Update PowerShell 7.0 & 7.1 To Protect Your Azure Resources From Hackers Against .NET Core RCE Bug

https://gbhackers.com/update-powershell-7-0-7-1/

Given that there is no workaround mitigation, Microsoft extremely recommended upgrading from PowerShell Version 7.0 to 7.0.6 & & Version 7.1 to 7.1.3. You can download the new version of PowerShell here.

Any following.NET 5,. INTERNET Core, or.NET Framework-based application that utilizes the System.Text.Encodings.Web plan with a susceptible variation.

PowerShell is a scripting language that is built on the.NET Common Language Runtime (CLR) and is developed with the features to run cross-platform includes on Windows, Linux, and macOS.

Microsoft issued a security update for Azure users against a critical Remote code execution bug that affects.NET Core at PowerShell Variation 7.0 & & 7.1, and the bug allows hackers to access to your Azure resources remotely.

System.Text.Encodings.Web
4.0.0– 4.5.0
4.5.1

System.Text.Encodings.Web
4.6.0-4.7.1.
4.7.2.

Package Name
Vulnerable Versions
Protect Versions

System.Text.Encodings.Web.
5.0.0.
5.0.1.

The Vulnerability can be tracked as CVE-2021-24112 that is impacted by the.NET 5.0,. WEB Core 3.1, and.NET Core 2.1 also keep in mind that Windows PowerShell 5.1 isnt impacted by this problem.

According to a Microsoft report “The vulnerable plan is System.Text.Encodings.Web. Upgrading your bundle and redeploying your app ought to be enough to address this vulnerability.”

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.