Microsoft found a critical RCE PowerShell vulnerability that could allow an attacker to launch a remote code execution vulnerability. Microsoft recommends Azure users to upgrade PowerShell to protect against the RCE vulnerability.

What Is PowerShell?

“PowerShell is a cross-platform task automation utility made up of a command-line shell, a scripting language, and a configuration management framework. PowerShell runs on most of the Windows, Linux, and macOS platforms.” Click here to read more about PowerShell.

PowerShell Vulnerability Affected Versions:

The issue lice with CVE-2021-26701. PowerShell v 7.0 & v7.1 were affected by this vulnerability, and it has been fixed in v 7.0.6 and 7.1.3, respectively. Microsoft says that Windows PowerShell v5.1 is considered safe from vulnerability.

The actual RCE PowerShell vulnerability is residing in the “System.Text.Encodings.Web” package. A web encoder package used for HTML, JavaScript, and Url character encoding.

Vulnerable Package Versions:

How To Check The PowerShell Version?

There are different ways to see the version of the PowerShell. However, we have shared three simple commands to check the PowerShell version.

1. >$PSVersionTable
2. >get-host
3. >Get-Host | Select-Object Version

How To Fix The Critical RCE PowerShell Vulnerability?

The best way to fix this Critical RCE PowerShell Vulnerability is to Upgrade PowerShell to the latest version.

• Version 7.0 to 7.0.6
• Version 7.1 to 7.1.3

PowerShell is a multi-platform utility. Here you can see the procedure to install/upgrade PowerShell on a different platform.

• Installing PowerShell on Windows
• Installing PowerShell on Linux
• Installing PowerShell on macOS
• Installing PowerShell on ARM

Thanks for reading this post. Would you mind sharing this with Azure users and making them aware of this critical RCE PowerShell vulnerability?

• Critical RCE PowerShell Vulnerability
• How to Export a Certificate From PowerShell?
• 3 Flaws in PowerShell Gallery Could Lead to Supply Chain Attacks- Common Countermeasures
• Mitigate The Print Spooler Vulnerability
• How To Mitigate The Print Spooler Vulnerability – PringNightmare CVE-2021-34527

Read More:

Is CSRF Attacks Dead?

How To Mitigate CVE-2023-22374- A High Severity Format String Vulnerability In F5 BIG-IP Products?

How to Fix CVE-2023-22809- A High-Severity Sudo Privilege Escalation Vulnerability in QNAP NAS Devices?

How To Fix CVE-2022-26809- A Critical RCE Vulnerability In Windows RPC Runtime

CISA Published A Catalog Of Known Exploited Vulnerabilities

How to Partition And Format the Hard Drives on Raspberry Pi?