Security News > 2021 > July > Microsoft Urges Azure Users to Update PowerShell to Patch RCE Flaw
Microsoft is urging Azure users to update the PowerShell command-line tool as soon as possible to protect against a critical remote code execution vulnerability impacting.
The issue, tracked as CVE-2021-26701, affects PowerShell versions 7.0 and 7.1 and have been remediated in versions 7.0.6 and 7.1.3, respectively.
Windows PowerShell 5.1 isn't impacted by the flaw.
NET Common Language Runtime, PowerShell is a cross-platform task automation utility that consists of a command-line shell, a scripting language, and a configuration management framework.
CVE-2021-26701 was originally addressed by Microsoft as part of its Patch Tuesday update for February 2021.
Given that there are no workarounds that mitigate the vulnerability, it's highly recommended to update to the latest versions.
News URL
Related news
- Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score (source)
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws (source)
- February's Patch Tuesday sees Microsoft offer just 63 fixes (source)
- Microsoft’s Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation (source)
- Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws (source)
- Microsoft names alleged credential-snatching 'Azure Abuse Enterprise' operators (source)
- Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme (source)
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-25 | CVE-2021-26701 | .NET Core Remote Code Execution Vulnerability | 0.0 |