You might have noticed on Microsoft’s download site that Azure Active Directory Connect received an update, but unless you were also reading through this month’s security announcements you may have missed the reason for the update.
Microsoft Azure Active Directory Connect has a severe elevation of privilege vulnerability for which there is no mitigation nor workaround other than just installing the new version.
An elevation of privilege vulnerability exists in Microsoft Azure Active Directory Connect build 188.8.131.52, which allows an attacker to execute two PowerShell cmdlets in context of a privileged account, and perform privileged actions.
To exploit this, an attacker would need to authenticate to the Azure AD Connect server. These cmdlets can be executed remotely only if remote access is enabled on the Azure AD Connect server.
Microsoft recommends updating manually to ensure your environment is safe. Here’s the download page: Microsoft Azure Active Directory Connect