Microsoft recommends installing the renewed versions of PowerShell 7 without suspension to save toward a remote code execution (RCE) vulnerability. NET.
What Is Powershell?
PowerShell is a contour control structure that gives a command-line carapace and a scripting language for job automation. It is powered by .NET, which utilizes a line encoding unit that has freshly been covered upon an RCE vulnerability.
“If you maintain your Azure sources from PowerShell variant 7.0 or 7.1, we have launched new variants of PowerShell to inscribe a .NET Core RCE vulnerability in reports 7.0 and 7.1.
We suggest that you install the renewed versions as quickly as possible,” stated the latest posted on Microsoft Azure’s website.
With a rate of 9.8, the .NET vulnerability has been recognized as a significant vulnerability and was covered in April.
The vulnerability, followed as CVE-2021-26701, discover in the System.Text.Encodings.
To bypass slipping victim to the vulnerability, Microsoft is asking customers to update from PowerShell v7.0 to 7.0.6. Furthermore, customers of PowerShell v7.1 must shift to v7.1.3.
Ahead of PowerShell, Microsoft’s prior announcement further guides developers to exclude this vulnerability from theirs. NET-related applications.
“The alarming unit is System.Text.Encodings.Web. Updating your unit and redeploying your application must be enough to mark this vulnerability,” revealed Microsoft.