Microsoft warns of critical PowerShell 7 code execution vulnerability

The_King

The_King

Level 12
Thread author
Verified
Top Poster
Well-known
Aug 2, 2020
542
Content source
https://www.bleepingcomputer.com/news/security/microsoft-warns-of-critical-powershell-7-code-execution-vulnerability/
Microsoft warns of a critical .NET Core remote code execution vulnerability in PowerShell 7 caused by how text encoding is performed in .NET 5 and .NET Core.

PowerShell provides a command-line shell, a framework, and a scripting language focused on automation for processing PowerShell cmdlets.

It runs on all major platforms, including Windows, Linux, and macOS, and it allows working with structured data such as JSON, CSV, and XML, as well as REST APIs and object models.

"Update as soon as possible"​

The company says no mitigation measures are available to block exploitation of the security flaw tracked as CVE-2021-26701.

Customers are urged to install the updated PowerShell 7.0.6 and 7.1.3 versions as soon as possible to protect their systems from potential attacks.

Microsoft's initial advisory also provides developers with guidance on updating their apps to remove this vulnerability.

"The vulnerable package is System.Text.Encodings.Web. Upgrading your package and redeploying your app should be sufficient to address this vulnerability," Microsoft explained.

Any .NET 5, .NET Core, or .NET Framework-based app using a System.Text.Encodings.Web package version listed below is exposed to attacks.

Package NameVulnerable VersionsSecure Versions
System.Text.Encodings.Web4.0.0 - 4.5.04.5.1
System.Text.Encodings.Web4.6.0-4.7.14.7.2
System.Text.Encodings.Web5.0.05.0.1

While Visual Studio also contains the binaries for .NET, it is not vulnerable to this issue, according to Microsoft's security advisory.

The update is offered to include the .NET files so that apps built using Visual Studio including .NET functionality will be protected from this security issue.

"If you have questions, ask them in GitHub, where the Microsoft development team and the community of experts are closely monitoring for new issues and will provide answers as soon as possible," Microsoft added.

Microsoft has also recently announced that it would be making it easier to update PowerShell on Windows 10 and Windows Server by releasing future updates through the Microsoft Update service.
Click to expand...
 
  • Like
  • +Reputation
  • Wow
Reactions: wat0114, Andy Ful, Kongo and 12 others
upnorth

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
  • Thanks
  • Like
Reactions: Venustus, silversurfer, ZeePriest and 3 others
You must log in or register to reply here.

Similar threads

CyberTech
    • +Reputation
    • Like
Atlassian warns of exploit for Confluence data wiping bug, get patching
Replies
0
Views
640
News Archive
CyberTech
CyberTech
upnorth
    • Like
    • Thanks
Security News Ivanti warns of critical vulnerability in its Endpoint Protection software
Replies
4
Views
3,510
Security News
vtqhtr413
vtqhtr413
Gandalf_The_Grey
    • Like
    • +Reputation
Microsoft August 2023 Patch Tuesday warns of 2 zero-days, 87 flaws
Replies
2
Views
948
News Archive
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top