Azure Active Directory (AD) Connect

Microsoft released Azure AD Connect version 1.1.553.0 to address a vulnerability that could appear if the password writeback feature is misconfigured. Successful exploitation of this vulnerability could allow a threat actor to reset passwords and gain unauthorized access to arbitrary on-premises AD privileged user accounts. The NJCCIC recommends administrators of Azure AD Connect review Microsoft Security Advisory 4033453 and update to the latest release as soon as possible.