Microsoft found a critical RCE PowerShell vulnerability that could allow an attacker to launch a remote code execution vulnerability. Microsoft recommends Azure users to upgrade PowerShell to protect against the RCE vulnerability.
What Is PowerShell?
“PowerShell is a cross-platform task automation utility made up of a command-line shell, a scripting language, and a configuration management framework. PowerShell runs on most of the Windows, Linux, and macOS platforms.” Click here to read more about PowerShell.
PowerShell Vulnerability Affected Versions:
The issue lice with CVE-2021-26701. PowerShell v 7.0 & v7.1 were affected by this vulnerability, and it has been fixed in v 7.0.6 and 7.1.3, respectively. Microsoft says that Windows PowerShell v5.1 is considered safe from vulnerability.
The actual RCE PowerShell vulnerability is residing in the “System.Text.Encodings.Web” package. A web encoder package used for HTML, JavaScript, and Url character encoding.
Vulnerable Package Versions:
| Package Name | Vulnerable Versions | Secure Versions |
|---|---|---|
| System.Text.Encodings.Web | 4.0.0 – 4.5.0 | 4.5.1 |
| System.Text.Encodings.Web | 4.6.0-4.7.1 | 4.7.2 |
| System.Text.Encodings.Web | 5.0.0 | 5.0.1 |
Table #1: PowerShell vulnerability affected version
How To Check The PowerShell Version?
There are different ways to see the version of the PowerShell. However, we have shared three simple commands to check the PowerShell version.
- >$PSVersionTable
- >get-host
- >Get-Host | Select-Object Version
How To Fix The Critical RCE PowerShell Vulnerability?
The best way to fix this Critical RCE PowerShell Vulnerability is to Upgrade PowerShell to the latest version.
• Version 7.0 to 7.0.6
• Version 7.1 to 7.1.3
PowerShell is a multi-platform utility. Here you can see the procedure to install/upgrade PowerShell on a different platform.