Security firm discovers outstanding vulnerability in Azure Active Directory

September 29th, 2021

Yesterday, Ax Sharma with Ars Technica revealed security company Secureworks has identified a current vulnerability in Azure Active Directory Seamless Single Sign-On.

A Secureworks threat update published by Ars Technica indicates the Secureworks Counter-Threat Unit “…reported the flaw to Microsoft on June 19…” and “…Microsoft confirmed the behavior on Juy 21…”, but Microsoft concluded the functionality was part of the way Seamless Single Sign-On is designed.

Ars Technica quotes the Secureworks Counter-Threat Unit researchers as saying “This flaw allows threat actors to perform single-factor brute-force attacks against Azure Active Directory without generating sign-in events in the targeted organization’s tenant…” The researchers also explain the vulnerability affects “…any Azure AD or Microsoft 365 organization, including organizations that use Pass-through Authentication (PTA)…” Apparently, however, user accounts without a password for Azure AD are not at risk.

» Previous Post: