macOS devices bound to Active Directory

• macOS devices bound to Active Directory and CVE-2021-42287

         Vulnerability details:

In the Fall of 2021, Microsoft identified a security issue present in Active Directory Domain Services (ADDS) known as CVE-2021-42287. This vulnerability may allow potential attackers to impersonate domain controllers. The issue is a security bypass vulnerability that affects the Kerberos Privilege Attribute Certificate, or PAC.

• Apple is actively telling customers to move away from binding mac to Active Directory since it’s not a preferred approach

 

Ask: What should be MS take on above CVE with respect to Mac OS and Apple's approach.

E.g. Should we ask customers to move away from AD or any specific thing we can ask customer to look into.