Microsoft has warned of a critical remote code execution vulnerability in PowerShell 7. The problem exists due to incorrect text encoding in .NET 5 and .NET Core.

The flaw received the identifier CVE-2021-26701, and to protect systems from cyberattacks, customers are advised to install PowerShell versions 7.0.6 and 7.1.3 as soon as possible.

Any application using vulnerable versions of System.Text.Encodings.Web is open to cyberattacks. According to the published information, these versions are from 4.0.0 to 4.5.0, from 4.6.0 to 4.7.1, and 5.0.0.

Source: anti-malware.ru