AL2021_18 Microsoft Urges Azure Users to Update PowerShell to Patch RCE Flaw (6th July, 2021)

Summary

The issue which is documented as CVE 2021_26701, affects PowerShell Versions 7.0 & 7.1. Windows PowerShell 5.1 is not impacted by this issue. Windows PowerShell which is built on the .Net common Language Runtime (CLR), is a cross -platform task automation utility which consists of a command line shell, a scripting language and a configuration management framework.

Due to how text encoding is performed in .NET 5 and .NET Core there is an existing remote code execution vulnerability residing in the “System.Text.Encodings.Web” package. This package provides types for encoding and escaping strings for use in JavaScript, HTML and URLs.

Solution

Users are asked to update PowerShell as soon as possible since there are no work around for this vulnerability.

  • Version 7.0 to 7.0.6
  • Version 7.1 to 7.1.3

For more information on this PowerShell update you can follow this URL:

https://azure.microsoft.com/en-us/updates/update-powershell-versions- 70-and-71- to-protect-against-a-vulnerability/

The Guyana National CIRT recommends that users and administrators review this alert and apply updates where necessary.

PDF Download: Microsoft rges zure Users to Update PowerShell to Patch RCE Flaw.pdf

References

Lakshmanan, Ravie (4th July 2021). Microsoft Urges Azure Users to Update PowerShell to Patch RCE Flaw Retrieved from:
https://thehackernews.com/2021/07/microsoft-urges-azure-users-to- update.html

Gatlan, Sergiu (2nd July 2021). Microsoft warns of critical PowerShell 7 code execution vulnerability. Retrieved from:
https://www.bleepingcomputer.com/news/security/microsoft-warns-of- critical- powershell-7-code-execution-vulnerability/