Microsoft PowerShell Security Feature Bypass Vulnerability

A security feature bypass vulnerability has been identified in Microsoft PowerShell versions 7.4.0 prior to 7.4.14 and 7.5.0 prior to 7.5.5. This vulnerability arises from improper input validation, which allows an unauthorized attacker to locally bypass dynamic-expression security checks. Exploiting this issue could lead to arbitrary code execution, particularly when the -SkipLimitCheck option is used with the Import-PowerShellDataFile command.

Impact

Bypassing the dynamic-expression security checks could allow for arbitrary code execution, especially when the -SkipLimitCheck switch is used with Import-PowerShellDataFile.

Remediation

Users can download the security update for PowerShell 7.4 from the GitHub PowerShell Announcements page. The security update for PowerShell 7.5 is also available on the same page. After applying the update, users should verify that they have upgraded to version 7.4.14 or 7.5.5, respectively.