator rights the ability to change the password to a value know to them. This allowed you to sign in using this account, and this would constitute an elevation of privilege security breach. This release tightens the setting on the account that is created and removes this vulnerability,” Microsoft states.
For more, click here.