A short note for people who using PowerShell. On January 8, 2019, Microsoft also closed a vulnerability in PowerShell with security updates. This affects the loopback behavior of the PowerShell.
Advertising
The Windows security patch CVE-2019-0543 closed an Elevation of Privilege vulnerability in PowerShell. This occurred because Windows handled authentication requests improperly. An attacker could exploit this vulnerability by running a specially developed application on the affected system. The update fixed the vulnerability by correcting the way Windows handles authentication requests.
This security patch affects local loopback remoting when a PowerShell remote connection is made to the same machine and no administrator credentials are used. By default, PowerShell remoting endpoints do not allow access to non-administrator accounts. However, you can change endpoint configurations or create new custom endpoint configurations that allow access to non-administrator accounts.
So you are not affected by this change unless you explicitly set up loopback endpoints on your computer to allow access to non-administrator accounts. What there is to know is collected by Microsoft in the MSDN blog post Windows Security change affecting PowerShell.
