On BleepingComputer I found below Article:
Source
Microsoft has released new versions of PowerShell Core to fix a vulnerability that allows a local attacker to bypass Windows Defender Application Control (WDAC) enforcements. This could allow the attacker to execute untrusted programs even with WDAC enabled.
To check the current version of Powershell: Start -> Run-> Type "Powershell"
This will open a Powershell window -> Type "$psversiontable"
To upgrade to a higher version of at least 6.1.5 go to https://aka.ms/pscore6 as suggested by Microsoft
Here you will find the version for Windows. This will point you to Github releases.
I chose v6.2.2 as latest stable release and downloaded the .msi file
I ran System File Checker: sfc /scannow and that showed mismatch
From Microsoft: The System File Checker (SFC) tool flags files in %windir%\System32\WindowsPowerShell\v1.0\Modules\Defender as corrupted or damaged. You see error messages such as the following:
Hashes for file member do not match.
Because SFC incorrectly flags the files in %windir%\System32\WindowsPowerShell\v1.0\Modules\Defender, you can safely ignore the SFC error messages regarding these files.
Now you can run pwsh -v and it will tell you: PowerShell 6.2.2
donderdag 18 juli 2019
Abonneren op:
Posts (Atom)