Disable Windows PowerShell 2.0 on your systems

Introduction

Windows PowerShell 2.0 is outdated and should no longer be present on your systems. If you haven’t checked your systems, it’s time to audit your workstations and servers. If you find Windows PowerShell 2.0, disable it and update as necessary.

Many companies have yet to remove it or update the Windows Management Framework on their servers. If you’re still using Windows Server 2008 R2 and Server 2012R2, perform an audit and update them to WMF 5.1.

Ideally, these older servers should be upgraded to a newer operating system, but we understand that application compatibility can sometimes make this difficult.

Download WMF 5.1 here: https://www.microsoft.com/en-us/download/details.aspx?id=54616

Read the Windows Management Framework 5.x release notes: https://learn.microsoft.com/en-us/powershell/scripting/windows-powershell/wmf/whats-new/release-notes?view=powershell-7.2

How to remove it

To remove Windows PowerShell 2.0, you can create a Baseline using Configuration Manager or Intune.

For discovery, use this one-liner:

				
					<#
    =================================================================================
    DISCLAIMER:
    This script is provided "as-is" with no warranties. Usage of this script is at
    your own risk. The author is not liable for any damages or losses arising from
    using this script. Please review the full legal disclaimer at:
    https://kaidojarvemets.com/legal-disclaimer/
    =================================================================================
#>
Get-WindowsOptionalFeature -FeatureName "MicrosoftWindowsPowerShellV2Root" -Online | Select-Object -ExpandProperty State

				
			

Remediation one-liner

				
					<#
    =================================================================================
    DISCLAIMER:
    This script is provided "as-is" with no warranties. Usage of this script is at
    your own risk. The author is not liable for any damages or losses arising from
    using this script. Please review the full legal disclaimer at:
    https://kaidojarvemets.com/legal-disclaimer/
    =================================================================================
#>
Disable-WindowsOptionalFeature -FeatureName "MicrosoftWindowsPowerShellV2Root" -Online

				
			

You can also create a PowerShell script to remotely check all machines.

You can find the recommendation on STIG Viewer:

These two lines of PowerShell are also available on my GitHub page.

Summary

In summary, it’s crucial to remove the outdated Windows PowerShell 2.0 from your systems and update the Windows Management Framework on your servers. Regularly audit your workstations and servers, especially if using Windows Server 2008 R2 or Server 2012R2, and update them to WMF 5.1. Ideally, upgrade older servers to a newer operating system when possible.

Utilize Configuration Manager or Intune to create a Baseline for removing Windows PowerShell 2.0, and use one-liners or PowerShell scripts for discovery and remediation.

 

Leave a Reply

Contact me

If you’re interested in learning about Disable Windows PowerShell 2.0 on your systems. I can help you understand how this solution can benefit your organization and provide a customized solution tailored to your specific needs.

Table of Contents