Microsoft is urging Azure buyers to update the PowerShell command-line instrument as before long as feasible to defend from a critical distant code execution vulnerability impacting .NET Main.
The issue, tracked as CVE-2021-26701 (CVSS score: 8.1), influences PowerShell variations 7. and 7.1 and have been remediated in versions 7..6 and 7.1.3, respectively. Windows PowerShell 5.1 isn’t really impacted by the flaw.
Built on the .NET Frequent Language Runtime (CLR), PowerShell is a cross-system undertaking automation utility that consists of a command-line shell, a scripting language, and a configuration administration framework.
- Method.Textual content.Encodings.Web (variation 4.. – 4.5.) – Fastened in model 4.5.1
- Program.Text.Encodings.Web (version 4.6. – 4.7.1) – Fastened in model 4.7.2
- System.Textual content.Encodings.Web (version 5..) – Preset in variation 5..1
CVE-2021-26701 was originally resolved by Microsoft as element of its Patch Tuesday update for February 2021. Given that there are no workarounds that mitigate the vulnerability, it is really very encouraged to update to the hottest variations.
Uncovered this short article exciting? Follow THN on Facebook, Twitter and LinkedIn to go through additional special articles we put up.
Some components of this write-up are sourced from: