Whether or not allowing PowerShell to be installed on a Windows desktop constitutes a security risk really depends on your own definition of a "security risk."
There are a couple of different ways of looking at the question. Before I elaborate, let me just say that I have PowerShell installed on my own desktop.
With that said, one way of looking at the question is from the standpoint of the operating system's footprint. There is a longstanding law of computing that basically states that the larger the code base, the greater the chance the code will contain an exploitable security vulnerability. Installing PowerShell does increase the size of an operating system, and therefore theoretically also increases the chances of an exploitable vulnerability existing within the system. In that regard, it's a good idea to avoid installing PowerShell onto users' desktops unless they have a legitimate need for it.
Another way of looking at it is with regard to whether PowerShell will give users a level of access to a system they would not otherwise have. Installing PowerShell does not grant the user additional permissions. However, if a user is well versed in PowerShell he might be able to do things that he would not otherwise be able to do. This is not because PowerShell gives users permissions, but because PowerShell is a highly versatile tool.
One last consideration is whether PowerShell can be exploited by malware. Proof of concept PowerShell-based viruses have been created. However, PowerShell is locked down by default to keep scripts from running. A malicious script would be unable to execute unless an authorized user manually changed the execution policy by using the Set-ExecutionPolicy cmdlet.
In my opinion, PowerShell probably doesn't pose a huge security risk, but it should not be installed unnecessarily.
Answers to your most common Microsoft PowerShell questions
Related Q&A from Brien Posey
Disk-based backup provides newer features that can speed and ease recovery. IT should take advantage of instant recovery and virtual lab capabilities. Continue Reading
There are some instances where IT should manually upgrade to Windows 10, including when the desktop runs older software for which IT does not have ... Continue Reading
Backup security varies across different storage media. What works for tape-based backup may not work for disk backups, so plan your data protection ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.