Security News > 2017 > December > Flaw in Office 365 with Azure AD Connect could result in domain compromise

The Preempt research team has uncovered a vulnerability with Microsoft Office 365 when integrated with an on-premises Active Directory Domain Services (AD DS) using Azure AD Connect software that unnecessarily gives users elevated administrator privileges, making them “stealthy” administrators. Preempt discovered this surprising issue was occurring when customers were installing Microsoft Office 365 with Azure AD Connect software for on-premise AD DS integration (hybrid deployment). “Most Active Directory audit systems easily alert on excessive privileges, … More →

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/hCbgZQIK41Q/