Microsoft has issued a warning to users of PowerShell 7.0 and 7.1 to update their software to protect against a .NET Core remote code execution vulnerability.
Tracked as CVE-2021-26701, the vulnerability is described as critical and could affect Windows, macOS and Linux. The security issue has been known about for a little while, but Microsoft is only now urging users to install updates to ensure that they are protected.
Microsoft says that it “is releasing this security advisory to provide information about a vulnerability in .NET 5.0, and .NET Core 3.1 which were released with PowerShell 7.0 and 7.1. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability”.
A remote code execution vulnerability exists in .NET 5 and .NET Core due to how text encoding is performed.
In a post on the Microsoft Azure website, the company says:
If you manage your Azure resources from PowerShell version 7.0 or 7.1, we’ve released new versions of PowerShell to address a .NET Core remote code execution vulnerability in versions 7.0 and 7.1.
We recommend that you install the updated versions as soon as possible.
Windows PowerShell 5.1 isn’t affected by this issue.
As there is no way to mitigate against the vulnerability, users are being encourages to install the latest update for their version of the software. Anyone running PowerShell 7.0 needs to update to version 7.0.6, while anyone using PowerShell 7.1 need to install version 7.1.3.
Anyone with queries about the vulnerability is encourage to post question on GitHub.