Open Am-Na-D opened 4 months ago
Hi @Am-Na-D, thank you for the question!
The threat is similar to the SQL injections - using the Invoke-Expression
command can lead to arbitrary code execution. So a developer must be sure of what he does, and avoid this command if possible. That's why your antivirus software complains about this code.
Please check this: https://learn.microsoft.com/powershell/scripting/dev-cross-plat/security/preventing-script-injection
Thanks @DenisNikulin5 honestly, this command is inside one of azure devops server tasks and when we use it inside the release, it doesn't work correctly now I understand why that doesn't work correctly I wanna know if other companies that use this task face this problem. and how to solve them the task uses Winrm to make a connection between 2 servers and with this command try to manage the IIS
@Am-Na-D Please create an issue in https://github.com/microsoft/azure-pipelines-extensions. Looks like it doesn't relate to the tasks in this repository.
For a fast workaround, I would suggest including the file in a whitelist for your antivirus software.
Task name
Winrm IIS Web App Management
Task version
3.*
Environment type (Please select at least one enviroment where you face this issue)
Azure DevOps Server type
dev.azure.com (formerly visualstudio.com)
Azure DevOps Server Version (if applicable)
Azure Devops Server 2022.0.1
Operation system
windows server 2022 /2019/2016
Question