20.74 Ensure 'Windows PowerShell 2.0' is 'not installed'


Windows PowerShell was designed with purpose of task automation and configuration management.

The STIG recommended state for this setting is: Not installed

Note: Windows PowerShell 5.0 added advanced logging features that can provide additional detail when malware has been run on a system.


Windows PowerShell 2.0 can be used in some scenarios by attackers who want to bypass the script block logging feature that was added in PowerShell 5.0.7.


PowerShell scripts that rely on PowerShell 2.0 will not function in your environment.


To Uninstall the Windows PowerShell 2.0 Engine feature:

Open Server Manager

Select the server with the role

Scroll down to ROLES AND FEATURES in the right pane

Select Remove Roles and Features from the drop-down TASKS list

Select the appropriate server on the Server Selection page and click next

Deselect Windows PowerShell 2.0 Engine under Windows PowerShell on the Features page

Click next and Remove as prompted (if installed)

Default Value:


Additional Information:

Microsoft Windows Server 2016 Security Technical Implementation Guide:

Version 2, Release 2, Benchmark Date: May 04, 2021

Vul ID: V-224859

Rule ID: SV-224859r569186_rule

STIG ID: WN16-00-000420

Severity: CAT II

See Also