Q
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.
This article is part of our Essential Guide: The go-to Windows PowerShell guide

Is it a security risk to have Microsoft Windows PowerShell on my desktops?

Microsoft Windows PowerShell is a versatile and powerful command-line tool for administrators, but it's probably not something users need installed on their desktops.

Whether or not allowing PowerShell to be installed on a Windows desktop constitutes a security risk really depends on your own definition of a "security risk."

There are a couple of different ways of looking at the question. Before I elaborate, let me just say that I have PowerShell installed on my own desktop.

With that said, one way of looking at the question is from the standpoint of the operating system's footprint. There is a longstanding law of computing that basically states that the larger the code base, the greater the chance the code will contain an exploitable security vulnerability. Installing PowerShell does increase the size of an operating system, and therefore theoretically also increases the chances of an exploitable vulnerability existing within the system. In that regard, it's a good idea to avoid installing PowerShell onto users' desktops unless they have a legitimate need for it.

Another way of looking at it is with regard to whether PowerShell will give users a level of access to a system they would not otherwise have. Installing PowerShell does not grant the user additional permissions. However, if a user is well versed in PowerShell he might be able to do things that he would not otherwise be able to do. This is not because PowerShell gives users permissions, but because PowerShell is a highly versatile tool.

One last consideration is whether PowerShell can be exploited by malware. Proof of concept PowerShell-based viruses have been created. However, PowerShell is locked down by default to keep scripts from running. A malicious script would be unable to execute unless an authorized user manually changed the execution policy by using the Set-ExecutionPolicy cmdlet.

In my opinion, PowerShell probably doesn't pose a huge security risk, but it should not be installed unnecessarily.

Next Steps

Answers to your most common Microsoft PowerShell questions

This was last published in May 2015

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

PowerShell is installed as part of the operating system. You can disable the older 2.0 engine, but PowerShell itself cannot be removed entirely.
Cancel

-ADS BY GOOGLE

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close