Microsoft is warning customers of a bug in its Azure Active Directory Connect product that could allow an adversary to escalate privileges and reset passwords and gain unauthorized access to user accounts. The advisory (4033453) was issued Tuesday via Microsoft’s TechNet website for the vulnerability which it rated “important.” The advisory includes ways to determine a company’s exposure to the vulnerable. Remediation includes upgrading to the latest version of Azure AD Connect (1.1.553.0).