Security News > 2021 > July > Microsoft Urges Azure Users to Update PowerShell to Patch RCE Flaw
Microsoft is urging Azure users to update the PowerShell command-line tool as soon as possible to protect against a critical remote code execution vulnerability impacting.
The issue, tracked as CVE-2021-26701, affects PowerShell versions 7.0 and 7.1 and have been remediated in versions 7.0.6 and 7.1.3, respectively.
Windows PowerShell 5.1 isn't impacted by the flaw.
NET Common Language Runtime, PowerShell is a cross-platform task automation utility that consists of a command-line shell, a scripting language, and a configuration management framework.
CVE-2021-26701 was originally addressed by Microsoft as part of its Patch Tuesday update for February 2021.
Given that there are no workarounds that mitigate the vulnerability, it's highly recommended to update to the latest versions.
News URL
Related news
- Microsoft July 2024 Patch Tuesday fixes 142 flaws, 4 zero-days (source)
- Major Microsoft 365 outage caused by Azure configuration change (source)
- Microsoft 365 and Azure outage takes down multiple services (source)
- Microsoft: DDoS defense error amplified attack on Azure, leading to outage (source)
- Microsoft says massive Azure outage was caused by DDoS attack (source)
- 'Error' in Microsoft's DDoS defenses amplified 8-hour Azure outage (source)
- Microsoft Confirms Global Azure Outage Caused by DDoS Attack (source)
- Microsoft Azure outage takes down services across North America (source)
- Microsoft discloses Office zero-day, still working on a patch (source)
- Microsoft Reveals Four OpenVPN Flaws Leading to Potential RCE and LPE (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-25 | CVE-2021-26701 | .NET Core Remote Code Execution Vulnerability | 8.1 |