Security News > 2021 > July > Microsoft warns of critical PowerShell 7 code execution vulnerability

Microsoft warns of critical PowerShell 7 code execution vulnerability
2021-07-02 13:20

NET Core remote code execution vulnerability in PowerShell 7 caused by how text encoding is performed in.

PowerShell provides a command-line shell, a framework, and a scripting language focused on automation for processing PowerShell cmdlets.

Microsoft's initial advisory also provides developers with guidance on updating their apps to remove this vulnerability.

"The vulnerable package is System.Text.Encodings.Web. Upgrading your package and redeploying your app should be sufficient to address this vulnerability," Microsoft explained in April when the security flaw was patched.

"If you have questions, ask them in GitHub, where the Microsoft development team and the community of experts are closely monitoring for new issues and will provide answers as soon as possible," Microsoft added.

Microsoft has also recently announced that it would be making it easier to update PowerShell on Windows 10 and Windows Server by releasing future updates through the Microsoft Update service.


News URL

https://www.bleepingcomputer.com/news/security/microsoft-warns-of-critical-powershell-7-code-execution-vulnerability/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 365 50 1369 2819 161 4399