How to remediate the Microsoft Azure AD Connect 2.x(CVE-2021-36949)?

Modified on Sun, 16 Mar at 5:50 PM


Description:

The version of Microsoft Azure AD Connect installed on the remote host is prior to 2.2.1.0. To ensure your system has the latest security fixes and features, upgrade to 2.2.1.0 or higher.


Instructions to Upgrade:

  1. Visit the official Microsoft download page:
    Microsoft Azure AD Connect Download
  2. Click the Download button to download the .msi file.
  3. Run the .msi file and follow the installation instructions to complete the update.


Automated Remediation Using SanerNow PM:

SanerNow PM allows you to remediate vulnerabilities for applications requiring subscription-based or paid patches by creating an automated remediation job using a custom remediation script. For detailed steps, refer to the following guide:
SanerNow PM Third-Party Application Patching


Additional Security Measures:

In addition to applying the update for CVE-2021-36949, it is recommended to disable NTLM on the Azure AD Connect server. Follow the guidelines provided in the official Microsoft documentation:
Harden Your Azure AD Connect Server


References:


Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article