How to remove PowerShell 2 from Windows Server

Microsoft no longer supports PowerShell version 2.0. It will continue to work, but it won’t get patched. Instead, Microsoft wants organizations to shift to PowerShell 5.0, or newer versions. The rationale is that Windows PowerShell 2.0 lacks security protections that have been built into later versions, particularly PowerShell 5.0.

It’s possible for attackers to invoke Windows PowerShell 2.0 if it’s installed in a computing environment. Attackers could use that approach to cover their tracks since Windows PowerShell 2.0 lacks logging capabilities. One solution is to just turn off Windows PowerShell 2.0.

If you are using Windows Server 2016 or later, you should already have Windows PowerShell 5.1.

If you have only PowerShell 2.0 (or prior version to 5) on your computer, download PowerShell v5 from: https://www.microsoft.com/en-us/download/details.aspx?id=54616.

In case you have both PowerShell v2 (or v3) and PowerShell v5 then you need to uninstall any version prior 5:

Windows Server 2016 or later:
Open the “Server Manager”, and click on the “Manage > Remove Roles & Features”.

On the Remove Features screen, expand Windows PowerShell and uncheck the “Windows PowerShell 2.0 Engine”.

Click Next and Uninstall.

Note: You can also use PowerShell command (run PowerShell as Admin) and type:

Disable-WindowsOptionalFeature -Online -FeatureName MicrosoftWindowsPowerShellV2

 

 

View more videos >>

Fix it easily with GYTPOL

GYTPOL allows you to fix this issue and hundreds of other security gaps for all PCs & Servers in your network through a centralized dashboard using our Security Configuration Management platform.

It’s fast, you can automate it and we can also predict the impact before applying.

For more information and a free trial, please complete your details below.

Free Trial

Free Trial Request