CVE 2021 26701 - Microsoft, keeping it real for fourth of July weekend

  • Be sure to checkout “Tips & Tricks”
    Dear Guest Visitor → Once you register and log-in:

    This forum does not automatically send notices of new content. So if, for example, you would like to be notified by mail when Steve posts an update to his blog (or of any other specific activity anywhere else), you need to tell the system what to “Watch” for you. Please checkout the “Tips & Tricks” page for details about that... and other tips!

    /Steve.

CrabRock

New member
Jul 5, 2021
1
0
A few news outlets have been sort of chasing a somewhat cryptic warning issued from Microsoft on Thursday, right before the holiday weekend, titled: Update PowerShell versions 7.0 and 7.1 to protect against a vulnerability.

Microsoft writes:
If you manage yoiur Azure resources from PowerShell version 7.0 or 7.1, we’ve released new versions of PowerShell to address a .NET Core remote code execution vulnerability in versions 7.0 and 7.1.
We recommend that you install the updated versions as soon as possible.

Windows PowerShell 5.1 isn’t affected by this issue.


Also included is a link to https://github.com/advisories/GHSA-ghhp-997w-qr28 showing limited details about the vulnerability.

I find this warning and the corresponding github page difficult to decode.
  • Is the risk limited to just Azure management via Powershell?
  • Are they recommending everyone update powershell across their server infrastructure? Or to update powershell on servers running applications that use the DOT NET framework?
Is this a sloppy warning, as indicating by spelling mistake "yoiur", that they tried to send out before heading out for a 4 day weekend? Should it just concern DOT devs or System Admins too?

Any one else following this? Any thoughts?