This is a companion discussion topic for the original entry at https://blog.ironmansoftware.com/powershell-universal-apis-cve/
Does this not affect 1.6.x?
We have a site running that is considered “to complex to upgrade”
I would argue that Adam is not mentioning v1 or v2 because they are outdated and no longer supported
Indeed, I expect that as well.
Confirmation would be nice though
It looks like the same vulnerability was present as far back at 1.5. I just checked the source.
If your PowerShell Universal trial license was affected by the Security Update, please reach out to the Ironman Software Support Team at Product Support - Ironman Software. We will be able to provide an extension to your trial license.
I applaud the speed you guys patches CVE’s.
But as every update since the release of 4.2.1 has introduced site-destroying bugs, we are still running unpatched on most of our sites.
I think I might be cursed in that regard.
QA needs to improve