Removing Outdated PowerShell 2.0 and .NET Framework 2.0 from Windows 11

Share This Post

 

Enhancing Security and Performance: Removing Outdated PowerShell 2.0 and .NET Framework 2.0 from Windows 11

This article presents a solution for removing PowerShell 2.0 and .NET Framework 2.0. We encountered the challenge of eliminating these outdated components from a Windows 11 environment in order to enhance security and modernize the system. This guide provides a detailed and structured approach to accomplish this task. 

The challenge at hand involved identifying measures to bolster security and update the environment. Among the solutions explored, it was determined that removing PowerShell 2.0 and .NET Framework 2.0 was necessary, as these versions no longer met the required standards for security and performance. 

 

 

When and why you would want to disable Powershell 2.0 and .NET 2.0.  

 

Disabling PowerShell 2.0 and .NET 2.0 in a Windows 11 environment enhances security by eliminating potential vulnerabilities and reducing the attack surface. These older versions lack security updates, lack modern security features, and are designed for legacy compatibility. By disabling them, you protect against known vulnerabilities and encourage the use of newer, more secure software frameworks. However, ensure compatibility and consult with IT security professionals before making changes. 

 Let us know if you need help with this!

How we disable Powershell 2.0 from an Intune Environment

 

  1. This script uses the Disable-WindowsOptionalFeature cmdlet to disable the PowerShell 2.0 feature. It then checks the status of the feature to confirm that it has been disabled successfully.  

 

 # Disable PowerShell 2.0 

Disable-WindowsOptionalFeature -Online –
FeatureName MicrosoftWindowsPowerShellV2 

# Check if PowerShell 2.0 is disabled 

$feature = Get-WindowsOptionalFeature -Online -FeatureName MicrosoftWindowsPowerShellV2 
if ($feature.State -eq ”Disabled”) { 
    Write-Host ”PowerShell 2.0 has been disabled.”
} 
else { 
    Write-Host ”Failed to disable PowerShell 2.0.”
}

 

 

Save this script locally and continue on with the guide.  
To create a PowerShell script profile in Intune, follow these steps:  

  1. Sign in to the Microsoft Endpoint Manager admin center (https://endpoint.microsoft.com/).  
  1. Click on “Devices” in the left navigation pane, then select ”scripts” under “Manage.”  
  1. Click on the “Add” button to create a new PowerShell script profile.  
  1. In the “Basics” tab, give the profile a name and optional description.  
  1. In the “Script Settings” tab, select the script we saved   
  1. In the “Assignments” tab we can select the user or groups we want to assign this script to aswell as exclude groups and users.  
  1. Click on “next” and Review the script, if we’re happy with the settings click on “add“  

Once the PowerShell script profile is assigned to devices or users, it will run the script according to the settings that we specified.  

 

How we disable .NET 2.0 from an Intune environment  

 

  1. This script uses the Disable-WindowsOptionalFeature cmdlet again to disable the .NET Framework 2.0 feature. It then checks the status of the feature to confirm that it has been disabled successfully.  
  1. Save this script locally and follow the same steps as we did with the previous script but replace the powershell script with the .NET script instead 

 

# Disable .NET Framework 2.0 

Disable-WindowsOptionalFeature -Online -FeatureName NetFx2-ServerCore 

# Check if .NET Framework 2.0 is disabled 

$feature = Get-WindowsOptionalFeature -Online -FeatureName NetFx2-
ServerCore 
if ($feature.State -eq ”Disabled”) { 
    Write-Host ”.NET Framework 2.0 has been disabled.” 
} 
else { 
    Write-Host ”Failed to disable .NET Framework 2.0.” 
}

 

 

It is important to note that some applications may still require .NET Framework 2.0 to function properly. Disabling it may cause those applications to fail. Before disabling .NET Framework 2.0, it is important to test and validate the impact on our specific environment and applications to ensure that they will continue to function as expected.  

 

Also note that if we disable .NET Framework 2.0, it will not be available for use by any applications on the device, and some older applications may require it to run. Therefore, it is important to consider the potential impact on our environment before disabling this feature.

 

Don’t hesitate to contact us for personalized assistance tailored to your organization’s needs. Our team is dedicated to helping you navigate the process of removing outdated components, enhancing security, and modernizing your Windows 11 environment.

Max Thordenius , IT Consultant Agdiwo

 

 

Application Distribution

At Agdiwo, we are experts in Powershell, Windows 11 and much more. Our team can help you optimize your digital workplace with a full range of IT services, from strategic planning and analysis to implementation and training. Whether you’re looking to improve security, boost productivity, or streamline workflows, we have the expertise and experience to help you succeed. 

Optimize your digital workplace with our IT-experts!

More To Explore

Intune vs CM

Intune vs Configuration Manager

Which device management suits you? Digital transformation and mobility are shaping how we work right now, and IT managers are faced with crucial decisions regarding

Subscribe To Our Newsletter

Get updates and learn from Us

Configuration Manager to Intune?

Can’t decide if going to Intune from Configuration Manager is the right decision? Receive our free decision cheat sheet!

Gå från Configuration Manager till Intune?

Svårt att bestämma om en övergång från Configuration Manager till Intune är det rätta beslutet? Ta del av vår jämförelselista gratis!