This content is part of the Essential Guide: The go-to Windows PowerShell guide

Is it a security risk to have Microsoft Windows PowerShell on my desktops?

Microsoft Windows PowerShell is a versatile and powerful command-line tool for administrators, but it's probably not something users need installed on their desktops.

Whether or not allowing PowerShell to be installed on a Windows desktop constitutes a security risk really depends...

on your own definition of a "security risk."

There are a couple of different ways of looking at the question. Before I elaborate, let me just say that I have PowerShell installed on my own desktop.

With that said, one way of looking at the question is from the standpoint of the operating system's footprint. There is a longstanding law of computing that basically states that the larger the code base, the greater the chance the code will contain an exploitable security vulnerability. Installing PowerShell does increase the size of an operating system, and therefore theoretically also increases the chances of an exploitable vulnerability existing within the system. In that regard, it's a good idea to avoid installing PowerShell onto users' desktops unless they have a legitimate need for it.

Another way of looking at it is with regard to whether PowerShell will give users a level of access to a system they would not otherwise have. Installing PowerShell does not grant the user additional permissions. However, if a user is well versed in PowerShell he might be able to do things that he would not otherwise be able to do. This is not because PowerShell gives users permissions, but because PowerShell is a highly versatile tool.

One last consideration is whether PowerShell can be exploited by malware. Proof of concept PowerShell-based viruses have been created. However, PowerShell is locked down by default to keep scripts from running. A malicious script would be unable to execute unless an authorized user manually changed the execution policy by using the Set-ExecutionPolicy cmdlet.

In my opinion, PowerShell probably doesn't pose a huge security risk, but it should not be installed unnecessarily.

Next Steps

Answers to your most common Microsoft PowerShell questions

Dig Deeper on Windows 10 security and management