locked
Disable Powershell 2.0 under Windows 7 Enterprise RRS feed

  • Question

  • Hey Guys,

    I just installed WMF 5.1 on a Windows 7 Enterprise Workstation in order to benefit from the security features and Windows Powershell 5.1 that come along with it.

    Now I want to disable the "powershell -version 2" command to prevent compromising those security features.

    Is there any way to do this, like "Disable-WindowsOptionalFeature MicrosoftWindowsPowerShellV2" under Windows 10 does?

    I don't even get this option in OptionalFeatures.exe, so

    Get-WmiObject -query "select * from  Win32_OptionalFeature"

    is not an option...

    Thanks in advance and greetings

    Marvin

    Thursday, August 2, 2018 8:45 AM

Answers

  • The answer is still no.  On later versions of Windows we can choose ti install or not install PowerShell 2.  It is a separate install.  It an be removed.  On Windows 7 PS 2 is part of the OS and cannot be removed.  It was not optional.  It was delivered as part of the OS and it was considered a required component.  It cannot be disabled separately.  It cannot be uninstalled.  You can disable all script execution  but the prompt will remain.

    The point of my link was to show you that disabling or removing PS 2 on Windows 7 has been asked thousands of times and no one has found a method of dong this but you and others keep asking the question.  Changing the question in small ways or asking in different forums will not solve your issue.

    You can use software restriction policies to block access to the PS executable but this will block access to all versions of PS.

    Don't worry.  Windows 7 will be gone soon.  It is 10 years old now.  Time to upgrade to Win10.

    Here is another old blog addressing disabling V2 on all Windows systems. https://sysmanrec.com/140-2


    \_(ツ)_/

    • Marked as answer by Mar Vin Monday, August 6, 2018 7:31 AM
    Friday, August 3, 2018 10:50 AM

All replies

  • You cannot disable PS2 in Windows 7.  Search and you will find this question has been asked hundreds of times.


    \_(ツ)_/

    Thursday, August 2, 2018 9:03 AM
  • I appreciate your answer and accept it. But I cannot agree that "this question has been asked hunderes of times" - if so please post a link.
    Thursday, August 2, 2018 10:52 AM
  • I appreciate your answer and accept it. But I cannot agree that "this question has been asked hunderes of times" - if so please post a link.

    Just search and you will find.  The point is that the answer I gave is the same answer that has been given by all parties since people decided to disable V2 on Win7.  I did this search over a year ago when MS recommended removing V2 from all systems.

    V2 is a component of Windows 7.  It is integrated into the OS and cannot be removed.  It can only be upgraded.


    \_(ツ)_/

    Thursday, August 2, 2018 10:59 AM
  • V2 is a component of Windows 7.  It is integrated into the OS and cannot be removed.  It can only be upgraded.

    But what is the point if I install the upgrade (mentioned in question) when I can simply start the obsolete shell running "powershell -version 2"?

    I do not want to disable Windows PowerShell at all. I want a platform that only can start PowerShell 5.1.

    And I cannot find any Question like this on the Internet. Only questions I found are "Can I disable PowerShell at all?"

    Sorry if I misunderstood you or if I did not express myself well...

    So the main question remains "Can I disable PowerShell V2 while still being able to run PowerShell 5.1?"

    Friday, August 3, 2018 6:22 AM
  • And still this is NOT my question.

    I think you have to learn how to read a question carefully.

    My Question is "Is it possible to disable powershell VERSION 2" not "Is it possible disable POWERSHELL."

    Friday, August 3, 2018 10:34 AM
  • The answer is still no.  On later versions of Windows we can choose ti install or not install PowerShell 2.  It is a separate install.  It an be removed.  On Windows 7 PS 2 is part of the OS and cannot be removed.  It was not optional.  It was delivered as part of the OS and it was considered a required component.  It cannot be disabled separately.  It cannot be uninstalled.  You can disable all script execution  but the prompt will remain.

    The point of my link was to show you that disabling or removing PS 2 on Windows 7 has been asked thousands of times and no one has found a method of dong this but you and others keep asking the question.  Changing the question in small ways or asking in different forums will not solve your issue.

    You can use software restriction policies to block access to the PS executable but this will block access to all versions of PS.

    Don't worry.  Windows 7 will be gone soon.  It is 10 years old now.  Time to upgrade to Win10.

    Here is another old blog addressing disabling V2 on all Windows systems. https://sysmanrec.com/140-2


    \_(ツ)_/

    • Marked as answer by Mar Vin Monday, August 6, 2018 7:31 AM
    Friday, August 3, 2018 10:50 AM
  • I disagree. It can be done

    in the registry, use regedit.exe: (use elevated rights, like admin to run)

    navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell

    1] right-click, and export it for backup testing reasons.

    2] navigate down to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\PowerShellEngine

    3] right-click on this hive, choose "permissions", then select button "advanced", now got to tab "OWNER" and first replace "TrustedInstaller" with "Administrators" {dont forget the tick box}, then tab back to "Permissions" and remove "TrustedInstaller". Be sure to apply permissions to all keys below.

    4] Now remove all the entries in registry hive/folder "PowerShellEngine"

    5] remove the following keys/folders completely:
    5.1] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\0409
          <this is a language>
    5.2] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\PSConfigurationProviders

    ==== END of removals ===

    6] Do NOT remove: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds

    7] Navigate BACK to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\PowerShellEngine
    and make sure the entries are STILL empty. If "TrustedInstaller" still has permissions on that key, it will automatically repopulate that key with PS 2.0 entries. Be sure to have removed said user.

    now test Powershell in CMD.exe console, by invoking it as powershell.exe -version 2.0

    it will error out exactly the same error as Windows 10. I essentially followed/copy-cat MS approach in Windows 10 for Windows 7. You can do this in Windows 10 via feature remove. But take note of the  registry entries deleted, do the same for windows 7 reg. Trick was to kick-out "TrustedInstaller" from the permissions to keep it disabled.

    Alternatively, you can delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\PowerShellEngine

    Just keep an eye out if the key is not recreated by some desired state process if applicable.

    Deleting this key will yield the exact same message as in Windows 10. That it is not installed because the engine cannot be found. "The Windows PowerShell 2.0 is not installed on this computer". Leaving the key "PowerShellEngine" will yield almost same error, but with Win32 and file not found. - This is just a different error. But if you want to be spot on, remove the key.

    • Edited by G.A. von Pickartz Friday, March 8, 2019 10:59 AM Additional comment on removing key "PowerShellEngine"
    • Proposed as answer by G.A. von Pickartz Friday, March 8, 2019 11:10 AM
    • Unproposed as answer by jrv Friday, March 8, 2019 11:21 AM
    Friday, March 8, 2019 10:39 AM
  • Of course this can be hacked.  Anything in Windows can be hacked if you know how.  The bigger question is should you and why is disabling a critical Windows security setting needed?

    One first rule of being a technician is "do not override system settings that are not made available to the user" and "without vendor instructions internal settings and configurations should not be altered."

    Also try to understand that some components may rely on the existence of PS2 which is why Microsoft has removed it from all systems except Windows 7 and earlier.


    \_(ツ)_/

    Friday, March 8, 2019 10:46 AM