Powershell Security
The latest Powershell Security coverage — news, analysis, and updates from the WindowsNews.AI desk.
CVE-2026-26143: PowerShell Security Feature Bypass Vulnerability Analysis and Mitigation
Microsoft has assigned CVE-2026-26143 to a PowerShell security feature bypass vulnerability that security researchers consider credible enough for immediate attention. The vulnerability, which...
KB5071546 Windows 10 ESU Patch: PowerShell Hardening Breaks Shell Tools and Start Menu
Microsoft's December 2024 Windows 10 Extended Security Update (ESU) patch KB5071546 arrived with a clear security mission: to harden PowerShell 5.1 against emerging threats. However, within 48 hours...
December 2025 Patch Tuesday: 75 flaws fixed, final 2025 update adds PowerShell prompts
Microsoft's December 2025 Patch Tuesday arrived on December 9th with critical security updates addressing vulnerabilities across multiple Windows components, including PowerShell, Cloud Files, and...
PowerShell CVE-2025-54100 Patch Changes Invoke-WebRequest Behavior, Adds Interactive Prompts
Microsoft's recent security update addressing CVE-2025-54100 has introduced a significant behavioral change to PowerShell's Invoke-WebRequest cmdlet that's affecting scripts, automation workflows,...
PowerShell 5.1 Security Hardening Breaks Web Automation — How to Fix It Now
Microsoft’s latest Windows update, released on December 9, 2025, introduces a security confirmation prompt in PowerShell 5.1 that stops Invoke-WebRequest whenever it would parse a web page using...
CVE-2025-25004: Critical PowerShell LPE Vulnerability Requires Immediate Patching
Microsoft has disclosed a critical local privilege escalation vulnerability in PowerShell, designated CVE-2025-25004, that allows attackers to elevate privileges on affected Windows systems. The...
Interlock Ransomware 2025: Technical Evolution, Attack Strategies, and Defense Best Practices
Interlock ransomware, once a relatively obscure threat in the final months of 2024, has rapidly evolved into one of the most sophisticated and disruptive ransomware families impacting organizations...
PowerShell 2.0 Removal from Windows 11: Security Risks & Migration Guide
Microsoft has officially removed PowerShell 2.0 from Windows 11 preview builds, marking the end of an era for the legacy scripting tool that first launched with Windows 7. This decisive move comes...
Microsoft 365 Direct Send Phishing: How to Protect Your Business Now
Microsoft 365's Direct Send feature, designed to simplify email delivery for applications and devices, has become an unwitting accomplice in sophisticated phishing campaigns. Security researchers...
Microsoft 365's Direct Send Feature Exploited in Phishing Attacks: What You Need to Know
Microsoft 365's Direct Send feature, designed to simplify internal email routing, has become an unexpected weapon in cybercriminals' phishing arsenals. Security researchers have uncovered...
Microsoft 365 Direct Send Phishing: How to Secure Your Business Email
Cybercriminals are increasingly exploiting Microsoft 365's Direct Send feature in sophisticated phishing campaigns, bypassing traditional email security measures. This alarming trend highlights...
KB5061096 Critical Patch Closes Remote PowerShell Code Execution Flaws
Introduction Microsoft has recently released KB5061096, a critical security update for Windows PowerShell, aimed at addressing vulnerabilities that could be exploited remotely. This update is...