Thursday, May 26, 2022
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory
  • Login
  • Register
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • How-Tos
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • Video
No Result
View All Result
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • How-Tos
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • Video
No Result
View All Result
Cloud7 News
No Result
View All Result

Home > Cybersecurity > Update your PowerShell to fix the WDAC bypass vulnerability

Update your PowerShell to fix the WDAC bypass vulnerability

WDAC protects Windows devices against potential malicious software by checking the applications and drivers running whether they are in the trusted apps list or not.

Atalay Kelestemur by Atalay Kelestemur
October 18, 2021
in Cybersecurity
1 min read
0 0
0
Update your PowerShell to fix the WDAC bypass vulnerability
0
SHARES
131
VIEWS
Share on FacebookShare on TwitterShare on EmailFollow on Google News

Microsoft announced a patch for PowerShell 7 that fixes two vulnerabilities allowing attackers to bypass WDAC (Windows Defender Application Control) enforcement and gain access to credentials written in plain text. Microsoft released PowerShell 7.0.8 and PowerShell 7.1.5 to fix the vulnerabilities in PowerShell version 7 and 7.1 branches in September and October.

Security flaws in PowerShell

WDAC protects Windows devices against potential malicious software by checking the applications and drivers running whether they are in the trusted apps list or not. If the application is in the list, it allows Windows operating system to run the software. Otherwise, it blocks the malware or unwanted software from launching. If the WDAC security layer is enabled, PowerShell automatically goes in to constrained language mode and allows access to only a limited set of Windows APIs.

When the vulnerability tracked as CVE-2020-0951 is exploited, the attacker can bypass the Windows Defender Application Control security feature by manipulating the WDAC allow-list, and execute PowerShell commands, which in normal conditions should be blocked when WDAC is enabled. The second vulnerability is tracked as CVE-2021-41355 is an information disclosure in .NET Core. By exploiting this vulnerability, the attacker can access the credentials in clear text on devices running non-Windows platforms.

To check the PowerShell version, you can execute the command below, from the Command Prompt. If your version is lower than the versions mentioned above, we strongly advice you to update your PowerShell to the secure versions that are PowerShell 7.0.8 and PowerShell 7.1.5 as soon as possible.

pwsh -v

See more Cyber Security News


ShareTweetSendShare
Get free daily newsletters from Cloud7 News Get the Cloud7 Newsletter

Check your inbox or spam folder to confirm your subscription.

By subscribing, you agree to our
Copyright Policy and Privacy Policy
Previous Post

NeuVector granted two new patents

Next Post

OVHcloud makes its debut on Euronext Paris

Atalay Kelestemur

Atalay Kelestemur

Atalay Kelestemur is the Editor-in-Chief of Cloud7 News. He was most recently the chief editor of T3. Prior to that, he was the managing editor of BYTE. He also served as software editor in PC World. Atalay Kelestemur has covered the technology industry since 1996, publishing articles in PC Net, IT Pro, Computer World, PC Life, CyberMag, and CIO magazines. Atalay Kelestemur is an information system security professional and his area of expertise includes Linux security, penetration testing, secure software development, malware removal, and computer forensics. Atalay Kelestemur is the author of Pardus 2011, Ubuntu, Windows 8, and Siber Istihbarat (Cyber Intelligence). Atalay graduated with a Bachelor's Degree in Maritime from Istanbul Technical University. He earned a master's degree in political science from Gedik University, where he wrote his thesis on The Importance of Cyber Intelligence on Public Security. Now he is working on his Ph.D. thesis on international trade, covering the cybersecurity threats and countermeasures on the maritime industry.

Related News

StackPatch unveils new WAF packages

StackPath unveils new WAF packages

May 24, 2022 4:56 pm

Word files embedded in PDF files are carrying keyloggers

May 24, 2022 2:24 pm
QNAP NAS devices are vulnerable once more

QNAP NAS devices are vulnerable once more

May 24, 2022 2:14 pm
Russian bank is under heavy DDoS attack

Russian bank is under heavy DDoS attack

May 23, 2022 3:28 pm
Next Post
OVHcloud makes its debut on Euronext Paris

OVHcloud makes its debut on Euronext Paris

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Editor's Choice

Interview with Igor Seletskiy on AlmaLinux

7 best hosting control panels

How to update Linux Kernel without rebooting?

7 best Linux mail servers for 2022

7 best cPanel alternatives for 2022

7 best Linux web browsers for 2022

cPanel Security: 7 steps to secure cPanel

7 best CentOS alternatives

7 best Linux server distros for 2022

How to scan your server for Log4j (Log4Shell) vulnerability

Best web hosting service providers

AlmaLinux 8.6 Stable is ready to download

Ubuntu 22.04 LTS is available for download. What is new?

Advertisement

Recent News

  • Samsung and Red Hat teaming up for next-generation memory software
  • Microsoft introduced open-source XDP for Windows
  • Nvidia has announced new hardware focusing on AI-enabled data centers
  • Ubuntu 22.04 LTS has received new kernel security updates
  • NGINX 1.22 is released

Our Latest Interview

Interview: Erez Barak, Vice President Observability of Sumo Logic
Interview

Interview: Erez Barak, Vice President Observability of Sumo Logic

by Atalay Kelestemur
November 25, 2021 3:23 am


Cloud7 News is a news source that publishes the latest news, industry news and exclusive interviews on web hosting, cloud computing, data center, cybersecurity and linux.

News Categories

  • Web Hosting
  • Cloud Computing
  • Data Center
  • Cybersecurity
  • Linux
  • Network/Internet
  • Software
  • Hardware
  • Blockchain

Our Free Modules

  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

Get the Cloud7 Newsletter

Get FREE daily newsletters from Cloud7 delivering the latest news and reviews.

  • About Us
  • Privacy & Policy
  • Copyright Policy
  • Contact

© 2022, Cloud7 News. Latest Cloud Computing, Web Hosting, Data Center Industry and Tech News

No Result
View All Result
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • How-Tos
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • Video
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

© 2022, Cloud7 News. Latest Cloud Computing, Web Hosting, Data Center Industry and Tech News

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

*By registering into our website, you agree to the Terms & Conditions and Privacy Policy.
All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.