PowerShell 2 Now Considered Deprecated

Microsoft just announced that PowerShell 2 will soon be labeled “deprecated”. It will still be available for some time, but this is a gentle hint that you should move away from it, and focus on PowerShell 5.

PowerShell 2 is the default PowerShell available on Windows 7. Yet even on modern operating systems, PowerShell 2 may still be around. Let’s check how much your system is still impacted by PowerShell 2.

The line below returns the PowerShell version you are currently running:

PS> $PSVersionTable.PSVersion.Major

Any version less than 5 indicates that you should review your update policy. PowerShell 5 is the latest PowerShell version and available as an update to all machines down to Windows 7 and Server 2008 R2. There is typically no reason to run anything less than PowerShell 5, except on servers that run other outdated software components that may still require older versions of PowerShell.

This line will tell you whether the PowerShell 2 subsystem is still around:

PS> powershell -version 2.0
Windows PowerShell 
Copyright (C) 2009 Microsoft Corporation. All rights reserved.


If this line runs without errors, and launches a PowerShell with copyright “2009”, then you know that the Windows “feature” PowerShell 2 is still enabled. That’s not good. This feature was originally thought to be a fallback environment for scripts that require PowerShell 2. Today, this subsystem is typically not needed anymore, and it has turned out to be an important attack vector for malicious script code because PowerShell 2 has much less security and protective functionality than PowerShell 5. For example, malicious code running in the PowerShell 2 subsystem will not be logged and reported as vigorously to antivirus engines than in PowerShell 5.

Unless you have very good reasons for keeping PowerShell 2, you should remove it. In client operating systems, go to Control Panel, Software, “Turn Windows-Features on or off”, then deselect “Windows PowerShell 2.0”.

On server operating systems, use Remove-WindowsFeature.

Twitter This Tip! ReTweet this Tip!