Kaido Jarvemets - Logo

Disable Windows PowerShell 2.0 on your systems

Introduction

Windows PowerShell 2.0 is outdated and should no longer be present on your systems. If you haven’t checked your systems, it’s time to audit your workstations and servers. If you find Windows PowerShell 2.0, disable it and update as necessary.

Many companies have yet to remove it or update the Windows Management Framework on their servers. If you’re still using Windows Server 2008 R2 and Server 2012R2, perform an audit and update them to WMF 5.1.

Ideally, these older servers should be upgraded to a newer operating system, but we understand that application compatibility can sometimes make this difficult.

Download WMF 5.1 here: https://www.microsoft.com/en-us/download/details.aspx?id=54616

Read the Windows Management Framework 5.x release notes: https://learn.microsoft.com/en-us/powershell/scripting/windows-powershell/wmf/whats-new/release-notes?view=powershell-7.2

How to remove it

To remove Windows PowerShell 2.0, you can create a Baseline using Configuration Manager or Intune.

For discovery, use this one-liner:

				
					Get-WindowsOptionalFeature -FeatureName "MicrosoftWindowsPowerShellV2Root" -Online | Select-Object -ExpandProperty State

				
			

Remediation one-liner

				
					Disable-WindowsOptionalFeature -FeatureName "MicrosoftWindowsPowerShellV2Root" -Online

				
			

You can also create a PowerShell script to remotely check all machines.

You can find the recommendation on STIG Viewer:

These two lines of PowerShell are also available on my GitHub page.

Summary

In summary, it’s crucial to remove the outdated Windows PowerShell 2.0 from your systems and update the Windows Management Framework on your servers. Regularly audit your workstations and servers, especially if using Windows Server 2008 R2 or Server 2012R2, and update them to WMF 5.1. Ideally, upgrade older servers to a newer operating system when possible.

Utilize Configuration Manager or Intune to create a Baseline for removing Windows PowerShell 2.0, and use one-liners or PowerShell scripts for discovery and remediation.

 

Efficiently manage configurations in your hybrid-cloud environment, enhancing security and optimizing infrastructure performance​.

Reach out to me today to explore the advantages of Machine Configuration Services for your organization. I'll guide you through its benefits and offer a tailored solution that meets your specific requirements.
Call to Action

Leave a Reply

Contact me

If you’re interested in learning about Disable Windows PowerShell 2.0 on your systems. I can help you understand how this solution can benefit your organization and provide a customized solution tailored to your specific needs.

Table of Contents