it.ucsf.edu

Security Update:Microsoft released a security update to address a HIGH vulnerability in PowerShell Core

Status Type

Security Update

Date and Time

Wednesday, July 17, 2019 - 15:03

Reason

Security update

Impact

PowerShell Core users

WHAT HAPPENED?

Microsoft released a security update to address a HIGH vulnerability in PowerShell Core.

 

Advanced Users: For a complete description and affected software refer to CVE-2019-1167: Windows Defender Application Control Security Feature Bypass Vulnerability at: https://github.com/PowerShell/PowerShell/security/advisories/GHSA-5frh-8cmj-gc59 - user-content-affected-software

 

AFFECTED SYSTEMS:

  • PowerShell Core Version 6.1 and 6.2

 

WHAT'S THE PROBLEM?

An attacker could exploit this vulnerability to take control of an affected system.

 

HOW DO I PROTECT MY COMPUTER?

Update your software

  1. If you are supported by ITFS or have different IT support, no action on your part is required.
  2. If you do not have IT support or they do not support your computer, update PowerShell Core to an unaffected version. See the advisory listed above.

 

RELATED LINKS

IT Security http://it.ucsf.edu/security