Removing Outdated PowerShell 2.0 and .NET Framework 2.0 from Windows 11

May 25, 2023

Share This Post

Table of Contents

Enhancing Security and Performance: Removing Outdated PowerShell 2.0 and .NET Framework 2.0 from Windows 11

This article presents a solution for removing PowerShell 2.0 and .NET Framework 2.0. We encountered the challenge of eliminating these outdated components from a Windows 11 environment in order to enhance security and modernize the system. This guide provides a detailed and structured approach to accomplish this task.

The challenge at hand involved identifying measures to bolster security and update the environment. Among the solutions explored, it was determined that removing PowerShell 2.0 and .NET Framework 2.0 was necessary, as these versions no longer met the required standards for security and performance.

When and why you would want to disable Powershell 2.0 and .NET 2.0. 

Disabling PowerShell 2.0 and .NET 2.0 in a Windows 11 environment enhances security by eliminating potential vulnerabilities and reducing the attack surface. These older versions lack security updates, lack modern security features, and are designed for legacy compatibility. By disabling them, you protect against known vulnerabilities and encourage the use of newer, more secure software frameworks. However, ensure compatibility and consult with IT security professionals before making changes. 

Let us know if you need help with this!

How we disable Powershell 2.0 from an Intune Environment

This script uses the Disable-WindowsOptionalFeature cmdlet to disable the PowerShell 2.0 feature. It then checks the status of the feature to confirm that it has been disabled successfully.

 # Disable PowerShell 2.0 

Disable-WindowsOptionalFeature -Online –
FeatureName MicrosoftWindowsPowerShellV2 

# Check if PowerShell 2.0 is disabled 

$feature = Get-WindowsOptionalFeature -Online -FeatureName MicrosoftWindowsPowerShellV2 
if ($feature.State -eq ”Disabled”) { 
    Write-Host ”PowerShell 2.0 has been disabled.”
} 
else { 
    Write-Host ”Failed to disable PowerShell 2.0.”
}

Save this script locally and continue on with the guide. 
To create a PowerShell script profile in Intune, follow these steps: 

Click on “Devices” in the left navigation pane, then select ”scripts” under “Manage.”

Click on the “Add” button to create a new PowerShell script profile.

In the “Basics” tab, give the profile a name and optional description.

In the “Script Settings” tab, select the script we saved

In the “Assignments” tab we can select the user or groups we want to assign this script to aswell as exclude groups and users.

Click on “next” and Review the script, if we’re happy with the settings click on “add“

Once the PowerShell script profile is assigned to devices or users, it will run the script according to the settings that we specified. 

How we disable .NET 2.0 from an Intune environment 

This script uses the Disable-WindowsOptionalFeature cmdlet again to disable the .NET Framework 2.0 feature. It then checks the status of the feature to confirm that it has been disabled successfully.

Save this script locally and follow the same steps as we did with the previous script but replace the powershell script with the .NET script instead

# Disable .NET Framework 2.0 

Disable-WindowsOptionalFeature -Online -FeatureName NetFx2-ServerCore 

# Check if .NET Framework 2.0 is disabled 

$feature = Get-WindowsOptionalFeature -Online -FeatureName NetFx2-
ServerCore 
if ($feature.State -eq ”Disabled”) { 
    Write-Host ”.NET Framework 2.0 has been disabled.” 
} 
else { 
    Write-Host ”Failed to disable .NET Framework 2.0.” 
}

It is important to note that some applications may still require .NET Framework 2.0 to function properly. Disabling it may cause those applications to fail. Before disabling .NET Framework 2.0, it is important to test and validate the impact on our specific environment and applications to ensure that they will continue to function as expected. 

Also note that if we disable .NET Framework 2.0, it will not be available for use by any applications on the device, and some older applications may require it to run. Therefore, it is important to consider the potential impact on our environment before disabling this feature.

Don’t hesitate to contact us for personalized assistance tailored to your organization’s needs. Our team is dedicated to helping you navigate the process of removing outdated components, enhancing security, and modernizing your Windows 11 environment.

Max Thordenius , IT Consultant Agdiwo

At Agdiwo, we are experts in Powershell, Windows 11 and much more. Our team can help you optimize your digital workplace with a full range of IT services, from strategic planning and analysis to implementation and training. Whether you’re looking to improve security, boost productivity, or streamline workflows, we have the expertise and experience to help you succeed.

Optimize your digital workplace with our IT-experts!

More To Explore

Windows 11

Windows 11 update: Windows Co-Pilot and CloudBackup

Introduction Microsoft confirmed in a blogpost that the upcoming Windows 11 update will be labeled 22H2 instead of the anticipated 23H2 update. As the latest

September 25, 2023

Identity & Security

Optimizing Administrator Accounts and Licensing for Data Security and Cost Efficiency

Balancing Administrator Accounts and Licensing IT managers worldwide face daily challenges in streamlining their infrastructure while maintaining high security. One of the areas where these

September 19, 2023

Cloud Transformation

Create and Manage Azure VM Images for Efficient Cloud Infrastructure

In this blog post, we will delve into virtual machine images in Azure and how they can be used to streamline and automate the management

September 14, 2023