Security News > 2021 > July > Microsoft Urges Azure Users to Update PowerShell to Patch RCE Flaw
Microsoft is urging Azure users to update the PowerShell command-line tool as soon as possible to protect against a critical remote code execution vulnerability impacting.
The issue, tracked as CVE-2021-26701, affects PowerShell versions 7.0 and 7.1 and have been remediated in versions 7.0.6 and 7.1.3, respectively.
Windows PowerShell 5.1 isn't impacted by the flaw.
NET Common Language Runtime, PowerShell is a cross-platform task automation utility that consists of a command-line shell, a scripting language, and a configuration management framework.
CVE-2021-26701 was originally addressed by Microsoft as part of its Patch Tuesday update for February 2021.
Given that there are no workarounds that mitigate the vulnerability, it's highly recommended to update to the latest versions.
News URL
Related news
- Microsoft warns Azure Virtual Desktop users of black screen issues (source)
- Microsoft SharePoint RCE bug exploited to breach corporate network (source)
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- Microsoft slips Task Manager and processor count fixes into Patch Tuesday (source)
- Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble (source)
- Exploit released for critical WhatsUp Gold RCE flaw, patch now (source)
- Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console (source)
- Microsoft says premature patch could make Windows Recall forget how to work (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-25 | CVE-2021-26701 | .NET Core Remote Code Execution Vulnerability | 0.0 |